diff --git a/.ci-mgmt.yaml b/.ci-mgmt.yaml index 16843574b37..57df67a3958 100644 --- a/.ci-mgmt.yaml +++ b/.ci-mgmt.yaml @@ -30,7 +30,7 @@ plugins: - name: std version: "1.6.2" - name: terraform - version: "1.0.15" + version: "1.0.16" kind: converter # Use `pulumi convert` for translating examples from TF to Pulumi. pulumiConvert: 1 diff --git a/Makefile b/Makefile index 1e502317234..3a315e28ae3 100644 --- a/Makefile +++ b/Makefile @@ -119,7 +119,7 @@ install_plugins: .pulumi/bin/pulumi .pulumi/bin/pulumi plugin install resource random 4.8.2 .pulumi/bin/pulumi plugin install resource github 5.14.0 .pulumi/bin/pulumi plugin install resource std 1.6.2 - .pulumi/bin/pulumi plugin install converter terraform 1.0.15 + .pulumi/bin/pulumi plugin install converter terraform 1.0.16 lint_provider: provider cd provider && golangci-lint run -c ../.golangci.yml diff --git a/provider/cmd/pulumi-resource-aws/schema.json b/provider/cmd/pulumi-resource-aws/schema.json index bccadd38989..63665ec5c55 100644 --- a/provider/cmd/pulumi-resource-aws/schema.json +++ b/provider/cmd/pulumi-resource-aws/schema.json @@ -154855,7 +154855,7 @@ }, "resources": { "aws:accessanalyzer/analyzer:Analyzer": { - "description": "Manages an Access Analyzer Analyzer. More information can be found in the [Access Analyzer User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html).\n\n## Example Usage\n\n### Account Analyzer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.accessanalyzer.Analyzer(\"example\", {analyzerName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.accessanalyzer.Analyzer(\"example\", analyzer_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AccessAnalyzer.Analyzer(\"example\", new()\n {\n AnalyzerName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/accessanalyzer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := accessanalyzer.NewAnalyzer(ctx, \"example\", \u0026accessanalyzer.AnalyzerArgs{\n\t\t\tAnalyzerName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.accessanalyzer.Analyzer;\nimport com.pulumi.aws.accessanalyzer.AnalyzerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Analyzer(\"example\", AnalyzerArgs.builder() \n .analyzerName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:accessanalyzer:Analyzer\n properties:\n analyzerName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Analyzer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {awsServiceAccessPrincipals: [\"access-analyzer.amazonaws.com\"]});\nconst exampleAnalyzer = new aws.accessanalyzer.Analyzer(\"example\", {\n analyzerName: \"example\",\n type: \"ORGANIZATION\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\", aws_service_access_principals=[\"access-analyzer.amazonaws.com\"])\nexample_analyzer = aws.accessanalyzer.Analyzer(\"example\",\n analyzer_name=\"example\",\n type=\"ORGANIZATION\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"access-analyzer.amazonaws.com\",\n },\n });\n\n var exampleAnalyzer = new Aws.AccessAnalyzer.Analyzer(\"example\", new()\n {\n AnalyzerName = \"example\",\n Type = \"ORGANIZATION\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/accessanalyzer\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"access-analyzer.amazonaws.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = accessanalyzer.NewAnalyzer(ctx, \"example\", \u0026accessanalyzer.AnalyzerArgs{\n\t\t\tAnalyzerName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"ORGANIZATION\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.accessanalyzer.Analyzer;\nimport com.pulumi.aws.accessanalyzer.AnalyzerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"access-analyzer.amazonaws.com\")\n .build());\n\n var exampleAnalyzer = new Analyzer(\"exampleAnalyzer\", AnalyzerArgs.builder() \n .analyzerName(\"example\")\n .type(\"ORGANIZATION\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - access-analyzer.amazonaws.com\n exampleAnalyzer:\n type: aws:accessanalyzer:Analyzer\n name: example\n properties:\n analyzerName: example\n type: ORGANIZATION\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Access Analyzer Analyzers using the `analyzer_name`. For example:\n\n```sh\n$ pulumi import aws:accessanalyzer/analyzer:Analyzer example example\n```\n", + "description": "Manages an Access Analyzer Analyzer. More information can be found in the [Access Analyzer User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html).\n\n## Example Usage\n\n### Account Analyzer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.accessanalyzer.Analyzer(\"example\", {analyzerName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.accessanalyzer.Analyzer(\"example\", analyzer_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.AccessAnalyzer.Analyzer(\"example\", new()\n {\n AnalyzerName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/accessanalyzer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := accessanalyzer.NewAnalyzer(ctx, \"example\", \u0026accessanalyzer.AnalyzerArgs{\n\t\t\tAnalyzerName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.accessanalyzer.Analyzer;\nimport com.pulumi.aws.accessanalyzer.AnalyzerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Analyzer(\"example\", AnalyzerArgs.builder() \n .analyzerName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:accessanalyzer:Analyzer\n properties:\n analyzerName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Analyzer\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {awsServiceAccessPrincipals: [\"access-analyzer.amazonaws.com\"]});\nconst exampleAnalyzer = new aws.accessanalyzer.Analyzer(\"example\", {\n analyzerName: \"example\",\n type: \"ORGANIZATION\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\", aws_service_access_principals=[\"access-analyzer.amazonaws.com\"])\nexample_analyzer = aws.accessanalyzer.Analyzer(\"example\",\n analyzer_name=\"example\",\n type=\"ORGANIZATION\",\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"access-analyzer.amazonaws.com\",\n },\n });\n\n var exampleAnalyzer = new Aws.AccessAnalyzer.Analyzer(\"example\", new()\n {\n AnalyzerName = \"example\",\n Type = \"ORGANIZATION\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/accessanalyzer\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"access-analyzer.amazonaws.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = accessanalyzer.NewAnalyzer(ctx, \"example\", \u0026accessanalyzer.AnalyzerArgs{\n\t\t\tAnalyzerName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"ORGANIZATION\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.accessanalyzer.Analyzer;\nimport com.pulumi.aws.accessanalyzer.AnalyzerArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"access-analyzer.amazonaws.com\")\n .build());\n\n var exampleAnalyzer = new Analyzer(\"exampleAnalyzer\", AnalyzerArgs.builder() \n .analyzerName(\"example\")\n .type(\"ORGANIZATION\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - access-analyzer.amazonaws.com\n exampleAnalyzer:\n type: aws:accessanalyzer:Analyzer\n name: example\n properties:\n analyzerName: example\n type: ORGANIZATION\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Access Analyzer Analyzers using the `analyzer_name`. For example:\n\n```sh\n$ pulumi import aws:accessanalyzer/analyzer:Analyzer example example\n```\n", "properties": { "analyzerName": { "type": "string", @@ -155927,7 +155927,7 @@ } }, "aws:acmpca/certificateAuthority:CertificateAuthority": { - "description": "Provides a resource to manage AWS Certificate Manager Private Certificate Authorities (ACM PCA Certificate Authorities).\n\n\u003e **NOTE:** Creating this resource will leave the certificate authority in a `PENDING_CERTIFICATE` status, which means it cannot yet issue certificates. To complete this setup, you must fully sign the certificate authority CSR available in the `certificate_signing_request` attribute. The `aws.acmpca.CertificateAuthorityCertificate` resource can be used for this purpose.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acmpca.CertificateAuthority(\"example\", {\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n permanentDeletionTimeInDays: 7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.CertificateAuthority(\"example\",\n certificate_authority_configuration=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs(\n key_algorithm=\"RSA_4096\",\n signing_algorithm=\"SHA512WITHRSA\",\n subject=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs(\n common_name=\"example.com\",\n ),\n ),\n permanent_deletion_time_in_days=7)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n PermanentDeletionTimeInDays = 7,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPermanentDeletionTimeInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CertificateAuthority(\"example\", CertificateAuthorityArgs.builder() \n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .permanentDeletionTimeInDays(7)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:CertificateAuthority\n properties:\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n permanentDeletionTimeInDays: 7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Short-lived certificate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acmpca.CertificateAuthority(\"example\", {\n usageMode: \"SHORT_LIVED_CERTIFICATE\",\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.CertificateAuthority(\"example\",\n usage_mode=\"SHORT_LIVED_CERTIFICATE\",\n certificate_authority_configuration=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs(\n key_algorithm=\"RSA_4096\",\n signing_algorithm=\"SHA512WITHRSA\",\n subject=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs(\n common_name=\"example.com\",\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n UsageMode = \"SHORT_LIVED_CERTIFICATE\",\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tUsageMode: pulumi.String(\"SHORT_LIVED_CERTIFICATE\"),\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CertificateAuthority(\"example\", CertificateAuthorityArgs.builder() \n .usageMode(\"SHORT_LIVED_CERTIFICATE\")\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:CertificateAuthority\n properties:\n usageMode: SHORT_LIVED_CERTIFICATE\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enable Certificate Revocation List\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst acmpcaBucketAccess = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n ],\n resources: [\n example.arn,\n pulumi.interpolate`${example.arn}/*`,\n ],\n principals: [{\n identifiers: [\"acm-pca.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: example.id,\n policy: acmpcaBucketAccess.apply(acmpcaBucketAccess =\u003e acmpcaBucketAccess.json),\n});\nconst exampleCertificateAuthority = new aws.acmpca.CertificateAuthority(\"example\", {\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n revocationConfiguration: {\n crlConfiguration: {\n customCname: \"crl.example.com\",\n enabled: true,\n expirationInDays: 7,\n s3BucketName: example.id,\n s3ObjectAcl: \"BUCKET_OWNER_FULL_CONTROL\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"example\",\n force_destroy=True)\nacmpca_bucket_access = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n ],\n resources=[\n example.arn,\n example.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n identifiers=[\"acm-pca.amazonaws.com\"],\n type=\"Service\",\n )],\n)])\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example.id,\n policy=acmpca_bucket_access.json)\nexample_certificate_authority = aws.acmpca.CertificateAuthority(\"example\",\n certificate_authority_configuration=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs(\n key_algorithm=\"RSA_4096\",\n signing_algorithm=\"SHA512WITHRSA\",\n subject=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs(\n common_name=\"example.com\",\n ),\n ),\n revocation_configuration=aws.acmpca.CertificateAuthorityRevocationConfigurationArgs(\n crl_configuration=aws.acmpca.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs(\n custom_cname=\"crl.example.com\",\n enabled=True,\n expiration_in_days=7,\n s3_bucket_name=example.id,\n s3_object_acl=\"BUCKET_OWNER_FULL_CONTROL\",\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var acmpcaBucketAccess = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n },\n Resources = new[]\n {\n example.Arn,\n $\"{example.Arn}/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"acm-pca.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = example.Id,\n Policy = acmpcaBucketAccess.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleCertificateAuthority = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n RevocationConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityRevocationConfigurationArgs\n {\n CrlConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs\n {\n CustomCname = \"crl.example.com\",\n Enabled = true,\n ExpirationInDays = 7,\n S3BucketName = example.Id,\n S3ObjectAcl = \"BUCKET_OWNER_FULL_CONTROL\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tacmpcaBucketAccess := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketAcl\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketLocation\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObjectAcl\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.Arn,\n\t\t\t\t\t\texample.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"acm-pca.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tPolicy: acmpcaBucketAccess.ApplyT(func(acmpcaBucketAccess iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026acmpcaBucketAccess.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRevocationConfiguration: \u0026acmpca.CertificateAuthorityRevocationConfigurationArgs{\n\t\t\t\tCrlConfiguration: \u0026acmpca.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs{\n\t\t\t\t\tCustomCname: pulumi.String(\"crl.example.com\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tExpirationInDays: pulumi.Int(7),\n\t\t\t\t\tS3BucketName: example.ID(),\n\t\t\t\t\tS3ObjectAcl: pulumi.String(\"BUCKET_OWNER_FULL_CONTROL\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityRevocationConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n final var acmpcaBucketAccess = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\")\n .resources( \n example.arn(),\n example.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"acm-pca.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder() \n .bucket(example.id())\n .policy(acmpcaBucketAccess.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(acmpcaBucketAccess -\u003e acmpcaBucketAccess.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var exampleCertificateAuthority = new CertificateAuthority(\"exampleCertificateAuthority\", CertificateAuthorityArgs.builder() \n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .revocationConfiguration(CertificateAuthorityRevocationConfigurationArgs.builder()\n .crlConfiguration(CertificateAuthorityRevocationConfigurationCrlConfigurationArgs.builder()\n .customCname(\"crl.example.com\")\n .enabled(true)\n .expirationInDays(7)\n .s3BucketName(example.id())\n .s3ObjectAcl(\"BUCKET_OWNER_FULL_CONTROL\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${example.id}\n policy: ${acmpcaBucketAccess.json}\n exampleCertificateAuthority:\n type: aws:acmpca:CertificateAuthority\n name: example\n properties:\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n revocationConfiguration:\n crlConfiguration:\n customCname: crl.example.com\n enabled: true\n expirationInDays: 7\n s3BucketName: ${example.id}\n s3ObjectAcl: BUCKET_OWNER_FULL_CONTROL\nvariables:\n acmpcaBucketAccess:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - s3:GetBucketAcl\n - s3:GetBucketLocation\n - s3:PutObject\n - s3:PutObjectAcl\n resources:\n - ${example.arn}\n - ${example.arn}/*\n principals:\n - identifiers:\n - acm-pca.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_acmpca_certificate_authority` using the certificate authority ARN. For example:\n\n```sh\n$ pulumi import aws:acmpca/certificateAuthority:CertificateAuthority example arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\n```\n", + "description": "Provides a resource to manage AWS Certificate Manager Private Certificate Authorities (ACM PCA Certificate Authorities).\n\n\u003e **NOTE:** Creating this resource will leave the certificate authority in a `PENDING_CERTIFICATE` status, which means it cannot yet issue certificates. To complete this setup, you must fully sign the certificate authority CSR available in the `certificate_signing_request` attribute. The `aws.acmpca.CertificateAuthorityCertificate` resource can be used for this purpose.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acmpca.CertificateAuthority(\"example\", {\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n permanentDeletionTimeInDays: 7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.CertificateAuthority(\"example\",\n certificate_authority_configuration=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs(\n key_algorithm=\"RSA_4096\",\n signing_algorithm=\"SHA512WITHRSA\",\n subject=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs(\n common_name=\"example.com\",\n ),\n ),\n permanent_deletion_time_in_days=7)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n PermanentDeletionTimeInDays = 7,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPermanentDeletionTimeInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CertificateAuthority(\"example\", CertificateAuthorityArgs.builder() \n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .permanentDeletionTimeInDays(7)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:CertificateAuthority\n properties:\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n permanentDeletionTimeInDays: 7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Short-lived certificate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acmpca.CertificateAuthority(\"example\", {\n usageMode: \"SHORT_LIVED_CERTIFICATE\",\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.CertificateAuthority(\"example\",\n usage_mode=\"SHORT_LIVED_CERTIFICATE\",\n certificate_authority_configuration=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs(\n key_algorithm=\"RSA_4096\",\n signing_algorithm=\"SHA512WITHRSA\",\n subject=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs(\n common_name=\"example.com\",\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n UsageMode = \"SHORT_LIVED_CERTIFICATE\",\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tUsageMode: pulumi.String(\"SHORT_LIVED_CERTIFICATE\"),\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CertificateAuthority(\"example\", CertificateAuthorityArgs.builder() \n .usageMode(\"SHORT_LIVED_CERTIFICATE\")\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:CertificateAuthority\n properties:\n usageMode: SHORT_LIVED_CERTIFICATE\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enable Certificate Revocation List\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst acmpcaBucketAccess = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n ],\n resources: [\n example.arn,\n pulumi.interpolate`${example.arn}/*`,\n ],\n principals: [{\n identifiers: [\"acm-pca.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: example.id,\n policy: acmpcaBucketAccess.apply(acmpcaBucketAccess =\u003e acmpcaBucketAccess.json),\n});\nconst exampleCertificateAuthority = new aws.acmpca.CertificateAuthority(\"example\", {\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n revocationConfiguration: {\n crlConfiguration: {\n customCname: \"crl.example.com\",\n enabled: true,\n expirationInDays: 7,\n s3BucketName: example.id,\n s3ObjectAcl: \"BUCKET_OWNER_FULL_CONTROL\",\n },\n },\n}, {\n dependsOn: [exampleBucketPolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"example\",\n force_destroy=True)\nacmpca_bucket_access = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n ],\n resources=[\n example.arn,\n example.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n identifiers=[\"acm-pca.amazonaws.com\"],\n type=\"Service\",\n )],\n)])\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example.id,\n policy=acmpca_bucket_access.json)\nexample_certificate_authority = aws.acmpca.CertificateAuthority(\"example\",\n certificate_authority_configuration=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs(\n key_algorithm=\"RSA_4096\",\n signing_algorithm=\"SHA512WITHRSA\",\n subject=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs(\n common_name=\"example.com\",\n ),\n ),\n revocation_configuration=aws.acmpca.CertificateAuthorityRevocationConfigurationArgs(\n crl_configuration=aws.acmpca.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs(\n custom_cname=\"crl.example.com\",\n enabled=True,\n expiration_in_days=7,\n s3_bucket_name=example.id,\n s3_object_acl=\"BUCKET_OWNER_FULL_CONTROL\",\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_bucket_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var acmpcaBucketAccess = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\",\n },\n Resources = new[]\n {\n example.Arn,\n $\"{example.Arn}/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"acm-pca.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = example.Id,\n Policy = acmpcaBucketAccess.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleCertificateAuthority = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n RevocationConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityRevocationConfigurationArgs\n {\n CrlConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs\n {\n CustomCname = \"crl.example.com\",\n Enabled = true,\n ExpirationInDays = 7,\n S3BucketName = example.Id,\n S3ObjectAcl = \"BUCKET_OWNER_FULL_CONTROL\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketPolicy, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tacmpcaBucketAccess := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketAcl\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketLocation\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObjectAcl\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.Arn,\n\t\t\t\t\t\texample.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"acm-pca.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\texampleBucketPolicy, err := s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tPolicy: acmpcaBucketAccess.ApplyT(func(acmpcaBucketAccess iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026acmpcaBucketAccess.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tRevocationConfiguration: \u0026acmpca.CertificateAuthorityRevocationConfigurationArgs{\n\t\t\t\tCrlConfiguration: \u0026acmpca.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs{\n\t\t\t\t\tCustomCname: pulumi.String(\"crl.example.com\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tExpirationInDays: pulumi.Int(7),\n\t\t\t\t\tS3BucketName: example.ID(),\n\t\t\t\t\tS3ObjectAcl: pulumi.String(\"BUCKET_OWNER_FULL_CONTROL\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketPolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityRevocationConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n final var acmpcaBucketAccess = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"s3:GetBucketAcl\",\n \"s3:GetBucketLocation\",\n \"s3:PutObject\",\n \"s3:PutObjectAcl\")\n .resources( \n example.arn(),\n example.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"acm-pca.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder() \n .bucket(example.id())\n .policy(acmpcaBucketAccess.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(acmpcaBucketAccess -\u003e acmpcaBucketAccess.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var exampleCertificateAuthority = new CertificateAuthority(\"exampleCertificateAuthority\", CertificateAuthorityArgs.builder() \n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .revocationConfiguration(CertificateAuthorityRevocationConfigurationArgs.builder()\n .crlConfiguration(CertificateAuthorityRevocationConfigurationCrlConfigurationArgs.builder()\n .customCname(\"crl.example.com\")\n .enabled(true)\n .expirationInDays(7)\n .s3BucketName(example.id())\n .s3ObjectAcl(\"BUCKET_OWNER_FULL_CONTROL\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketPolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${example.id}\n policy: ${acmpcaBucketAccess.json}\n exampleCertificateAuthority:\n type: aws:acmpca:CertificateAuthority\n name: example\n properties:\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n revocationConfiguration:\n crlConfiguration:\n customCname: crl.example.com\n enabled: true\n expirationInDays: 7\n s3BucketName: ${example.id}\n s3ObjectAcl: BUCKET_OWNER_FULL_CONTROL\n options:\n dependson:\n - ${exampleBucketPolicy}\nvariables:\n acmpcaBucketAccess:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - s3:GetBucketAcl\n - s3:GetBucketLocation\n - s3:PutObject\n - s3:PutObjectAcl\n resources:\n - ${example.arn}\n - ${example.arn}/*\n principals:\n - identifiers:\n - acm-pca.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_acmpca_certificate_authority` using the certificate authority ARN. For example:\n\n```sh\n$ pulumi import aws:acmpca/certificateAuthority:CertificateAuthority example arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012\n```\n", "properties": { "arn": { "type": "string", @@ -157571,7 +157571,7 @@ ] }, "aws:alb/targetGroupAttachment:TargetGroupAttachment": { - "description": "Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the `aws.elb.Attachment` resource.\n\n\u003e **Note:** `aws.alb.TargetGroupAttachment` is known as `aws.lb.TargetGroupAttachment`. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {});\nconst testInstance = new aws.ec2.Instance(\"test\", {});\nconst test = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: testTargetGroup.arn,\n targetId: testInstance.id,\n port: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"test\")\ntest_instance = aws.ec2.Instance(\"test\")\ntest = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test_target_group.arn,\n target_id=test_instance.id,\n port=80)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testTargetGroup = new Aws.LB.TargetGroup(\"test\");\n\n var testInstance = new Aws.Ec2.Instance(\"test\");\n\n var test = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testInstance.Id,\n Port = 80,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := ec2.NewInstance(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testInstance.ID(),\n\t\t\tPort: pulumi.Int(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testTargetGroup = new TargetGroup(\"testTargetGroup\");\n\n var testInstance = new Instance(\"testInstance\");\n\n var test = new TargetGroupAttachment(\"test\", TargetGroupAttachmentArgs.builder() \n .targetGroupArn(testTargetGroup.arn())\n .targetId(testInstance.id())\n .port(80)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:TargetGroupAttachment\n properties:\n targetGroupArn: ${testTargetGroup.arn}\n targetId: ${testInstance.id}\n port: 80\n testTargetGroup:\n type: aws:lb:TargetGroup\n name: test\n testInstance:\n type: aws:ec2:Instance\n name: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.TargetGroup(\"test\", {\n name: \"test\",\n targetType: \"lambda\",\n});\nconst testFunction = new aws.lambda.Function(\"test\", {});\nconst withLb = new aws.lambda.Permission(\"with_lb\", {\n statementId: \"AllowExecutionFromlb\",\n action: \"lambda:InvokeFunction\",\n \"function\": testFunction.name,\n principal: \"elasticloadbalancing.amazonaws.com\",\n sourceArn: test.arn,\n});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: test.arn,\n targetId: testFunction.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.TargetGroup(\"test\",\n name=\"test\",\n target_type=\"lambda\")\ntest_function = aws.lambda_.Function(\"test\")\nwith_lb = aws.lambda_.Permission(\"with_lb\",\n statement_id=\"AllowExecutionFromlb\",\n action=\"lambda:InvokeFunction\",\n function=test_function.name,\n principal=\"elasticloadbalancing.amazonaws.com\",\n source_arn=test.arn)\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test.arn,\n target_id=test_function.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.TargetGroup(\"test\", new()\n {\n Name = \"test\",\n TargetType = \"lambda\",\n });\n\n var testFunction = new Aws.Lambda.Function(\"test\");\n\n var withLb = new Aws.Lambda.Permission(\"with_lb\", new()\n {\n StatementId = \"AllowExecutionFromlb\",\n Action = \"lambda:InvokeFunction\",\n Function = testFunction.Name,\n Principal = \"elasticloadbalancing.amazonaws.com\",\n SourceArn = test.Arn,\n });\n\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = test.Arn,\n TargetId = testFunction.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestFunction, err := lambda.NewFunction(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"with_lb\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromlb\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testFunction.Name,\n\t\t\tPrincipal: pulumi.String(\"elasticloadbalancing.amazonaws.com\"),\n\t\t\tSourceArn: test.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: test.Arn,\n\t\t\tTargetId: testFunction.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new TargetGroup(\"test\", TargetGroupArgs.builder() \n .name(\"test\")\n .targetType(\"lambda\")\n .build());\n\n var testFunction = new Function(\"testFunction\");\n\n var withLb = new Permission(\"withLb\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromlb\")\n .action(\"lambda:InvokeFunction\")\n .function(testFunction.name())\n .principal(\"elasticloadbalancing.amazonaws.com\")\n .sourceArn(test.arn())\n .build());\n\n var testTargetGroupAttachment = new TargetGroupAttachment(\"testTargetGroupAttachment\", TargetGroupAttachmentArgs.builder() \n .targetGroupArn(test.arn())\n .targetId(testFunction.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n withLb:\n type: aws:lambda:Permission\n name: with_lb\n properties:\n statementId: AllowExecutionFromlb\n action: lambda:InvokeFunction\n function: ${testFunction.name}\n principal: elasticloadbalancing.amazonaws.com\n sourceArn: ${test.arn}\n test:\n type: aws:lb:TargetGroup\n properties:\n name: test\n targetType: lambda\n testFunction:\n type: aws:lambda:Function\n name: test\n testTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: test\n properties:\n targetGroupArn: ${test.arn}\n targetId: ${testFunction.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Registering Multiple Targets\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example: aws.ec2.Instance[] = [];\nfor (const range = {value: 0}; range.value \u003c 3; range.value++) {\n example.push(new aws.ec2.Instance(`example-${range.value}`, {}));\n}\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleTargetGroupAttachment: aws.lb.TargetGroupAttachment[] = [];\npulumi.all(example.map((v, k) =\u003e [k, v]).reduce((__obj, [, ]) =\u003e ({ ...__obj, [k]: v }))).apply(rangeBody =\u003e {\n for (const range of Object.entries(rangeBody).map(([k, v]) =\u003e ({key: k, value: v}))) {\n exampleTargetGroupAttachment.push(new aws.lb.TargetGroupAttachment(`example-${range.key}`, {\n targetGroupArn: exampleTargetGroup.arn,\n targetId: range.value.id,\n port: 80,\n }));\n }\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = []\nfor range in [{\"value\": i} for i in range(0, 3)]:\n example.append(aws.ec2.Instance(f\"example-{range['value']}\"))\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_target_group_attachment = []\ndef create_example(range_body):\n for range in [{\"key\": k, \"value\": v} for [k, v] in enumerate(range_body)]:\n example_target_group_attachment.append(aws.lb.TargetGroupAttachment(f\"example-{range['key']}\",\n target_group_arn=example_target_group.arn,\n target_id=range[\"value\"],\n port=80))\n\npulumi.Output.all({k: v for k, v in example}).apply(lambda resolved_outputs: create_example(resolved_outputs[0]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new List\u003cAws.Ec2.Instance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 3; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Ec2.Instance($\"example-{range.Value}\", new()\n {\n }));\n }\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleTargetGroupAttachment = new List\u003cAws.LB.TargetGroupAttachment\u003e();\n foreach (var range in example.Select((value, i) =\u003e new { Key = i.ToString(), Value = pair.Value }).Select(pair =\u003e new { pair.Key, pair.Value }))\n {\n exampleTargetGroupAttachment.Add(new Aws.LB.TargetGroupAttachment($\"example-{range.Key}\", new()\n {\n TargetGroupArn = exampleTargetGroup.Arn,\n TargetId = range.Value.Id,\n Port = 80,\n }));\n }\n});\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Instance\n options: {}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: example\n properties:\n targetGroupArn: ${exampleTargetGroup.arn}\n targetId: ${range.value.id}\n port: 80\n options: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import Target Group Attachments.\n\n", + "description": "Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the `aws.elb.Attachment` resource.\n\n\u003e **Note:** `aws.alb.TargetGroupAttachment` is known as `aws.lb.TargetGroupAttachment`. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {});\nconst testInstance = new aws.ec2.Instance(\"test\", {});\nconst test = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: testTargetGroup.arn,\n targetId: testInstance.id,\n port: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"test\")\ntest_instance = aws.ec2.Instance(\"test\")\ntest = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test_target_group.arn,\n target_id=test_instance.id,\n port=80)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testTargetGroup = new Aws.LB.TargetGroup(\"test\");\n\n var testInstance = new Aws.Ec2.Instance(\"test\");\n\n var test = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testInstance.Id,\n Port = 80,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := ec2.NewInstance(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testInstance.ID(),\n\t\t\tPort: pulumi.Int(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testTargetGroup = new TargetGroup(\"testTargetGroup\");\n\n var testInstance = new Instance(\"testInstance\");\n\n var test = new TargetGroupAttachment(\"test\", TargetGroupAttachmentArgs.builder() \n .targetGroupArn(testTargetGroup.arn())\n .targetId(testInstance.id())\n .port(80)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:TargetGroupAttachment\n properties:\n targetGroupArn: ${testTargetGroup.arn}\n targetId: ${testInstance.id}\n port: 80\n testTargetGroup:\n type: aws:lb:TargetGroup\n name: test\n testInstance:\n type: aws:ec2:Instance\n name: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.TargetGroup(\"test\", {\n name: \"test\",\n targetType: \"lambda\",\n});\nconst testFunction = new aws.lambda.Function(\"test\", {});\nconst withLb = new aws.lambda.Permission(\"with_lb\", {\n statementId: \"AllowExecutionFromlb\",\n action: \"lambda:InvokeFunction\",\n \"function\": testFunction.name,\n principal: \"elasticloadbalancing.amazonaws.com\",\n sourceArn: test.arn,\n});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: test.arn,\n targetId: testFunction.arn,\n}, {\n dependsOn: [withLb],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.TargetGroup(\"test\",\n name=\"test\",\n target_type=\"lambda\")\ntest_function = aws.lambda_.Function(\"test\")\nwith_lb = aws.lambda_.Permission(\"with_lb\",\n statement_id=\"AllowExecutionFromlb\",\n action=\"lambda:InvokeFunction\",\n function=test_function.name,\n principal=\"elasticloadbalancing.amazonaws.com\",\n source_arn=test.arn)\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test.arn,\n target_id=test_function.arn,\n opts=pulumi.ResourceOptions(depends_on=[with_lb]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.TargetGroup(\"test\", new()\n {\n Name = \"test\",\n TargetType = \"lambda\",\n });\n\n var testFunction = new Aws.Lambda.Function(\"test\");\n\n var withLb = new Aws.Lambda.Permission(\"with_lb\", new()\n {\n StatementId = \"AllowExecutionFromlb\",\n Action = \"lambda:InvokeFunction\",\n Function = testFunction.Name,\n Principal = \"elasticloadbalancing.amazonaws.com\",\n SourceArn = test.Arn,\n });\n\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = test.Arn,\n TargetId = testFunction.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n withLb, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestFunction, err := lambda.NewFunction(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twithLb, err := lambda.NewPermission(ctx, \"with_lb\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromlb\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testFunction.Name,\n\t\t\tPrincipal: pulumi.String(\"elasticloadbalancing.amazonaws.com\"),\n\t\t\tSourceArn: test.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: test.Arn,\n\t\t\tTargetId: testFunction.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twithLb,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new TargetGroup(\"test\", TargetGroupArgs.builder() \n .name(\"test\")\n .targetType(\"lambda\")\n .build());\n\n var testFunction = new Function(\"testFunction\");\n\n var withLb = new Permission(\"withLb\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromlb\")\n .action(\"lambda:InvokeFunction\")\n .function(testFunction.name())\n .principal(\"elasticloadbalancing.amazonaws.com\")\n .sourceArn(test.arn())\n .build());\n\n var testTargetGroupAttachment = new TargetGroupAttachment(\"testTargetGroupAttachment\", TargetGroupAttachmentArgs.builder() \n .targetGroupArn(test.arn())\n .targetId(testFunction.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(withLb)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n withLb:\n type: aws:lambda:Permission\n name: with_lb\n properties:\n statementId: AllowExecutionFromlb\n action: lambda:InvokeFunction\n function: ${testFunction.name}\n principal: elasticloadbalancing.amazonaws.com\n sourceArn: ${test.arn}\n test:\n type: aws:lb:TargetGroup\n properties:\n name: test\n targetType: lambda\n testFunction:\n type: aws:lambda:Function\n name: test\n testTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: test\n properties:\n targetGroupArn: ${test.arn}\n targetId: ${testFunction.arn}\n options:\n dependson:\n - ${withLb}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Registering Multiple Targets\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example: aws.ec2.Instance[] = [];\nfor (const range = {value: 0}; range.value \u003c 3; range.value++) {\n example.push(new aws.ec2.Instance(`example-${range.value}`, {}));\n}\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleTargetGroupAttachment: aws.lb.TargetGroupAttachment[] = [];\npulumi.all(example.map((v, k) =\u003e [k, v]).reduce((__obj, [, ]) =\u003e ({ ...__obj, [k]: v }))).apply(rangeBody =\u003e {\n for (const range of Object.entries(rangeBody).map(([k, v]) =\u003e ({key: k, value: v}))) {\n exampleTargetGroupAttachment.push(new aws.lb.TargetGroupAttachment(`example-${range.key}`, {\n targetGroupArn: exampleTargetGroup.arn,\n targetId: range.value.id,\n port: 80,\n }));\n }\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = []\nfor range in [{\"value\": i} for i in range(0, 3)]:\n example.append(aws.ec2.Instance(f\"example-{range['value']}\"))\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_target_group_attachment = []\ndef create_example(range_body):\n for range in [{\"key\": k, \"value\": v} for [k, v] in enumerate(range_body)]:\n example_target_group_attachment.append(aws.lb.TargetGroupAttachment(f\"example-{range['key']}\",\n target_group_arn=example_target_group.arn,\n target_id=range[\"value\"],\n port=80))\n\npulumi.Output.all({k: v for k, v in example}).apply(lambda resolved_outputs: create_example(resolved_outputs[0]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new List\u003cAws.Ec2.Instance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 3; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Ec2.Instance($\"example-{range.Value}\", new()\n {\n }));\n }\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleTargetGroupAttachment = new List\u003cAws.LB.TargetGroupAttachment\u003e();\n foreach (var range in example.Select((value, i) =\u003e new { Key = i.ToString(), Value = pair.Value }).Select(pair =\u003e new { pair.Key, pair.Value }))\n {\n exampleTargetGroupAttachment.Add(new Aws.LB.TargetGroupAttachment($\"example-{range.Key}\", new()\n {\n TargetGroupArn = exampleTargetGroup.Arn,\n TargetId = range.Value.Id,\n Port = 80,\n }));\n }\n});\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Instance\n options: {}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: example\n properties:\n targetGroupArn: ${exampleTargetGroup.arn}\n targetId: ${range.value.id}\n port: 80\n options: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import Target Group Attachments.\n\n", "properties": { "availabilityZone": { "type": "string", @@ -159744,7 +159744,7 @@ } }, "aws:apigateway/documentationVersion:DocumentationVersion": { - "description": "Provides a resource to manage an API Gateway Documentation Version.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRestApi = new aws.apigateway.RestApi(\"example\", {name: \"example_api\"});\nconst example = new aws.apigateway.DocumentationVersion(\"example\", {\n version: \"example_version\",\n restApiId: exampleRestApi.id,\n description: \"Example description\",\n});\nconst exampleDocumentationPart = new aws.apigateway.DocumentationPart(\"example\", {\n location: {\n type: \"API\",\n },\n properties: \"{\\\"description\\\":\\\"Example\\\"}\",\n restApiId: exampleRestApi.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_rest_api = aws.apigateway.RestApi(\"example\", name=\"example_api\")\nexample = aws.apigateway.DocumentationVersion(\"example\",\n version=\"example_version\",\n rest_api_id=example_rest_api.id,\n description=\"Example description\")\nexample_documentation_part = aws.apigateway.DocumentationPart(\"example\",\n location=aws.apigateway.DocumentationPartLocationArgs(\n type=\"API\",\n ),\n properties=\"{\\\"description\\\":\\\"Example\\\"}\",\n rest_api_id=example_rest_api.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleRestApi = new Aws.ApiGateway.RestApi(\"example\", new()\n {\n Name = \"example_api\",\n });\n\n var example = new Aws.ApiGateway.DocumentationVersion(\"example\", new()\n {\n Version = \"example_version\",\n RestApiId = exampleRestApi.Id,\n Description = \"Example description\",\n });\n\n var exampleDocumentationPart = new Aws.ApiGateway.DocumentationPart(\"example\", new()\n {\n Location = new Aws.ApiGateway.Inputs.DocumentationPartLocationArgs\n {\n Type = \"API\",\n },\n Properties = \"{\\\"description\\\":\\\"Example\\\"}\",\n RestApiId = exampleRestApi.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRestApi, err := apigateway.NewRestApi(ctx, \"example\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"example_api\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewDocumentationVersion(ctx, \"example\", \u0026apigateway.DocumentationVersionArgs{\n\t\t\tVersion: pulumi.String(\"example_version\"),\n\t\t\tRestApiId: exampleRestApi.ID(),\n\t\t\tDescription: pulumi.String(\"Example description\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewDocumentationPart(ctx, \"example\", \u0026apigateway.DocumentationPartArgs{\n\t\t\tLocation: \u0026apigateway.DocumentationPartLocationArgs{\n\t\t\t\tType: pulumi.String(\"API\"),\n\t\t\t},\n\t\t\tProperties: pulumi.String(\"{\\\"description\\\":\\\"Example\\\"}\"),\n\t\t\tRestApiId: exampleRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.DocumentationVersion;\nimport com.pulumi.aws.apigateway.DocumentationVersionArgs;\nimport com.pulumi.aws.apigateway.DocumentationPart;\nimport com.pulumi.aws.apigateway.DocumentationPartArgs;\nimport com.pulumi.aws.apigateway.inputs.DocumentationPartLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleRestApi = new RestApi(\"exampleRestApi\", RestApiArgs.builder() \n .name(\"example_api\")\n .build());\n\n var example = new DocumentationVersion(\"example\", DocumentationVersionArgs.builder() \n .version(\"example_version\")\n .restApiId(exampleRestApi.id())\n .description(\"Example description\")\n .build());\n\n var exampleDocumentationPart = new DocumentationPart(\"exampleDocumentationPart\", DocumentationPartArgs.builder() \n .location(DocumentationPartLocationArgs.builder()\n .type(\"API\")\n .build())\n .properties(\"{\\\"description\\\":\\\"Example\\\"}\")\n .restApiId(exampleRestApi.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigateway:DocumentationVersion\n properties:\n version: example_version\n restApiId: ${exampleRestApi.id}\n description: Example description\n exampleRestApi:\n type: aws:apigateway:RestApi\n name: example\n properties:\n name: example_api\n exampleDocumentationPart:\n type: aws:apigateway:DocumentationPart\n name: example\n properties:\n location:\n type: API\n properties: '{\"description\":\"Example\"}'\n restApiId: ${exampleRestApi.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import API Gateway documentation versions using `REST-API-ID/VERSION`. For example:\n\n```sh\n$ pulumi import aws:apigateway/documentationVersion:DocumentationVersion example 5i4e1ko720/example-version\n```\n", + "description": "Provides a resource to manage an API Gateway Documentation Version.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleRestApi = new aws.apigateway.RestApi(\"example\", {name: \"example_api\"});\nconst exampleDocumentationPart = new aws.apigateway.DocumentationPart(\"example\", {\n location: {\n type: \"API\",\n },\n properties: \"{\\\"description\\\":\\\"Example\\\"}\",\n restApiId: exampleRestApi.id,\n});\nconst example = new aws.apigateway.DocumentationVersion(\"example\", {\n version: \"example_version\",\n restApiId: exampleRestApi.id,\n description: \"Example description\",\n}, {\n dependsOn: [exampleDocumentationPart],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_rest_api = aws.apigateway.RestApi(\"example\", name=\"example_api\")\nexample_documentation_part = aws.apigateway.DocumentationPart(\"example\",\n location=aws.apigateway.DocumentationPartLocationArgs(\n type=\"API\",\n ),\n properties=\"{\\\"description\\\":\\\"Example\\\"}\",\n rest_api_id=example_rest_api.id)\nexample = aws.apigateway.DocumentationVersion(\"example\",\n version=\"example_version\",\n rest_api_id=example_rest_api.id,\n description=\"Example description\",\n opts=pulumi.ResourceOptions(depends_on=[example_documentation_part]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleRestApi = new Aws.ApiGateway.RestApi(\"example\", new()\n {\n Name = \"example_api\",\n });\n\n var exampleDocumentationPart = new Aws.ApiGateway.DocumentationPart(\"example\", new()\n {\n Location = new Aws.ApiGateway.Inputs.DocumentationPartLocationArgs\n {\n Type = \"API\",\n },\n Properties = \"{\\\"description\\\":\\\"Example\\\"}\",\n RestApiId = exampleRestApi.Id,\n });\n\n var example = new Aws.ApiGateway.DocumentationVersion(\"example\", new()\n {\n Version = \"example_version\",\n RestApiId = exampleRestApi.Id,\n Description = \"Example description\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleDocumentationPart, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleRestApi, err := apigateway.NewRestApi(ctx, \"example\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"example_api\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDocumentationPart, err := apigateway.NewDocumentationPart(ctx, \"example\", \u0026apigateway.DocumentationPartArgs{\n\t\t\tLocation: \u0026apigateway.DocumentationPartLocationArgs{\n\t\t\t\tType: pulumi.String(\"API\"),\n\t\t\t},\n\t\t\tProperties: pulumi.String(\"{\\\"description\\\":\\\"Example\\\"}\"),\n\t\t\tRestApiId: exampleRestApi.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewDocumentationVersion(ctx, \"example\", \u0026apigateway.DocumentationVersionArgs{\n\t\t\tVersion: pulumi.String(\"example_version\"),\n\t\t\tRestApiId: exampleRestApi.ID(),\n\t\t\tDescription: pulumi.String(\"Example description\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleDocumentationPart,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.DocumentationPart;\nimport com.pulumi.aws.apigateway.DocumentationPartArgs;\nimport com.pulumi.aws.apigateway.inputs.DocumentationPartLocationArgs;\nimport com.pulumi.aws.apigateway.DocumentationVersion;\nimport com.pulumi.aws.apigateway.DocumentationVersionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleRestApi = new RestApi(\"exampleRestApi\", RestApiArgs.builder() \n .name(\"example_api\")\n .build());\n\n var exampleDocumentationPart = new DocumentationPart(\"exampleDocumentationPart\", DocumentationPartArgs.builder() \n .location(DocumentationPartLocationArgs.builder()\n .type(\"API\")\n .build())\n .properties(\"{\\\"description\\\":\\\"Example\\\"}\")\n .restApiId(exampleRestApi.id())\n .build());\n\n var example = new DocumentationVersion(\"example\", DocumentationVersionArgs.builder() \n .version(\"example_version\")\n .restApiId(exampleRestApi.id())\n .description(\"Example description\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleDocumentationPart)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigateway:DocumentationVersion\n properties:\n version: example_version\n restApiId: ${exampleRestApi.id}\n description: Example description\n options:\n dependson:\n - ${exampleDocumentationPart}\n exampleRestApi:\n type: aws:apigateway:RestApi\n name: example\n properties:\n name: example_api\n exampleDocumentationPart:\n type: aws:apigateway:DocumentationPart\n name: example\n properties:\n location:\n type: API\n properties: '{\"description\":\"Example\"}'\n restApiId: ${exampleRestApi.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import API Gateway documentation versions using `REST-API-ID/VERSION`. For example:\n\n```sh\n$ pulumi import aws:apigateway/documentationVersion:DocumentationVersion example 5i4e1ko720/example-version\n```\n", "properties": { "description": { "type": "string", @@ -160750,7 +160750,7 @@ } }, "aws:apigateway/methodResponse:MethodResponse": { - "description": "Provides an HTTP Method Response for an API Gateway Resource. More information about API Gateway method responses can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-settings-method-response.html).\n\n## Example Usage\n\n### Basic Response\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n type: \"MOCK\",\n});\nconst response200 = new aws.apigateway.MethodResponse(\"response_200\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n statusCode: \"200\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"MyDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\")\nmy_demo_method = aws.apigateway.Method(\"MyDemoMethod\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\nmy_demo_integration = aws.apigateway.Integration(\"MyDemoIntegration\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n type=\"MOCK\")\nresponse200 = aws.apigateway.MethodResponse(\"response_200\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n status_code=\"200\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoResource = new Aws.ApiGateway.Resource(\"MyDemoResource\", new()\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n });\n\n var myDemoMethod = new Aws.ApiGateway.Method(\"MyDemoMethod\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"MyDemoIntegration\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n Type = \"MOCK\",\n });\n\n var response200 = new Aws.ApiGateway.MethodResponse(\"response_200\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n StatusCode = \"200\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"MyDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"MyDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"MyDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodResponse(ctx, \"response_200\", \u0026apigateway.MethodResponseArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport com.pulumi.aws.apigateway.Integration;\nimport com.pulumi.aws.apigateway.IntegrationArgs;\nimport com.pulumi.aws.apigateway.MethodResponse;\nimport com.pulumi.aws.apigateway.MethodResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder() \n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoResource = new Resource(\"myDemoResource\", ResourceArgs.builder() \n .restApi(myDemoAPI.id())\n .parentId(myDemoAPI.rootResourceId())\n .pathPart(\"mydemoresource\")\n .build());\n\n var myDemoMethod = new Method(\"myDemoMethod\", MethodArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .build());\n\n var myDemoIntegration = new Integration(\"myDemoIntegration\", IntegrationArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .type(\"MOCK\")\n .build());\n\n var response200 = new MethodResponse(\"response200\", MethodResponseArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .statusCode(\"200\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoResource:\n type: aws:apigateway:Resource\n name: MyDemoResource\n properties:\n restApi: ${myDemoAPI.id}\n parentId: ${myDemoAPI.rootResourceId}\n pathPart: mydemoresource\n myDemoMethod:\n type: aws:apigateway:Method\n name: MyDemoMethod\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: GET\n authorization: NONE\n myDemoIntegration:\n type: aws:apigateway:Integration\n name: MyDemoIntegration\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n type: MOCK\n response200:\n type: aws:apigateway:MethodResponse\n name: response_200\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n statusCode: '200'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Response with Custom Header and Model\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n type: \"MOCK\",\n});\nconst myDemoResponseModel = new aws.apigateway.Model(\"MyDemoResponseModel\", {\n restApi: myDemoAPI.id,\n name: \"MyDemoResponseModel\",\n description: \"API response for MyDemoMethod\",\n contentType: \"application/json\",\n schema: JSON.stringify({\n $schema: \"http://json-schema.org/draft-04/schema#\",\n title: \"MyDemoResponse\",\n type: \"object\",\n properties: {\n message: {\n type: \"string\",\n },\n },\n }),\n});\nconst response200 = new aws.apigateway.MethodResponse(\"response_200\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n statusCode: \"200\",\n responseModels: {\n \"application/json\": \"MyDemoResponseModel\",\n },\n responseParameters: {\n \"method.response.header.Content-Type\": false,\n \"method-response-header.X-My-Demo-Header\": false,\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"MyDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\")\nmy_demo_method = aws.apigateway.Method(\"MyDemoMethod\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\nmy_demo_integration = aws.apigateway.Integration(\"MyDemoIntegration\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n type=\"MOCK\")\nmy_demo_response_model = aws.apigateway.Model(\"MyDemoResponseModel\",\n rest_api=my_demo_api.id,\n name=\"MyDemoResponseModel\",\n description=\"API response for MyDemoMethod\",\n content_type=\"application/json\",\n schema=json.dumps({\n \"$schema\": \"http://json-schema.org/draft-04/schema#\",\n \"title\": \"MyDemoResponse\",\n \"type\": \"object\",\n \"properties\": {\n \"message\": {\n \"type\": \"string\",\n },\n },\n }))\nresponse200 = aws.apigateway.MethodResponse(\"response_200\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n status_code=\"200\",\n response_models={\n \"application/json\": \"MyDemoResponseModel\",\n },\n response_parameters={\n \"method.response.header.Content-Type\": False,\n \"method-response-header.X-My-Demo-Header\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoResource = new Aws.ApiGateway.Resource(\"MyDemoResource\", new()\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n });\n\n var myDemoMethod = new Aws.ApiGateway.Method(\"MyDemoMethod\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"MyDemoIntegration\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n Type = \"MOCK\",\n });\n\n var myDemoResponseModel = new Aws.ApiGateway.Model(\"MyDemoResponseModel\", new()\n {\n RestApi = myDemoAPI.Id,\n Name = \"MyDemoResponseModel\",\n Description = \"API response for MyDemoMethod\",\n ContentType = \"application/json\",\n Schema = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"$schema\"] = \"http://json-schema.org/draft-04/schema#\",\n [\"title\"] = \"MyDemoResponse\",\n [\"type\"] = \"object\",\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"message\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"string\",\n },\n },\n }),\n });\n\n var response200 = new Aws.ApiGateway.MethodResponse(\"response_200\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n StatusCode = \"200\",\n ResponseModels = \n {\n { \"application/json\", \"MyDemoResponseModel\" },\n },\n ResponseParameters = \n {\n { \"method.response.header.Content-Type\", false },\n { \"method-response-header.X-My-Demo-Header\", false },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"MyDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"MyDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"MyDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"$schema\": \"http://json-schema.org/draft-04/schema#\",\n\t\t\t\"title\": \"MyDemoResponse\",\n\t\t\t\"type\": \"object\",\n\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\"message\": map[string]interface{}{\n\t\t\t\t\t\"type\": \"string\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = apigateway.NewModel(ctx, \"MyDemoResponseModel\", \u0026apigateway.ModelArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tName: pulumi.String(\"MyDemoResponseModel\"),\n\t\t\tDescription: pulumi.String(\"API response for MyDemoMethod\"),\n\t\t\tContentType: pulumi.String(\"application/json\"),\n\t\t\tSchema: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodResponse(ctx, \"response_200\", \u0026apigateway.MethodResponseArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\tResponseModels: pulumi.StringMap{\n\t\t\t\t\"application/json\": pulumi.String(\"MyDemoResponseModel\"),\n\t\t\t},\n\t\t\tResponseParameters: pulumi.BoolMap{\n\t\t\t\t\"method.response.header.Content-Type\": pulumi.Bool(false),\n\t\t\t\t\"method-response-header.X-My-Demo-Header\": pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport com.pulumi.aws.apigateway.Integration;\nimport com.pulumi.aws.apigateway.IntegrationArgs;\nimport com.pulumi.aws.apigateway.Model;\nimport com.pulumi.aws.apigateway.ModelArgs;\nimport com.pulumi.aws.apigateway.MethodResponse;\nimport com.pulumi.aws.apigateway.MethodResponseArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder() \n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoResource = new Resource(\"myDemoResource\", ResourceArgs.builder() \n .restApi(myDemoAPI.id())\n .parentId(myDemoAPI.rootResourceId())\n .pathPart(\"mydemoresource\")\n .build());\n\n var myDemoMethod = new Method(\"myDemoMethod\", MethodArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .build());\n\n var myDemoIntegration = new Integration(\"myDemoIntegration\", IntegrationArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .type(\"MOCK\")\n .build());\n\n var myDemoResponseModel = new Model(\"myDemoResponseModel\", ModelArgs.builder() \n .restApi(myDemoAPI.id())\n .name(\"MyDemoResponseModel\")\n .description(\"API response for MyDemoMethod\")\n .contentType(\"application/json\")\n .schema(serializeJson(\n jsonObject(\n jsonProperty(\"$schema\", \"http://json-schema.org/draft-04/schema#\"),\n jsonProperty(\"title\", \"MyDemoResponse\"),\n jsonProperty(\"type\", \"object\"),\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"message\", jsonObject(\n jsonProperty(\"type\", \"string\")\n ))\n ))\n )))\n .build());\n\n var response200 = new MethodResponse(\"response200\", MethodResponseArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .statusCode(\"200\")\n .responseModels(Map.of(\"application/json\", \"MyDemoResponseModel\"))\n .responseParameters(Map.ofEntries(\n Map.entry(\"method.response.header.Content-Type\", false),\n Map.entry(\"method-response-header.X-My-Demo-Header\", false)\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoResource:\n type: aws:apigateway:Resource\n name: MyDemoResource\n properties:\n restApi: ${myDemoAPI.id}\n parentId: ${myDemoAPI.rootResourceId}\n pathPart: mydemoresource\n myDemoMethod:\n type: aws:apigateway:Method\n name: MyDemoMethod\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: GET\n authorization: NONE\n myDemoIntegration:\n type: aws:apigateway:Integration\n name: MyDemoIntegration\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n type: MOCK\n myDemoResponseModel:\n type: aws:apigateway:Model\n name: MyDemoResponseModel\n properties:\n restApi: ${myDemoAPI.id}\n name: MyDemoResponseModel\n description: API response for MyDemoMethod\n contentType: application/json\n schema:\n fn::toJSON:\n $schema: http://json-schema.org/draft-04/schema#\n title: MyDemoResponse\n type: object\n properties:\n message:\n type: string\n response200:\n type: aws:apigateway:MethodResponse\n name: response_200\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n statusCode: '200'\n responseModels:\n application/json: MyDemoResponseModel\n responseParameters:\n method.response.header.Content-Type: false\n method-response-header.X-My-Demo-Header: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_method_response` using `REST-API-ID/RESOURCE-ID/HTTP-METHOD/STATUS-CODE`. For example:\n\n```sh\n$ pulumi import aws:apigateway/methodResponse:MethodResponse example 12345abcde/67890fghij/GET/200\n```\n", + "description": "Provides an HTTP Method Response for an API Gateway Resource. More information about API Gateway method responses can be found in the [Amazon API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-settings-method-response.html).\n\n## Example Usage\n\n### Basic Response\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n type: \"MOCK\",\n});\nconst response200 = new aws.apigateway.MethodResponse(\"response_200\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n statusCode: \"200\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"MyDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\")\nmy_demo_method = aws.apigateway.Method(\"MyDemoMethod\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\nmy_demo_integration = aws.apigateway.Integration(\"MyDemoIntegration\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n type=\"MOCK\")\nresponse200 = aws.apigateway.MethodResponse(\"response_200\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n status_code=\"200\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoResource = new Aws.ApiGateway.Resource(\"MyDemoResource\", new()\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n });\n\n var myDemoMethod = new Aws.ApiGateway.Method(\"MyDemoMethod\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"MyDemoIntegration\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n Type = \"MOCK\",\n });\n\n var response200 = new Aws.ApiGateway.MethodResponse(\"response_200\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n StatusCode = \"200\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"MyDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"MyDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"MyDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodResponse(ctx, \"response_200\", \u0026apigateway.MethodResponseArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport com.pulumi.aws.apigateway.Integration;\nimport com.pulumi.aws.apigateway.IntegrationArgs;\nimport com.pulumi.aws.apigateway.MethodResponse;\nimport com.pulumi.aws.apigateway.MethodResponseArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder() \n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoResource = new Resource(\"myDemoResource\", ResourceArgs.builder() \n .restApi(myDemoAPI.id())\n .parentId(myDemoAPI.rootResourceId())\n .pathPart(\"mydemoresource\")\n .build());\n\n var myDemoMethod = new Method(\"myDemoMethod\", MethodArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .build());\n\n var myDemoIntegration = new Integration(\"myDemoIntegration\", IntegrationArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .type(\"MOCK\")\n .build());\n\n var response200 = new MethodResponse(\"response200\", MethodResponseArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .statusCode(\"200\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoResource:\n type: aws:apigateway:Resource\n name: MyDemoResource\n properties:\n restApi: ${myDemoAPI.id}\n parentId: ${myDemoAPI.rootResourceId}\n pathPart: mydemoresource\n myDemoMethod:\n type: aws:apigateway:Method\n name: MyDemoMethod\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: GET\n authorization: NONE\n myDemoIntegration:\n type: aws:apigateway:Integration\n name: MyDemoIntegration\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n type: MOCK\n response200:\n type: aws:apigateway:MethodResponse\n name: response_200\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n statusCode: '200'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Response with Custom Header and Model\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst myDemoResource = new aws.apigateway.Resource(\"MyDemoResource\", {\n restApi: myDemoAPI.id,\n parentId: myDemoAPI.rootResourceId,\n pathPart: \"mydemoresource\",\n});\nconst myDemoMethod = new aws.apigateway.Method(\"MyDemoMethod\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: \"GET\",\n authorization: \"NONE\",\n});\nconst myDemoIntegration = new aws.apigateway.Integration(\"MyDemoIntegration\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n type: \"MOCK\",\n});\nconst myDemoResponseModel = new aws.apigateway.Model(\"MyDemoResponseModel\", {\n restApi: myDemoAPI.id,\n name: \"MyDemoResponseModel\",\n description: \"API response for MyDemoMethod\",\n contentType: \"application/json\",\n schema: JSON.stringify({\n $schema: \"http://json-schema.org/draft-04/schema#\",\n title: \"MyDemoResponse\",\n type: \"object\",\n properties: {\n Message: {\n type: \"string\",\n },\n },\n }),\n});\nconst response200 = new aws.apigateway.MethodResponse(\"response_200\", {\n restApi: myDemoAPI.id,\n resourceId: myDemoResource.id,\n httpMethod: myDemoMethod.httpMethod,\n statusCode: \"200\",\n responseModels: {\n \"application/json\": \"MyDemoResponseModel\",\n },\n responseParameters: {\n \"method.response.header.Content-Type\": false,\n \"method-response-header.X-My-Demo-Header\": false,\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nmy_demo_resource = aws.apigateway.Resource(\"MyDemoResource\",\n rest_api=my_demo_api.id,\n parent_id=my_demo_api.root_resource_id,\n path_part=\"mydemoresource\")\nmy_demo_method = aws.apigateway.Method(\"MyDemoMethod\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=\"GET\",\n authorization=\"NONE\")\nmy_demo_integration = aws.apigateway.Integration(\"MyDemoIntegration\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n type=\"MOCK\")\nmy_demo_response_model = aws.apigateway.Model(\"MyDemoResponseModel\",\n rest_api=my_demo_api.id,\n name=\"MyDemoResponseModel\",\n description=\"API response for MyDemoMethod\",\n content_type=\"application/json\",\n schema=json.dumps({\n \"$schema\": \"http://json-schema.org/draft-04/schema#\",\n \"title\": \"MyDemoResponse\",\n \"type\": \"object\",\n \"properties\": {\n \"Message\": {\n \"type\": \"string\",\n },\n },\n }))\nresponse200 = aws.apigateway.MethodResponse(\"response_200\",\n rest_api=my_demo_api.id,\n resource_id=my_demo_resource.id,\n http_method=my_demo_method.http_method,\n status_code=\"200\",\n response_models={\n \"application/json\": \"MyDemoResponseModel\",\n },\n response_parameters={\n \"method.response.header.Content-Type\": False,\n \"method-response-header.X-My-Demo-Header\": False,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var myDemoResource = new Aws.ApiGateway.Resource(\"MyDemoResource\", new()\n {\n RestApi = myDemoAPI.Id,\n ParentId = myDemoAPI.RootResourceId,\n PathPart = \"mydemoresource\",\n });\n\n var myDemoMethod = new Aws.ApiGateway.Method(\"MyDemoMethod\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = \"GET\",\n Authorization = \"NONE\",\n });\n\n var myDemoIntegration = new Aws.ApiGateway.Integration(\"MyDemoIntegration\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n Type = \"MOCK\",\n });\n\n var myDemoResponseModel = new Aws.ApiGateway.Model(\"MyDemoResponseModel\", new()\n {\n RestApi = myDemoAPI.Id,\n Name = \"MyDemoResponseModel\",\n Description = \"API response for MyDemoMethod\",\n ContentType = \"application/json\",\n Schema = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"$schema\"] = \"http://json-schema.org/draft-04/schema#\",\n [\"title\"] = \"MyDemoResponse\",\n [\"type\"] = \"object\",\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Message\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"string\",\n },\n },\n }),\n });\n\n var response200 = new Aws.ApiGateway.MethodResponse(\"response_200\", new()\n {\n RestApi = myDemoAPI.Id,\n ResourceId = myDemoResource.Id,\n HttpMethod = myDemoMethod.HttpMethod,\n StatusCode = \"200\",\n ResponseModels = \n {\n { \"application/json\", \"MyDemoResponseModel\" },\n },\n ResponseParameters = \n {\n { \"method.response.header.Content-Type\", false },\n { \"method-response-header.X-My-Demo-Header\", false },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoResource, err := apigateway.NewResource(ctx, \"MyDemoResource\", \u0026apigateway.ResourceArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tParentId: myDemoAPI.RootResourceId,\n\t\t\tPathPart: pulumi.String(\"mydemoresource\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyDemoMethod, err := apigateway.NewMethod(ctx, \"MyDemoMethod\", \u0026apigateway.MethodArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: pulumi.String(\"GET\"),\n\t\t\tAuthorization: pulumi.String(\"NONE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewIntegration(ctx, \"MyDemoIntegration\", \u0026apigateway.IntegrationArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tType: pulumi.String(\"MOCK\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"$schema\": \"http://json-schema.org/draft-04/schema#\",\n\t\t\t\"title\": \"MyDemoResponse\",\n\t\t\t\"type\": \"object\",\n\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\"Message\": map[string]interface{}{\n\t\t\t\t\t\"type\": \"string\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = apigateway.NewModel(ctx, \"MyDemoResponseModel\", \u0026apigateway.ModelArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tName: pulumi.String(\"MyDemoResponseModel\"),\n\t\t\tDescription: pulumi.String(\"API response for MyDemoMethod\"),\n\t\t\tContentType: pulumi.String(\"application/json\"),\n\t\t\tSchema: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodResponse(ctx, \"response_200\", \u0026apigateway.MethodResponseArgs{\n\t\t\tRestApi: myDemoAPI.ID(),\n\t\t\tResourceId: myDemoResource.ID(),\n\t\t\tHttpMethod: myDemoMethod.HttpMethod,\n\t\t\tStatusCode: pulumi.String(\"200\"),\n\t\t\tResponseModels: pulumi.StringMap{\n\t\t\t\t\"application/json\": pulumi.String(\"MyDemoResponseModel\"),\n\t\t\t},\n\t\t\tResponseParameters: pulumi.BoolMap{\n\t\t\t\t\"method.response.header.Content-Type\": pulumi.Bool(false),\n\t\t\t\t\"method-response-header.X-My-Demo-Header\": pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Resource;\nimport com.pulumi.aws.apigateway.ResourceArgs;\nimport com.pulumi.aws.apigateway.Method;\nimport com.pulumi.aws.apigateway.MethodArgs;\nimport com.pulumi.aws.apigateway.Integration;\nimport com.pulumi.aws.apigateway.IntegrationArgs;\nimport com.pulumi.aws.apigateway.Model;\nimport com.pulumi.aws.apigateway.ModelArgs;\nimport com.pulumi.aws.apigateway.MethodResponse;\nimport com.pulumi.aws.apigateway.MethodResponseArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder() \n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var myDemoResource = new Resource(\"myDemoResource\", ResourceArgs.builder() \n .restApi(myDemoAPI.id())\n .parentId(myDemoAPI.rootResourceId())\n .pathPart(\"mydemoresource\")\n .build());\n\n var myDemoMethod = new Method(\"myDemoMethod\", MethodArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(\"GET\")\n .authorization(\"NONE\")\n .build());\n\n var myDemoIntegration = new Integration(\"myDemoIntegration\", IntegrationArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .type(\"MOCK\")\n .build());\n\n var myDemoResponseModel = new Model(\"myDemoResponseModel\", ModelArgs.builder() \n .restApi(myDemoAPI.id())\n .name(\"MyDemoResponseModel\")\n .description(\"API response for MyDemoMethod\")\n .contentType(\"application/json\")\n .schema(serializeJson(\n jsonObject(\n jsonProperty(\"$schema\", \"http://json-schema.org/draft-04/schema#\"),\n jsonProperty(\"title\", \"MyDemoResponse\"),\n jsonProperty(\"type\", \"object\"),\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"Message\", jsonObject(\n jsonProperty(\"type\", \"string\")\n ))\n ))\n )))\n .build());\n\n var response200 = new MethodResponse(\"response200\", MethodResponseArgs.builder() \n .restApi(myDemoAPI.id())\n .resourceId(myDemoResource.id())\n .httpMethod(myDemoMethod.httpMethod())\n .statusCode(\"200\")\n .responseModels(Map.of(\"application/json\", \"MyDemoResponseModel\"))\n .responseParameters(Map.ofEntries(\n Map.entry(\"method.response.header.Content-Type\", false),\n Map.entry(\"method-response-header.X-My-Demo-Header\", false)\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n myDemoResource:\n type: aws:apigateway:Resource\n name: MyDemoResource\n properties:\n restApi: ${myDemoAPI.id}\n parentId: ${myDemoAPI.rootResourceId}\n pathPart: mydemoresource\n myDemoMethod:\n type: aws:apigateway:Method\n name: MyDemoMethod\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: GET\n authorization: NONE\n myDemoIntegration:\n type: aws:apigateway:Integration\n name: MyDemoIntegration\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n type: MOCK\n myDemoResponseModel:\n type: aws:apigateway:Model\n name: MyDemoResponseModel\n properties:\n restApi: ${myDemoAPI.id}\n name: MyDemoResponseModel\n description: API response for MyDemoMethod\n contentType: application/json\n schema:\n fn::toJSON:\n $schema: http://json-schema.org/draft-04/schema#\n title: MyDemoResponse\n type: object\n properties:\n Message:\n type: string\n response200:\n type: aws:apigateway:MethodResponse\n name: response_200\n properties:\n restApi: ${myDemoAPI.id}\n resourceId: ${myDemoResource.id}\n httpMethod: ${myDemoMethod.httpMethod}\n statusCode: '200'\n responseModels:\n application/json: MyDemoResponseModel\n responseParameters:\n method.response.header.Content-Type: false\n method-response-header.X-My-Demo-Header: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_method_response` using `REST-API-ID/RESOURCE-ID/HTTP-METHOD/STATUS-CODE`. For example:\n\n```sh\n$ pulumi import aws:apigateway/methodResponse:MethodResponse example 12345abcde/67890fghij/GET/200\n```\n", "properties": { "httpMethod": { "type": "string", @@ -161677,7 +161677,7 @@ } }, "aws:apigateway/stage:Stage": { - "description": "Manages an API Gateway Stage. A stage is a named reference to a deployment, which can be done via the `aws.apigateway.Deployment` resource. Stages can be optionally managed further with the `aws.apigateway.BasePathMapping` resource, `aws.apigateway.DomainName` resource, and `aws_api_method_settings` resource. For more information, see the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-stages.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.apigateway.RestApi(\"example\", {\n body: JSON.stringify({\n openapi: \"3.0.1\",\n info: {\n title: \"example\",\n version: \"1.0\",\n },\n paths: {\n \"/path1\": {\n get: {\n \"x-amazon-apigateway-integration\": {\n httpMethod: \"GET\",\n payloadFormatVersion: \"1.0\",\n type: \"HTTP_PROXY\",\n uri: \"https://ip-ranges.amazonaws.com/ip-ranges.json\",\n },\n },\n },\n },\n }),\n name: \"example\",\n});\nconst exampleDeployment = new aws.apigateway.Deployment(\"example\", {\n restApi: example.id,\n triggers: {\n redeployment: std.sha1Output({\n input: pulumi.jsonStringify(example.body),\n }).apply(invoke =\u003e invoke.result),\n },\n});\nconst exampleStage = new aws.apigateway.Stage(\"example\", {\n deployment: exampleDeployment.id,\n restApi: example.id,\n stageName: \"example\",\n});\nconst exampleMethodSettings = new aws.apigateway.MethodSettings(\"example\", {\n restApi: example.id,\n stageName: exampleStage.stageName,\n methodPath: \"*/*\",\n settings: {\n metricsEnabled: true,\n loggingLevel: \"INFO\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.apigateway.RestApi(\"example\",\n body=json.dumps({\n \"openapi\": \"3.0.1\",\n \"info\": {\n \"title\": \"example\",\n \"version\": \"1.0\",\n },\n \"paths\": {\n \"/path1\": {\n \"get\": {\n \"x-amazon-apigateway-integration\": {\n \"httpMethod\": \"GET\",\n \"payloadFormatVersion\": \"1.0\",\n \"type\": \"HTTP_PROXY\",\n \"uri\": \"https://ip-ranges.amazonaws.com/ip-ranges.json\",\n },\n },\n },\n },\n }),\n name=\"example\")\nexample_deployment = aws.apigateway.Deployment(\"example\",\n rest_api=example.id,\n triggers={\n \"redeployment\": std.sha1_output(input=pulumi.Output.json_dumps(example.body)).apply(lambda invoke: invoke.result),\n })\nexample_stage = aws.apigateway.Stage(\"example\",\n deployment=example_deployment.id,\n rest_api=example.id,\n stage_name=\"example\")\nexample_method_settings = aws.apigateway.MethodSettings(\"example\",\n rest_api=example.id,\n stage_name=example_stage.stage_name,\n method_path=\"*/*\",\n settings=aws.apigateway.MethodSettingsSettingsArgs(\n metrics_enabled=True,\n logging_level=\"INFO\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGateway.RestApi(\"example\", new()\n {\n Body = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"openapi\"] = \"3.0.1\",\n [\"info\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"title\"] = \"example\",\n [\"version\"] = \"1.0\",\n },\n [\"paths\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"/path1\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"get\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"x-amazon-apigateway-integration\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"httpMethod\"] = \"GET\",\n [\"payloadFormatVersion\"] = \"1.0\",\n [\"type\"] = \"HTTP_PROXY\",\n [\"uri\"] = \"https://ip-ranges.amazonaws.com/ip-ranges.json\",\n },\n },\n },\n },\n }),\n Name = \"example\",\n });\n\n var exampleDeployment = new Aws.ApiGateway.Deployment(\"example\", new()\n {\n RestApi = example.Id,\n Triggers = \n {\n { \"redeployment\", Std.Sha1.Invoke(new()\n {\n Input = Output.JsonSerialize(Output.Create(example.Body)),\n }).Apply(invoke =\u003e invoke.Result) },\n },\n });\n\n var exampleStage = new Aws.ApiGateway.Stage(\"example\", new()\n {\n Deployment = exampleDeployment.Id,\n RestApi = example.Id,\n StageName = \"example\",\n });\n\n var exampleMethodSettings = new Aws.ApiGateway.MethodSettings(\"example\", new()\n {\n RestApi = example.Id,\n StageName = exampleStage.StageName,\n MethodPath = \"*/*\",\n Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs\n {\n MetricsEnabled = true,\n LoggingLevel = \"INFO\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"openapi\": \"3.0.1\",\n\t\t\t\"info\": map[string]interface{}{\n\t\t\t\t\"title\": \"example\",\n\t\t\t\t\"version\": \"1.0\",\n\t\t\t},\n\t\t\t\"paths\": map[string]interface{}{\n\t\t\t\t\"/path1\": map[string]interface{}{\n\t\t\t\t\t\"get\": map[string]interface{}{\n\t\t\t\t\t\t\"x-amazon-apigateway-integration\": map[string]interface{}{\n\t\t\t\t\t\t\t\"httpMethod\": \"GET\",\n\t\t\t\t\t\t\t\"payloadFormatVersion\": \"1.0\",\n\t\t\t\t\t\t\t\"type\": \"HTTP_PROXY\",\n\t\t\t\t\t\t\t\"uri\": \"https://ip-ranges.amazonaws.com/ip-ranges.json\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := apigateway.NewRestApi(ctx, \"example\", \u0026apigateway.RestApiArgs{\n\t\t\tBody: pulumi.String(json0),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDeployment, err := apigateway.NewDeployment(ctx, \"example\", \u0026apigateway.DeploymentArgs{\n\t\t\tRestApi: example.ID(),\n\t\t\tTriggers: pulumi.StringMap{\n\t\t\t\t\"redeployment\": std.Sha1Output(ctx, std.Sha1OutputArgs{\n\t\t\t\t\tInput: example.Body.ApplyT(func(body *string) (pulumi.String, error) {\n\t\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\t\ttmpJSON1, err := json.Marshal(body)\n\t\t\t\t\t\tif err != nil {\n\t\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t\t}\n\t\t\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t}, nil).ApplyT(func(invoke std.Sha1Result) (*string, error) {\n\t\t\t\t\treturn invoke.Result, nil\n\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleStage, err := apigateway.NewStage(ctx, \"example\", \u0026apigateway.StageArgs{\n\t\t\tDeployment: exampleDeployment.ID(),\n\t\t\tRestApi: example.ID(),\n\t\t\tStageName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodSettings(ctx, \"example\", \u0026apigateway.MethodSettingsArgs{\n\t\t\tRestApi: example.ID(),\n\t\t\tStageName: exampleStage.StageName,\n\t\t\tMethodPath: pulumi.String(\"*/*\"),\n\t\t\tSettings: \u0026apigateway.MethodSettingsSettingsArgs{\n\t\t\t\tMetricsEnabled: pulumi.Bool(true),\n\t\t\t\tLoggingLevel: pulumi.String(\"INFO\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Deployment;\nimport com.pulumi.aws.apigateway.DeploymentArgs;\nimport com.pulumi.aws.apigateway.Stage;\nimport com.pulumi.aws.apigateway.StageArgs;\nimport com.pulumi.aws.apigateway.MethodSettings;\nimport com.pulumi.aws.apigateway.MethodSettingsArgs;\nimport com.pulumi.aws.apigateway.inputs.MethodSettingsSettingsArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RestApi(\"example\", RestApiArgs.builder() \n .body(serializeJson(\n jsonObject(\n jsonProperty(\"openapi\", \"3.0.1\"),\n jsonProperty(\"info\", jsonObject(\n jsonProperty(\"title\", \"example\"),\n jsonProperty(\"version\", \"1.0\")\n )),\n jsonProperty(\"paths\", jsonObject(\n jsonProperty(\"/path1\", jsonObject(\n jsonProperty(\"get\", jsonObject(\n jsonProperty(\"x-amazon-apigateway-integration\", jsonObject(\n jsonProperty(\"httpMethod\", \"GET\"),\n jsonProperty(\"payloadFormatVersion\", \"1.0\"),\n jsonProperty(\"type\", \"HTTP_PROXY\"),\n jsonProperty(\"uri\", \"https://ip-ranges.amazonaws.com/ip-ranges.json\")\n ))\n ))\n ))\n ))\n )))\n .name(\"example\")\n .build());\n\n var exampleDeployment = new Deployment(\"exampleDeployment\", DeploymentArgs.builder() \n .restApi(example.id())\n .triggers(Map.of(\"redeployment\", StdFunctions.sha1().applyValue(invoke -\u003e invoke.result())))\n .build());\n\n var exampleStage = new Stage(\"exampleStage\", StageArgs.builder() \n .deployment(exampleDeployment.id())\n .restApi(example.id())\n .stageName(\"example\")\n .build());\n\n var exampleMethodSettings = new MethodSettings(\"exampleMethodSettings\", MethodSettingsArgs.builder() \n .restApi(example.id())\n .stageName(exampleStage.stageName())\n .methodPath(\"*/*\")\n .settings(MethodSettingsSettingsArgs.builder()\n .metricsEnabled(true)\n .loggingLevel(\"INFO\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigateway:RestApi\n properties:\n body:\n fn::toJSON:\n openapi: 3.0.1\n info:\n title: example\n version: '1.0'\n paths:\n /path1:\n get:\n x-amazon-apigateway-integration:\n httpMethod: GET\n payloadFormatVersion: '1.0'\n type: HTTP_PROXY\n uri: https://ip-ranges.amazonaws.com/ip-ranges.json\n name: example\n exampleDeployment:\n type: aws:apigateway:Deployment\n name: example\n properties:\n restApi: ${example.id}\n triggers:\n redeployment:\n fn::invoke:\n Function: std:sha1\n Arguments:\n input:\n fn::toJSON: ${example.body}\n Return: result\n exampleStage:\n type: aws:apigateway:Stage\n name: example\n properties:\n deployment: ${exampleDeployment.id}\n restApi: ${example.id}\n stageName: example\n exampleMethodSettings:\n type: aws:apigateway:MethodSettings\n name: example\n properties:\n restApi: ${example.id}\n stageName: ${exampleStage.stageName}\n methodPath: '*/*'\n settings:\n metricsEnabled: true\n loggingLevel: INFO\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Managing the API Logging CloudWatch Log Group\n\nAPI Gateway provides the ability to [enable CloudWatch API logging](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html). To manage the CloudWatch Log Group when this feature is enabled, the `aws.cloudwatch.LogGroup` resource can be used where the name matches the API Gateway naming convention. If the CloudWatch Log Group previously exists, import the `aws.cloudwatch.LogGroup` resource into Pulumi as a one time operation. You can recreate the environment without import.\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst stageName = config.get(\"stageName\") || \"example\";\nconst example = new aws.apigateway.RestApi(\"example\", {});\nconst exampleStage = new aws.apigateway.Stage(\"example\", {stageName: stageName});\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {\n name: pulumi.interpolate`API-Gateway-Execution-Logs_${example.id}/${stageName}`,\n retentionInDays: 7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nstage_name = config.get(\"stageName\")\nif stage_name is None:\n stage_name = \"example\"\nexample = aws.apigateway.RestApi(\"example\")\nexample_stage = aws.apigateway.Stage(\"example\", stage_name=stage_name)\nexample_log_group = aws.cloudwatch.LogGroup(\"example\",\n name=example.id.apply(lambda id: f\"API-Gateway-Execution-Logs_{id}/{stage_name}\"),\n retention_in_days=7)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var stageName = config.Get(\"stageName\") ?? \"example\";\n var example = new Aws.ApiGateway.RestApi(\"example\");\n\n var exampleStage = new Aws.ApiGateway.Stage(\"example\", new()\n {\n StageName = stageName,\n });\n\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = example.Id.Apply(id =\u003e $\"API-Gateway-Execution-Logs_{id}/{stageName}\"),\n RetentionInDays = 7,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tstageName := \"example\"\n\t\tif param := cfg.Get(\"stageName\"); param != \"\" {\n\t\t\tstageName = param\n\t\t}\n\t\texample, err := apigateway.NewRestApi(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewStage(ctx, \"example\", \u0026apigateway.StageArgs{\n\t\t\tStageName: pulumi.String(stageName),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"API-Gateway-Execution-Logs_%v/%v\", id, stageName), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRetentionInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.Stage;\nimport com.pulumi.aws.apigateway.StageArgs;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var stageName = config.get(\"stageName\").orElse(\"example\");\n var example = new RestApi(\"example\");\n\n var exampleStage = new Stage(\"exampleStage\", StageArgs.builder() \n .stageName(stageName)\n .build());\n\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder() \n .name(example.id().applyValue(id -\u003e String.format(\"API-Gateway-Execution-Logs_%s/%s\", id,stageName)))\n .retentionInDays(7)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n stageName:\n type: string\n default: example\nresources:\n example:\n type: aws:apigateway:RestApi\n exampleStage:\n type: aws:apigateway:Stage\n name: example\n properties:\n stageName: ${stageName}\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: API-Gateway-Execution-Logs_${example.id}/${stageName}\n retentionInDays: 7 # ... potentially other configuration ...\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_stage` using `REST-API-ID/STAGE-NAME`. For example:\n\n```sh\n$ pulumi import aws:apigateway/stage:Stage example 12345abcde/example\n```\n", + "description": "Manages an API Gateway Stage. A stage is a named reference to a deployment, which can be done via the `aws.apigateway.Deployment` resource. Stages can be optionally managed further with the `aws.apigateway.BasePathMapping` resource, `aws.apigateway.DomainName` resource, and `aws_api_method_settings` resource. For more information, see the [API Gateway Developer Guide](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-stages.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.apigateway.RestApi(\"example\", {\n body: JSON.stringify({\n openapi: \"3.0.1\",\n info: {\n title: \"example\",\n version: \"1.0\",\n },\n paths: {\n \"/path1\": {\n get: {\n \"x-amazon-apigateway-integration\": {\n httpMethod: \"GET\",\n payloadFormatVersion: \"1.0\",\n type: \"HTTP_PROXY\",\n uri: \"https://ip-ranges.amazonaws.com/ip-ranges.json\",\n },\n },\n },\n },\n }),\n name: \"example\",\n});\nconst exampleDeployment = new aws.apigateway.Deployment(\"example\", {\n restApi: example.id,\n triggers: {\n redeployment: std.sha1Output({\n input: pulumi.jsonStringify(example.body),\n }).apply(invoke =\u003e invoke.result),\n },\n});\nconst exampleStage = new aws.apigateway.Stage(\"example\", {\n deployment: exampleDeployment.id,\n restApi: example.id,\n stageName: \"example\",\n});\nconst exampleMethodSettings = new aws.apigateway.MethodSettings(\"example\", {\n restApi: example.id,\n stageName: exampleStage.stageName,\n methodPath: \"*/*\",\n settings: {\n metricsEnabled: true,\n loggingLevel: \"INFO\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.apigateway.RestApi(\"example\",\n body=json.dumps({\n \"openapi\": \"3.0.1\",\n \"info\": {\n \"title\": \"example\",\n \"version\": \"1.0\",\n },\n \"paths\": {\n \"/path1\": {\n \"get\": {\n \"x-amazon-apigateway-integration\": {\n \"httpMethod\": \"GET\",\n \"payloadFormatVersion\": \"1.0\",\n \"type\": \"HTTP_PROXY\",\n \"uri\": \"https://ip-ranges.amazonaws.com/ip-ranges.json\",\n },\n },\n },\n },\n }),\n name=\"example\")\nexample_deployment = aws.apigateway.Deployment(\"example\",\n rest_api=example.id,\n triggers={\n \"redeployment\": std.sha1_output(input=pulumi.Output.json_dumps(example.body)).apply(lambda invoke: invoke.result),\n })\nexample_stage = aws.apigateway.Stage(\"example\",\n deployment=example_deployment.id,\n rest_api=example.id,\n stage_name=\"example\")\nexample_method_settings = aws.apigateway.MethodSettings(\"example\",\n rest_api=example.id,\n stage_name=example_stage.stage_name,\n method_path=\"*/*\",\n settings=aws.apigateway.MethodSettingsSettingsArgs(\n metrics_enabled=True,\n logging_level=\"INFO\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ApiGateway.RestApi(\"example\", new()\n {\n Body = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"openapi\"] = \"3.0.1\",\n [\"info\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"title\"] = \"example\",\n [\"version\"] = \"1.0\",\n },\n [\"paths\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"/path1\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"get\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"x-amazon-apigateway-integration\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"httpMethod\"] = \"GET\",\n [\"payloadFormatVersion\"] = \"1.0\",\n [\"type\"] = \"HTTP_PROXY\",\n [\"uri\"] = \"https://ip-ranges.amazonaws.com/ip-ranges.json\",\n },\n },\n },\n },\n }),\n Name = \"example\",\n });\n\n var exampleDeployment = new Aws.ApiGateway.Deployment(\"example\", new()\n {\n RestApi = example.Id,\n Triggers = \n {\n { \"redeployment\", Std.Sha1.Invoke(new()\n {\n Input = Output.JsonSerialize(Output.Create(example.Body)),\n }).Apply(invoke =\u003e invoke.Result) },\n },\n });\n\n var exampleStage = new Aws.ApiGateway.Stage(\"example\", new()\n {\n Deployment = exampleDeployment.Id,\n RestApi = example.Id,\n StageName = \"example\",\n });\n\n var exampleMethodSettings = new Aws.ApiGateway.MethodSettings(\"example\", new()\n {\n RestApi = example.Id,\n StageName = exampleStage.StageName,\n MethodPath = \"*/*\",\n Settings = new Aws.ApiGateway.Inputs.MethodSettingsSettingsArgs\n {\n MetricsEnabled = true,\n LoggingLevel = \"INFO\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"openapi\": \"3.0.1\",\n\t\t\t\"info\": map[string]interface{}{\n\t\t\t\t\"title\": \"example\",\n\t\t\t\t\"version\": \"1.0\",\n\t\t\t},\n\t\t\t\"paths\": map[string]interface{}{\n\t\t\t\t\"/path1\": map[string]interface{}{\n\t\t\t\t\t\"get\": map[string]interface{}{\n\t\t\t\t\t\t\"x-amazon-apigateway-integration\": map[string]interface{}{\n\t\t\t\t\t\t\t\"httpMethod\": \"GET\",\n\t\t\t\t\t\t\t\"payloadFormatVersion\": \"1.0\",\n\t\t\t\t\t\t\t\"type\": \"HTTP_PROXY\",\n\t\t\t\t\t\t\t\"uri\": \"https://ip-ranges.amazonaws.com/ip-ranges.json\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := apigateway.NewRestApi(ctx, \"example\", \u0026apigateway.RestApiArgs{\n\t\t\tBody: pulumi.String(json0),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDeployment, err := apigateway.NewDeployment(ctx, \"example\", \u0026apigateway.DeploymentArgs{\n\t\t\tRestApi: example.ID(),\n\t\t\tTriggers: pulumi.StringMap{\n\t\t\t\t\"redeployment\": std.Sha1Output(ctx, std.Sha1OutputArgs{\n\t\t\t\t\tInput: example.Body.ApplyT(func(body *string) (pulumi.String, error) {\n\t\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\t\ttmpJSON1, err := json.Marshal(body)\n\t\t\t\t\t\tif err != nil {\n\t\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t\t}\n\t\t\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t}, nil).ApplyT(func(invoke std.Sha1Result) (*string, error) {\n\t\t\t\t\treturn invoke.Result, nil\n\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleStage, err := apigateway.NewStage(ctx, \"example\", \u0026apigateway.StageArgs{\n\t\t\tDeployment: exampleDeployment.ID(),\n\t\t\tRestApi: example.ID(),\n\t\t\tStageName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewMethodSettings(ctx, \"example\", \u0026apigateway.MethodSettingsArgs{\n\t\t\tRestApi: example.ID(),\n\t\t\tStageName: exampleStage.StageName,\n\t\t\tMethodPath: pulumi.String(\"*/*\"),\n\t\t\tSettings: \u0026apigateway.MethodSettingsSettingsArgs{\n\t\t\t\tMetricsEnabled: pulumi.Bool(true),\n\t\t\t\tLoggingLevel: pulumi.String(\"INFO\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.apigateway.Deployment;\nimport com.pulumi.aws.apigateway.DeploymentArgs;\nimport com.pulumi.aws.apigateway.Stage;\nimport com.pulumi.aws.apigateway.StageArgs;\nimport com.pulumi.aws.apigateway.MethodSettings;\nimport com.pulumi.aws.apigateway.MethodSettingsArgs;\nimport com.pulumi.aws.apigateway.inputs.MethodSettingsSettingsArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new RestApi(\"example\", RestApiArgs.builder() \n .body(serializeJson(\n jsonObject(\n jsonProperty(\"openapi\", \"3.0.1\"),\n jsonProperty(\"info\", jsonObject(\n jsonProperty(\"title\", \"example\"),\n jsonProperty(\"version\", \"1.0\")\n )),\n jsonProperty(\"paths\", jsonObject(\n jsonProperty(\"/path1\", jsonObject(\n jsonProperty(\"get\", jsonObject(\n jsonProperty(\"x-amazon-apigateway-integration\", jsonObject(\n jsonProperty(\"httpMethod\", \"GET\"),\n jsonProperty(\"payloadFormatVersion\", \"1.0\"),\n jsonProperty(\"type\", \"HTTP_PROXY\"),\n jsonProperty(\"uri\", \"https://ip-ranges.amazonaws.com/ip-ranges.json\")\n ))\n ))\n ))\n ))\n )))\n .name(\"example\")\n .build());\n\n var exampleDeployment = new Deployment(\"exampleDeployment\", DeploymentArgs.builder() \n .restApi(example.id())\n .triggers(Map.of(\"redeployment\", StdFunctions.sha1().applyValue(invoke -\u003e invoke.result())))\n .build());\n\n var exampleStage = new Stage(\"exampleStage\", StageArgs.builder() \n .deployment(exampleDeployment.id())\n .restApi(example.id())\n .stageName(\"example\")\n .build());\n\n var exampleMethodSettings = new MethodSettings(\"exampleMethodSettings\", MethodSettingsArgs.builder() \n .restApi(example.id())\n .stageName(exampleStage.stageName())\n .methodPath(\"*/*\")\n .settings(MethodSettingsSettingsArgs.builder()\n .metricsEnabled(true)\n .loggingLevel(\"INFO\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:apigateway:RestApi\n properties:\n body:\n fn::toJSON:\n openapi: 3.0.1\n info:\n title: example\n version: '1.0'\n paths:\n /path1:\n get:\n x-amazon-apigateway-integration:\n httpMethod: GET\n payloadFormatVersion: '1.0'\n type: HTTP_PROXY\n uri: https://ip-ranges.amazonaws.com/ip-ranges.json\n name: example\n exampleDeployment:\n type: aws:apigateway:Deployment\n name: example\n properties:\n restApi: ${example.id}\n triggers:\n redeployment:\n fn::invoke:\n Function: std:sha1\n Arguments:\n input:\n fn::toJSON: ${example.body}\n Return: result\n exampleStage:\n type: aws:apigateway:Stage\n name: example\n properties:\n deployment: ${exampleDeployment.id}\n restApi: ${example.id}\n stageName: example\n exampleMethodSettings:\n type: aws:apigateway:MethodSettings\n name: example\n properties:\n restApi: ${example.id}\n stageName: ${exampleStage.stageName}\n methodPath: '*/*'\n settings:\n metricsEnabled: true\n loggingLevel: INFO\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Managing the API Logging CloudWatch Log Group\n\nAPI Gateway provides the ability to [enable CloudWatch API logging](https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html). To manage the CloudWatch Log Group when this feature is enabled, the `aws.cloudwatch.LogGroup` resource can be used where the name matches the API Gateway naming convention. If the CloudWatch Log Group previously exists, import the `aws.cloudwatch.LogGroup` resource into Pulumi as a one time operation. You can recreate the environment without import.\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst stageName = config.get(\"stageName\") || \"example\";\nconst example = new aws.apigateway.RestApi(\"example\", {});\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {\n name: pulumi.interpolate`API-Gateway-Execution-Logs_${example.id}/${stageName}`,\n retentionInDays: 7,\n});\nconst exampleStage = new aws.apigateway.Stage(\"example\", {stageName: stageName}, {\n dependsOn: [exampleLogGroup],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nstage_name = config.get(\"stageName\")\nif stage_name is None:\n stage_name = \"example\"\nexample = aws.apigateway.RestApi(\"example\")\nexample_log_group = aws.cloudwatch.LogGroup(\"example\",\n name=example.id.apply(lambda id: f\"API-Gateway-Execution-Logs_{id}/{stage_name}\"),\n retention_in_days=7)\nexample_stage = aws.apigateway.Stage(\"example\", stage_name=stage_name,\nopts=pulumi.ResourceOptions(depends_on=[example_log_group]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var stageName = config.Get(\"stageName\") ?? \"example\";\n var example = new Aws.ApiGateway.RestApi(\"example\");\n\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = example.Id.Apply(id =\u003e $\"API-Gateway-Execution-Logs_{id}/{stageName}\"),\n RetentionInDays = 7,\n });\n\n var exampleStage = new Aws.ApiGateway.Stage(\"example\", new()\n {\n StageName = stageName,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleLogGroup, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tstageName := \"example\"\n\t\tif param := cfg.Get(\"stageName\"); param != \"\" {\n\t\t\tstageName = param\n\t\t}\n\t\texample, err := apigateway.NewRestApi(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"API-Gateway-Execution-Logs_%v/%v\", id, stageName), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRetentionInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = apigateway.NewStage(ctx, \"example\", \u0026apigateway.StageArgs{\n\t\t\tStageName: pulumi.String(stageName),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleLogGroup,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.apigateway.Stage;\nimport com.pulumi.aws.apigateway.StageArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var stageName = config.get(\"stageName\").orElse(\"example\");\n var example = new RestApi(\"example\");\n\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder() \n .name(example.id().applyValue(id -\u003e String.format(\"API-Gateway-Execution-Logs_%s/%s\", id,stageName)))\n .retentionInDays(7)\n .build());\n\n var exampleStage = new Stage(\"exampleStage\", StageArgs.builder() \n .stageName(stageName)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleLogGroup)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n stageName:\n type: string\n default: example\nresources:\n example:\n type: aws:apigateway:RestApi\n exampleStage:\n type: aws:apigateway:Stage\n name: example\n properties:\n stageName: ${stageName}\n options:\n dependson:\n - ${exampleLogGroup}\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: API-Gateway-Execution-Logs_${example.id}/${stageName}\n retentionInDays: 7 # ... potentially other configuration ...\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_api_gateway_stage` using `REST-API-ID/STAGE-NAME`. For example:\n\n```sh\n$ pulumi import aws:apigateway/stage:Stage example 12345abcde/example\n```\n", "properties": { "accessLogSettings": { "$ref": "#/types/aws:apigateway/StageAccessLogSettings:StageAccessLogSettings", @@ -165795,7 +165795,7 @@ } }, "aws:appflow/connectorProfile:ConnectorProfile": { - "description": "Provides an AppFlow connector profile resource.\n\nFor information about AppFlow flows, see the [Amazon AppFlow API Reference](https://docs.aws.amazon.com/appflow/1.0/APIReference/Welcome.html).\nFor specific information about creating an AppFlow connector profile, see the\n[CreateConnectorProfile](https://docs.aws.amazon.com/appflow/1.0/APIReference/API_CreateConnectorProfile.html) page in the Amazon AppFlow API Reference.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicy({\n name: \"AmazonRedshiftAllCommandsFullAccess\",\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example_role\",\n managedPolicyArns: [test.arn],\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example_bucket\"});\nconst exampleCluster = new aws.redshift.Cluster(\"example\", {\n clusterIdentifier: \"example_cluster\",\n databaseName: \"example_db\",\n masterUsername: \"exampleuser\",\n masterPassword: \"examplePassword123!\",\n nodeType: \"dc1.large\",\n clusterType: \"single-node\",\n});\nconst exampleConnectorProfile = new aws.appflow.ConnectorProfile(\"example\", {\n name: \"example_profile\",\n connectorType: \"Redshift\",\n connectionMode: \"Public\",\n connectorProfileConfig: {\n connectorProfileCredentials: {\n redshift: {\n password: exampleCluster.masterPassword,\n username: exampleCluster.masterUsername,\n },\n },\n connectorProfileProperties: {\n redshift: {\n bucketName: exampleBucketV2.name,\n databaseUrl: pulumi.interpolate`jdbc:redshift://${exampleCluster.endpoint}/${exampleCluster.databaseName}`,\n roleArn: exampleRole.arn,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy(name=\"AmazonRedshiftAllCommandsFullAccess\")\nexample_role = aws.iam.Role(\"example\",\n name=\"example_role\",\n managed_policy_arns=[test[\"arn\"]],\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"ec2.amazonaws.com\",\n },\n }],\n }))\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example_bucket\")\nexample_cluster = aws.redshift.Cluster(\"example\",\n cluster_identifier=\"example_cluster\",\n database_name=\"example_db\",\n master_username=\"exampleuser\",\n master_password=\"examplePassword123!\",\n node_type=\"dc1.large\",\n cluster_type=\"single-node\")\nexample_connector_profile = aws.appflow.ConnectorProfile(\"example\",\n name=\"example_profile\",\n connector_type=\"Redshift\",\n connection_mode=\"Public\",\n connector_profile_config=aws.appflow.ConnectorProfileConnectorProfileConfigArgs(\n connector_profile_credentials=aws.appflow.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs(\n redshift=aws.appflow.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs(\n password=example_cluster.master_password,\n username=example_cluster.master_username,\n ),\n ),\n connector_profile_properties=aws.appflow.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs(\n redshift=aws.appflow.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs(\n bucket_name=example_bucket_v2.name,\n database_url=pulumi.Output.all(example_cluster.endpoint, example_cluster.database_name).apply(lambda endpoint, database_name: f\"jdbc:redshift://{endpoint}/{database_name}\"),\n role_arn=example_role.arn,\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicy.Invoke(new()\n {\n Name = \"AmazonRedshiftAllCommandsFullAccess\",\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example_role\",\n ManagedPolicyArns = new[]\n {\n test.Arn,\n },\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example_bucket\",\n });\n\n var exampleCluster = new Aws.RedShift.Cluster(\"example\", new()\n {\n ClusterIdentifier = \"example_cluster\",\n DatabaseName = \"example_db\",\n MasterUsername = \"exampleuser\",\n MasterPassword = \"examplePassword123!\",\n NodeType = \"dc1.large\",\n ClusterType = \"single-node\",\n });\n\n var exampleConnectorProfile = new Aws.AppFlow.ConnectorProfile(\"example\", new()\n {\n Name = \"example_profile\",\n ConnectorType = \"Redshift\",\n ConnectionMode = \"Public\",\n ConnectorProfileConfig = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigArgs\n {\n ConnectorProfileCredentials = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs\n {\n Redshift = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs\n {\n Password = exampleCluster.MasterPassword,\n Username = exampleCluster.MasterUsername,\n },\n },\n ConnectorProfileProperties = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs\n {\n Redshift = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs\n {\n BucketName = exampleBucketV2.Name,\n DatabaseUrl = Output.Tuple(exampleCluster.Endpoint, exampleCluster.DatabaseName).Apply(values =\u003e\n {\n var endpoint = values.Item1;\n var databaseName = values.Item2;\n return $\"jdbc:redshift://{endpoint}/{databaseName}\";\n }),\n RoleArn = exampleRole.Arn,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appflow\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupPolicy(ctx, \u0026iam.LookupPolicyArgs{\n\t\t\tName: pulumi.StringRef(\"AmazonRedshiftAllCommandsFullAccess\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example_role\"),\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t},\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example_bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCluster, err := redshift.NewCluster(ctx, \"example\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"example_cluster\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t\tMasterUsername: pulumi.String(\"exampleuser\"),\n\t\t\tMasterPassword: pulumi.String(\"examplePassword123!\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appflow.NewConnectorProfile(ctx, \"example\", \u0026appflow.ConnectorProfileArgs{\n\t\t\tName: pulumi.String(\"example_profile\"),\n\t\t\tConnectorType: pulumi.String(\"Redshift\"),\n\t\t\tConnectionMode: pulumi.String(\"Public\"),\n\t\t\tConnectorProfileConfig: \u0026appflow.ConnectorProfileConnectorProfileConfigArgs{\n\t\t\t\tConnectorProfileCredentials: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs{\n\t\t\t\t\tRedshift: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs{\n\t\t\t\t\t\tPassword: exampleCluster.MasterPassword,\n\t\t\t\t\t\tUsername: exampleCluster.MasterUsername,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tConnectorProfileProperties: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs{\n\t\t\t\t\tRedshift: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs{\n\t\t\t\t\t\tBucketName: exampleBucketV2.Name,\n\t\t\t\t\t\tDatabaseUrl: pulumi.All(exampleCluster.Endpoint, exampleCluster.DatabaseName).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\t\t\tendpoint := _args[0].(string)\n\t\t\t\t\t\t\tdatabaseName := _args[1].(string)\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"jdbc:redshift://%v/%v\", endpoint, databaseName), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\tRoleArn: exampleRole.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport com.pulumi.aws.appflow.ConnectorProfile;\nimport com.pulumi.aws.appflow.ConnectorProfileArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicy(GetPolicyArgs.builder()\n .name(\"AmazonRedshiftAllCommandsFullAccess\")\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"example_role\")\n .managedPolicyArns(test.arn())\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example_bucket\")\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder() \n .clusterIdentifier(\"example_cluster\")\n .databaseName(\"example_db\")\n .masterUsername(\"exampleuser\")\n .masterPassword(\"examplePassword123!\")\n .nodeType(\"dc1.large\")\n .clusterType(\"single-node\")\n .build());\n\n var exampleConnectorProfile = new ConnectorProfile(\"exampleConnectorProfile\", ConnectorProfileArgs.builder() \n .name(\"example_profile\")\n .connectorType(\"Redshift\")\n .connectionMode(\"Public\")\n .connectorProfileConfig(ConnectorProfileConnectorProfileConfigArgs.builder()\n .connectorProfileCredentials(ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs.builder()\n .redshift(ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs.builder()\n .password(exampleCluster.masterPassword())\n .username(exampleCluster.masterUsername())\n .build())\n .build())\n .connectorProfileProperties(ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs.builder()\n .redshift(ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs.builder()\n .bucketName(exampleBucketV2.name())\n .databaseUrl(Output.tuple(exampleCluster.endpoint(), exampleCluster.databaseName()).applyValue(values -\u003e {\n var endpoint = values.t1;\n var databaseName = values.t2;\n return String.format(\"jdbc:redshift://%s/%s\", endpoint,databaseName);\n }))\n .roleArn(exampleRole.arn())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example_role\n managedPolicyArns:\n - ${test.arn}\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: ec2.amazonaws.com\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example_bucket\n exampleCluster:\n type: aws:redshift:Cluster\n name: example\n properties:\n clusterIdentifier: example_cluster\n databaseName: example_db\n masterUsername: exampleuser\n masterPassword: examplePassword123!\n nodeType: dc1.large\n clusterType: single-node\n exampleConnectorProfile:\n type: aws:appflow:ConnectorProfile\n name: example\n properties:\n name: example_profile\n connectorType: Redshift\n connectionMode: Public\n connectorProfileConfig:\n connectorProfileCredentials:\n redshift:\n password: ${exampleCluster.masterPassword}\n username: ${exampleCluster.masterUsername}\n connectorProfileProperties:\n redshift:\n bucketName: ${exampleBucketV2.name}\n databaseUrl: jdbc:redshift://${exampleCluster.endpoint}/${exampleCluster.databaseName}\n roleArn: ${exampleRole.arn}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicy\n Arguments:\n name: AmazonRedshiftAllCommandsFullAccess\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppFlow Connector Profile using the connector profile `arn`. For example:\n\n```sh\n$ pulumi import aws:appflow/connectorProfile:ConnectorProfile profile arn:aws:appflow:us-west-2:123456789012:connectorprofile/example-profile\n```\n", + "description": "Provides an AppFlow connector profile resource.\n\nFor information about AppFlow flows, see the [Amazon AppFlow API Reference](https://docs.aws.amazon.com/appflow/1.0/APIReference/Welcome.html).\nFor specific information about creating an AppFlow connector profile, see the\n[CreateConnectorProfile](https://docs.aws.amazon.com/appflow/1.0/APIReference/API_CreateConnectorProfile.html) page in the Amazon AppFlow API Reference.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicy({\n name: \"AmazonRedshiftAllCommandsFullAccess\",\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example_role\",\n managedPolicyArns: [test.arn],\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example_bucket\"});\nconst exampleCluster = new aws.redshift.Cluster(\"example\", {\n clusterIdentifier: \"example_cluster\",\n databaseName: \"example_db\",\n masterUsername: \"exampleuser\",\n masterPassword: \"examplePassword123!\",\n nodeType: \"dc1.large\",\n clusterType: \"single-node\",\n});\nconst exampleConnectorProfile = new aws.appflow.ConnectorProfile(\"example\", {\n name: \"example_profile\",\n connectorType: \"Redshift\",\n connectionMode: \"Public\",\n connectorProfileConfig: {\n connectorProfileCredentials: {\n redshift: {\n password: exampleCluster.masterPassword,\n username: exampleCluster.masterUsername,\n },\n },\n connectorProfileProperties: {\n redshift: {\n bucketName: exampleBucketV2.name,\n databaseUrl: pulumi.interpolate`jdbc:redshift://${exampleCluster.endpoint}/${exampleCluster.databaseName}`,\n roleArn: exampleRole.arn,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy(name=\"AmazonRedshiftAllCommandsFullAccess\")\nexample_role = aws.iam.Role(\"example\",\n name=\"example_role\",\n managed_policy_arns=[test[\"arn\"]],\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n }))\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example_bucket\")\nexample_cluster = aws.redshift.Cluster(\"example\",\n cluster_identifier=\"example_cluster\",\n database_name=\"example_db\",\n master_username=\"exampleuser\",\n master_password=\"examplePassword123!\",\n node_type=\"dc1.large\",\n cluster_type=\"single-node\")\nexample_connector_profile = aws.appflow.ConnectorProfile(\"example\",\n name=\"example_profile\",\n connector_type=\"Redshift\",\n connection_mode=\"Public\",\n connector_profile_config=aws.appflow.ConnectorProfileConnectorProfileConfigArgs(\n connector_profile_credentials=aws.appflow.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs(\n redshift=aws.appflow.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs(\n password=example_cluster.master_password,\n username=example_cluster.master_username,\n ),\n ),\n connector_profile_properties=aws.appflow.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs(\n redshift=aws.appflow.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs(\n bucket_name=example_bucket_v2.name,\n database_url=pulumi.Output.all(example_cluster.endpoint, example_cluster.database_name).apply(lambda endpoint, database_name: f\"jdbc:redshift://{endpoint}/{database_name}\"),\n role_arn=example_role.arn,\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicy.Invoke(new()\n {\n Name = \"AmazonRedshiftAllCommandsFullAccess\",\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example_role\",\n ManagedPolicyArns = new[]\n {\n test.Arn,\n },\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example_bucket\",\n });\n\n var exampleCluster = new Aws.RedShift.Cluster(\"example\", new()\n {\n ClusterIdentifier = \"example_cluster\",\n DatabaseName = \"example_db\",\n MasterUsername = \"exampleuser\",\n MasterPassword = \"examplePassword123!\",\n NodeType = \"dc1.large\",\n ClusterType = \"single-node\",\n });\n\n var exampleConnectorProfile = new Aws.AppFlow.ConnectorProfile(\"example\", new()\n {\n Name = \"example_profile\",\n ConnectorType = \"Redshift\",\n ConnectionMode = \"Public\",\n ConnectorProfileConfig = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigArgs\n {\n ConnectorProfileCredentials = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs\n {\n Redshift = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs\n {\n Password = exampleCluster.MasterPassword,\n Username = exampleCluster.MasterUsername,\n },\n },\n ConnectorProfileProperties = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs\n {\n Redshift = new Aws.AppFlow.Inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs\n {\n BucketName = exampleBucketV2.Name,\n DatabaseUrl = Output.Tuple(exampleCluster.Endpoint, exampleCluster.DatabaseName).Apply(values =\u003e\n {\n var endpoint = values.Item1;\n var databaseName = values.Item2;\n return $\"jdbc:redshift://{endpoint}/{databaseName}\";\n }),\n RoleArn = exampleRole.Arn,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/appflow\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.LookupPolicy(ctx, \u0026iam.LookupPolicyArgs{\n\t\t\tName: pulumi.StringRef(\"AmazonRedshiftAllCommandsFullAccess\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example_role\"),\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t},\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example_bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCluster, err := redshift.NewCluster(ctx, \"example\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"example_cluster\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t\tMasterUsername: pulumi.String(\"exampleuser\"),\n\t\t\tMasterPassword: pulumi.String(\"examplePassword123!\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appflow.NewConnectorProfile(ctx, \"example\", \u0026appflow.ConnectorProfileArgs{\n\t\t\tName: pulumi.String(\"example_profile\"),\n\t\t\tConnectorType: pulumi.String(\"Redshift\"),\n\t\t\tConnectionMode: pulumi.String(\"Public\"),\n\t\t\tConnectorProfileConfig: \u0026appflow.ConnectorProfileConnectorProfileConfigArgs{\n\t\t\t\tConnectorProfileCredentials: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs{\n\t\t\t\t\tRedshift: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs{\n\t\t\t\t\t\tPassword: exampleCluster.MasterPassword,\n\t\t\t\t\t\tUsername: exampleCluster.MasterUsername,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tConnectorProfileProperties: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs{\n\t\t\t\t\tRedshift: \u0026appflow.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs{\n\t\t\t\t\t\tBucketName: exampleBucketV2.Name,\n\t\t\t\t\t\tDatabaseUrl: pulumi.All(exampleCluster.Endpoint, exampleCluster.DatabaseName).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\t\t\tendpoint := _args[0].(string)\n\t\t\t\t\t\t\tdatabaseName := _args[1].(string)\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"jdbc:redshift://%v/%v\", endpoint, databaseName), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\tRoleArn: exampleRole.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport com.pulumi.aws.appflow.ConnectorProfile;\nimport com.pulumi.aws.appflow.ConnectorProfileArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs;\nimport com.pulumi.aws.appflow.inputs.ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicy(GetPolicyArgs.builder()\n .name(\"AmazonRedshiftAllCommandsFullAccess\")\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"example_role\")\n .managedPolicyArns(test.arn())\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example_bucket\")\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder() \n .clusterIdentifier(\"example_cluster\")\n .databaseName(\"example_db\")\n .masterUsername(\"exampleuser\")\n .masterPassword(\"examplePassword123!\")\n .nodeType(\"dc1.large\")\n .clusterType(\"single-node\")\n .build());\n\n var exampleConnectorProfile = new ConnectorProfile(\"exampleConnectorProfile\", ConnectorProfileArgs.builder() \n .name(\"example_profile\")\n .connectorType(\"Redshift\")\n .connectionMode(\"Public\")\n .connectorProfileConfig(ConnectorProfileConnectorProfileConfigArgs.builder()\n .connectorProfileCredentials(ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsArgs.builder()\n .redshift(ConnectorProfileConnectorProfileConfigConnectorProfileCredentialsRedshiftArgs.builder()\n .password(exampleCluster.masterPassword())\n .username(exampleCluster.masterUsername())\n .build())\n .build())\n .connectorProfileProperties(ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesArgs.builder()\n .redshift(ConnectorProfileConnectorProfileConfigConnectorProfilePropertiesRedshiftArgs.builder()\n .bucketName(exampleBucketV2.name())\n .databaseUrl(Output.tuple(exampleCluster.endpoint(), exampleCluster.databaseName()).applyValue(values -\u003e {\n var endpoint = values.t1;\n var databaseName = values.t2;\n return String.format(\"jdbc:redshift://%s/%s\", endpoint,databaseName);\n }))\n .roleArn(exampleRole.arn())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example_role\n managedPolicyArns:\n - ${test.arn}\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: ec2.amazonaws.com\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example_bucket\n exampleCluster:\n type: aws:redshift:Cluster\n name: example\n properties:\n clusterIdentifier: example_cluster\n databaseName: example_db\n masterUsername: exampleuser\n masterPassword: examplePassword123!\n nodeType: dc1.large\n clusterType: single-node\n exampleConnectorProfile:\n type: aws:appflow:ConnectorProfile\n name: example\n properties:\n name: example_profile\n connectorType: Redshift\n connectionMode: Public\n connectorProfileConfig:\n connectorProfileCredentials:\n redshift:\n password: ${exampleCluster.masterPassword}\n username: ${exampleCluster.masterUsername}\n connectorProfileProperties:\n redshift:\n bucketName: ${exampleBucketV2.name}\n databaseUrl: jdbc:redshift://${exampleCluster.endpoint}/${exampleCluster.databaseName}\n roleArn: ${exampleRole.arn}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicy\n Arguments:\n name: AmazonRedshiftAllCommandsFullAccess\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AppFlow Connector Profile using the connector profile `arn`. For example:\n\n```sh\n$ pulumi import aws:appflow/connectorProfile:ConnectorProfile profile arn:aws:appflow:us-west-2:123456789012:connectorprofile/example-profile\n```\n", "properties": { "arn": { "type": "string", @@ -166241,7 +166241,7 @@ } }, "aws:applicationinsights/application:Application": { - "description": "Provides a ApplicationInsights Application resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGroup = new aws.resourcegroups.Group(\"example\", {\n name: \"example\",\n resourceQuery: {\n query: JSON.stringify({\n resourceTypeFilters: [\"AWS::EC2::Instance\"],\n tagFilters: [{\n key: \"Stage\",\n values: [\"Test\"],\n }],\n }),\n },\n});\nconst example = new aws.applicationinsights.Application(\"example\", {resourceGroupName: exampleGroup.name});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample_group = aws.resourcegroups.Group(\"example\",\n name=\"example\",\n resource_query=aws.resourcegroups.GroupResourceQueryArgs(\n query=json.dumps({\n \"resourceTypeFilters\": [\"AWS::EC2::Instance\"],\n \"tagFilters\": [{\n \"key\": \"Stage\",\n \"values\": [\"Test\"],\n }],\n }),\n ))\nexample = aws.applicationinsights.Application(\"example\", resource_group_name=example_group.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new Aws.ResourceGroups.Group(\"example\", new()\n {\n Name = \"example\",\n ResourceQuery = new Aws.ResourceGroups.Inputs.GroupResourceQueryArgs\n {\n Query = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceTypeFilters\"] = new[]\n {\n \"AWS::EC2::Instance\",\n },\n [\"tagFilters\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"key\"] = \"Stage\",\n [\"values\"] = new[]\n {\n \"Test\",\n },\n },\n },\n }),\n },\n });\n\n var example = new Aws.ApplicationInsights.Application(\"example\", new()\n {\n ResourceGroupName = exampleGroup.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/applicationinsights\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourcegroups\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"resourceTypeFilters\": []string{\n\t\t\t\t\"AWS::EC2::Instance\",\n\t\t\t},\n\t\t\t\"tagFilters\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"key\": \"Stage\",\n\t\t\t\t\t\"values\": []string{\n\t\t\t\t\t\t\"Test\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleGroup, err := resourcegroups.NewGroup(ctx, \"example\", \u0026resourcegroups.GroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tResourceQuery: \u0026resourcegroups.GroupResourceQueryArgs{\n\t\t\t\tQuery: pulumi.String(json0),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = applicationinsights.NewApplication(ctx, \"example\", \u0026applicationinsights.ApplicationArgs{\n\t\t\tResourceGroupName: exampleGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourcegroups.Group;\nimport com.pulumi.aws.resourcegroups.GroupArgs;\nimport com.pulumi.aws.resourcegroups.inputs.GroupResourceQueryArgs;\nimport com.pulumi.aws.applicationinsights.Application;\nimport com.pulumi.aws.applicationinsights.ApplicationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .name(\"example\")\n .resourceQuery(GroupResourceQueryArgs.builder()\n .query(serializeJson(\n jsonObject(\n jsonProperty(\"resourceTypeFilters\", jsonArray(\"AWS::EC2::Instance\")),\n jsonProperty(\"tagFilters\", jsonArray(jsonObject(\n jsonProperty(\"key\", \"Stage\"),\n jsonProperty(\"values\", jsonArray(\"Test\"))\n )))\n )))\n .build())\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder() \n .resourceGroupName(exampleGroup.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:applicationinsights:Application\n properties:\n resourceGroupName: ${exampleGroup.name}\n exampleGroup:\n type: aws:resourcegroups:Group\n name: example\n properties:\n name: example\n resourceQuery:\n query:\n fn::toJSON:\n resourceTypeFilters:\n - AWS::EC2::Instance\n tagFilters:\n - key: Stage\n values:\n - Test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ApplicationInsights Applications using the `resource_group_name`. For example:\n\n```sh\n$ pulumi import aws:applicationinsights/application:Application some some-application\n```\n", + "description": "Provides a ApplicationInsights Application resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleGroup = new aws.resourcegroups.Group(\"example\", {\n name: \"example\",\n resourceQuery: {\n query: JSON.stringify({\n ResourceTypeFilters: [\"AWS::EC2::Instance\"],\n TagFilters: [{\n Key: \"Stage\",\n Values: [\"Test\"],\n }],\n }),\n },\n});\nconst example = new aws.applicationinsights.Application(\"example\", {resourceGroupName: exampleGroup.name});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample_group = aws.resourcegroups.Group(\"example\",\n name=\"example\",\n resource_query=aws.resourcegroups.GroupResourceQueryArgs(\n query=json.dumps({\n \"ResourceTypeFilters\": [\"AWS::EC2::Instance\"],\n \"TagFilters\": [{\n \"Key\": \"Stage\",\n \"Values\": [\"Test\"],\n }],\n }),\n ))\nexample = aws.applicationinsights.Application(\"example\", resource_group_name=example_group.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleGroup = new Aws.ResourceGroups.Group(\"example\", new()\n {\n Name = \"example\",\n ResourceQuery = new Aws.ResourceGroups.Inputs.GroupResourceQueryArgs\n {\n Query = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceTypeFilters\"] = new[]\n {\n \"AWS::EC2::Instance\",\n },\n [\"TagFilters\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Key\"] = \"Stage\",\n [\"Values\"] = new[]\n {\n \"Test\",\n },\n },\n },\n }),\n },\n });\n\n var example = new Aws.ApplicationInsights.Application(\"example\", new()\n {\n ResourceGroupName = exampleGroup.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/applicationinsights\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourcegroups\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"ResourceTypeFilters\": []string{\n\t\t\t\t\"AWS::EC2::Instance\",\n\t\t\t},\n\t\t\t\"TagFilters\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Key\": \"Stage\",\n\t\t\t\t\t\"Values\": []string{\n\t\t\t\t\t\t\"Test\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleGroup, err := resourcegroups.NewGroup(ctx, \"example\", \u0026resourcegroups.GroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tResourceQuery: \u0026resourcegroups.GroupResourceQueryArgs{\n\t\t\t\tQuery: pulumi.String(json0),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = applicationinsights.NewApplication(ctx, \"example\", \u0026applicationinsights.ApplicationArgs{\n\t\t\tResourceGroupName: exampleGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourcegroups.Group;\nimport com.pulumi.aws.resourcegroups.GroupArgs;\nimport com.pulumi.aws.resourcegroups.inputs.GroupResourceQueryArgs;\nimport com.pulumi.aws.applicationinsights.Application;\nimport com.pulumi.aws.applicationinsights.ApplicationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleGroup = new Group(\"exampleGroup\", GroupArgs.builder() \n .name(\"example\")\n .resourceQuery(GroupResourceQueryArgs.builder()\n .query(serializeJson(\n jsonObject(\n jsonProperty(\"ResourceTypeFilters\", jsonArray(\"AWS::EC2::Instance\")),\n jsonProperty(\"TagFilters\", jsonArray(jsonObject(\n jsonProperty(\"Key\", \"Stage\"),\n jsonProperty(\"Values\", jsonArray(\"Test\"))\n )))\n )))\n .build())\n .build());\n\n var example = new Application(\"example\", ApplicationArgs.builder() \n .resourceGroupName(exampleGroup.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:applicationinsights:Application\n properties:\n resourceGroupName: ${exampleGroup.name}\n exampleGroup:\n type: aws:resourcegroups:Group\n name: example\n properties:\n name: example\n resourceQuery:\n query:\n fn::toJSON:\n ResourceTypeFilters:\n - AWS::EC2::Instance\n TagFilters:\n - Key: Stage\n Values:\n - Test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ApplicationInsights Applications using the `resource_group_name`. For example:\n\n```sh\n$ pulumi import aws:applicationinsights/application:Application some some-application\n```\n", "properties": { "arn": { "type": "string", @@ -174691,7 +174691,7 @@ } }, "aws:batch/computeEnvironment:ComputeEnvironment": { - "description": "Creates a AWS Batch compute environment. Compute environments contain the Amazon ECS container instances that are used to run containerized batch jobs.\n\nFor information about AWS Batch, see [What is AWS Batch?](http://docs.aws.amazon.com/batch/latest/userguide/what-is-batch.html) .\nFor information about compute environment, see [Compute Environments](http://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) .\n\n\u003e **Note:** To prevent a race condition during environment deletion, make sure to set `depends_on` to the related `aws.iam.RolePolicyAttachment`;\notherwise, the policy may be destroyed too soon and the compute environment will then get stuck in the `DELETING` state, see [Troubleshooting AWS Batch](http://docs.aws.amazon.com/batch/latest/userguide/troubleshooting.html) .\n\n## Example Usage\n\n### EC2 Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec2AssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ec2.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst ecsInstanceRole = new aws.iam.Role(\"ecs_instance_role\", {\n name: \"ecs_instance_role\",\n assumeRolePolicy: ec2AssumeRole.then(ec2AssumeRole =\u003e ec2AssumeRole.json),\n});\nconst ecsInstanceRoleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"ecs_instance_role\", {\n role: ecsInstanceRole.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\",\n});\nconst ecsInstanceRoleInstanceProfile = new aws.iam.InstanceProfile(\"ecs_instance_role\", {\n name: \"ecs_instance_role\",\n role: ecsInstanceRole.name,\n});\nconst batchAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"batch.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst awsBatchServiceRole = new aws.iam.Role(\"aws_batch_service_role\", {\n name: \"aws_batch_service_role\",\n assumeRolePolicy: batchAssumeRole.then(batchAssumeRole =\u003e batchAssumeRole.json),\n});\nconst awsBatchServiceRoleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"aws_batch_service_role\", {\n role: awsBatchServiceRole.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\",\n});\nconst sample = new aws.ec2.SecurityGroup(\"sample\", {\n name: \"aws_batch_compute_environment_security_group\",\n egress: [{\n fromPort: 0,\n toPort: 0,\n protocol: \"-1\",\n cidrBlocks: [\"0.0.0.0/0\"],\n }],\n});\nconst sampleVpc = new aws.ec2.Vpc(\"sample\", {cidrBlock: \"10.1.0.0/16\"});\nconst sampleSubnet = new aws.ec2.Subnet(\"sample\", {\n vpcId: sampleVpc.id,\n cidrBlock: \"10.1.1.0/24\",\n});\nconst samplePlacementGroup = new aws.ec2.PlacementGroup(\"sample\", {\n name: \"sample\",\n strategy: aws.ec2.PlacementStrategy.Cluster,\n});\nconst sampleComputeEnvironment = new aws.batch.ComputeEnvironment(\"sample\", {\n computeEnvironmentName: \"sample\",\n computeResources: {\n instanceRole: ecsInstanceRoleInstanceProfile.arn,\n instanceTypes: [\"c4.large\"],\n maxVcpus: 16,\n minVcpus: 0,\n placementGroup: samplePlacementGroup.name,\n securityGroupIds: [sample.id],\n subnets: [sampleSubnet.id],\n type: \"EC2\",\n },\n serviceRole: awsBatchServiceRole.arn,\n type: \"MANAGED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec2_assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"ec2.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\necs_instance_role = aws.iam.Role(\"ecs_instance_role\",\n name=\"ecs_instance_role\",\n assume_role_policy=ec2_assume_role.json)\necs_instance_role_role_policy_attachment = aws.iam.RolePolicyAttachment(\"ecs_instance_role\",\n role=ecs_instance_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\")\necs_instance_role_instance_profile = aws.iam.InstanceProfile(\"ecs_instance_role\",\n name=\"ecs_instance_role\",\n role=ecs_instance_role.name)\nbatch_assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"batch.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\naws_batch_service_role = aws.iam.Role(\"aws_batch_service_role\",\n name=\"aws_batch_service_role\",\n assume_role_policy=batch_assume_role.json)\naws_batch_service_role_role_policy_attachment = aws.iam.RolePolicyAttachment(\"aws_batch_service_role\",\n role=aws_batch_service_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\")\nsample = aws.ec2.SecurityGroup(\"sample\",\n name=\"aws_batch_compute_environment_security_group\",\n egress=[aws.ec2.SecurityGroupEgressArgs(\n from_port=0,\n to_port=0,\n protocol=\"-1\",\n cidr_blocks=[\"0.0.0.0/0\"],\n )])\nsample_vpc = aws.ec2.Vpc(\"sample\", cidr_block=\"10.1.0.0/16\")\nsample_subnet = aws.ec2.Subnet(\"sample\",\n vpc_id=sample_vpc.id,\n cidr_block=\"10.1.1.0/24\")\nsample_placement_group = aws.ec2.PlacementGroup(\"sample\",\n name=\"sample\",\n strategy=aws.ec2.PlacementStrategy.CLUSTER)\nsample_compute_environment = aws.batch.ComputeEnvironment(\"sample\",\n compute_environment_name=\"sample\",\n compute_resources=aws.batch.ComputeEnvironmentComputeResourcesArgs(\n instance_role=ecs_instance_role_instance_profile.arn,\n instance_types=[\"c4.large\"],\n max_vcpus=16,\n min_vcpus=0,\n placement_group=sample_placement_group.name,\n security_group_ids=[sample.id],\n subnets=[sample_subnet.id],\n type=\"EC2\",\n ),\n service_role=aws_batch_service_role.arn,\n type=\"MANAGED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ec2AssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var ecsInstanceRole = new Aws.Iam.Role(\"ecs_instance_role\", new()\n {\n Name = \"ecs_instance_role\",\n AssumeRolePolicy = ec2AssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var ecsInstanceRoleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"ecs_instance_role\", new()\n {\n Role = ecsInstanceRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\",\n });\n\n var ecsInstanceRoleInstanceProfile = new Aws.Iam.InstanceProfile(\"ecs_instance_role\", new()\n {\n Name = \"ecs_instance_role\",\n Role = ecsInstanceRole.Name,\n });\n\n var batchAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"batch.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var awsBatchServiceRole = new Aws.Iam.Role(\"aws_batch_service_role\", new()\n {\n Name = \"aws_batch_service_role\",\n AssumeRolePolicy = batchAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var awsBatchServiceRoleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"aws_batch_service_role\", new()\n {\n Role = awsBatchServiceRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\",\n });\n\n var sample = new Aws.Ec2.SecurityGroup(\"sample\", new()\n {\n Name = \"aws_batch_compute_environment_security_group\",\n Egress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupEgressArgs\n {\n FromPort = 0,\n ToPort = 0,\n Protocol = \"-1\",\n CidrBlocks = new[]\n {\n \"0.0.0.0/0\",\n },\n },\n },\n });\n\n var sampleVpc = new Aws.Ec2.Vpc(\"sample\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var sampleSubnet = new Aws.Ec2.Subnet(\"sample\", new()\n {\n VpcId = sampleVpc.Id,\n CidrBlock = \"10.1.1.0/24\",\n });\n\n var samplePlacementGroup = new Aws.Ec2.PlacementGroup(\"sample\", new()\n {\n Name = \"sample\",\n Strategy = Aws.Ec2.PlacementStrategy.Cluster,\n });\n\n var sampleComputeEnvironment = new Aws.Batch.ComputeEnvironment(\"sample\", new()\n {\n ComputeEnvironmentName = \"sample\",\n ComputeResources = new Aws.Batch.Inputs.ComputeEnvironmentComputeResourcesArgs\n {\n InstanceRole = ecsInstanceRoleInstanceProfile.Arn,\n InstanceTypes = new[]\n {\n \"c4.large\",\n },\n MaxVcpus = 16,\n MinVcpus = 0,\n PlacementGroup = samplePlacementGroup.Name,\n SecurityGroupIds = new[]\n {\n sample.Id,\n },\n Subnets = new[]\n {\n sampleSubnet.Id,\n },\n Type = \"EC2\",\n },\n ServiceRole = awsBatchServiceRole.Arn,\n Type = \"MANAGED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tec2AssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tecsInstanceRole, err := iam.NewRole(ctx, \"ecs_instance_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"ecs_instance_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(ec2AssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"ecs_instance_role\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: ecsInstanceRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tecsInstanceRoleInstanceProfile, err := iam.NewInstanceProfile(ctx, \"ecs_instance_role\", \u0026iam.InstanceProfileArgs{\n\t\t\tName: pulumi.String(\"ecs_instance_role\"),\n\t\t\tRole: ecsInstanceRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbatchAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"batch.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tawsBatchServiceRole, err := iam.NewRole(ctx, \"aws_batch_service_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"aws_batch_service_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(batchAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"aws_batch_service_role\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: awsBatchServiceRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsample, err := ec2.NewSecurityGroup(ctx, \"sample\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"aws_batch_compute_environment_security_group\"),\n\t\t\tEgress: ec2.SecurityGroupEgressArray{\n\t\t\t\t\u0026ec2.SecurityGroupEgressArgs{\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsampleVpc, err := ec2.NewVpc(ctx, \"sample\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsampleSubnet, err := ec2.NewSubnet(ctx, \"sample\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: sampleVpc.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.1.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsamplePlacementGroup, err := ec2.NewPlacementGroup(ctx, \"sample\", \u0026ec2.PlacementGroupArgs{\n\t\t\tName: pulumi.String(\"sample\"),\n\t\t\tStrategy: pulumi.String(ec2.PlacementStrategyCluster),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = batch.NewComputeEnvironment(ctx, \"sample\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"sample\"),\n\t\t\tComputeResources: \u0026batch.ComputeEnvironmentComputeResourcesArgs{\n\t\t\t\tInstanceRole: ecsInstanceRoleInstanceProfile.Arn,\n\t\t\t\tInstanceTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"c4.large\"),\n\t\t\t\t},\n\t\t\t\tMaxVcpus: pulumi.Int(16),\n\t\t\t\tMinVcpus: pulumi.Int(0),\n\t\t\t\tPlacementGroup: samplePlacementGroup.Name,\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsample.ID(),\n\t\t\t\t},\n\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\tsampleSubnet.ID(),\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"EC2\"),\n\t\t\t},\n\t\t\tServiceRole: awsBatchServiceRole.Arn,\n\t\t\tType: pulumi.String(\"MANAGED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.iam.InstanceProfile;\nimport com.pulumi.aws.iam.InstanceProfileArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupEgressArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.PlacementGroup;\nimport com.pulumi.aws.ec2.PlacementGroupArgs;\nimport com.pulumi.aws.batch.ComputeEnvironment;\nimport com.pulumi.aws.batch.ComputeEnvironmentArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ec2AssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ec2.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var ecsInstanceRole = new Role(\"ecsInstanceRole\", RoleArgs.builder() \n .name(\"ecs_instance_role\")\n .assumeRolePolicy(ec2AssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var ecsInstanceRoleRolePolicyAttachment = new RolePolicyAttachment(\"ecsInstanceRoleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(ecsInstanceRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\")\n .build());\n\n var ecsInstanceRoleInstanceProfile = new InstanceProfile(\"ecsInstanceRoleInstanceProfile\", InstanceProfileArgs.builder() \n .name(\"ecs_instance_role\")\n .role(ecsInstanceRole.name())\n .build());\n\n final var batchAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"batch.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var awsBatchServiceRole = new Role(\"awsBatchServiceRole\", RoleArgs.builder() \n .name(\"aws_batch_service_role\")\n .assumeRolePolicy(batchAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var awsBatchServiceRoleRolePolicyAttachment = new RolePolicyAttachment(\"awsBatchServiceRoleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(awsBatchServiceRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\")\n .build());\n\n var sample = new SecurityGroup(\"sample\", SecurityGroupArgs.builder() \n .name(\"aws_batch_compute_environment_security_group\")\n .egress(SecurityGroupEgressArgs.builder()\n .fromPort(0)\n .toPort(0)\n .protocol(\"-1\")\n .cidrBlocks(\"0.0.0.0/0\")\n .build())\n .build());\n\n var sampleVpc = new Vpc(\"sampleVpc\", VpcArgs.builder() \n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var sampleSubnet = new Subnet(\"sampleSubnet\", SubnetArgs.builder() \n .vpcId(sampleVpc.id())\n .cidrBlock(\"10.1.1.0/24\")\n .build());\n\n var samplePlacementGroup = new PlacementGroup(\"samplePlacementGroup\", PlacementGroupArgs.builder() \n .name(\"sample\")\n .strategy(\"cluster\")\n .build());\n\n var sampleComputeEnvironment = new ComputeEnvironment(\"sampleComputeEnvironment\", ComputeEnvironmentArgs.builder() \n .computeEnvironmentName(\"sample\")\n .computeResources(ComputeEnvironmentComputeResourcesArgs.builder()\n .instanceRole(ecsInstanceRoleInstanceProfile.arn())\n .instanceTypes(\"c4.large\")\n .maxVcpus(16)\n .minVcpus(0)\n .placementGroup(samplePlacementGroup.name())\n .securityGroupIds(sample.id())\n .subnets(sampleSubnet.id())\n .type(\"EC2\")\n .build())\n .serviceRole(awsBatchServiceRole.arn())\n .type(\"MANAGED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ecsInstanceRole:\n type: aws:iam:Role\n name: ecs_instance_role\n properties:\n name: ecs_instance_role\n assumeRolePolicy: ${ec2AssumeRole.json}\n ecsInstanceRoleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: ecs_instance_role\n properties:\n role: ${ecsInstanceRole.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\n ecsInstanceRoleInstanceProfile:\n type: aws:iam:InstanceProfile\n name: ecs_instance_role\n properties:\n name: ecs_instance_role\n role: ${ecsInstanceRole.name}\n awsBatchServiceRole:\n type: aws:iam:Role\n name: aws_batch_service_role\n properties:\n name: aws_batch_service_role\n assumeRolePolicy: ${batchAssumeRole.json}\n awsBatchServiceRoleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: aws_batch_service_role\n properties:\n role: ${awsBatchServiceRole.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\n sample:\n type: aws:ec2:SecurityGroup\n properties:\n name: aws_batch_compute_environment_security_group\n egress:\n - fromPort: 0\n toPort: 0\n protocol: '-1'\n cidrBlocks:\n - 0.0.0.0/0\n sampleVpc:\n type: aws:ec2:Vpc\n name: sample\n properties:\n cidrBlock: 10.1.0.0/16\n sampleSubnet:\n type: aws:ec2:Subnet\n name: sample\n properties:\n vpcId: ${sampleVpc.id}\n cidrBlock: 10.1.1.0/24\n samplePlacementGroup:\n type: aws:ec2:PlacementGroup\n name: sample\n properties:\n name: sample\n strategy: cluster\n sampleComputeEnvironment:\n type: aws:batch:ComputeEnvironment\n name: sample\n properties:\n computeEnvironmentName: sample\n computeResources:\n instanceRole: ${ecsInstanceRoleInstanceProfile.arn}\n instanceTypes:\n - c4.large\n maxVcpus: 16\n minVcpus: 0\n placementGroup: ${samplePlacementGroup.name}\n securityGroupIds:\n - ${sample.id}\n subnets:\n - ${sampleSubnet.id}\n type: EC2\n serviceRole: ${awsBatchServiceRole.arn}\n type: MANAGED\nvariables:\n ec2AssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - ec2.amazonaws.com\n actions:\n - sts:AssumeRole\n batchAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - batch.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fargate Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sample = new aws.batch.ComputeEnvironment(\"sample\", {\n computeEnvironmentName: \"sample\",\n computeResources: {\n maxVcpus: 16,\n securityGroupIds: [sampleAwsSecurityGroup.id],\n subnets: [sampleAwsSubnet.id],\n type: \"FARGATE\",\n },\n serviceRole: awsBatchServiceRole.arn,\n type: \"MANAGED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsample = aws.batch.ComputeEnvironment(\"sample\",\n compute_environment_name=\"sample\",\n compute_resources=aws.batch.ComputeEnvironmentComputeResourcesArgs(\n max_vcpus=16,\n security_group_ids=[sample_aws_security_group[\"id\"]],\n subnets=[sample_aws_subnet[\"id\"]],\n type=\"FARGATE\",\n ),\n service_role=aws_batch_service_role[\"arn\"],\n type=\"MANAGED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sample = new Aws.Batch.ComputeEnvironment(\"sample\", new()\n {\n ComputeEnvironmentName = \"sample\",\n ComputeResources = new Aws.Batch.Inputs.ComputeEnvironmentComputeResourcesArgs\n {\n MaxVcpus = 16,\n SecurityGroupIds = new[]\n {\n sampleAwsSecurityGroup.Id,\n },\n Subnets = new[]\n {\n sampleAwsSubnet.Id,\n },\n Type = \"FARGATE\",\n },\n ServiceRole = awsBatchServiceRole.Arn,\n Type = \"MANAGED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.NewComputeEnvironment(ctx, \"sample\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"sample\"),\n\t\t\tComputeResources: \u0026batch.ComputeEnvironmentComputeResourcesArgs{\n\t\t\t\tMaxVcpus: pulumi.Int(16),\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSecurityGroup.Id,\n\t\t\t\t},\n\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSubnet.Id,\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"FARGATE\"),\n\t\t\t},\n\t\t\tServiceRole: pulumi.Any(awsBatchServiceRole.Arn),\n\t\t\tType: pulumi.String(\"MANAGED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.ComputeEnvironment;\nimport com.pulumi.aws.batch.ComputeEnvironmentArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sample = new ComputeEnvironment(\"sample\", ComputeEnvironmentArgs.builder() \n .computeEnvironmentName(\"sample\")\n .computeResources(ComputeEnvironmentComputeResourcesArgs.builder()\n .maxVcpus(16)\n .securityGroupIds(sampleAwsSecurityGroup.id())\n .subnets(sampleAwsSubnet.id())\n .type(\"FARGATE\")\n .build())\n .serviceRole(awsBatchServiceRole.arn())\n .type(\"MANAGED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sample:\n type: aws:batch:ComputeEnvironment\n properties:\n computeEnvironmentName: sample\n computeResources:\n maxVcpus: 16\n securityGroupIds:\n - ${sampleAwsSecurityGroup.id}\n subnets:\n - ${sampleAwsSubnet.id}\n type: FARGATE\n serviceRole: ${awsBatchServiceRole.arn}\n type: MANAGED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Setting Update Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sample = new aws.batch.ComputeEnvironment(\"sample\", {\n computeEnvironmentName: \"sample\",\n computeResources: {\n allocationStrategy: \"BEST_FIT_PROGRESSIVE\",\n instanceRole: ecsInstance.arn,\n instanceTypes: [\"optimal\"],\n maxVcpus: 4,\n minVcpus: 0,\n securityGroupIds: [sampleAwsSecurityGroup.id],\n subnets: [sampleAwsSubnet.id],\n type: \"EC2\",\n },\n updatePolicy: {\n jobExecutionTimeoutMinutes: 30,\n terminateJobsOnUpdate: false,\n },\n type: \"MANAGED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsample = aws.batch.ComputeEnvironment(\"sample\",\n compute_environment_name=\"sample\",\n compute_resources=aws.batch.ComputeEnvironmentComputeResourcesArgs(\n allocation_strategy=\"BEST_FIT_PROGRESSIVE\",\n instance_role=ecs_instance[\"arn\"],\n instance_types=[\"optimal\"],\n max_vcpus=4,\n min_vcpus=0,\n security_group_ids=[sample_aws_security_group[\"id\"]],\n subnets=[sample_aws_subnet[\"id\"]],\n type=\"EC2\",\n ),\n update_policy=aws.batch.ComputeEnvironmentUpdatePolicyArgs(\n job_execution_timeout_minutes=30,\n terminate_jobs_on_update=False,\n ),\n type=\"MANAGED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sample = new Aws.Batch.ComputeEnvironment(\"sample\", new()\n {\n ComputeEnvironmentName = \"sample\",\n ComputeResources = new Aws.Batch.Inputs.ComputeEnvironmentComputeResourcesArgs\n {\n AllocationStrategy = \"BEST_FIT_PROGRESSIVE\",\n InstanceRole = ecsInstance.Arn,\n InstanceTypes = new[]\n {\n \"optimal\",\n },\n MaxVcpus = 4,\n MinVcpus = 0,\n SecurityGroupIds = new[]\n {\n sampleAwsSecurityGroup.Id,\n },\n Subnets = new[]\n {\n sampleAwsSubnet.Id,\n },\n Type = \"EC2\",\n },\n UpdatePolicy = new Aws.Batch.Inputs.ComputeEnvironmentUpdatePolicyArgs\n {\n JobExecutionTimeoutMinutes = 30,\n TerminateJobsOnUpdate = false,\n },\n Type = \"MANAGED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.NewComputeEnvironment(ctx, \"sample\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"sample\"),\n\t\t\tComputeResources: \u0026batch.ComputeEnvironmentComputeResourcesArgs{\n\t\t\t\tAllocationStrategy: pulumi.String(\"BEST_FIT_PROGRESSIVE\"),\n\t\t\t\tInstanceRole: pulumi.Any(ecsInstance.Arn),\n\t\t\t\tInstanceTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"optimal\"),\n\t\t\t\t},\n\t\t\t\tMaxVcpus: pulumi.Int(4),\n\t\t\t\tMinVcpus: pulumi.Int(0),\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSecurityGroup.Id,\n\t\t\t\t},\n\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSubnet.Id,\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"EC2\"),\n\t\t\t},\n\t\t\tUpdatePolicy: \u0026batch.ComputeEnvironmentUpdatePolicyArgs{\n\t\t\t\tJobExecutionTimeoutMinutes: pulumi.Int(30),\n\t\t\t\tTerminateJobsOnUpdate: pulumi.Bool(false),\n\t\t\t},\n\t\t\tType: pulumi.String(\"MANAGED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.ComputeEnvironment;\nimport com.pulumi.aws.batch.ComputeEnvironmentArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentUpdatePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sample = new ComputeEnvironment(\"sample\", ComputeEnvironmentArgs.builder() \n .computeEnvironmentName(\"sample\")\n .computeResources(ComputeEnvironmentComputeResourcesArgs.builder()\n .allocationStrategy(\"BEST_FIT_PROGRESSIVE\")\n .instanceRole(ecsInstance.arn())\n .instanceTypes(\"optimal\")\n .maxVcpus(4)\n .minVcpus(0)\n .securityGroupIds(sampleAwsSecurityGroup.id())\n .subnets(sampleAwsSubnet.id())\n .type(\"EC2\")\n .build())\n .updatePolicy(ComputeEnvironmentUpdatePolicyArgs.builder()\n .jobExecutionTimeoutMinutes(30)\n .terminateJobsOnUpdate(false)\n .build())\n .type(\"MANAGED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sample:\n type: aws:batch:ComputeEnvironment\n properties:\n computeEnvironmentName: sample\n computeResources:\n allocationStrategy: BEST_FIT_PROGRESSIVE\n instanceRole: ${ecsInstance.arn}\n instanceTypes:\n - optimal\n maxVcpus: 4\n minVcpus: 0\n securityGroupIds:\n - ${sampleAwsSecurityGroup.id}\n subnets:\n - ${sampleAwsSubnet.id}\n type: EC2\n updatePolicy:\n jobExecutionTimeoutMinutes: 30\n terminateJobsOnUpdate: false\n type: MANAGED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Batch compute using the `compute_environment_name`. For example:\n\n```sh\n$ pulumi import aws:batch/computeEnvironment:ComputeEnvironment sample sample\n```\n", + "description": "Creates a AWS Batch compute environment. Compute environments contain the Amazon ECS container instances that are used to run containerized batch jobs.\n\nFor information about AWS Batch, see [What is AWS Batch?](http://docs.aws.amazon.com/batch/latest/userguide/what-is-batch.html) .\nFor information about compute environment, see [Compute Environments](http://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) .\n\n\u003e **Note:** To prevent a race condition during environment deletion, make sure to set `depends_on` to the related `aws.iam.RolePolicyAttachment`;\notherwise, the policy may be destroyed too soon and the compute environment will then get stuck in the `DELETING` state, see [Troubleshooting AWS Batch](http://docs.aws.amazon.com/batch/latest/userguide/troubleshooting.html) .\n\n## Example Usage\n\n### EC2 Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ec2AssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ec2.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst ecsInstanceRole = new aws.iam.Role(\"ecs_instance_role\", {\n name: \"ecs_instance_role\",\n assumeRolePolicy: ec2AssumeRole.then(ec2AssumeRole =\u003e ec2AssumeRole.json),\n});\nconst ecsInstanceRoleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"ecs_instance_role\", {\n role: ecsInstanceRole.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\",\n});\nconst ecsInstanceRoleInstanceProfile = new aws.iam.InstanceProfile(\"ecs_instance_role\", {\n name: \"ecs_instance_role\",\n role: ecsInstanceRole.name,\n});\nconst batchAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"batch.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst awsBatchServiceRole = new aws.iam.Role(\"aws_batch_service_role\", {\n name: \"aws_batch_service_role\",\n assumeRolePolicy: batchAssumeRole.then(batchAssumeRole =\u003e batchAssumeRole.json),\n});\nconst awsBatchServiceRoleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"aws_batch_service_role\", {\n role: awsBatchServiceRole.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\",\n});\nconst sample = new aws.ec2.SecurityGroup(\"sample\", {\n name: \"aws_batch_compute_environment_security_group\",\n egress: [{\n fromPort: 0,\n toPort: 0,\n protocol: \"-1\",\n cidrBlocks: [\"0.0.0.0/0\"],\n }],\n});\nconst sampleVpc = new aws.ec2.Vpc(\"sample\", {cidrBlock: \"10.1.0.0/16\"});\nconst sampleSubnet = new aws.ec2.Subnet(\"sample\", {\n vpcId: sampleVpc.id,\n cidrBlock: \"10.1.1.0/24\",\n});\nconst samplePlacementGroup = new aws.ec2.PlacementGroup(\"sample\", {\n name: \"sample\",\n strategy: aws.ec2.PlacementStrategy.Cluster,\n});\nconst sampleComputeEnvironment = new aws.batch.ComputeEnvironment(\"sample\", {\n computeEnvironmentName: \"sample\",\n computeResources: {\n instanceRole: ecsInstanceRoleInstanceProfile.arn,\n instanceTypes: [\"c4.large\"],\n maxVcpus: 16,\n minVcpus: 0,\n placementGroup: samplePlacementGroup.name,\n securityGroupIds: [sample.id],\n subnets: [sampleSubnet.id],\n type: \"EC2\",\n },\n serviceRole: awsBatchServiceRole.arn,\n type: \"MANAGED\",\n}, {\n dependsOn: [awsBatchServiceRoleRolePolicyAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nec2_assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"ec2.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\necs_instance_role = aws.iam.Role(\"ecs_instance_role\",\n name=\"ecs_instance_role\",\n assume_role_policy=ec2_assume_role.json)\necs_instance_role_role_policy_attachment = aws.iam.RolePolicyAttachment(\"ecs_instance_role\",\n role=ecs_instance_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\")\necs_instance_role_instance_profile = aws.iam.InstanceProfile(\"ecs_instance_role\",\n name=\"ecs_instance_role\",\n role=ecs_instance_role.name)\nbatch_assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"batch.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\naws_batch_service_role = aws.iam.Role(\"aws_batch_service_role\",\n name=\"aws_batch_service_role\",\n assume_role_policy=batch_assume_role.json)\naws_batch_service_role_role_policy_attachment = aws.iam.RolePolicyAttachment(\"aws_batch_service_role\",\n role=aws_batch_service_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\")\nsample = aws.ec2.SecurityGroup(\"sample\",\n name=\"aws_batch_compute_environment_security_group\",\n egress=[aws.ec2.SecurityGroupEgressArgs(\n from_port=0,\n to_port=0,\n protocol=\"-1\",\n cidr_blocks=[\"0.0.0.0/0\"],\n )])\nsample_vpc = aws.ec2.Vpc(\"sample\", cidr_block=\"10.1.0.0/16\")\nsample_subnet = aws.ec2.Subnet(\"sample\",\n vpc_id=sample_vpc.id,\n cidr_block=\"10.1.1.0/24\")\nsample_placement_group = aws.ec2.PlacementGroup(\"sample\",\n name=\"sample\",\n strategy=aws.ec2.PlacementStrategy.CLUSTER)\nsample_compute_environment = aws.batch.ComputeEnvironment(\"sample\",\n compute_environment_name=\"sample\",\n compute_resources=aws.batch.ComputeEnvironmentComputeResourcesArgs(\n instance_role=ecs_instance_role_instance_profile.arn,\n instance_types=[\"c4.large\"],\n max_vcpus=16,\n min_vcpus=0,\n placement_group=sample_placement_group.name,\n security_group_ids=[sample.id],\n subnets=[sample_subnet.id],\n type=\"EC2\",\n ),\n service_role=aws_batch_service_role.arn,\n type=\"MANAGED\",\n opts=pulumi.ResourceOptions(depends_on=[aws_batch_service_role_role_policy_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ec2AssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var ecsInstanceRole = new Aws.Iam.Role(\"ecs_instance_role\", new()\n {\n Name = \"ecs_instance_role\",\n AssumeRolePolicy = ec2AssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var ecsInstanceRoleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"ecs_instance_role\", new()\n {\n Role = ecsInstanceRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\",\n });\n\n var ecsInstanceRoleInstanceProfile = new Aws.Iam.InstanceProfile(\"ecs_instance_role\", new()\n {\n Name = \"ecs_instance_role\",\n Role = ecsInstanceRole.Name,\n });\n\n var batchAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"batch.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var awsBatchServiceRole = new Aws.Iam.Role(\"aws_batch_service_role\", new()\n {\n Name = \"aws_batch_service_role\",\n AssumeRolePolicy = batchAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var awsBatchServiceRoleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"aws_batch_service_role\", new()\n {\n Role = awsBatchServiceRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\",\n });\n\n var sample = new Aws.Ec2.SecurityGroup(\"sample\", new()\n {\n Name = \"aws_batch_compute_environment_security_group\",\n Egress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupEgressArgs\n {\n FromPort = 0,\n ToPort = 0,\n Protocol = \"-1\",\n CidrBlocks = new[]\n {\n \"0.0.0.0/0\",\n },\n },\n },\n });\n\n var sampleVpc = new Aws.Ec2.Vpc(\"sample\", new()\n {\n CidrBlock = \"10.1.0.0/16\",\n });\n\n var sampleSubnet = new Aws.Ec2.Subnet(\"sample\", new()\n {\n VpcId = sampleVpc.Id,\n CidrBlock = \"10.1.1.0/24\",\n });\n\n var samplePlacementGroup = new Aws.Ec2.PlacementGroup(\"sample\", new()\n {\n Name = \"sample\",\n Strategy = Aws.Ec2.PlacementStrategy.Cluster,\n });\n\n var sampleComputeEnvironment = new Aws.Batch.ComputeEnvironment(\"sample\", new()\n {\n ComputeEnvironmentName = \"sample\",\n ComputeResources = new Aws.Batch.Inputs.ComputeEnvironmentComputeResourcesArgs\n {\n InstanceRole = ecsInstanceRoleInstanceProfile.Arn,\n InstanceTypes = new[]\n {\n \"c4.large\",\n },\n MaxVcpus = 16,\n MinVcpus = 0,\n PlacementGroup = samplePlacementGroup.Name,\n SecurityGroupIds = new[]\n {\n sample.Id,\n },\n Subnets = new[]\n {\n sampleSubnet.Id,\n },\n Type = \"EC2\",\n },\n ServiceRole = awsBatchServiceRole.Arn,\n Type = \"MANAGED\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n awsBatchServiceRoleRolePolicyAttachment, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tec2AssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tecsInstanceRole, err := iam.NewRole(ctx, \"ecs_instance_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"ecs_instance_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(ec2AssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"ecs_instance_role\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: ecsInstanceRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tecsInstanceRoleInstanceProfile, err := iam.NewInstanceProfile(ctx, \"ecs_instance_role\", \u0026iam.InstanceProfileArgs{\n\t\t\tName: pulumi.String(\"ecs_instance_role\"),\n\t\t\tRole: ecsInstanceRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbatchAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"batch.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tawsBatchServiceRole, err := iam.NewRole(ctx, \"aws_batch_service_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"aws_batch_service_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(batchAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tawsBatchServiceRoleRolePolicyAttachment, err := iam.NewRolePolicyAttachment(ctx, \"aws_batch_service_role\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: awsBatchServiceRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsample, err := ec2.NewSecurityGroup(ctx, \"sample\", \u0026ec2.SecurityGroupArgs{\n\t\t\tName: pulumi.String(\"aws_batch_compute_environment_security_group\"),\n\t\t\tEgress: ec2.SecurityGroupEgressArray{\n\t\t\t\t\u0026ec2.SecurityGroupEgressArgs{\n\t\t\t\t\tFromPort: pulumi.Int(0),\n\t\t\t\t\tToPort: pulumi.Int(0),\n\t\t\t\t\tProtocol: pulumi.String(\"-1\"),\n\t\t\t\t\tCidrBlocks: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"0.0.0.0/0\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsampleVpc, err := ec2.NewVpc(ctx, \"sample\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.1.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsampleSubnet, err := ec2.NewSubnet(ctx, \"sample\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: sampleVpc.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.1.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsamplePlacementGroup, err := ec2.NewPlacementGroup(ctx, \"sample\", \u0026ec2.PlacementGroupArgs{\n\t\t\tName: pulumi.String(\"sample\"),\n\t\t\tStrategy: pulumi.String(ec2.PlacementStrategyCluster),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = batch.NewComputeEnvironment(ctx, \"sample\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"sample\"),\n\t\t\tComputeResources: \u0026batch.ComputeEnvironmentComputeResourcesArgs{\n\t\t\t\tInstanceRole: ecsInstanceRoleInstanceProfile.Arn,\n\t\t\t\tInstanceTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"c4.large\"),\n\t\t\t\t},\n\t\t\t\tMaxVcpus: pulumi.Int(16),\n\t\t\t\tMinVcpus: pulumi.Int(0),\n\t\t\t\tPlacementGroup: samplePlacementGroup.Name,\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsample.ID(),\n\t\t\t\t},\n\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\tsampleSubnet.ID(),\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"EC2\"),\n\t\t\t},\n\t\t\tServiceRole: awsBatchServiceRole.Arn,\n\t\t\tType: pulumi.String(\"MANAGED\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tawsBatchServiceRoleRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.iam.InstanceProfile;\nimport com.pulumi.aws.iam.InstanceProfileArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupEgressArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.PlacementGroup;\nimport com.pulumi.aws.ec2.PlacementGroupArgs;\nimport com.pulumi.aws.batch.ComputeEnvironment;\nimport com.pulumi.aws.batch.ComputeEnvironmentArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var ec2AssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ec2.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var ecsInstanceRole = new Role(\"ecsInstanceRole\", RoleArgs.builder() \n .name(\"ecs_instance_role\")\n .assumeRolePolicy(ec2AssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var ecsInstanceRoleRolePolicyAttachment = new RolePolicyAttachment(\"ecsInstanceRoleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(ecsInstanceRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\")\n .build());\n\n var ecsInstanceRoleInstanceProfile = new InstanceProfile(\"ecsInstanceRoleInstanceProfile\", InstanceProfileArgs.builder() \n .name(\"ecs_instance_role\")\n .role(ecsInstanceRole.name())\n .build());\n\n final var batchAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"batch.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var awsBatchServiceRole = new Role(\"awsBatchServiceRole\", RoleArgs.builder() \n .name(\"aws_batch_service_role\")\n .assumeRolePolicy(batchAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var awsBatchServiceRoleRolePolicyAttachment = new RolePolicyAttachment(\"awsBatchServiceRoleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(awsBatchServiceRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\")\n .build());\n\n var sample = new SecurityGroup(\"sample\", SecurityGroupArgs.builder() \n .name(\"aws_batch_compute_environment_security_group\")\n .egress(SecurityGroupEgressArgs.builder()\n .fromPort(0)\n .toPort(0)\n .protocol(\"-1\")\n .cidrBlocks(\"0.0.0.0/0\")\n .build())\n .build());\n\n var sampleVpc = new Vpc(\"sampleVpc\", VpcArgs.builder() \n .cidrBlock(\"10.1.0.0/16\")\n .build());\n\n var sampleSubnet = new Subnet(\"sampleSubnet\", SubnetArgs.builder() \n .vpcId(sampleVpc.id())\n .cidrBlock(\"10.1.1.0/24\")\n .build());\n\n var samplePlacementGroup = new PlacementGroup(\"samplePlacementGroup\", PlacementGroupArgs.builder() \n .name(\"sample\")\n .strategy(\"cluster\")\n .build());\n\n var sampleComputeEnvironment = new ComputeEnvironment(\"sampleComputeEnvironment\", ComputeEnvironmentArgs.builder() \n .computeEnvironmentName(\"sample\")\n .computeResources(ComputeEnvironmentComputeResourcesArgs.builder()\n .instanceRole(ecsInstanceRoleInstanceProfile.arn())\n .instanceTypes(\"c4.large\")\n .maxVcpus(16)\n .minVcpus(0)\n .placementGroup(samplePlacementGroup.name())\n .securityGroupIds(sample.id())\n .subnets(sampleSubnet.id())\n .type(\"EC2\")\n .build())\n .serviceRole(awsBatchServiceRole.arn())\n .type(\"MANAGED\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(awsBatchServiceRoleRolePolicyAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ecsInstanceRole:\n type: aws:iam:Role\n name: ecs_instance_role\n properties:\n name: ecs_instance_role\n assumeRolePolicy: ${ec2AssumeRole.json}\n ecsInstanceRoleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: ecs_instance_role\n properties:\n role: ${ecsInstanceRole.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role\n ecsInstanceRoleInstanceProfile:\n type: aws:iam:InstanceProfile\n name: ecs_instance_role\n properties:\n name: ecs_instance_role\n role: ${ecsInstanceRole.name}\n awsBatchServiceRole:\n type: aws:iam:Role\n name: aws_batch_service_role\n properties:\n name: aws_batch_service_role\n assumeRolePolicy: ${batchAssumeRole.json}\n awsBatchServiceRoleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: aws_batch_service_role\n properties:\n role: ${awsBatchServiceRole.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole\n sample:\n type: aws:ec2:SecurityGroup\n properties:\n name: aws_batch_compute_environment_security_group\n egress:\n - fromPort: 0\n toPort: 0\n protocol: '-1'\n cidrBlocks:\n - 0.0.0.0/0\n sampleVpc:\n type: aws:ec2:Vpc\n name: sample\n properties:\n cidrBlock: 10.1.0.0/16\n sampleSubnet:\n type: aws:ec2:Subnet\n name: sample\n properties:\n vpcId: ${sampleVpc.id}\n cidrBlock: 10.1.1.0/24\n samplePlacementGroup:\n type: aws:ec2:PlacementGroup\n name: sample\n properties:\n name: sample\n strategy: cluster\n sampleComputeEnvironment:\n type: aws:batch:ComputeEnvironment\n name: sample\n properties:\n computeEnvironmentName: sample\n computeResources:\n instanceRole: ${ecsInstanceRoleInstanceProfile.arn}\n instanceTypes:\n - c4.large\n maxVcpus: 16\n minVcpus: 0\n placementGroup: ${samplePlacementGroup.name}\n securityGroupIds:\n - ${sample.id}\n subnets:\n - ${sampleSubnet.id}\n type: EC2\n serviceRole: ${awsBatchServiceRole.arn}\n type: MANAGED\n options:\n dependson:\n - ${awsBatchServiceRoleRolePolicyAttachment}\nvariables:\n ec2AssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - ec2.amazonaws.com\n actions:\n - sts:AssumeRole\n batchAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - batch.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Fargate Type\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sample = new aws.batch.ComputeEnvironment(\"sample\", {\n computeEnvironmentName: \"sample\",\n computeResources: {\n maxVcpus: 16,\n securityGroupIds: [sampleAwsSecurityGroup.id],\n subnets: [sampleAwsSubnet.id],\n type: \"FARGATE\",\n },\n serviceRole: awsBatchServiceRoleAwsIamRole.arn,\n type: \"MANAGED\",\n}, {\n dependsOn: [awsBatchServiceRole],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsample = aws.batch.ComputeEnvironment(\"sample\",\n compute_environment_name=\"sample\",\n compute_resources=aws.batch.ComputeEnvironmentComputeResourcesArgs(\n max_vcpus=16,\n security_group_ids=[sample_aws_security_group[\"id\"]],\n subnets=[sample_aws_subnet[\"id\"]],\n type=\"FARGATE\",\n ),\n service_role=aws_batch_service_role_aws_iam_role[\"arn\"],\n type=\"MANAGED\",\n opts=pulumi.ResourceOptions(depends_on=[aws_batch_service_role]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sample = new Aws.Batch.ComputeEnvironment(\"sample\", new()\n {\n ComputeEnvironmentName = \"sample\",\n ComputeResources = new Aws.Batch.Inputs.ComputeEnvironmentComputeResourcesArgs\n {\n MaxVcpus = 16,\n SecurityGroupIds = new[]\n {\n sampleAwsSecurityGroup.Id,\n },\n Subnets = new[]\n {\n sampleAwsSubnet.Id,\n },\n Type = \"FARGATE\",\n },\n ServiceRole = awsBatchServiceRoleAwsIamRole.Arn,\n Type = \"MANAGED\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n awsBatchServiceRole, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.NewComputeEnvironment(ctx, \"sample\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"sample\"),\n\t\t\tComputeResources: \u0026batch.ComputeEnvironmentComputeResourcesArgs{\n\t\t\t\tMaxVcpus: pulumi.Int(16),\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSecurityGroup.Id,\n\t\t\t\t},\n\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSubnet.Id,\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"FARGATE\"),\n\t\t\t},\n\t\t\tServiceRole: pulumi.Any(awsBatchServiceRoleAwsIamRole.Arn),\n\t\t\tType: pulumi.String(\"MANAGED\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tawsBatchServiceRole,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.ComputeEnvironment;\nimport com.pulumi.aws.batch.ComputeEnvironmentArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sample = new ComputeEnvironment(\"sample\", ComputeEnvironmentArgs.builder() \n .computeEnvironmentName(\"sample\")\n .computeResources(ComputeEnvironmentComputeResourcesArgs.builder()\n .maxVcpus(16)\n .securityGroupIds(sampleAwsSecurityGroup.id())\n .subnets(sampleAwsSubnet.id())\n .type(\"FARGATE\")\n .build())\n .serviceRole(awsBatchServiceRoleAwsIamRole.arn())\n .type(\"MANAGED\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(awsBatchServiceRole)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sample:\n type: aws:batch:ComputeEnvironment\n properties:\n computeEnvironmentName: sample\n computeResources:\n maxVcpus: 16\n securityGroupIds:\n - ${sampleAwsSecurityGroup.id}\n subnets:\n - ${sampleAwsSubnet.id}\n type: FARGATE\n serviceRole: ${awsBatchServiceRoleAwsIamRole.arn}\n type: MANAGED\n options:\n dependson:\n - ${awsBatchServiceRole}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Setting Update Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst sample = new aws.batch.ComputeEnvironment(\"sample\", {\n computeEnvironmentName: \"sample\",\n computeResources: {\n allocationStrategy: \"BEST_FIT_PROGRESSIVE\",\n instanceRole: ecsInstance.arn,\n instanceTypes: [\"optimal\"],\n maxVcpus: 4,\n minVcpus: 0,\n securityGroupIds: [sampleAwsSecurityGroup.id],\n subnets: [sampleAwsSubnet.id],\n type: \"EC2\",\n },\n updatePolicy: {\n jobExecutionTimeoutMinutes: 30,\n terminateJobsOnUpdate: false,\n },\n type: \"MANAGED\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nsample = aws.batch.ComputeEnvironment(\"sample\",\n compute_environment_name=\"sample\",\n compute_resources=aws.batch.ComputeEnvironmentComputeResourcesArgs(\n allocation_strategy=\"BEST_FIT_PROGRESSIVE\",\n instance_role=ecs_instance[\"arn\"],\n instance_types=[\"optimal\"],\n max_vcpus=4,\n min_vcpus=0,\n security_group_ids=[sample_aws_security_group[\"id\"]],\n subnets=[sample_aws_subnet[\"id\"]],\n type=\"EC2\",\n ),\n update_policy=aws.batch.ComputeEnvironmentUpdatePolicyArgs(\n job_execution_timeout_minutes=30,\n terminate_jobs_on_update=False,\n ),\n type=\"MANAGED\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var sample = new Aws.Batch.ComputeEnvironment(\"sample\", new()\n {\n ComputeEnvironmentName = \"sample\",\n ComputeResources = new Aws.Batch.Inputs.ComputeEnvironmentComputeResourcesArgs\n {\n AllocationStrategy = \"BEST_FIT_PROGRESSIVE\",\n InstanceRole = ecsInstance.Arn,\n InstanceTypes = new[]\n {\n \"optimal\",\n },\n MaxVcpus = 4,\n MinVcpus = 0,\n SecurityGroupIds = new[]\n {\n sampleAwsSecurityGroup.Id,\n },\n Subnets = new[]\n {\n sampleAwsSubnet.Id,\n },\n Type = \"EC2\",\n },\n UpdatePolicy = new Aws.Batch.Inputs.ComputeEnvironmentUpdatePolicyArgs\n {\n JobExecutionTimeoutMinutes = 30,\n TerminateJobsOnUpdate = false,\n },\n Type = \"MANAGED\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/batch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := batch.NewComputeEnvironment(ctx, \"sample\", \u0026batch.ComputeEnvironmentArgs{\n\t\t\tComputeEnvironmentName: pulumi.String(\"sample\"),\n\t\t\tComputeResources: \u0026batch.ComputeEnvironmentComputeResourcesArgs{\n\t\t\t\tAllocationStrategy: pulumi.String(\"BEST_FIT_PROGRESSIVE\"),\n\t\t\t\tInstanceRole: pulumi.Any(ecsInstance.Arn),\n\t\t\t\tInstanceTypes: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"optimal\"),\n\t\t\t\t},\n\t\t\t\tMaxVcpus: pulumi.Int(4),\n\t\t\t\tMinVcpus: pulumi.Int(0),\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSecurityGroup.Id,\n\t\t\t\t},\n\t\t\t\tSubnets: pulumi.StringArray{\n\t\t\t\t\tsampleAwsSubnet.Id,\n\t\t\t\t},\n\t\t\t\tType: pulumi.String(\"EC2\"),\n\t\t\t},\n\t\t\tUpdatePolicy: \u0026batch.ComputeEnvironmentUpdatePolicyArgs{\n\t\t\t\tJobExecutionTimeoutMinutes: pulumi.Int(30),\n\t\t\t\tTerminateJobsOnUpdate: pulumi.Bool(false),\n\t\t\t},\n\t\t\tType: pulumi.String(\"MANAGED\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.batch.ComputeEnvironment;\nimport com.pulumi.aws.batch.ComputeEnvironmentArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs;\nimport com.pulumi.aws.batch.inputs.ComputeEnvironmentUpdatePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var sample = new ComputeEnvironment(\"sample\", ComputeEnvironmentArgs.builder() \n .computeEnvironmentName(\"sample\")\n .computeResources(ComputeEnvironmentComputeResourcesArgs.builder()\n .allocationStrategy(\"BEST_FIT_PROGRESSIVE\")\n .instanceRole(ecsInstance.arn())\n .instanceTypes(\"optimal\")\n .maxVcpus(4)\n .minVcpus(0)\n .securityGroupIds(sampleAwsSecurityGroup.id())\n .subnets(sampleAwsSubnet.id())\n .type(\"EC2\")\n .build())\n .updatePolicy(ComputeEnvironmentUpdatePolicyArgs.builder()\n .jobExecutionTimeoutMinutes(30)\n .terminateJobsOnUpdate(false)\n .build())\n .type(\"MANAGED\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n sample:\n type: aws:batch:ComputeEnvironment\n properties:\n computeEnvironmentName: sample\n computeResources:\n allocationStrategy: BEST_FIT_PROGRESSIVE\n instanceRole: ${ecsInstance.arn}\n instanceTypes:\n - optimal\n maxVcpus: 4\n minVcpus: 0\n securityGroupIds:\n - ${sampleAwsSecurityGroup.id}\n subnets:\n - ${sampleAwsSubnet.id}\n type: EC2\n updatePolicy:\n jobExecutionTimeoutMinutes: 30\n terminateJobsOnUpdate: false\n type: MANAGED\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS Batch compute using the `compute_environment_name`. For example:\n\n```sh\n$ pulumi import aws:batch/computeEnvironment:ComputeEnvironment sample sample\n```\n", "properties": { "arn": { "type": "string", @@ -175805,7 +175805,7 @@ } }, "aws:bedrockmodel/invocationLoggingConfiguration:InvocationLoggingConfiguration": { - "description": "Manages Bedrock model invocation logging configuration.\n\n\u003e Model invocation logging is configured per AWS region. To avoid overwriting settings, this resource should not be defined in multiple configurations.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.bedrockmodel.InvocationLoggingConfiguration;\nimport com.pulumi.aws.bedrockmodel.InvocationLoggingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder() \n .bucket(example.bucket())\n .policy(example.arn().applyValue(arn -\u003e \"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"bedrock.amazonaws.com\"\n },\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"%s/*\"\n ],\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": \"%s\"\n },\n \"ArnLike\": {\n \"aws:SourceArn\": \"arn:aws:bedrock:us-east-1:%s:*\"\n }\n }\n }\n ]\n}\n\", arn,current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))))\n .build());\n\n var exampleInvocationLoggingConfiguration = new InvocationLoggingConfiguration(\"exampleInvocationLoggingConfiguration\", InvocationLoggingConfigurationArgs.builder() \n .loggingConfig(InvocationLoggingConfigurationLoggingConfigArgs.builder()\n .embeddingDataDeliveryEnabled(true)\n .imageDataDeliveryEnabled(true)\n .textDataDeliveryEnabled(true)\n .s3Config(InvocationLoggingConfigurationLoggingConfigS3ConfigArgs.builder()\n .bucketName(example.id())\n .keyPrefix(\"bedrock\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${example.bucket}\n policy: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"bedrock.amazonaws.com\"\n },\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"${example.arn}/*\"\n ],\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": \"${current.accountId}\"\n },\n \"ArnLike\": {\n \"aws:SourceArn\": \"arn:aws:bedrock:us-east-1:${current.accountId}:*\"\n }\n }\n }\n ]\n }\n exampleInvocationLoggingConfiguration:\n type: aws:bedrockmodel:InvocationLoggingConfiguration\n name: example\n properties:\n loggingConfig:\n - embeddingDataDeliveryEnabled: true\n imageDataDeliveryEnabled: true\n textDataDeliveryEnabled: true\n s3Config:\n - bucketName: ${example.id}\n keyPrefix: bedrock\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Bedrock custom model using the `id` set to the AWS Region. For example:\n\n```sh\n$ pulumi import aws:bedrockmodel/invocationLoggingConfiguration:InvocationLoggingConfiguration my_config us-east-1\n```\n", + "description": "Manages Bedrock model invocation logging configuration.\n\n\u003e Model invocation logging is configured per AWS region. To avoid overwriting settings, this resource should not be defined in multiple configurations.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.bedrockmodel.InvocationLoggingConfiguration;\nimport com.pulumi.aws.bedrockmodel.InvocationLoggingConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder() \n .bucket(example.bucket())\n .policy(example.arn().applyValue(arn -\u003e \"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"bedrock.amazonaws.com\"\n },\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"%s/*\"\n ],\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": \"%s\"\n },\n \"ArnLike\": {\n \"aws:SourceArn\": \"arn:aws:bedrock:us-east-1:%s:*\"\n }\n }\n }\n ]\n}\n\", arn,current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))))\n .build());\n\n var exampleInvocationLoggingConfiguration = new InvocationLoggingConfiguration(\"exampleInvocationLoggingConfiguration\", InvocationLoggingConfigurationArgs.builder() \n .loggingConfig(InvocationLoggingConfigurationLoggingConfigArgs.builder()\n .embeddingDataDeliveryEnabled(true)\n .imageDataDeliveryEnabled(true)\n .textDataDeliveryEnabled(true)\n .s3Config(InvocationLoggingConfigurationLoggingConfigS3ConfigArgs.builder()\n .bucketName(example.id())\n .keyPrefix(\"bedrock\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketPolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${example.bucket}\n policy: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"bedrock.amazonaws.com\"\n },\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"${example.arn}/*\"\n ],\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": \"${current.accountId}\"\n },\n \"ArnLike\": {\n \"aws:SourceArn\": \"arn:aws:bedrock:us-east-1:${current.accountId}:*\"\n }\n }\n }\n ]\n }\n exampleInvocationLoggingConfiguration:\n type: aws:bedrockmodel:InvocationLoggingConfiguration\n name: example\n properties:\n loggingConfig:\n - embeddingDataDeliveryEnabled: true\n imageDataDeliveryEnabled: true\n textDataDeliveryEnabled: true\n s3Config:\n - bucketName: ${example.id}\n keyPrefix: bedrock\n options:\n dependson:\n - ${exampleBucketPolicy}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Bedrock custom model using the `id` set to the AWS Region. For example:\n\n```sh\n$ pulumi import aws:bedrockmodel/invocationLoggingConfiguration:InvocationLoggingConfiguration my_config us-east-1\n```\n", "properties": { "loggingConfig": { "$ref": "#/types/aws:bedrockmodel/InvocationLoggingConfigurationLoggingConfig:InvocationLoggingConfigurationLoggingConfig", @@ -176349,7 +176349,7 @@ } }, "aws:cfg/configurationAggregator:ConfigurationAggregator": { - "description": "Manages an AWS Config Configuration Aggregator\n\n## Example Usage\n\n### Account Based Aggregation\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst account = new aws.cfg.ConfigurationAggregator(\"account\", {\n name: \"example\",\n accountAggregationSource: {\n accountIds: [\"123456789012\"],\n regions: [\"us-west-2\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccount = aws.cfg.ConfigurationAggregator(\"account\",\n name=\"example\",\n account_aggregation_source=aws.cfg.ConfigurationAggregatorAccountAggregationSourceArgs(\n account_ids=[\"123456789012\"],\n regions=[\"us-west-2\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var account = new Aws.Cfg.ConfigurationAggregator(\"account\", new()\n {\n Name = \"example\",\n AccountAggregationSource = new Aws.Cfg.Inputs.ConfigurationAggregatorAccountAggregationSourceArgs\n {\n AccountIds = new[]\n {\n \"123456789012\",\n },\n Regions = new[]\n {\n \"us-west-2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewConfigurationAggregator(ctx, \"account\", \u0026cfg.ConfigurationAggregatorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAccountAggregationSource: \u0026cfg.ConfigurationAggregatorAccountAggregationSourceArgs{\n\t\t\t\tAccountIds: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t\t},\n\t\t\t\tRegions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.ConfigurationAggregator;\nimport com.pulumi.aws.cfg.ConfigurationAggregatorArgs;\nimport com.pulumi.aws.cfg.inputs.ConfigurationAggregatorAccountAggregationSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var account = new ConfigurationAggregator(\"account\", ConfigurationAggregatorArgs.builder() \n .name(\"example\")\n .accountAggregationSource(ConfigurationAggregatorAccountAggregationSourceArgs.builder()\n .accountIds(\"123456789012\")\n .regions(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n account:\n type: aws:cfg:ConfigurationAggregator\n properties:\n name: example\n accountAggregationSource:\n accountIds:\n - '123456789012'\n regions:\n - us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Based Aggregation\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst organizationRole = new aws.iam.Role(\"organization\", {\n name: \"example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst organization = new aws.cfg.ConfigurationAggregator(\"organization\", {\n name: \"example\",\n organizationAggregationSource: {\n allRegions: true,\n roleArn: organizationRole.arn,\n },\n});\nconst organizationRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"organization\", {\n role: organizationRole.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"config.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\norganization_role = aws.iam.Role(\"organization\",\n name=\"example\",\n assume_role_policy=assume_role.json)\norganization = aws.cfg.ConfigurationAggregator(\"organization\",\n name=\"example\",\n organization_aggregation_source=aws.cfg.ConfigurationAggregatorOrganizationAggregationSourceArgs(\n all_regions=True,\n role_arn=organization_role.arn,\n ))\norganization_role_policy_attachment = aws.iam.RolePolicyAttachment(\"organization\",\n role=organization_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var organizationRole = new Aws.Iam.Role(\"organization\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var organization = new Aws.Cfg.ConfigurationAggregator(\"organization\", new()\n {\n Name = \"example\",\n OrganizationAggregationSource = new Aws.Cfg.Inputs.ConfigurationAggregatorOrganizationAggregationSourceArgs\n {\n AllRegions = true,\n RoleArn = organizationRole.Arn,\n },\n });\n\n var organizationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"organization\", new()\n {\n Role = organizationRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\torganizationRole, err := iam.NewRole(ctx, \"organization\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewConfigurationAggregator(ctx, \"organization\", \u0026cfg.ConfigurationAggregatorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tOrganizationAggregationSource: \u0026cfg.ConfigurationAggregatorOrganizationAggregationSourceArgs{\n\t\t\t\tAllRegions: pulumi.Bool(true),\n\t\t\t\tRoleArn: organizationRole.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"organization\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: organizationRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.ConfigurationAggregator;\nimport com.pulumi.aws.cfg.ConfigurationAggregatorArgs;\nimport com.pulumi.aws.cfg.inputs.ConfigurationAggregatorOrganizationAggregationSourceArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var organizationRole = new Role(\"organizationRole\", RoleArgs.builder() \n .name(\"example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var organization = new ConfigurationAggregator(\"organization\", ConfigurationAggregatorArgs.builder() \n .name(\"example\")\n .organizationAggregationSource(ConfigurationAggregatorOrganizationAggregationSourceArgs.builder()\n .allRegions(true)\n .roleArn(organizationRole.arn())\n .build())\n .build());\n\n var organizationRolePolicyAttachment = new RolePolicyAttachment(\"organizationRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(organizationRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n organization:\n type: aws:cfg:ConfigurationAggregator\n properties:\n name: example\n organizationAggregationSource:\n allRegions: true\n roleArn: ${organizationRole.arn}\n organizationRole:\n type: aws:iam:Role\n name: organization\n properties:\n name: example\n assumeRolePolicy: ${assumeRole.json}\n organizationRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: organization\n properties:\n role: ${organizationRole.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Configuration Aggregators using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/configurationAggregator:ConfigurationAggregator example foo\n```\n", + "description": "Manages an AWS Config Configuration Aggregator\n\n## Example Usage\n\n### Account Based Aggregation\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst account = new aws.cfg.ConfigurationAggregator(\"account\", {\n name: \"example\",\n accountAggregationSource: {\n accountIds: [\"123456789012\"],\n regions: [\"us-west-2\"],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccount = aws.cfg.ConfigurationAggregator(\"account\",\n name=\"example\",\n account_aggregation_source=aws.cfg.ConfigurationAggregatorAccountAggregationSourceArgs(\n account_ids=[\"123456789012\"],\n regions=[\"us-west-2\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var account = new Aws.Cfg.ConfigurationAggregator(\"account\", new()\n {\n Name = \"example\",\n AccountAggregationSource = new Aws.Cfg.Inputs.ConfigurationAggregatorAccountAggregationSourceArgs\n {\n AccountIds = new[]\n {\n \"123456789012\",\n },\n Regions = new[]\n {\n \"us-west-2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewConfigurationAggregator(ctx, \"account\", \u0026cfg.ConfigurationAggregatorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAccountAggregationSource: \u0026cfg.ConfigurationAggregatorAccountAggregationSourceArgs{\n\t\t\t\tAccountIds: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"123456789012\"),\n\t\t\t\t},\n\t\t\t\tRegions: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.ConfigurationAggregator;\nimport com.pulumi.aws.cfg.ConfigurationAggregatorArgs;\nimport com.pulumi.aws.cfg.inputs.ConfigurationAggregatorAccountAggregationSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var account = new ConfigurationAggregator(\"account\", ConfigurationAggregatorArgs.builder() \n .name(\"example\")\n .accountAggregationSource(ConfigurationAggregatorAccountAggregationSourceArgs.builder()\n .accountIds(\"123456789012\")\n .regions(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n account:\n type: aws:cfg:ConfigurationAggregator\n properties:\n name: example\n accountAggregationSource:\n accountIds:\n - '123456789012'\n regions:\n - us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Organization Based Aggregation\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst organizationRole = new aws.iam.Role(\"organization\", {\n name: \"example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst organizationRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"organization\", {\n role: organizationRole.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\",\n});\nconst organization = new aws.cfg.ConfigurationAggregator(\"organization\", {\n name: \"example\",\n organizationAggregationSource: {\n allRegions: true,\n roleArn: organizationRole.arn,\n },\n}, {\n dependsOn: [organizationRolePolicyAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"config.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\norganization_role = aws.iam.Role(\"organization\",\n name=\"example\",\n assume_role_policy=assume_role.json)\norganization_role_policy_attachment = aws.iam.RolePolicyAttachment(\"organization\",\n role=organization_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\")\norganization = aws.cfg.ConfigurationAggregator(\"organization\",\n name=\"example\",\n organization_aggregation_source=aws.cfg.ConfigurationAggregatorOrganizationAggregationSourceArgs(\n all_regions=True,\n role_arn=organization_role.arn,\n ),\n opts=pulumi.ResourceOptions(depends_on=[organization_role_policy_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var organizationRole = new Aws.Iam.Role(\"organization\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var organizationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"organization\", new()\n {\n Role = organizationRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\",\n });\n\n var organization = new Aws.Cfg.ConfigurationAggregator(\"organization\", new()\n {\n Name = \"example\",\n OrganizationAggregationSource = new Aws.Cfg.Inputs.ConfigurationAggregatorOrganizationAggregationSourceArgs\n {\n AllRegions = true,\n RoleArn = organizationRole.Arn,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n organizationRolePolicyAttachment, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\torganizationRole, err := iam.NewRole(ctx, \"organization\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\torganizationRolePolicyAttachment, err := iam.NewRolePolicyAttachment(ctx, \"organization\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: organizationRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewConfigurationAggregator(ctx, \"organization\", \u0026cfg.ConfigurationAggregatorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tOrganizationAggregationSource: \u0026cfg.ConfigurationAggregatorOrganizationAggregationSourceArgs{\n\t\t\t\tAllRegions: pulumi.Bool(true),\n\t\t\t\tRoleArn: organizationRole.Arn,\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\torganizationRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.cfg.ConfigurationAggregator;\nimport com.pulumi.aws.cfg.ConfigurationAggregatorArgs;\nimport com.pulumi.aws.cfg.inputs.ConfigurationAggregatorOrganizationAggregationSourceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var organizationRole = new Role(\"organizationRole\", RoleArgs.builder() \n .name(\"example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var organizationRolePolicyAttachment = new RolePolicyAttachment(\"organizationRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(organizationRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\")\n .build());\n\n var organization = new ConfigurationAggregator(\"organization\", ConfigurationAggregatorArgs.builder() \n .name(\"example\")\n .organizationAggregationSource(ConfigurationAggregatorOrganizationAggregationSourceArgs.builder()\n .allRegions(true)\n .roleArn(organizationRole.arn())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(organizationRolePolicyAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n organization:\n type: aws:cfg:ConfigurationAggregator\n properties:\n name: example\n organizationAggregationSource:\n allRegions: true\n roleArn: ${organizationRole.arn}\n options:\n dependson:\n - ${organizationRolePolicyAttachment}\n organizationRole:\n type: aws:iam:Role\n name: organization\n properties:\n name: example\n assumeRolePolicy: ${assumeRole.json}\n organizationRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: organization\n properties:\n role: ${organizationRole.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Configuration Aggregators using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/configurationAggregator:ConfigurationAggregator example foo\n```\n", "properties": { "accountAggregationSource": { "$ref": "#/types/aws:cfg/ConfigurationAggregatorAccountAggregationSource:ConfigurationAggregatorAccountAggregationSource", @@ -176450,7 +176450,7 @@ } }, "aws:cfg/conformancePack:ConformancePack": { - "description": "Manages a Config Conformance Pack. More information about this collection of Config rules and remediation actions can be found in the\n[Conformance Packs](https://docs.aws.amazon.com/config/latest/developerguide/conformance-packs.html) documentation.\nSample Conformance Pack templates may be found in the\n[AWS Config Rules Repository](https://github.com/awslabs/aws-config-rules/tree/master/aws-config-conformance-packs).\n\n\u003e **NOTE:** The account must have a Configuration Recorder with proper IAM permissions before the Conformance Pack will\nsuccessfully create or update. See also the\n`aws.cfg.Recorder` resource.\n\n## Example Usage\n\n### Template Body\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.ConformancePack(\"example\", {\n name: \"example\",\n inputParameters: [{\n parameterName: \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n parameterValue: \"90\",\n }],\n templateBody: `Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.ConformancePack(\"example\",\n name=\"example\",\n input_parameters=[aws.cfg.ConformancePackInputParameterArgs(\n parameter_name=\"AccessKeysRotatedParameterMaxAccessKeyAge\",\n parameter_value=\"90\",\n )],\n template_body=\"\"\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.ConformancePack(\"example\", new()\n {\n Name = \"example\",\n InputParameters = new[]\n {\n new Aws.Cfg.Inputs.ConformancePackInputParameterArgs\n {\n ParameterName = \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n ParameterValue = \"90\",\n },\n },\n TemplateBody = @\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewConformancePack(ctx, \"example\", \u0026cfg.ConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tInputParameters: cfg.ConformancePackInputParameterArray{\n\t\t\t\t\u0026cfg.ConformancePackInputParameterArgs{\n\t\t\t\t\tParameterName: pulumi.String(\"AccessKeysRotatedParameterMaxAccessKeyAge\"),\n\t\t\t\t\tParameterValue: pulumi.String(\"90\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(`Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.ConformancePack;\nimport com.pulumi.aws.cfg.ConformancePackArgs;\nimport com.pulumi.aws.cfg.inputs.ConformancePackInputParameterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConformancePack(\"example\", ConformancePackArgs.builder() \n .name(\"example\")\n .inputParameters(ConformancePackInputParameterArgs.builder()\n .parameterName(\"AccessKeysRotatedParameterMaxAccessKeyAge\")\n .parameterValue(\"90\")\n .build())\n .templateBody(\"\"\"\nParameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:ConformancePack\n properties:\n name: example\n inputParameters:\n - parameterName: AccessKeysRotatedParameterMaxAccessKeyAge\n parameterValue: '90'\n templateBody: |\n Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Template S3 URI\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n bucket: exampleBucketV2.id,\n key: \"example-key\",\n content: `Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n});\nconst example = new aws.cfg.ConformancePack(\"example\", {\n name: \"example\",\n templateS3Uri: pulumi.interpolate`s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n bucket=example_bucket_v2.id,\n key=\"example-key\",\n content=\"\"\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\")\nexample = aws.cfg.ConformancePack(\"example\",\n name=\"example\",\n template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f\"s3://{bucket}/{key}\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Key = \"example-key\",\n Content = @\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n });\n\n var example = new Aws.Cfg.ConformancePack(\"example\", new()\n {\n Name = \"example\",\n TemplateS3Uri = Output.Tuple(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).Apply(values =\u003e\n {\n var bucket = values.Item1;\n var key = values.Item2;\n return $\"s3://{bucket}/{key}\";\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketObjectv2, err := s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tKey: pulumi.String(\"example-key\"),\n\t\t\tContent: pulumi.String(`Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewConformancePack(ctx, \"example\", \u0026cfg.ConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTemplateS3Uri: pulumi.All(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucket := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", bucket, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.cfg.ConformancePack;\nimport com.pulumi.aws.cfg.ConformancePackArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder() \n .bucket(exampleBucketV2.id())\n .key(\"example-key\")\n .content(\"\"\"\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build());\n\n var example = new ConformancePack(\"example\", ConformancePackArgs.builder() \n .name(\"example\")\n .templateS3Uri(Output.tuple(exampleBucketV2.bucket(), exampleBucketObjectv2.key()).applyValue(values -\u003e {\n var bucket = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", bucket,key);\n }))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:ConformancePack\n properties:\n name: example\n templateS3Uri: s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n key: example-key\n content: |\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Conformance Packs using the `name`. For example:\n\n```sh\n$ pulumi import aws:cfg/conformancePack:ConformancePack example example\n```\n", + "description": "Manages a Config Conformance Pack. More information about this collection of Config rules and remediation actions can be found in the\n[Conformance Packs](https://docs.aws.amazon.com/config/latest/developerguide/conformance-packs.html) documentation.\nSample Conformance Pack templates may be found in the\n[AWS Config Rules Repository](https://github.com/awslabs/aws-config-rules/tree/master/aws-config-conformance-packs).\n\n\u003e **NOTE:** The account must have a Configuration Recorder with proper IAM permissions before the Conformance Pack will\nsuccessfully create or update. See also the\n`aws.cfg.Recorder` resource.\n\n## Example Usage\n\n### Template Body\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.ConformancePack(\"example\", {\n name: \"example\",\n inputParameters: [{\n parameterName: \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n parameterValue: \"90\",\n }],\n templateBody: `Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n}, {\n dependsOn: [exampleAwsConfigConfigurationRecorder],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.ConformancePack(\"example\",\n name=\"example\",\n input_parameters=[aws.cfg.ConformancePackInputParameterArgs(\n parameter_name=\"AccessKeysRotatedParameterMaxAccessKeyAge\",\n parameter_value=\"90\",\n )],\n template_body=\"\"\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\",\n opts=pulumi.ResourceOptions(depends_on=[example_aws_config_configuration_recorder]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.ConformancePack(\"example\", new()\n {\n Name = \"example\",\n InputParameters = new[]\n {\n new Aws.Cfg.Inputs.ConformancePackInputParameterArgs\n {\n ParameterName = \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n ParameterValue = \"90\",\n },\n },\n TemplateBody = @\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsConfigConfigurationRecorder, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewConformancePack(ctx, \"example\", \u0026cfg.ConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tInputParameters: cfg.ConformancePackInputParameterArray{\n\t\t\t\t\u0026cfg.ConformancePackInputParameterArgs{\n\t\t\t\t\tParameterName: pulumi.String(\"AccessKeysRotatedParameterMaxAccessKeyAge\"),\n\t\t\t\t\tParameterValue: pulumi.String(\"90\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(`Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsConfigConfigurationRecorder,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.ConformancePack;\nimport com.pulumi.aws.cfg.ConformancePackArgs;\nimport com.pulumi.aws.cfg.inputs.ConformancePackInputParameterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ConformancePack(\"example\", ConformancePackArgs.builder() \n .name(\"example\")\n .inputParameters(ConformancePackInputParameterArgs.builder()\n .parameterName(\"AccessKeysRotatedParameterMaxAccessKeyAge\")\n .parameterValue(\"90\")\n .build())\n .templateBody(\"\"\"\nParameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsConfigConfigurationRecorder)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:ConformancePack\n properties:\n name: example\n inputParameters:\n - parameterName: AccessKeysRotatedParameterMaxAccessKeyAge\n parameterValue: '90'\n templateBody: |\n Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n options:\n dependson:\n - ${exampleAwsConfigConfigurationRecorder}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Template S3 URI\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n bucket: exampleBucketV2.id,\n key: \"example-key\",\n content: `Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n});\nconst example = new aws.cfg.ConformancePack(\"example\", {\n name: \"example\",\n templateS3Uri: pulumi.interpolate`s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}`,\n}, {\n dependsOn: [exampleAwsConfigConfigurationRecorder],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n bucket=example_bucket_v2.id,\n key=\"example-key\",\n content=\"\"\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\")\nexample = aws.cfg.ConformancePack(\"example\",\n name=\"example\",\n template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f\"s3://{bucket}/{key}\"),\n opts=pulumi.ResourceOptions(depends_on=[example_aws_config_configuration_recorder]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Key = \"example-key\",\n Content = @\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n });\n\n var example = new Aws.Cfg.ConformancePack(\"example\", new()\n {\n Name = \"example\",\n TemplateS3Uri = Output.Tuple(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).Apply(values =\u003e\n {\n var bucket = values.Item1;\n var key = values.Item2;\n return $\"s3://{bucket}/{key}\";\n }),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsConfigConfigurationRecorder, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketObjectv2, err := s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tKey: pulumi.String(\"example-key\"),\n\t\t\tContent: pulumi.String(`Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewConformancePack(ctx, \"example\", \u0026cfg.ConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTemplateS3Uri: pulumi.All(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucket := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", bucket, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsConfigConfigurationRecorder,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.cfg.ConformancePack;\nimport com.pulumi.aws.cfg.ConformancePackArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder() \n .bucket(exampleBucketV2.id())\n .key(\"example-key\")\n .content(\"\"\"\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build());\n\n var example = new ConformancePack(\"example\", ConformancePackArgs.builder() \n .name(\"example\")\n .templateS3Uri(Output.tuple(exampleBucketV2.bucket(), exampleBucketObjectv2.key()).applyValue(values -\u003e {\n var bucket = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", bucket,key);\n }))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsConfigConfigurationRecorder)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:ConformancePack\n properties:\n name: example\n templateS3Uri: s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}\n options:\n dependson:\n - ${exampleAwsConfigConfigurationRecorder}\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n key: example-key\n content: |\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Conformance Packs using the `name`. For example:\n\n```sh\n$ pulumi import aws:cfg/conformancePack:ConformancePack example example\n```\n", "properties": { "arn": { "type": "string", @@ -176558,7 +176558,7 @@ } }, "aws:cfg/deliveryChannel:DeliveryChannel": { - "description": "Provides an AWS Config Delivery Channel.\n\n\u003e **Note:** Delivery Channel requires a Configuration Recorder to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst b = new aws.s3.BucketV2(\"b\", {\n bucket: \"example-awsconfig\",\n forceDestroy: true,\n});\nconst foo = new aws.cfg.DeliveryChannel(\"foo\", {\n name: \"example\",\n s3BucketName: b.bucket,\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst r = new aws.iam.Role(\"r\", {\n name: \"awsconfig-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst fooRecorder = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: r.arn,\n});\nconst p = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\"s3:*\"],\n resources: [\n b.arn,\n pulumi.interpolate`${b.arn}/*`,\n ],\n }],\n});\nconst pRolePolicy = new aws.iam.RolePolicy(\"p\", {\n name: \"awsconfig-example\",\n role: r.id,\n policy: p.apply(p =\u003e p.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nb = aws.s3.BucketV2(\"b\",\n bucket=\"example-awsconfig\",\n force_destroy=True)\nfoo = aws.cfg.DeliveryChannel(\"foo\",\n name=\"example\",\n s3_bucket_name=b.bucket)\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"config.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nr = aws.iam.Role(\"r\",\n name=\"awsconfig-example\",\n assume_role_policy=assume_role.json)\nfoo_recorder = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r.arn)\np = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\"s3:*\"],\n resources=[\n b.arn,\n b.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n)])\np_role_policy = aws.iam.RolePolicy(\"p\",\n name=\"awsconfig-example\",\n role=r.id,\n policy=p.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var b = new Aws.S3.BucketV2(\"b\", new()\n {\n Bucket = \"example-awsconfig\",\n ForceDestroy = true,\n });\n\n var foo = new Aws.Cfg.DeliveryChannel(\"foo\", new()\n {\n Name = \"example\",\n S3BucketName = b.Bucket,\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var r = new Aws.Iam.Role(\"r\", new()\n {\n Name = \"awsconfig-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var fooRecorder = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = r.Arn,\n });\n\n var p = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n b.Arn,\n $\"{b.Arn}/*\",\n },\n },\n },\n });\n\n var pRolePolicy = new Aws.Iam.RolePolicy(\"p\", new()\n {\n Name = \"awsconfig-example\",\n Role = r.Id,\n Policy = p.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tb, err := s3.NewBucketV2(ctx, \"b\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-awsconfig\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewDeliveryChannel(ctx, \"foo\", \u0026cfg.DeliveryChannelArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tS3BucketName: b.Bucket,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tr, err := iam.NewRole(ctx, \"r\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"awsconfig-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: r.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tp := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tb.Arn,\n\t\t\t\t\t\tb.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"p\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"awsconfig-example\"),\n\t\t\tRole: r.ID(),\n\t\t\tPolicy: p.ApplyT(func(p iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026p.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.cfg.DeliveryChannel;\nimport com.pulumi.aws.cfg.DeliveryChannelArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var b = new BucketV2(\"b\", BucketV2Args.builder() \n .bucket(\"example-awsconfig\")\n .forceDestroy(true)\n .build());\n\n var foo = new DeliveryChannel(\"foo\", DeliveryChannelArgs.builder() \n .name(\"example\")\n .s3BucketName(b.bucket())\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var r = new Role(\"r\", RoleArgs.builder() \n .name(\"awsconfig-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var fooRecorder = new Recorder(\"fooRecorder\", RecorderArgs.builder() \n .name(\"example\")\n .roleArn(r.arn())\n .build());\n\n final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"s3:*\")\n .resources( \n b.arn(),\n b.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var pRolePolicy = new RolePolicy(\"pRolePolicy\", RolePolicyArgs.builder() \n .name(\"awsconfig-example\")\n .role(r.id())\n .policy(p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(p -\u003e p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:cfg:DeliveryChannel\n properties:\n name: example\n s3BucketName: ${b.bucket}\n b:\n type: aws:s3:BucketV2\n properties:\n bucket: example-awsconfig\n forceDestroy: true\n fooRecorder:\n type: aws:cfg:Recorder\n name: foo\n properties:\n name: example\n roleArn: ${r.arn}\n r:\n type: aws:iam:Role\n properties:\n name: awsconfig-example\n assumeRolePolicy: ${assumeRole.json}\n pRolePolicy:\n type: aws:iam:RolePolicy\n name: p\n properties:\n name: awsconfig-example\n role: ${r.id}\n policy: ${p.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n p:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:*\n resources:\n - ${b.arn}\n - ${b.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Delivery Channel using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/deliveryChannel:DeliveryChannel foo example\n```\n", + "description": "Provides an AWS Config Delivery Channel.\n\n\u003e **Note:** Delivery Channel requires a Configuration Recorder to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst b = new aws.s3.BucketV2(\"b\", {\n bucket: \"example-awsconfig\",\n forceDestroy: true,\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst r = new aws.iam.Role(\"r\", {\n name: \"awsconfig-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst fooRecorder = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: r.arn,\n});\nconst foo = new aws.cfg.DeliveryChannel(\"foo\", {\n name: \"example\",\n s3BucketName: b.bucket,\n}, {\n dependsOn: [fooRecorder],\n});\nconst p = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\"s3:*\"],\n resources: [\n b.arn,\n pulumi.interpolate`${b.arn}/*`,\n ],\n }],\n});\nconst pRolePolicy = new aws.iam.RolePolicy(\"p\", {\n name: \"awsconfig-example\",\n role: r.id,\n policy: p.apply(p =\u003e p.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nb = aws.s3.BucketV2(\"b\",\n bucket=\"example-awsconfig\",\n force_destroy=True)\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"config.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nr = aws.iam.Role(\"r\",\n name=\"awsconfig-example\",\n assume_role_policy=assume_role.json)\nfoo_recorder = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r.arn)\nfoo = aws.cfg.DeliveryChannel(\"foo\",\n name=\"example\",\n s3_bucket_name=b.bucket,\n opts=pulumi.ResourceOptions(depends_on=[foo_recorder]))\np = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\"s3:*\"],\n resources=[\n b.arn,\n b.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n)])\np_role_policy = aws.iam.RolePolicy(\"p\",\n name=\"awsconfig-example\",\n role=r.id,\n policy=p.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var b = new Aws.S3.BucketV2(\"b\", new()\n {\n Bucket = \"example-awsconfig\",\n ForceDestroy = true,\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var r = new Aws.Iam.Role(\"r\", new()\n {\n Name = \"awsconfig-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var fooRecorder = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = r.Arn,\n });\n\n var foo = new Aws.Cfg.DeliveryChannel(\"foo\", new()\n {\n Name = \"example\",\n S3BucketName = b.Bucket,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n fooRecorder, \n },\n });\n\n var p = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n b.Arn,\n $\"{b.Arn}/*\",\n },\n },\n },\n });\n\n var pRolePolicy = new Aws.Iam.RolePolicy(\"p\", new()\n {\n Name = \"awsconfig-example\",\n Role = r.Id,\n Policy = p.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tb, err := s3.NewBucketV2(ctx, \"b\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-awsconfig\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tr, err := iam.NewRole(ctx, \"r\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"awsconfig-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooRecorder, err := cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: r.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewDeliveryChannel(ctx, \"foo\", \u0026cfg.DeliveryChannelArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tS3BucketName: b.Bucket,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfooRecorder,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tp := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tb.Arn,\n\t\t\t\t\t\tb.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"p\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"awsconfig-example\"),\n\t\t\tRole: r.ID(),\n\t\t\tPolicy: p.ApplyT(func(p iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026p.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.cfg.DeliveryChannel;\nimport com.pulumi.aws.cfg.DeliveryChannelArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var b = new BucketV2(\"b\", BucketV2Args.builder() \n .bucket(\"example-awsconfig\")\n .forceDestroy(true)\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var r = new Role(\"r\", RoleArgs.builder() \n .name(\"awsconfig-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var fooRecorder = new Recorder(\"fooRecorder\", RecorderArgs.builder() \n .name(\"example\")\n .roleArn(r.arn())\n .build());\n\n var foo = new DeliveryChannel(\"foo\", DeliveryChannelArgs.builder() \n .name(\"example\")\n .s3BucketName(b.bucket())\n .build(), CustomResourceOptions.builder()\n .dependsOn(fooRecorder)\n .build());\n\n final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"s3:*\")\n .resources( \n b.arn(),\n b.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var pRolePolicy = new RolePolicy(\"pRolePolicy\", RolePolicyArgs.builder() \n .name(\"awsconfig-example\")\n .role(r.id())\n .policy(p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(p -\u003e p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:cfg:DeliveryChannel\n properties:\n name: example\n s3BucketName: ${b.bucket}\n options:\n dependson:\n - ${fooRecorder}\n b:\n type: aws:s3:BucketV2\n properties:\n bucket: example-awsconfig\n forceDestroy: true\n fooRecorder:\n type: aws:cfg:Recorder\n name: foo\n properties:\n name: example\n roleArn: ${r.arn}\n r:\n type: aws:iam:Role\n properties:\n name: awsconfig-example\n assumeRolePolicy: ${assumeRole.json}\n pRolePolicy:\n type: aws:iam:RolePolicy\n name: p\n properties:\n name: awsconfig-example\n role: ${r.id}\n policy: ${p.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n p:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:*\n resources:\n - ${b.arn}\n - ${b.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Delivery Channel using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/deliveryChannel:DeliveryChannel foo example\n```\n", "properties": { "name": { "type": "string", @@ -176652,7 +176652,7 @@ } }, "aws:cfg/organizationConformancePack:OrganizationConformancePack": { - "description": "Manages a Config Organization Conformance Pack. More information can be found in the [Managing Conformance Packs Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/conformance-pack-organization-apis.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. Example conformance pack templates may be found in the [AWS Config Rules Repository](https://github.com/awslabs/aws-config-rules/tree/master/aws-config-conformance-packs).\n\n\u003e **NOTE:** This resource must be created in the Organization master account or a delegated administrator account, and the Organization must have all features enabled. Every Organization account except those configured in the `excluded_accounts` argument must have a Configuration Recorder with proper IAM permissions before the Organization Conformance Pack will successfully create or update. See also the `aws.cfg.Recorder` resource.\n\n## Example Usage\n\n### Using Template Body\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.OrganizationConformancePack(\"example\", {\n name: \"example\",\n inputParameters: [{\n parameterName: \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n parameterValue: \"90\",\n }],\n templateBody: `Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n});\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.OrganizationConformancePack(\"example\",\n name=\"example\",\n input_parameters=[aws.cfg.OrganizationConformancePackInputParameterArgs(\n parameter_name=\"AccessKeysRotatedParameterMaxAccessKeyAge\",\n parameter_value=\"90\",\n )],\n template_body=\"\"\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\")\nexample_organization = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.OrganizationConformancePack(\"example\", new()\n {\n Name = \"example\",\n InputParameters = new[]\n {\n new Aws.Cfg.Inputs.OrganizationConformancePackInputParameterArgs\n {\n ParameterName = \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n ParameterValue = \"90\",\n },\n },\n TemplateBody = @\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n });\n\n var exampleOrganization = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewOrganizationConformancePack(ctx, \"example\", \u0026cfg.OrganizationConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tInputParameters: cfg.OrganizationConformancePackInputParameterArray{\n\t\t\t\t\u0026cfg.OrganizationConformancePackInputParameterArgs{\n\t\t\t\t\tParameterName: pulumi.String(\"AccessKeysRotatedParameterMaxAccessKeyAge\"),\n\t\t\t\t\tParameterValue: pulumi.String(\"90\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(`Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.OrganizationConformancePack;\nimport com.pulumi.aws.cfg.OrganizationConformancePackArgs;\nimport com.pulumi.aws.cfg.inputs.OrganizationConformancePackInputParameterArgs;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OrganizationConformancePack(\"example\", OrganizationConformancePackArgs.builder() \n .name(\"example\")\n .inputParameters(OrganizationConformancePackInputParameterArgs.builder()\n .parameterName(\"AccessKeysRotatedParameterMaxAccessKeyAge\")\n .parameterValue(\"90\")\n .build())\n .templateBody(\"\"\"\nParameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build());\n\n var exampleOrganization = new Organization(\"exampleOrganization\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:OrganizationConformancePack\n properties:\n name: example\n inputParameters:\n - parameterName: AccessKeysRotatedParameterMaxAccessKeyAge\n parameterValue: '90'\n templateBody: |\n Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n exampleOrganization:\n type: aws:organizations:Organization\n name: example\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using Template S3 URI\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n bucket: exampleBucketV2.id,\n key: \"example-key\",\n content: `Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n});\nconst example = new aws.cfg.OrganizationConformancePack(\"example\", {\n name: \"example\",\n templateS3Uri: pulumi.interpolate`s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}`,\n});\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n bucket=example_bucket_v2.id,\n key=\"example-key\",\n content=\"\"\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\")\nexample = aws.cfg.OrganizationConformancePack(\"example\",\n name=\"example\",\n template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f\"s3://{bucket}/{key}\"))\nexample_organization = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Key = \"example-key\",\n Content = @\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n });\n\n var example = new Aws.Cfg.OrganizationConformancePack(\"example\", new()\n {\n Name = \"example\",\n TemplateS3Uri = Output.Tuple(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).Apply(values =\u003e\n {\n var bucket = values.Item1;\n var key = values.Item2;\n return $\"s3://{bucket}/{key}\";\n }),\n });\n\n var exampleOrganization = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketObjectv2, err := s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tKey: pulumi.String(\"example-key\"),\n\t\t\tContent: pulumi.String(`Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationConformancePack(ctx, \"example\", \u0026cfg.OrganizationConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTemplateS3Uri: pulumi.All(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucket := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", bucket, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.cfg.OrganizationConformancePack;\nimport com.pulumi.aws.cfg.OrganizationConformancePackArgs;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder() \n .bucket(exampleBucketV2.id())\n .key(\"example-key\")\n .content(\"\"\"\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build());\n\n var example = new OrganizationConformancePack(\"example\", OrganizationConformancePackArgs.builder() \n .name(\"example\")\n .templateS3Uri(Output.tuple(exampleBucketV2.bucket(), exampleBucketObjectv2.key()).applyValue(values -\u003e {\n var bucket = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", bucket,key);\n }))\n .build());\n\n var exampleOrganization = new Organization(\"exampleOrganization\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:OrganizationConformancePack\n properties:\n name: example\n templateS3Uri: s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}\n exampleOrganization:\n type: aws:organizations:Organization\n name: example\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n key: example-key\n content: |\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Organization Conformance Packs using the `name`. For example:\n\n```sh\n$ pulumi import aws:cfg/organizationConformancePack:OrganizationConformancePack example example\n```\n", + "description": "Manages a Config Organization Conformance Pack. More information can be found in the [Managing Conformance Packs Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/conformance-pack-organization-apis.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. Example conformance pack templates may be found in the [AWS Config Rules Repository](https://github.com/awslabs/aws-config-rules/tree/master/aws-config-conformance-packs).\n\n\u003e **NOTE:** This resource must be created in the Organization master account or a delegated administrator account, and the Organization must have all features enabled. Every Organization account except those configured in the `excluded_accounts` argument must have a Configuration Recorder with proper IAM permissions before the Organization Conformance Pack will successfully create or update. See also the `aws.cfg.Recorder` resource.\n\n## Example Usage\n\n### Using Template Body\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst example = new aws.cfg.OrganizationConformancePack(\"example\", {\n name: \"example\",\n inputParameters: [{\n parameterName: \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n parameterValue: \"90\",\n }],\n templateBody: `Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n}, {\n dependsOn: [\n exampleAwsConfigConfigurationRecorder,\n exampleOrganization,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_organization = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample = aws.cfg.OrganizationConformancePack(\"example\",\n name=\"example\",\n input_parameters=[aws.cfg.OrganizationConformancePackInputParameterArgs(\n parameter_name=\"AccessKeysRotatedParameterMaxAccessKeyAge\",\n parameter_value=\"90\",\n )],\n template_body=\"\"\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\",\n opts=pulumi.ResourceOptions(depends_on=[\n example_aws_config_configuration_recorder,\n example_organization,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleOrganization = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var example = new Aws.Cfg.OrganizationConformancePack(\"example\", new()\n {\n Name = \"example\",\n InputParameters = new[]\n {\n new Aws.Cfg.Inputs.OrganizationConformancePackInputParameterArgs\n {\n ParameterName = \"AccessKeysRotatedParameterMaxAccessKeyAge\",\n ParameterValue = \"90\",\n },\n },\n TemplateBody = @\"Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsConfigConfigurationRecorder, \n exampleOrganization, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleOrganization, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationConformancePack(ctx, \"example\", \u0026cfg.OrganizationConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tInputParameters: cfg.OrganizationConformancePackInputParameterArray{\n\t\t\t\t\u0026cfg.OrganizationConformancePackInputParameterArgs{\n\t\t\t\t\tParameterName: pulumi.String(\"AccessKeysRotatedParameterMaxAccessKeyAge\"),\n\t\t\t\t\tParameterValue: pulumi.String(\"90\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(`Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsConfigConfigurationRecorder,\n\t\t\texampleOrganization,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.cfg.OrganizationConformancePack;\nimport com.pulumi.aws.cfg.OrganizationConformancePackArgs;\nimport com.pulumi.aws.cfg.inputs.OrganizationConformancePackInputParameterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleOrganization = new Organization(\"exampleOrganization\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var example = new OrganizationConformancePack(\"example\", OrganizationConformancePackArgs.builder() \n .name(\"example\")\n .inputParameters(OrganizationConformancePackInputParameterArgs.builder()\n .parameterName(\"AccessKeysRotatedParameterMaxAccessKeyAge\")\n .parameterValue(\"90\")\n .build())\n .templateBody(\"\"\"\nParameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n exampleAwsConfigConfigurationRecorder,\n exampleOrganization)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:OrganizationConformancePack\n properties:\n name: example\n inputParameters:\n - parameterName: AccessKeysRotatedParameterMaxAccessKeyAge\n parameterValue: '90'\n templateBody: |\n Parameters:\n AccessKeysRotatedParameterMaxAccessKeyAge:\n Type: String\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n options:\n dependson:\n - ${exampleAwsConfigConfigurationRecorder}\n - ${exampleOrganization}\n exampleOrganization:\n type: aws:organizations:Organization\n name: example\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using Template S3 URI\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n bucket: exampleBucketV2.id,\n key: \"example-key\",\n content: `Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`,\n});\nconst example = new aws.cfg.OrganizationConformancePack(\"example\", {\n name: \"example\",\n templateS3Uri: pulumi.interpolate`s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}`,\n}, {\n dependsOn: [\n exampleAwsConfigConfigurationRecorder,\n exampleOrganization,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_organization = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n bucket=example_bucket_v2.id,\n key=\"example-key\",\n content=\"\"\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\"\"\")\nexample = aws.cfg.OrganizationConformancePack(\"example\",\n name=\"example\",\n template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f\"s3://{bucket}/{key}\"),\n opts=pulumi.ResourceOptions(depends_on=[\n example_aws_config_configuration_recorder,\n example_organization,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleOrganization = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Key = \"example-key\",\n Content = @\"Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n\",\n });\n\n var example = new Aws.Cfg.OrganizationConformancePack(\"example\", new()\n {\n Name = \"example\",\n TemplateS3Uri = Output.Tuple(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).Apply(values =\u003e\n {\n var bucket = values.Item1;\n var key = values.Item2;\n return $\"s3://{bucket}/{key}\";\n }),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsConfigConfigurationRecorder, \n exampleOrganization, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleOrganization, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketObjectv2, err := s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tKey: pulumi.String(\"example-key\"),\n\t\t\tContent: pulumi.String(`Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationConformancePack(ctx, \"example\", \u0026cfg.OrganizationConformancePackArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTemplateS3Uri: pulumi.All(exampleBucketV2.Bucket, exampleBucketObjectv2.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tbucket := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", bucket, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsConfigConfigurationRecorder,\n\t\t\texampleOrganization,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.cfg.OrganizationConformancePack;\nimport com.pulumi.aws.cfg.OrganizationConformancePackArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleOrganization = new Organization(\"exampleOrganization\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder() \n .bucket(exampleBucketV2.id())\n .key(\"example-key\")\n .content(\"\"\"\nResources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n \"\"\")\n .build());\n\n var example = new OrganizationConformancePack(\"example\", OrganizationConformancePackArgs.builder() \n .name(\"example\")\n .templateS3Uri(Output.tuple(exampleBucketV2.bucket(), exampleBucketObjectv2.key()).applyValue(values -\u003e {\n var bucket = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", bucket,key);\n }))\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n exampleAwsConfigConfigurationRecorder,\n exampleOrganization)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:OrganizationConformancePack\n properties:\n name: example\n templateS3Uri: s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}\n options:\n dependson:\n - ${exampleAwsConfigConfigurationRecorder}\n - ${exampleOrganization}\n exampleOrganization:\n type: aws:organizations:Organization\n name: example\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n key: example-key\n content: |\n Resources:\n IAMPasswordPolicy:\n Properties:\n ConfigRuleName: IAMPasswordPolicy\n Source:\n Owner: AWS\n SourceIdentifier: IAM_PASSWORD_POLICY\n Type: AWS::Config::ConfigRule\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Organization Conformance Packs using the `name`. For example:\n\n```sh\n$ pulumi import aws:cfg/organizationConformancePack:OrganizationConformancePack example example\n```\n", "properties": { "arn": { "type": "string", @@ -177008,7 +177008,7 @@ } }, "aws:cfg/organizationCustomRule:OrganizationCustomRule": { - "description": "Manages a Config Organization Custom Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Managed Rules (those invoking an AWS managed rule), see the `aws_config_organization_managed__rule` resource.\n\n\u003e **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excluded_accounts` argument.\n\n\u003e **NOTE:** The proper Lambda permission to allow the AWS Config service invoke the Lambda Function must be in place before the rule will successfully create or update. See also the `aws.lambda.Permission` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.Permission(\"example\", {\n action: \"lambda:InvokeFunction\",\n \"function\": exampleAwsLambdaFunction.arn,\n principal: \"config.amazonaws.com\",\n statementId: \"AllowExecutionFromConfig\",\n});\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationCustomRule = new aws.cfg.OrganizationCustomRule(\"example\", {\n lambdaFunctionArn: exampleAwsLambdaFunction.arn,\n name: \"example\",\n triggerTypes: [\"ConfigurationItemChangeNotification\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.Permission(\"example\",\n action=\"lambda:InvokeFunction\",\n function=example_aws_lambda_function[\"arn\"],\n principal=\"config.amazonaws.com\",\n statement_id=\"AllowExecutionFromConfig\")\nexample_organization = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_custom_rule = aws.cfg.OrganizationCustomRule(\"example\",\n lambda_function_arn=example_aws_lambda_function[\"arn\"],\n name=\"example\",\n trigger_types=[\"ConfigurationItemChangeNotification\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.Permission(\"example\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = exampleAwsLambdaFunction.Arn,\n Principal = \"config.amazonaws.com\",\n StatementId = \"AllowExecutionFromConfig\",\n });\n\n var exampleOrganization = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationCustomRule = new Aws.Cfg.OrganizationCustomRule(\"example\", new()\n {\n LambdaFunctionArn = exampleAwsLambdaFunction.Arn,\n Name = \"example\",\n TriggerTypes = new[]\n {\n \"ConfigurationItemChangeNotification\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewPermission(ctx, \"example\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tPrincipal: pulumi.String(\"config.amazonaws.com\"),\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromConfig\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationCustomRule(ctx, \"example\", \u0026cfg.OrganizationCustomRuleArgs{\n\t\t\tLambdaFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTriggerTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ConfigurationItemChangeNotification\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.cfg.OrganizationCustomRule;\nimport com.pulumi.aws.cfg.OrganizationCustomRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Permission(\"example\", PermissionArgs.builder() \n .action(\"lambda:InvokeFunction\")\n .function(exampleAwsLambdaFunction.arn())\n .principal(\"config.amazonaws.com\")\n .statementId(\"AllowExecutionFromConfig\")\n .build());\n\n var exampleOrganization = new Organization(\"exampleOrganization\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationCustomRule = new OrganizationCustomRule(\"exampleOrganizationCustomRule\", OrganizationCustomRuleArgs.builder() \n .lambdaFunctionArn(exampleAwsLambdaFunction.arn())\n .name(\"example\")\n .triggerTypes(\"ConfigurationItemChangeNotification\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:Permission\n properties:\n action: lambda:InvokeFunction\n function: ${exampleAwsLambdaFunction.arn}\n principal: config.amazonaws.com\n statementId: AllowExecutionFromConfig\n exampleOrganization:\n type: aws:organizations:Organization\n name: example\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n exampleOrganizationCustomRule:\n type: aws:cfg:OrganizationCustomRule\n name: example\n properties:\n lambdaFunctionArn: ${exampleAwsLambdaFunction.arn}\n name: example\n triggerTypes:\n - ConfigurationItemChangeNotification\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Organization Custom Rules using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/organizationCustomRule:OrganizationCustomRule example example\n```\n", + "description": "Manages a Config Organization Custom Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Managed Rules (those invoking an AWS managed rule), see the `aws_config_organization_managed__rule` resource.\n\n\u003e **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excluded_accounts` argument.\n\n\u003e **NOTE:** The proper Lambda permission to allow the AWS Config service invoke the Lambda Function must be in place before the rule will successfully create or update. See also the `aws.lambda.Permission` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.Permission(\"example\", {\n action: \"lambda:InvokeFunction\",\n \"function\": exampleAwsLambdaFunction.arn,\n principal: \"config.amazonaws.com\",\n statementId: \"AllowExecutionFromConfig\",\n});\nconst exampleOrganization = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationCustomRule = new aws.cfg.OrganizationCustomRule(\"example\", {\n lambdaFunctionArn: exampleAwsLambdaFunction.arn,\n name: \"example\",\n triggerTypes: [\"ConfigurationItemChangeNotification\"],\n}, {\n dependsOn: [\n example,\n exampleOrganization,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.Permission(\"example\",\n action=\"lambda:InvokeFunction\",\n function=example_aws_lambda_function[\"arn\"],\n principal=\"config.amazonaws.com\",\n statement_id=\"AllowExecutionFromConfig\")\nexample_organization = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_custom_rule = aws.cfg.OrganizationCustomRule(\"example\",\n lambda_function_arn=example_aws_lambda_function[\"arn\"],\n name=\"example\",\n trigger_types=[\"ConfigurationItemChangeNotification\"],\n opts=pulumi.ResourceOptions(depends_on=[\n example,\n example_organization,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.Permission(\"example\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = exampleAwsLambdaFunction.Arn,\n Principal = \"config.amazonaws.com\",\n StatementId = \"AllowExecutionFromConfig\",\n });\n\n var exampleOrganization = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationCustomRule = new Aws.Cfg.OrganizationCustomRule(\"example\", new()\n {\n LambdaFunctionArn = exampleAwsLambdaFunction.Arn,\n Name = \"example\",\n TriggerTypes = new[]\n {\n \"ConfigurationItemChangeNotification\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n exampleOrganization, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lambda.NewPermission(ctx, \"example\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tPrincipal: pulumi.String(\"config.amazonaws.com\"),\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromConfig\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleOrganization, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationCustomRule(ctx, \"example\", \u0026cfg.OrganizationCustomRuleArgs{\n\t\t\tLambdaFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tTriggerTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ConfigurationItemChangeNotification\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t\texampleOrganization,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.cfg.OrganizationCustomRule;\nimport com.pulumi.aws.cfg.OrganizationCustomRuleArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Permission(\"example\", PermissionArgs.builder() \n .action(\"lambda:InvokeFunction\")\n .function(exampleAwsLambdaFunction.arn())\n .principal(\"config.amazonaws.com\")\n .statementId(\"AllowExecutionFromConfig\")\n .build());\n\n var exampleOrganization = new Organization(\"exampleOrganization\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationCustomRule = new OrganizationCustomRule(\"exampleOrganizationCustomRule\", OrganizationCustomRuleArgs.builder() \n .lambdaFunctionArn(exampleAwsLambdaFunction.arn())\n .name(\"example\")\n .triggerTypes(\"ConfigurationItemChangeNotification\")\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example,\n exampleOrganization)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:Permission\n properties:\n action: lambda:InvokeFunction\n function: ${exampleAwsLambdaFunction.arn}\n principal: config.amazonaws.com\n statementId: AllowExecutionFromConfig\n exampleOrganization:\n type: aws:organizations:Organization\n name: example\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n exampleOrganizationCustomRule:\n type: aws:cfg:OrganizationCustomRule\n name: example\n properties:\n lambdaFunctionArn: ${exampleAwsLambdaFunction.arn}\n name: example\n triggerTypes:\n - ConfigurationItemChangeNotification\n options:\n dependson:\n - ${example}\n - ${exampleOrganization}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Organization Custom Rules using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/organizationCustomRule:OrganizationCustomRule example example\n```\n", "properties": { "arn": { "type": "string", @@ -177200,7 +177200,7 @@ } }, "aws:cfg/organizationManagedRule:OrganizationManagedRule": { - "description": "Manages a Config Organization Managed Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Custom Rules (those invoking a custom Lambda Function), see the `aws.cfg.OrganizationCustomRule` resource.\n\n\u003e **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excluded_accounts` argument.\n\n\u003e **NOTE:** Every Organization account except those configured in the `excluded_accounts` argument must have a Configuration Recorder with proper IAM permissions before the rule will successfully create or update. See also the `aws.cfg.Recorder` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationManagedRule = new aws.cfg.OrganizationManagedRule(\"example\", {\n name: \"example\",\n ruleIdentifier: \"IAM_PASSWORD_POLICY\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_managed_rule = aws.cfg.OrganizationManagedRule(\"example\",\n name=\"example\",\n rule_identifier=\"IAM_PASSWORD_POLICY\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationManagedRule = new Aws.Cfg.OrganizationManagedRule(\"example\", new()\n {\n Name = \"example\",\n RuleIdentifier = \"IAM_PASSWORD_POLICY\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationManagedRule(ctx, \"example\", \u0026cfg.OrganizationManagedRuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRuleIdentifier: pulumi.String(\"IAM_PASSWORD_POLICY\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.cfg.OrganizationManagedRule;\nimport com.pulumi.aws.cfg.OrganizationManagedRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationManagedRule = new OrganizationManagedRule(\"exampleOrganizationManagedRule\", OrganizationManagedRuleArgs.builder() \n .name(\"example\")\n .ruleIdentifier(\"IAM_PASSWORD_POLICY\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n exampleOrganizationManagedRule:\n type: aws:cfg:OrganizationManagedRule\n name: example\n properties:\n name: example\n ruleIdentifier: IAM_PASSWORD_POLICY\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Organization Managed Rules using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/organizationManagedRule:OrganizationManagedRule example example\n```\n", + "description": "Manages a Config Organization Managed Rule. More information about these rules can be found in the [Enabling AWS Config Rules Across all Accounts in Your Organization](https://docs.aws.amazon.com/config/latest/developerguide/config-rule-multi-account-deployment.html) and [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) documentation. For working with Organization Custom Rules (those invoking a custom Lambda Function), see the `aws.cfg.OrganizationCustomRule` resource.\n\n\u003e **NOTE:** This resource must be created in the Organization master account and rules will include the master account unless its ID is added to the `excluded_accounts` argument.\n\n\u003e **NOTE:** Every Organization account except those configured in the `excluded_accounts` argument must have a Configuration Recorder with proper IAM permissions before the rule will successfully create or update. See also the `aws.cfg.Recorder` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"config-multiaccountsetup.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationManagedRule = new aws.cfg.OrganizationManagedRule(\"example\", {\n name: \"example\",\n ruleIdentifier: \"IAM_PASSWORD_POLICY\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"config-multiaccountsetup.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_managed_rule = aws.cfg.OrganizationManagedRule(\"example\",\n name=\"example\",\n rule_identifier=\"IAM_PASSWORD_POLICY\",\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"config-multiaccountsetup.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationManagedRule = new Aws.Cfg.OrganizationManagedRule(\"example\", new()\n {\n Name = \"example\",\n RuleIdentifier = \"IAM_PASSWORD_POLICY\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"config-multiaccountsetup.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewOrganizationManagedRule(ctx, \"example\", \u0026cfg.OrganizationManagedRuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRuleIdentifier: pulumi.String(\"IAM_PASSWORD_POLICY\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.cfg.OrganizationManagedRule;\nimport com.pulumi.aws.cfg.OrganizationManagedRuleArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"config-multiaccountsetup.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationManagedRule = new OrganizationManagedRule(\"exampleOrganizationManagedRule\", OrganizationManagedRuleArgs.builder() \n .name(\"example\")\n .ruleIdentifier(\"IAM_PASSWORD_POLICY\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - config-multiaccountsetup.amazonaws.com\n featureSet: ALL\n exampleOrganizationManagedRule:\n type: aws:cfg:OrganizationManagedRule\n name: example\n properties:\n name: example\n ruleIdentifier: IAM_PASSWORD_POLICY\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Organization Managed Rules using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/organizationManagedRule:OrganizationManagedRule example example\n```\n", "properties": { "arn": { "type": "string", @@ -177441,7 +177441,7 @@ } }, "aws:cfg/recorderStatus:RecorderStatus": { - "description": "Manages status (recording / stopped) of an AWS Config Configuration Recorder.\n\n\u003e **Note:** Starting Configuration Recorder requires a Delivery Channel to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst r = new aws.iam.Role(\"r\", {\n name: \"example-awsconfig\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst fooRecorder = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: r.arn,\n});\nconst foo = new aws.cfg.RecorderStatus(\"foo\", {\n name: fooRecorder.name,\n isEnabled: true,\n});\nconst a = new aws.iam.RolePolicyAttachment(\"a\", {\n role: r.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\",\n});\nconst b = new aws.s3.BucketV2(\"b\", {bucket: \"awsconfig-example\"});\nconst fooDeliveryChannel = new aws.cfg.DeliveryChannel(\"foo\", {\n name: \"example\",\n s3BucketName: b.bucket,\n});\nconst p = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\"s3:*\"],\n resources: [\n b.arn,\n pulumi.interpolate`${b.arn}/*`,\n ],\n }],\n});\nconst pRolePolicy = new aws.iam.RolePolicy(\"p\", {\n name: \"awsconfig-example\",\n role: r.id,\n policy: p.apply(p =\u003e p.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"config.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nr = aws.iam.Role(\"r\",\n name=\"example-awsconfig\",\n assume_role_policy=assume_role.json)\nfoo_recorder = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r.arn)\nfoo = aws.cfg.RecorderStatus(\"foo\",\n name=foo_recorder.name,\n is_enabled=True)\na = aws.iam.RolePolicyAttachment(\"a\",\n role=r.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\")\nb = aws.s3.BucketV2(\"b\", bucket=\"awsconfig-example\")\nfoo_delivery_channel = aws.cfg.DeliveryChannel(\"foo\",\n name=\"example\",\n s3_bucket_name=b.bucket)\np = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\"s3:*\"],\n resources=[\n b.arn,\n b.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n)])\np_role_policy = aws.iam.RolePolicy(\"p\",\n name=\"awsconfig-example\",\n role=r.id,\n policy=p.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var r = new Aws.Iam.Role(\"r\", new()\n {\n Name = \"example-awsconfig\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var fooRecorder = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = r.Arn,\n });\n\n var foo = new Aws.Cfg.RecorderStatus(\"foo\", new()\n {\n Name = fooRecorder.Name,\n IsEnabled = true,\n });\n\n var a = new Aws.Iam.RolePolicyAttachment(\"a\", new()\n {\n Role = r.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\",\n });\n\n var b = new Aws.S3.BucketV2(\"b\", new()\n {\n Bucket = \"awsconfig-example\",\n });\n\n var fooDeliveryChannel = new Aws.Cfg.DeliveryChannel(\"foo\", new()\n {\n Name = \"example\",\n S3BucketName = b.Bucket,\n });\n\n var p = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n b.Arn,\n $\"{b.Arn}/*\",\n },\n },\n },\n });\n\n var pRolePolicy = new Aws.Iam.RolePolicy(\"p\", new()\n {\n Name = \"awsconfig-example\",\n Role = r.Id,\n Policy = p.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tr, err := iam.NewRole(ctx, \"r\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-awsconfig\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooRecorder, err := cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: r.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRecorderStatus(ctx, \"foo\", \u0026cfg.RecorderStatusArgs{\n\t\t\tName: fooRecorder.Name,\n\t\t\tIsEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"a\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: r.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tb, err := s3.NewBucketV2(ctx, \"b\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"awsconfig-example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewDeliveryChannel(ctx, \"foo\", \u0026cfg.DeliveryChannelArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tS3BucketName: b.Bucket,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tp := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tb.Arn,\n\t\t\t\t\t\tb.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"p\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"awsconfig-example\"),\n\t\t\tRole: r.ID(),\n\t\t\tPolicy: p.ApplyT(func(p iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026p.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.cfg.RecorderStatus;\nimport com.pulumi.aws.cfg.RecorderStatusArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.cfg.DeliveryChannel;\nimport com.pulumi.aws.cfg.DeliveryChannelArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var r = new Role(\"r\", RoleArgs.builder() \n .name(\"example-awsconfig\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var fooRecorder = new Recorder(\"fooRecorder\", RecorderArgs.builder() \n .name(\"example\")\n .roleArn(r.arn())\n .build());\n\n var foo = new RecorderStatus(\"foo\", RecorderStatusArgs.builder() \n .name(fooRecorder.name())\n .isEnabled(true)\n .build());\n\n var a = new RolePolicyAttachment(\"a\", RolePolicyAttachmentArgs.builder() \n .role(r.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\")\n .build());\n\n var b = new BucketV2(\"b\", BucketV2Args.builder() \n .bucket(\"awsconfig-example\")\n .build());\n\n var fooDeliveryChannel = new DeliveryChannel(\"fooDeliveryChannel\", DeliveryChannelArgs.builder() \n .name(\"example\")\n .s3BucketName(b.bucket())\n .build());\n\n final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"s3:*\")\n .resources( \n b.arn(),\n b.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var pRolePolicy = new RolePolicy(\"pRolePolicy\", RolePolicyArgs.builder() \n .name(\"awsconfig-example\")\n .role(r.id())\n .policy(p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(p -\u003e p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:cfg:RecorderStatus\n properties:\n name: ${fooRecorder.name}\n isEnabled: true\n a:\n type: aws:iam:RolePolicyAttachment\n properties:\n role: ${r.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\n b:\n type: aws:s3:BucketV2\n properties:\n bucket: awsconfig-example\n fooDeliveryChannel:\n type: aws:cfg:DeliveryChannel\n name: foo\n properties:\n name: example\n s3BucketName: ${b.bucket}\n fooRecorder:\n type: aws:cfg:Recorder\n name: foo\n properties:\n name: example\n roleArn: ${r.arn}\n r:\n type: aws:iam:Role\n properties:\n name: example-awsconfig\n assumeRolePolicy: ${assumeRole.json}\n pRolePolicy:\n type: aws:iam:RolePolicy\n name: p\n properties:\n name: awsconfig-example\n role: ${r.id}\n policy: ${p.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n p:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:*\n resources:\n - ${b.arn}\n - ${b.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Configuration Recorder Status using the name of the Configuration Recorder. For example:\n\n```sh\n$ pulumi import aws:cfg/recorderStatus:RecorderStatus foo example\n```\n", + "description": "Manages status (recording / stopped) of an AWS Config Configuration Recorder.\n\n\u003e **Note:** Starting Configuration Recorder requires a Delivery Channel to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst b = new aws.s3.BucketV2(\"b\", {bucket: \"awsconfig-example\"});\nconst fooDeliveryChannel = new aws.cfg.DeliveryChannel(\"foo\", {\n name: \"example\",\n s3BucketName: b.bucket,\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst r = new aws.iam.Role(\"r\", {\n name: \"example-awsconfig\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst fooRecorder = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: r.arn,\n});\nconst foo = new aws.cfg.RecorderStatus(\"foo\", {\n name: fooRecorder.name,\n isEnabled: true,\n}, {\n dependsOn: [fooDeliveryChannel],\n});\nconst a = new aws.iam.RolePolicyAttachment(\"a\", {\n role: r.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\",\n});\nconst p = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n actions: [\"s3:*\"],\n resources: [\n b.arn,\n pulumi.interpolate`${b.arn}/*`,\n ],\n }],\n});\nconst pRolePolicy = new aws.iam.RolePolicy(\"p\", {\n name: \"awsconfig-example\",\n role: r.id,\n policy: p.apply(p =\u003e p.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nb = aws.s3.BucketV2(\"b\", bucket=\"awsconfig-example\")\nfoo_delivery_channel = aws.cfg.DeliveryChannel(\"foo\",\n name=\"example\",\n s3_bucket_name=b.bucket)\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"config.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nr = aws.iam.Role(\"r\",\n name=\"example-awsconfig\",\n assume_role_policy=assume_role.json)\nfoo_recorder = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r.arn)\nfoo = aws.cfg.RecorderStatus(\"foo\",\n name=foo_recorder.name,\n is_enabled=True,\n opts=pulumi.ResourceOptions(depends_on=[foo_delivery_channel]))\na = aws.iam.RolePolicyAttachment(\"a\",\n role=r.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\")\np = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\"s3:*\"],\n resources=[\n b.arn,\n b.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n)])\np_role_policy = aws.iam.RolePolicy(\"p\",\n name=\"awsconfig-example\",\n role=r.id,\n policy=p.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var b = new Aws.S3.BucketV2(\"b\", new()\n {\n Bucket = \"awsconfig-example\",\n });\n\n var fooDeliveryChannel = new Aws.Cfg.DeliveryChannel(\"foo\", new()\n {\n Name = \"example\",\n S3BucketName = b.Bucket,\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var r = new Aws.Iam.Role(\"r\", new()\n {\n Name = \"example-awsconfig\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var fooRecorder = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = r.Arn,\n });\n\n var foo = new Aws.Cfg.RecorderStatus(\"foo\", new()\n {\n Name = fooRecorder.Name,\n IsEnabled = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n fooDeliveryChannel, \n },\n });\n\n var a = new Aws.Iam.RolePolicyAttachment(\"a\", new()\n {\n Role = r.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\",\n });\n\n var p = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:*\",\n },\n Resources = new[]\n {\n b.Arn,\n $\"{b.Arn}/*\",\n },\n },\n },\n });\n\n var pRolePolicy = new Aws.Iam.RolePolicy(\"p\", new()\n {\n Name = \"awsconfig-example\",\n Role = r.Id,\n Policy = p.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tb, err := s3.NewBucketV2(ctx, \"b\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"awsconfig-example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooDeliveryChannel, err := cfg.NewDeliveryChannel(ctx, \"foo\", \u0026cfg.DeliveryChannelArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tS3BucketName: b.Bucket,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tr, err := iam.NewRole(ctx, \"r\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-awsconfig\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfooRecorder, err := cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: r.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRecorderStatus(ctx, \"foo\", \u0026cfg.RecorderStatusArgs{\n\t\t\tName: fooRecorder.Name,\n\t\t\tIsEnabled: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfooDeliveryChannel,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"a\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: r.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tp := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tb.Arn,\n\t\t\t\t\t\tb.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"p\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"awsconfig-example\"),\n\t\t\tRole: r.ID(),\n\t\t\tPolicy: p.ApplyT(func(p iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026p.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.cfg.DeliveryChannel;\nimport com.pulumi.aws.cfg.DeliveryChannelArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.cfg.RecorderStatus;\nimport com.pulumi.aws.cfg.RecorderStatusArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var b = new BucketV2(\"b\", BucketV2Args.builder() \n .bucket(\"awsconfig-example\")\n .build());\n\n var fooDeliveryChannel = new DeliveryChannel(\"fooDeliveryChannel\", DeliveryChannelArgs.builder() \n .name(\"example\")\n .s3BucketName(b.bucket())\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var r = new Role(\"r\", RoleArgs.builder() \n .name(\"example-awsconfig\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var fooRecorder = new Recorder(\"fooRecorder\", RecorderArgs.builder() \n .name(\"example\")\n .roleArn(r.arn())\n .build());\n\n var foo = new RecorderStatus(\"foo\", RecorderStatusArgs.builder() \n .name(fooRecorder.name())\n .isEnabled(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(fooDeliveryChannel)\n .build());\n\n var a = new RolePolicyAttachment(\"a\", RolePolicyAttachmentArgs.builder() \n .role(r.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\")\n .build());\n\n final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"s3:*\")\n .resources( \n b.arn(),\n b.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var pRolePolicy = new RolePolicy(\"pRolePolicy\", RolePolicyArgs.builder() \n .name(\"awsconfig-example\")\n .role(r.id())\n .policy(p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(p -\u003e p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:cfg:RecorderStatus\n properties:\n name: ${fooRecorder.name}\n isEnabled: true\n options:\n dependson:\n - ${fooDeliveryChannel}\n a:\n type: aws:iam:RolePolicyAttachment\n properties:\n role: ${r.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWS_ConfigRole\n b:\n type: aws:s3:BucketV2\n properties:\n bucket: awsconfig-example\n fooDeliveryChannel:\n type: aws:cfg:DeliveryChannel\n name: foo\n properties:\n name: example\n s3BucketName: ${b.bucket}\n fooRecorder:\n type: aws:cfg:Recorder\n name: foo\n properties:\n name: example\n roleArn: ${r.arn}\n r:\n type: aws:iam:Role\n properties:\n name: example-awsconfig\n assumeRolePolicy: ${assumeRole.json}\n pRolePolicy:\n type: aws:iam:RolePolicy\n name: p\n properties:\n name: awsconfig-example\n role: ${r.id}\n policy: ${p.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n p:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:*\n resources:\n - ${b.arn}\n - ${b.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Configuration Recorder Status using the name of the Configuration Recorder. For example:\n\n```sh\n$ pulumi import aws:cfg/recorderStatus:RecorderStatus foo example\n```\n", "properties": { "isEnabled": { "type": "boolean", @@ -177688,7 +177688,7 @@ } }, "aws:cfg/rule:Rule": { - "description": "Provides an AWS Config Rule.\n\n\u003e **Note:** Config Rule requires an existing Configuration Recorder to be present. Use of `depends_on` is recommended (as shown below) to avoid race conditions.\n\n## Example Usage\n\n### AWS Managed Rules\n\nAWS managed rules can be used by setting the source owner to `AWS` and the source identifier to the name of the managed rule. More information about AWS managed rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst r = new aws.cfg.Rule(\"r\", {\n name: \"example\",\n source: {\n owner: \"AWS\",\n sourceIdentifier: \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst rRole = new aws.iam.Role(\"r\", {\n name: \"my-awsconfig-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst foo = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: rRole.arn,\n});\nconst p = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"config:Put*\"],\n resources: [\"*\"],\n }],\n});\nconst pRolePolicy = new aws.iam.RolePolicy(\"p\", {\n name: \"my-awsconfig-policy\",\n role: rRole.id,\n policy: p.then(p =\u003e p.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nr = aws.cfg.Rule(\"r\",\n name=\"example\",\n source=aws.cfg.RuleSourceArgs(\n owner=\"AWS\",\n source_identifier=\"S3_BUCKET_VERSIONING_ENABLED\",\n ))\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"config.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nr_role = aws.iam.Role(\"r\",\n name=\"my-awsconfig-role\",\n assume_role_policy=assume_role.json)\nfoo = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r_role.arn)\np = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\"config:Put*\"],\n resources=[\"*\"],\n)])\np_role_policy = aws.iam.RolePolicy(\"p\",\n name=\"my-awsconfig-policy\",\n role=r_role.id,\n policy=p.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var r = new Aws.Cfg.Rule(\"r\", new()\n {\n Name = \"example\",\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"AWS\",\n SourceIdentifier = \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var rRole = new Aws.Iam.Role(\"r\", new()\n {\n Name = \"my-awsconfig-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var foo = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = rRole.Arn,\n });\n\n var p = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"config:Put*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var pRolePolicy = new Aws.Iam.RolePolicy(\"p\", new()\n {\n Name = \"my-awsconfig-policy\",\n Role = rRole.Id,\n Policy = p.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewRule(ctx, \"r\", \u0026cfg.RuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"AWS\"),\n\t\t\t\tSourceIdentifier: pulumi.String(\"S3_BUCKET_VERSIONING_ENABLED\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trRole, err := iam.NewRole(ctx, \"r\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"my-awsconfig-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: rRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tp, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"config:Put*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"p\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"my-awsconfig-policy\"),\n\t\t\tRole: rRole.ID(),\n\t\t\tPolicy: pulumi.String(p.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.Rule;\nimport com.pulumi.aws.cfg.RuleArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var r = new Rule(\"r\", RuleArgs.builder() \n .name(\"example\")\n .source(RuleSourceArgs.builder()\n .owner(\"AWS\")\n .sourceIdentifier(\"S3_BUCKET_VERSIONING_ENABLED\")\n .build())\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var rRole = new Role(\"rRole\", RoleArgs.builder() \n .name(\"my-awsconfig-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var foo = new Recorder(\"foo\", RecorderArgs.builder() \n .name(\"example\")\n .roleArn(rRole.arn())\n .build());\n\n final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"config:Put*\")\n .resources(\"*\")\n .build())\n .build());\n\n var pRolePolicy = new RolePolicy(\"pRolePolicy\", RolePolicyArgs.builder() \n .name(\"my-awsconfig-policy\")\n .role(rRole.id())\n .policy(p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n r:\n type: aws:cfg:Rule\n properties:\n name: example\n source:\n owner: AWS\n sourceIdentifier: S3_BUCKET_VERSIONING_ENABLED\n foo:\n type: aws:cfg:Recorder\n properties:\n name: example\n roleArn: ${rRole.arn}\n rRole:\n type: aws:iam:Role\n name: r\n properties:\n name: my-awsconfig-role\n assumeRolePolicy: ${assumeRole.json}\n pRolePolicy:\n type: aws:iam:RolePolicy\n name: p\n properties:\n name: my-awsconfig-policy\n role: ${rRole.id}\n policy: ${p.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n p:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - config:Put*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Rules\n\nCustom rules can be used by setting the source owner to `CUSTOM_LAMBDA` and the source identifier to the Amazon Resource Name (ARN) of the Lambda Function. The AWS Config service must have permissions to invoke the Lambda Function, e.g., via the `aws.lambda.Permission` resource. More information about custom rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.Recorder(\"example\", {});\nconst exampleFunction = new aws.lambda.Function(\"example\", {});\nconst examplePermission = new aws.lambda.Permission(\"example\", {\n action: \"lambda:InvokeFunction\",\n \"function\": exampleFunction.arn,\n principal: \"config.amazonaws.com\",\n statementId: \"AllowExecutionFromConfig\",\n});\nconst exampleRule = new aws.cfg.Rule(\"example\", {source: {\n owner: \"CUSTOM_LAMBDA\",\n sourceIdentifier: exampleFunction.arn,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.Recorder(\"example\")\nexample_function = aws.lambda_.Function(\"example\")\nexample_permission = aws.lambda_.Permission(\"example\",\n action=\"lambda:InvokeFunction\",\n function=example_function.arn,\n principal=\"config.amazonaws.com\",\n statement_id=\"AllowExecutionFromConfig\")\nexample_rule = aws.cfg.Rule(\"example\", source=aws.cfg.RuleSourceArgs(\n owner=\"CUSTOM_LAMBDA\",\n source_identifier=example_function.arn,\n))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.Recorder(\"example\");\n\n var exampleFunction = new Aws.Lambda.Function(\"example\");\n\n var examplePermission = new Aws.Lambda.Permission(\"example\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = exampleFunction.Arn,\n Principal = \"config.amazonaws.com\",\n StatementId = \"AllowExecutionFromConfig\",\n });\n\n var exampleRule = new Aws.Cfg.Rule(\"example\", new()\n {\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"CUSTOM_LAMBDA\",\n SourceIdentifier = exampleFunction.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewRecorder(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFunction, err := lambda.NewFunction(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"example\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: exampleFunction.Arn,\n\t\t\tPrincipal: pulumi.String(\"config.amazonaws.com\"),\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromConfig\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRule(ctx, \"example\", \u0026cfg.RuleArgs{\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"CUSTOM_LAMBDA\"),\n\t\t\t\tSourceIdentifier: exampleFunction.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.cfg.Rule;\nimport com.pulumi.aws.cfg.RuleArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Recorder(\"example\");\n\n var exampleFunction = new Function(\"exampleFunction\");\n\n var examplePermission = new Permission(\"examplePermission\", PermissionArgs.builder() \n .action(\"lambda:InvokeFunction\")\n .function(exampleFunction.arn())\n .principal(\"config.amazonaws.com\")\n .statementId(\"AllowExecutionFromConfig\")\n .build());\n\n var exampleRule = new Rule(\"exampleRule\", RuleArgs.builder() \n .source(RuleSourceArgs.builder()\n .owner(\"CUSTOM_LAMBDA\")\n .sourceIdentifier(exampleFunction.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:Recorder\n exampleFunction:\n type: aws:lambda:Function\n name: example\n examplePermission:\n type: aws:lambda:Permission\n name: example\n properties:\n action: lambda:InvokeFunction\n function: ${exampleFunction.arn}\n principal: config.amazonaws.com\n statementId: AllowExecutionFromConfig\n exampleRule:\n type: aws:cfg:Rule\n name: example\n properties:\n source:\n owner: CUSTOM_LAMBDA\n sourceIdentifier: ${exampleFunction.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Policies\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.Rule(\"example\", {\n name: \"example\",\n source: {\n owner: \"CUSTOM_POLICY\",\n sourceDetails: [{\n messageType: \"ConfigurationItemChangeNotification\",\n }],\n customPolicyDetails: {\n policyRuntime: \"guard-2.x.x\",\n policyText: `\t rule tableisactive when\n\t\t resourceType == \"AWS::DynamoDB::Table\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"AWS::DynamoDB::Table\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\t }\n`,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.Rule(\"example\",\n name=\"example\",\n source=aws.cfg.RuleSourceArgs(\n owner=\"CUSTOM_POLICY\",\n source_details=[aws.cfg.RuleSourceSourceDetailArgs(\n message_type=\"ConfigurationItemChangeNotification\",\n )],\n custom_policy_details=aws.cfg.RuleSourceCustomPolicyDetailsArgs(\n policy_runtime=\"guard-2.x.x\",\n policy_text=\"\"\"\t rule tableisactive when\n\t\t resourceType == \"AWS::DynamoDB::Table\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"AWS::DynamoDB::Table\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\t }\n\"\"\",\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.Rule(\"example\", new()\n {\n Name = \"example\",\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"CUSTOM_POLICY\",\n SourceDetails = new[]\n {\n new Aws.Cfg.Inputs.RuleSourceSourceDetailArgs\n {\n MessageType = \"ConfigurationItemChangeNotification\",\n },\n },\n CustomPolicyDetails = new Aws.Cfg.Inputs.RuleSourceCustomPolicyDetailsArgs\n {\n PolicyRuntime = \"guard-2.x.x\",\n PolicyText = @\"\t rule tableisactive when\n\t\t resourceType == \"\"AWS::DynamoDB::Table\"\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"\"AWS::DynamoDB::Table\"\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"\"ENABLED\"\"\n\t }\n\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewRule(ctx, \"example\", \u0026cfg.RuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"CUSTOM_POLICY\"),\n\t\t\t\tSourceDetails: cfg.RuleSourceSourceDetailArray{\n\t\t\t\t\t\u0026cfg.RuleSourceSourceDetailArgs{\n\t\t\t\t\t\tMessageType: pulumi.String(\"ConfigurationItemChangeNotification\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tCustomPolicyDetails: \u0026cfg.RuleSourceCustomPolicyDetailsArgs{\n\t\t\t\t\tPolicyRuntime: pulumi.String(\"guard-2.x.x\"),\n\t\t\t\t\tPolicyText: pulumi.String(`\t rule tableisactive when\n\t\t resourceType == \"AWS::DynamoDB::Table\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"AWS::DynamoDB::Table\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\t }\n`),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.Rule;\nimport com.pulumi.aws.cfg.RuleArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceCustomPolicyDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Rule(\"example\", RuleArgs.builder() \n .name(\"example\")\n .source(RuleSourceArgs.builder()\n .owner(\"CUSTOM_POLICY\")\n .sourceDetails(RuleSourceSourceDetailArgs.builder()\n .messageType(\"ConfigurationItemChangeNotification\")\n .build())\n .customPolicyDetails(RuleSourceCustomPolicyDetailsArgs.builder()\n .policyRuntime(\"guard-2.x.x\")\n .policyText(\"\"\"\n\t rule tableisactive when\n\t\t resourceType == \"AWS::DynamoDB::Table\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"AWS::DynamoDB::Table\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\t }\n \"\"\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:Rule\n properties:\n name: example\n source:\n owner: CUSTOM_POLICY\n sourceDetails:\n - messageType: ConfigurationItemChangeNotification\n customPolicyDetails:\n policyRuntime: guard-2.x.x\n policyText: \"\\t rule tableisactive when\\n\\t\\t resourceType == \\\"AWS::DynamoDB::Table\\\" {\\n\\t\\t configuration.tableStatus == ['ACTIVE']\\n\\t }\\n\\t \\n\\t rule checkcompliance when\\n\\t\\t resourceType == \\\"AWS::DynamoDB::Table\\\"\\n\\t\\t tableisactive {\\n\\t\\t\\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \\\"ENABLED\\\"\\n\\t }\\n\"\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Rule using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/rule:Rule foo example\n```\n", + "description": "Provides an AWS Config Rule.\n\n\u003e **Note:** Config Rule requires an existing Configuration Recorder to be present. Use of `depends_on` is recommended (as shown below) to avoid race conditions.\n\n## Example Usage\n\n### AWS Managed Rules\n\nAWS managed rules can be used by setting the source owner to `AWS` and the source identifier to the name of the managed rule. More information about AWS managed rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"config.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst rRole = new aws.iam.Role(\"r\", {\n name: \"my-awsconfig-role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst foo = new aws.cfg.Recorder(\"foo\", {\n name: \"example\",\n roleArn: rRole.arn,\n});\nconst r = new aws.cfg.Rule(\"r\", {\n name: \"example\",\n source: {\n owner: \"AWS\",\n sourceIdentifier: \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n}, {\n dependsOn: [foo],\n});\nconst p = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\"config:Put*\"],\n resources: [\"*\"],\n }],\n});\nconst pRolePolicy = new aws.iam.RolePolicy(\"p\", {\n name: \"my-awsconfig-policy\",\n role: rRole.id,\n policy: p.then(p =\u003e p.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"config.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nr_role = aws.iam.Role(\"r\",\n name=\"my-awsconfig-role\",\n assume_role_policy=assume_role.json)\nfoo = aws.cfg.Recorder(\"foo\",\n name=\"example\",\n role_arn=r_role.arn)\nr = aws.cfg.Rule(\"r\",\n name=\"example\",\n source=aws.cfg.RuleSourceArgs(\n owner=\"AWS\",\n source_identifier=\"S3_BUCKET_VERSIONING_ENABLED\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[foo]))\np = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\"config:Put*\"],\n resources=[\"*\"],\n)])\np_role_policy = aws.iam.RolePolicy(\"p\",\n name=\"my-awsconfig-policy\",\n role=r_role.id,\n policy=p.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"config.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var rRole = new Aws.Iam.Role(\"r\", new()\n {\n Name = \"my-awsconfig-role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var foo = new Aws.Cfg.Recorder(\"foo\", new()\n {\n Name = \"example\",\n RoleArn = rRole.Arn,\n });\n\n var r = new Aws.Cfg.Rule(\"r\", new()\n {\n Name = \"example\",\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"AWS\",\n SourceIdentifier = \"S3_BUCKET_VERSIONING_ENABLED\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n foo, \n },\n });\n\n var p = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"config:Put*\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var pRolePolicy = new Aws.Iam.RolePolicy(\"p\", new()\n {\n Name = \"my-awsconfig-policy\",\n Role = rRole.Id,\n Policy = p.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"config.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\trRole, err := iam.NewRole(ctx, \"r\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"my-awsconfig-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := cfg.NewRecorder(ctx, \"foo\", \u0026cfg.RecorderArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: rRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRule(ctx, \"r\", \u0026cfg.RuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"AWS\"),\n\t\t\t\tSourceIdentifier: pulumi.String(\"S3_BUCKET_VERSIONING_ENABLED\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfoo,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tp, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"config:Put*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"p\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"my-awsconfig-policy\"),\n\t\t\tRole: rRole.ID(),\n\t\t\tPolicy: pulumi.String(p.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.cfg.RecorderArgs;\nimport com.pulumi.aws.cfg.Rule;\nimport com.pulumi.aws.cfg.RuleArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"config.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var rRole = new Role(\"rRole\", RoleArgs.builder() \n .name(\"my-awsconfig-role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var foo = new Recorder(\"foo\", RecorderArgs.builder() \n .name(\"example\")\n .roleArn(rRole.arn())\n .build());\n\n var r = new Rule(\"r\", RuleArgs.builder() \n .name(\"example\")\n .source(RuleSourceArgs.builder()\n .owner(\"AWS\")\n .sourceIdentifier(\"S3_BUCKET_VERSIONING_ENABLED\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(foo)\n .build());\n\n final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"config:Put*\")\n .resources(\"*\")\n .build())\n .build());\n\n var pRolePolicy = new RolePolicy(\"pRolePolicy\", RolePolicyArgs.builder() \n .name(\"my-awsconfig-policy\")\n .role(rRole.id())\n .policy(p.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n r:\n type: aws:cfg:Rule\n properties:\n name: example\n source:\n owner: AWS\n sourceIdentifier: S3_BUCKET_VERSIONING_ENABLED\n options:\n dependson:\n - ${foo}\n foo:\n type: aws:cfg:Recorder\n properties:\n name: example\n roleArn: ${rRole.arn}\n rRole:\n type: aws:iam:Role\n name: r\n properties:\n name: my-awsconfig-role\n assumeRolePolicy: ${assumeRole.json}\n pRolePolicy:\n type: aws:iam:RolePolicy\n name: p\n properties:\n name: my-awsconfig-policy\n role: ${rRole.id}\n policy: ${p.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - config.amazonaws.com\n actions:\n - sts:AssumeRole\n p:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - config:Put*\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Rules\n\nCustom rules can be used by setting the source owner to `CUSTOM_LAMBDA` and the source identifier to the Amazon Resource Name (ARN) of the Lambda Function. The AWS Config service must have permissions to invoke the Lambda Function, e.g., via the `aws.lambda.Permission` resource. More information about custom rules can be found in the [AWS Config Developer Guide](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.Recorder(\"example\", {});\nconst exampleFunction = new aws.lambda.Function(\"example\", {});\nconst examplePermission = new aws.lambda.Permission(\"example\", {\n action: \"lambda:InvokeFunction\",\n \"function\": exampleFunction.arn,\n principal: \"config.amazonaws.com\",\n statementId: \"AllowExecutionFromConfig\",\n});\nconst exampleRule = new aws.cfg.Rule(\"example\", {source: {\n owner: \"CUSTOM_LAMBDA\",\n sourceIdentifier: exampleFunction.arn,\n}}, {\n dependsOn: [\n example,\n examplePermission,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.Recorder(\"example\")\nexample_function = aws.lambda_.Function(\"example\")\nexample_permission = aws.lambda_.Permission(\"example\",\n action=\"lambda:InvokeFunction\",\n function=example_function.arn,\n principal=\"config.amazonaws.com\",\n statement_id=\"AllowExecutionFromConfig\")\nexample_rule = aws.cfg.Rule(\"example\", source=aws.cfg.RuleSourceArgs(\n owner=\"CUSTOM_LAMBDA\",\n source_identifier=example_function.arn,\n),\nopts=pulumi.ResourceOptions(depends_on=[\n example,\n example_permission,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.Recorder(\"example\");\n\n var exampleFunction = new Aws.Lambda.Function(\"example\");\n\n var examplePermission = new Aws.Lambda.Permission(\"example\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = exampleFunction.Arn,\n Principal = \"config.amazonaws.com\",\n StatementId = \"AllowExecutionFromConfig\",\n });\n\n var exampleRule = new Aws.Cfg.Rule(\"example\", new()\n {\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"CUSTOM_LAMBDA\",\n SourceIdentifier = exampleFunction.Arn,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n examplePermission, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cfg.NewRecorder(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFunction, err := lambda.NewFunction(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePermission, err := lambda.NewPermission(ctx, \"example\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: exampleFunction.Arn,\n\t\t\tPrincipal: pulumi.String(\"config.amazonaws.com\"),\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromConfig\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cfg.NewRule(ctx, \"example\", \u0026cfg.RuleArgs{\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"CUSTOM_LAMBDA\"),\n\t\t\t\tSourceIdentifier: exampleFunction.Arn,\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t\texamplePermission,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.Recorder;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.cfg.Rule;\nimport com.pulumi.aws.cfg.RuleArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Recorder(\"example\");\n\n var exampleFunction = new Function(\"exampleFunction\");\n\n var examplePermission = new Permission(\"examplePermission\", PermissionArgs.builder() \n .action(\"lambda:InvokeFunction\")\n .function(exampleFunction.arn())\n .principal(\"config.amazonaws.com\")\n .statementId(\"AllowExecutionFromConfig\")\n .build());\n\n var exampleRule = new Rule(\"exampleRule\", RuleArgs.builder() \n .source(RuleSourceArgs.builder()\n .owner(\"CUSTOM_LAMBDA\")\n .sourceIdentifier(exampleFunction.arn())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example,\n examplePermission)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:Recorder\n exampleFunction:\n type: aws:lambda:Function\n name: example\n examplePermission:\n type: aws:lambda:Permission\n name: example\n properties:\n action: lambda:InvokeFunction\n function: ${exampleFunction.arn}\n principal: config.amazonaws.com\n statementId: AllowExecutionFromConfig\n exampleRule:\n type: aws:cfg:Rule\n name: example\n properties:\n source:\n owner: CUSTOM_LAMBDA\n sourceIdentifier: ${exampleFunction.arn}\n options:\n dependson:\n - ${example}\n - ${examplePermission}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Policies\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cfg.Rule(\"example\", {\n name: \"example\",\n source: {\n owner: \"CUSTOM_POLICY\",\n sourceDetails: [{\n messageType: \"ConfigurationItemChangeNotification\",\n }],\n customPolicyDetails: {\n policyRuntime: \"guard-2.x.x\",\n policyText: `\t rule tableisactive when\n\t\t resourceType == \"AWS::DynamoDB::Table\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"AWS::DynamoDB::Table\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\t }\n`,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cfg.Rule(\"example\",\n name=\"example\",\n source=aws.cfg.RuleSourceArgs(\n owner=\"CUSTOM_POLICY\",\n source_details=[aws.cfg.RuleSourceSourceDetailArgs(\n message_type=\"ConfigurationItemChangeNotification\",\n )],\n custom_policy_details=aws.cfg.RuleSourceCustomPolicyDetailsArgs(\n policy_runtime=\"guard-2.x.x\",\n policy_text=\"\"\"\t rule tableisactive when\n\t\t resourceType == \"AWS::DynamoDB::Table\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"AWS::DynamoDB::Table\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\t }\n\"\"\",\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Cfg.Rule(\"example\", new()\n {\n Name = \"example\",\n Source = new Aws.Cfg.Inputs.RuleSourceArgs\n {\n Owner = \"CUSTOM_POLICY\",\n SourceDetails = new[]\n {\n new Aws.Cfg.Inputs.RuleSourceSourceDetailArgs\n {\n MessageType = \"ConfigurationItemChangeNotification\",\n },\n },\n CustomPolicyDetails = new Aws.Cfg.Inputs.RuleSourceCustomPolicyDetailsArgs\n {\n PolicyRuntime = \"guard-2.x.x\",\n PolicyText = @\"\t rule tableisactive when\n\t\t resourceType == \"\"AWS::DynamoDB::Table\"\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"\"AWS::DynamoDB::Table\"\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"\"ENABLED\"\"\n\t }\n\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cfg\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cfg.NewRule(ctx, \"example\", \u0026cfg.RuleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSource: \u0026cfg.RuleSourceArgs{\n\t\t\t\tOwner: pulumi.String(\"CUSTOM_POLICY\"),\n\t\t\t\tSourceDetails: cfg.RuleSourceSourceDetailArray{\n\t\t\t\t\t\u0026cfg.RuleSourceSourceDetailArgs{\n\t\t\t\t\t\tMessageType: pulumi.String(\"ConfigurationItemChangeNotification\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tCustomPolicyDetails: \u0026cfg.RuleSourceCustomPolicyDetailsArgs{\n\t\t\t\t\tPolicyRuntime: pulumi.String(\"guard-2.x.x\"),\n\t\t\t\t\tPolicyText: pulumi.String(`\t rule tableisactive when\n\t\t resourceType == \"AWS::DynamoDB::Table\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"AWS::DynamoDB::Table\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\t }\n`),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cfg.Rule;\nimport com.pulumi.aws.cfg.RuleArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceArgs;\nimport com.pulumi.aws.cfg.inputs.RuleSourceCustomPolicyDetailsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Rule(\"example\", RuleArgs.builder() \n .name(\"example\")\n .source(RuleSourceArgs.builder()\n .owner(\"CUSTOM_POLICY\")\n .sourceDetails(RuleSourceSourceDetailArgs.builder()\n .messageType(\"ConfigurationItemChangeNotification\")\n .build())\n .customPolicyDetails(RuleSourceCustomPolicyDetailsArgs.builder()\n .policyRuntime(\"guard-2.x.x\")\n .policyText(\"\"\"\n\t rule tableisactive when\n\t\t resourceType == \"AWS::DynamoDB::Table\" {\n\t\t configuration.tableStatus == ['ACTIVE']\n\t }\n\t \n\t rule checkcompliance when\n\t\t resourceType == \"AWS::DynamoDB::Table\"\n\t\t tableisactive {\n\t\t\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \"ENABLED\"\n\t }\n \"\"\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cfg:Rule\n properties:\n name: example\n source:\n owner: CUSTOM_POLICY\n sourceDetails:\n - messageType: ConfigurationItemChangeNotification\n customPolicyDetails:\n policyRuntime: guard-2.x.x\n policyText: \"\\t rule tableisactive when\\n\\t\\t resourceType == \\\"AWS::DynamoDB::Table\\\" {\\n\\t\\t configuration.tableStatus == ['ACTIVE']\\n\\t }\\n\\t \\n\\t rule checkcompliance when\\n\\t\\t resourceType == \\\"AWS::DynamoDB::Table\\\"\\n\\t\\t tableisactive {\\n\\t\\t\\t supplementaryConfiguration.ContinuousBackupsDescription.pointInTimeRecoveryDescription.pointInTimeRecoveryStatus == \\\"ENABLED\\\"\\n\\t }\\n\"\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Config Rule using the name. For example:\n\n```sh\n$ pulumi import aws:cfg/rule:Rule foo example\n```\n", "properties": { "arn": { "type": "string", @@ -178685,7 +178685,7 @@ } }, "aws:chime/voiceConnectorTerminationCredentials:VoiceConnectorTerminationCredentials": { - "description": "Adds termination SIP credentials for the specified Amazon Chime Voice Connector.\n\n\u003e **Note:** Voice Connector Termination Credentials requires a Voice Connector Termination to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.chime.VoiceConnector(\"default\", {\n name: \"test\",\n requireEncryption: true,\n});\nconst defaultVoiceConnectorTermination = new aws.chime.VoiceConnectorTermination(\"default\", {\n disabled: true,\n cpsLimit: 1,\n cidrAllowLists: [\"50.35.78.96/31\"],\n callingRegions: [\n \"US\",\n \"CA\",\n ],\n voiceConnectorId: _default.id,\n});\nconst defaultVoiceConnectorTerminationCredentials = new aws.chime.VoiceConnectorTerminationCredentials(\"default\", {\n voiceConnectorId: _default.id,\n credentials: [{\n username: \"test\",\n password: \"test!\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.chime.VoiceConnector(\"default\",\n name=\"test\",\n require_encryption=True)\ndefault_voice_connector_termination = aws.chime.VoiceConnectorTermination(\"default\",\n disabled=True,\n cps_limit=1,\n cidr_allow_lists=[\"50.35.78.96/31\"],\n calling_regions=[\n \"US\",\n \"CA\",\n ],\n voice_connector_id=default.id)\ndefault_voice_connector_termination_credentials = aws.chime.VoiceConnectorTerminationCredentials(\"default\",\n voice_connector_id=default.id,\n credentials=[aws.chime.VoiceConnectorTerminationCredentialsCredentialArgs(\n username=\"test\",\n password=\"test!\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Chime.VoiceConnector(\"default\", new()\n {\n Name = \"test\",\n RequireEncryption = true,\n });\n\n var defaultVoiceConnectorTermination = new Aws.Chime.VoiceConnectorTermination(\"default\", new()\n {\n Disabled = true,\n CpsLimit = 1,\n CidrAllowLists = new[]\n {\n \"50.35.78.96/31\",\n },\n CallingRegions = new[]\n {\n \"US\",\n \"CA\",\n },\n VoiceConnectorId = @default.Id,\n });\n\n var defaultVoiceConnectorTerminationCredentials = new Aws.Chime.VoiceConnectorTerminationCredentials(\"default\", new()\n {\n VoiceConnectorId = @default.Id,\n Credentials = new[]\n {\n new Aws.Chime.Inputs.VoiceConnectorTerminationCredentialsCredentialArgs\n {\n Username = \"test\",\n Password = \"test!\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewVoiceConnector(ctx, \"default\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewVoiceConnectorTermination(ctx, \"default\", \u0026chime.VoiceConnectorTerminationArgs{\n\t\t\tDisabled: pulumi.Bool(true),\n\t\t\tCpsLimit: pulumi.Int(1),\n\t\t\tCidrAllowLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"50.35.78.96/31\"),\n\t\t\t},\n\t\t\tCallingRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t},\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewVoiceConnectorTerminationCredentials(ctx, \"default\", \u0026chime.VoiceConnectorTerminationCredentialsArgs{\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t\tCredentials: chime.VoiceConnectorTerminationCredentialsCredentialArray{\n\t\t\t\t\u0026chime.VoiceConnectorTerminationCredentialsCredentialArgs{\n\t\t\t\t\tUsername: pulumi.String(\"test\"),\n\t\t\t\t\tPassword: pulumi.String(\"test!\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.VoiceConnector;\nimport com.pulumi.aws.chime.VoiceConnectorArgs;\nimport com.pulumi.aws.chime.VoiceConnectorTermination;\nimport com.pulumi.aws.chime.VoiceConnectorTerminationArgs;\nimport com.pulumi.aws.chime.VoiceConnectorTerminationCredentials;\nimport com.pulumi.aws.chime.VoiceConnectorTerminationCredentialsArgs;\nimport com.pulumi.aws.chime.inputs.VoiceConnectorTerminationCredentialsCredentialArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new VoiceConnector(\"default\", VoiceConnectorArgs.builder() \n .name(\"test\")\n .requireEncryption(true)\n .build());\n\n var defaultVoiceConnectorTermination = new VoiceConnectorTermination(\"defaultVoiceConnectorTermination\", VoiceConnectorTerminationArgs.builder() \n .disabled(true)\n .cpsLimit(1)\n .cidrAllowLists(\"50.35.78.96/31\")\n .callingRegions( \n \"US\",\n \"CA\")\n .voiceConnectorId(default_.id())\n .build());\n\n var defaultVoiceConnectorTerminationCredentials = new VoiceConnectorTerminationCredentials(\"defaultVoiceConnectorTerminationCredentials\", VoiceConnectorTerminationCredentialsArgs.builder() \n .voiceConnectorId(default_.id())\n .credentials(VoiceConnectorTerminationCredentialsCredentialArgs.builder()\n .username(\"test\")\n .password(\"test!\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:chime:VoiceConnector\n properties:\n name: test\n requireEncryption: true\n defaultVoiceConnectorTermination:\n type: aws:chime:VoiceConnectorTermination\n name: default\n properties:\n disabled: true\n cpsLimit: 1\n cidrAllowLists:\n - 50.35.78.96/31\n callingRegions:\n - US\n - CA\n voiceConnectorId: ${default.id}\n defaultVoiceConnectorTerminationCredentials:\n type: aws:chime:VoiceConnectorTerminationCredentials\n name: default\n properties:\n voiceConnectorId: ${default.id}\n credentials:\n - username: test\n password: test!\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Chime Voice Connector Termination Credentials using the `voice_connector_id`. For example:\n\n```sh\n$ pulumi import aws:chime/voiceConnectorTerminationCredentials:VoiceConnectorTerminationCredentials default abcdef1ghij2klmno3pqr4\n```\n", + "description": "Adds termination SIP credentials for the specified Amazon Chime Voice Connector.\n\n\u003e **Note:** Voice Connector Termination Credentials requires a Voice Connector Termination to be present. Use of `depends_on` (as shown below) is recommended to avoid race conditions.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.chime.VoiceConnector(\"default\", {\n name: \"test\",\n requireEncryption: true,\n});\nconst defaultVoiceConnectorTermination = new aws.chime.VoiceConnectorTermination(\"default\", {\n disabled: true,\n cpsLimit: 1,\n cidrAllowLists: [\"50.35.78.96/31\"],\n callingRegions: [\n \"US\",\n \"CA\",\n ],\n voiceConnectorId: _default.id,\n});\nconst defaultVoiceConnectorTerminationCredentials = new aws.chime.VoiceConnectorTerminationCredentials(\"default\", {\n voiceConnectorId: _default.id,\n credentials: [{\n username: \"test\",\n password: \"test!\",\n }],\n}, {\n dependsOn: [defaultVoiceConnectorTermination],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.chime.VoiceConnector(\"default\",\n name=\"test\",\n require_encryption=True)\ndefault_voice_connector_termination = aws.chime.VoiceConnectorTermination(\"default\",\n disabled=True,\n cps_limit=1,\n cidr_allow_lists=[\"50.35.78.96/31\"],\n calling_regions=[\n \"US\",\n \"CA\",\n ],\n voice_connector_id=default.id)\ndefault_voice_connector_termination_credentials = aws.chime.VoiceConnectorTerminationCredentials(\"default\",\n voice_connector_id=default.id,\n credentials=[aws.chime.VoiceConnectorTerminationCredentialsCredentialArgs(\n username=\"test\",\n password=\"test!\",\n )],\n opts=pulumi.ResourceOptions(depends_on=[default_voice_connector_termination]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Chime.VoiceConnector(\"default\", new()\n {\n Name = \"test\",\n RequireEncryption = true,\n });\n\n var defaultVoiceConnectorTermination = new Aws.Chime.VoiceConnectorTermination(\"default\", new()\n {\n Disabled = true,\n CpsLimit = 1,\n CidrAllowLists = new[]\n {\n \"50.35.78.96/31\",\n },\n CallingRegions = new[]\n {\n \"US\",\n \"CA\",\n },\n VoiceConnectorId = @default.Id,\n });\n\n var defaultVoiceConnectorTerminationCredentials = new Aws.Chime.VoiceConnectorTerminationCredentials(\"default\", new()\n {\n VoiceConnectorId = @default.Id,\n Credentials = new[]\n {\n new Aws.Chime.Inputs.VoiceConnectorTerminationCredentialsCredentialArgs\n {\n Username = \"test\",\n Password = \"test!\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n defaultVoiceConnectorTermination, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/chime\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := chime.NewVoiceConnector(ctx, \"default\", \u0026chime.VoiceConnectorArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tRequireEncryption: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultVoiceConnectorTermination, err := chime.NewVoiceConnectorTermination(ctx, \"default\", \u0026chime.VoiceConnectorTerminationArgs{\n\t\t\tDisabled: pulumi.Bool(true),\n\t\t\tCpsLimit: pulumi.Int(1),\n\t\t\tCidrAllowLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"50.35.78.96/31\"),\n\t\t\t},\n\t\t\tCallingRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"US\"),\n\t\t\t\tpulumi.String(\"CA\"),\n\t\t\t},\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = chime.NewVoiceConnectorTerminationCredentials(ctx, \"default\", \u0026chime.VoiceConnectorTerminationCredentialsArgs{\n\t\t\tVoiceConnectorId: _default.ID(),\n\t\t\tCredentials: chime.VoiceConnectorTerminationCredentialsCredentialArray{\n\t\t\t\t\u0026chime.VoiceConnectorTerminationCredentialsCredentialArgs{\n\t\t\t\t\tUsername: pulumi.String(\"test\"),\n\t\t\t\t\tPassword: pulumi.String(\"test!\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tdefaultVoiceConnectorTermination,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.chime.VoiceConnector;\nimport com.pulumi.aws.chime.VoiceConnectorArgs;\nimport com.pulumi.aws.chime.VoiceConnectorTermination;\nimport com.pulumi.aws.chime.VoiceConnectorTerminationArgs;\nimport com.pulumi.aws.chime.VoiceConnectorTerminationCredentials;\nimport com.pulumi.aws.chime.VoiceConnectorTerminationCredentialsArgs;\nimport com.pulumi.aws.chime.inputs.VoiceConnectorTerminationCredentialsCredentialArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new VoiceConnector(\"default\", VoiceConnectorArgs.builder() \n .name(\"test\")\n .requireEncryption(true)\n .build());\n\n var defaultVoiceConnectorTermination = new VoiceConnectorTermination(\"defaultVoiceConnectorTermination\", VoiceConnectorTerminationArgs.builder() \n .disabled(true)\n .cpsLimit(1)\n .cidrAllowLists(\"50.35.78.96/31\")\n .callingRegions( \n \"US\",\n \"CA\")\n .voiceConnectorId(default_.id())\n .build());\n\n var defaultVoiceConnectorTerminationCredentials = new VoiceConnectorTerminationCredentials(\"defaultVoiceConnectorTerminationCredentials\", VoiceConnectorTerminationCredentialsArgs.builder() \n .voiceConnectorId(default_.id())\n .credentials(VoiceConnectorTerminationCredentialsCredentialArgs.builder()\n .username(\"test\")\n .password(\"test!\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(defaultVoiceConnectorTermination)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:chime:VoiceConnector\n properties:\n name: test\n requireEncryption: true\n defaultVoiceConnectorTermination:\n type: aws:chime:VoiceConnectorTermination\n name: default\n properties:\n disabled: true\n cpsLimit: 1\n cidrAllowLists:\n - 50.35.78.96/31\n callingRegions:\n - US\n - CA\n voiceConnectorId: ${default.id}\n defaultVoiceConnectorTerminationCredentials:\n type: aws:chime:VoiceConnectorTerminationCredentials\n name: default\n properties:\n voiceConnectorId: ${default.id}\n credentials:\n - username: test\n password: test!\n options:\n dependson:\n - ${defaultVoiceConnectorTermination}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Chime Voice Connector Termination Credentials using the `voice_connector_id`. For example:\n\n```sh\n$ pulumi import aws:chime/voiceConnectorTerminationCredentials:VoiceConnectorTerminationCredentials default abcdef1ghij2klmno3pqr4\n```\n", "properties": { "credentials": { "type": "array", @@ -179483,7 +179483,7 @@ } }, "aws:cloudcontrol/resource:Resource": { - "description": "Manages a Cloud Control API Resource. The configuration and lifecycle handling of these resources is proxied through Cloud Control API handlers to the backend service.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudcontrol.Resource(\"example\", {\n typeName: \"AWS::ECS::Cluster\",\n desiredState: JSON.stringify({\n clusterName: \"example\",\n tags: [{\n key: \"CostCenter\",\n value: \"IT\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.cloudcontrol.Resource(\"example\",\n type_name=\"AWS::ECS::Cluster\",\n desired_state=json.dumps({\n \"clusterName\": \"example\",\n \"tags\": [{\n \"key\": \"CostCenter\",\n \"value\": \"IT\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudControl.Resource(\"example\", new()\n {\n TypeName = \"AWS::ECS::Cluster\",\n DesiredState = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"clusterName\"] = \"example\",\n [\"tags\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"key\"] = \"CostCenter\",\n [\"value\"] = \"IT\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudcontrol\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"clusterName\": \"example\",\n\t\t\t\"tags\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"key\": \"CostCenter\",\n\t\t\t\t\t\"value\": \"IT\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = cloudcontrol.NewResource(ctx, \"example\", \u0026cloudcontrol.ResourceArgs{\n\t\t\tTypeName: pulumi.String(\"AWS::ECS::Cluster\"),\n\t\t\tDesiredState: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudcontrol.Resource;\nimport com.pulumi.aws.cloudcontrol.ResourceArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Resource(\"example\", ResourceArgs.builder() \n .typeName(\"AWS::ECS::Cluster\")\n .desiredState(serializeJson(\n jsonObject(\n jsonProperty(\"clusterName\", \"example\"),\n jsonProperty(\"tags\", jsonArray(jsonObject(\n jsonProperty(\"key\", \"CostCenter\"),\n jsonProperty(\"value\", \"IT\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudcontrol:Resource\n properties:\n typeName: AWS::ECS::Cluster\n desiredState:\n fn::toJSON:\n clusterName: example\n tags:\n - key: CostCenter\n value: IT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Manages a Cloud Control API Resource. The configuration and lifecycle handling of these resources is proxied through Cloud Control API handlers to the backend service.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudcontrol.Resource(\"example\", {\n typeName: \"AWS::ECS::Cluster\",\n desiredState: JSON.stringify({\n ClusterName: \"example\",\n Tags: [{\n Key: \"CostCenter\",\n Value: \"IT\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.cloudcontrol.Resource(\"example\",\n type_name=\"AWS::ECS::Cluster\",\n desired_state=json.dumps({\n \"ClusterName\": \"example\",\n \"Tags\": [{\n \"Key\": \"CostCenter\",\n \"Value\": \"IT\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudControl.Resource(\"example\", new()\n {\n TypeName = \"AWS::ECS::Cluster\",\n DesiredState = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"ClusterName\"] = \"example\",\n [\"Tags\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Key\"] = \"CostCenter\",\n [\"Value\"] = \"IT\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudcontrol\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"ClusterName\": \"example\",\n\t\t\t\"Tags\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Key\": \"CostCenter\",\n\t\t\t\t\t\"Value\": \"IT\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = cloudcontrol.NewResource(ctx, \"example\", \u0026cloudcontrol.ResourceArgs{\n\t\t\tTypeName: pulumi.String(\"AWS::ECS::Cluster\"),\n\t\t\tDesiredState: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudcontrol.Resource;\nimport com.pulumi.aws.cloudcontrol.ResourceArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Resource(\"example\", ResourceArgs.builder() \n .typeName(\"AWS::ECS::Cluster\")\n .desiredState(serializeJson(\n jsonObject(\n jsonProperty(\"ClusterName\", \"example\"),\n jsonProperty(\"Tags\", jsonArray(jsonObject(\n jsonProperty(\"Key\", \"CostCenter\"),\n jsonProperty(\"Value\", \"IT\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudcontrol:Resource\n properties:\n typeName: AWS::ECS::Cluster\n desiredState:\n fn::toJSON:\n ClusterName: example\n Tags:\n - Key: CostCenter\n Value: IT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "desiredState": { "type": "string", @@ -179779,7 +179779,7 @@ } }, "aws:cloudformation/stack:Stack": { - "description": "Provides a CloudFormation Stack resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst network = new aws.cloudformation.Stack(\"network\", {\n name: \"networking-stack\",\n parameters: {\n VPCCidr: \"10.0.0.0/16\",\n },\n templateBody: JSON.stringify({\n parameters: {\n vPCCidr: {\n type: \"String\",\n \"default\": \"10.0.0.0/16\",\n description: \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n resources: {\n myVpc: {\n type: \"AWS::EC2::VPC\",\n properties: {\n cidrBlock: {\n Ref: \"VPCCidr\",\n },\n tags: [{\n key: \"Name\",\n value: \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nnetwork = aws.cloudformation.Stack(\"network\",\n name=\"networking-stack\",\n parameters={\n \"VPCCidr\": \"10.0.0.0/16\",\n },\n template_body=json.dumps({\n \"parameters\": {\n \"vPCCidr\": {\n \"type\": \"String\",\n \"default\": \"10.0.0.0/16\",\n \"description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n \"resources\": {\n \"myVpc\": {\n \"type\": \"AWS::EC2::VPC\",\n \"properties\": {\n \"cidrBlock\": {\n \"Ref\": \"VPCCidr\",\n },\n \"tags\": [{\n \"key\": \"Name\",\n \"value\": \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = new Aws.CloudFormation.Stack(\"network\", new()\n {\n Name = \"networking-stack\",\n Parameters = \n {\n { \"VPCCidr\", \"10.0.0.0/16\" },\n },\n TemplateBody = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"vPCCidr\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"String\",\n [\"default\"] = \"10.0.0.0/16\",\n [\"description\"] = \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n [\"resources\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"myVpc\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"AWS::EC2::VPC\",\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"cidrBlock\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Ref\"] = \"VPCCidr\",\n },\n [\"tags\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"key\"] = \"Name\",\n [\"value\"] = \"Primary_CF_VPC\",\n },\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"parameters\": map[string]interface{}{\n\t\t\t\t\"vPCCidr\": map[string]interface{}{\n\t\t\t\t\t\"type\": \"String\",\n\t\t\t\t\t\"default\": \"10.0.0.0/16\",\n\t\t\t\t\t\"description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"resources\": map[string]interface{}{\n\t\t\t\t\"myVpc\": map[string]interface{}{\n\t\t\t\t\t\"type\": \"AWS::EC2::VPC\",\n\t\t\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\t\t\"cidrBlock\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Ref\": \"VPCCidr\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"tags\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"key\": \"Name\",\n\t\t\t\t\t\t\t\t\"value\": \"Primary_CF_VPC\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = cloudformation.NewStack(ctx, \"network\", \u0026cloudformation.StackArgs{\n\t\t\tName: pulumi.String(\"networking-stack\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"VPCCidr\": pulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudformation.Stack;\nimport com.pulumi.aws.cloudformation.StackArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network = new Stack(\"network\", StackArgs.builder() \n .name(\"networking-stack\")\n .parameters(Map.of(\"VPCCidr\", \"10.0.0.0/16\"))\n .templateBody(serializeJson(\n jsonObject(\n jsonProperty(\"parameters\", jsonObject(\n jsonProperty(\"vPCCidr\", jsonObject(\n jsonProperty(\"type\", \"String\"),\n jsonProperty(\"default\", \"10.0.0.0/16\"),\n jsonProperty(\"description\", \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\")\n ))\n )),\n jsonProperty(\"resources\", jsonObject(\n jsonProperty(\"myVpc\", jsonObject(\n jsonProperty(\"type\", \"AWS::EC2::VPC\"),\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"cidrBlock\", jsonObject(\n jsonProperty(\"Ref\", \"VPCCidr\")\n )),\n jsonProperty(\"tags\", jsonArray(jsonObject(\n jsonProperty(\"key\", \"Name\"),\n jsonProperty(\"value\", \"Primary_CF_VPC\")\n )))\n ))\n ))\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n network:\n type: aws:cloudformation:Stack\n properties:\n name: networking-stack\n parameters:\n VPCCidr: 10.0.0.0/16\n templateBody:\n fn::toJSON:\n parameters:\n vPCCidr:\n type: String\n default: 10.0.0.0/16\n description: Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\n resources:\n myVpc:\n type: AWS::EC2::VPC\n properties:\n cidrBlock:\n Ref: VPCCidr\n tags:\n - key: Name\n value: Primary_CF_VPC\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudformation Stacks using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudformation/stack:Stack stack networking-stack\n```\n", + "description": "Provides a CloudFormation Stack resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst network = new aws.cloudformation.Stack(\"network\", {\n name: \"networking-stack\",\n parameters: {\n VPCCidr: \"10.0.0.0/16\",\n },\n templateBody: JSON.stringify({\n Parameters: {\n VPCCidr: {\n Type: \"String\",\n Default: \"10.0.0.0/16\",\n Description: \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n Resources: {\n myVpc: {\n Type: \"AWS::EC2::VPC\",\n Properties: {\n CidrBlock: {\n Ref: \"VPCCidr\",\n },\n Tags: [{\n Key: \"Name\",\n Value: \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nnetwork = aws.cloudformation.Stack(\"network\",\n name=\"networking-stack\",\n parameters={\n \"VPCCidr\": \"10.0.0.0/16\",\n },\n template_body=json.dumps({\n \"Parameters\": {\n \"VPCCidr\": {\n \"Type\": \"String\",\n \"Default\": \"10.0.0.0/16\",\n \"Description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n \"Resources\": {\n \"myVpc\": {\n \"Type\": \"AWS::EC2::VPC\",\n \"Properties\": {\n \"CidrBlock\": {\n \"Ref\": \"VPCCidr\",\n },\n \"Tags\": [{\n \"Key\": \"Name\",\n \"Value\": \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var network = new Aws.CloudFormation.Stack(\"network\", new()\n {\n Name = \"networking-stack\",\n Parameters = \n {\n { \"VPCCidr\", \"10.0.0.0/16\" },\n },\n TemplateBody = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"VPCCidr\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"String\",\n [\"Default\"] = \"10.0.0.0/16\",\n [\"Description\"] = \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n [\"Resources\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"myVpc\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"AWS::EC2::VPC\",\n [\"Properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"CidrBlock\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Ref\"] = \"VPCCidr\",\n },\n [\"Tags\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Key\"] = \"Name\",\n [\"Value\"] = \"Primary_CF_VPC\",\n },\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Parameters\": map[string]interface{}{\n\t\t\t\t\"VPCCidr\": map[string]interface{}{\n\t\t\t\t\t\"Type\": \"String\",\n\t\t\t\t\t\"Default\": \"10.0.0.0/16\",\n\t\t\t\t\t\"Description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Resources\": map[string]interface{}{\n\t\t\t\t\"myVpc\": map[string]interface{}{\n\t\t\t\t\t\"Type\": \"AWS::EC2::VPC\",\n\t\t\t\t\t\"Properties\": map[string]interface{}{\n\t\t\t\t\t\t\"CidrBlock\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Ref\": \"VPCCidr\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Tags\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"Key\": \"Name\",\n\t\t\t\t\t\t\t\t\"Value\": \"Primary_CF_VPC\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = cloudformation.NewStack(ctx, \"network\", \u0026cloudformation.StackArgs{\n\t\t\tName: pulumi.String(\"networking-stack\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"VPCCidr\": pulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudformation.Stack;\nimport com.pulumi.aws.cloudformation.StackArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var network = new Stack(\"network\", StackArgs.builder() \n .name(\"networking-stack\")\n .parameters(Map.of(\"VPCCidr\", \"10.0.0.0/16\"))\n .templateBody(serializeJson(\n jsonObject(\n jsonProperty(\"Parameters\", jsonObject(\n jsonProperty(\"VPCCidr\", jsonObject(\n jsonProperty(\"Type\", \"String\"),\n jsonProperty(\"Default\", \"10.0.0.0/16\"),\n jsonProperty(\"Description\", \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\")\n ))\n )),\n jsonProperty(\"Resources\", jsonObject(\n jsonProperty(\"myVpc\", jsonObject(\n jsonProperty(\"Type\", \"AWS::EC2::VPC\"),\n jsonProperty(\"Properties\", jsonObject(\n jsonProperty(\"CidrBlock\", jsonObject(\n jsonProperty(\"Ref\", \"VPCCidr\")\n )),\n jsonProperty(\"Tags\", jsonArray(jsonObject(\n jsonProperty(\"Key\", \"Name\"),\n jsonProperty(\"Value\", \"Primary_CF_VPC\")\n )))\n ))\n ))\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n network:\n type: aws:cloudformation:Stack\n properties:\n name: networking-stack\n parameters:\n VPCCidr: 10.0.0.0/16\n templateBody:\n fn::toJSON:\n Parameters:\n VPCCidr:\n Type: String\n Default: 10.0.0.0/16\n Description: Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\n Resources:\n myVpc:\n Type: AWS::EC2::VPC\n Properties:\n CidrBlock:\n Ref: VPCCidr\n Tags:\n - Key: Name\n Value: Primary_CF_VPC\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudformation Stacks using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudformation/stack:Stack stack networking-stack\n```\n", "properties": { "capabilities": { "type": "array", @@ -180030,7 +180030,7 @@ } }, "aws:cloudformation/stackSet:StackSet": { - "description": "Manages a CloudFormation StackSet. StackSets allow CloudFormation templates to be easily deployed across multiple accounts and regions via StackSet Instances (`aws.cloudformation.StackSetInstance` resource). Additional information about StackSets can be found in the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html).\n\n\u003e **NOTE:** All template parameters, including those with a `Default`, must be configured or ignored with the `lifecycle` configuration block `ignore_changes` argument.\n\n\u003e **NOTE:** All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n principals: [{\n identifiers: [\"cloudformation.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst aWSCloudFormationStackSetAdministrationRole = new aws.iam.Role(\"AWSCloudFormationStackSetAdministrationRole\", {\n assumeRolePolicy: aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.then(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy =\u003e aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json),\n name: \"AWSCloudFormationStackSetAdministrationRole\",\n});\nconst example = new aws.cloudformation.StackSet(\"example\", {\n administrationRoleArn: aWSCloudFormationStackSetAdministrationRole.arn,\n name: \"example\",\n parameters: {\n VPCCidr: \"10.0.0.0/16\",\n },\n templateBody: JSON.stringify({\n parameters: {\n vPCCidr: {\n type: \"String\",\n \"default\": \"10.0.0.0/16\",\n description: \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n resources: {\n myVpc: {\n type: \"AWS::EC2::VPC\",\n properties: {\n cidrBlock: {\n ref: \"VPCCidr\",\n },\n tags: [{\n key: \"Name\",\n value: \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }),\n});\nconst aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n resources: [pulumi.interpolate`arn:aws:iam::*:role/${example.executionRoleName}`],\n }],\n});\nconst aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new aws.iam.RolePolicy(\"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\", {\n name: \"ExecutionPolicy\",\n policy: aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.apply(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy =\u003e aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.json),\n role: aWSCloudFormationStackSetAdministrationRole.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\na_ws_cloud_formation_stack_set_administration_role_assume_role_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n identifiers=[\"cloudformation.amazonaws.com\"],\n type=\"Service\",\n )],\n)])\na_ws_cloud_formation_stack_set_administration_role = aws.iam.Role(\"AWSCloudFormationStackSetAdministrationRole\",\n assume_role_policy=a_ws_cloud_formation_stack_set_administration_role_assume_role_policy.json,\n name=\"AWSCloudFormationStackSetAdministrationRole\")\nexample = aws.cloudformation.StackSet(\"example\",\n administration_role_arn=a_ws_cloud_formation_stack_set_administration_role.arn,\n name=\"example\",\n parameters={\n \"VPCCidr\": \"10.0.0.0/16\",\n },\n template_body=json.dumps({\n \"parameters\": {\n \"vPCCidr\": {\n \"type\": \"String\",\n \"default\": \"10.0.0.0/16\",\n \"description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n \"resources\": {\n \"myVpc\": {\n \"type\": \"AWS::EC2::VPC\",\n \"properties\": {\n \"cidrBlock\": {\n \"ref\": \"VPCCidr\",\n },\n \"tags\": [{\n \"key\": \"Name\",\n \"value\": \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }))\na_ws_cloud_formation_stack_set_administration_role_execution_policy = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n effect=\"Allow\",\n resources=[example.execution_role_name.apply(lambda execution_role_name: f\"arn:aws:iam::*:role/{execution_role_name}\")],\n)])\na_ws_cloud_formation_stack_set_administration_role_execution_policy_role_policy = aws.iam.RolePolicy(\"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\",\n name=\"ExecutionPolicy\",\n policy=a_ws_cloud_formation_stack_set_administration_role_execution_policy.json,\n role=a_ws_cloud_formation_stack_set_administration_role.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"cloudformation.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var aWSCloudFormationStackSetAdministrationRole = new Aws.Iam.Role(\"AWSCloudFormationStackSetAdministrationRole\", new()\n {\n AssumeRolePolicy = aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"AWSCloudFormationStackSetAdministrationRole\",\n });\n\n var example = new Aws.CloudFormation.StackSet(\"example\", new()\n {\n AdministrationRoleArn = aWSCloudFormationStackSetAdministrationRole.Arn,\n Name = \"example\",\n Parameters = \n {\n { \"VPCCidr\", \"10.0.0.0/16\" },\n },\n TemplateBody = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"vPCCidr\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"String\",\n [\"default\"] = \"10.0.0.0/16\",\n [\"description\"] = \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n [\"resources\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"myVpc\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"AWS::EC2::VPC\",\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"cidrBlock\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ref\"] = \"VPCCidr\",\n },\n [\"tags\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"key\"] = \"Name\",\n [\"value\"] = \"Primary_CF_VPC\",\n },\n },\n },\n },\n },\n }),\n });\n\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Resources = new[]\n {\n $\"arn:aws:iam::*:role/{example.ExecutionRoleName}\",\n },\n },\n },\n });\n\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new Aws.Iam.RolePolicy(\"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\", new()\n {\n Name = \"ExecutionPolicy\",\n Policy = aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Role = aWSCloudFormationStackSetAdministrationRole.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"cloudformation.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taWSCloudFormationStackSetAdministrationRole, err := iam.NewRole(ctx, \"AWSCloudFormationStackSetAdministrationRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Json),\n\t\t\tName: pulumi.String(\"AWSCloudFormationStackSetAdministrationRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"parameters\": map[string]interface{}{\n\t\t\t\t\"vPCCidr\": map[string]interface{}{\n\t\t\t\t\t\"type\": \"String\",\n\t\t\t\t\t\"default\": \"10.0.0.0/16\",\n\t\t\t\t\t\"description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"resources\": map[string]interface{}{\n\t\t\t\t\"myVpc\": map[string]interface{}{\n\t\t\t\t\t\"type\": \"AWS::EC2::VPC\",\n\t\t\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\t\t\"cidrBlock\": map[string]interface{}{\n\t\t\t\t\t\t\t\"ref\": \"VPCCidr\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"tags\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"key\": \"Name\",\n\t\t\t\t\t\t\t\t\"value\": \"Primary_CF_VPC\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := cloudformation.NewStackSet(ctx, \"example\", \u0026cloudformation.StackSetArgs{\n\t\t\tAdministrationRoleArn: aWSCloudFormationStackSetAdministrationRole.Arn,\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"VPCCidr\": pulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taWSCloudFormationStackSetAdministrationRoleExecutionPolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sts:AssumeRole\"),\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.ExecutionRoleName.ApplyT(func(executionRoleName string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"arn:aws:iam::*:role/%v\", executionRoleName), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"ExecutionPolicy\"),\n\t\t\tPolicy: aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.ApplyT(func(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\tRole: aWSCloudFormationStackSetAdministrationRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cloudformation.StackSet;\nimport com.pulumi.aws.cloudformation.StackSetArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"cloudformation.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var aWSCloudFormationStackSetAdministrationRole = new Role(\"aWSCloudFormationStackSetAdministrationRole\", RoleArgs.builder() \n .assumeRolePolicy(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"AWSCloudFormationStackSetAdministrationRole\")\n .build());\n\n var example = new StackSet(\"example\", StackSetArgs.builder() \n .administrationRoleArn(aWSCloudFormationStackSetAdministrationRole.arn())\n .name(\"example\")\n .parameters(Map.of(\"VPCCidr\", \"10.0.0.0/16\"))\n .templateBody(serializeJson(\n jsonObject(\n jsonProperty(\"parameters\", jsonObject(\n jsonProperty(\"vPCCidr\", jsonObject(\n jsonProperty(\"type\", \"String\"),\n jsonProperty(\"default\", \"10.0.0.0/16\"),\n jsonProperty(\"description\", \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\")\n ))\n )),\n jsonProperty(\"resources\", jsonObject(\n jsonProperty(\"myVpc\", jsonObject(\n jsonProperty(\"type\", \"AWS::EC2::VPC\"),\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"cidrBlock\", jsonObject(\n jsonProperty(\"ref\", \"VPCCidr\")\n )),\n jsonProperty(\"tags\", jsonArray(jsonObject(\n jsonProperty(\"key\", \"Name\"),\n jsonProperty(\"value\", \"Primary_CF_VPC\")\n )))\n ))\n ))\n ))\n )))\n .build());\n\n final var aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .effect(\"Allow\")\n .resources(example.executionRoleName().applyValue(executionRoleName -\u003e String.format(\"arn:aws:iam::*:role/%s\", executionRoleName)))\n .build())\n .build());\n\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new RolePolicy(\"aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy\", RolePolicyArgs.builder() \n .name(\"ExecutionPolicy\")\n .policy(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy -\u003e aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .role(aWSCloudFormationStackSetAdministrationRole.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aWSCloudFormationStackSetAdministrationRole:\n type: aws:iam:Role\n name: AWSCloudFormationStackSetAdministrationRole\n properties:\n assumeRolePolicy: ${aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json}\n name: AWSCloudFormationStackSetAdministrationRole\n example:\n type: aws:cloudformation:StackSet\n properties:\n administrationRoleArn: ${aWSCloudFormationStackSetAdministrationRole.arn}\n name: example\n parameters:\n VPCCidr: 10.0.0.0/16\n templateBody:\n fn::toJSON:\n parameters:\n vPCCidr:\n type: String\n default: 10.0.0.0/16\n description: Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\n resources:\n myVpc:\n type: AWS::EC2::VPC\n properties:\n cidrBlock:\n ref: VPCCidr\n tags:\n - key: Name\n value: Primary_CF_VPC\n aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy:\n type: aws:iam:RolePolicy\n name: AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\n properties:\n name: ExecutionPolicy\n policy: ${aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.json}\n role: ${aWSCloudFormationStackSetAdministrationRole.name}\nvariables:\n aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n effect: Allow\n principals:\n - identifiers:\n - cloudformation.amazonaws.com\n type: Service\n aWSCloudFormationStackSetAdministrationRoleExecutionPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n effect: Allow\n resources:\n - arn:aws:iam::*:role/${example.executionRoleName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport CloudFormation StackSets when acting a delegated administrator in a member account using the `name` and `call_as` values separated by a comma (`,`). For example:\n\nUsing `pulumi import`, import CloudFormation StackSets using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudformation/stackSet:StackSet example example\n```\nUsing `pulumi import`, import CloudFormation StackSets when acting a delegated administrator in a member account using the `name` and `call_as` values separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:cloudformation/stackSet:StackSet example example,DELEGATED_ADMIN\n```\n", + "description": "Manages a CloudFormation StackSet. StackSets allow CloudFormation templates to be easily deployed across multiple accounts and regions via StackSet Instances (`aws.cloudformation.StackSetInstance` resource). Additional information about StackSets can be found in the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html).\n\n\u003e **NOTE:** All template parameters, including those with a `Default`, must be configured or ignored with the `lifecycle` configuration block `ignore_changes` argument.\n\n\u003e **NOTE:** All `NoEcho` template parameters must be ignored with the `lifecycle` configuration block `ignore_changes` argument.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n principals: [{\n identifiers: [\"cloudformation.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst aWSCloudFormationStackSetAdministrationRole = new aws.iam.Role(\"AWSCloudFormationStackSetAdministrationRole\", {\n assumeRolePolicy: aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.then(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy =\u003e aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json),\n name: \"AWSCloudFormationStackSetAdministrationRole\",\n});\nconst example = new aws.cloudformation.StackSet(\"example\", {\n administrationRoleArn: aWSCloudFormationStackSetAdministrationRole.arn,\n name: \"example\",\n parameters: {\n VPCCidr: \"10.0.0.0/16\",\n },\n templateBody: JSON.stringify({\n Parameters: {\n VPCCidr: {\n Type: \"String\",\n Default: \"10.0.0.0/16\",\n Description: \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n Resources: {\n myVpc: {\n Type: \"AWS::EC2::VPC\",\n Properties: {\n CidrBlock: {\n Ref: \"VPCCidr\",\n },\n Tags: [{\n Key: \"Name\",\n Value: \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }),\n});\nconst aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n resources: [pulumi.interpolate`arn:aws:iam::*:role/${example.executionRoleName}`],\n }],\n});\nconst aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new aws.iam.RolePolicy(\"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\", {\n name: \"ExecutionPolicy\",\n policy: aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.apply(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy =\u003e aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.json),\n role: aWSCloudFormationStackSetAdministrationRole.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\na_ws_cloud_formation_stack_set_administration_role_assume_role_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n identifiers=[\"cloudformation.amazonaws.com\"],\n type=\"Service\",\n )],\n)])\na_ws_cloud_formation_stack_set_administration_role = aws.iam.Role(\"AWSCloudFormationStackSetAdministrationRole\",\n assume_role_policy=a_ws_cloud_formation_stack_set_administration_role_assume_role_policy.json,\n name=\"AWSCloudFormationStackSetAdministrationRole\")\nexample = aws.cloudformation.StackSet(\"example\",\n administration_role_arn=a_ws_cloud_formation_stack_set_administration_role.arn,\n name=\"example\",\n parameters={\n \"VPCCidr\": \"10.0.0.0/16\",\n },\n template_body=json.dumps({\n \"Parameters\": {\n \"VPCCidr\": {\n \"Type\": \"String\",\n \"Default\": \"10.0.0.0/16\",\n \"Description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n \"Resources\": {\n \"myVpc\": {\n \"Type\": \"AWS::EC2::VPC\",\n \"Properties\": {\n \"CidrBlock\": {\n \"Ref\": \"VPCCidr\",\n },\n \"Tags\": [{\n \"Key\": \"Name\",\n \"Value\": \"Primary_CF_VPC\",\n }],\n },\n },\n },\n }))\na_ws_cloud_formation_stack_set_administration_role_execution_policy = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n effect=\"Allow\",\n resources=[example.execution_role_name.apply(lambda execution_role_name: f\"arn:aws:iam::*:role/{execution_role_name}\")],\n)])\na_ws_cloud_formation_stack_set_administration_role_execution_policy_role_policy = aws.iam.RolePolicy(\"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\",\n name=\"ExecutionPolicy\",\n policy=a_ws_cloud_formation_stack_set_administration_role_execution_policy.json,\n role=a_ws_cloud_formation_stack_set_administration_role.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"cloudformation.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var aWSCloudFormationStackSetAdministrationRole = new Aws.Iam.Role(\"AWSCloudFormationStackSetAdministrationRole\", new()\n {\n AssumeRolePolicy = aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"AWSCloudFormationStackSetAdministrationRole\",\n });\n\n var example = new Aws.CloudFormation.StackSet(\"example\", new()\n {\n AdministrationRoleArn = aWSCloudFormationStackSetAdministrationRole.Arn,\n Name = \"example\",\n Parameters = \n {\n { \"VPCCidr\", \"10.0.0.0/16\" },\n },\n TemplateBody = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"VPCCidr\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"String\",\n [\"Default\"] = \"10.0.0.0/16\",\n [\"Description\"] = \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n },\n },\n [\"Resources\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"myVpc\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"AWS::EC2::VPC\",\n [\"Properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"CidrBlock\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Ref\"] = \"VPCCidr\",\n },\n [\"Tags\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Key\"] = \"Name\",\n [\"Value\"] = \"Primary_CF_VPC\",\n },\n },\n },\n },\n },\n }),\n });\n\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Resources = new[]\n {\n $\"arn:aws:iam::*:role/{example.ExecutionRoleName}\",\n },\n },\n },\n });\n\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new Aws.Iam.RolePolicy(\"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\", new()\n {\n Name = \"ExecutionPolicy\",\n Policy = aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Role = aWSCloudFormationStackSetAdministrationRole.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudformation\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"cloudformation.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taWSCloudFormationStackSetAdministrationRole, err := iam.NewRole(ctx, \"AWSCloudFormationStackSetAdministrationRole\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.Json),\n\t\t\tName: pulumi.String(\"AWSCloudFormationStackSetAdministrationRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Parameters\": map[string]interface{}{\n\t\t\t\t\"VPCCidr\": map[string]interface{}{\n\t\t\t\t\t\"Type\": \"String\",\n\t\t\t\t\t\"Default\": \"10.0.0.0/16\",\n\t\t\t\t\t\"Description\": \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Resources\": map[string]interface{}{\n\t\t\t\t\"myVpc\": map[string]interface{}{\n\t\t\t\t\t\"Type\": \"AWS::EC2::VPC\",\n\t\t\t\t\t\"Properties\": map[string]interface{}{\n\t\t\t\t\t\t\"CidrBlock\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Ref\": \"VPCCidr\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Tags\": []map[string]interface{}{\n\t\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\t\"Key\": \"Name\",\n\t\t\t\t\t\t\t\t\"Value\": \"Primary_CF_VPC\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := cloudformation.NewStackSet(ctx, \"example\", \u0026cloudformation.StackSetArgs{\n\t\t\tAdministrationRoleArn: aWSCloudFormationStackSetAdministrationRole.Arn,\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"VPCCidr\": pulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t\tTemplateBody: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taWSCloudFormationStackSetAdministrationRoleExecutionPolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sts:AssumeRole\"),\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texample.ExecutionRoleName.ApplyT(func(executionRoleName string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"arn:aws:iam::*:role/%v\", executionRoleName), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"ExecutionPolicy\"),\n\t\t\tPolicy: aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.ApplyT(func(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\tRole: aWSCloudFormationStackSetAdministrationRole.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.cloudformation.StackSet;\nimport com.pulumi.aws.cloudformation.StackSetArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"cloudformation.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var aWSCloudFormationStackSetAdministrationRole = new Role(\"aWSCloudFormationStackSetAdministrationRole\", RoleArgs.builder() \n .assumeRolePolicy(aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"AWSCloudFormationStackSetAdministrationRole\")\n .build());\n\n var example = new StackSet(\"example\", StackSetArgs.builder() \n .administrationRoleArn(aWSCloudFormationStackSetAdministrationRole.arn())\n .name(\"example\")\n .parameters(Map.of(\"VPCCidr\", \"10.0.0.0/16\"))\n .templateBody(serializeJson(\n jsonObject(\n jsonProperty(\"Parameters\", jsonObject(\n jsonProperty(\"VPCCidr\", jsonObject(\n jsonProperty(\"Type\", \"String\"),\n jsonProperty(\"Default\", \"10.0.0.0/16\"),\n jsonProperty(\"Description\", \"Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\")\n ))\n )),\n jsonProperty(\"Resources\", jsonObject(\n jsonProperty(\"myVpc\", jsonObject(\n jsonProperty(\"Type\", \"AWS::EC2::VPC\"),\n jsonProperty(\"Properties\", jsonObject(\n jsonProperty(\"CidrBlock\", jsonObject(\n jsonProperty(\"Ref\", \"VPCCidr\")\n )),\n jsonProperty(\"Tags\", jsonArray(jsonObject(\n jsonProperty(\"Key\", \"Name\"),\n jsonProperty(\"Value\", \"Primary_CF_VPC\")\n )))\n ))\n ))\n ))\n )))\n .build());\n\n final var aWSCloudFormationStackSetAdministrationRoleExecutionPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .effect(\"Allow\")\n .resources(example.executionRoleName().applyValue(executionRoleName -\u003e String.format(\"arn:aws:iam::*:role/%s\", executionRoleName)))\n .build())\n .build());\n\n var aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy = new RolePolicy(\"aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy\", RolePolicyArgs.builder() \n .name(\"ExecutionPolicy\")\n .policy(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(aWSCloudFormationStackSetAdministrationRoleExecutionPolicy -\u003e aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .role(aWSCloudFormationStackSetAdministrationRole.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n aWSCloudFormationStackSetAdministrationRole:\n type: aws:iam:Role\n name: AWSCloudFormationStackSetAdministrationRole\n properties:\n assumeRolePolicy: ${aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy.json}\n name: AWSCloudFormationStackSetAdministrationRole\n example:\n type: aws:cloudformation:StackSet\n properties:\n administrationRoleArn: ${aWSCloudFormationStackSetAdministrationRole.arn}\n name: example\n parameters:\n VPCCidr: 10.0.0.0/16\n templateBody:\n fn::toJSON:\n Parameters:\n VPCCidr:\n Type: String\n Default: 10.0.0.0/16\n Description: Enter the CIDR block for the VPC. Default is 10.0.0.0/16.\n Resources:\n myVpc:\n Type: AWS::EC2::VPC\n Properties:\n CidrBlock:\n Ref: VPCCidr\n Tags:\n - Key: Name\n Value: Primary_CF_VPC\n aWSCloudFormationStackSetAdministrationRoleExecutionPolicyRolePolicy:\n type: aws:iam:RolePolicy\n name: AWSCloudFormationStackSetAdministrationRole_ExecutionPolicy\n properties:\n name: ExecutionPolicy\n policy: ${aWSCloudFormationStackSetAdministrationRoleExecutionPolicy.json}\n role: ${aWSCloudFormationStackSetAdministrationRole.name}\nvariables:\n aWSCloudFormationStackSetAdministrationRoleAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n effect: Allow\n principals:\n - identifiers:\n - cloudformation.amazonaws.com\n type: Service\n aWSCloudFormationStackSetAdministrationRoleExecutionPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n effect: Allow\n resources:\n - arn:aws:iam::*:role/${example.executionRoleName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport CloudFormation StackSets when acting a delegated administrator in a member account using the `name` and `call_as` values separated by a comma (`,`). For example:\n\nUsing `pulumi import`, import CloudFormation StackSets using the `name`. For example:\n\n```sh\n$ pulumi import aws:cloudformation/stackSet:StackSet example example\n```\nUsing `pulumi import`, import CloudFormation StackSets when acting a delegated administrator in a member account using the `name` and `call_as` values separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:cloudformation/stackSet:StackSet example example,DELEGATED_ADMIN\n```\n", "properties": { "administrationRoleArn": { "type": "string", @@ -181997,7 +181997,7 @@ } }, "aws:cloudfront/realtimeLogConfig:RealtimeLogConfig": { - "description": "Provides a CloudFront real-time log configuration resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"cloudfront.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"cloudfront-realtime-log-config-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\",\n ],\n resources: [exampleAwsKinesisStream.arn],\n }],\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n name: \"cloudfront-realtime-log-config-example\",\n role: exampleRole.id,\n policy: example.then(example =\u003e example.json),\n});\nconst exampleRealtimeLogConfig = new aws.cloudfront.RealtimeLogConfig(\"example\", {\n name: \"example\",\n samplingRate: 75,\n fields: [\n \"timestamp\",\n \"c-ip\",\n ],\n endpoint: {\n streamType: \"Kinesis\",\n kinesisStreamConfig: {\n roleArn: exampleRole.arn,\n streamArn: exampleAwsKinesisStream.arn,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"cloudfront.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nexample_role = aws.iam.Role(\"example\",\n name=\"cloudfront-realtime-log-config-example\",\n assume_role_policy=assume_role.json)\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\",\n ],\n resources=[example_aws_kinesis_stream[\"arn\"]],\n)])\nexample_role_policy = aws.iam.RolePolicy(\"example\",\n name=\"cloudfront-realtime-log-config-example\",\n role=example_role.id,\n policy=example.json)\nexample_realtime_log_config = aws.cloudfront.RealtimeLogConfig(\"example\",\n name=\"example\",\n sampling_rate=75,\n fields=[\n \"timestamp\",\n \"c-ip\",\n ],\n endpoint=aws.cloudfront.RealtimeLogConfigEndpointArgs(\n stream_type=\"Kinesis\",\n kinesis_stream_config=aws.cloudfront.RealtimeLogConfigEndpointKinesisStreamConfigArgs(\n role_arn=example_role.arn,\n stream_arn=example_aws_kinesis_stream[\"arn\"],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"cloudfront.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"cloudfront-realtime-log-config-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\",\n },\n Resources = new[]\n {\n exampleAwsKinesisStream.Arn,\n },\n },\n },\n });\n\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"example\", new()\n {\n Name = \"cloudfront-realtime-log-config-example\",\n Role = exampleRole.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRealtimeLogConfig = new Aws.CloudFront.RealtimeLogConfig(\"example\", new()\n {\n Name = \"example\",\n SamplingRate = 75,\n Fields = new[]\n {\n \"timestamp\",\n \"c-ip\",\n },\n Endpoint = new Aws.CloudFront.Inputs.RealtimeLogConfigEndpointArgs\n {\n StreamType = \"Kinesis\",\n KinesisStreamConfig = new Aws.CloudFront.Inputs.RealtimeLogConfigEndpointKinesisStreamConfigArgs\n {\n RoleArn = exampleRole.Arn,\n StreamArn = exampleAwsKinesisStream.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"cloudfront.amazonaws.com\",\n},\n},\n},\nActions: []string{\n\"sts:AssumeRole\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\nName: pulumi.String(\"cloudfront-realtime-log-config-example\"),\nAssumeRolePolicy: pulumi.String(assumeRole.Json),\n})\nif err != nil {\nreturn err\n}\nexample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"kinesis:DescribeStreamSummary\",\n\"kinesis:DescribeStream\",\n\"kinesis:PutRecord\",\n\"kinesis:PutRecords\",\n},\nResources: interface{}{\nexampleAwsKinesisStream.Arn,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = iam.NewRolePolicy(ctx, \"example\", \u0026iam.RolePolicyArgs{\nName: pulumi.String(\"cloudfront-realtime-log-config-example\"),\nRole: exampleRole.ID(),\nPolicy: pulumi.String(example.Json),\n})\nif err != nil {\nreturn err\n}\n_, err = cloudfront.NewRealtimeLogConfig(ctx, \"example\", \u0026cloudfront.RealtimeLogConfigArgs{\nName: pulumi.String(\"example\"),\nSamplingRate: pulumi.Int(75),\nFields: pulumi.StringArray{\npulumi.String(\"timestamp\"),\npulumi.String(\"c-ip\"),\n},\nEndpoint: \u0026cloudfront.RealtimeLogConfigEndpointArgs{\nStreamType: pulumi.String(\"Kinesis\"),\nKinesisStreamConfig: \u0026cloudfront.RealtimeLogConfigEndpointKinesisStreamConfigArgs{\nRoleArn: exampleRole.Arn,\nStreamArn: pulumi.Any(exampleAwsKinesisStream.Arn),\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.cloudfront.RealtimeLogConfig;\nimport com.pulumi.aws.cloudfront.RealtimeLogConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.RealtimeLogConfigEndpointArgs;\nimport com.pulumi.aws.cloudfront.inputs.RealtimeLogConfigEndpointKinesisStreamConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"cloudfront.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"cloudfront-realtime-log-config-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\")\n .resources(exampleAwsKinesisStream.arn())\n .build())\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder() \n .name(\"cloudfront-realtime-log-config-example\")\n .role(exampleRole.id())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleRealtimeLogConfig = new RealtimeLogConfig(\"exampleRealtimeLogConfig\", RealtimeLogConfigArgs.builder() \n .name(\"example\")\n .samplingRate(75)\n .fields( \n \"timestamp\",\n \"c-ip\")\n .endpoint(RealtimeLogConfigEndpointArgs.builder()\n .streamType(\"Kinesis\")\n .kinesisStreamConfig(RealtimeLogConfigEndpointKinesisStreamConfigArgs.builder()\n .roleArn(exampleRole.arn())\n .streamArn(exampleAwsKinesisStream.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: cloudfront-realtime-log-config-example\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n name: cloudfront-realtime-log-config-example\n role: ${exampleRole.id}\n policy: ${example.json}\n exampleRealtimeLogConfig:\n type: aws:cloudfront:RealtimeLogConfig\n name: example\n properties:\n name: example\n samplingRate: 75\n fields:\n - timestamp\n - c-ip\n endpoint:\n streamType: Kinesis\n kinesisStreamConfig:\n roleArn: ${exampleRole.arn}\n streamArn: ${exampleAwsKinesisStream.arn}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - cloudfront.amazonaws.com\n actions:\n - sts:AssumeRole\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - kinesis:DescribeStreamSummary\n - kinesis:DescribeStream\n - kinesis:PutRecord\n - kinesis:PutRecords\n resources:\n - ${exampleAwsKinesisStream.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront real-time log configurations using the ARN. For example:\n\n```sh\n$ pulumi import aws:cloudfront/realtimeLogConfig:RealtimeLogConfig example arn:aws:cloudfront::111122223333:realtime-log-config/ExampleNameForRealtimeLogConfig\n```\n", + "description": "Provides a CloudFront real-time log configuration resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"cloudfront.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"cloudfront-realtime-log-config-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\",\n ],\n resources: [exampleAwsKinesisStream.arn],\n }],\n});\nconst exampleRolePolicy = new aws.iam.RolePolicy(\"example\", {\n name: \"cloudfront-realtime-log-config-example\",\n role: exampleRole.id,\n policy: example.then(example =\u003e example.json),\n});\nconst exampleRealtimeLogConfig = new aws.cloudfront.RealtimeLogConfig(\"example\", {\n name: \"example\",\n samplingRate: 75,\n fields: [\n \"timestamp\",\n \"c-ip\",\n ],\n endpoint: {\n streamType: \"Kinesis\",\n kinesisStreamConfig: {\n roleArn: exampleRole.arn,\n streamArn: exampleAwsKinesisStream.arn,\n },\n },\n}, {\n dependsOn: [exampleRolePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"cloudfront.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nexample_role = aws.iam.Role(\"example\",\n name=\"cloudfront-realtime-log-config-example\",\n assume_role_policy=assume_role.json)\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\",\n ],\n resources=[example_aws_kinesis_stream[\"arn\"]],\n)])\nexample_role_policy = aws.iam.RolePolicy(\"example\",\n name=\"cloudfront-realtime-log-config-example\",\n role=example_role.id,\n policy=example.json)\nexample_realtime_log_config = aws.cloudfront.RealtimeLogConfig(\"example\",\n name=\"example\",\n sampling_rate=75,\n fields=[\n \"timestamp\",\n \"c-ip\",\n ],\n endpoint=aws.cloudfront.RealtimeLogConfigEndpointArgs(\n stream_type=\"Kinesis\",\n kinesis_stream_config=aws.cloudfront.RealtimeLogConfigEndpointKinesisStreamConfigArgs(\n role_arn=example_role.arn,\n stream_arn=example_aws_kinesis_stream[\"arn\"],\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_role_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"cloudfront.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"cloudfront-realtime-log-config-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\",\n },\n Resources = new[]\n {\n exampleAwsKinesisStream.Arn,\n },\n },\n },\n });\n\n var exampleRolePolicy = new Aws.Iam.RolePolicy(\"example\", new()\n {\n Name = \"cloudfront-realtime-log-config-example\",\n Role = exampleRole.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRealtimeLogConfig = new Aws.CloudFront.RealtimeLogConfig(\"example\", new()\n {\n Name = \"example\",\n SamplingRate = 75,\n Fields = new[]\n {\n \"timestamp\",\n \"c-ip\",\n },\n Endpoint = new Aws.CloudFront.Inputs.RealtimeLogConfigEndpointArgs\n {\n StreamType = \"Kinesis\",\n KinesisStreamConfig = new Aws.CloudFront.Inputs.RealtimeLogConfigEndpointKinesisStreamConfigArgs\n {\n RoleArn = exampleRole.Arn,\n StreamArn = exampleAwsKinesisStream.Arn,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleRolePolicy, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"cloudfront.amazonaws.com\",\n},\n},\n},\nActions: []string{\n\"sts:AssumeRole\",\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\nName: pulumi.String(\"cloudfront-realtime-log-config-example\"),\nAssumeRolePolicy: pulumi.String(assumeRole.Json),\n})\nif err != nil {\nreturn err\n}\nexample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nActions: []string{\n\"kinesis:DescribeStreamSummary\",\n\"kinesis:DescribeStream\",\n\"kinesis:PutRecord\",\n\"kinesis:PutRecords\",\n},\nResources: interface{}{\nexampleAwsKinesisStream.Arn,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleRolePolicy, err := iam.NewRolePolicy(ctx, \"example\", \u0026iam.RolePolicyArgs{\nName: pulumi.String(\"cloudfront-realtime-log-config-example\"),\nRole: exampleRole.ID(),\nPolicy: pulumi.String(example.Json),\n})\nif err != nil {\nreturn err\n}\n_, err = cloudfront.NewRealtimeLogConfig(ctx, \"example\", \u0026cloudfront.RealtimeLogConfigArgs{\nName: pulumi.String(\"example\"),\nSamplingRate: pulumi.Int(75),\nFields: pulumi.StringArray{\npulumi.String(\"timestamp\"),\npulumi.String(\"c-ip\"),\n},\nEndpoint: \u0026cloudfront.RealtimeLogConfigEndpointArgs{\nStreamType: pulumi.String(\"Kinesis\"),\nKinesisStreamConfig: \u0026cloudfront.RealtimeLogConfigEndpointKinesisStreamConfigArgs{\nRoleArn: exampleRole.Arn,\nStreamArn: pulumi.Any(exampleAwsKinesisStream.Arn),\n},\n},\n}, pulumi.DependsOn([]pulumi.Resource{\nexampleRolePolicy,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.cloudfront.RealtimeLogConfig;\nimport com.pulumi.aws.cloudfront.RealtimeLogConfigArgs;\nimport com.pulumi.aws.cloudfront.inputs.RealtimeLogConfigEndpointArgs;\nimport com.pulumi.aws.cloudfront.inputs.RealtimeLogConfigEndpointKinesisStreamConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"cloudfront.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"cloudfront-realtime-log-config-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"kinesis:DescribeStreamSummary\",\n \"kinesis:DescribeStream\",\n \"kinesis:PutRecord\",\n \"kinesis:PutRecords\")\n .resources(exampleAwsKinesisStream.arn())\n .build())\n .build());\n\n var exampleRolePolicy = new RolePolicy(\"exampleRolePolicy\", RolePolicyArgs.builder() \n .name(\"cloudfront-realtime-log-config-example\")\n .role(exampleRole.id())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleRealtimeLogConfig = new RealtimeLogConfig(\"exampleRealtimeLogConfig\", RealtimeLogConfigArgs.builder() \n .name(\"example\")\n .samplingRate(75)\n .fields( \n \"timestamp\",\n \"c-ip\")\n .endpoint(RealtimeLogConfigEndpointArgs.builder()\n .streamType(\"Kinesis\")\n .kinesisStreamConfig(RealtimeLogConfigEndpointKinesisStreamConfigArgs.builder()\n .roleArn(exampleRole.arn())\n .streamArn(exampleAwsKinesisStream.arn())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleRolePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: cloudfront-realtime-log-config-example\n assumeRolePolicy: ${assumeRole.json}\n exampleRolePolicy:\n type: aws:iam:RolePolicy\n name: example\n properties:\n name: cloudfront-realtime-log-config-example\n role: ${exampleRole.id}\n policy: ${example.json}\n exampleRealtimeLogConfig:\n type: aws:cloudfront:RealtimeLogConfig\n name: example\n properties:\n name: example\n samplingRate: 75\n fields:\n - timestamp\n - c-ip\n endpoint:\n streamType: Kinesis\n kinesisStreamConfig:\n roleArn: ${exampleRole.arn}\n streamArn: ${exampleAwsKinesisStream.arn}\n options:\n dependson:\n - ${exampleRolePolicy}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - cloudfront.amazonaws.com\n actions:\n - sts:AssumeRole\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - kinesis:DescribeStreamSummary\n - kinesis:DescribeStream\n - kinesis:PutRecord\n - kinesis:PutRecords\n resources:\n - ${exampleAwsKinesisStream.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudFront real-time log configurations using the ARN. For example:\n\n```sh\n$ pulumi import aws:cloudfront/realtimeLogConfig:RealtimeLogConfig example arn:aws:cloudfront::111122223333:realtime-log-config/ExampleNameForRealtimeLogConfig\n```\n", "properties": { "arn": { "type": "string", @@ -182820,7 +182820,7 @@ } }, "aws:cloudtrail/trail:Trail": { - "description": "Provides a CloudTrail resource.\n\n\u003e **Tip:** For a multi-region trail, this resource must be in the home region of the trail.\n\n\u003e **Tip:** For an organization trail, this resource must be in the master account of the organization.\n\n## Example Usage\n\n### Basic\n\nEnable CloudTrail to capture all compatible management events in region.\nFor capturing events from services like IAM, `include_global_service_events` must be enabled.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"my-test-trail\",\n forceDestroy: true,\n});\nconst exampleTrail = new aws.cloudtrail.Trail(\"example\", {\n name: \"example\",\n s3BucketName: exampleBucketV2.id,\n s3KeyPrefix: \"prefix\",\n includeGlobalServiceEvents: false,\n});\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst currentGetRegion = aws.getRegion({});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n sid: \"AWSCloudTrailAclCheck\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"cloudtrail.amazonaws.com\"],\n }],\n actions: [\"s3:GetBucketAcl\"],\n resources: [exampleBucketV2.arn],\n conditions: [{\n test: \"StringEquals\",\n variable: \"aws:SourceArn\",\n values: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) =\u003e `arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example`)],\n }],\n },\n {\n sid: \"AWSCloudTrailWrite\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"cloudtrail.amazonaws.com\"],\n }],\n actions: [\"s3:PutObject\"],\n resources: [pulumi.all([exampleBucketV2.arn, current]).apply(([arn, current]) =\u003e `${arn}/prefix/AWSLogs/${current.accountId}/*`)],\n conditions: [\n {\n test: \"StringEquals\",\n variable: \"s3:x-amz-acl\",\n values: [\"bucket-owner-full-control\"],\n },\n {\n test: \"StringEquals\",\n variable: \"aws:SourceArn\",\n values: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) =\u003e `arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example`)],\n },\n ],\n },\n ],\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: exampleBucketV2.id,\n policy: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"my-test-trail\",\n force_destroy=True)\nexample_trail = aws.cloudtrail.Trail(\"example\",\n name=\"example\",\n s3_bucket_name=example_bucket_v2.id,\n s3_key_prefix=\"prefix\",\n include_global_service_events=False)\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\ncurrent_get_region = aws.get_region()\nexample = aws.iam.get_policy_document_output(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"AWSCloudTrailAclCheck\",\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"cloudtrail.amazonaws.com\"],\n )],\n actions=[\"s3:GetBucketAcl\"],\n resources=[example_bucket_v2.arn],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"StringEquals\",\n variable=\"aws:SourceArn\",\n values=[f\"arn:{current_get_partition.partition}:cloudtrail:{current_get_region.name}:{current.account_id}:trail/example\"],\n )],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"AWSCloudTrailWrite\",\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"cloudtrail.amazonaws.com\"],\n )],\n actions=[\"s3:PutObject\"],\n resources=[example_bucket_v2.arn.apply(lambda arn: f\"{arn}/prefix/AWSLogs/{current.account_id}/*\")],\n conditions=[\n aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"StringEquals\",\n variable=\"s3:x-amz-acl\",\n values=[\"bucket-owner-full-control\"],\n ),\n aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"StringEquals\",\n variable=\"aws:SourceArn\",\n values=[f\"arn:{current_get_partition.partition}:cloudtrail:{current_get_region.name}:{current.account_id}:trail/example\"],\n ),\n ],\n ),\n])\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example_bucket_v2.id,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-test-trail\",\n ForceDestroy = true,\n });\n\n var exampleTrail = new Aws.CloudTrail.Trail(\"example\", new()\n {\n Name = \"example\",\n S3BucketName = exampleBucketV2.Id,\n S3KeyPrefix = \"prefix\",\n IncludeGlobalServiceEvents = false,\n });\n\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSCloudTrailAclCheck\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"cloudtrail.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:GetBucketAcl\",\n },\n Resources = new[]\n {\n exampleBucketV2.Arn,\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:cloudtrail:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:trail/example\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSCloudTrailWrite\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"cloudtrail.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n $\"{exampleBucketV2.Arn}/prefix/AWSLogs/{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"s3:x-amz-acl\",\n Values = new[]\n {\n \"bucket-owner-full-control\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:cloudtrail:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:trail/example\",\n },\n },\n },\n },\n },\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-test-trail\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tS3BucketName: exampleBucketV2.ID(),\n\t\t\tS3KeyPrefix: pulumi.String(\"prefix\"),\n\t\t\tIncludeGlobalServiceEvents: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"AWSCloudTrailAclCheck\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"cloudtrail.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketAcl\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn,\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"arn:%v:cloudtrail:%v:%v:trail/example\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"AWSCloudTrailWrite\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"cloudtrail.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/prefix/AWSLogs/%v/*\", arn, current.AccountId), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"s3:x-amz-acl\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"bucket-owner-full-control\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"arn:%v:cloudtrail:%v:%v:trail/example\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tPolicy: example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"my-test-trail\")\n .forceDestroy(true)\n .build());\n\n var exampleTrail = new Trail(\"exampleTrail\", TrailArgs.builder() \n .name(\"example\")\n .s3BucketName(exampleBucketV2.id())\n .s3KeyPrefix(\"prefix\")\n .includeGlobalServiceEvents(false)\n .build());\n\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSCloudTrailAclCheck\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"cloudtrail.amazonaws.com\")\n .build())\n .actions(\"s3:GetBucketAcl\")\n .resources(exampleBucketV2.arn())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"aws:SourceArn\")\n .values(String.format(\"arn:%s:cloudtrail:%s:%s:trail/example\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSCloudTrailWrite\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"cloudtrail.amazonaws.com\")\n .build())\n .actions(\"s3:PutObject\")\n .resources(exampleBucketV2.arn().applyValue(arn -\u003e String.format(\"%s/prefix/AWSLogs/%s/*\", arn,current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))))\n .conditions( \n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"s3:x-amz-acl\")\n .values(\"bucket-owner-full-control\")\n .build(),\n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"aws:SourceArn\")\n .values(String.format(\"arn:%s:cloudtrail:%s:%s:trail/example\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .build())\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder() \n .bucket(exampleBucketV2.id())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleTrail:\n type: aws:cloudtrail:Trail\n name: example\n properties:\n name: example\n s3BucketName: ${exampleBucketV2.id}\n s3KeyPrefix: prefix\n includeGlobalServiceEvents: false\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: my-test-trail\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: AWSCloudTrailAclCheck\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - cloudtrail.amazonaws.com\n actions:\n - s3:GetBucketAcl\n resources:\n - ${exampleBucketV2.arn}\n conditions:\n - test: StringEquals\n variable: aws:SourceArn\n values:\n - arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example\n - sid: AWSCloudTrailWrite\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - cloudtrail.amazonaws.com\n actions:\n - s3:PutObject\n resources:\n - ${exampleBucketV2.arn}/prefix/AWSLogs/${current.accountId}/*\n conditions:\n - test: StringEquals\n variable: s3:x-amz-acl\n values:\n - bucket-owner-full-control\n - test: StringEquals\n variable: aws:SourceArn\n values:\n - arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Data Event Logging\n\nCloudTrail can log [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) for certain services such as S3 objects and Lambda function invocations. Additional information about data event configuration can be found in the following links:\n\n* [CloudTrail API DataResource documentation](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DataResource.html) (for basic event selector).\n* [CloudTrail API AdvancedFieldSelector documentation](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedFieldSelector.html) (for advanced event selector).\n\n### Logging All Lambda Function Invocations By Using Basic Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudtrail.Trail(\"example\", {eventSelectors: [{\n readWriteType: \"All\",\n includeManagementEvents: true,\n dataResources: [{\n type: \"AWS::Lambda::Function\",\n values: [\"arn:aws:lambda\"],\n }],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[aws.cloudtrail.TrailEventSelectorArgs(\n read_write_type=\"All\",\n include_management_events=True,\n data_resources=[aws.cloudtrail.TrailEventSelectorDataResourceArgs(\n type=\"AWS::Lambda::Function\",\n values=[\"arn:aws:lambda\"],\n )],\n)])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n EventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n ReadWriteType = \"All\",\n IncludeManagementEvents = true,\n DataResources = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorDataResourceArgs\n {\n Type = \"AWS::Lambda::Function\",\n Values = new[]\n {\n \"arn:aws:lambda\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tDataResources: cloudtrail.TrailEventSelectorDataResourceArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailEventSelectorDataResourceArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS::Lambda::Function\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"arn:aws:lambda\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trail(\"example\", TrailArgs.builder() \n .eventSelectors(TrailEventSelectorArgs.builder()\n .readWriteType(\"All\")\n .includeManagementEvents(true)\n .dataResources(TrailEventSelectorDataResourceArgs.builder()\n .type(\"AWS::Lambda::Function\")\n .values(\"arn:aws:lambda\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n eventSelectors:\n - readWriteType: All\n includeManagementEvents: true\n dataResources:\n - type: AWS::Lambda::Function\n values:\n - arn:aws:lambda\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging All S3 Object Events By Using Basic Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudtrail.Trail(\"example\", {eventSelectors: [{\n readWriteType: \"All\",\n includeManagementEvents: true,\n dataResources: [{\n type: \"AWS::S3::Object\",\n values: [\"arn:aws:s3\"],\n }],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[aws.cloudtrail.TrailEventSelectorArgs(\n read_write_type=\"All\",\n include_management_events=True,\n data_resources=[aws.cloudtrail.TrailEventSelectorDataResourceArgs(\n type=\"AWS::S3::Object\",\n values=[\"arn:aws:s3\"],\n )],\n)])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n EventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n ReadWriteType = \"All\",\n IncludeManagementEvents = true,\n DataResources = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorDataResourceArgs\n {\n Type = \"AWS::S3::Object\",\n Values = new[]\n {\n \"arn:aws:s3\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tDataResources: cloudtrail.TrailEventSelectorDataResourceArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailEventSelectorDataResourceArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"arn:aws:s3\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trail(\"example\", TrailArgs.builder() \n .eventSelectors(TrailEventSelectorArgs.builder()\n .readWriteType(\"All\")\n .includeManagementEvents(true)\n .dataResources(TrailEventSelectorDataResourceArgs.builder()\n .type(\"AWS::S3::Object\")\n .values(\"arn:aws:s3\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n eventSelectors:\n - readWriteType: All\n includeManagementEvents: true\n dataResources:\n - type: AWS::S3::Object\n values:\n - arn:aws:s3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging Individual S3 Bucket Events By Using Basic Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst important-bucket = aws.s3.getBucket({\n bucket: \"important-bucket\",\n});\nconst example = new aws.cloudtrail.Trail(\"example\", {eventSelectors: [{\n readWriteType: \"All\",\n includeManagementEvents: true,\n dataResources: [{\n type: \"AWS::S3::Object\",\n values: [important_bucket.then(important_bucket =\u003e `${important_bucket.arn}/`)],\n }],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nimportant_bucket = aws.s3.get_bucket(bucket=\"important-bucket\")\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[aws.cloudtrail.TrailEventSelectorArgs(\n read_write_type=\"All\",\n include_management_events=True,\n data_resources=[aws.cloudtrail.TrailEventSelectorDataResourceArgs(\n type=\"AWS::S3::Object\",\n values=[f\"{important_bucket.arn}/\"],\n )],\n)])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var important_bucket = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket\",\n });\n\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n EventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n ReadWriteType = \"All\",\n IncludeManagementEvents = true,\n DataResources = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorDataResourceArgs\n {\n Type = \"AWS::S3::Object\",\n Values = new[]\n {\n important_bucket.Apply(important_bucket =\u003e $\"{important_bucket.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\timportant_bucket, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tDataResources: cloudtrail.TrailEventSelectorDataResourceArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailEventSelectorDataResourceArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", important_bucket.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var important-bucket = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket\")\n .build());\n\n var example = new Trail(\"example\", TrailArgs.builder() \n .eventSelectors(TrailEventSelectorArgs.builder()\n .readWriteType(\"All\")\n .includeManagementEvents(true)\n .dataResources(TrailEventSelectorDataResourceArgs.builder()\n .type(\"AWS::S3::Object\")\n .values(String.format(\"%s/\", important_bucket.arn()))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n eventSelectors:\n - readWriteType: All\n includeManagementEvents: true\n dataResources:\n - type: AWS::S3::Object\n values:\n - ${[\"important-bucket\"].arn}/\nvariables:\n important-bucket:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging All S3 Object Events Except For Two S3 Buckets By Using Advanced Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst not-important-bucket-1 = aws.s3.getBucket({\n bucket: \"not-important-bucket-1\",\n});\nconst not-important-bucket-2 = aws.s3.getBucket({\n bucket: \"not-important-bucket-2\",\n});\nconst example = new aws.cloudtrail.Trail(\"example\", {advancedEventSelectors: [\n {\n name: \"Log all S3 objects events except for two S3 buckets\",\n fieldSelectors: [\n {\n field: \"eventCategory\",\n equals: [\"Data\"],\n },\n {\n field: \"resources.ARN\",\n notStartsWiths: [\n not_important_bucket_1.then(not_important_bucket_1 =\u003e `${not_important_bucket_1.arn}/`),\n not_important_bucket_2.then(not_important_bucket_2 =\u003e `${not_important_bucket_2.arn}/`),\n ],\n },\n {\n field: \"resources.type\",\n equals: [\"AWS::S3::Object\"],\n },\n ],\n },\n {\n name: \"Log readOnly and writeOnly management events\",\n fieldSelectors: [{\n field: \"eventCategory\",\n equals: [\"Management\"],\n }],\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnot_important_bucket_1 = aws.s3.get_bucket(bucket=\"not-important-bucket-1\")\nnot_important_bucket_2 = aws.s3.get_bucket(bucket=\"not-important-bucket-2\")\nexample = aws.cloudtrail.Trail(\"example\", advanced_event_selectors=[\n aws.cloudtrail.TrailAdvancedEventSelectorArgs(\n name=\"Log all S3 objects events except for two S3 buckets\",\n field_selectors=[\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventCategory\",\n equals=[\"Data\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.ARN\",\n not_starts_withs=[\n f\"{not_important_bucket_1.arn}/\",\n f\"{not_important_bucket_2.arn}/\",\n ],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.type\",\n equals=[\"AWS::S3::Object\"],\n ),\n ],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorArgs(\n name=\"Log readOnly and writeOnly management events\",\n field_selectors=[aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventCategory\",\n equals=[\"Management\"],\n )],\n ),\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var not_important_bucket_1 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"not-important-bucket-1\",\n });\n\n var not_important_bucket_2 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"not-important-bucket-2\",\n });\n\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n AdvancedEventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log all S3 objects events except for two S3 buckets\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Data\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.ARN\",\n NotStartsWiths = new[]\n {\n not_important_bucket_1.Apply(not_important_bucket_1 =\u003e $\"{not_important_bucket_1.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n not_important_bucket_2.Apply(not_important_bucket_2 =\u003e $\"{not_important_bucket_2.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.type\",\n Equals = new[]\n {\n \"AWS::S3::Object\",\n },\n },\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log readOnly and writeOnly management events\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Management\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnot_important_bucket_1, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"not-important-bucket-1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnot_important_bucket_2, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"not-important-bucket-2\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tAdvancedEventSelectors: cloudtrail.TrailAdvancedEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log all S3 objects events except for two S3 buckets\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Data\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.ARN\"),\n\t\t\t\t\t\t\tNotStartsWiths: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", not_important_bucket_1.Arn)),\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", not_important_bucket_2.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.type\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log readOnly and writeOnly management events\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Management\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailAdvancedEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var not-important-bucket-1 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"not-important-bucket-1\")\n .build());\n\n final var not-important-bucket-2 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"not-important-bucket-2\")\n .build());\n\n var example = new Trail(\"example\", TrailArgs.builder() \n .advancedEventSelectors( \n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log all S3 objects events except for two S3 buckets\")\n .fieldSelectors( \n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Data\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.ARN\")\n .notStartsWiths( \n String.format(\"%s/\", not_important_bucket_1.arn()),\n String.format(\"%s/\", not_important_bucket_2.arn()))\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.type\")\n .equals(\"AWS::S3::Object\")\n .build())\n .build(),\n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log readOnly and writeOnly management events\")\n .fieldSelectors(TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Management\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n advancedEventSelectors:\n - name: Log all S3 objects events except for two S3 buckets\n fieldSelectors:\n - field: eventCategory\n equals:\n - Data\n - field: resources.ARN\n notStartsWiths:\n - ${[\"not-important-bucket-1\"].arn}/\n - ${[\"not-important-bucket-2\"].arn}/\n - field: resources.type\n equals:\n - AWS::S3::Object\n - name: Log readOnly and writeOnly management events\n fieldSelectors:\n - field: eventCategory\n equals:\n - Management\nvariables:\n not-important-bucket-1:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: not-important-bucket-1\n not-important-bucket-2:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: not-important-bucket-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging Individual S3 Buckets And Specific Event Names By Using Advanced Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst important-bucket-1 = aws.s3.getBucket({\n bucket: \"important-bucket-1\",\n});\nconst important-bucket-2 = aws.s3.getBucket({\n bucket: \"important-bucket-2\",\n});\nconst important-bucket-3 = aws.s3.getBucket({\n bucket: \"important-bucket-3\",\n});\nconst example = new aws.cloudtrail.Trail(\"example\", {advancedEventSelectors: [\n {\n name: \"Log PutObject and DeleteObject events for two S3 buckets\",\n fieldSelectors: [\n {\n field: \"eventCategory\",\n equals: [\"Data\"],\n },\n {\n field: \"eventName\",\n equals: [\n \"PutObject\",\n \"DeleteObject\",\n ],\n },\n {\n field: \"resources.ARN\",\n startsWiths: [\n important_bucket_1.then(important_bucket_1 =\u003e `${important_bucket_1.arn}/`),\n important_bucket_2.then(important_bucket_2 =\u003e `${important_bucket_2.arn}/`),\n ],\n },\n {\n field: \"readOnly\",\n equals: [\"false\"],\n },\n {\n field: \"resources.type\",\n equals: [\"AWS::S3::Object\"],\n },\n ],\n },\n {\n name: \"Log Delete* events for one S3 bucket\",\n fieldSelectors: [\n {\n field: \"eventCategory\",\n equals: [\"Data\"],\n },\n {\n field: \"eventName\",\n startsWiths: [\"Delete\"],\n },\n {\n field: \"resources.ARN\",\n equals: [important_bucket_3.then(important_bucket_3 =\u003e `${important_bucket_3.arn}/important-prefix`)],\n },\n {\n field: \"readOnly\",\n equals: [\"false\"],\n },\n {\n field: \"resources.type\",\n equals: [\"AWS::S3::Object\"],\n },\n ],\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nimportant_bucket_1 = aws.s3.get_bucket(bucket=\"important-bucket-1\")\nimportant_bucket_2 = aws.s3.get_bucket(bucket=\"important-bucket-2\")\nimportant_bucket_3 = aws.s3.get_bucket(bucket=\"important-bucket-3\")\nexample = aws.cloudtrail.Trail(\"example\", advanced_event_selectors=[\n aws.cloudtrail.TrailAdvancedEventSelectorArgs(\n name=\"Log PutObject and DeleteObject events for two S3 buckets\",\n field_selectors=[\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventCategory\",\n equals=[\"Data\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventName\",\n equals=[\n \"PutObject\",\n \"DeleteObject\",\n ],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.ARN\",\n starts_withs=[\n f\"{important_bucket_1.arn}/\",\n f\"{important_bucket_2.arn}/\",\n ],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"readOnly\",\n equals=[\"false\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.type\",\n equals=[\"AWS::S3::Object\"],\n ),\n ],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorArgs(\n name=\"Log Delete* events for one S3 bucket\",\n field_selectors=[\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventCategory\",\n equals=[\"Data\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventName\",\n starts_withs=[\"Delete\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.ARN\",\n equals=[f\"{important_bucket_3.arn}/important-prefix\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"readOnly\",\n equals=[\"false\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.type\",\n equals=[\"AWS::S3::Object\"],\n ),\n ],\n ),\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var important_bucket_1 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket-1\",\n });\n\n var important_bucket_2 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket-2\",\n });\n\n var important_bucket_3 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket-3\",\n });\n\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n AdvancedEventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log PutObject and DeleteObject events for two S3 buckets\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Data\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventName\",\n Equals = new[]\n {\n \"PutObject\",\n \"DeleteObject\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.ARN\",\n StartsWiths = new[]\n {\n important_bucket_1.Apply(important_bucket_1 =\u003e $\"{important_bucket_1.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n important_bucket_2.Apply(important_bucket_2 =\u003e $\"{important_bucket_2.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"readOnly\",\n Equals = new[]\n {\n \"false\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.type\",\n Equals = new[]\n {\n \"AWS::S3::Object\",\n },\n },\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log Delete* events for one S3 bucket\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Data\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventName\",\n StartsWiths = new[]\n {\n \"Delete\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.ARN\",\n Equals = new[]\n {\n important_bucket_3.Apply(important_bucket_3 =\u003e $\"{important_bucket_3.Apply(getBucketResult =\u003e getBucketResult.Arn)}/important-prefix\"),\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"readOnly\",\n Equals = new[]\n {\n \"false\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.type\",\n Equals = new[]\n {\n \"AWS::S3::Object\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\timportant_bucket_1, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket-1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\timportant_bucket_2, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket-2\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\timportant_bucket_3, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket-3\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tAdvancedEventSelectors: cloudtrail.TrailAdvancedEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log PutObject and DeleteObject events for two S3 buckets\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Data\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventName\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"PutObject\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"DeleteObject\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.ARN\"),\n\t\t\t\t\t\t\tStartsWiths: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", important_bucket_1.Arn)),\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", important_bucket_2.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"readOnly\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"false\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.type\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log Delete* events for one S3 bucket\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Data\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventName\"),\n\t\t\t\t\t\t\tStartsWiths: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.ARN\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/important-prefix\", important_bucket_3.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"readOnly\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"false\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.type\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailAdvancedEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var important-bucket-1 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket-1\")\n .build());\n\n final var important-bucket-2 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket-2\")\n .build());\n\n final var important-bucket-3 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket-3\")\n .build());\n\n var example = new Trail(\"example\", TrailArgs.builder() \n .advancedEventSelectors( \n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log PutObject and DeleteObject events for two S3 buckets\")\n .fieldSelectors( \n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Data\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventName\")\n .equals( \n \"PutObject\",\n \"DeleteObject\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.ARN\")\n .startsWiths( \n String.format(\"%s/\", important_bucket_1.arn()),\n String.format(\"%s/\", important_bucket_2.arn()))\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"readOnly\")\n .equals(\"false\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.type\")\n .equals(\"AWS::S3::Object\")\n .build())\n .build(),\n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log Delete* events for one S3 bucket\")\n .fieldSelectors( \n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Data\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventName\")\n .startsWiths(\"Delete\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.ARN\")\n .equals(String.format(\"%s/important-prefix\", important_bucket_3.arn()))\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"readOnly\")\n .equals(\"false\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.type\")\n .equals(\"AWS::S3::Object\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n advancedEventSelectors:\n - name: Log PutObject and DeleteObject events for two S3 buckets\n fieldSelectors:\n - field: eventCategory\n equals:\n - Data\n - field: eventName\n equals:\n - PutObject\n - DeleteObject\n - field: resources.ARN\n startsWiths:\n - ${[\"important-bucket-1\"].arn}/\n - ${[\"important-bucket-2\"].arn}/\n - field: readOnly\n equals:\n - 'false'\n - field: resources.type\n equals:\n - AWS::S3::Object\n - name: Log Delete* events for one S3 bucket\n fieldSelectors:\n - field: eventCategory\n equals:\n - Data\n - field: eventName\n startsWiths:\n - Delete\n - field: resources.ARN\n equals:\n - ${[\"important-bucket-3\"].arn}/important-prefix\n - field: readOnly\n equals:\n - 'false'\n - field: resources.type\n equals:\n - AWS::S3::Object\nvariables:\n important-bucket-1:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket-1\n important-bucket-2:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket-2\n important-bucket-3:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket-3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Sending Events to CloudWatch Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {name: \"Example\"});\nconst exampleTrail = new aws.cloudtrail.Trail(\"example\", {cloudWatchLogsGroupArn: pulumi.interpolate`${example.arn}:*`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\", name=\"Example\")\nexample_trail = aws.cloudtrail.Trail(\"example\", cloud_watch_logs_group_arn=example.arn.apply(lambda arn: f\"{arn}:*\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"Example\",\n });\n\n var exampleTrail = new Aws.CloudTrail.Trail(\"example\", new()\n {\n CloudWatchLogsGroupArn = example.Arn.Apply(arn =\u003e $\"{arn}:*\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tCloudWatchLogsGroupArn: example.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v:*\", arn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder() \n .name(\"Example\")\n .build());\n\n var exampleTrail = new Trail(\"exampleTrail\", TrailArgs.builder() \n .cloudWatchLogsGroupArn(example.arn().applyValue(arn -\u003e String.format(\"%s:*\", arn)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: Example\n exampleTrail:\n type: aws:cloudtrail:Trail\n name: example\n properties:\n cloudWatchLogsGroupArn: ${example.arn}:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudtrails using the `arn`. For example:\n\n```sh\n$ pulumi import aws:cloudtrail/trail:Trail sample arn:aws:cloudtrail:us-east-1:123456789012:trail/my-sample-trail\n```\n", + "description": "Provides a CloudTrail resource.\n\n\u003e **Tip:** For a multi-region trail, this resource must be in the home region of the trail.\n\n\u003e **Tip:** For an organization trail, this resource must be in the master account of the organization.\n\n## Example Usage\n\n### Basic\n\nEnable CloudTrail to capture all compatible management events in region.\nFor capturing events from services like IAM, `include_global_service_events` must be enabled.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"my-test-trail\",\n forceDestroy: true,\n});\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst currentGetRegion = aws.getRegion({});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n sid: \"AWSCloudTrailAclCheck\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"cloudtrail.amazonaws.com\"],\n }],\n actions: [\"s3:GetBucketAcl\"],\n resources: [exampleBucketV2.arn],\n conditions: [{\n test: \"StringEquals\",\n variable: \"aws:SourceArn\",\n values: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) =\u003e `arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example`)],\n }],\n },\n {\n sid: \"AWSCloudTrailWrite\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"cloudtrail.amazonaws.com\"],\n }],\n actions: [\"s3:PutObject\"],\n resources: [pulumi.all([exampleBucketV2.arn, current]).apply(([arn, current]) =\u003e `${arn}/prefix/AWSLogs/${current.accountId}/*`)],\n conditions: [\n {\n test: \"StringEquals\",\n variable: \"s3:x-amz-acl\",\n values: [\"bucket-owner-full-control\"],\n },\n {\n test: \"StringEquals\",\n variable: \"aws:SourceArn\",\n values: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) =\u003e `arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example`)],\n },\n ],\n },\n ],\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: exampleBucketV2.id,\n policy: example.apply(example =\u003e example.json),\n});\nconst exampleTrail = new aws.cloudtrail.Trail(\"example\", {\n name: \"example\",\n s3BucketName: exampleBucketV2.id,\n s3KeyPrefix: \"prefix\",\n includeGlobalServiceEvents: false,\n}, {\n dependsOn: [exampleBucketPolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"my-test-trail\",\n force_destroy=True)\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\ncurrent_get_region = aws.get_region()\nexample = aws.iam.get_policy_document_output(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"AWSCloudTrailAclCheck\",\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"cloudtrail.amazonaws.com\"],\n )],\n actions=[\"s3:GetBucketAcl\"],\n resources=[example_bucket_v2.arn],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"StringEquals\",\n variable=\"aws:SourceArn\",\n values=[f\"arn:{current_get_partition.partition}:cloudtrail:{current_get_region.name}:{current.account_id}:trail/example\"],\n )],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"AWSCloudTrailWrite\",\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"cloudtrail.amazonaws.com\"],\n )],\n actions=[\"s3:PutObject\"],\n resources=[example_bucket_v2.arn.apply(lambda arn: f\"{arn}/prefix/AWSLogs/{current.account_id}/*\")],\n conditions=[\n aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"StringEquals\",\n variable=\"s3:x-amz-acl\",\n values=[\"bucket-owner-full-control\"],\n ),\n aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"StringEquals\",\n variable=\"aws:SourceArn\",\n values=[f\"arn:{current_get_partition.partition}:cloudtrail:{current_get_region.name}:{current.account_id}:trail/example\"],\n ),\n ],\n ),\n])\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example_bucket_v2.id,\n policy=example.json)\nexample_trail = aws.cloudtrail.Trail(\"example\",\n name=\"example\",\n s3_bucket_name=example_bucket_v2.id,\n s3_key_prefix=\"prefix\",\n include_global_service_events=False,\n opts=pulumi.ResourceOptions(depends_on=[example_bucket_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-test-trail\",\n ForceDestroy = true,\n });\n\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSCloudTrailAclCheck\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"cloudtrail.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:GetBucketAcl\",\n },\n Resources = new[]\n {\n exampleBucketV2.Arn,\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:cloudtrail:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:trail/example\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSCloudTrailWrite\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"cloudtrail.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n $\"{exampleBucketV2.Arn}/prefix/AWSLogs/{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"s3:x-amz-acl\",\n Values = new[]\n {\n \"bucket-owner-full-control\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:cloudtrail:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:trail/example\",\n },\n },\n },\n },\n },\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleTrail = new Aws.CloudTrail.Trail(\"example\", new()\n {\n Name = \"example\",\n S3BucketName = exampleBucketV2.Id,\n S3KeyPrefix = \"prefix\",\n IncludeGlobalServiceEvents = false,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketPolicy, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-test-trail\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"AWSCloudTrailAclCheck\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"cloudtrail.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketAcl\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn,\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"arn:%v:cloudtrail:%v:%v:trail/example\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"AWSCloudTrailWrite\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"cloudtrail.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/prefix/AWSLogs/%v/*\", arn, current.AccountId), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"s3:x-amz-acl\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"bucket-owner-full-control\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"arn:%v:cloudtrail:%v:%v:trail/example\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\texampleBucketPolicy, err := s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tPolicy: example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tS3BucketName: exampleBucketV2.ID(),\n\t\t\tS3KeyPrefix: pulumi.String(\"prefix\"),\n\t\t\tIncludeGlobalServiceEvents: pulumi.Bool(false),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketPolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"my-test-trail\")\n .forceDestroy(true)\n .build());\n\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSCloudTrailAclCheck\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"cloudtrail.amazonaws.com\")\n .build())\n .actions(\"s3:GetBucketAcl\")\n .resources(exampleBucketV2.arn())\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"aws:SourceArn\")\n .values(String.format(\"arn:%s:cloudtrail:%s:%s:trail/example\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSCloudTrailWrite\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"cloudtrail.amazonaws.com\")\n .build())\n .actions(\"s3:PutObject\")\n .resources(exampleBucketV2.arn().applyValue(arn -\u003e String.format(\"%s/prefix/AWSLogs/%s/*\", arn,current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))))\n .conditions( \n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"s3:x-amz-acl\")\n .values(\"bucket-owner-full-control\")\n .build(),\n GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"aws:SourceArn\")\n .values(String.format(\"arn:%s:cloudtrail:%s:%s:trail/example\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .build())\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder() \n .bucket(exampleBucketV2.id())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var exampleTrail = new Trail(\"exampleTrail\", TrailArgs.builder() \n .name(\"example\")\n .s3BucketName(exampleBucketV2.id())\n .s3KeyPrefix(\"prefix\")\n .includeGlobalServiceEvents(false)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketPolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleTrail:\n type: aws:cloudtrail:Trail\n name: example\n properties:\n name: example\n s3BucketName: ${exampleBucketV2.id}\n s3KeyPrefix: prefix\n includeGlobalServiceEvents: false\n options:\n dependson:\n - ${exampleBucketPolicy}\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: my-test-trail\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: AWSCloudTrailAclCheck\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - cloudtrail.amazonaws.com\n actions:\n - s3:GetBucketAcl\n resources:\n - ${exampleBucketV2.arn}\n conditions:\n - test: StringEquals\n variable: aws:SourceArn\n values:\n - arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example\n - sid: AWSCloudTrailWrite\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - cloudtrail.amazonaws.com\n actions:\n - s3:PutObject\n resources:\n - ${exampleBucketV2.arn}/prefix/AWSLogs/${current.accountId}/*\n conditions:\n - test: StringEquals\n variable: s3:x-amz-acl\n values:\n - bucket-owner-full-control\n - test: StringEquals\n variable: aws:SourceArn\n values:\n - arn:${currentGetPartition.partition}:cloudtrail:${currentGetRegion.name}:${current.accountId}:trail/example\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Data Event Logging\n\nCloudTrail can log [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) for certain services such as S3 objects and Lambda function invocations. Additional information about data event configuration can be found in the following links:\n\n* [CloudTrail API DataResource documentation](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_DataResource.html) (for basic event selector).\n* [CloudTrail API AdvancedFieldSelector documentation](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedFieldSelector.html) (for advanced event selector).\n\n### Logging All Lambda Function Invocations By Using Basic Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudtrail.Trail(\"example\", {eventSelectors: [{\n readWriteType: \"All\",\n includeManagementEvents: true,\n dataResources: [{\n type: \"AWS::Lambda::Function\",\n values: [\"arn:aws:lambda\"],\n }],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[aws.cloudtrail.TrailEventSelectorArgs(\n read_write_type=\"All\",\n include_management_events=True,\n data_resources=[aws.cloudtrail.TrailEventSelectorDataResourceArgs(\n type=\"AWS::Lambda::Function\",\n values=[\"arn:aws:lambda\"],\n )],\n)])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n EventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n ReadWriteType = \"All\",\n IncludeManagementEvents = true,\n DataResources = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorDataResourceArgs\n {\n Type = \"AWS::Lambda::Function\",\n Values = new[]\n {\n \"arn:aws:lambda\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tDataResources: cloudtrail.TrailEventSelectorDataResourceArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailEventSelectorDataResourceArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS::Lambda::Function\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"arn:aws:lambda\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trail(\"example\", TrailArgs.builder() \n .eventSelectors(TrailEventSelectorArgs.builder()\n .readWriteType(\"All\")\n .includeManagementEvents(true)\n .dataResources(TrailEventSelectorDataResourceArgs.builder()\n .type(\"AWS::Lambda::Function\")\n .values(\"arn:aws:lambda\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n eventSelectors:\n - readWriteType: All\n includeManagementEvents: true\n dataResources:\n - type: AWS::Lambda::Function\n values:\n - arn:aws:lambda\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging All S3 Object Events By Using Basic Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudtrail.Trail(\"example\", {eventSelectors: [{\n readWriteType: \"All\",\n includeManagementEvents: true,\n dataResources: [{\n type: \"AWS::S3::Object\",\n values: [\"arn:aws:s3\"],\n }],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[aws.cloudtrail.TrailEventSelectorArgs(\n read_write_type=\"All\",\n include_management_events=True,\n data_resources=[aws.cloudtrail.TrailEventSelectorDataResourceArgs(\n type=\"AWS::S3::Object\",\n values=[\"arn:aws:s3\"],\n )],\n)])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n EventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n ReadWriteType = \"All\",\n IncludeManagementEvents = true,\n DataResources = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorDataResourceArgs\n {\n Type = \"AWS::S3::Object\",\n Values = new[]\n {\n \"arn:aws:s3\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tDataResources: cloudtrail.TrailEventSelectorDataResourceArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailEventSelectorDataResourceArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"arn:aws:s3\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Trail(\"example\", TrailArgs.builder() \n .eventSelectors(TrailEventSelectorArgs.builder()\n .readWriteType(\"All\")\n .includeManagementEvents(true)\n .dataResources(TrailEventSelectorDataResourceArgs.builder()\n .type(\"AWS::S3::Object\")\n .values(\"arn:aws:s3\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n eventSelectors:\n - readWriteType: All\n includeManagementEvents: true\n dataResources:\n - type: AWS::S3::Object\n values:\n - arn:aws:s3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging Individual S3 Bucket Events By Using Basic Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst important-bucket = aws.s3.getBucket({\n bucket: \"important-bucket\",\n});\nconst example = new aws.cloudtrail.Trail(\"example\", {eventSelectors: [{\n readWriteType: \"All\",\n includeManagementEvents: true,\n dataResources: [{\n type: \"AWS::S3::Object\",\n values: [important_bucket.then(important_bucket =\u003e `${important_bucket.arn}/`)],\n }],\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nimportant_bucket = aws.s3.get_bucket(bucket=\"important-bucket\")\nexample = aws.cloudtrail.Trail(\"example\", event_selectors=[aws.cloudtrail.TrailEventSelectorArgs(\n read_write_type=\"All\",\n include_management_events=True,\n data_resources=[aws.cloudtrail.TrailEventSelectorDataResourceArgs(\n type=\"AWS::S3::Object\",\n values=[f\"{important_bucket.arn}/\"],\n )],\n)])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var important_bucket = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket\",\n });\n\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n EventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorArgs\n {\n ReadWriteType = \"All\",\n IncludeManagementEvents = true,\n DataResources = new[]\n {\n new Aws.CloudTrail.Inputs.TrailEventSelectorDataResourceArgs\n {\n Type = \"AWS::S3::Object\",\n Values = new[]\n {\n important_bucket.Apply(important_bucket =\u003e $\"{important_bucket.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\timportant_bucket, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tEventSelectors: cloudtrail.TrailEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailEventSelectorArgs{\n\t\t\t\t\tReadWriteType: pulumi.String(\"All\"),\n\t\t\t\t\tIncludeManagementEvents: pulumi.Bool(true),\n\t\t\t\t\tDataResources: cloudtrail.TrailEventSelectorDataResourceArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailEventSelectorDataResourceArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", important_bucket.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var important-bucket = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket\")\n .build());\n\n var example = new Trail(\"example\", TrailArgs.builder() \n .eventSelectors(TrailEventSelectorArgs.builder()\n .readWriteType(\"All\")\n .includeManagementEvents(true)\n .dataResources(TrailEventSelectorDataResourceArgs.builder()\n .type(\"AWS::S3::Object\")\n .values(String.format(\"%s/\", important_bucket.arn()))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n eventSelectors:\n - readWriteType: All\n includeManagementEvents: true\n dataResources:\n - type: AWS::S3::Object\n values:\n - ${[\"important-bucket\"].arn}/\nvariables:\n important-bucket:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging All S3 Object Events Except For Two S3 Buckets By Using Advanced Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst not-important-bucket-1 = aws.s3.getBucket({\n bucket: \"not-important-bucket-1\",\n});\nconst not-important-bucket-2 = aws.s3.getBucket({\n bucket: \"not-important-bucket-2\",\n});\nconst example = new aws.cloudtrail.Trail(\"example\", {advancedEventSelectors: [\n {\n name: \"Log all S3 objects events except for two S3 buckets\",\n fieldSelectors: [\n {\n field: \"eventCategory\",\n equals: [\"Data\"],\n },\n {\n field: \"resources.ARN\",\n notStartsWiths: [\n not_important_bucket_1.then(not_important_bucket_1 =\u003e `${not_important_bucket_1.arn}/`),\n not_important_bucket_2.then(not_important_bucket_2 =\u003e `${not_important_bucket_2.arn}/`),\n ],\n },\n {\n field: \"resources.type\",\n equals: [\"AWS::S3::Object\"],\n },\n ],\n },\n {\n name: \"Log readOnly and writeOnly management events\",\n fieldSelectors: [{\n field: \"eventCategory\",\n equals: [\"Management\"],\n }],\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nnot_important_bucket_1 = aws.s3.get_bucket(bucket=\"not-important-bucket-1\")\nnot_important_bucket_2 = aws.s3.get_bucket(bucket=\"not-important-bucket-2\")\nexample = aws.cloudtrail.Trail(\"example\", advanced_event_selectors=[\n aws.cloudtrail.TrailAdvancedEventSelectorArgs(\n name=\"Log all S3 objects events except for two S3 buckets\",\n field_selectors=[\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventCategory\",\n equals=[\"Data\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.ARN\",\n not_starts_withs=[\n f\"{not_important_bucket_1.arn}/\",\n f\"{not_important_bucket_2.arn}/\",\n ],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.type\",\n equals=[\"AWS::S3::Object\"],\n ),\n ],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorArgs(\n name=\"Log readOnly and writeOnly management events\",\n field_selectors=[aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventCategory\",\n equals=[\"Management\"],\n )],\n ),\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var not_important_bucket_1 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"not-important-bucket-1\",\n });\n\n var not_important_bucket_2 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"not-important-bucket-2\",\n });\n\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n AdvancedEventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log all S3 objects events except for two S3 buckets\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Data\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.ARN\",\n NotStartsWiths = new[]\n {\n not_important_bucket_1.Apply(not_important_bucket_1 =\u003e $\"{not_important_bucket_1.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n not_important_bucket_2.Apply(not_important_bucket_2 =\u003e $\"{not_important_bucket_2.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.type\",\n Equals = new[]\n {\n \"AWS::S3::Object\",\n },\n },\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log readOnly and writeOnly management events\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Management\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tnot_important_bucket_1, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"not-important-bucket-1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tnot_important_bucket_2, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"not-important-bucket-2\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tAdvancedEventSelectors: cloudtrail.TrailAdvancedEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log all S3 objects events except for two S3 buckets\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Data\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.ARN\"),\n\t\t\t\t\t\t\tNotStartsWiths: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", not_important_bucket_1.Arn)),\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", not_important_bucket_2.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.type\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log readOnly and writeOnly management events\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Management\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailAdvancedEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var not-important-bucket-1 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"not-important-bucket-1\")\n .build());\n\n final var not-important-bucket-2 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"not-important-bucket-2\")\n .build());\n\n var example = new Trail(\"example\", TrailArgs.builder() \n .advancedEventSelectors( \n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log all S3 objects events except for two S3 buckets\")\n .fieldSelectors( \n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Data\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.ARN\")\n .notStartsWiths( \n String.format(\"%s/\", not_important_bucket_1.arn()),\n String.format(\"%s/\", not_important_bucket_2.arn()))\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.type\")\n .equals(\"AWS::S3::Object\")\n .build())\n .build(),\n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log readOnly and writeOnly management events\")\n .fieldSelectors(TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Management\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n advancedEventSelectors:\n - name: Log all S3 objects events except for two S3 buckets\n fieldSelectors:\n - field: eventCategory\n equals:\n - Data\n - field: resources.ARN\n notStartsWiths:\n - ${[\"not-important-bucket-1\"].arn}/\n - ${[\"not-important-bucket-2\"].arn}/\n - field: resources.type\n equals:\n - AWS::S3::Object\n - name: Log readOnly and writeOnly management events\n fieldSelectors:\n - field: eventCategory\n equals:\n - Management\nvariables:\n not-important-bucket-1:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: not-important-bucket-1\n not-important-bucket-2:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: not-important-bucket-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging Individual S3 Buckets And Specific Event Names By Using Advanced Event Selectors\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst important-bucket-1 = aws.s3.getBucket({\n bucket: \"important-bucket-1\",\n});\nconst important-bucket-2 = aws.s3.getBucket({\n bucket: \"important-bucket-2\",\n});\nconst important-bucket-3 = aws.s3.getBucket({\n bucket: \"important-bucket-3\",\n});\nconst example = new aws.cloudtrail.Trail(\"example\", {advancedEventSelectors: [\n {\n name: \"Log PutObject and DeleteObject events for two S3 buckets\",\n fieldSelectors: [\n {\n field: \"eventCategory\",\n equals: [\"Data\"],\n },\n {\n field: \"eventName\",\n equals: [\n \"PutObject\",\n \"DeleteObject\",\n ],\n },\n {\n field: \"resources.ARN\",\n startsWiths: [\n important_bucket_1.then(important_bucket_1 =\u003e `${important_bucket_1.arn}/`),\n important_bucket_2.then(important_bucket_2 =\u003e `${important_bucket_2.arn}/`),\n ],\n },\n {\n field: \"readOnly\",\n equals: [\"false\"],\n },\n {\n field: \"resources.type\",\n equals: [\"AWS::S3::Object\"],\n },\n ],\n },\n {\n name: \"Log Delete* events for one S3 bucket\",\n fieldSelectors: [\n {\n field: \"eventCategory\",\n equals: [\"Data\"],\n },\n {\n field: \"eventName\",\n startsWiths: [\"Delete\"],\n },\n {\n field: \"resources.ARN\",\n equals: [important_bucket_3.then(important_bucket_3 =\u003e `${important_bucket_3.arn}/important-prefix`)],\n },\n {\n field: \"readOnly\",\n equals: [\"false\"],\n },\n {\n field: \"resources.type\",\n equals: [\"AWS::S3::Object\"],\n },\n ],\n },\n]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nimportant_bucket_1 = aws.s3.get_bucket(bucket=\"important-bucket-1\")\nimportant_bucket_2 = aws.s3.get_bucket(bucket=\"important-bucket-2\")\nimportant_bucket_3 = aws.s3.get_bucket(bucket=\"important-bucket-3\")\nexample = aws.cloudtrail.Trail(\"example\", advanced_event_selectors=[\n aws.cloudtrail.TrailAdvancedEventSelectorArgs(\n name=\"Log PutObject and DeleteObject events for two S3 buckets\",\n field_selectors=[\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventCategory\",\n equals=[\"Data\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventName\",\n equals=[\n \"PutObject\",\n \"DeleteObject\",\n ],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.ARN\",\n starts_withs=[\n f\"{important_bucket_1.arn}/\",\n f\"{important_bucket_2.arn}/\",\n ],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"readOnly\",\n equals=[\"false\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.type\",\n equals=[\"AWS::S3::Object\"],\n ),\n ],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorArgs(\n name=\"Log Delete* events for one S3 bucket\",\n field_selectors=[\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventCategory\",\n equals=[\"Data\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"eventName\",\n starts_withs=[\"Delete\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.ARN\",\n equals=[f\"{important_bucket_3.arn}/important-prefix\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"readOnly\",\n equals=[\"false\"],\n ),\n aws.cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs(\n field=\"resources.type\",\n equals=[\"AWS::S3::Object\"],\n ),\n ],\n ),\n])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var important_bucket_1 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket-1\",\n });\n\n var important_bucket_2 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket-2\",\n });\n\n var important_bucket_3 = Aws.S3.GetBucket.Invoke(new()\n {\n Bucket = \"important-bucket-3\",\n });\n\n var example = new Aws.CloudTrail.Trail(\"example\", new()\n {\n AdvancedEventSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log PutObject and DeleteObject events for two S3 buckets\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Data\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventName\",\n Equals = new[]\n {\n \"PutObject\",\n \"DeleteObject\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.ARN\",\n StartsWiths = new[]\n {\n important_bucket_1.Apply(important_bucket_1 =\u003e $\"{important_bucket_1.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n important_bucket_2.Apply(important_bucket_2 =\u003e $\"{important_bucket_2.Apply(getBucketResult =\u003e getBucketResult.Arn)}/\"),\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"readOnly\",\n Equals = new[]\n {\n \"false\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.type\",\n Equals = new[]\n {\n \"AWS::S3::Object\",\n },\n },\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorArgs\n {\n Name = \"Log Delete* events for one S3 bucket\",\n FieldSelectors = new[]\n {\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventCategory\",\n Equals = new[]\n {\n \"Data\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"eventName\",\n StartsWiths = new[]\n {\n \"Delete\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.ARN\",\n Equals = new[]\n {\n important_bucket_3.Apply(important_bucket_3 =\u003e $\"{important_bucket_3.Apply(getBucketResult =\u003e getBucketResult.Arn)}/important-prefix\"),\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"readOnly\",\n Equals = new[]\n {\n \"false\",\n },\n },\n new Aws.CloudTrail.Inputs.TrailAdvancedEventSelectorFieldSelectorArgs\n {\n Field = \"resources.type\",\n Equals = new[]\n {\n \"AWS::S3::Object\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\timportant_bucket_1, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket-1\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\timportant_bucket_2, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket-2\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\timportant_bucket_3, err := s3.LookupBucket(ctx, \u0026s3.LookupBucketArgs{\n\t\t\tBucket: \"important-bucket-3\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tAdvancedEventSelectors: cloudtrail.TrailAdvancedEventSelectorArray{\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log PutObject and DeleteObject events for two S3 buckets\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Data\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventName\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"PutObject\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"DeleteObject\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.ARN\"),\n\t\t\t\t\t\t\tStartsWiths: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", important_bucket_1.Arn)),\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/\", important_bucket_2.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"readOnly\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"false\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.type\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorArgs{\n\t\t\t\t\tName: pulumi.String(\"Log Delete* events for one S3 bucket\"),\n\t\t\t\t\tFieldSelectors: cloudtrail.TrailAdvancedEventSelectorFieldSelectorArray{\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventCategory\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Data\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"eventName\"),\n\t\t\t\t\t\t\tStartsWiths: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.ARN\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(fmt.Sprintf(\"%v/important-prefix\", important_bucket_3.Arn)),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"readOnly\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"false\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026cloudtrail.TrailAdvancedEventSelectorFieldSelectorArgs{\n\t\t\t\t\t\t\tField: pulumi.String(\"resources.type\"),\n\t\t\t\t\t\t\tEquals: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"AWS::S3::Object\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.inputs.GetBucketArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport com.pulumi.aws.cloudtrail.inputs.TrailAdvancedEventSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var important-bucket-1 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket-1\")\n .build());\n\n final var important-bucket-2 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket-2\")\n .build());\n\n final var important-bucket-3 = S3Functions.getBucket(GetBucketArgs.builder()\n .bucket(\"important-bucket-3\")\n .build());\n\n var example = new Trail(\"example\", TrailArgs.builder() \n .advancedEventSelectors( \n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log PutObject and DeleteObject events for two S3 buckets\")\n .fieldSelectors( \n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Data\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventName\")\n .equals( \n \"PutObject\",\n \"DeleteObject\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.ARN\")\n .startsWiths( \n String.format(\"%s/\", important_bucket_1.arn()),\n String.format(\"%s/\", important_bucket_2.arn()))\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"readOnly\")\n .equals(\"false\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.type\")\n .equals(\"AWS::S3::Object\")\n .build())\n .build(),\n TrailAdvancedEventSelectorArgs.builder()\n .name(\"Log Delete* events for one S3 bucket\")\n .fieldSelectors( \n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventCategory\")\n .equals(\"Data\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"eventName\")\n .startsWiths(\"Delete\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.ARN\")\n .equals(String.format(\"%s/important-prefix\", important_bucket_3.arn()))\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"readOnly\")\n .equals(\"false\")\n .build(),\n TrailAdvancedEventSelectorFieldSelectorArgs.builder()\n .field(\"resources.type\")\n .equals(\"AWS::S3::Object\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudtrail:Trail\n properties:\n advancedEventSelectors:\n - name: Log PutObject and DeleteObject events for two S3 buckets\n fieldSelectors:\n - field: eventCategory\n equals:\n - Data\n - field: eventName\n equals:\n - PutObject\n - DeleteObject\n - field: resources.ARN\n startsWiths:\n - ${[\"important-bucket-1\"].arn}/\n - ${[\"important-bucket-2\"].arn}/\n - field: readOnly\n equals:\n - 'false'\n - field: resources.type\n equals:\n - AWS::S3::Object\n - name: Log Delete* events for one S3 bucket\n fieldSelectors:\n - field: eventCategory\n equals:\n - Data\n - field: eventName\n startsWiths:\n - Delete\n - field: resources.ARN\n equals:\n - ${[\"important-bucket-3\"].arn}/important-prefix\n - field: readOnly\n equals:\n - 'false'\n - field: resources.type\n equals:\n - AWS::S3::Object\nvariables:\n important-bucket-1:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket-1\n important-bucket-2:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket-2\n important-bucket-3:\n fn::invoke:\n Function: aws:s3:getBucket\n Arguments:\n bucket: important-bucket-3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Sending Events to CloudWatch Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {name: \"Example\"});\nconst exampleTrail = new aws.cloudtrail.Trail(\"example\", {cloudWatchLogsGroupArn: pulumi.interpolate`${example.arn}:*`});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\", name=\"Example\")\nexample_trail = aws.cloudtrail.Trail(\"example\", cloud_watch_logs_group_arn=example.arn.apply(lambda arn: f\"{arn}:*\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"Example\",\n });\n\n var exampleTrail = new Aws.CloudTrail.Trail(\"example\", new()\n {\n CloudWatchLogsGroupArn = example.Arn.Apply(arn =\u003e $\"{arn}:*\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudtrail.NewTrail(ctx, \"example\", \u0026cloudtrail.TrailArgs{\n\t\t\tCloudWatchLogsGroupArn: example.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v:*\", arn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.cloudtrail.Trail;\nimport com.pulumi.aws.cloudtrail.TrailArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder() \n .name(\"Example\")\n .build());\n\n var exampleTrail = new Trail(\"exampleTrail\", TrailArgs.builder() \n .cloudWatchLogsGroupArn(example.arn().applyValue(arn -\u003e String.format(\"%s:*\", arn)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: Example\n exampleTrail:\n type: aws:cloudtrail:Trail\n name: example\n properties:\n cloudWatchLogsGroupArn: ${example.arn}:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cloudtrails using the `arn`. For example:\n\n```sh\n$ pulumi import aws:cloudtrail/trail:Trail sample arn:aws:cloudtrail:us-east-1:123456789012:trail/my-sample-trail\n```\n", "properties": { "advancedEventSelectors": { "type": "array", @@ -184585,7 +184585,7 @@ } }, "aws:cloudwatch/logDataProtectionPolicy:LogDataProtectionPolicy": { - "description": "Provides a CloudWatch Log Data Protection Policy resource.\n\nRead more about protecting sensitive user data in the [User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleLogDataProtectionPolicy = new aws.cloudwatch.LogDataProtectionPolicy(\"example\", {\n logGroupName: example.name,\n policyDocument: pulumi.jsonStringify({\n name: \"Example\",\n version: \"2021-06-01\",\n statement: [\n {\n sid: \"Audit\",\n dataIdentifier: [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n operation: {\n audit: {\n findingsDestination: {\n S3: {\n bucket: exampleBucketV2.bucket,\n },\n },\n },\n },\n },\n {\n sid: \"Redact\",\n dataIdentifier: [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n operation: {\n deidentify: {\n maskConfig: {},\n },\n },\n },\n ],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_log_data_protection_policy = aws.cloudwatch.LogDataProtectionPolicy(\"example\",\n log_group_name=example.name,\n policy_document=pulumi.Output.json_dumps({\n \"name\": \"Example\",\n \"version\": \"2021-06-01\",\n \"statement\": [\n {\n \"sid\": \"Audit\",\n \"dataIdentifier\": [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n \"operation\": {\n \"audit\": {\n \"findingsDestination\": {\n \"S3\": {\n \"bucket\": example_bucket_v2.bucket,\n },\n },\n },\n },\n },\n {\n \"sid\": \"Redact\",\n \"dataIdentifier\": [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n \"operation\": {\n \"deidentify\": {\n \"maskConfig\": {},\n },\n },\n },\n ],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleLogDataProtectionPolicy = new Aws.CloudWatch.LogDataProtectionPolicy(\"example\", new()\n {\n LogGroupName = example.Name,\n PolicyDocument = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"name\"] = \"Example\",\n [\"version\"] = \"2021-06-01\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"sid\"] = \"Audit\",\n [\"dataIdentifier\"] = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n },\n [\"operation\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"audit\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"findingsDestination\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"S3\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"bucket\"] = exampleBucketV2.Bucket,\n },\n },\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"sid\"] = \"Redact\",\n [\"dataIdentifier\"] = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n },\n [\"operation\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"deidentify\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"maskConfig\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogDataProtectionPolicy(ctx, \"example\", \u0026cloudwatch.LogDataProtectionPolicyArgs{\n\t\t\tLogGroupName: example.Name,\n\t\t\tPolicyDocument: exampleBucketV2.Bucket.ApplyT(func(bucket string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"name\": \"Example\",\n\t\t\t\t\t\"version\": \"2021-06-01\",\n\t\t\t\t\t\"statement\": []interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"sid\": \"Audit\",\n\t\t\t\t\t\t\t\"dataIdentifier\": []string{\n\t\t\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"operation\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"audit\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"findingsDestination\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\t\"S3\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\t\t\"bucket\": bucket,\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"sid\": \"Redact\",\n\t\t\t\t\t\t\t\"dataIdentifier\": []string{\n\t\t\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"operation\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"deidentify\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"maskConfig\": nil,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.cloudwatch.LogDataProtectionPolicy;\nimport com.pulumi.aws.cloudwatch.LogDataProtectionPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder() \n .name(\"example\")\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example\")\n .build());\n\n var exampleLogDataProtectionPolicy = new LogDataProtectionPolicy(\"exampleLogDataProtectionPolicy\", LogDataProtectionPolicyArgs.builder() \n .logGroupName(example.name())\n .policyDocument(exampleBucketV2.bucket().applyValue(bucket -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"name\", \"Example\"),\n jsonProperty(\"version\", \"2021-06-01\"),\n jsonProperty(\"statement\", jsonArray(\n jsonObject(\n jsonProperty(\"sid\", \"Audit\"),\n jsonProperty(\"dataIdentifier\", jsonArray(\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\")),\n jsonProperty(\"operation\", jsonObject(\n jsonProperty(\"audit\", jsonObject(\n jsonProperty(\"findingsDestination\", jsonObject(\n jsonProperty(\"S3\", jsonObject(\n jsonProperty(\"bucket\", bucket)\n ))\n ))\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"sid\", \"Redact\"),\n jsonProperty(\"dataIdentifier\", jsonArray(\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\")),\n jsonProperty(\"operation\", jsonObject(\n jsonProperty(\"deidentify\", jsonObject(\n jsonProperty(\"maskConfig\", jsonObject(\n\n ))\n ))\n ))\n )\n ))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: example\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleLogDataProtectionPolicy:\n type: aws:cloudwatch:LogDataProtectionPolicy\n name: example\n properties:\n logGroupName: ${example.name}\n policyDocument:\n fn::toJSON:\n name: Example\n version: 2021-06-01\n statement:\n - sid: Audit\n dataIdentifier:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n operation:\n audit:\n findingsDestination:\n S3:\n bucket: ${exampleBucketV2.bucket}\n - sid: Redact\n dataIdentifier:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n operation:\n deidentify:\n maskConfig: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import this resource using the `log_group_name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logDataProtectionPolicy:LogDataProtectionPolicy example my-log-group\n```\n", + "description": "Provides a CloudWatch Log Data Protection Policy resource.\n\nRead more about protecting sensitive user data in the [User Guide](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleLogDataProtectionPolicy = new aws.cloudwatch.LogDataProtectionPolicy(\"example\", {\n logGroupName: example.name,\n policyDocument: pulumi.jsonStringify({\n Name: \"Example\",\n Version: \"2021-06-01\",\n Statement: [\n {\n Sid: \"Audit\",\n DataIdentifier: [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n Operation: {\n Audit: {\n FindingsDestination: {\n S3: {\n Bucket: exampleBucketV2.bucket,\n },\n },\n },\n },\n },\n {\n Sid: \"Redact\",\n DataIdentifier: [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n Operation: {\n Deidentify: {\n MaskConfig: {},\n },\n },\n },\n ],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_log_data_protection_policy = aws.cloudwatch.LogDataProtectionPolicy(\"example\",\n log_group_name=example.name,\n policy_document=pulumi.Output.json_dumps({\n \"Name\": \"Example\",\n \"Version\": \"2021-06-01\",\n \"Statement\": [\n {\n \"Sid\": \"Audit\",\n \"DataIdentifier\": [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n \"Operation\": {\n \"Audit\": {\n \"FindingsDestination\": {\n \"S3\": {\n \"Bucket\": example_bucket_v2.bucket,\n },\n },\n },\n },\n },\n {\n \"Sid\": \"Redact\",\n \"DataIdentifier\": [\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\"],\n \"Operation\": {\n \"Deidentify\": {\n \"MaskConfig\": {},\n },\n },\n },\n ],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleLogDataProtectionPolicy = new Aws.CloudWatch.LogDataProtectionPolicy(\"example\", new()\n {\n LogGroupName = example.Name,\n PolicyDocument = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Name\"] = \"Example\",\n [\"Version\"] = \"2021-06-01\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Audit\",\n [\"DataIdentifier\"] = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n },\n [\"Operation\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Audit\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"FindingsDestination\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"S3\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Bucket\"] = exampleBucketV2.Bucket,\n },\n },\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Redact\",\n [\"DataIdentifier\"] = new[]\n {\n \"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n },\n [\"Operation\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Deidentify\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"MaskConfig\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogDataProtectionPolicy(ctx, \"example\", \u0026cloudwatch.LogDataProtectionPolicyArgs{\n\t\t\tLogGroupName: example.Name,\n\t\t\tPolicyDocument: exampleBucketV2.Bucket.ApplyT(func(bucket string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Name\": \"Example\",\n\t\t\t\t\t\"Version\": \"2021-06-01\",\n\t\t\t\t\t\"Statement\": []interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Sid\": \"Audit\",\n\t\t\t\t\t\t\t\"DataIdentifier\": []string{\n\t\t\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Operation\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"Audit\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"FindingsDestination\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\t\"S3\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\t\t\"Bucket\": bucket,\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Sid\": \"Redact\",\n\t\t\t\t\t\t\t\"DataIdentifier\": []string{\n\t\t\t\t\t\t\t\t\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Operation\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"Deidentify\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"MaskConfig\": nil,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.cloudwatch.LogDataProtectionPolicy;\nimport com.pulumi.aws.cloudwatch.LogDataProtectionPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LogGroup(\"example\", LogGroupArgs.builder() \n .name(\"example\")\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example\")\n .build());\n\n var exampleLogDataProtectionPolicy = new LogDataProtectionPolicy(\"exampleLogDataProtectionPolicy\", LogDataProtectionPolicyArgs.builder() \n .logGroupName(example.name())\n .policyDocument(exampleBucketV2.bucket().applyValue(bucket -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Name\", \"Example\"),\n jsonProperty(\"Version\", \"2021-06-01\"),\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Sid\", \"Audit\"),\n jsonProperty(\"DataIdentifier\", jsonArray(\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\")),\n jsonProperty(\"Operation\", jsonObject(\n jsonProperty(\"Audit\", jsonObject(\n jsonProperty(\"FindingsDestination\", jsonObject(\n jsonProperty(\"S3\", jsonObject(\n jsonProperty(\"Bucket\", bucket)\n ))\n ))\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Sid\", \"Redact\"),\n jsonProperty(\"DataIdentifier\", jsonArray(\"arn:aws:dataprotection::aws:data-identifier/EmailAddress\")),\n jsonProperty(\"Operation\", jsonObject(\n jsonProperty(\"Deidentify\", jsonObject(\n jsonProperty(\"MaskConfig\", jsonObject(\n\n ))\n ))\n ))\n )\n ))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: example\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n exampleLogDataProtectionPolicy:\n type: aws:cloudwatch:LogDataProtectionPolicy\n name: example\n properties:\n logGroupName: ${example.name}\n policyDocument:\n fn::toJSON:\n Name: Example\n Version: 2021-06-01\n Statement:\n - Sid: Audit\n DataIdentifier:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n Operation:\n Audit:\n FindingsDestination:\n S3:\n Bucket: ${exampleBucketV2.bucket}\n - Sid: Redact\n DataIdentifier:\n - arn:aws:dataprotection::aws:data-identifier/EmailAddress\n Operation:\n Deidentify:\n MaskConfig: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import this resource using the `log_group_name`. For example:\n\n```sh\n$ pulumi import aws:cloudwatch/logDataProtectionPolicy:LogDataProtectionPolicy example my-log-group\n```\n", "properties": { "logGroupName": { "type": "string", @@ -187039,7 +187039,7 @@ } }, "aws:codebuild/resourcePolicy:ResourcePolicy": { - "description": "Provides a CodeBuild Resource Policy Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codebuild.ReportGroup(\"example\", {\n name: \"example\",\n type: \"TEST\",\n exportConfig: {\n type: \"NO_EXPORT\",\n },\n});\nconst current = aws.getPartition({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst exampleResourcePolicy = new aws.codebuild.ResourcePolicy(\"example\", {\n resourceArn: example.arn,\n policy: pulumi.jsonStringify({\n version: \"2012-10-17\",\n id: \"default\",\n statement: [{\n sid: \"default\",\n effect: \"Allow\",\n principal: {\n AWS: Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e `arn:${current.partition}:iam::${currentGetCallerIdentity.accountId}:root`),\n },\n action: [\n \"codebuild:BatchGetReportGroups\",\n \"codebuild:BatchGetReports\",\n \"codebuild:ListReportsForReportGroup\",\n \"codebuild:DescribeTestCases\",\n ],\n resource: example.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.codebuild.ReportGroup(\"example\",\n name=\"example\",\n type=\"TEST\",\n export_config=aws.codebuild.ReportGroupExportConfigArgs(\n type=\"NO_EXPORT\",\n ))\ncurrent = aws.get_partition()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample_resource_policy = aws.codebuild.ResourcePolicy(\"example\",\n resource_arn=example.arn,\n policy=pulumi.Output.json_dumps({\n \"version\": \"2012-10-17\",\n \"id\": \"default\",\n \"statement\": [{\n \"sid\": \"default\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": f\"arn:{current.partition}:iam::{current_get_caller_identity.account_id}:root\",\n },\n \"action\": [\n \"codebuild:BatchGetReportGroups\",\n \"codebuild:BatchGetReports\",\n \"codebuild:ListReportsForReportGroup\",\n \"codebuild:DescribeTestCases\",\n ],\n \"resource\": example.arn,\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeBuild.ReportGroup(\"example\", new()\n {\n Name = \"example\",\n Type = \"TEST\",\n ExportConfig = new Aws.CodeBuild.Inputs.ReportGroupExportConfigArgs\n {\n Type = \"NO_EXPORT\",\n },\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var exampleResourcePolicy = new Aws.CodeBuild.ResourcePolicy(\"example\", new()\n {\n ResourceArn = example.Arn,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"id\"] = \"default\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"sid\"] = \"default\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(current, currentGetCallerIdentity).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n return $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"action\"] = new[]\n {\n \"codebuild:BatchGetReportGroups\",\n \"codebuild:BatchGetReports\",\n \"codebuild:ListReportsForReportGroup\",\n \"codebuild:DescribeTestCases\",\n },\n [\"resource\"] = example.Arn,\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := codebuild.NewReportGroup(ctx, \"example\", \u0026codebuild.ReportGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"TEST\"),\n\t\t\tExportConfig: \u0026codebuild.ReportGroupExportConfigArgs{\n\t\t\t\tType: pulumi.String(\"NO_EXPORT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codebuild.NewResourcePolicy(ctx, \"example\", \u0026codebuild.ResourcePolicyArgs{\n\t\t\tResourceArn: example.Arn,\n\t\t\tPolicy: example.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\"id\": \"default\",\n\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"sid\": \"default\",\n\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", current.Partition, currentGetCallerIdentity.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\t\"codebuild:BatchGetReportGroups\",\n\t\t\t\t\t\t\t\t\"codebuild:BatchGetReports\",\n\t\t\t\t\t\t\t\t\"codebuild:ListReportsForReportGroup\",\n\t\t\t\t\t\t\t\t\"codebuild:DescribeTestCases\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codebuild.ReportGroup;\nimport com.pulumi.aws.codebuild.ReportGroupArgs;\nimport com.pulumi.aws.codebuild.inputs.ReportGroupExportConfigArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.codebuild.ResourcePolicy;\nimport com.pulumi.aws.codebuild.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ReportGroup(\"example\", ReportGroupArgs.builder() \n .name(\"example\")\n .type(\"TEST\")\n .exportConfig(ReportGroupExportConfigArgs.builder()\n .type(\"NO_EXPORT\")\n .build())\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var exampleResourcePolicy = new ResourcePolicy(\"exampleResourcePolicy\", ResourcePolicyArgs.builder() \n .resourceArn(example.arn())\n .policy(example.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"id\", \"default\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"sid\", \"default\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"action\", jsonArray(\n \"codebuild:BatchGetReportGroups\", \n \"codebuild:BatchGetReports\", \n \"codebuild:ListReportsForReportGroup\", \n \"codebuild:DescribeTestCases\"\n )),\n jsonProperty(\"resource\", arn)\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codebuild:ReportGroup\n properties:\n name: example\n type: TEST\n exportConfig:\n type: NO_EXPORT\n exampleResourcePolicy:\n type: aws:codebuild:ResourcePolicy\n name: example\n properties:\n resourceArn: ${example.arn}\n policy:\n fn::toJSON:\n version: 2012-10-17\n id: default\n statement:\n - sid: default\n effect: Allow\n principal:\n AWS: arn:${current.partition}:iam::${currentGetCallerIdentity.accountId}:root\n action:\n - codebuild:BatchGetReportGroups\n - codebuild:BatchGetReports\n - codebuild:ListReportsForReportGroup\n - codebuild:DescribeTestCases\n resource: ${example.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeBuild Resource Policy using the CodeBuild Resource Policy arn. For example:\n\n```sh\n$ pulumi import aws:codebuild/resourcePolicy:ResourcePolicy example arn:aws:codebuild:us-west-2:123456789:report-group/report-group-name\n```\n", + "description": "Provides a CodeBuild Resource Policy Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codebuild.ReportGroup(\"example\", {\n name: \"example\",\n type: \"TEST\",\n exportConfig: {\n type: \"NO_EXPORT\",\n },\n});\nconst current = aws.getPartition({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst exampleResourcePolicy = new aws.codebuild.ResourcePolicy(\"example\", {\n resourceArn: example.arn,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Id: \"default\",\n Statement: [{\n Sid: \"default\",\n Effect: \"Allow\",\n Principal: {\n AWS: Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e `arn:${current.partition}:iam::${currentGetCallerIdentity.accountId}:root`),\n },\n Action: [\n \"codebuild:BatchGetReportGroups\",\n \"codebuild:BatchGetReports\",\n \"codebuild:ListReportsForReportGroup\",\n \"codebuild:DescribeTestCases\",\n ],\n Resource: example.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.codebuild.ReportGroup(\"example\",\n name=\"example\",\n type=\"TEST\",\n export_config=aws.codebuild.ReportGroupExportConfigArgs(\n type=\"NO_EXPORT\",\n ))\ncurrent = aws.get_partition()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample_resource_policy = aws.codebuild.ResourcePolicy(\"example\",\n resource_arn=example.arn,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Id\": \"default\",\n \"Statement\": [{\n \"Sid\": \"default\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:{current.partition}:iam::{current_get_caller_identity.account_id}:root\",\n },\n \"Action\": [\n \"codebuild:BatchGetReportGroups\",\n \"codebuild:BatchGetReports\",\n \"codebuild:ListReportsForReportGroup\",\n \"codebuild:DescribeTestCases\",\n ],\n \"Resource\": example.arn,\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeBuild.ReportGroup(\"example\", new()\n {\n Name = \"example\",\n Type = \"TEST\",\n ExportConfig = new Aws.CodeBuild.Inputs.ReportGroupExportConfigArgs\n {\n Type = \"NO_EXPORT\",\n },\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var exampleResourcePolicy = new Aws.CodeBuild.ResourcePolicy(\"example\", new()\n {\n ResourceArn = example.Arn,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Id\"] = \"default\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"default\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(current, currentGetCallerIdentity).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n return $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"Action\"] = new[]\n {\n \"codebuild:BatchGetReportGroups\",\n \"codebuild:BatchGetReports\",\n \"codebuild:ListReportsForReportGroup\",\n \"codebuild:DescribeTestCases\",\n },\n [\"Resource\"] = example.Arn,\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codebuild\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := codebuild.NewReportGroup(ctx, \"example\", \u0026codebuild.ReportGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"TEST\"),\n\t\t\tExportConfig: \u0026codebuild.ReportGroupExportConfigArgs{\n\t\t\t\tType: pulumi.String(\"NO_EXPORT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = codebuild.NewResourcePolicy(ctx, \"example\", \u0026codebuild.ResourcePolicyArgs{\n\t\t\tResourceArn: example.Arn,\n\t\t\tPolicy: example.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Id\": \"default\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Sid\": \"default\",\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", current.Partition, currentGetCallerIdentity.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\"codebuild:BatchGetReportGroups\",\n\t\t\t\t\t\t\t\t\"codebuild:BatchGetReports\",\n\t\t\t\t\t\t\t\t\"codebuild:ListReportsForReportGroup\",\n\t\t\t\t\t\t\t\t\"codebuild:DescribeTestCases\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codebuild.ReportGroup;\nimport com.pulumi.aws.codebuild.ReportGroupArgs;\nimport com.pulumi.aws.codebuild.inputs.ReportGroupExportConfigArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.codebuild.ResourcePolicy;\nimport com.pulumi.aws.codebuild.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ReportGroup(\"example\", ReportGroupArgs.builder() \n .name(\"example\")\n .type(\"TEST\")\n .exportConfig(ReportGroupExportConfigArgs.builder()\n .type(\"NO_EXPORT\")\n .build())\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var exampleResourcePolicy = new ResourcePolicy(\"exampleResourcePolicy\", ResourcePolicyArgs.builder() \n .resourceArn(example.arn())\n .policy(example.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Id\", \"default\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"default\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"codebuild:BatchGetReportGroups\", \n \"codebuild:BatchGetReports\", \n \"codebuild:ListReportsForReportGroup\", \n \"codebuild:DescribeTestCases\"\n )),\n jsonProperty(\"Resource\", arn)\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codebuild:ReportGroup\n properties:\n name: example\n type: TEST\n exportConfig:\n type: NO_EXPORT\n exampleResourcePolicy:\n type: aws:codebuild:ResourcePolicy\n name: example\n properties:\n resourceArn: ${example.arn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Id: default\n Statement:\n - Sid: default\n Effect: Allow\n Principal:\n AWS: arn:${current.partition}:iam::${currentGetCallerIdentity.accountId}:root\n Action:\n - codebuild:BatchGetReportGroups\n - codebuild:BatchGetReports\n - codebuild:ListReportsForReportGroup\n - codebuild:DescribeTestCases\n Resource: ${example.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeBuild Resource Policy using the CodeBuild Resource Policy arn. For example:\n\n```sh\n$ pulumi import aws:codebuild/resourcePolicy:ResourcePolicy example arn:aws:codebuild:us-west-2:123456789:report-group/report-group-name\n```\n", "properties": { "policy": { "type": "string", @@ -187549,7 +187549,7 @@ } }, "aws:codecommit/approvalRuleTemplate:ApprovalRuleTemplate": { - "description": "Provides a CodeCommit Approval Rule Template Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codecommit.ApprovalRuleTemplate(\"example\", {\n name: \"MyExampleApprovalRuleTemplate\",\n description: \"This is an example approval rule template\",\n content: JSON.stringify({\n version: \"2018-11-08\",\n destinationReferences: [\"refs/heads/master\"],\n statements: [{\n type: \"Approvers\",\n numberOfApprovalsNeeded: 2,\n approvalPoolMembers: [\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\"],\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.codecommit.ApprovalRuleTemplate(\"example\",\n name=\"MyExampleApprovalRuleTemplate\",\n description=\"This is an example approval rule template\",\n content=json.dumps({\n \"version\": \"2018-11-08\",\n \"destinationReferences\": [\"refs/heads/master\"],\n \"statements\": [{\n \"type\": \"Approvers\",\n \"numberOfApprovalsNeeded\": 2,\n \"approvalPoolMembers\": [\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\"],\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeCommit.ApprovalRuleTemplate(\"example\", new()\n {\n Name = \"MyExampleApprovalRuleTemplate\",\n Description = \"This is an example approval rule template\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2018-11-08\",\n [\"destinationReferences\"] = new[]\n {\n \"refs/heads/master\",\n },\n [\"statements\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"Approvers\",\n [\"numberOfApprovalsNeeded\"] = 2,\n [\"approvalPoolMembers\"] = new[]\n {\n \"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\",\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2018-11-08\",\n\t\t\t\"destinationReferences\": []string{\n\t\t\t\t\"refs/heads/master\",\n\t\t\t},\n\t\t\t\"statements\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"type\": \"Approvers\",\n\t\t\t\t\t\"numberOfApprovalsNeeded\": 2,\n\t\t\t\t\t\"approvalPoolMembers\": []string{\n\t\t\t\t\t\t\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = codecommit.NewApprovalRuleTemplate(ctx, \"example\", \u0026codecommit.ApprovalRuleTemplateArgs{\n\t\t\tName: pulumi.String(\"MyExampleApprovalRuleTemplate\"),\n\t\t\tDescription: pulumi.String(\"This is an example approval rule template\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecommit.ApprovalRuleTemplate;\nimport com.pulumi.aws.codecommit.ApprovalRuleTemplateArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApprovalRuleTemplate(\"example\", ApprovalRuleTemplateArgs.builder() \n .name(\"MyExampleApprovalRuleTemplate\")\n .description(\"This is an example approval rule template\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2018-11-08\"),\n jsonProperty(\"destinationReferences\", jsonArray(\"refs/heads/master\")),\n jsonProperty(\"statements\", jsonArray(jsonObject(\n jsonProperty(\"type\", \"Approvers\"),\n jsonProperty(\"numberOfApprovalsNeeded\", 2),\n jsonProperty(\"approvalPoolMembers\", jsonArray(\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\"))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codecommit:ApprovalRuleTemplate\n properties:\n name: MyExampleApprovalRuleTemplate\n description: This is an example approval rule template\n content:\n fn::toJSON:\n version: 2018-11-08\n destinationReferences:\n - refs/heads/master\n statements:\n - type: Approvers\n numberOfApprovalsNeeded: 2\n approvalPoolMembers:\n - arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeCommit approval rule templates using the `name`. For example:\n\n```sh\n$ pulumi import aws:codecommit/approvalRuleTemplate:ApprovalRuleTemplate imported ExistingApprovalRuleTemplateName\n```\n", + "description": "Provides a CodeCommit Approval Rule Template Resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.codecommit.ApprovalRuleTemplate(\"example\", {\n name: \"MyExampleApprovalRuleTemplate\",\n description: \"This is an example approval rule template\",\n content: JSON.stringify({\n Version: \"2018-11-08\",\n DestinationReferences: [\"refs/heads/master\"],\n Statements: [{\n Type: \"Approvers\",\n NumberOfApprovalsNeeded: 2,\n ApprovalPoolMembers: [\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\"],\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.codecommit.ApprovalRuleTemplate(\"example\",\n name=\"MyExampleApprovalRuleTemplate\",\n description=\"This is an example approval rule template\",\n content=json.dumps({\n \"Version\": \"2018-11-08\",\n \"DestinationReferences\": [\"refs/heads/master\"],\n \"Statements\": [{\n \"Type\": \"Approvers\",\n \"NumberOfApprovalsNeeded\": 2,\n \"ApprovalPoolMembers\": [\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\"],\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CodeCommit.ApprovalRuleTemplate(\"example\", new()\n {\n Name = \"MyExampleApprovalRuleTemplate\",\n Description = \"This is an example approval rule template\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2018-11-08\",\n [\"DestinationReferences\"] = new[]\n {\n \"refs/heads/master\",\n },\n [\"Statements\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"Approvers\",\n [\"NumberOfApprovalsNeeded\"] = 2,\n [\"ApprovalPoolMembers\"] = new[]\n {\n \"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\",\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/codecommit\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2018-11-08\",\n\t\t\t\"DestinationReferences\": []string{\n\t\t\t\t\"refs/heads/master\",\n\t\t\t},\n\t\t\t\"Statements\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Type\": \"Approvers\",\n\t\t\t\t\t\"NumberOfApprovalsNeeded\": 2,\n\t\t\t\t\t\"ApprovalPoolMembers\": []string{\n\t\t\t\t\t\t\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = codecommit.NewApprovalRuleTemplate(ctx, \"example\", \u0026codecommit.ApprovalRuleTemplateArgs{\n\t\t\tName: pulumi.String(\"MyExampleApprovalRuleTemplate\"),\n\t\t\tDescription: pulumi.String(\"This is an example approval rule template\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.codecommit.ApprovalRuleTemplate;\nimport com.pulumi.aws.codecommit.ApprovalRuleTemplateArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ApprovalRuleTemplate(\"example\", ApprovalRuleTemplateArgs.builder() \n .name(\"MyExampleApprovalRuleTemplate\")\n .description(\"This is an example approval rule template\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2018-11-08\"),\n jsonProperty(\"DestinationReferences\", jsonArray(\"refs/heads/master\")),\n jsonProperty(\"Statements\", jsonArray(jsonObject(\n jsonProperty(\"Type\", \"Approvers\"),\n jsonProperty(\"NumberOfApprovalsNeeded\", 2),\n jsonProperty(\"ApprovalPoolMembers\", jsonArray(\"arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\"))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:codecommit:ApprovalRuleTemplate\n properties:\n name: MyExampleApprovalRuleTemplate\n description: This is an example approval rule template\n content:\n fn::toJSON:\n Version: 2018-11-08\n DestinationReferences:\n - refs/heads/master\n Statements:\n - Type: Approvers\n NumberOfApprovalsNeeded: 2\n ApprovalPoolMembers:\n - arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeCommit approval rule templates using the `name`. For example:\n\n```sh\n$ pulumi import aws:codecommit/approvalRuleTemplate:ApprovalRuleTemplate imported ExistingApprovalRuleTemplateName\n```\n", "properties": { "approvalRuleTemplateId": { "type": "string", @@ -190137,7 +190137,7 @@ } }, "aws:cognito/managedUserPoolClient:ManagedUserPoolClient": { - "description": "Use the `aws.cognito.UserPoolClient` resource to manage a Cognito User Pool Client.\n\n**This resource is advanced** and has special caveats to consider before use. Please read this document completely before using the resource.\n\nUse the `aws.cognito.ManagedUserPoolClient` resource to manage a Cognito User Pool Client that is automatically created by an AWS service. For instance, when [configuring an OpenSearch Domain to use Cognito authentication](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html), the OpenSearch service creates the User Pool Client during setup and removes it when it is no longer required. As a result, the `aws.cognito.ManagedUserPoolClient` resource does not create or delete this resource, but instead assumes management of it.\n\nUse the `aws.cognito.UserPoolClient` resource to manage Cognito User Pool Clients for normal use cases.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleUserPool = new aws.cognito.UserPool(\"example\", {name: \"example\"});\nconst exampleManagedUserPoolClient = new aws.cognito.ManagedUserPoolClient(\"example\", {\n namePrefix: \"AmazonOpenSearchService-example\",\n userPoolId: exampleUserPool.id,\n});\nconst exampleIdentityPool = new aws.cognito.IdentityPool(\"example\", {identityPoolName: \"example\"});\nconst current = aws.getPartition({});\nconst example = current.then(current =\u003e aws.iam.getPolicyDocument({\n statements: [{\n sid: \"\",\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [`es.${current.dnsSuffix}`],\n }],\n }],\n}));\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example-role\",\n path: \"/service-role/\",\n assumeRolePolicy: example.then(example =\u003e example.json),\n});\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {\n domainName: \"example\",\n cognitoOptions: {\n enabled: true,\n userPoolId: exampleUserPool.id,\n identityPoolId: exampleIdentityPool.id,\n roleArn: exampleRole.arn,\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n role: exampleRole.name,\n policyArn: current.then(current =\u003e `arn:${current.partition}:iam::aws:policy/AmazonESCognitoAccess`),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_user_pool = aws.cognito.UserPool(\"example\", name=\"example\")\nexample_managed_user_pool_client = aws.cognito.ManagedUserPoolClient(\"example\",\n name_prefix=\"AmazonOpenSearchService-example\",\n user_pool_id=example_user_pool.id)\nexample_identity_pool = aws.cognito.IdentityPool(\"example\", identity_pool_name=\"example\")\ncurrent = aws.get_partition()\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"\",\n actions=[\"sts:AssumeRole\"],\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[f\"es.{current.dns_suffix}\"],\n )],\n)])\nexample_role = aws.iam.Role(\"example\",\n name=\"example-role\",\n path=\"/service-role/\",\n assume_role_policy=example.json)\nexample_domain = aws.opensearch.Domain(\"example\",\n domain_name=\"example\",\n cognito_options=aws.opensearch.DomainCognitoOptionsArgs(\n enabled=True,\n user_pool_id=example_user_pool.id,\n identity_pool_id=example_identity_pool.id,\n role_arn=example_role.arn,\n ),\n ebs_options=aws.opensearch.DomainEbsOptionsArgs(\n ebs_enabled=True,\n volume_size=10,\n ))\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n role=example_role.name,\n policy_arn=f\"arn:{current.partition}:iam::aws:policy/AmazonESCognitoAccess\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUserPool = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleManagedUserPoolClient = new Aws.Cognito.ManagedUserPoolClient(\"example\", new()\n {\n NamePrefix = \"AmazonOpenSearchService-example\",\n UserPoolId = exampleUserPool.Id,\n });\n\n var exampleIdentityPool = new Aws.Cognito.IdentityPool(\"example\", new()\n {\n IdentityPoolName = \"example\",\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"\",\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n $\"es.{current.Apply(getPartitionResult =\u003e getPartitionResult.DnsSuffix)}\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example-role\",\n Path = \"/service-role/\",\n AssumeRolePolicy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n CognitoOptions = new Aws.OpenSearch.Inputs.DomainCognitoOptionsArgs\n {\n Enabled = true,\n UserPoolId = exampleUserPool.Id,\n IdentityPoolId = exampleIdentityPool.Id,\n RoleArn = exampleRole.Arn,\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = exampleRole.Name,\n PolicyArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::aws:policy/AmazonESCognitoAccess\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUserPool, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewManagedUserPoolClient(ctx, \"example\", \u0026cognito.ManagedUserPoolClientArgs{\n\t\t\tNamePrefix: pulumi.String(\"AmazonOpenSearchService-example\"),\n\t\t\tUserPoolId: exampleUserPool.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleIdentityPool, err := cognito.NewIdentityPool(ctx, \"example\", \u0026cognito.IdentityPoolArgs{\n\t\t\tIdentityPoolName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"es.%v\", current.DnsSuffix),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-role\"),\n\t\t\tPath: pulumi.String(\"/service-role/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tCognitoOptions: \u0026opensearch.DomainCognitoOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tUserPoolId: exampleUserPool.ID(),\n\t\t\t\tIdentityPoolId: exampleIdentityPool.ID(),\n\t\t\t\tRoleArn: exampleRole.Arn,\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: exampleRole.Name,\n\t\t\tPolicyArn: pulumi.String(fmt.Sprintf(\"arn:%v:iam::aws:policy/AmazonESCognitoAccess\", current.Partition)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.ManagedUserPoolClient;\nimport com.pulumi.aws.cognito.ManagedUserPoolClientArgs;\nimport com.pulumi.aws.cognito.IdentityPool;\nimport com.pulumi.aws.cognito.IdentityPoolArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainCognitoOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleUserPool = new UserPool(\"exampleUserPool\", UserPoolArgs.builder() \n .name(\"example\")\n .build());\n\n var exampleManagedUserPoolClient = new ManagedUserPoolClient(\"exampleManagedUserPoolClient\", ManagedUserPoolClientArgs.builder() \n .namePrefix(\"AmazonOpenSearchService-example\")\n .userPoolId(exampleUserPool.id())\n .build());\n\n var exampleIdentityPool = new IdentityPool(\"exampleIdentityPool\", IdentityPoolArgs.builder() \n .identityPoolName(\"example\")\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"\")\n .actions(\"sts:AssumeRole\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(String.format(\"es.%s\", current.applyValue(getPartitionResult -\u003e getPartitionResult.dnsSuffix())))\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"example-role\")\n .path(\"/service-role/\")\n .assumeRolePolicy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder() \n .domainName(\"example\")\n .cognitoOptions(DomainCognitoOptionsArgs.builder()\n .enabled(true)\n .userPoolId(exampleUserPool.id())\n .identityPoolId(exampleIdentityPool.id())\n .roleArn(exampleRole.arn())\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(exampleRole.name())\n .policyArn(String.format(\"arn:%s:iam::aws:policy/AmazonESCognitoAccess\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleManagedUserPoolClient:\n type: aws:cognito:ManagedUserPoolClient\n name: example\n properties:\n namePrefix: AmazonOpenSearchService-example\n userPoolId: ${exampleUserPool.id}\n exampleUserPool:\n type: aws:cognito:UserPool\n name: example\n properties:\n name: example\n exampleIdentityPool:\n type: aws:cognito:IdentityPool\n name: example\n properties:\n identityPoolName: example\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n domainName: example\n cognitoOptions:\n enabled: true\n userPoolId: ${exampleUserPool.id}\n identityPoolId: ${exampleIdentityPool.id}\n roleArn: ${exampleRole.arn}\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example-role\n path: /service-role/\n assumeRolePolicy: ${example.json}\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n role: ${exampleRole.name}\n policyArn: arn:${current.partition}:iam::aws:policy/AmazonESCognitoAccess\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid:\n actions:\n - sts:AssumeRole\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - es.${current.dnsSuffix}\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cognito User Pool Clients using the `id` of the Cognito User Pool and the `id` of the Cognito User Pool Client. For example:\n\n```sh\n$ pulumi import aws:cognito/managedUserPoolClient:ManagedUserPoolClient client us-west-2_abc123/3ho4ek12345678909nh3fmhpko\n```\n", + "description": "Use the `aws.cognito.UserPoolClient` resource to manage a Cognito User Pool Client.\n\n**This resource is advanced** and has special caveats to consider before use. Please read this document completely before using the resource.\n\nUse the `aws.cognito.ManagedUserPoolClient` resource to manage a Cognito User Pool Client that is automatically created by an AWS service. For instance, when [configuring an OpenSearch Domain to use Cognito authentication](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html), the OpenSearch service creates the User Pool Client during setup and removes it when it is no longer required. As a result, the `aws.cognito.ManagedUserPoolClient` resource does not create or delete this resource, but instead assumes management of it.\n\nUse the `aws.cognito.UserPoolClient` resource to manage Cognito User Pool Clients for normal use cases.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleUserPool = new aws.cognito.UserPool(\"example\", {name: \"example\"});\nconst exampleIdentityPool = new aws.cognito.IdentityPool(\"example\", {identityPoolName: \"example\"});\nconst current = aws.getPartition({});\nconst example = current.then(current =\u003e aws.iam.getPolicyDocument({\n statements: [{\n sid: \"\",\n actions: [\"sts:AssumeRole\"],\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [`es.${current.dnsSuffix}`],\n }],\n }],\n}));\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example-role\",\n path: \"/service-role/\",\n assumeRolePolicy: example.then(example =\u003e example.json),\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n role: exampleRole.name,\n policyArn: current.then(current =\u003e `arn:${current.partition}:iam::aws:policy/AmazonESCognitoAccess`),\n});\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {\n domainName: \"example\",\n cognitoOptions: {\n enabled: true,\n userPoolId: exampleUserPool.id,\n identityPoolId: exampleIdentityPool.id,\n roleArn: exampleRole.arn,\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n}, {\n dependsOn: [\n exampleAwsCognitoUserPoolDomain,\n exampleRolePolicyAttachment,\n ],\n});\nconst exampleManagedUserPoolClient = new aws.cognito.ManagedUserPoolClient(\"example\", {\n namePrefix: \"AmazonOpenSearchService-example\",\n userPoolId: exampleUserPool.id,\n}, {\n dependsOn: [exampleDomain],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_user_pool = aws.cognito.UserPool(\"example\", name=\"example\")\nexample_identity_pool = aws.cognito.IdentityPool(\"example\", identity_pool_name=\"example\")\ncurrent = aws.get_partition()\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"\",\n actions=[\"sts:AssumeRole\"],\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[f\"es.{current.dns_suffix}\"],\n )],\n)])\nexample_role = aws.iam.Role(\"example\",\n name=\"example-role\",\n path=\"/service-role/\",\n assume_role_policy=example.json)\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n role=example_role.name,\n policy_arn=f\"arn:{current.partition}:iam::aws:policy/AmazonESCognitoAccess\")\nexample_domain = aws.opensearch.Domain(\"example\",\n domain_name=\"example\",\n cognito_options=aws.opensearch.DomainCognitoOptionsArgs(\n enabled=True,\n user_pool_id=example_user_pool.id,\n identity_pool_id=example_identity_pool.id,\n role_arn=example_role.arn,\n ),\n ebs_options=aws.opensearch.DomainEbsOptionsArgs(\n ebs_enabled=True,\n volume_size=10,\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n example_aws_cognito_user_pool_domain,\n example_role_policy_attachment,\n ]))\nexample_managed_user_pool_client = aws.cognito.ManagedUserPoolClient(\"example\",\n name_prefix=\"AmazonOpenSearchService-example\",\n user_pool_id=example_user_pool.id,\n opts=pulumi.ResourceOptions(depends_on=[example_domain]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleUserPool = new Aws.Cognito.UserPool(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleIdentityPool = new Aws.Cognito.IdentityPool(\"example\", new()\n {\n IdentityPoolName = \"example\",\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"\",\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n $\"es.{current.Apply(getPartitionResult =\u003e getPartitionResult.DnsSuffix)}\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example-role\",\n Path = \"/service-role/\",\n AssumeRolePolicy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = exampleRole.Name,\n PolicyArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::aws:policy/AmazonESCognitoAccess\",\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n CognitoOptions = new Aws.OpenSearch.Inputs.DomainCognitoOptionsArgs\n {\n Enabled = true,\n UserPoolId = exampleUserPool.Id,\n IdentityPoolId = exampleIdentityPool.Id,\n RoleArn = exampleRole.Arn,\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsCognitoUserPoolDomain, \n exampleRolePolicyAttachment, \n },\n });\n\n var exampleManagedUserPoolClient = new Aws.Cognito.ManagedUserPoolClient(\"example\", new()\n {\n NamePrefix = \"AmazonOpenSearchService-example\",\n UserPoolId = exampleUserPool.Id,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleDomain, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleUserPool, err := cognito.NewUserPool(ctx, \"example\", \u0026cognito.UserPoolArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleIdentityPool, err := cognito.NewIdentityPool(ctx, \"example\", \u0026cognito.IdentityPoolArgs{\n\t\t\tIdentityPoolName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"es.%v\", current.DnsSuffix),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-role\"),\n\t\t\tPath: pulumi.String(\"/service-role/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRolePolicyAttachment, err := iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: exampleRole.Name,\n\t\t\tPolicyArn: pulumi.String(fmt.Sprintf(\"arn:%v:iam::aws:policy/AmazonESCognitoAccess\", current.Partition)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDomain, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tCognitoOptions: \u0026opensearch.DomainCognitoOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tUserPoolId: exampleUserPool.ID(),\n\t\t\t\tIdentityPoolId: exampleIdentityPool.ID(),\n\t\t\t\tRoleArn: exampleRole.Arn,\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsCognitoUserPoolDomain,\n\t\t\texampleRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cognito.NewManagedUserPoolClient(ctx, \"example\", \u0026cognito.ManagedUserPoolClientArgs{\n\t\t\tNamePrefix: pulumi.String(\"AmazonOpenSearchService-example\"),\n\t\t\tUserPoolId: exampleUserPool.ID(),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleDomain,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cognito.UserPool;\nimport com.pulumi.aws.cognito.UserPoolArgs;\nimport com.pulumi.aws.cognito.IdentityPool;\nimport com.pulumi.aws.cognito.IdentityPoolArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainCognitoOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport com.pulumi.aws.cognito.ManagedUserPoolClient;\nimport com.pulumi.aws.cognito.ManagedUserPoolClientArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleUserPool = new UserPool(\"exampleUserPool\", UserPoolArgs.builder() \n .name(\"example\")\n .build());\n\n var exampleIdentityPool = new IdentityPool(\"exampleIdentityPool\", IdentityPoolArgs.builder() \n .identityPoolName(\"example\")\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"\")\n .actions(\"sts:AssumeRole\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(String.format(\"es.%s\", current.applyValue(getPartitionResult -\u003e getPartitionResult.dnsSuffix())))\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"example-role\")\n .path(\"/service-role/\")\n .assumeRolePolicy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(exampleRole.name())\n .policyArn(String.format(\"arn:%s:iam::aws:policy/AmazonESCognitoAccess\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder() \n .domainName(\"example\")\n .cognitoOptions(DomainCognitoOptionsArgs.builder()\n .enabled(true)\n .userPoolId(exampleUserPool.id())\n .identityPoolId(exampleIdentityPool.id())\n .roleArn(exampleRole.arn())\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n exampleAwsCognitoUserPoolDomain,\n exampleRolePolicyAttachment)\n .build());\n\n var exampleManagedUserPoolClient = new ManagedUserPoolClient(\"exampleManagedUserPoolClient\", ManagedUserPoolClientArgs.builder() \n .namePrefix(\"AmazonOpenSearchService-example\")\n .userPoolId(exampleUserPool.id())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleDomain)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleManagedUserPoolClient:\n type: aws:cognito:ManagedUserPoolClient\n name: example\n properties:\n namePrefix: AmazonOpenSearchService-example\n userPoolId: ${exampleUserPool.id}\n options:\n dependson:\n - ${exampleDomain}\n exampleUserPool:\n type: aws:cognito:UserPool\n name: example\n properties:\n name: example\n exampleIdentityPool:\n type: aws:cognito:IdentityPool\n name: example\n properties:\n identityPoolName: example\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n domainName: example\n cognitoOptions:\n enabled: true\n userPoolId: ${exampleUserPool.id}\n identityPoolId: ${exampleIdentityPool.id}\n roleArn: ${exampleRole.arn}\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n options:\n dependson:\n - ${exampleAwsCognitoUserPoolDomain}\n - ${exampleRolePolicyAttachment}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example-role\n path: /service-role/\n assumeRolePolicy: ${example.json}\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n role: ${exampleRole.name}\n policyArn: arn:${current.partition}:iam::aws:policy/AmazonESCognitoAccess\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid:\n actions:\n - sts:AssumeRole\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - es.${current.dnsSuffix}\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Cognito User Pool Clients using the `id` of the Cognito User Pool and the `id` of the Cognito User Pool Client. For example:\n\n```sh\n$ pulumi import aws:cognito/managedUserPoolClient:ManagedUserPoolClient client us-west-2_abc123/3ho4ek12345678909nh3fmhpko\n```\n", "properties": { "accessTokenValidity": { "type": "integer", @@ -192156,7 +192156,7 @@ } }, "aws:comprehend/documentClassifier:DocumentClassifier": { - "description": "Resource for managing an AWS Comprehend Document Classifier.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst documents = new aws.s3.BucketObjectv2(\"documents\", {});\nconst example = new aws.comprehend.DocumentClassifier(\"example\", {\n name: \"example\",\n dataAccessRoleArn: exampleAwsIamRole.arn,\n languageCode: \"en\",\n inputDataConfig: {\n s3Uri: pulumi.interpolate`s3://${test.bucket}/${documents.id}`,\n },\n});\nconst entities = new aws.s3.BucketObjectv2(\"entities\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndocuments = aws.s3.BucketObjectv2(\"documents\")\nexample = aws.comprehend.DocumentClassifier(\"example\",\n name=\"example\",\n data_access_role_arn=example_aws_iam_role[\"arn\"],\n language_code=\"en\",\n input_data_config=aws.comprehend.DocumentClassifierInputDataConfigArgs(\n s3_uri=documents.id.apply(lambda id: f\"s3://{test['bucket']}/{id}\"),\n ))\nentities = aws.s3.BucketObjectv2(\"entities\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var documents = new Aws.S3.BucketObjectv2(\"documents\");\n\n var example = new Aws.Comprehend.DocumentClassifier(\"example\", new()\n {\n Name = \"example\",\n DataAccessRoleArn = exampleAwsIamRole.Arn,\n LanguageCode = \"en\",\n InputDataConfig = new Aws.Comprehend.Inputs.DocumentClassifierInputDataConfigArgs\n {\n S3Uri = documents.Id.Apply(id =\u003e $\"s3://{test.Bucket}/{id}\"),\n },\n });\n\n var entities = new Aws.S3.BucketObjectv2(\"entities\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/comprehend\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdocuments, err := s3.NewBucketObjectv2(ctx, \"documents\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = comprehend.NewDocumentClassifier(ctx, \"example\", \u0026comprehend.DocumentClassifierArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDataAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLanguageCode: pulumi.String(\"en\"),\n\t\t\tInputDataConfig: \u0026comprehend.DocumentClassifierInputDataConfigArgs{\n\t\t\t\tS3Uri: documents.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", test.Bucket, id), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"entities\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.comprehend.DocumentClassifier;\nimport com.pulumi.aws.comprehend.DocumentClassifierArgs;\nimport com.pulumi.aws.comprehend.inputs.DocumentClassifierInputDataConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var documents = new BucketObjectv2(\"documents\");\n\n var example = new DocumentClassifier(\"example\", DocumentClassifierArgs.builder() \n .name(\"example\")\n .dataAccessRoleArn(exampleAwsIamRole.arn())\n .languageCode(\"en\")\n .inputDataConfig(DocumentClassifierInputDataConfigArgs.builder()\n .s3Uri(documents.id().applyValue(id -\u003e String.format(\"s3://%s/%s\", test.bucket(),id)))\n .build())\n .build());\n\n var entities = new BucketObjectv2(\"entities\");\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:comprehend:DocumentClassifier\n properties:\n name: example\n dataAccessRoleArn: ${exampleAwsIamRole.arn}\n languageCode: en\n inputDataConfig:\n s3Uri: s3://${test.bucket}/${documents.id}\n documents:\n type: aws:s3:BucketObjectv2\n entities:\n type: aws:s3:BucketObjectv2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Comprehend Document Classifier using the ARN. For example:\n\n```sh\n$ pulumi import aws:comprehend/documentClassifier:DocumentClassifier example arn:aws:comprehend:us-west-2:123456789012:document_classifier/example\n```\n", + "description": "Resource for managing an AWS Comprehend Document Classifier.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst documents = new aws.s3.BucketObjectv2(\"documents\", {});\nconst example = new aws.comprehend.DocumentClassifier(\"example\", {\n name: \"example\",\n dataAccessRoleArn: exampleAwsIamRole.arn,\n languageCode: \"en\",\n inputDataConfig: {\n s3Uri: pulumi.interpolate`s3://${test.bucket}/${documents.id}`,\n },\n}, {\n dependsOn: [exampleAwsIamRolePolicy],\n});\nconst entities = new aws.s3.BucketObjectv2(\"entities\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndocuments = aws.s3.BucketObjectv2(\"documents\")\nexample = aws.comprehend.DocumentClassifier(\"example\",\n name=\"example\",\n data_access_role_arn=example_aws_iam_role[\"arn\"],\n language_code=\"en\",\n input_data_config=aws.comprehend.DocumentClassifierInputDataConfigArgs(\n s3_uri=documents.id.apply(lambda id: f\"s3://{test['bucket']}/{id}\"),\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy]))\nentities = aws.s3.BucketObjectv2(\"entities\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var documents = new Aws.S3.BucketObjectv2(\"documents\");\n\n var example = new Aws.Comprehend.DocumentClassifier(\"example\", new()\n {\n Name = \"example\",\n DataAccessRoleArn = exampleAwsIamRole.Arn,\n LanguageCode = \"en\",\n InputDataConfig = new Aws.Comprehend.Inputs.DocumentClassifierInputDataConfigArgs\n {\n S3Uri = documents.Id.Apply(id =\u003e $\"s3://{test.Bucket}/{id}\"),\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicy, \n },\n });\n\n var entities = new Aws.S3.BucketObjectv2(\"entities\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/comprehend\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdocuments, err := s3.NewBucketObjectv2(ctx, \"documents\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = comprehend.NewDocumentClassifier(ctx, \"example\", \u0026comprehend.DocumentClassifierArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDataAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLanguageCode: pulumi.String(\"en\"),\n\t\t\tInputDataConfig: \u0026comprehend.DocumentClassifierInputDataConfigArgs{\n\t\t\t\tS3Uri: documents.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", test.Bucket, id), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"entities\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.comprehend.DocumentClassifier;\nimport com.pulumi.aws.comprehend.DocumentClassifierArgs;\nimport com.pulumi.aws.comprehend.inputs.DocumentClassifierInputDataConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var documents = new BucketObjectv2(\"documents\");\n\n var example = new DocumentClassifier(\"example\", DocumentClassifierArgs.builder() \n .name(\"example\")\n .dataAccessRoleArn(exampleAwsIamRole.arn())\n .languageCode(\"en\")\n .inputDataConfig(DocumentClassifierInputDataConfigArgs.builder()\n .s3Uri(documents.id().applyValue(id -\u003e String.format(\"s3://%s/%s\", test.bucket(),id)))\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicy)\n .build());\n\n var entities = new BucketObjectv2(\"entities\");\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:comprehend:DocumentClassifier\n properties:\n name: example\n dataAccessRoleArn: ${exampleAwsIamRole.arn}\n languageCode: en\n inputDataConfig:\n s3Uri: s3://${test.bucket}/${documents.id}\n options:\n dependson:\n - ${exampleAwsIamRolePolicy}\n documents:\n type: aws:s3:BucketObjectv2\n entities:\n type: aws:s3:BucketObjectv2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Comprehend Document Classifier using the ARN. For example:\n\n```sh\n$ pulumi import aws:comprehend/documentClassifier:DocumentClassifier example arn:aws:comprehend:us-west-2:123456789012:document_classifier/example\n```\n", "properties": { "arn": { "type": "string", @@ -192362,7 +192362,7 @@ } }, "aws:comprehend/entityRecognizer:EntityRecognizer": { - "description": "Resource for managing an AWS Comprehend Entity Recognizer.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst documents = new aws.s3.BucketObjectv2(\"documents\", {});\nconst entities = new aws.s3.BucketObjectv2(\"entities\", {});\nconst example = new aws.comprehend.EntityRecognizer(\"example\", {\n name: \"example\",\n dataAccessRoleArn: exampleAwsIamRole.arn,\n languageCode: \"en\",\n inputDataConfig: {\n entityTypes: [\n {\n type: \"ENTITY_1\",\n },\n {\n type: \"ENTITY_2\",\n },\n ],\n documents: {\n s3Uri: pulumi.interpolate`s3://${documentsAwsS3Bucket.bucket}/${documents.id}`,\n },\n entityList: {\n s3Uri: pulumi.interpolate`s3://${entitiesAwsS3Bucket.bucket}/${entities.id}`,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndocuments = aws.s3.BucketObjectv2(\"documents\")\nentities = aws.s3.BucketObjectv2(\"entities\")\nexample = aws.comprehend.EntityRecognizer(\"example\",\n name=\"example\",\n data_access_role_arn=example_aws_iam_role[\"arn\"],\n language_code=\"en\",\n input_data_config=aws.comprehend.EntityRecognizerInputDataConfigArgs(\n entity_types=[\n aws.comprehend.EntityRecognizerInputDataConfigEntityTypeArgs(\n type=\"ENTITY_1\",\n ),\n aws.comprehend.EntityRecognizerInputDataConfigEntityTypeArgs(\n type=\"ENTITY_2\",\n ),\n ],\n documents=aws.comprehend.EntityRecognizerInputDataConfigDocumentsArgs(\n s3_uri=documents.id.apply(lambda id: f\"s3://{documents_aws_s3_bucket['bucket']}/{id}\"),\n ),\n entity_list=aws.comprehend.EntityRecognizerInputDataConfigEntityListArgs(\n s3_uri=entities.id.apply(lambda id: f\"s3://{entities_aws_s3_bucket['bucket']}/{id}\"),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var documents = new Aws.S3.BucketObjectv2(\"documents\");\n\n var entities = new Aws.S3.BucketObjectv2(\"entities\");\n\n var example = new Aws.Comprehend.EntityRecognizer(\"example\", new()\n {\n Name = \"example\",\n DataAccessRoleArn = exampleAwsIamRole.Arn,\n LanguageCode = \"en\",\n InputDataConfig = new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigArgs\n {\n EntityTypes = new[]\n {\n new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigEntityTypeArgs\n {\n Type = \"ENTITY_1\",\n },\n new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigEntityTypeArgs\n {\n Type = \"ENTITY_2\",\n },\n },\n Documents = new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigDocumentsArgs\n {\n S3Uri = documents.Id.Apply(id =\u003e $\"s3://{documentsAwsS3Bucket.Bucket}/{id}\"),\n },\n EntityList = new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigEntityListArgs\n {\n S3Uri = entities.Id.Apply(id =\u003e $\"s3://{entitiesAwsS3Bucket.Bucket}/{id}\"),\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/comprehend\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdocuments, err := s3.NewBucketObjectv2(ctx, \"documents\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tentities, err := s3.NewBucketObjectv2(ctx, \"entities\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = comprehend.NewEntityRecognizer(ctx, \"example\", \u0026comprehend.EntityRecognizerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDataAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLanguageCode: pulumi.String(\"en\"),\n\t\t\tInputDataConfig: \u0026comprehend.EntityRecognizerInputDataConfigArgs{\n\t\t\t\tEntityTypes: comprehend.EntityRecognizerInputDataConfigEntityTypeArray{\n\t\t\t\t\t\u0026comprehend.EntityRecognizerInputDataConfigEntityTypeArgs{\n\t\t\t\t\t\tType: pulumi.String(\"ENTITY_1\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026comprehend.EntityRecognizerInputDataConfigEntityTypeArgs{\n\t\t\t\t\t\tType: pulumi.String(\"ENTITY_2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tDocuments: \u0026comprehend.EntityRecognizerInputDataConfigDocumentsArgs{\n\t\t\t\t\tS3Uri: documents.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", documentsAwsS3Bucket.Bucket, id), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t},\n\t\t\t\tEntityList: \u0026comprehend.EntityRecognizerInputDataConfigEntityListArgs{\n\t\t\t\t\tS3Uri: entities.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", entitiesAwsS3Bucket.Bucket, id), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.comprehend.EntityRecognizer;\nimport com.pulumi.aws.comprehend.EntityRecognizerArgs;\nimport com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigArgs;\nimport com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigDocumentsArgs;\nimport com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigEntityListArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var documents = new BucketObjectv2(\"documents\");\n\n var entities = new BucketObjectv2(\"entities\");\n\n var example = new EntityRecognizer(\"example\", EntityRecognizerArgs.builder() \n .name(\"example\")\n .dataAccessRoleArn(exampleAwsIamRole.arn())\n .languageCode(\"en\")\n .inputDataConfig(EntityRecognizerInputDataConfigArgs.builder()\n .entityTypes( \n EntityRecognizerInputDataConfigEntityTypeArgs.builder()\n .type(\"ENTITY_1\")\n .build(),\n EntityRecognizerInputDataConfigEntityTypeArgs.builder()\n .type(\"ENTITY_2\")\n .build())\n .documents(EntityRecognizerInputDataConfigDocumentsArgs.builder()\n .s3Uri(documents.id().applyValue(id -\u003e String.format(\"s3://%s/%s\", documentsAwsS3Bucket.bucket(),id)))\n .build())\n .entityList(EntityRecognizerInputDataConfigEntityListArgs.builder()\n .s3Uri(entities.id().applyValue(id -\u003e String.format(\"s3://%s/%s\", entitiesAwsS3Bucket.bucket(),id)))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:comprehend:EntityRecognizer\n properties:\n name: example\n dataAccessRoleArn: ${exampleAwsIamRole.arn}\n languageCode: en\n inputDataConfig:\n entityTypes:\n - type: ENTITY_1\n - type: ENTITY_2\n documents:\n s3Uri: s3://${documentsAwsS3Bucket.bucket}/${documents.id}\n entityList:\n s3Uri: s3://${entitiesAwsS3Bucket.bucket}/${entities.id}\n documents:\n type: aws:s3:BucketObjectv2\n entities:\n type: aws:s3:BucketObjectv2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Comprehend Entity Recognizer using the ARN. For example:\n\n```sh\n$ pulumi import aws:comprehend/entityRecognizer:EntityRecognizer example arn:aws:comprehend:us-west-2:123456789012:entity-recognizer/example\n```\n", + "description": "Resource for managing an AWS Comprehend Entity Recognizer.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst documents = new aws.s3.BucketObjectv2(\"documents\", {});\nconst entities = new aws.s3.BucketObjectv2(\"entities\", {});\nconst example = new aws.comprehend.EntityRecognizer(\"example\", {\n name: \"example\",\n dataAccessRoleArn: exampleAwsIamRole.arn,\n languageCode: \"en\",\n inputDataConfig: {\n entityTypes: [\n {\n type: \"ENTITY_1\",\n },\n {\n type: \"ENTITY_2\",\n },\n ],\n documents: {\n s3Uri: pulumi.interpolate`s3://${documentsAwsS3Bucket.bucket}/${documents.id}`,\n },\n entityList: {\n s3Uri: pulumi.interpolate`s3://${entitiesAwsS3Bucket.bucket}/${entities.id}`,\n },\n },\n}, {\n dependsOn: [exampleAwsIamRolePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndocuments = aws.s3.BucketObjectv2(\"documents\")\nentities = aws.s3.BucketObjectv2(\"entities\")\nexample = aws.comprehend.EntityRecognizer(\"example\",\n name=\"example\",\n data_access_role_arn=example_aws_iam_role[\"arn\"],\n language_code=\"en\",\n input_data_config=aws.comprehend.EntityRecognizerInputDataConfigArgs(\n entity_types=[\n aws.comprehend.EntityRecognizerInputDataConfigEntityTypeArgs(\n type=\"ENTITY_1\",\n ),\n aws.comprehend.EntityRecognizerInputDataConfigEntityTypeArgs(\n type=\"ENTITY_2\",\n ),\n ],\n documents=aws.comprehend.EntityRecognizerInputDataConfigDocumentsArgs(\n s3_uri=documents.id.apply(lambda id: f\"s3://{documents_aws_s3_bucket['bucket']}/{id}\"),\n ),\n entity_list=aws.comprehend.EntityRecognizerInputDataConfigEntityListArgs(\n s3_uri=entities.id.apply(lambda id: f\"s3://{entities_aws_s3_bucket['bucket']}/{id}\"),\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var documents = new Aws.S3.BucketObjectv2(\"documents\");\n\n var entities = new Aws.S3.BucketObjectv2(\"entities\");\n\n var example = new Aws.Comprehend.EntityRecognizer(\"example\", new()\n {\n Name = \"example\",\n DataAccessRoleArn = exampleAwsIamRole.Arn,\n LanguageCode = \"en\",\n InputDataConfig = new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigArgs\n {\n EntityTypes = new[]\n {\n new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigEntityTypeArgs\n {\n Type = \"ENTITY_1\",\n },\n new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigEntityTypeArgs\n {\n Type = \"ENTITY_2\",\n },\n },\n Documents = new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigDocumentsArgs\n {\n S3Uri = documents.Id.Apply(id =\u003e $\"s3://{documentsAwsS3Bucket.Bucket}/{id}\"),\n },\n EntityList = new Aws.Comprehend.Inputs.EntityRecognizerInputDataConfigEntityListArgs\n {\n S3Uri = entities.Id.Apply(id =\u003e $\"s3://{entitiesAwsS3Bucket.Bucket}/{id}\"),\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicy, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/comprehend\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdocuments, err := s3.NewBucketObjectv2(ctx, \"documents\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tentities, err := s3.NewBucketObjectv2(ctx, \"entities\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = comprehend.NewEntityRecognizer(ctx, \"example\", \u0026comprehend.EntityRecognizerArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDataAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLanguageCode: pulumi.String(\"en\"),\n\t\t\tInputDataConfig: \u0026comprehend.EntityRecognizerInputDataConfigArgs{\n\t\t\t\tEntityTypes: comprehend.EntityRecognizerInputDataConfigEntityTypeArray{\n\t\t\t\t\t\u0026comprehend.EntityRecognizerInputDataConfigEntityTypeArgs{\n\t\t\t\t\t\tType: pulumi.String(\"ENTITY_1\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026comprehend.EntityRecognizerInputDataConfigEntityTypeArgs{\n\t\t\t\t\t\tType: pulumi.String(\"ENTITY_2\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tDocuments: \u0026comprehend.EntityRecognizerInputDataConfigDocumentsArgs{\n\t\t\t\t\tS3Uri: documents.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", documentsAwsS3Bucket.Bucket, id), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t},\n\t\t\t\tEntityList: \u0026comprehend.EntityRecognizerInputDataConfigEntityListArgs{\n\t\t\t\t\tS3Uri: entities.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", entitiesAwsS3Bucket.Bucket, id), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.comprehend.EntityRecognizer;\nimport com.pulumi.aws.comprehend.EntityRecognizerArgs;\nimport com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigArgs;\nimport com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigDocumentsArgs;\nimport com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigEntityListArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var documents = new BucketObjectv2(\"documents\");\n\n var entities = new BucketObjectv2(\"entities\");\n\n var example = new EntityRecognizer(\"example\", EntityRecognizerArgs.builder() \n .name(\"example\")\n .dataAccessRoleArn(exampleAwsIamRole.arn())\n .languageCode(\"en\")\n .inputDataConfig(EntityRecognizerInputDataConfigArgs.builder()\n .entityTypes( \n EntityRecognizerInputDataConfigEntityTypeArgs.builder()\n .type(\"ENTITY_1\")\n .build(),\n EntityRecognizerInputDataConfigEntityTypeArgs.builder()\n .type(\"ENTITY_2\")\n .build())\n .documents(EntityRecognizerInputDataConfigDocumentsArgs.builder()\n .s3Uri(documents.id().applyValue(id -\u003e String.format(\"s3://%s/%s\", documentsAwsS3Bucket.bucket(),id)))\n .build())\n .entityList(EntityRecognizerInputDataConfigEntityListArgs.builder()\n .s3Uri(entities.id().applyValue(id -\u003e String.format(\"s3://%s/%s\", entitiesAwsS3Bucket.bucket(),id)))\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:comprehend:EntityRecognizer\n properties:\n name: example\n dataAccessRoleArn: ${exampleAwsIamRole.arn}\n languageCode: en\n inputDataConfig:\n entityTypes:\n - type: ENTITY_1\n - type: ENTITY_2\n documents:\n s3Uri: s3://${documentsAwsS3Bucket.bucket}/${documents.id}\n entityList:\n s3Uri: s3://${entitiesAwsS3Bucket.bucket}/${entities.id}\n options:\n dependson:\n - ${exampleAwsIamRolePolicy}\n documents:\n type: aws:s3:BucketObjectv2\n entities:\n type: aws:s3:BucketObjectv2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Comprehend Entity Recognizer using the ARN. For example:\n\n```sh\n$ pulumi import aws:comprehend/entityRecognizer:EntityRecognizer example arn:aws:comprehend:us-west-2:123456789012:entity-recognizer/example\n```\n", "properties": { "arn": { "type": "string", @@ -192592,7 +192592,7 @@ } }, "aws:connect/contactFlow:ContactFlow": { - "description": "Provides an Amazon Connect Contact Flow resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\nThis resource embeds or references Contact Flows specified in Amazon Connect Contact Flow Language. For more information see\n[Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html)\n\n!\u003e **WARN:** Contact Flows exported from the Console [Contact Flow import/export](https://docs.aws.amazon.com/connect/latest/adminguide/contact-flow-import-export.html) are not in the Amazon Connect Contact Flow Language and can not be used with this resource. Instead, the recommendation is to use the AWS CLI [`describe-contact-flow`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/connect/describe-contact-flow.html).\nSee example below which uses `jq` to extract the `Content` attribute and saves it to a local file.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.ContactFlow(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Test\",\n description: \"Test Contact Flow Description\",\n type: \"CONTACT_FLOW\",\n content: JSON.stringify({\n version: \"2019-10-30\",\n startAction: \"12345678-1234-1234-1234-123456789012\",\n actions: [\n {\n identifier: \"12345678-1234-1234-1234-123456789012\",\n type: \"MessageParticipant\",\n transitions: {\n nextAction: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n errors: [],\n conditions: [],\n },\n parameters: {\n text: \"Thanks for calling the sample flow!\",\n },\n },\n {\n identifier: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n type: \"DisconnectParticipant\",\n transitions: {},\n parameters: {},\n },\n ],\n }),\n tags: {\n Name: \"Test Contact Flow\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.connect.ContactFlow(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Test\",\n description=\"Test Contact Flow Description\",\n type=\"CONTACT_FLOW\",\n content=json.dumps({\n \"version\": \"2019-10-30\",\n \"startAction\": \"12345678-1234-1234-1234-123456789012\",\n \"actions\": [\n {\n \"identifier\": \"12345678-1234-1234-1234-123456789012\",\n \"type\": \"MessageParticipant\",\n \"transitions\": {\n \"nextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"errors\": [],\n \"conditions\": [],\n },\n \"parameters\": {\n \"text\": \"Thanks for calling the sample flow!\",\n },\n },\n {\n \"identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"type\": \"DisconnectParticipant\",\n \"transitions\": {},\n \"parameters\": {},\n },\n ],\n }),\n tags={\n \"Name\": \"Test Contact Flow\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.ContactFlow(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Test\",\n Description = \"Test Contact Flow Description\",\n Type = \"CONTACT_FLOW\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2019-10-30\",\n [\"startAction\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"actions\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"identifier\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"type\"] = \"MessageParticipant\",\n [\"transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"nextAction\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"errors\"] = new[]\n {\n },\n [\"conditions\"] = new[]\n {\n },\n },\n [\"parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"text\"] = \"Thanks for calling the sample flow!\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"identifier\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"type\"] = \"DisconnectParticipant\",\n [\"transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n [\"parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n }),\n Tags = \n {\n { \"Name\", \"Test Contact Flow\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2019-10-30\",\n\t\t\t\"startAction\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\"actions\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"identifier\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\t\t\"type\": \"MessageParticipant\",\n\t\t\t\t\t\"transitions\": map[string]interface{}{\n\t\t\t\t\t\t\"nextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\t\"errors\": []interface{}{},\n\t\t\t\t\t\t\"conditions\": []interface{}{},\n\t\t\t\t\t},\n\t\t\t\t\t\"parameters\": map[string]interface{}{\n\t\t\t\t\t\t\"text\": \"Thanks for calling the sample flow!\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\"type\": \"DisconnectParticipant\",\n\t\t\t\t\t\"transitions\": nil,\n\t\t\t\t\t\"parameters\": nil,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = connect.NewContactFlow(ctx, \"test\", \u0026connect.ContactFlowArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Test\"),\n\t\t\tDescription: pulumi.String(\"Test Contact Flow Description\"),\n\t\t\tType: pulumi.String(\"CONTACT_FLOW\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Test Contact Flow\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlow;\nimport com.pulumi.aws.connect.ContactFlowArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ContactFlow(\"test\", ContactFlowArgs.builder() \n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Test\")\n .description(\"Test Contact Flow Description\")\n .type(\"CONTACT_FLOW\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2019-10-30\"),\n jsonProperty(\"startAction\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"actions\", jsonArray(\n jsonObject(\n jsonProperty(\"identifier\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"type\", \"MessageParticipant\"),\n jsonProperty(\"transitions\", jsonObject(\n jsonProperty(\"nextAction\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"errors\", jsonArray(\n )),\n jsonProperty(\"conditions\", jsonArray(\n ))\n )),\n jsonProperty(\"parameters\", jsonObject(\n jsonProperty(\"text\", \"Thanks for calling the sample flow!\")\n ))\n ), \n jsonObject(\n jsonProperty(\"identifier\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"type\", \"DisconnectParticipant\"),\n jsonProperty(\"transitions\", jsonObject(\n\n )),\n jsonProperty(\"parameters\", jsonObject(\n\n ))\n )\n ))\n )))\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Test Contact Flow\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:ContactFlow\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Test\n description: Test Contact Flow Description\n type: CONTACT_FLOW\n content:\n fn::toJSON:\n version: 2019-10-30\n startAction: 12345678-1234-1234-1234-123456789012\n actions:\n - identifier: 12345678-1234-1234-1234-123456789012\n type: MessageParticipant\n transitions:\n nextAction: abcdef-abcd-abcd-abcd-abcdefghijkl\n errors: []\n conditions: []\n parameters:\n text: Thanks for calling the sample flow!\n - identifier: abcdef-abcd-abcd-abcd-abcdefghijkl\n type: DisconnectParticipant\n transitions: {}\n parameters: {}\n tags:\n Name: Test Contact Flow\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With External Content\n\nUse the AWS CLI to extract Contact Flow Content:\n\n```console\n%!a(MISSING)ws connect describe-contact-flow --instance-id 1b3c5d8-1b3c-1b3c-1b3c-1b3c5d81b3c5 --contact-flow-id c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5 --region us-west-2 | jq '.ContactFlow.Content | fromjson' \u003e contact_flow.json\n```\n\nUse the generated file as input:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst test = new aws.connect.ContactFlow(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Test\",\n description: \"Test Contact Flow Description\",\n type: \"CONTACT_FLOW\",\n filename: \"contact_flow.json\",\n contentHash: std.filebase64sha256({\n input: \"contact_flow.json\",\n }).then(invoke =\u003e invoke.result),\n tags: {\n Name: \"Test Contact Flow\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ntest = aws.connect.ContactFlow(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Test\",\n description=\"Test Contact Flow Description\",\n type=\"CONTACT_FLOW\",\n filename=\"contact_flow.json\",\n content_hash=std.filebase64sha256(input=\"contact_flow.json\").result,\n tags={\n \"Name\": \"Test Contact Flow\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.ContactFlow(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Test\",\n Description = \"Test Contact Flow Description\",\n Type = \"CONTACT_FLOW\",\n Filename = \"contact_flow.json\",\n ContentHash = Std.Filebase64sha256.Invoke(new()\n {\n Input = \"contact_flow.json\",\n }).Apply(invoke =\u003e invoke.Result),\n Tags = \n {\n { \"Name\", \"Test Contact Flow\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilebase64sha256, err := std.Filebase64sha256(ctx, \u0026std.Filebase64sha256Args{\n\t\t\tInput: \"contact_flow.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = connect.NewContactFlow(ctx, \"test\", \u0026connect.ContactFlowArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Test\"),\n\t\t\tDescription: pulumi.String(\"Test Contact Flow Description\"),\n\t\t\tType: pulumi.String(\"CONTACT_FLOW\"),\n\t\t\tFilename: pulumi.String(\"contact_flow.json\"),\n\t\t\tContentHash: invokeFilebase64sha256.Result,\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Test Contact Flow\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlow;\nimport com.pulumi.aws.connect.ContactFlowArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ContactFlow(\"test\", ContactFlowArgs.builder() \n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Test\")\n .description(\"Test Contact Flow Description\")\n .type(\"CONTACT_FLOW\")\n .filename(\"contact_flow.json\")\n .contentHash(StdFunctions.filebase64sha256(Filebase64sha256Args.builder()\n .input(\"contact_flow.json\")\n .build()).result())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Test Contact Flow\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:ContactFlow\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Test\n description: Test Contact Flow Description\n type: CONTACT_FLOW\n filename: contact_flow.json\n contentHash:\n fn::invoke:\n Function: std:filebase64sha256\n Arguments:\n input: contact_flow.json\n Return: result\n tags:\n Name: Test Contact Flow\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Contact Flows using the `instance_id` and `contact_flow_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/contactFlow:ContactFlow example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", + "description": "Provides an Amazon Connect Contact Flow resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\nThis resource embeds or references Contact Flows specified in Amazon Connect Contact Flow Language. For more information see\n[Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html)\n\n!\u003e **WARN:** Contact Flows exported from the Console [Contact Flow import/export](https://docs.aws.amazon.com/connect/latest/adminguide/contact-flow-import-export.html) are not in the Amazon Connect Contact Flow Language and can not be used with this resource. Instead, the recommendation is to use the AWS CLI [`describe-contact-flow`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/connect/describe-contact-flow.html).\nSee example below which uses `jq` to extract the `Content` attribute and saves it to a local file.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.connect.ContactFlow(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Test\",\n description: \"Test Contact Flow Description\",\n type: \"CONTACT_FLOW\",\n content: JSON.stringify({\n Version: \"2019-10-30\",\n StartAction: \"12345678-1234-1234-1234-123456789012\",\n Actions: [\n {\n Identifier: \"12345678-1234-1234-1234-123456789012\",\n Type: \"MessageParticipant\",\n Transitions: {\n NextAction: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n Errors: [],\n Conditions: [],\n },\n Parameters: {\n Text: \"Thanks for calling the sample flow!\",\n },\n },\n {\n Identifier: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n Type: \"DisconnectParticipant\",\n Transitions: {},\n Parameters: {},\n },\n ],\n }),\n tags: {\n Name: \"Test Contact Flow\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.connect.ContactFlow(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Test\",\n description=\"Test Contact Flow Description\",\n type=\"CONTACT_FLOW\",\n content=json.dumps({\n \"Version\": \"2019-10-30\",\n \"StartAction\": \"12345678-1234-1234-1234-123456789012\",\n \"Actions\": [\n {\n \"Identifier\": \"12345678-1234-1234-1234-123456789012\",\n \"Type\": \"MessageParticipant\",\n \"Transitions\": {\n \"NextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"Errors\": [],\n \"Conditions\": [],\n },\n \"Parameters\": {\n \"Text\": \"Thanks for calling the sample flow!\",\n },\n },\n {\n \"Identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"Type\": \"DisconnectParticipant\",\n \"Transitions\": {},\n \"Parameters\": {},\n },\n ],\n }),\n tags={\n \"Name\": \"Test Contact Flow\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.ContactFlow(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Test\",\n Description = \"Test Contact Flow Description\",\n Type = \"CONTACT_FLOW\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2019-10-30\",\n [\"StartAction\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"Actions\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Identifier\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"Type\"] = \"MessageParticipant\",\n [\"Transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"NextAction\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"Errors\"] = new[]\n {\n },\n [\"Conditions\"] = new[]\n {\n },\n },\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Text\"] = \"Thanks for calling the sample flow!\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Identifier\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"Type\"] = \"DisconnectParticipant\",\n [\"Transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n }),\n Tags = \n {\n { \"Name\", \"Test Contact Flow\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2019-10-30\",\n\t\t\t\"StartAction\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\"Actions\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Identifier\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\t\t\"Type\": \"MessageParticipant\",\n\t\t\t\t\t\"Transitions\": map[string]interface{}{\n\t\t\t\t\t\t\"NextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\t\"Errors\": []interface{}{},\n\t\t\t\t\t\t\"Conditions\": []interface{}{},\n\t\t\t\t\t},\n\t\t\t\t\t\"Parameters\": map[string]interface{}{\n\t\t\t\t\t\t\"Text\": \"Thanks for calling the sample flow!\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\"Type\": \"DisconnectParticipant\",\n\t\t\t\t\t\"Transitions\": nil,\n\t\t\t\t\t\"Parameters\": nil,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = connect.NewContactFlow(ctx, \"test\", \u0026connect.ContactFlowArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Test\"),\n\t\t\tDescription: pulumi.String(\"Test Contact Flow Description\"),\n\t\t\tType: pulumi.String(\"CONTACT_FLOW\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Test Contact Flow\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlow;\nimport com.pulumi.aws.connect.ContactFlowArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ContactFlow(\"test\", ContactFlowArgs.builder() \n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Test\")\n .description(\"Test Contact Flow Description\")\n .type(\"CONTACT_FLOW\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2019-10-30\"),\n jsonProperty(\"StartAction\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"Actions\", jsonArray(\n jsonObject(\n jsonProperty(\"Identifier\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"Type\", \"MessageParticipant\"),\n jsonProperty(\"Transitions\", jsonObject(\n jsonProperty(\"NextAction\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"Errors\", jsonArray(\n )),\n jsonProperty(\"Conditions\", jsonArray(\n ))\n )),\n jsonProperty(\"Parameters\", jsonObject(\n jsonProperty(\"Text\", \"Thanks for calling the sample flow!\")\n ))\n ), \n jsonObject(\n jsonProperty(\"Identifier\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"Type\", \"DisconnectParticipant\"),\n jsonProperty(\"Transitions\", jsonObject(\n\n )),\n jsonProperty(\"Parameters\", jsonObject(\n\n ))\n )\n ))\n )))\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Test Contact Flow\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:ContactFlow\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Test\n description: Test Contact Flow Description\n type: CONTACT_FLOW\n content:\n fn::toJSON:\n Version: 2019-10-30\n StartAction: 12345678-1234-1234-1234-123456789012\n Actions:\n - Identifier: 12345678-1234-1234-1234-123456789012\n Type: MessageParticipant\n Transitions:\n NextAction: abcdef-abcd-abcd-abcd-abcdefghijkl\n Errors: []\n Conditions: []\n Parameters:\n Text: Thanks for calling the sample flow!\n - Identifier: abcdef-abcd-abcd-abcd-abcdefghijkl\n Type: DisconnectParticipant\n Transitions: {}\n Parameters: {}\n tags:\n Name: Test Contact Flow\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With External Content\n\nUse the AWS CLI to extract Contact Flow Content:\n\n```console\n%!a(MISSING)ws connect describe-contact-flow --instance-id 1b3c5d8-1b3c-1b3c-1b3c-1b3c5d81b3c5 --contact-flow-id c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5 --region us-west-2 | jq '.ContactFlow.Content | fromjson' \u003e contact_flow.json\n```\n\nUse the generated file as input:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst test = new aws.connect.ContactFlow(\"test\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Test\",\n description: \"Test Contact Flow Description\",\n type: \"CONTACT_FLOW\",\n filename: \"contact_flow.json\",\n contentHash: std.filebase64sha256({\n input: \"contact_flow.json\",\n }).then(invoke =\u003e invoke.result),\n tags: {\n Name: \"Test Contact Flow\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\ntest = aws.connect.ContactFlow(\"test\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Test\",\n description=\"Test Contact Flow Description\",\n type=\"CONTACT_FLOW\",\n filename=\"contact_flow.json\",\n content_hash=std.filebase64sha256(input=\"contact_flow.json\").result,\n tags={\n \"Name\": \"Test Contact Flow\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Connect.ContactFlow(\"test\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Test\",\n Description = \"Test Contact Flow Description\",\n Type = \"CONTACT_FLOW\",\n Filename = \"contact_flow.json\",\n ContentHash = Std.Filebase64sha256.Invoke(new()\n {\n Input = \"contact_flow.json\",\n }).Apply(invoke =\u003e invoke.Result),\n Tags = \n {\n { \"Name\", \"Test Contact Flow\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilebase64sha256, err := std.Filebase64sha256(ctx, \u0026std.Filebase64sha256Args{\n\t\t\tInput: \"contact_flow.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = connect.NewContactFlow(ctx, \"test\", \u0026connect.ContactFlowArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Test\"),\n\t\t\tDescription: pulumi.String(\"Test Contact Flow Description\"),\n\t\t\tType: pulumi.String(\"CONTACT_FLOW\"),\n\t\t\tFilename: pulumi.String(\"contact_flow.json\"),\n\t\t\tContentHash: invokeFilebase64sha256.Result,\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Test Contact Flow\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlow;\nimport com.pulumi.aws.connect.ContactFlowArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new ContactFlow(\"test\", ContactFlowArgs.builder() \n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Test\")\n .description(\"Test Contact Flow Description\")\n .type(\"CONTACT_FLOW\")\n .filename(\"contact_flow.json\")\n .contentHash(StdFunctions.filebase64sha256(Filebase64sha256Args.builder()\n .input(\"contact_flow.json\")\n .build()).result())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Test Contact Flow\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:connect:ContactFlow\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Test\n description: Test Contact Flow Description\n type: CONTACT_FLOW\n filename: contact_flow.json\n contentHash:\n fn::invoke:\n Function: std:filebase64sha256\n Arguments:\n input: contact_flow.json\n Return: result\n tags:\n Name: Test Contact Flow\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Contact Flows using the `instance_id` and `contact_flow_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/contactFlow:ContactFlow example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", @@ -192755,7 +192755,7 @@ } }, "aws:connect/contactFlowModule:ContactFlowModule": { - "description": "Provides an Amazon Connect Contact Flow Module resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\nThis resource embeds or references Contact Flows Modules specified in Amazon Connect Contact Flow Language. For more information see\n[Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html)\n\n!\u003e **WARN:** Contact Flow Modules exported from the Console [See Contact Flow import/export which is the same for Contact Flow Modules](https://docs.aws.amazon.com/connect/latest/adminguide/contact-flow-import-export.html) are not in the Amazon Connect Contact Flow Language and can not be used with this resource. Instead, the recommendation is to use the AWS CLI [`describe-contact-flow-module`](https://docs.aws.amazon.com/cli/latest/reference/connect/describe-contact-flow-module.html).\nSee example below which uses `jq` to extract the `Content` attribute and saves it to a local file.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.ContactFlowModule(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n description: \"Example Contact Flow Module Description\",\n content: JSON.stringify({\n version: \"2019-10-30\",\n startAction: \"12345678-1234-1234-1234-123456789012\",\n actions: [\n {\n identifier: \"12345678-1234-1234-1234-123456789012\",\n parameters: {\n text: \"Hello contact flow module\",\n },\n transitions: {\n nextAction: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n errors: [],\n conditions: [],\n },\n type: \"MessageParticipant\",\n },\n {\n identifier: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n type: \"DisconnectParticipant\",\n parameters: {},\n transitions: {},\n },\n ],\n settings: {\n inputParameters: [],\n outputParameters: [],\n transitions: [\n {\n displayName: \"Success\",\n referenceName: \"Success\",\n description: \"\",\n },\n {\n displayName: \"Error\",\n referenceName: \"Error\",\n description: \"\",\n },\n ],\n },\n }),\n tags: {\n Name: \"Example Contact Flow Module\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.connect.ContactFlowModule(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\",\n description=\"Example Contact Flow Module Description\",\n content=json.dumps({\n \"version\": \"2019-10-30\",\n \"startAction\": \"12345678-1234-1234-1234-123456789012\",\n \"actions\": [\n {\n \"identifier\": \"12345678-1234-1234-1234-123456789012\",\n \"parameters\": {\n \"text\": \"Hello contact flow module\",\n },\n \"transitions\": {\n \"nextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"errors\": [],\n \"conditions\": [],\n },\n \"type\": \"MessageParticipant\",\n },\n {\n \"identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"type\": \"DisconnectParticipant\",\n \"parameters\": {},\n \"transitions\": {},\n },\n ],\n \"settings\": {\n \"inputParameters\": [],\n \"outputParameters\": [],\n \"transitions\": [\n {\n \"displayName\": \"Success\",\n \"referenceName\": \"Success\",\n \"description\": \"\",\n },\n {\n \"displayName\": \"Error\",\n \"referenceName\": \"Error\",\n \"description\": \"\",\n },\n ],\n },\n }),\n tags={\n \"Name\": \"Example Contact Flow Module\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.ContactFlowModule(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n Description = \"Example Contact Flow Module Description\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2019-10-30\",\n [\"startAction\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"actions\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"identifier\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"text\"] = \"Hello contact flow module\",\n },\n [\"transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"nextAction\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"errors\"] = new[]\n {\n },\n [\"conditions\"] = new[]\n {\n },\n },\n [\"type\"] = \"MessageParticipant\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"identifier\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"type\"] = \"DisconnectParticipant\",\n [\"parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n [\"transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n [\"settings\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"inputParameters\"] = new[]\n {\n },\n [\"outputParameters\"] = new[]\n {\n },\n [\"transitions\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"displayName\"] = \"Success\",\n [\"referenceName\"] = \"Success\",\n [\"description\"] = \"\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"displayName\"] = \"Error\",\n [\"referenceName\"] = \"Error\",\n [\"description\"] = \"\",\n },\n },\n },\n }),\n Tags = \n {\n { \"Name\", \"Example Contact Flow Module\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2019-10-30\",\n\t\t\t\"startAction\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\"actions\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"identifier\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\t\t\"parameters\": map[string]interface{}{\n\t\t\t\t\t\t\"text\": \"Hello contact flow module\",\n\t\t\t\t\t},\n\t\t\t\t\t\"transitions\": map[string]interface{}{\n\t\t\t\t\t\t\"nextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\t\"errors\": []interface{}{},\n\t\t\t\t\t\t\"conditions\": []interface{}{},\n\t\t\t\t\t},\n\t\t\t\t\t\"type\": \"MessageParticipant\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\"type\": \"DisconnectParticipant\",\n\t\t\t\t\t\"parameters\": nil,\n\t\t\t\t\t\"transitions\": nil,\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"settings\": map[string]interface{}{\n\t\t\t\t\"inputParameters\": []interface{}{},\n\t\t\t\t\"outputParameters\": []interface{}{},\n\t\t\t\t\"transitions\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"displayName\": \"Success\",\n\t\t\t\t\t\t\"referenceName\": \"Success\",\n\t\t\t\t\t\t\"description\": \"\",\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"displayName\": \"Error\",\n\t\t\t\t\t\t\"referenceName\": \"Error\",\n\t\t\t\t\t\t\"description\": \"\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = connect.NewContactFlowModule(ctx, \"example\", \u0026connect.ContactFlowModuleArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"Example Contact Flow Module Description\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Contact Flow Module\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlowModule;\nimport com.pulumi.aws.connect.ContactFlowModuleArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactFlowModule(\"example\", ContactFlowModuleArgs.builder() \n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .description(\"Example Contact Flow Module Description\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2019-10-30\"),\n jsonProperty(\"startAction\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"actions\", jsonArray(\n jsonObject(\n jsonProperty(\"identifier\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"parameters\", jsonObject(\n jsonProperty(\"text\", \"Hello contact flow module\")\n )),\n jsonProperty(\"transitions\", jsonObject(\n jsonProperty(\"nextAction\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"errors\", jsonArray(\n )),\n jsonProperty(\"conditions\", jsonArray(\n ))\n )),\n jsonProperty(\"type\", \"MessageParticipant\")\n ), \n jsonObject(\n jsonProperty(\"identifier\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"type\", \"DisconnectParticipant\"),\n jsonProperty(\"parameters\", jsonObject(\n\n )),\n jsonProperty(\"transitions\", jsonObject(\n\n ))\n )\n )),\n jsonProperty(\"settings\", jsonObject(\n jsonProperty(\"inputParameters\", jsonArray(\n )),\n jsonProperty(\"outputParameters\", jsonArray(\n )),\n jsonProperty(\"transitions\", jsonArray(\n jsonObject(\n jsonProperty(\"displayName\", \"Success\"),\n jsonProperty(\"referenceName\", \"Success\"),\n jsonProperty(\"description\", \"\")\n ), \n jsonObject(\n jsonProperty(\"displayName\", \"Error\"),\n jsonProperty(\"referenceName\", \"Error\"),\n jsonProperty(\"description\", \"\")\n )\n ))\n ))\n )))\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Example Contact Flow Module\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:ContactFlowModule\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n description: Example Contact Flow Module Description\n content:\n fn::toJSON:\n version: 2019-10-30\n startAction: 12345678-1234-1234-1234-123456789012\n actions:\n - identifier: 12345678-1234-1234-1234-123456789012\n parameters:\n text: Hello contact flow module\n transitions:\n nextAction: abcdef-abcd-abcd-abcd-abcdefghijkl\n errors: []\n conditions: []\n type: MessageParticipant\n - identifier: abcdef-abcd-abcd-abcd-abcdefghijkl\n type: DisconnectParticipant\n parameters: {}\n transitions: {}\n settings:\n inputParameters: []\n outputParameters: []\n transitions:\n - displayName: Success\n referenceName: Success\n description:\n - displayName: Error\n referenceName: Error\n description:\n tags:\n Name: Example Contact Flow Module\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With External Content\n\nUse the AWS CLI to extract Contact Flow Content:\n\n```console\n%!a(MISSING)ws connect describe-contact-flow-module --instance-id 1b3c5d8-1b3c-1b3c-1b3c-1b3c5d81b3c5 --contact-flow-module-id c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5 --region us-west-2 | jq '.ContactFlowModule.Content | fromjson' \u003e contact_flow_module.json\n```\n\nUse the generated file as input:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.connect.ContactFlowModule(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n description: \"Example Contact Flow Module Description\",\n filename: \"contact_flow_module.json\",\n contentHash: std.filebase64sha256({\n input: \"contact_flow_module.json\",\n }).then(invoke =\u003e invoke.result),\n tags: {\n Name: \"Example Contact Flow Module\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.connect.ContactFlowModule(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\",\n description=\"Example Contact Flow Module Description\",\n filename=\"contact_flow_module.json\",\n content_hash=std.filebase64sha256(input=\"contact_flow_module.json\").result,\n tags={\n \"Name\": \"Example Contact Flow Module\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.ContactFlowModule(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n Description = \"Example Contact Flow Module Description\",\n Filename = \"contact_flow_module.json\",\n ContentHash = Std.Filebase64sha256.Invoke(new()\n {\n Input = \"contact_flow_module.json\",\n }).Apply(invoke =\u003e invoke.Result),\n Tags = \n {\n { \"Name\", \"Example Contact Flow Module\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilebase64sha256, err := std.Filebase64sha256(ctx, \u0026std.Filebase64sha256Args{\n\t\t\tInput: \"contact_flow_module.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = connect.NewContactFlowModule(ctx, \"example\", \u0026connect.ContactFlowModuleArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"Example Contact Flow Module Description\"),\n\t\t\tFilename: pulumi.String(\"contact_flow_module.json\"),\n\t\t\tContentHash: invokeFilebase64sha256.Result,\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Contact Flow Module\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlowModule;\nimport com.pulumi.aws.connect.ContactFlowModuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactFlowModule(\"example\", ContactFlowModuleArgs.builder() \n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .description(\"Example Contact Flow Module Description\")\n .filename(\"contact_flow_module.json\")\n .contentHash(StdFunctions.filebase64sha256(Filebase64sha256Args.builder()\n .input(\"contact_flow_module.json\")\n .build()).result())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Example Contact Flow Module\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:ContactFlowModule\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n description: Example Contact Flow Module Description\n filename: contact_flow_module.json\n contentHash:\n fn::invoke:\n Function: std:filebase64sha256\n Arguments:\n input: contact_flow_module.json\n Return: result\n tags:\n Name: Example Contact Flow Module\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Contact Flow Modules using the `instance_id` and `contact_flow_module_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/contactFlowModule:ContactFlowModule example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", + "description": "Provides an Amazon Connect Contact Flow Module resource. For more information see\n[Amazon Connect: Getting Started](https://docs.aws.amazon.com/connect/latest/adminguide/amazon-connect-get-started.html)\n\nThis resource embeds or references Contact Flows Modules specified in Amazon Connect Contact Flow Language. For more information see\n[Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html)\n\n!\u003e **WARN:** Contact Flow Modules exported from the Console [See Contact Flow import/export which is the same for Contact Flow Modules](https://docs.aws.amazon.com/connect/latest/adminguide/contact-flow-import-export.html) are not in the Amazon Connect Contact Flow Language and can not be used with this resource. Instead, the recommendation is to use the AWS CLI [`describe-contact-flow-module`](https://docs.aws.amazon.com/cli/latest/reference/connect/describe-contact-flow-module.html).\nSee example below which uses `jq` to extract the `Content` attribute and saves it to a local file.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.connect.ContactFlowModule(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n description: \"Example Contact Flow Module Description\",\n content: JSON.stringify({\n Version: \"2019-10-30\",\n StartAction: \"12345678-1234-1234-1234-123456789012\",\n Actions: [\n {\n Identifier: \"12345678-1234-1234-1234-123456789012\",\n Parameters: {\n Text: \"Hello contact flow module\",\n },\n Transitions: {\n NextAction: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n Errors: [],\n Conditions: [],\n },\n Type: \"MessageParticipant\",\n },\n {\n Identifier: \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n Type: \"DisconnectParticipant\",\n Parameters: {},\n Transitions: {},\n },\n ],\n Settings: {\n InputParameters: [],\n OutputParameters: [],\n Transitions: [\n {\n DisplayName: \"Success\",\n ReferenceName: \"Success\",\n Description: \"\",\n },\n {\n DisplayName: \"Error\",\n ReferenceName: \"Error\",\n Description: \"\",\n },\n ],\n },\n }),\n tags: {\n Name: \"Example Contact Flow Module\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.connect.ContactFlowModule(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\",\n description=\"Example Contact Flow Module Description\",\n content=json.dumps({\n \"Version\": \"2019-10-30\",\n \"StartAction\": \"12345678-1234-1234-1234-123456789012\",\n \"Actions\": [\n {\n \"Identifier\": \"12345678-1234-1234-1234-123456789012\",\n \"Parameters\": {\n \"Text\": \"Hello contact flow module\",\n },\n \"Transitions\": {\n \"NextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"Errors\": [],\n \"Conditions\": [],\n },\n \"Type\": \"MessageParticipant\",\n },\n {\n \"Identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n \"Type\": \"DisconnectParticipant\",\n \"Parameters\": {},\n \"Transitions\": {},\n },\n ],\n \"Settings\": {\n \"InputParameters\": [],\n \"OutputParameters\": [],\n \"Transitions\": [\n {\n \"DisplayName\": \"Success\",\n \"ReferenceName\": \"Success\",\n \"Description\": \"\",\n },\n {\n \"DisplayName\": \"Error\",\n \"ReferenceName\": \"Error\",\n \"Description\": \"\",\n },\n ],\n },\n }),\n tags={\n \"Name\": \"Example Contact Flow Module\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.ContactFlowModule(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n Description = \"Example Contact Flow Module Description\",\n Content = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2019-10-30\",\n [\"StartAction\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"Actions\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Identifier\"] = \"12345678-1234-1234-1234-123456789012\",\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Text\"] = \"Hello contact flow module\",\n },\n [\"Transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"NextAction\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"Errors\"] = new[]\n {\n },\n [\"Conditions\"] = new[]\n {\n },\n },\n [\"Type\"] = \"MessageParticipant\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Identifier\"] = \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n [\"Type\"] = \"DisconnectParticipant\",\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n [\"Transitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n },\n },\n },\n [\"Settings\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"InputParameters\"] = new[]\n {\n },\n [\"OutputParameters\"] = new[]\n {\n },\n [\"Transitions\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"DisplayName\"] = \"Success\",\n [\"ReferenceName\"] = \"Success\",\n [\"Description\"] = \"\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"DisplayName\"] = \"Error\",\n [\"ReferenceName\"] = \"Error\",\n [\"Description\"] = \"\",\n },\n },\n },\n }),\n Tags = \n {\n { \"Name\", \"Example Contact Flow Module\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2019-10-30\",\n\t\t\t\"StartAction\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\"Actions\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Identifier\": \"12345678-1234-1234-1234-123456789012\",\n\t\t\t\t\t\"Parameters\": map[string]interface{}{\n\t\t\t\t\t\t\"Text\": \"Hello contact flow module\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Transitions\": map[string]interface{}{\n\t\t\t\t\t\t\"NextAction\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\t\"Errors\": []interface{}{},\n\t\t\t\t\t\t\"Conditions\": []interface{}{},\n\t\t\t\t\t},\n\t\t\t\t\t\"Type\": \"MessageParticipant\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Identifier\": \"abcdef-abcd-abcd-abcd-abcdefghijkl\",\n\t\t\t\t\t\"Type\": \"DisconnectParticipant\",\n\t\t\t\t\t\"Parameters\": nil,\n\t\t\t\t\t\"Transitions\": nil,\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Settings\": map[string]interface{}{\n\t\t\t\t\"InputParameters\": []interface{}{},\n\t\t\t\t\"OutputParameters\": []interface{}{},\n\t\t\t\t\"Transitions\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"DisplayName\": \"Success\",\n\t\t\t\t\t\t\"ReferenceName\": \"Success\",\n\t\t\t\t\t\t\"Description\": \"\",\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"DisplayName\": \"Error\",\n\t\t\t\t\t\t\"ReferenceName\": \"Error\",\n\t\t\t\t\t\t\"Description\": \"\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = connect.NewContactFlowModule(ctx, \"example\", \u0026connect.ContactFlowModuleArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"Example Contact Flow Module Description\"),\n\t\t\tContent: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Contact Flow Module\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlowModule;\nimport com.pulumi.aws.connect.ContactFlowModuleArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactFlowModule(\"example\", ContactFlowModuleArgs.builder() \n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .description(\"Example Contact Flow Module Description\")\n .content(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2019-10-30\"),\n jsonProperty(\"StartAction\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"Actions\", jsonArray(\n jsonObject(\n jsonProperty(\"Identifier\", \"12345678-1234-1234-1234-123456789012\"),\n jsonProperty(\"Parameters\", jsonObject(\n jsonProperty(\"Text\", \"Hello contact flow module\")\n )),\n jsonProperty(\"Transitions\", jsonObject(\n jsonProperty(\"NextAction\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"Errors\", jsonArray(\n )),\n jsonProperty(\"Conditions\", jsonArray(\n ))\n )),\n jsonProperty(\"Type\", \"MessageParticipant\")\n ), \n jsonObject(\n jsonProperty(\"Identifier\", \"abcdef-abcd-abcd-abcd-abcdefghijkl\"),\n jsonProperty(\"Type\", \"DisconnectParticipant\"),\n jsonProperty(\"Parameters\", jsonObject(\n\n )),\n jsonProperty(\"Transitions\", jsonObject(\n\n ))\n )\n )),\n jsonProperty(\"Settings\", jsonObject(\n jsonProperty(\"InputParameters\", jsonArray(\n )),\n jsonProperty(\"OutputParameters\", jsonArray(\n )),\n jsonProperty(\"Transitions\", jsonArray(\n jsonObject(\n jsonProperty(\"DisplayName\", \"Success\"),\n jsonProperty(\"ReferenceName\", \"Success\"),\n jsonProperty(\"Description\", \"\")\n ), \n jsonObject(\n jsonProperty(\"DisplayName\", \"Error\"),\n jsonProperty(\"ReferenceName\", \"Error\"),\n jsonProperty(\"Description\", \"\")\n )\n ))\n ))\n )))\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Example Contact Flow Module\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:ContactFlowModule\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n description: Example Contact Flow Module Description\n content:\n fn::toJSON:\n Version: 2019-10-30\n StartAction: 12345678-1234-1234-1234-123456789012\n Actions:\n - Identifier: 12345678-1234-1234-1234-123456789012\n Parameters:\n Text: Hello contact flow module\n Transitions:\n NextAction: abcdef-abcd-abcd-abcd-abcdefghijkl\n Errors: []\n Conditions: []\n Type: MessageParticipant\n - Identifier: abcdef-abcd-abcd-abcd-abcdefghijkl\n Type: DisconnectParticipant\n Parameters: {}\n Transitions: {}\n Settings:\n InputParameters: []\n OutputParameters: []\n Transitions:\n - DisplayName: Success\n ReferenceName: Success\n Description:\n - DisplayName: Error\n ReferenceName: Error\n Description:\n tags:\n Name: Example Contact Flow Module\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With External Content\n\nUse the AWS CLI to extract Contact Flow Content:\n\n```console\n%!a(MISSING)ws connect describe-contact-flow-module --instance-id 1b3c5d8-1b3c-1b3c-1b3c-1b3c5d81b3c5 --contact-flow-module-id c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5 --region us-west-2 | jq '.ContactFlowModule.Content | fromjson' \u003e contact_flow_module.json\n```\n\nUse the generated file as input:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.connect.ContactFlowModule(\"example\", {\n instanceId: \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name: \"Example\",\n description: \"Example Contact Flow Module Description\",\n filename: \"contact_flow_module.json\",\n contentHash: std.filebase64sha256({\n input: \"contact_flow_module.json\",\n }).then(invoke =\u003e invoke.result),\n tags: {\n Name: \"Example Contact Flow Module\",\n Application: \"Example\",\n Method: \"Create\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.connect.ContactFlowModule(\"example\",\n instance_id=\"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n name=\"Example\",\n description=\"Example Contact Flow Module Description\",\n filename=\"contact_flow_module.json\",\n content_hash=std.filebase64sha256(input=\"contact_flow_module.json\").result,\n tags={\n \"Name\": \"Example Contact Flow Module\",\n \"Application\": \"Example\",\n \"Method\": \"Create\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Connect.ContactFlowModule(\"example\", new()\n {\n InstanceId = \"aaaaaaaa-bbbb-cccc-dddd-111111111111\",\n Name = \"Example\",\n Description = \"Example Contact Flow Module Description\",\n Filename = \"contact_flow_module.json\",\n ContentHash = Std.Filebase64sha256.Invoke(new()\n {\n Input = \"contact_flow_module.json\",\n }).Apply(invoke =\u003e invoke.Result),\n Tags = \n {\n { \"Name\", \"Example Contact Flow Module\" },\n { \"Application\", \"Example\" },\n { \"Method\", \"Create\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/connect\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilebase64sha256, err := std.Filebase64sha256(ctx, \u0026std.Filebase64sha256Args{\n\t\t\tInput: \"contact_flow_module.json\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = connect.NewContactFlowModule(ctx, \"example\", \u0026connect.ContactFlowModuleArgs{\n\t\t\tInstanceId: pulumi.String(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\"),\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"Example Contact Flow Module Description\"),\n\t\t\tFilename: pulumi.String(\"contact_flow_module.json\"),\n\t\t\tContentHash: invokeFilebase64sha256.Result,\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"Example Contact Flow Module\"),\n\t\t\t\t\"Application\": pulumi.String(\"Example\"),\n\t\t\t\t\"Method\": pulumi.String(\"Create\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.connect.ContactFlowModule;\nimport com.pulumi.aws.connect.ContactFlowModuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactFlowModule(\"example\", ContactFlowModuleArgs.builder() \n .instanceId(\"aaaaaaaa-bbbb-cccc-dddd-111111111111\")\n .name(\"Example\")\n .description(\"Example Contact Flow Module Description\")\n .filename(\"contact_flow_module.json\")\n .contentHash(StdFunctions.filebase64sha256(Filebase64sha256Args.builder()\n .input(\"contact_flow_module.json\")\n .build()).result())\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"Example Contact Flow Module\"),\n Map.entry(\"Application\", \"Example\"),\n Map.entry(\"Method\", \"Create\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:connect:ContactFlowModule\n properties:\n instanceId: aaaaaaaa-bbbb-cccc-dddd-111111111111\n name: Example\n description: Example Contact Flow Module Description\n filename: contact_flow_module.json\n contentHash:\n fn::invoke:\n Function: std:filebase64sha256\n Arguments:\n input: contact_flow_module.json\n Return: result\n tags:\n Name: Example Contact Flow Module\n Application: Example\n Method: Create\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Connect Contact Flow Modules using the `instance_id` and `contact_flow_module_id` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:connect/contactFlowModule:ContactFlowModule example f1288a1f-6193-445a-b47e-af739b2:c1d4e5f6-1b3c-1b3c-1b3c-c1d4e5f6c1d4e5\n```\n", "properties": { "arn": { "type": "string", @@ -194875,7 +194875,7 @@ } }, "aws:costexplorer/anomalyMonitor:AnomalyMonitor": { - "description": "Provides a CE Anomaly Monitor.\n\n## Example Usage\n\nThere are two main types of a Cost Anomaly Monitor: `DIMENSIONAL` and `CUSTOM`.\n\n### Dimensional Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceMonitor = new aws.costexplorer.AnomalyMonitor(\"service_monitor\", {\n name: \"AWSServiceMonitor\",\n monitorType: \"DIMENSIONAL\",\n monitorDimension: \"SERVICE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservice_monitor = aws.costexplorer.AnomalyMonitor(\"service_monitor\",\n name=\"AWSServiceMonitor\",\n monitor_type=\"DIMENSIONAL\",\n monitor_dimension=\"SERVICE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceMonitor = new Aws.CostExplorer.AnomalyMonitor(\"service_monitor\", new()\n {\n Name = \"AWSServiceMonitor\",\n MonitorType = \"DIMENSIONAL\",\n MonitorDimension = \"SERVICE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewAnomalyMonitor(ctx, \"service_monitor\", \u0026costexplorer.AnomalyMonitorArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tMonitorType: pulumi.String(\"DIMENSIONAL\"),\n\t\t\tMonitorDimension: pulumi.String(\"SERVICE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceMonitor = new AnomalyMonitor(\"serviceMonitor\", AnomalyMonitorArgs.builder() \n .name(\"AWSServiceMonitor\")\n .monitorType(\"DIMENSIONAL\")\n .monitorDimension(\"SERVICE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceMonitor:\n type: aws:costexplorer:AnomalyMonitor\n name: service_monitor\n properties:\n name: AWSServiceMonitor\n monitorType: DIMENSIONAL\n monitorDimension: SERVICE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalyMonitor(\"test\", {\n name: \"AWSCustomAnomalyMonitor\",\n monitorType: \"CUSTOM\",\n monitorSpecification: JSON.stringify({\n and: undefined,\n costCategories: undefined,\n dimensions: undefined,\n not: undefined,\n or: undefined,\n tags: {\n key: \"CostCenter\",\n matchOptions: undefined,\n values: [\"10000\"],\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalyMonitor(\"test\",\n name=\"AWSCustomAnomalyMonitor\",\n monitor_type=\"CUSTOM\",\n monitor_specification=json.dumps({\n \"and\": None,\n \"costCategories\": None,\n \"dimensions\": None,\n \"not\": None,\n \"or\": None,\n \"tags\": {\n \"key\": \"CostCenter\",\n \"matchOptions\": None,\n \"values\": [\"10000\"],\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalyMonitor(\"test\", new()\n {\n Name = \"AWSCustomAnomalyMonitor\",\n MonitorType = \"CUSTOM\",\n MonitorSpecification = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"and\"] = null,\n [\"costCategories\"] = null,\n [\"dimensions\"] = null,\n [\"not\"] = null,\n [\"or\"] = null,\n [\"tags\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"key\"] = \"CostCenter\",\n [\"matchOptions\"] = null,\n [\"values\"] = new[]\n {\n \"10000\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"and\": nil,\n\t\t\t\"costCategories\": nil,\n\t\t\t\"dimensions\": nil,\n\t\t\t\"not\": nil,\n\t\t\t\"or\": nil,\n\t\t\t\"tags\": map[string]interface{}{\n\t\t\t\t\"key\": \"CostCenter\",\n\t\t\t\t\"matchOptions\": nil,\n\t\t\t\t\"values\": []string{\n\t\t\t\t\t\"10000\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = costexplorer.NewAnomalyMonitor(ctx, \"test\", \u0026costexplorer.AnomalyMonitorArgs{\n\t\t\tName: pulumi.String(\"AWSCustomAnomalyMonitor\"),\n\t\t\tMonitorType: pulumi.String(\"CUSTOM\"),\n\t\t\tMonitorSpecification: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalyMonitor(\"test\", AnomalyMonitorArgs.builder() \n .name(\"AWSCustomAnomalyMonitor\")\n .monitorType(\"CUSTOM\")\n .monitorSpecification(serializeJson(\n jsonObject(\n jsonProperty(\"and\", null),\n jsonProperty(\"costCategories\", null),\n jsonProperty(\"dimensions\", null),\n jsonProperty(\"not\", null),\n jsonProperty(\"or\", null),\n jsonProperty(\"tags\", jsonObject(\n jsonProperty(\"key\", \"CostCenter\"),\n jsonProperty(\"matchOptions\", null),\n jsonProperty(\"values\", jsonArray(\"10000\"))\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalyMonitor\n properties:\n name: AWSCustomAnomalyMonitor\n monitorType: CUSTOM\n monitorSpecification:\n fn::toJSON:\n and: null\n costCategories: null\n dimensions: null\n not: null\n or: null\n tags:\n key: CostCenter\n matchOptions: null\n values:\n - '10000'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ce_anomaly_monitor` using the `id`. For example:\n\n```sh\n$ pulumi import aws:costexplorer/anomalyMonitor:AnomalyMonitor example costAnomalyMonitorARN\n```\n", + "description": "Provides a CE Anomaly Monitor.\n\n## Example Usage\n\nThere are two main types of a Cost Anomaly Monitor: `DIMENSIONAL` and `CUSTOM`.\n\n### Dimensional Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst serviceMonitor = new aws.costexplorer.AnomalyMonitor(\"service_monitor\", {\n name: \"AWSServiceMonitor\",\n monitorType: \"DIMENSIONAL\",\n monitorDimension: \"SERVICE\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nservice_monitor = aws.costexplorer.AnomalyMonitor(\"service_monitor\",\n name=\"AWSServiceMonitor\",\n monitor_type=\"DIMENSIONAL\",\n monitor_dimension=\"SERVICE\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var serviceMonitor = new Aws.CostExplorer.AnomalyMonitor(\"service_monitor\", new()\n {\n Name = \"AWSServiceMonitor\",\n MonitorType = \"DIMENSIONAL\",\n MonitorDimension = \"SERVICE\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewAnomalyMonitor(ctx, \"service_monitor\", \u0026costexplorer.AnomalyMonitorArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tMonitorType: pulumi.String(\"DIMENSIONAL\"),\n\t\t\tMonitorDimension: pulumi.String(\"SERVICE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var serviceMonitor = new AnomalyMonitor(\"serviceMonitor\", AnomalyMonitorArgs.builder() \n .name(\"AWSServiceMonitor\")\n .monitorType(\"DIMENSIONAL\")\n .monitorDimension(\"SERVICE\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n serviceMonitor:\n type: aws:costexplorer:AnomalyMonitor\n name: service_monitor\n properties:\n name: AWSServiceMonitor\n monitorType: DIMENSIONAL\n monitorDimension: SERVICE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalyMonitor(\"test\", {\n name: \"AWSCustomAnomalyMonitor\",\n monitorType: \"CUSTOM\",\n monitorSpecification: JSON.stringify({\n And: undefined,\n CostCategories: undefined,\n Dimensions: undefined,\n Not: undefined,\n Or: undefined,\n Tags: {\n Key: \"CostCenter\",\n MatchOptions: undefined,\n Values: [\"10000\"],\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalyMonitor(\"test\",\n name=\"AWSCustomAnomalyMonitor\",\n monitor_type=\"CUSTOM\",\n monitor_specification=json.dumps({\n \"And\": None,\n \"CostCategories\": None,\n \"Dimensions\": None,\n \"Not\": None,\n \"Or\": None,\n \"Tags\": {\n \"Key\": \"CostCenter\",\n \"MatchOptions\": None,\n \"Values\": [\"10000\"],\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalyMonitor(\"test\", new()\n {\n Name = \"AWSCustomAnomalyMonitor\",\n MonitorType = \"CUSTOM\",\n MonitorSpecification = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"And\"] = null,\n [\"CostCategories\"] = null,\n [\"Dimensions\"] = null,\n [\"Not\"] = null,\n [\"Or\"] = null,\n [\"Tags\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Key\"] = \"CostCenter\",\n [\"MatchOptions\"] = null,\n [\"Values\"] = new[]\n {\n \"10000\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"And\": nil,\n\t\t\t\"CostCategories\": nil,\n\t\t\t\"Dimensions\": nil,\n\t\t\t\"Not\": nil,\n\t\t\t\"Or\": nil,\n\t\t\t\"Tags\": map[string]interface{}{\n\t\t\t\t\"Key\": \"CostCenter\",\n\t\t\t\t\"MatchOptions\": nil,\n\t\t\t\t\"Values\": []string{\n\t\t\t\t\t\"10000\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = costexplorer.NewAnomalyMonitor(ctx, \"test\", \u0026costexplorer.AnomalyMonitorArgs{\n\t\t\tName: pulumi.String(\"AWSCustomAnomalyMonitor\"),\n\t\t\tMonitorType: pulumi.String(\"CUSTOM\"),\n\t\t\tMonitorSpecification: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalyMonitor(\"test\", AnomalyMonitorArgs.builder() \n .name(\"AWSCustomAnomalyMonitor\")\n .monitorType(\"CUSTOM\")\n .monitorSpecification(serializeJson(\n jsonObject(\n jsonProperty(\"And\", null),\n jsonProperty(\"CostCategories\", null),\n jsonProperty(\"Dimensions\", null),\n jsonProperty(\"Not\", null),\n jsonProperty(\"Or\", null),\n jsonProperty(\"Tags\", jsonObject(\n jsonProperty(\"Key\", \"CostCenter\"),\n jsonProperty(\"MatchOptions\", null),\n jsonProperty(\"Values\", jsonArray(\"10000\"))\n ))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalyMonitor\n properties:\n name: AWSCustomAnomalyMonitor\n monitorType: CUSTOM\n monitorSpecification:\n fn::toJSON:\n And: null\n CostCategories: null\n Dimensions: null\n Not: null\n Or: null\n Tags:\n Key: CostCenter\n MatchOptions: null\n Values:\n - '10000'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ce_anomaly_monitor` using the `id`. For example:\n\n```sh\n$ pulumi import aws:costexplorer/anomalyMonitor:AnomalyMonitor example costAnomalyMonitorARN\n```\n", "properties": { "arn": { "type": "string", @@ -194994,7 +194994,7 @@ } }, "aws:costexplorer/anomalySubscription:AnomalySubscription": { - "description": "Provides a CE Anomaly Subscription.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalyMonitor(\"test\", {\n name: \"AWSServiceMonitor\",\n monitorType: \"DIMENSIONAL\",\n monitorDimension: \"SERVICE\",\n});\nconst testAnomalySubscription = new aws.costexplorer.AnomalySubscription(\"test\", {\n name: \"DAILYSUBSCRIPTION\",\n frequency: \"DAILY\",\n monitorArnLists: [test.arn],\n subscribers: [{\n type: \"EMAIL\",\n address: \"abc@example.com\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalyMonitor(\"test\",\n name=\"AWSServiceMonitor\",\n monitor_type=\"DIMENSIONAL\",\n monitor_dimension=\"SERVICE\")\ntest_anomaly_subscription = aws.costexplorer.AnomalySubscription(\"test\",\n name=\"DAILYSUBSCRIPTION\",\n frequency=\"DAILY\",\n monitor_arn_lists=[test.arn],\n subscribers=[aws.costexplorer.AnomalySubscriptionSubscriberArgs(\n type=\"EMAIL\",\n address=\"abc@example.com\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalyMonitor(\"test\", new()\n {\n Name = \"AWSServiceMonitor\",\n MonitorType = \"DIMENSIONAL\",\n MonitorDimension = \"SERVICE\",\n });\n\n var testAnomalySubscription = new Aws.CostExplorer.AnomalySubscription(\"test\", new()\n {\n Name = \"DAILYSUBSCRIPTION\",\n Frequency = \"DAILY\",\n MonitorArnLists = new[]\n {\n test.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"EMAIL\",\n Address = \"abc@example.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := costexplorer.NewAnomalyMonitor(ctx, \"test\", \u0026costexplorer.AnomalyMonitorArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tMonitorType: pulumi.String(\"DIMENSIONAL\"),\n\t\t\tMonitorDimension: pulumi.String(\"SERVICE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = costexplorer.NewAnomalySubscription(ctx, \"test\", \u0026costexplorer.AnomalySubscriptionArgs{\n\t\t\tName: pulumi.String(\"DAILYSUBSCRIPTION\"),\n\t\t\tFrequency: pulumi.String(\"DAILY\"),\n\t\t\tMonitorArnLists: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t},\n\t\t\tSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\t\t\t\t\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\n\t\t\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t\t\t\tAddress: pulumi.String(\"abc@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalyMonitor(\"test\", AnomalyMonitorArgs.builder() \n .name(\"AWSServiceMonitor\")\n .monitorType(\"DIMENSIONAL\")\n .monitorDimension(\"SERVICE\")\n .build());\n\n var testAnomalySubscription = new AnomalySubscription(\"testAnomalySubscription\", AnomalySubscriptionArgs.builder() \n .name(\"DAILYSUBSCRIPTION\")\n .frequency(\"DAILY\")\n .monitorArnLists(test.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"EMAIL\")\n .address(\"abc@example.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalyMonitor\n properties:\n name: AWSServiceMonitor\n monitorType: DIMENSIONAL\n monitorDimension: SERVICE\n testAnomalySubscription:\n type: aws:costexplorer:AnomalySubscription\n name: test\n properties:\n name: DAILYSUBSCRIPTION\n frequency: DAILY\n monitorArnLists:\n - ${test.arn}\n subscribers:\n - type: EMAIL\n address: abc@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Threshold Expression Example\n\n### For a Specific Dimension\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalySubscription(\"test\", {\n name: \"AWSServiceMonitor\",\n frequency: \"DAILY\",\n monitorArnLists: [testAwsCeAnomalyMonitor.arn],\n subscribers: [{\n type: \"EMAIL\",\n address: \"abc@example.com\",\n }],\n thresholdExpression: {\n dimension: {\n key: \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n values: [\"100.0\"],\n matchOptions: [\"GREATER_THAN_OR_EQUAL\"],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalySubscription(\"test\",\n name=\"AWSServiceMonitor\",\n frequency=\"DAILY\",\n monitor_arn_lists=[test_aws_ce_anomaly_monitor[\"arn\"]],\n subscribers=[aws.costexplorer.AnomalySubscriptionSubscriberArgs(\n type=\"EMAIL\",\n address=\"abc@example.com\",\n )],\n threshold_expression=aws.costexplorer.AnomalySubscriptionThresholdExpressionArgs(\n dimension=aws.costexplorer.AnomalySubscriptionThresholdExpressionDimensionArgs(\n key=\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n values=[\"100.0\"],\n match_options=[\"GREATER_THAN_OR_EQUAL\"],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalySubscription(\"test\", new()\n {\n Name = \"AWSServiceMonitor\",\n Frequency = \"DAILY\",\n MonitorArnLists = new[]\n {\n testAwsCeAnomalyMonitor.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"EMAIL\",\n Address = \"abc@example.com\",\n },\n },\n ThresholdExpression = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionDimensionArgs\n {\n Key = \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n Values = new[]\n {\n \"100.0\",\n },\n MatchOptions = new[]\n {\n \"GREATER_THAN_OR_EQUAL\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewAnomalySubscription(ctx, \"test\", \u0026costexplorer.AnomalySubscriptionArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tFrequency: pulumi.String(\"DAILY\"),\n\t\t\tMonitorArnLists: pulumi.StringArray{\n\t\t\t\ttestAwsCeAnomalyMonitor.Arn,\n\t\t\t},\n\t\t\tSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\t\t\t\t\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\n\t\t\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t\t\t\tAddress: pulumi.String(\"abc@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tThresholdExpression: \u0026costexplorer.AnomalySubscriptionThresholdExpressionArgs{\n\t\t\t\tDimension: \u0026costexplorer.AnomalySubscriptionThresholdExpressionDimensionArgs{\n\t\t\t\t\tKey: pulumi.String(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"100.0\"),\n\t\t\t\t\t},\n\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GREATER_THAN_OR_EQUAL\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionDimensionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalySubscription(\"test\", AnomalySubscriptionArgs.builder() \n .name(\"AWSServiceMonitor\")\n .frequency(\"DAILY\")\n .monitorArnLists(testAwsCeAnomalyMonitor.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"EMAIL\")\n .address(\"abc@example.com\")\n .build())\n .thresholdExpression(AnomalySubscriptionThresholdExpressionArgs.builder()\n .dimension(AnomalySubscriptionThresholdExpressionDimensionArgs.builder()\n .key(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\")\n .values(\"100.0\")\n .matchOptions(\"GREATER_THAN_OR_EQUAL\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalySubscription\n properties:\n name: AWSServiceMonitor\n frequency: DAILY\n monitorArnLists:\n - ${testAwsCeAnomalyMonitor.arn}\n subscribers:\n - type: EMAIL\n address: abc@example.com\n thresholdExpression:\n dimension:\n key: ANOMALY_TOTAL_IMPACT_ABSOLUTE\n values:\n - '100.0'\n matchOptions:\n - GREATER_THAN_OR_EQUAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using an `and` Expression\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalySubscription(\"test\", {\n name: \"AWSServiceMonitor\",\n frequency: \"DAILY\",\n monitorArnLists: [testAwsCeAnomalyMonitor.arn],\n subscribers: [{\n type: \"EMAIL\",\n address: \"abc@example.com\",\n }],\n thresholdExpression: {\n ands: [\n {\n dimension: {\n key: \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n matchOptions: [\"GREATER_THAN_OR_EQUAL\"],\n values: [\"100\"],\n },\n },\n {\n dimension: {\n key: \"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n matchOptions: [\"GREATER_THAN_OR_EQUAL\"],\n values: [\"50\"],\n },\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalySubscription(\"test\",\n name=\"AWSServiceMonitor\",\n frequency=\"DAILY\",\n monitor_arn_lists=[test_aws_ce_anomaly_monitor[\"arn\"]],\n subscribers=[aws.costexplorer.AnomalySubscriptionSubscriberArgs(\n type=\"EMAIL\",\n address=\"abc@example.com\",\n )],\n threshold_expression=aws.costexplorer.AnomalySubscriptionThresholdExpressionArgs(\n ands=[\n aws.costexplorer.AnomalySubscriptionThresholdExpressionAndArgs(\n dimension=aws.costexplorer.AnomalySubscriptionThresholdExpressionAndDimensionArgs(\n key=\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n match_options=[\"GREATER_THAN_OR_EQUAL\"],\n values=[\"100\"],\n ),\n ),\n aws.costexplorer.AnomalySubscriptionThresholdExpressionAndArgs(\n dimension=aws.costexplorer.AnomalySubscriptionThresholdExpressionAndDimensionArgs(\n key=\"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n match_options=[\"GREATER_THAN_OR_EQUAL\"],\n values=[\"50\"],\n ),\n ),\n ],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalySubscription(\"test\", new()\n {\n Name = \"AWSServiceMonitor\",\n Frequency = \"DAILY\",\n MonitorArnLists = new[]\n {\n testAwsCeAnomalyMonitor.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"EMAIL\",\n Address = \"abc@example.com\",\n },\n },\n ThresholdExpression = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionArgs\n {\n Ands = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndDimensionArgs\n {\n Key = \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n MatchOptions = new[]\n {\n \"GREATER_THAN_OR_EQUAL\",\n },\n Values = new[]\n {\n \"100\",\n },\n },\n },\n new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndDimensionArgs\n {\n Key = \"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n MatchOptions = new[]\n {\n \"GREATER_THAN_OR_EQUAL\",\n },\n Values = new[]\n {\n \"50\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewAnomalySubscription(ctx, \"test\", \u0026costexplorer.AnomalySubscriptionArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tFrequency: pulumi.String(\"DAILY\"),\n\t\t\tMonitorArnLists: pulumi.StringArray{\n\t\t\t\ttestAwsCeAnomalyMonitor.Arn,\n\t\t\t},\n\t\t\tSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\t\t\t\t\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\n\t\t\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t\t\t\tAddress: pulumi.String(\"abc@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tThresholdExpression: \u0026costexplorer.AnomalySubscriptionThresholdExpressionArgs{\n\t\t\t\tAnds: costexplorer.AnomalySubscriptionThresholdExpressionAndArray{\n\t\t\t\t\t\u0026costexplorer.AnomalySubscriptionThresholdExpressionAndArgs{\n\t\t\t\t\t\tDimension: \u0026costexplorer.AnomalySubscriptionThresholdExpressionAndDimensionArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\"),\n\t\t\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"GREATER_THAN_OR_EQUAL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"100\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026costexplorer.AnomalySubscriptionThresholdExpressionAndArgs{\n\t\t\t\t\t\tDimension: \u0026costexplorer.AnomalySubscriptionThresholdExpressionAndDimensionArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"ANOMALY_TOTAL_IMPACT_PERCENTAGE\"),\n\t\t\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"GREATER_THAN_OR_EQUAL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"50\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalySubscription(\"test\", AnomalySubscriptionArgs.builder() \n .name(\"AWSServiceMonitor\")\n .frequency(\"DAILY\")\n .monitorArnLists(testAwsCeAnomalyMonitor.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"EMAIL\")\n .address(\"abc@example.com\")\n .build())\n .thresholdExpression(AnomalySubscriptionThresholdExpressionArgs.builder()\n .ands( \n AnomalySubscriptionThresholdExpressionAndArgs.builder()\n .dimension(AnomalySubscriptionThresholdExpressionAndDimensionArgs.builder()\n .key(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\")\n .matchOptions(\"GREATER_THAN_OR_EQUAL\")\n .values(\"100\")\n .build())\n .build(),\n AnomalySubscriptionThresholdExpressionAndArgs.builder()\n .dimension(AnomalySubscriptionThresholdExpressionAndDimensionArgs.builder()\n .key(\"ANOMALY_TOTAL_IMPACT_PERCENTAGE\")\n .matchOptions(\"GREATER_THAN_OR_EQUAL\")\n .values(\"50\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalySubscription\n properties:\n name: AWSServiceMonitor\n frequency: DAILY\n monitorArnLists:\n - ${testAwsCeAnomalyMonitor.arn}\n subscribers:\n - type: EMAIL\n address: abc@example.com\n thresholdExpression:\n ands:\n - dimension:\n key: ANOMALY_TOTAL_IMPACT_ABSOLUTE\n matchOptions:\n - GREATER_THAN_OR_EQUAL\n values:\n - '100'\n - dimension:\n key: ANOMALY_TOTAL_IMPACT_PERCENTAGE\n matchOptions:\n - GREATER_THAN_OR_EQUAL\n values:\n - '50'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SNS Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst costAnomalyUpdates = new aws.sns.Topic(\"cost_anomaly_updates\", {name: \"CostAnomalyUpdates\"});\nconst snsTopicPolicy = pulumi.all([costAnomalyUpdates.arn, costAnomalyUpdates.arn]).apply(([costAnomalyUpdatesArn, costAnomalyUpdatesArn1]) =\u003e aws.iam.getPolicyDocumentOutput({\n policyId: \"__default_policy_ID\",\n statements: [\n {\n sid: \"AWSAnomalyDetectionSNSPublishingPermissions\",\n actions: [\"SNS:Publish\"],\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"costalerts.amazonaws.com\"],\n }],\n resources: [costAnomalyUpdatesArn],\n },\n {\n sid: \"__default_statement_ID\",\n actions: [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n conditions: [{\n test: \"StringEquals\",\n variable: \"AWS:SourceOwner\",\n values: [account_id],\n }],\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n resources: [costAnomalyUpdatesArn1],\n },\n ],\n}));\nconst _default = new aws.sns.TopicPolicy(\"default\", {\n arn: costAnomalyUpdates.arn,\n policy: snsTopicPolicy.apply(snsTopicPolicy =\u003e snsTopicPolicy.json),\n});\nconst anomalyMonitor = new aws.costexplorer.AnomalyMonitor(\"anomaly_monitor\", {\n name: \"AWSServiceMonitor\",\n monitorType: \"DIMENSIONAL\",\n monitorDimension: \"SERVICE\",\n});\nconst realtimeSubscription = new aws.costexplorer.AnomalySubscription(\"realtime_subscription\", {\n name: \"RealtimeAnomalySubscription\",\n frequency: \"IMMEDIATE\",\n monitorArnLists: [anomalyMonitor.arn],\n subscribers: [{\n type: \"SNS\",\n address: costAnomalyUpdates.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost_anomaly_updates = aws.sns.Topic(\"cost_anomaly_updates\", name=\"CostAnomalyUpdates\")\nsns_topic_policy = pulumi.Output.all(cost_anomaly_updates.arn, cost_anomaly_updates.arn).apply(lambda costAnomalyUpdatesArn, costAnomalyUpdatesArn1: aws.iam.get_policy_document_output(policy_id=\"__default_policy_ID\",\n statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"AWSAnomalyDetectionSNSPublishingPermissions\",\n actions=[\"SNS:Publish\"],\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"costalerts.amazonaws.com\"],\n )],\n resources=[cost_anomaly_updates_arn],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"__default_statement_ID\",\n actions=[\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"StringEquals\",\n variable=\"AWS:SourceOwner\",\n values=[account_id],\n )],\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"AWS\",\n identifiers=[\"*\"],\n )],\n resources=[cost_anomaly_updates_arn1],\n ),\n ]))\ndefault = aws.sns.TopicPolicy(\"default\",\n arn=cost_anomaly_updates.arn,\n policy=sns_topic_policy.json)\nanomaly_monitor = aws.costexplorer.AnomalyMonitor(\"anomaly_monitor\",\n name=\"AWSServiceMonitor\",\n monitor_type=\"DIMENSIONAL\",\n monitor_dimension=\"SERVICE\")\nrealtime_subscription = aws.costexplorer.AnomalySubscription(\"realtime_subscription\",\n name=\"RealtimeAnomalySubscription\",\n frequency=\"IMMEDIATE\",\n monitor_arn_lists=[anomaly_monitor.arn],\n subscribers=[aws.costexplorer.AnomalySubscriptionSubscriberArgs(\n type=\"SNS\",\n address=cost_anomaly_updates.arn,\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var costAnomalyUpdates = new Aws.Sns.Topic(\"cost_anomaly_updates\", new()\n {\n Name = \"CostAnomalyUpdates\",\n });\n\n var snsTopicPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n PolicyId = \"__default_policy_ID\",\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSAnomalyDetectionSNSPublishingPermissions\",\n Actions = new[]\n {\n \"SNS:Publish\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"costalerts.amazonaws.com\",\n },\n },\n },\n Resources = new[]\n {\n costAnomalyUpdates.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"__default_statement_ID\",\n Actions = new[]\n {\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"AWS:SourceOwner\",\n Values = new[]\n {\n account_id,\n },\n },\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Resources = new[]\n {\n costAnomalyUpdates.Arn,\n },\n },\n },\n });\n\n var @default = new Aws.Sns.TopicPolicy(\"default\", new()\n {\n Arn = costAnomalyUpdates.Arn,\n Policy = snsTopicPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var anomalyMonitor = new Aws.CostExplorer.AnomalyMonitor(\"anomaly_monitor\", new()\n {\n Name = \"AWSServiceMonitor\",\n MonitorType = \"DIMENSIONAL\",\n MonitorDimension = \"SERVICE\",\n });\n\n var realtimeSubscription = new Aws.CostExplorer.AnomalySubscription(\"realtime_subscription\", new()\n {\n Name = \"RealtimeAnomalySubscription\",\n Frequency = \"IMMEDIATE\",\n MonitorArnLists = new[]\n {\n anomalyMonitor.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"SNS\",\n Address = costAnomalyUpdates.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncostAnomalyUpdates, err := sns.NewTopic(ctx, \"cost_anomaly_updates\", \u0026sns.TopicArgs{\nName: pulumi.String(\"CostAnomalyUpdates\"),\n})\nif err != nil {\nreturn err\n}\nsnsTopicPolicy := pulumi.All(costAnomalyUpdates.Arn,costAnomalyUpdates.Arn).ApplyT(func(_args []interface{}) (iam.GetPolicyDocumentResult, error) {\ncostAnomalyUpdatesArn := _args[0].(string)\ncostAnomalyUpdatesArn1 := _args[1].(string)\nreturn iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nPolicyId: \"__default_policy_ID\",\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: \"AWSAnomalyDetectionSNSPublishingPermissions\",\nActions: []string{\n\"SNS:Publish\",\n},\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"costalerts.amazonaws.com\",\n},\n},\n},\nResources: interface{}{\ncostAnomalyUpdatesArn,\n},\n},\n{\nSid: \"__default_statement_ID\",\nActions: []string{\n\"SNS:Subscribe\",\n\"SNS:SetTopicAttributes\",\n\"SNS:RemovePermission\",\n\"SNS:Receive\",\n\"SNS:Publish\",\n\"SNS:ListSubscriptionsByTopic\",\n\"SNS:GetTopicAttributes\",\n\"SNS:DeleteTopic\",\n\"SNS:AddPermission\",\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nVariable: \"AWS:SourceOwner\",\nValues: interface{}{\naccount_id,\n},\n},\n},\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nResources: interface{}{\ncostAnomalyUpdatesArn1,\n},\n},\n},\n}, nil), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = sns.NewTopicPolicy(ctx, \"default\", \u0026sns.TopicPolicyArgs{\nArn: costAnomalyUpdates.Arn,\nPolicy: snsTopicPolicy.ApplyT(func(snsTopicPolicy iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026snsTopicPolicy.Json, nil\n}).(pulumi.StringPtrOutput),\n})\nif err != nil {\nreturn err\n}\nanomalyMonitor, err := costexplorer.NewAnomalyMonitor(ctx, \"anomaly_monitor\", \u0026costexplorer.AnomalyMonitorArgs{\nName: pulumi.String(\"AWSServiceMonitor\"),\nMonitorType: pulumi.String(\"DIMENSIONAL\"),\nMonitorDimension: pulumi.String(\"SERVICE\"),\n})\nif err != nil {\nreturn err\n}\n_, err = costexplorer.NewAnomalySubscription(ctx, \"realtime_subscription\", \u0026costexplorer.AnomalySubscriptionArgs{\nName: pulumi.String(\"RealtimeAnomalySubscription\"),\nFrequency: pulumi.String(\"IMMEDIATE\"),\nMonitorArnLists: pulumi.StringArray{\nanomalyMonitor.Arn,\n},\nSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\nType: pulumi.String(\"SNS\"),\nAddress: costAnomalyUpdates.Arn,\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.TopicPolicy;\nimport com.pulumi.aws.sns.TopicPolicyArgs;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var costAnomalyUpdates = new Topic(\"costAnomalyUpdates\", TopicArgs.builder() \n .name(\"CostAnomalyUpdates\")\n .build());\n\n final var snsTopicPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .policyId(\"__default_policy_ID\")\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSAnomalyDetectionSNSPublishingPermissions\")\n .actions(\"SNS:Publish\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"costalerts.amazonaws.com\")\n .build())\n .resources(costAnomalyUpdates.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"__default_statement_ID\")\n .actions( \n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"AWS:SourceOwner\")\n .values(account_id)\n .build())\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .resources(costAnomalyUpdates.arn())\n .build())\n .build());\n\n var default_ = new TopicPolicy(\"default\", TopicPolicyArgs.builder() \n .arn(costAnomalyUpdates.arn())\n .policy(snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(snsTopicPolicy -\u003e snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var anomalyMonitor = new AnomalyMonitor(\"anomalyMonitor\", AnomalyMonitorArgs.builder() \n .name(\"AWSServiceMonitor\")\n .monitorType(\"DIMENSIONAL\")\n .monitorDimension(\"SERVICE\")\n .build());\n\n var realtimeSubscription = new AnomalySubscription(\"realtimeSubscription\", AnomalySubscriptionArgs.builder() \n .name(\"RealtimeAnomalySubscription\")\n .frequency(\"IMMEDIATE\")\n .monitorArnLists(anomalyMonitor.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"SNS\")\n .address(costAnomalyUpdates.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n costAnomalyUpdates:\n type: aws:sns:Topic\n name: cost_anomaly_updates\n properties:\n name: CostAnomalyUpdates\n default:\n type: aws:sns:TopicPolicy\n properties:\n arn: ${costAnomalyUpdates.arn}\n policy: ${snsTopicPolicy.json}\n anomalyMonitor:\n type: aws:costexplorer:AnomalyMonitor\n name: anomaly_monitor\n properties:\n name: AWSServiceMonitor\n monitorType: DIMENSIONAL\n monitorDimension: SERVICE\n realtimeSubscription:\n type: aws:costexplorer:AnomalySubscription\n name: realtime_subscription\n properties:\n name: RealtimeAnomalySubscription\n frequency: IMMEDIATE\n monitorArnLists:\n - ${anomalyMonitor.arn}\n subscribers:\n - type: SNS\n address: ${costAnomalyUpdates.arn}\nvariables:\n snsTopicPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n policyId: __default_policy_ID\n statements:\n - sid: AWSAnomalyDetectionSNSPublishingPermissions\n actions:\n - SNS:Publish\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - costalerts.amazonaws.com\n resources:\n - ${costAnomalyUpdates.arn}\n - sid: __default_statement_ID\n actions:\n - SNS:Subscribe\n - SNS:SetTopicAttributes\n - SNS:RemovePermission\n - SNS:Receive\n - SNS:Publish\n - SNS:ListSubscriptionsByTopic\n - SNS:GetTopicAttributes\n - SNS:DeleteTopic\n - SNS:AddPermission\n conditions:\n - test: StringEquals\n variable: AWS:SourceOwner\n values:\n - ${[\"account-id\"]}\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '*'\n resources:\n - ${costAnomalyUpdates.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ce_anomaly_subscription` using the `id`. For example:\n\n```sh\n$ pulumi import aws:costexplorer/anomalySubscription:AnomalySubscription example AnomalySubscriptionARN\n```\n", + "description": "Provides a CE Anomaly Subscription.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalyMonitor(\"test\", {\n name: \"AWSServiceMonitor\",\n monitorType: \"DIMENSIONAL\",\n monitorDimension: \"SERVICE\",\n});\nconst testAnomalySubscription = new aws.costexplorer.AnomalySubscription(\"test\", {\n name: \"DAILYSUBSCRIPTION\",\n frequency: \"DAILY\",\n monitorArnLists: [test.arn],\n subscribers: [{\n type: \"EMAIL\",\n address: \"abc@example.com\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalyMonitor(\"test\",\n name=\"AWSServiceMonitor\",\n monitor_type=\"DIMENSIONAL\",\n monitor_dimension=\"SERVICE\")\ntest_anomaly_subscription = aws.costexplorer.AnomalySubscription(\"test\",\n name=\"DAILYSUBSCRIPTION\",\n frequency=\"DAILY\",\n monitor_arn_lists=[test.arn],\n subscribers=[aws.costexplorer.AnomalySubscriptionSubscriberArgs(\n type=\"EMAIL\",\n address=\"abc@example.com\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalyMonitor(\"test\", new()\n {\n Name = \"AWSServiceMonitor\",\n MonitorType = \"DIMENSIONAL\",\n MonitorDimension = \"SERVICE\",\n });\n\n var testAnomalySubscription = new Aws.CostExplorer.AnomalySubscription(\"test\", new()\n {\n Name = \"DAILYSUBSCRIPTION\",\n Frequency = \"DAILY\",\n MonitorArnLists = new[]\n {\n test.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"EMAIL\",\n Address = \"abc@example.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := costexplorer.NewAnomalyMonitor(ctx, \"test\", \u0026costexplorer.AnomalyMonitorArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tMonitorType: pulumi.String(\"DIMENSIONAL\"),\n\t\t\tMonitorDimension: pulumi.String(\"SERVICE\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = costexplorer.NewAnomalySubscription(ctx, \"test\", \u0026costexplorer.AnomalySubscriptionArgs{\n\t\t\tName: pulumi.String(\"DAILYSUBSCRIPTION\"),\n\t\t\tFrequency: pulumi.String(\"DAILY\"),\n\t\t\tMonitorArnLists: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t},\n\t\t\tSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\t\t\t\t\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\n\t\t\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t\t\t\tAddress: pulumi.String(\"abc@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalyMonitor(\"test\", AnomalyMonitorArgs.builder() \n .name(\"AWSServiceMonitor\")\n .monitorType(\"DIMENSIONAL\")\n .monitorDimension(\"SERVICE\")\n .build());\n\n var testAnomalySubscription = new AnomalySubscription(\"testAnomalySubscription\", AnomalySubscriptionArgs.builder() \n .name(\"DAILYSUBSCRIPTION\")\n .frequency(\"DAILY\")\n .monitorArnLists(test.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"EMAIL\")\n .address(\"abc@example.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalyMonitor\n properties:\n name: AWSServiceMonitor\n monitorType: DIMENSIONAL\n monitorDimension: SERVICE\n testAnomalySubscription:\n type: aws:costexplorer:AnomalySubscription\n name: test\n properties:\n name: DAILYSUBSCRIPTION\n frequency: DAILY\n monitorArnLists:\n - ${test.arn}\n subscribers:\n - type: EMAIL\n address: abc@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Threshold Expression Example\n\n### For a Specific Dimension\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalySubscription(\"test\", {\n name: \"AWSServiceMonitor\",\n frequency: \"DAILY\",\n monitorArnLists: [testAwsCeAnomalyMonitor.arn],\n subscribers: [{\n type: \"EMAIL\",\n address: \"abc@example.com\",\n }],\n thresholdExpression: {\n dimension: {\n key: \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n values: [\"100.0\"],\n matchOptions: [\"GREATER_THAN_OR_EQUAL\"],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalySubscription(\"test\",\n name=\"AWSServiceMonitor\",\n frequency=\"DAILY\",\n monitor_arn_lists=[test_aws_ce_anomaly_monitor[\"arn\"]],\n subscribers=[aws.costexplorer.AnomalySubscriptionSubscriberArgs(\n type=\"EMAIL\",\n address=\"abc@example.com\",\n )],\n threshold_expression=aws.costexplorer.AnomalySubscriptionThresholdExpressionArgs(\n dimension=aws.costexplorer.AnomalySubscriptionThresholdExpressionDimensionArgs(\n key=\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n values=[\"100.0\"],\n match_options=[\"GREATER_THAN_OR_EQUAL\"],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalySubscription(\"test\", new()\n {\n Name = \"AWSServiceMonitor\",\n Frequency = \"DAILY\",\n MonitorArnLists = new[]\n {\n testAwsCeAnomalyMonitor.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"EMAIL\",\n Address = \"abc@example.com\",\n },\n },\n ThresholdExpression = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionDimensionArgs\n {\n Key = \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n Values = new[]\n {\n \"100.0\",\n },\n MatchOptions = new[]\n {\n \"GREATER_THAN_OR_EQUAL\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewAnomalySubscription(ctx, \"test\", \u0026costexplorer.AnomalySubscriptionArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tFrequency: pulumi.String(\"DAILY\"),\n\t\t\tMonitorArnLists: pulumi.StringArray{\n\t\t\t\ttestAwsCeAnomalyMonitor.Arn,\n\t\t\t},\n\t\t\tSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\t\t\t\t\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\n\t\t\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t\t\t\tAddress: pulumi.String(\"abc@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tThresholdExpression: \u0026costexplorer.AnomalySubscriptionThresholdExpressionArgs{\n\t\t\t\tDimension: \u0026costexplorer.AnomalySubscriptionThresholdExpressionDimensionArgs{\n\t\t\t\t\tKey: pulumi.String(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\"),\n\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"100.0\"),\n\t\t\t\t\t},\n\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"GREATER_THAN_OR_EQUAL\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionDimensionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalySubscription(\"test\", AnomalySubscriptionArgs.builder() \n .name(\"AWSServiceMonitor\")\n .frequency(\"DAILY\")\n .monitorArnLists(testAwsCeAnomalyMonitor.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"EMAIL\")\n .address(\"abc@example.com\")\n .build())\n .thresholdExpression(AnomalySubscriptionThresholdExpressionArgs.builder()\n .dimension(AnomalySubscriptionThresholdExpressionDimensionArgs.builder()\n .key(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\")\n .values(\"100.0\")\n .matchOptions(\"GREATER_THAN_OR_EQUAL\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalySubscription\n properties:\n name: AWSServiceMonitor\n frequency: DAILY\n monitorArnLists:\n - ${testAwsCeAnomalyMonitor.arn}\n subscribers:\n - type: EMAIL\n address: abc@example.com\n thresholdExpression:\n dimension:\n key: ANOMALY_TOTAL_IMPACT_ABSOLUTE\n values:\n - '100.0'\n matchOptions:\n - GREATER_THAN_OR_EQUAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using an `and` Expression\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.costexplorer.AnomalySubscription(\"test\", {\n name: \"AWSServiceMonitor\",\n frequency: \"DAILY\",\n monitorArnLists: [testAwsCeAnomalyMonitor.arn],\n subscribers: [{\n type: \"EMAIL\",\n address: \"abc@example.com\",\n }],\n thresholdExpression: {\n ands: [\n {\n dimension: {\n key: \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n matchOptions: [\"GREATER_THAN_OR_EQUAL\"],\n values: [\"100\"],\n },\n },\n {\n dimension: {\n key: \"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n matchOptions: [\"GREATER_THAN_OR_EQUAL\"],\n values: [\"50\"],\n },\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.costexplorer.AnomalySubscription(\"test\",\n name=\"AWSServiceMonitor\",\n frequency=\"DAILY\",\n monitor_arn_lists=[test_aws_ce_anomaly_monitor[\"arn\"]],\n subscribers=[aws.costexplorer.AnomalySubscriptionSubscriberArgs(\n type=\"EMAIL\",\n address=\"abc@example.com\",\n )],\n threshold_expression=aws.costexplorer.AnomalySubscriptionThresholdExpressionArgs(\n ands=[\n aws.costexplorer.AnomalySubscriptionThresholdExpressionAndArgs(\n dimension=aws.costexplorer.AnomalySubscriptionThresholdExpressionAndDimensionArgs(\n key=\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n match_options=[\"GREATER_THAN_OR_EQUAL\"],\n values=[\"100\"],\n ),\n ),\n aws.costexplorer.AnomalySubscriptionThresholdExpressionAndArgs(\n dimension=aws.costexplorer.AnomalySubscriptionThresholdExpressionAndDimensionArgs(\n key=\"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n match_options=[\"GREATER_THAN_OR_EQUAL\"],\n values=[\"50\"],\n ),\n ),\n ],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.CostExplorer.AnomalySubscription(\"test\", new()\n {\n Name = \"AWSServiceMonitor\",\n Frequency = \"DAILY\",\n MonitorArnLists = new[]\n {\n testAwsCeAnomalyMonitor.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"EMAIL\",\n Address = \"abc@example.com\",\n },\n },\n ThresholdExpression = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionArgs\n {\n Ands = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndDimensionArgs\n {\n Key = \"ANOMALY_TOTAL_IMPACT_ABSOLUTE\",\n MatchOptions = new[]\n {\n \"GREATER_THAN_OR_EQUAL\",\n },\n Values = new[]\n {\n \"100\",\n },\n },\n },\n new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndArgs\n {\n Dimension = new Aws.CostExplorer.Inputs.AnomalySubscriptionThresholdExpressionAndDimensionArgs\n {\n Key = \"ANOMALY_TOTAL_IMPACT_PERCENTAGE\",\n MatchOptions = new[]\n {\n \"GREATER_THAN_OR_EQUAL\",\n },\n Values = new[]\n {\n \"50\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := costexplorer.NewAnomalySubscription(ctx, \"test\", \u0026costexplorer.AnomalySubscriptionArgs{\n\t\t\tName: pulumi.String(\"AWSServiceMonitor\"),\n\t\t\tFrequency: pulumi.String(\"DAILY\"),\n\t\t\tMonitorArnLists: pulumi.StringArray{\n\t\t\t\ttestAwsCeAnomalyMonitor.Arn,\n\t\t\t},\n\t\t\tSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\t\t\t\t\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\n\t\t\t\t\tType: pulumi.String(\"EMAIL\"),\n\t\t\t\t\tAddress: pulumi.String(\"abc@example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tThresholdExpression: \u0026costexplorer.AnomalySubscriptionThresholdExpressionArgs{\n\t\t\t\tAnds: costexplorer.AnomalySubscriptionThresholdExpressionAndArray{\n\t\t\t\t\t\u0026costexplorer.AnomalySubscriptionThresholdExpressionAndArgs{\n\t\t\t\t\t\tDimension: \u0026costexplorer.AnomalySubscriptionThresholdExpressionAndDimensionArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\"),\n\t\t\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"GREATER_THAN_OR_EQUAL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"100\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026costexplorer.AnomalySubscriptionThresholdExpressionAndArgs{\n\t\t\t\t\t\tDimension: \u0026costexplorer.AnomalySubscriptionThresholdExpressionAndDimensionArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"ANOMALY_TOTAL_IMPACT_PERCENTAGE\"),\n\t\t\t\t\t\t\tMatchOptions: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"GREATER_THAN_OR_EQUAL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"50\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionThresholdExpressionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new AnomalySubscription(\"test\", AnomalySubscriptionArgs.builder() \n .name(\"AWSServiceMonitor\")\n .frequency(\"DAILY\")\n .monitorArnLists(testAwsCeAnomalyMonitor.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"EMAIL\")\n .address(\"abc@example.com\")\n .build())\n .thresholdExpression(AnomalySubscriptionThresholdExpressionArgs.builder()\n .ands( \n AnomalySubscriptionThresholdExpressionAndArgs.builder()\n .dimension(AnomalySubscriptionThresholdExpressionAndDimensionArgs.builder()\n .key(\"ANOMALY_TOTAL_IMPACT_ABSOLUTE\")\n .matchOptions(\"GREATER_THAN_OR_EQUAL\")\n .values(\"100\")\n .build())\n .build(),\n AnomalySubscriptionThresholdExpressionAndArgs.builder()\n .dimension(AnomalySubscriptionThresholdExpressionAndDimensionArgs.builder()\n .key(\"ANOMALY_TOTAL_IMPACT_PERCENTAGE\")\n .matchOptions(\"GREATER_THAN_OR_EQUAL\")\n .values(\"50\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:costexplorer:AnomalySubscription\n properties:\n name: AWSServiceMonitor\n frequency: DAILY\n monitorArnLists:\n - ${testAwsCeAnomalyMonitor.arn}\n subscribers:\n - type: EMAIL\n address: abc@example.com\n thresholdExpression:\n ands:\n - dimension:\n key: ANOMALY_TOTAL_IMPACT_ABSOLUTE\n matchOptions:\n - GREATER_THAN_OR_EQUAL\n values:\n - '100'\n - dimension:\n key: ANOMALY_TOTAL_IMPACT_PERCENTAGE\n matchOptions:\n - GREATER_THAN_OR_EQUAL\n values:\n - '50'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SNS Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst costAnomalyUpdates = new aws.sns.Topic(\"cost_anomaly_updates\", {name: \"CostAnomalyUpdates\"});\nconst snsTopicPolicy = pulumi.all([costAnomalyUpdates.arn, costAnomalyUpdates.arn]).apply(([costAnomalyUpdatesArn, costAnomalyUpdatesArn1]) =\u003e aws.iam.getPolicyDocumentOutput({\n policyId: \"__default_policy_ID\",\n statements: [\n {\n sid: \"AWSAnomalyDetectionSNSPublishingPermissions\",\n actions: [\"SNS:Publish\"],\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"costalerts.amazonaws.com\"],\n }],\n resources: [costAnomalyUpdatesArn],\n },\n {\n sid: \"__default_statement_ID\",\n actions: [\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n conditions: [{\n test: \"StringEquals\",\n variable: \"AWS:SourceOwner\",\n values: [account_id],\n }],\n effect: \"Allow\",\n principals: [{\n type: \"AWS\",\n identifiers: [\"*\"],\n }],\n resources: [costAnomalyUpdatesArn1],\n },\n ],\n}));\nconst _default = new aws.sns.TopicPolicy(\"default\", {\n arn: costAnomalyUpdates.arn,\n policy: snsTopicPolicy.apply(snsTopicPolicy =\u003e snsTopicPolicy.json),\n});\nconst anomalyMonitor = new aws.costexplorer.AnomalyMonitor(\"anomaly_monitor\", {\n name: \"AWSServiceMonitor\",\n monitorType: \"DIMENSIONAL\",\n monitorDimension: \"SERVICE\",\n});\nconst realtimeSubscription = new aws.costexplorer.AnomalySubscription(\"realtime_subscription\", {\n name: \"RealtimeAnomalySubscription\",\n frequency: \"IMMEDIATE\",\n monitorArnLists: [anomalyMonitor.arn],\n subscribers: [{\n type: \"SNS\",\n address: costAnomalyUpdates.arn,\n }],\n}, {\n dependsOn: [_default],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncost_anomaly_updates = aws.sns.Topic(\"cost_anomaly_updates\", name=\"CostAnomalyUpdates\")\nsns_topic_policy = pulumi.Output.all(cost_anomaly_updates.arn, cost_anomaly_updates.arn).apply(lambda costAnomalyUpdatesArn, costAnomalyUpdatesArn1: aws.iam.get_policy_document_output(policy_id=\"__default_policy_ID\",\n statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"AWSAnomalyDetectionSNSPublishingPermissions\",\n actions=[\"SNS:Publish\"],\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"costalerts.amazonaws.com\"],\n )],\n resources=[cost_anomaly_updates_arn],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"__default_statement_ID\",\n actions=[\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n ],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"StringEquals\",\n variable=\"AWS:SourceOwner\",\n values=[account_id],\n )],\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"AWS\",\n identifiers=[\"*\"],\n )],\n resources=[cost_anomaly_updates_arn1],\n ),\n ]))\ndefault = aws.sns.TopicPolicy(\"default\",\n arn=cost_anomaly_updates.arn,\n policy=sns_topic_policy.json)\nanomaly_monitor = aws.costexplorer.AnomalyMonitor(\"anomaly_monitor\",\n name=\"AWSServiceMonitor\",\n monitor_type=\"DIMENSIONAL\",\n monitor_dimension=\"SERVICE\")\nrealtime_subscription = aws.costexplorer.AnomalySubscription(\"realtime_subscription\",\n name=\"RealtimeAnomalySubscription\",\n frequency=\"IMMEDIATE\",\n monitor_arn_lists=[anomaly_monitor.arn],\n subscribers=[aws.costexplorer.AnomalySubscriptionSubscriberArgs(\n type=\"SNS\",\n address=cost_anomaly_updates.arn,\n )],\n opts=pulumi.ResourceOptions(depends_on=[default]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var costAnomalyUpdates = new Aws.Sns.Topic(\"cost_anomaly_updates\", new()\n {\n Name = \"CostAnomalyUpdates\",\n });\n\n var snsTopicPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n PolicyId = \"__default_policy_ID\",\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSAnomalyDetectionSNSPublishingPermissions\",\n Actions = new[]\n {\n \"SNS:Publish\",\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"costalerts.amazonaws.com\",\n },\n },\n },\n Resources = new[]\n {\n costAnomalyUpdates.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"__default_statement_ID\",\n Actions = new[]\n {\n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = \"AWS:SourceOwner\",\n Values = new[]\n {\n account_id,\n },\n },\n },\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Resources = new[]\n {\n costAnomalyUpdates.Arn,\n },\n },\n },\n });\n\n var @default = new Aws.Sns.TopicPolicy(\"default\", new()\n {\n Arn = costAnomalyUpdates.Arn,\n Policy = snsTopicPolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var anomalyMonitor = new Aws.CostExplorer.AnomalyMonitor(\"anomaly_monitor\", new()\n {\n Name = \"AWSServiceMonitor\",\n MonitorType = \"DIMENSIONAL\",\n MonitorDimension = \"SERVICE\",\n });\n\n var realtimeSubscription = new Aws.CostExplorer.AnomalySubscription(\"realtime_subscription\", new()\n {\n Name = \"RealtimeAnomalySubscription\",\n Frequency = \"IMMEDIATE\",\n MonitorArnLists = new[]\n {\n anomalyMonitor.Arn,\n },\n Subscribers = new[]\n {\n new Aws.CostExplorer.Inputs.AnomalySubscriptionSubscriberArgs\n {\n Type = \"SNS\",\n Address = costAnomalyUpdates.Arn,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n @default, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/costexplorer\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncostAnomalyUpdates, err := sns.NewTopic(ctx, \"cost_anomaly_updates\", \u0026sns.TopicArgs{\nName: pulumi.String(\"CostAnomalyUpdates\"),\n})\nif err != nil {\nreturn err\n}\nsnsTopicPolicy := pulumi.All(costAnomalyUpdates.Arn,costAnomalyUpdates.Arn).ApplyT(func(_args []interface{}) (iam.GetPolicyDocumentResult, error) {\ncostAnomalyUpdatesArn := _args[0].(string)\ncostAnomalyUpdatesArn1 := _args[1].(string)\nreturn iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\nPolicyId: \"__default_policy_ID\",\nStatements: []iam.GetPolicyDocumentStatement{\n{\nSid: \"AWSAnomalyDetectionSNSPublishingPermissions\",\nActions: []string{\n\"SNS:Publish\",\n},\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"Service\",\nIdentifiers: []string{\n\"costalerts.amazonaws.com\",\n},\n},\n},\nResources: interface{}{\ncostAnomalyUpdatesArn,\n},\n},\n{\nSid: \"__default_statement_ID\",\nActions: []string{\n\"SNS:Subscribe\",\n\"SNS:SetTopicAttributes\",\n\"SNS:RemovePermission\",\n\"SNS:Receive\",\n\"SNS:Publish\",\n\"SNS:ListSubscriptionsByTopic\",\n\"SNS:GetTopicAttributes\",\n\"SNS:DeleteTopic\",\n\"SNS:AddPermission\",\n},\nConditions: []iam.GetPolicyDocumentStatementCondition{\n{\nTest: \"StringEquals\",\nVariable: \"AWS:SourceOwner\",\nValues: interface{}{\naccount_id,\n},\n},\n},\nEffect: \"Allow\",\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"AWS\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nResources: interface{}{\ncostAnomalyUpdatesArn1,\n},\n},\n},\n}, nil), nil\n}).(iam.GetPolicyDocumentResultOutput)\n_, err = sns.NewTopicPolicy(ctx, \"default\", \u0026sns.TopicPolicyArgs{\nArn: costAnomalyUpdates.Arn,\nPolicy: snsTopicPolicy.ApplyT(func(snsTopicPolicy iam.GetPolicyDocumentResult) (*string, error) {\nreturn \u0026snsTopicPolicy.Json, nil\n}).(pulumi.StringPtrOutput),\n})\nif err != nil {\nreturn err\n}\nanomalyMonitor, err := costexplorer.NewAnomalyMonitor(ctx, \"anomaly_monitor\", \u0026costexplorer.AnomalyMonitorArgs{\nName: pulumi.String(\"AWSServiceMonitor\"),\nMonitorType: pulumi.String(\"DIMENSIONAL\"),\nMonitorDimension: pulumi.String(\"SERVICE\"),\n})\nif err != nil {\nreturn err\n}\n_, err = costexplorer.NewAnomalySubscription(ctx, \"realtime_subscription\", \u0026costexplorer.AnomalySubscriptionArgs{\nName: pulumi.String(\"RealtimeAnomalySubscription\"),\nFrequency: pulumi.String(\"IMMEDIATE\"),\nMonitorArnLists: pulumi.StringArray{\nanomalyMonitor.Arn,\n},\nSubscribers: costexplorer.AnomalySubscriptionSubscriberArray{\n\u0026costexplorer.AnomalySubscriptionSubscriberArgs{\nType: pulumi.String(\"SNS\"),\nAddress: costAnomalyUpdates.Arn,\n},\n},\n}, pulumi.DependsOn([]pulumi.Resource{\n_default,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.TopicPolicy;\nimport com.pulumi.aws.sns.TopicPolicyArgs;\nimport com.pulumi.aws.costexplorer.AnomalyMonitor;\nimport com.pulumi.aws.costexplorer.AnomalyMonitorArgs;\nimport com.pulumi.aws.costexplorer.AnomalySubscription;\nimport com.pulumi.aws.costexplorer.AnomalySubscriptionArgs;\nimport com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var costAnomalyUpdates = new Topic(\"costAnomalyUpdates\", TopicArgs.builder() \n .name(\"CostAnomalyUpdates\")\n .build());\n\n final var snsTopicPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .policyId(\"__default_policy_ID\")\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSAnomalyDetectionSNSPublishingPermissions\")\n .actions(\"SNS:Publish\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"costalerts.amazonaws.com\")\n .build())\n .resources(costAnomalyUpdates.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"__default_statement_ID\")\n .actions( \n \"SNS:Subscribe\",\n \"SNS:SetTopicAttributes\",\n \"SNS:RemovePermission\",\n \"SNS:Receive\",\n \"SNS:Publish\",\n \"SNS:ListSubscriptionsByTopic\",\n \"SNS:GetTopicAttributes\",\n \"SNS:DeleteTopic\",\n \"SNS:AddPermission\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(\"AWS:SourceOwner\")\n .values(account_id)\n .build())\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(\"*\")\n .build())\n .resources(costAnomalyUpdates.arn())\n .build())\n .build());\n\n var default_ = new TopicPolicy(\"default\", TopicPolicyArgs.builder() \n .arn(costAnomalyUpdates.arn())\n .policy(snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(snsTopicPolicy -\u003e snsTopicPolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var anomalyMonitor = new AnomalyMonitor(\"anomalyMonitor\", AnomalyMonitorArgs.builder() \n .name(\"AWSServiceMonitor\")\n .monitorType(\"DIMENSIONAL\")\n .monitorDimension(\"SERVICE\")\n .build());\n\n var realtimeSubscription = new AnomalySubscription(\"realtimeSubscription\", AnomalySubscriptionArgs.builder() \n .name(\"RealtimeAnomalySubscription\")\n .frequency(\"IMMEDIATE\")\n .monitorArnLists(anomalyMonitor.arn())\n .subscribers(AnomalySubscriptionSubscriberArgs.builder()\n .type(\"SNS\")\n .address(costAnomalyUpdates.arn())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(default_)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n costAnomalyUpdates:\n type: aws:sns:Topic\n name: cost_anomaly_updates\n properties:\n name: CostAnomalyUpdates\n default:\n type: aws:sns:TopicPolicy\n properties:\n arn: ${costAnomalyUpdates.arn}\n policy: ${snsTopicPolicy.json}\n anomalyMonitor:\n type: aws:costexplorer:AnomalyMonitor\n name: anomaly_monitor\n properties:\n name: AWSServiceMonitor\n monitorType: DIMENSIONAL\n monitorDimension: SERVICE\n realtimeSubscription:\n type: aws:costexplorer:AnomalySubscription\n name: realtime_subscription\n properties:\n name: RealtimeAnomalySubscription\n frequency: IMMEDIATE\n monitorArnLists:\n - ${anomalyMonitor.arn}\n subscribers:\n - type: SNS\n address: ${costAnomalyUpdates.arn}\n options:\n dependson:\n - ${default}\nvariables:\n snsTopicPolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n policyId: __default_policy_ID\n statements:\n - sid: AWSAnomalyDetectionSNSPublishingPermissions\n actions:\n - SNS:Publish\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - costalerts.amazonaws.com\n resources:\n - ${costAnomalyUpdates.arn}\n - sid: __default_statement_ID\n actions:\n - SNS:Subscribe\n - SNS:SetTopicAttributes\n - SNS:RemovePermission\n - SNS:Receive\n - SNS:Publish\n - SNS:ListSubscriptionsByTopic\n - SNS:GetTopicAttributes\n - SNS:DeleteTopic\n - SNS:AddPermission\n conditions:\n - test: StringEquals\n variable: AWS:SourceOwner\n values:\n - ${[\"account-id\"]}\n effect: Allow\n principals:\n - type: AWS\n identifiers:\n - '*'\n resources:\n - ${costAnomalyUpdates.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_ce_anomaly_subscription` using the `id`. For example:\n\n```sh\n$ pulumi import aws:costexplorer/anomalySubscription:AnomalySubscription example AnomalySubscriptionARN\n```\n", "properties": { "accountId": { "type": "string", @@ -195584,7 +195584,7 @@ } }, "aws:customerprofiles/domain:Domain": { - "description": "Resource for managing an Amazon Customer Profiles Domain.\nSee the [Create Domain](https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateDomain.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.customerprofiles.Domain(\"example\", {domainName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.customerprofiles.Domain(\"example\", domain_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CustomerProfiles.Domain(\"example\", new()\n {\n DomainName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/customerprofiles\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := customerprofiles.NewDomain(ctx, \"example\", \u0026customerprofiles.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.customerprofiles.Domain;\nimport com.pulumi.aws.customerprofiles.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:customerprofiles:Domain\n properties:\n domainName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With SQS DLQ and KMS set\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sqs.Queue(\"example\", {\n name: \"example\",\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n sid: \"Customer Profiles SQS policy\",\n effect: \"Allow\",\n action: [\"sqs:SendMessage\"],\n resource: \"*\",\n principal: {\n service: \"profile.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleKey = new aws.kms.Key(\"example\", {\n description: \"example\",\n deletionWindowInDays: 10,\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: exampleBucketV2.id,\n policy: pulumi.jsonStringify({\n version: \"2012-10-17\",\n statement: [{\n sid: \"Customer Profiles S3 policy\",\n effect: \"Allow\",\n action: [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:ListBucket\",\n ],\n resource: [\n exampleBucketV2.arn,\n pulumi.interpolate`${exampleBucketV2.arn}/*`,\n ],\n principal: {\n service: \"profile.amazonaws.com\",\n },\n }],\n }),\n});\nconst test = new aws.customerprofiles.Domain(\"test\", {\n domainName: example,\n deadLetterQueueUrl: example.id,\n defaultEncryptionKey: exampleKey.arn,\n defaultExpirationDays: 365,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sqs.Queue(\"example\",\n name=\"example\",\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"sid\": \"Customer Profiles SQS policy\",\n \"effect\": \"Allow\",\n \"action\": [\"sqs:SendMessage\"],\n \"resource\": \"*\",\n \"principal\": {\n \"service\": \"profile.amazonaws.com\",\n },\n }],\n }))\nexample_key = aws.kms.Key(\"example\",\n description=\"example\",\n deletion_window_in_days=10)\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"example\",\n force_destroy=True)\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example_bucket_v2.id,\n policy=pulumi.Output.json_dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"sid\": \"Customer Profiles S3 policy\",\n \"effect\": \"Allow\",\n \"action\": [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:ListBucket\",\n ],\n \"resource\": [\n example_bucket_v2.arn,\n example_bucket_v2.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n \"principal\": {\n \"service\": \"profile.amazonaws.com\",\n },\n }],\n }))\ntest = aws.customerprofiles.Domain(\"test\",\n domain_name=example,\n dead_letter_queue_url=example.id,\n default_encryption_key=example_key.arn,\n default_expiration_days=365)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sqs.Queue(\"example\", new()\n {\n Name = \"example\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"sid\"] = \"Customer Profiles SQS policy\",\n [\"effect\"] = \"Allow\",\n [\"action\"] = new[]\n {\n \"sqs:SendMessage\",\n },\n [\"resource\"] = \"*\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"profile.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"example\",\n DeletionWindowInDays = 10,\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"sid\"] = \"Customer Profiles S3 policy\",\n [\"effect\"] = \"Allow\",\n [\"action\"] = new[]\n {\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:ListBucket\",\n },\n [\"resource\"] = new[]\n {\n exampleBucketV2.Arn,\n exampleBucketV2.Arn.Apply(arn =\u003e $\"{arn}/*\"),\n },\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"profile.amazonaws.com\",\n },\n },\n },\n })),\n });\n\n var test = new Aws.CustomerProfiles.Domain(\"test\", new()\n {\n DomainName = example,\n DeadLetterQueueUrl = example.Id,\n DefaultEncryptionKey = exampleKey.Arn,\n DefaultExpirationDays = 365,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/customerprofiles\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"sid\": \"Customer Profiles SQS policy\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"sqs:SendMessage\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"profile.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := sqs.NewQueue(ctx, \"example\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tPolicy: pulumi.All(exampleBucketV2.Arn, exampleBucketV2.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\texampleBucketV2Arn := _args[0].(string)\n\t\t\t\texampleBucketV2Arn1 := _args[1].(string)\n\t\t\t\tvar _zero string\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"sid\": \"Customer Profiles S3 policy\",\n\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t\t\t\t\"s3:PutObject\",\n\t\t\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\texampleBucketV2Arn,\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"%v/*\", exampleBucketV2Arn1),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"service\": \"profile.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn json1, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = customerprofiles.NewDomain(ctx, \"test\", \u0026customerprofiles.DomainArgs{\n\t\t\tDomainName: example,\n\t\t\tDeadLetterQueueUrl: example.ID(),\n\t\t\tDefaultEncryptionKey: exampleKey.Arn,\n\t\t\tDefaultExpirationDays: pulumi.Int(365),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.customerprofiles.Domain;\nimport com.pulumi.aws.customerprofiles.DomainArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Queue(\"example\", QueueArgs.builder() \n .name(\"example\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"sid\", \"Customer Profiles SQS policy\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"action\", jsonArray(\"sqs:SendMessage\")),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"profile.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder() \n .description(\"example\")\n .deletionWindowInDays(10)\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder() \n .bucket(exampleBucketV2.id())\n .policy(Output.tuple(exampleBucketV2.arn(), exampleBucketV2.arn()).applyValue(values -\u003e {\n var exampleBucketV2Arn = values.t1;\n var exampleBucketV2Arn1 = values.t2;\n return serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"sid\", \"Customer Profiles S3 policy\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"action\", jsonArray(\n \"s3:GetObject\", \n \"s3:PutObject\", \n \"s3:ListBucket\"\n )),\n jsonProperty(\"resource\", jsonArray(\n exampleBucketV2Arn, \n String.format(\"%s/*\", exampleBucketV2Arn1)\n )),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"profile.amazonaws.com\")\n ))\n )))\n ));\n }))\n .build());\n\n var test = new Domain(\"test\", DomainArgs.builder() \n .domainName(example)\n .deadLetterQueueUrl(example.id())\n .defaultEncryptionKey(exampleKey.arn())\n .defaultExpirationDays(365)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sqs:Queue\n properties:\n name: example\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - sid: Customer Profiles SQS policy\n effect: Allow\n action:\n - sqs:SendMessage\n resource: '*'\n principal:\n service: profile.amazonaws.com\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n description: example\n deletionWindowInDays: 10\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - sid: Customer Profiles S3 policy\n effect: Allow\n action:\n - s3:GetObject\n - s3:PutObject\n - s3:ListBucket\n resource:\n - ${exampleBucketV2.arn}\n - ${exampleBucketV2.arn}/*\n principal:\n service: profile.amazonaws.com\n test:\n type: aws:customerprofiles:Domain\n properties:\n domainName: ${example}\n deadLetterQueueUrl: ${example.id}\n defaultEncryptionKey: ${exampleKey.arn}\n defaultExpirationDays: 365\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Customer Profiles Domain using the resource `id`. For example:\n\n```sh\n$ pulumi import aws:customerprofiles/domain:Domain example e6f777be-22d0-4b40-b307-5d2720ef16b2\n```\n", + "description": "Resource for managing an Amazon Customer Profiles Domain.\nSee the [Create Domain](https://docs.aws.amazon.com/customerprofiles/latest/APIReference/API_CreateDomain.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.customerprofiles.Domain(\"example\", {domainName: \"example\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.customerprofiles.Domain(\"example\", domain_name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.CustomerProfiles.Domain(\"example\", new()\n {\n DomainName = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/customerprofiles\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := customerprofiles.NewDomain(ctx, \"example\", \u0026customerprofiles.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.customerprofiles.Domain;\nimport com.pulumi.aws.customerprofiles.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:customerprofiles:Domain\n properties:\n domainName: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With SQS DLQ and KMS set\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sqs.Queue(\"example\", {\n name: \"example\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"Customer Profiles SQS policy\",\n Effect: \"Allow\",\n Action: [\"sqs:SendMessage\"],\n Resource: \"*\",\n Principal: {\n Service: \"profile.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleKey = new aws.kms.Key(\"example\", {\n description: \"example\",\n deletionWindowInDays: 10,\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst exampleBucketPolicy = new aws.s3.BucketPolicy(\"example\", {\n bucket: exampleBucketV2.id,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"Customer Profiles S3 policy\",\n Effect: \"Allow\",\n Action: [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:ListBucket\",\n ],\n Resource: [\n exampleBucketV2.arn,\n pulumi.interpolate`${exampleBucketV2.arn}/*`,\n ],\n Principal: {\n Service: \"profile.amazonaws.com\",\n },\n }],\n }),\n});\nconst test = new aws.customerprofiles.Domain(\"test\", {\n domainName: example,\n deadLetterQueueUrl: example.id,\n defaultEncryptionKey: exampleKey.arn,\n defaultExpirationDays: 365,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sqs.Queue(\"example\",\n name=\"example\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"Customer Profiles SQS policy\",\n \"Effect\": \"Allow\",\n \"Action\": [\"sqs:SendMessage\"],\n \"Resource\": \"*\",\n \"Principal\": {\n \"Service\": \"profile.amazonaws.com\",\n },\n }],\n }))\nexample_key = aws.kms.Key(\"example\",\n description=\"example\",\n deletion_window_in_days=10)\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"example\",\n force_destroy=True)\nexample_bucket_policy = aws.s3.BucketPolicy(\"example\",\n bucket=example_bucket_v2.id,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"Customer Profiles S3 policy\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:ListBucket\",\n ],\n \"Resource\": [\n example_bucket_v2.arn,\n example_bucket_v2.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n \"Principal\": {\n \"Service\": \"profile.amazonaws.com\",\n },\n }],\n }))\ntest = aws.customerprofiles.Domain(\"test\",\n domain_name=example,\n dead_letter_queue_url=example.id,\n default_encryption_key=example_key.arn,\n default_expiration_days=365)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sqs.Queue(\"example\", new()\n {\n Name = \"example\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Customer Profiles SQS policy\",\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = new[]\n {\n \"sqs:SendMessage\",\n },\n [\"Resource\"] = \"*\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"profile.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"example\",\n DeletionWindowInDays = 10,\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var exampleBucketPolicy = new Aws.S3.BucketPolicy(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"Customer Profiles S3 policy\",\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = new[]\n {\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:ListBucket\",\n },\n [\"Resource\"] = new[]\n {\n exampleBucketV2.Arn,\n exampleBucketV2.Arn.Apply(arn =\u003e $\"{arn}/*\"),\n },\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"profile.amazonaws.com\",\n },\n },\n },\n })),\n });\n\n var test = new Aws.CustomerProfiles.Domain(\"test\", new()\n {\n DomainName = example,\n DeadLetterQueueUrl = example.Id,\n DefaultEncryptionKey = exampleKey.Arn,\n DefaultExpirationDays = 365,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/customerprofiles\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"Customer Profiles SQS policy\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"sqs:SendMessage\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"profile.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := sqs.NewQueue(ctx, \"example\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPolicy(ctx, \"example\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tPolicy: pulumi.All(exampleBucketV2.Arn, exampleBucketV2.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\texampleBucketV2Arn := _args[0].(string)\n\t\t\t\texampleBucketV2Arn1 := _args[1].(string)\n\t\t\t\tvar _zero string\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Sid\": \"Customer Profiles S3 policy\",\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t\t\t\t\"s3:PutObject\",\n\t\t\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\texampleBucketV2Arn,\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"%v/*\", exampleBucketV2Arn1),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"Service\": \"profile.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn json1, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = customerprofiles.NewDomain(ctx, \"test\", \u0026customerprofiles.DomainArgs{\n\t\t\tDomainName: example,\n\t\t\tDeadLetterQueueUrl: example.ID(),\n\t\t\tDefaultEncryptionKey: exampleKey.Arn,\n\t\t\tDefaultExpirationDays: pulumi.Int(365),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.customerprofiles.Domain;\nimport com.pulumi.aws.customerprofiles.DomainArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Queue(\"example\", QueueArgs.builder() \n .name(\"example\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"Customer Profiles SQS policy\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", jsonArray(\"sqs:SendMessage\")),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"profile.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder() \n .description(\"example\")\n .deletionWindowInDays(10)\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n var exampleBucketPolicy = new BucketPolicy(\"exampleBucketPolicy\", BucketPolicyArgs.builder() \n .bucket(exampleBucketV2.id())\n .policy(Output.tuple(exampleBucketV2.arn(), exampleBucketV2.arn()).applyValue(values -\u003e {\n var exampleBucketV2Arn = values.t1;\n var exampleBucketV2Arn1 = values.t2;\n return serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"Customer Profiles S3 policy\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", jsonArray(\n \"s3:GetObject\", \n \"s3:PutObject\", \n \"s3:ListBucket\"\n )),\n jsonProperty(\"Resource\", jsonArray(\n exampleBucketV2Arn, \n String.format(\"%s/*\", exampleBucketV2Arn1)\n )),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"profile.amazonaws.com\")\n ))\n )))\n ));\n }))\n .build());\n\n var test = new Domain(\"test\", DomainArgs.builder() \n .domainName(example)\n .deadLetterQueueUrl(example.id())\n .defaultEncryptionKey(exampleKey.arn())\n .defaultExpirationDays(365)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sqs:Queue\n properties:\n name: example\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: Customer Profiles SQS policy\n Effect: Allow\n Action:\n - sqs:SendMessage\n Resource: '*'\n Principal:\n Service: profile.amazonaws.com\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n description: example\n deletionWindowInDays: 10\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketPolicy:\n type: aws:s3:BucketPolicy\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: Customer Profiles S3 policy\n Effect: Allow\n Action:\n - s3:GetObject\n - s3:PutObject\n - s3:ListBucket\n Resource:\n - ${exampleBucketV2.arn}\n - ${exampleBucketV2.arn}/*\n Principal:\n Service: profile.amazonaws.com\n test:\n type: aws:customerprofiles:Domain\n properties:\n domainName: ${example}\n deadLetterQueueUrl: ${example.id}\n defaultEncryptionKey: ${exampleKey.arn}\n defaultExpirationDays: 365\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Amazon Customer Profiles Domain using the resource `id`. For example:\n\n```sh\n$ pulumi import aws:customerprofiles/domain:Domain example e6f777be-22d0-4b40-b307-5d2720ef16b2\n```\n", "properties": { "arn": { "type": "string", @@ -199197,7 +199197,7 @@ } }, "aws:detective/invitationAccepter:InvitationAccepter": { - "description": "Provides a resource to manage an [Amazon Detective Invitation Accepter](https://docs.aws.amazon.com/detective/latest/APIReference/API_AcceptInvitation.html). Ensure that the accepter is configured to use the AWS account you wish to _accept_ the invitation from the primary graph owner account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.detective.Graph(\"primary\", {});\nconst primaryMember = new aws.detective.Member(\"primary\", {\n accountId: \"ACCOUNT ID\",\n emailAddress: \"EMAIL\",\n graphArn: primary.id,\n message: \"Message of the invite\",\n});\nconst member = new aws.detective.InvitationAccepter(\"member\", {graphArn: primary.graphArn});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.detective.Graph(\"primary\")\nprimary_member = aws.detective.Member(\"primary\",\n account_id=\"ACCOUNT ID\",\n email_address=\"EMAIL\",\n graph_arn=primary.id,\n message=\"Message of the invite\")\nmember = aws.detective.InvitationAccepter(\"member\", graph_arn=primary.graph_arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.Detective.Graph(\"primary\");\n\n var primaryMember = new Aws.Detective.Member(\"primary\", new()\n {\n AccountId = \"ACCOUNT ID\",\n EmailAddress = \"EMAIL\",\n GraphArn = primary.Id,\n Message = \"Message of the invite\",\n });\n\n var member = new Aws.Detective.InvitationAccepter(\"member\", new()\n {\n GraphArn = primary.GraphArn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/detective\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := detective.NewGraph(ctx, \"primary\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = detective.NewMember(ctx, \"primary\", \u0026detective.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"ACCOUNT ID\"),\n\t\t\tEmailAddress: pulumi.String(\"EMAIL\"),\n\t\t\tGraphArn: primary.ID(),\n\t\t\tMessage: pulumi.String(\"Message of the invite\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = detective.NewInvitationAccepter(ctx, \"member\", \u0026detective.InvitationAccepterArgs{\n\t\t\tGraphArn: primary.GraphArn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.detective.Graph;\nimport com.pulumi.aws.detective.Member;\nimport com.pulumi.aws.detective.MemberArgs;\nimport com.pulumi.aws.detective.InvitationAccepter;\nimport com.pulumi.aws.detective.InvitationAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Graph(\"primary\");\n\n var primaryMember = new Member(\"primaryMember\", MemberArgs.builder() \n .accountId(\"ACCOUNT ID\")\n .emailAddress(\"EMAIL\")\n .graphArn(primary.id())\n .message(\"Message of the invite\")\n .build());\n\n var member = new InvitationAccepter(\"member\", InvitationAccepterArgs.builder() \n .graphArn(primary.graphArn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:detective:Graph\n primaryMember:\n type: aws:detective:Member\n name: primary\n properties:\n accountId: ACCOUNT ID\n emailAddress: EMAIL\n graphArn: ${primary.id}\n message: Message of the invite\n member:\n type: aws:detective:InvitationAccepter\n properties:\n graphArn: ${primary.graphArn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_detective_invitation_accepter` using the graph ARN. For example:\n\n```sh\n$ pulumi import aws:detective/invitationAccepter:InvitationAccepter example arn:aws:detective:us-east-1:123456789101:graph:231684d34gh74g4bae1dbc7bd807d02d\n```\n", + "description": "Provides a resource to manage an [Amazon Detective Invitation Accepter](https://docs.aws.amazon.com/detective/latest/APIReference/API_AcceptInvitation.html). Ensure that the accepter is configured to use the AWS account you wish to _accept_ the invitation from the primary graph owner account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.detective.Graph(\"primary\", {});\nconst primaryMember = new aws.detective.Member(\"primary\", {\n accountId: \"ACCOUNT ID\",\n emailAddress: \"EMAIL\",\n graphArn: primary.id,\n message: \"Message of the invite\",\n});\nconst member = new aws.detective.InvitationAccepter(\"member\", {graphArn: primary.graphArn}, {\n dependsOn: [primaryMember],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.detective.Graph(\"primary\")\nprimary_member = aws.detective.Member(\"primary\",\n account_id=\"ACCOUNT ID\",\n email_address=\"EMAIL\",\n graph_arn=primary.id,\n message=\"Message of the invite\")\nmember = aws.detective.InvitationAccepter(\"member\", graph_arn=primary.graph_arn,\nopts=pulumi.ResourceOptions(depends_on=[primary_member]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.Detective.Graph(\"primary\");\n\n var primaryMember = new Aws.Detective.Member(\"primary\", new()\n {\n AccountId = \"ACCOUNT ID\",\n EmailAddress = \"EMAIL\",\n GraphArn = primary.Id,\n Message = \"Message of the invite\",\n });\n\n var member = new Aws.Detective.InvitationAccepter(\"member\", new()\n {\n GraphArn = primary.GraphArn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryMember, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/detective\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := detective.NewGraph(ctx, \"primary\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryMember, err := detective.NewMember(ctx, \"primary\", \u0026detective.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"ACCOUNT ID\"),\n\t\t\tEmailAddress: pulumi.String(\"EMAIL\"),\n\t\t\tGraphArn: primary.ID(),\n\t\t\tMessage: pulumi.String(\"Message of the invite\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = detective.NewInvitationAccepter(ctx, \"member\", \u0026detective.InvitationAccepterArgs{\n\t\t\tGraphArn: primary.GraphArn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryMember,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.detective.Graph;\nimport com.pulumi.aws.detective.Member;\nimport com.pulumi.aws.detective.MemberArgs;\nimport com.pulumi.aws.detective.InvitationAccepter;\nimport com.pulumi.aws.detective.InvitationAccepterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Graph(\"primary\");\n\n var primaryMember = new Member(\"primaryMember\", MemberArgs.builder() \n .accountId(\"ACCOUNT ID\")\n .emailAddress(\"EMAIL\")\n .graphArn(primary.id())\n .message(\"Message of the invite\")\n .build());\n\n var member = new InvitationAccepter(\"member\", InvitationAccepterArgs.builder() \n .graphArn(primary.graphArn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryMember)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:detective:Graph\n primaryMember:\n type: aws:detective:Member\n name: primary\n properties:\n accountId: ACCOUNT ID\n emailAddress: EMAIL\n graphArn: ${primary.id}\n message: Message of the invite\n member:\n type: aws:detective:InvitationAccepter\n properties:\n graphArn: ${primary.graphArn}\n options:\n dependson:\n - ${primaryMember}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_detective_invitation_accepter` using the graph ARN. For example:\n\n```sh\n$ pulumi import aws:detective/invitationAccepter:InvitationAccepter example arn:aws:detective:us-east-1:123456789101:graph:231684d34gh74g4bae1dbc7bd807d02d\n```\n", "properties": { "graphArn": { "type": "string", @@ -199375,7 +199375,7 @@ } }, "aws:detective/organizationAdminAccount:OrganizationAdminAccount": { - "description": "Manages a Detective Organization Admin Account. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in Detective can be found in the [Detective User Guide](https://docs.aws.amazon.com/detective/latest/adminguide/accounts-orgs-transition.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"detective.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationAdminAccount = new aws.detective.OrganizationAdminAccount(\"example\", {accountId: \"123456789012\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"detective.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_admin_account = aws.detective.OrganizationAdminAccount(\"example\", account_id=\"123456789012\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"detective.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationAdminAccount = new Aws.Detective.OrganizationAdminAccount(\"example\", new()\n {\n AccountId = \"123456789012\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/detective\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"detective.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = detective.NewOrganizationAdminAccount(ctx, \"example\", \u0026detective.OrganizationAdminAccountArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.detective.OrganizationAdminAccount;\nimport com.pulumi.aws.detective.OrganizationAdminAccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"detective.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder() \n .accountId(\"123456789012\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - detective.amazonaws.com\n featureSet: ALL\n exampleOrganizationAdminAccount:\n type: aws:detective:OrganizationAdminAccount\n name: example\n properties:\n accountId: '123456789012'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_detective_organization_admin_account` using `account_id`. For example:\n\n```sh\n$ pulumi import aws:detective/organizationAdminAccount:OrganizationAdminAccount example 123456789012\n```\n", + "description": "Manages a Detective Organization Admin Account. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in Detective can be found in the [Detective User Guide](https://docs.aws.amazon.com/detective/latest/adminguide/accounts-orgs-transition.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"detective.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationAdminAccount = new aws.detective.OrganizationAdminAccount(\"example\", {accountId: \"123456789012\"}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"detective.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_admin_account = aws.detective.OrganizationAdminAccount(\"example\", account_id=\"123456789012\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"detective.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationAdminAccount = new Aws.Detective.OrganizationAdminAccount(\"example\", new()\n {\n AccountId = \"123456789012\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/detective\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"detective.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = detective.NewOrganizationAdminAccount(ctx, \"example\", \u0026detective.OrganizationAdminAccountArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.detective.OrganizationAdminAccount;\nimport com.pulumi.aws.detective.OrganizationAdminAccountArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"detective.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder() \n .accountId(\"123456789012\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - detective.amazonaws.com\n featureSet: ALL\n exampleOrganizationAdminAccount:\n type: aws:detective:OrganizationAdminAccount\n name: example\n properties:\n accountId: '123456789012'\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_detective_organization_admin_account` using `account_id`. For example:\n\n```sh\n$ pulumi import aws:detective/organizationAdminAccount:OrganizationAdminAccount example 123456789012\n```\n", "properties": { "accountId": { "type": "string", @@ -201510,7 +201510,7 @@ } }, "aws:directconnect/hostedPrivateVirtualInterfaceAccepter:HostedPrivateVirtualInterfaceAccepter": { - "description": "Provides a resource to manage the accepter's side of a Direct Connect hosted private virtual interface.\nThis resource accepts ownership of a private virtual interface created by another AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst accepter = aws.getCallerIdentity({});\n// Creator's side of the VIF\nconst creator = new aws.directconnect.HostedPrivateVirtualInterface(\"creator\", {\n connectionId: \"dxcon-zzzzzzzz\",\n ownerAccountId: accepter.then(accepter =\u003e accepter.accountId),\n name: \"vif-foo\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n});\n// Accepter's side of the VIF.\nconst vpnGw = new aws.ec2.VpnGateway(\"vpn_gw\", {});\nconst accepterHostedPrivateVirtualInterfaceAccepter = new aws.directconnect.HostedPrivateVirtualInterfaceAccepter(\"accepter\", {\n virtualInterfaceId: creator.id,\n vpnGatewayId: vpnGw.id,\n tags: {\n Side: \"Accepter\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccepter = aws.get_caller_identity()\n# Creator's side of the VIF\ncreator = aws.directconnect.HostedPrivateVirtualInterface(\"creator\",\n connection_id=\"dxcon-zzzzzzzz\",\n owner_account_id=accepter.account_id,\n name=\"vif-foo\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352)\n# Accepter's side of the VIF.\nvpn_gw = aws.ec2.VpnGateway(\"vpn_gw\")\naccepter_hosted_private_virtual_interface_accepter = aws.directconnect.HostedPrivateVirtualInterfaceAccepter(\"accepter\",\n virtual_interface_id=creator.id,\n vpn_gateway_id=vpn_gw.id,\n tags={\n \"Side\": \"Accepter\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var accepter = Aws.GetCallerIdentity.Invoke();\n\n // Creator's side of the VIF\n var creator = new Aws.DirectConnect.HostedPrivateVirtualInterface(\"creator\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n OwnerAccountId = accepter.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Name = \"vif-foo\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n });\n\n // Accepter's side of the VIF.\n var vpnGw = new Aws.Ec2.VpnGateway(\"vpn_gw\");\n\n var accepterHostedPrivateVirtualInterfaceAccepter = new Aws.DirectConnect.HostedPrivateVirtualInterfaceAccepter(\"accepter\", new()\n {\n VirtualInterfaceId = creator.Id,\n VpnGatewayId = vpnGw.Id,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taccepter, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Creator's side of the VIF\n\t\tcreator, err := directconnect.NewHostedPrivateVirtualInterface(ctx, \"creator\", \u0026directconnect.HostedPrivateVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tOwnerAccountId: pulumi.String(accepter.AccountId),\n\t\t\tName: pulumi.String(\"vif-foo\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Accepter's side of the VIF.\n\t\tvpnGw, err := ec2.NewVpnGateway(ctx, \"vpn_gw\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewHostedPrivateVirtualInterfaceAccepter(ctx, \"accepter\", \u0026directconnect.HostedPrivateVirtualInterfaceAccepterArgs{\n\t\t\tVirtualInterfaceId: creator.ID(),\n\t\t\tVpnGatewayId: vpnGw.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Accepter\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterface;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceArgs;\nimport com.pulumi.aws.ec2.VpnGateway;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceAccepter;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var accepter = AwsFunctions.getCallerIdentity();\n\n // Creator's side of the VIF\n var creator = new HostedPrivateVirtualInterface(\"creator\", HostedPrivateVirtualInterfaceArgs.builder() \n .connectionId(\"dxcon-zzzzzzzz\")\n .ownerAccountId(accepter.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .name(\"vif-foo\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .build());\n\n // Accepter's side of the VIF.\n var vpnGw = new VpnGateway(\"vpnGw\");\n\n var accepterHostedPrivateVirtualInterfaceAccepter = new HostedPrivateVirtualInterfaceAccepter(\"accepterHostedPrivateVirtualInterfaceAccepter\", HostedPrivateVirtualInterfaceAccepterArgs.builder() \n .virtualInterfaceId(creator.id())\n .vpnGatewayId(vpnGw.id())\n .tags(Map.of(\"Side\", \"Accepter\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Creator's side of the VIF\n creator:\n type: aws:directconnect:HostedPrivateVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n ownerAccountId: ${accepter.accountId}\n name: vif-foo\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352 # The aws_dx_hosted_private_virtual_interface\n # # must be destroyed before the aws_vpn_gateway.\n # Accepter's side of the VIF.\n vpnGw:\n type: aws:ec2:VpnGateway\n name: vpn_gw\n accepterHostedPrivateVirtualInterfaceAccepter:\n type: aws:directconnect:HostedPrivateVirtualInterfaceAccepter\n name: accepter\n properties:\n virtualInterfaceId: ${creator.id}\n vpnGatewayId: ${vpnGw.id}\n tags:\n Side: Accepter\nvariables:\n accepter:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect hosted private virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/hostedPrivateVirtualInterfaceAccepter:HostedPrivateVirtualInterfaceAccepter test dxvif-33cc44dd\n```\n", + "description": "Provides a resource to manage the accepter's side of a Direct Connect hosted private virtual interface.\nThis resource accepts ownership of a private virtual interface created by another AWS account.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst accepter = aws.getCallerIdentity({});\n// Accepter's side of the VIF.\nconst vpnGw = new aws.ec2.VpnGateway(\"vpn_gw\", {});\n// Creator's side of the VIF\nconst creator = new aws.directconnect.HostedPrivateVirtualInterface(\"creator\", {\n connectionId: \"dxcon-zzzzzzzz\",\n ownerAccountId: accepter.then(accepter =\u003e accepter.accountId),\n name: \"vif-foo\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n}, {\n dependsOn: [vpnGw],\n});\nconst accepterHostedPrivateVirtualInterfaceAccepter = new aws.directconnect.HostedPrivateVirtualInterfaceAccepter(\"accepter\", {\n virtualInterfaceId: creator.id,\n vpnGatewayId: vpnGw.id,\n tags: {\n Side: \"Accepter\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccepter = aws.get_caller_identity()\n# Accepter's side of the VIF.\nvpn_gw = aws.ec2.VpnGateway(\"vpn_gw\")\n# Creator's side of the VIF\ncreator = aws.directconnect.HostedPrivateVirtualInterface(\"creator\",\n connection_id=\"dxcon-zzzzzzzz\",\n owner_account_id=accepter.account_id,\n name=\"vif-foo\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352,\n opts=pulumi.ResourceOptions(depends_on=[vpn_gw]))\naccepter_hosted_private_virtual_interface_accepter = aws.directconnect.HostedPrivateVirtualInterfaceAccepter(\"accepter\",\n virtual_interface_id=creator.id,\n vpn_gateway_id=vpn_gw.id,\n tags={\n \"Side\": \"Accepter\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var accepter = Aws.GetCallerIdentity.Invoke();\n\n // Accepter's side of the VIF.\n var vpnGw = new Aws.Ec2.VpnGateway(\"vpn_gw\");\n\n // Creator's side of the VIF\n var creator = new Aws.DirectConnect.HostedPrivateVirtualInterface(\"creator\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n OwnerAccountId = accepter.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Name = \"vif-foo\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n vpnGw, \n },\n });\n\n var accepterHostedPrivateVirtualInterfaceAccepter = new Aws.DirectConnect.HostedPrivateVirtualInterfaceAccepter(\"accepter\", new()\n {\n VirtualInterfaceId = creator.Id,\n VpnGatewayId = vpnGw.Id,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taccepter, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Accepter's side of the VIF.\n\t\tvpnGw, err := ec2.NewVpnGateway(ctx, \"vpn_gw\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Creator's side of the VIF\n\t\tcreator, err := directconnect.NewHostedPrivateVirtualInterface(ctx, \"creator\", \u0026directconnect.HostedPrivateVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tOwnerAccountId: pulumi.String(accepter.AccountId),\n\t\t\tName: pulumi.String(\"vif-foo\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tvpnGw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewHostedPrivateVirtualInterfaceAccepter(ctx, \"accepter\", \u0026directconnect.HostedPrivateVirtualInterfaceAccepterArgs{\n\t\t\tVirtualInterfaceId: creator.ID(),\n\t\t\tVpnGatewayId: vpnGw.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Accepter\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.VpnGateway;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterface;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceArgs;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceAccepter;\nimport com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceAccepterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var accepter = AwsFunctions.getCallerIdentity();\n\n // Accepter's side of the VIF.\n var vpnGw = new VpnGateway(\"vpnGw\");\n\n // Creator's side of the VIF\n var creator = new HostedPrivateVirtualInterface(\"creator\", HostedPrivateVirtualInterfaceArgs.builder() \n .connectionId(\"dxcon-zzzzzzzz\")\n .ownerAccountId(accepter.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .name(\"vif-foo\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .build(), CustomResourceOptions.builder()\n .dependsOn(vpnGw)\n .build());\n\n var accepterHostedPrivateVirtualInterfaceAccepter = new HostedPrivateVirtualInterfaceAccepter(\"accepterHostedPrivateVirtualInterfaceAccepter\", HostedPrivateVirtualInterfaceAccepterArgs.builder() \n .virtualInterfaceId(creator.id())\n .vpnGatewayId(vpnGw.id())\n .tags(Map.of(\"Side\", \"Accepter\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Creator's side of the VIF\n creator:\n type: aws:directconnect:HostedPrivateVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n ownerAccountId: ${accepter.accountId}\n name: vif-foo\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352 # The aws_dx_hosted_private_virtual_interface\n # # must be destroyed before the aws_vpn_gateway.\n options:\n dependson:\n - ${vpnGw}\n # Accepter's side of the VIF.\n vpnGw:\n type: aws:ec2:VpnGateway\n name: vpn_gw\n accepterHostedPrivateVirtualInterfaceAccepter:\n type: aws:directconnect:HostedPrivateVirtualInterfaceAccepter\n name: accepter\n properties:\n virtualInterfaceId: ${creator.id}\n vpnGatewayId: ${vpnGw.id}\n tags:\n Side: Accepter\nvariables:\n accepter:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect hosted private virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/hostedPrivateVirtualInterfaceAccepter:HostedPrivateVirtualInterfaceAccepter test dxvif-33cc44dd\n```\n", "properties": { "arn": { "type": "string", @@ -202110,7 +202110,7 @@ } }, "aws:directconnect/hostedTransitVirtualInterfaceAcceptor:HostedTransitVirtualInterfaceAcceptor": { - "description": "Provides a resource to manage the accepter's side of a Direct Connect hosted transit virtual interface.\nThis resource accepts ownership of a transit virtual interface created by another AWS account.\n\n\u003e **NOTE:** AWS allows a Direct Connect hosted transit virtual interface to be deleted from either the allocator's or accepter's side. However, this provider only allows the Direct Connect hosted transit virtual interface to be deleted from the allocator's side by removing the corresponding `aws.directconnect.HostedTransitVirtualInterface` resource from your configuration. Removing a `aws.directconnect.HostedTransitVirtualInterfaceAcceptor` resource from your configuration will remove it from your statefile and management, **but will not delete the Direct Connect virtual interface.**\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst accepter = aws.getCallerIdentity({});\n// Creator's side of the VIF\nconst creator = new aws.directconnect.HostedTransitVirtualInterface(\"creator\", {\n connectionId: \"dxcon-zzzzzzzz\",\n ownerAccountId: accepter.then(accepter =\u003e accepter.accountId),\n name: \"tf-transit-vif-example\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n});\n// Accepter's side of the VIF.\nconst example = new aws.directconnect.Gateway(\"example\", {\n name: \"tf-dxg-example\",\n amazonSideAsn: \"64512\",\n});\nconst accepterHostedTransitVirtualInterfaceAcceptor = new aws.directconnect.HostedTransitVirtualInterfaceAcceptor(\"accepter\", {\n virtualInterfaceId: creator.id,\n dxGatewayId: example.id,\n tags: {\n Side: \"Accepter\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccepter = aws.get_caller_identity()\n# Creator's side of the VIF\ncreator = aws.directconnect.HostedTransitVirtualInterface(\"creator\",\n connection_id=\"dxcon-zzzzzzzz\",\n owner_account_id=accepter.account_id,\n name=\"tf-transit-vif-example\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352)\n# Accepter's side of the VIF.\nexample = aws.directconnect.Gateway(\"example\",\n name=\"tf-dxg-example\",\n amazon_side_asn=\"64512\")\naccepter_hosted_transit_virtual_interface_acceptor = aws.directconnect.HostedTransitVirtualInterfaceAcceptor(\"accepter\",\n virtual_interface_id=creator.id,\n dx_gateway_id=example.id,\n tags={\n \"Side\": \"Accepter\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var accepter = Aws.GetCallerIdentity.Invoke();\n\n // Creator's side of the VIF\n var creator = new Aws.DirectConnect.HostedTransitVirtualInterface(\"creator\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n OwnerAccountId = accepter.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Name = \"tf-transit-vif-example\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n });\n\n // Accepter's side of the VIF.\n var example = new Aws.DirectConnect.Gateway(\"example\", new()\n {\n Name = \"tf-dxg-example\",\n AmazonSideAsn = \"64512\",\n });\n\n var accepterHostedTransitVirtualInterfaceAcceptor = new Aws.DirectConnect.HostedTransitVirtualInterfaceAcceptor(\"accepter\", new()\n {\n VirtualInterfaceId = creator.Id,\n DxGatewayId = example.Id,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taccepter, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Creator's side of the VIF\n\t\tcreator, err := directconnect.NewHostedTransitVirtualInterface(ctx, \"creator\", \u0026directconnect.HostedTransitVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tOwnerAccountId: pulumi.String(accepter.AccountId),\n\t\t\tName: pulumi.String(\"tf-transit-vif-example\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Accepter's side of the VIF.\n\t\texample, err := directconnect.NewGateway(ctx, \"example\", \u0026directconnect.GatewayArgs{\n\t\t\tName: pulumi.String(\"tf-dxg-example\"),\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewHostedTransitVirtualInterfaceAcceptor(ctx, \"accepter\", \u0026directconnect.HostedTransitVirtualInterfaceAcceptorArgs{\n\t\t\tVirtualInterfaceId: creator.ID(),\n\t\t\tDxGatewayId: example.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Accepter\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterface;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceArgs;\nimport com.pulumi.aws.directconnect.Gateway;\nimport com.pulumi.aws.directconnect.GatewayArgs;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceAcceptor;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceAcceptorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var accepter = AwsFunctions.getCallerIdentity();\n\n // Creator's side of the VIF\n var creator = new HostedTransitVirtualInterface(\"creator\", HostedTransitVirtualInterfaceArgs.builder() \n .connectionId(\"dxcon-zzzzzzzz\")\n .ownerAccountId(accepter.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .name(\"tf-transit-vif-example\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .build());\n\n // Accepter's side of the VIF.\n var example = new Gateway(\"example\", GatewayArgs.builder() \n .name(\"tf-dxg-example\")\n .amazonSideAsn(64512)\n .build());\n\n var accepterHostedTransitVirtualInterfaceAcceptor = new HostedTransitVirtualInterfaceAcceptor(\"accepterHostedTransitVirtualInterfaceAcceptor\", HostedTransitVirtualInterfaceAcceptorArgs.builder() \n .virtualInterfaceId(creator.id())\n .dxGatewayId(example.id())\n .tags(Map.of(\"Side\", \"Accepter\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Creator's side of the VIF\n creator:\n type: aws:directconnect:HostedTransitVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n ownerAccountId: ${accepter.accountId}\n name: tf-transit-vif-example\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352 # The aws_dx_hosted_transit_virtual_interface\n # # must be destroyed before the aws_dx_gateway.\n # Accepter's side of the VIF.\n example:\n type: aws:directconnect:Gateway\n properties:\n name: tf-dxg-example\n amazonSideAsn: 64512\n accepterHostedTransitVirtualInterfaceAcceptor:\n type: aws:directconnect:HostedTransitVirtualInterfaceAcceptor\n name: accepter\n properties:\n virtualInterfaceId: ${creator.id}\n dxGatewayId: ${example.id}\n tags:\n Side: Accepter\nvariables:\n accepter:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect hosted transit virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/hostedTransitVirtualInterfaceAcceptor:HostedTransitVirtualInterfaceAcceptor test dxvif-33cc44dd\n```\n", + "description": "Provides a resource to manage the accepter's side of a Direct Connect hosted transit virtual interface.\nThis resource accepts ownership of a transit virtual interface created by another AWS account.\n\n\u003e **NOTE:** AWS allows a Direct Connect hosted transit virtual interface to be deleted from either the allocator's or accepter's side. However, this provider only allows the Direct Connect hosted transit virtual interface to be deleted from the allocator's side by removing the corresponding `aws.directconnect.HostedTransitVirtualInterface` resource from your configuration. Removing a `aws.directconnect.HostedTransitVirtualInterfaceAcceptor` resource from your configuration will remove it from your statefile and management, **but will not delete the Direct Connect virtual interface.**\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst accepter = aws.getCallerIdentity({});\n// Accepter's side of the VIF.\nconst example = new aws.directconnect.Gateway(\"example\", {\n name: \"tf-dxg-example\",\n amazonSideAsn: \"64512\",\n});\n// Creator's side of the VIF\nconst creator = new aws.directconnect.HostedTransitVirtualInterface(\"creator\", {\n connectionId: \"dxcon-zzzzzzzz\",\n ownerAccountId: accepter.then(accepter =\u003e accepter.accountId),\n name: \"tf-transit-vif-example\",\n vlan: 4094,\n addressFamily: \"ipv4\",\n bgpAsn: 65352,\n}, {\n dependsOn: [example],\n});\nconst accepterHostedTransitVirtualInterfaceAcceptor = new aws.directconnect.HostedTransitVirtualInterfaceAcceptor(\"accepter\", {\n virtualInterfaceId: creator.id,\n dxGatewayId: example.id,\n tags: {\n Side: \"Accepter\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naccepter = aws.get_caller_identity()\n# Accepter's side of the VIF.\nexample = aws.directconnect.Gateway(\"example\",\n name=\"tf-dxg-example\",\n amazon_side_asn=\"64512\")\n# Creator's side of the VIF\ncreator = aws.directconnect.HostedTransitVirtualInterface(\"creator\",\n connection_id=\"dxcon-zzzzzzzz\",\n owner_account_id=accepter.account_id,\n name=\"tf-transit-vif-example\",\n vlan=4094,\n address_family=\"ipv4\",\n bgp_asn=65352,\n opts=pulumi.ResourceOptions(depends_on=[example]))\naccepter_hosted_transit_virtual_interface_acceptor = aws.directconnect.HostedTransitVirtualInterfaceAcceptor(\"accepter\",\n virtual_interface_id=creator.id,\n dx_gateway_id=example.id,\n tags={\n \"Side\": \"Accepter\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var accepter = Aws.GetCallerIdentity.Invoke();\n\n // Accepter's side of the VIF.\n var example = new Aws.DirectConnect.Gateway(\"example\", new()\n {\n Name = \"tf-dxg-example\",\n AmazonSideAsn = \"64512\",\n });\n\n // Creator's side of the VIF\n var creator = new Aws.DirectConnect.HostedTransitVirtualInterface(\"creator\", new()\n {\n ConnectionId = \"dxcon-zzzzzzzz\",\n OwnerAccountId = accepter.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n Name = \"tf-transit-vif-example\",\n Vlan = 4094,\n AddressFamily = \"ipv4\",\n BgpAsn = 65352,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n var accepterHostedTransitVirtualInterfaceAcceptor = new Aws.DirectConnect.HostedTransitVirtualInterfaceAcceptor(\"accepter\", new()\n {\n VirtualInterfaceId = creator.Id,\n DxGatewayId = example.Id,\n Tags = \n {\n { \"Side\", \"Accepter\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directconnect\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\taccepter, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Accepter's side of the VIF.\n\t\texample, err := directconnect.NewGateway(ctx, \"example\", \u0026directconnect.GatewayArgs{\n\t\t\tName: pulumi.String(\"tf-dxg-example\"),\n\t\t\tAmazonSideAsn: pulumi.String(\"64512\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Creator's side of the VIF\n\t\tcreator, err := directconnect.NewHostedTransitVirtualInterface(ctx, \"creator\", \u0026directconnect.HostedTransitVirtualInterfaceArgs{\n\t\t\tConnectionId: pulumi.String(\"dxcon-zzzzzzzz\"),\n\t\t\tOwnerAccountId: pulumi.String(accepter.AccountId),\n\t\t\tName: pulumi.String(\"tf-transit-vif-example\"),\n\t\t\tVlan: pulumi.Int(4094),\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tBgpAsn: pulumi.Int(65352),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = directconnect.NewHostedTransitVirtualInterfaceAcceptor(ctx, \"accepter\", \u0026directconnect.HostedTransitVirtualInterfaceAcceptorArgs{\n\t\t\tVirtualInterfaceId: creator.ID(),\n\t\t\tDxGatewayId: example.ID(),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Side\": pulumi.String(\"Accepter\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.directconnect.Gateway;\nimport com.pulumi.aws.directconnect.GatewayArgs;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterface;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceArgs;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceAcceptor;\nimport com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceAcceptorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var accepter = AwsFunctions.getCallerIdentity();\n\n // Accepter's side of the VIF.\n var example = new Gateway(\"example\", GatewayArgs.builder() \n .name(\"tf-dxg-example\")\n .amazonSideAsn(64512)\n .build());\n\n // Creator's side of the VIF\n var creator = new HostedTransitVirtualInterface(\"creator\", HostedTransitVirtualInterfaceArgs.builder() \n .connectionId(\"dxcon-zzzzzzzz\")\n .ownerAccountId(accepter.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n .name(\"tf-transit-vif-example\")\n .vlan(4094)\n .addressFamily(\"ipv4\")\n .bgpAsn(65352)\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var accepterHostedTransitVirtualInterfaceAcceptor = new HostedTransitVirtualInterfaceAcceptor(\"accepterHostedTransitVirtualInterfaceAcceptor\", HostedTransitVirtualInterfaceAcceptorArgs.builder() \n .virtualInterfaceId(creator.id())\n .dxGatewayId(example.id())\n .tags(Map.of(\"Side\", \"Accepter\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Creator's side of the VIF\n creator:\n type: aws:directconnect:HostedTransitVirtualInterface\n properties:\n connectionId: dxcon-zzzzzzzz\n ownerAccountId: ${accepter.accountId}\n name: tf-transit-vif-example\n vlan: 4094\n addressFamily: ipv4\n bgpAsn: 65352 # The aws_dx_hosted_transit_virtual_interface\n # # must be destroyed before the aws_dx_gateway.\n options:\n dependson:\n - ${example}\n # Accepter's side of the VIF.\n example:\n type: aws:directconnect:Gateway\n properties:\n name: tf-dxg-example\n amazonSideAsn: 64512\n accepterHostedTransitVirtualInterfaceAcceptor:\n type: aws:directconnect:HostedTransitVirtualInterfaceAcceptor\n name: accepter\n properties:\n virtualInterfaceId: ${creator.id}\n dxGatewayId: ${example.id}\n tags:\n Side: Accepter\nvariables:\n accepter:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Direct Connect hosted transit virtual interfaces using the VIF `id`. For example:\n\n```sh\n$ pulumi import aws:directconnect/hostedTransitVirtualInterfaceAcceptor:HostedTransitVirtualInterfaceAcceptor test dxvif-33cc44dd\n```\n", "properties": { "arn": { "type": "string", @@ -205192,7 +205192,7 @@ } }, "aws:dms/replicationInstance:ReplicationInstance": { - "description": "Provides a DMS (Data Migration Service) replication instance resource. DMS replication instances can be created, updated, deleted, and imported.\n\n## Example Usage\n\nCreate required roles and then create a DMS instance, setting the depends_on to the required role policy attachments.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Database Migration Service requires the below IAM Roles to be created before\n// replication instances can be created. See the DMS Documentation for\n// additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n// * dms-vpc-role\n// * dms-cloudwatch-logs-role\n// * dms-access-for-endpoint\nconst dmsAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n identifiers: [\"dms.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst dms_access_for_endpoint = new aws.iam.Role(\"dms-access-for-endpoint\", {\n assumeRolePolicy: dmsAssumeRole.then(dmsAssumeRole =\u003e dmsAssumeRole.json),\n name: \"dms-access-for-endpoint\",\n});\nconst dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new aws.iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n role: dms_access_for_endpoint.name,\n});\nconst dms_cloudwatch_logs_role = new aws.iam.Role(\"dms-cloudwatch-logs-role\", {\n assumeRolePolicy: dmsAssumeRole.then(dmsAssumeRole =\u003e dmsAssumeRole.json),\n name: \"dms-cloudwatch-logs-role\",\n});\nconst dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new aws.iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n role: dms_cloudwatch_logs_role.name,\n});\nconst dms_vpc_role = new aws.iam.Role(\"dms-vpc-role\", {\n assumeRolePolicy: dmsAssumeRole.then(dmsAssumeRole =\u003e dmsAssumeRole.json),\n name: \"dms-vpc-role\",\n});\nconst dms_vpc_role_AmazonDMSVPCManagementRole = new aws.iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n role: dms_vpc_role.name,\n});\n// Create a new replication instance\nconst test = new aws.dms.ReplicationInstance(\"test\", {\n allocatedStorage: 20,\n applyImmediately: true,\n autoMinorVersionUpgrade: true,\n availabilityZone: \"us-west-2c\",\n engineVersion: \"3.1.4\",\n kmsKeyArn: \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n multiAz: false,\n preferredMaintenanceWindow: \"sun:10:30-sun:14:30\",\n publiclyAccessible: true,\n replicationInstanceClass: \"dms.t2.micro\",\n replicationInstanceId: \"test-dms-replication-instance-tf\",\n replicationSubnetGroupId: test_dms_replication_subnet_group_tf.id,\n tags: {\n Name: \"test\",\n },\n vpcSecurityGroupIds: [\"sg-12345678\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Database Migration Service requires the below IAM Roles to be created before\n# replication instances can be created. See the DMS Documentation for\n# additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n# * dms-vpc-role\n# * dms-cloudwatch-logs-role\n# * dms-access-for-endpoint\ndms_assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n identifiers=[\"dms.amazonaws.com\"],\n type=\"Service\",\n )],\n)])\ndms_access_for_endpoint = aws.iam.Role(\"dms-access-for-endpoint\",\n assume_role_policy=dms_assume_role.json,\n name=\"dms-access-for-endpoint\")\ndms_access_for_endpoint__amazon_dms_redshift_s3_role = aws.iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n role=dms_access_for_endpoint.name)\ndms_cloudwatch_logs_role = aws.iam.Role(\"dms-cloudwatch-logs-role\",\n assume_role_policy=dms_assume_role.json,\n name=\"dms-cloudwatch-logs-role\")\ndms_cloudwatch_logs_role__amazon_dms_cloud_watch_logs_role = aws.iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n role=dms_cloudwatch_logs_role.name)\ndms_vpc_role = aws.iam.Role(\"dms-vpc-role\",\n assume_role_policy=dms_assume_role.json,\n name=\"dms-vpc-role\")\ndms_vpc_role__amazon_dmsvpc_management_role = aws.iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n role=dms_vpc_role.name)\n# Create a new replication instance\ntest = aws.dms.ReplicationInstance(\"test\",\n allocated_storage=20,\n apply_immediately=True,\n auto_minor_version_upgrade=True,\n availability_zone=\"us-west-2c\",\n engine_version=\"3.1.4\",\n kms_key_arn=\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n multi_az=False,\n preferred_maintenance_window=\"sun:10:30-sun:14:30\",\n publicly_accessible=True,\n replication_instance_class=\"dms.t2.micro\",\n replication_instance_id=\"test-dms-replication-instance-tf\",\n replication_subnet_group_id=test_dms_replication_subnet_group_tf[\"id\"],\n tags={\n \"Name\": \"test\",\n },\n vpc_security_group_ids=[\"sg-12345678\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Database Migration Service requires the below IAM Roles to be created before\n // replication instances can be created. See the DMS Documentation for\n // additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n // * dms-vpc-role\n // * dms-cloudwatch-logs-role\n // * dms-access-for-endpoint\n var dmsAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"dms.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var dms_access_for_endpoint = new Aws.Iam.Role(\"dms-access-for-endpoint\", new()\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"dms-access-for-endpoint\",\n });\n\n var dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new Aws.Iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n Role = dms_access_for_endpoint.Name,\n });\n\n var dms_cloudwatch_logs_role = new Aws.Iam.Role(\"dms-cloudwatch-logs-role\", new()\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"dms-cloudwatch-logs-role\",\n });\n\n var dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new Aws.Iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n Role = dms_cloudwatch_logs_role.Name,\n });\n\n var dms_vpc_role = new Aws.Iam.Role(\"dms-vpc-role\", new()\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"dms-vpc-role\",\n });\n\n var dms_vpc_role_AmazonDMSVPCManagementRole = new Aws.Iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n Role = dms_vpc_role.Name,\n });\n\n // Create a new replication instance\n var test = new Aws.Dms.ReplicationInstance(\"test\", new()\n {\n AllocatedStorage = 20,\n ApplyImmediately = true,\n AutoMinorVersionUpgrade = true,\n AvailabilityZone = \"us-west-2c\",\n EngineVersion = \"3.1.4\",\n KmsKeyArn = \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n MultiAz = false,\n PreferredMaintenanceWindow = \"sun:10:30-sun:14:30\",\n PubliclyAccessible = true,\n ReplicationInstanceClass = \"dms.t2.micro\",\n ReplicationInstanceId = \"test-dms-replication-instance-tf\",\n ReplicationSubnetGroupId = test_dms_replication_subnet_group_tf.Id,\n Tags = \n {\n { \"Name\", \"test\" },\n },\n VpcSecurityGroupIds = new[]\n {\n \"sg-12345678\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Database Migration Service requires the below IAM Roles to be created before\n\t\t// replication instances can be created. See the DMS Documentation for\n\t\t// additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n\t\t// - dms-vpc-role\n\t\t// - dms-cloudwatch-logs-role\n\t\t// - dms-access-for-endpoint\n\t\tdmsAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"dms.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"dms-access-for-endpoint\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(dmsAssumeRole.Json),\n\t\t\tName: pulumi.String(\"dms-access-for-endpoint\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\"),\n\t\t\tRole: dms_access_for_endpoint.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"dms-cloudwatch-logs-role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(dmsAssumeRole.Json),\n\t\t\tName: pulumi.String(\"dms-cloudwatch-logs-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\"),\n\t\t\tRole: dms_cloudwatch_logs_role.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"dms-vpc-role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(dmsAssumeRole.Json),\n\t\t\tName: pulumi.String(\"dms-vpc-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"dms-vpc-role-AmazonDMSVPCManagementRole\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\"),\n\t\t\tRole: dms_vpc_role.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create a new replication instance\n\t\t_, err = dms.NewReplicationInstance(ctx, \"test\", \u0026dms.ReplicationInstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(20),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tAutoMinorVersionUpgrade: pulumi.Bool(true),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2c\"),\n\t\t\tEngineVersion: pulumi.String(\"3.1.4\"),\n\t\t\tKmsKeyArn: pulumi.String(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\"),\n\t\t\tMultiAz: pulumi.Bool(false),\n\t\t\tPreferredMaintenanceWindow: pulumi.String(\"sun:10:30-sun:14:30\"),\n\t\t\tPubliclyAccessible: pulumi.Bool(true),\n\t\t\tReplicationInstanceClass: pulumi.String(\"dms.t2.micro\"),\n\t\t\tReplicationInstanceId: pulumi.String(\"test-dms-replication-instance-tf\"),\n\t\t\tReplicationSubnetGroupId: pulumi.Any(test_dms_replication_subnet_group_tf.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sg-12345678\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.dms.ReplicationInstance;\nimport com.pulumi.aws.dms.ReplicationInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Database Migration Service requires the below IAM Roles to be created before\n // replication instances can be created. See the DMS Documentation for\n // additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n // * dms-vpc-role\n // * dms-cloudwatch-logs-role\n // * dms-access-for-endpoint\n final var dmsAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"dms.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var dms_access_for_endpoint = new Role(\"dms-access-for-endpoint\", RoleArgs.builder() \n .assumeRolePolicy(dmsAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"dms-access-for-endpoint\")\n .build());\n\n var dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\")\n .role(dms_access_for_endpoint.name())\n .build());\n\n var dms_cloudwatch_logs_role = new Role(\"dms-cloudwatch-logs-role\", RoleArgs.builder() \n .assumeRolePolicy(dmsAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"dms-cloudwatch-logs-role\")\n .build());\n\n var dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\")\n .role(dms_cloudwatch_logs_role.name())\n .build());\n\n var dms_vpc_role = new Role(\"dms-vpc-role\", RoleArgs.builder() \n .assumeRolePolicy(dmsAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"dms-vpc-role\")\n .build());\n\n var dms_vpc_role_AmazonDMSVPCManagementRole = new RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\")\n .role(dms_vpc_role.name())\n .build());\n\n // Create a new replication instance\n var test = new ReplicationInstance(\"test\", ReplicationInstanceArgs.builder() \n .allocatedStorage(20)\n .applyImmediately(true)\n .autoMinorVersionUpgrade(true)\n .availabilityZone(\"us-west-2c\")\n .engineVersion(\"3.1.4\")\n .kmsKeyArn(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\")\n .multiAz(false)\n .preferredMaintenanceWindow(\"sun:10:30-sun:14:30\")\n .publiclyAccessible(true)\n .replicationInstanceClass(\"dms.t2.micro\")\n .replicationInstanceId(\"test-dms-replication-instance-tf\")\n .replicationSubnetGroupId(test_dms_replication_subnet_group_tf.id())\n .tags(Map.of(\"Name\", \"test\"))\n .vpcSecurityGroupIds(\"sg-12345678\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dms-access-for-endpoint:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${dmsAssumeRole.json}\n name: dms-access-for-endpoint\n dms-access-for-endpoint-AmazonDMSRedshiftS3Role:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\n role: ${[\"dms-access-for-endpoint\"].name}\n dms-cloudwatch-logs-role:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${dmsAssumeRole.json}\n name: dms-cloudwatch-logs-role\n dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\n role: ${[\"dms-cloudwatch-logs-role\"].name}\n dms-vpc-role:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${dmsAssumeRole.json}\n name: dms-vpc-role\n dms-vpc-role-AmazonDMSVPCManagementRole:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\n role: ${[\"dms-vpc-role\"].name}\n # Create a new replication instance\n test:\n type: aws:dms:ReplicationInstance\n properties:\n allocatedStorage: 20\n applyImmediately: true\n autoMinorVersionUpgrade: true\n availabilityZone: us-west-2c\n engineVersion: 3.1.4\n kmsKeyArn: arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\n multiAz: false\n preferredMaintenanceWindow: sun:10:30-sun:14:30\n publiclyAccessible: true\n replicationInstanceClass: dms.t2.micro\n replicationInstanceId: test-dms-replication-instance-tf\n replicationSubnetGroupId: ${[\"test-dms-replication-subnet-group-tf\"].id}\n tags:\n Name: test\n vpcSecurityGroupIds:\n - sg-12345678\nvariables:\n # Database Migration Service requires the below IAM Roles to be created before\n # replication instances can be created. See the DMS Documentation for\n # additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n # * dms-vpc-role\n # * dms-cloudwatch-logs-role\n # * dms-access-for-endpoint\n dmsAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - identifiers:\n - dms.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import replication instances using the `replication_instance_id`. For example:\n\n```sh\n$ pulumi import aws:dms/replicationInstance:ReplicationInstance test test-dms-replication-instance-tf\n```\n", + "description": "Provides a DMS (Data Migration Service) replication instance resource. DMS replication instances can be created, updated, deleted, and imported.\n\n## Example Usage\n\nCreate required roles and then create a DMS instance, setting the depends_on to the required role policy attachments.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Database Migration Service requires the below IAM Roles to be created before\n// replication instances can be created. See the DMS Documentation for\n// additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n// * dms-vpc-role\n// * dms-cloudwatch-logs-role\n// * dms-access-for-endpoint\nconst dmsAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n identifiers: [\"dms.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst dms_access_for_endpoint = new aws.iam.Role(\"dms-access-for-endpoint\", {\n assumeRolePolicy: dmsAssumeRole.then(dmsAssumeRole =\u003e dmsAssumeRole.json),\n name: \"dms-access-for-endpoint\",\n});\nconst dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new aws.iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n role: dms_access_for_endpoint.name,\n});\nconst dms_cloudwatch_logs_role = new aws.iam.Role(\"dms-cloudwatch-logs-role\", {\n assumeRolePolicy: dmsAssumeRole.then(dmsAssumeRole =\u003e dmsAssumeRole.json),\n name: \"dms-cloudwatch-logs-role\",\n});\nconst dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new aws.iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n role: dms_cloudwatch_logs_role.name,\n});\nconst dms_vpc_role = new aws.iam.Role(\"dms-vpc-role\", {\n assumeRolePolicy: dmsAssumeRole.then(dmsAssumeRole =\u003e dmsAssumeRole.json),\n name: \"dms-vpc-role\",\n});\nconst dms_vpc_role_AmazonDMSVPCManagementRole = new aws.iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", {\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n role: dms_vpc_role.name,\n});\n// Create a new replication instance\nconst test = new aws.dms.ReplicationInstance(\"test\", {\n allocatedStorage: 20,\n applyImmediately: true,\n autoMinorVersionUpgrade: true,\n availabilityZone: \"us-west-2c\",\n engineVersion: \"3.1.4\",\n kmsKeyArn: \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n multiAz: false,\n preferredMaintenanceWindow: \"sun:10:30-sun:14:30\",\n publiclyAccessible: true,\n replicationInstanceClass: \"dms.t2.micro\",\n replicationInstanceId: \"test-dms-replication-instance-tf\",\n replicationSubnetGroupId: test_dms_replication_subnet_group_tf.id,\n tags: {\n Name: \"test\",\n },\n vpcSecurityGroupIds: [\"sg-12345678\"],\n}, {\n dependsOn: [\n dms_access_for_endpoint_AmazonDMSRedshiftS3Role,\n dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole,\n dms_vpc_role_AmazonDMSVPCManagementRole,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Database Migration Service requires the below IAM Roles to be created before\n# replication instances can be created. See the DMS Documentation for\n# additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n# * dms-vpc-role\n# * dms-cloudwatch-logs-role\n# * dms-access-for-endpoint\ndms_assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n identifiers=[\"dms.amazonaws.com\"],\n type=\"Service\",\n )],\n)])\ndms_access_for_endpoint = aws.iam.Role(\"dms-access-for-endpoint\",\n assume_role_policy=dms_assume_role.json,\n name=\"dms-access-for-endpoint\")\ndms_access_for_endpoint__amazon_dms_redshift_s3_role = aws.iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n role=dms_access_for_endpoint.name)\ndms_cloudwatch_logs_role = aws.iam.Role(\"dms-cloudwatch-logs-role\",\n assume_role_policy=dms_assume_role.json,\n name=\"dms-cloudwatch-logs-role\")\ndms_cloudwatch_logs_role__amazon_dms_cloud_watch_logs_role = aws.iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n role=dms_cloudwatch_logs_role.name)\ndms_vpc_role = aws.iam.Role(\"dms-vpc-role\",\n assume_role_policy=dms_assume_role.json,\n name=\"dms-vpc-role\")\ndms_vpc_role__amazon_dmsvpc_management_role = aws.iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\",\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n role=dms_vpc_role.name)\n# Create a new replication instance\ntest = aws.dms.ReplicationInstance(\"test\",\n allocated_storage=20,\n apply_immediately=True,\n auto_minor_version_upgrade=True,\n availability_zone=\"us-west-2c\",\n engine_version=\"3.1.4\",\n kms_key_arn=\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n multi_az=False,\n preferred_maintenance_window=\"sun:10:30-sun:14:30\",\n publicly_accessible=True,\n replication_instance_class=\"dms.t2.micro\",\n replication_instance_id=\"test-dms-replication-instance-tf\",\n replication_subnet_group_id=test_dms_replication_subnet_group_tf[\"id\"],\n tags={\n \"Name\": \"test\",\n },\n vpc_security_group_ids=[\"sg-12345678\"],\n opts=pulumi.ResourceOptions(depends_on=[\n dms_access_for_endpoint__amazon_dms_redshift_s3_role,\n dms_cloudwatch_logs_role__amazon_dms_cloud_watch_logs_role,\n dms_vpc_role__amazon_dmsvpc_management_role,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Database Migration Service requires the below IAM Roles to be created before\n // replication instances can be created. See the DMS Documentation for\n // additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n // * dms-vpc-role\n // * dms-cloudwatch-logs-role\n // * dms-access-for-endpoint\n var dmsAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"dms.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var dms_access_for_endpoint = new Aws.Iam.Role(\"dms-access-for-endpoint\", new()\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"dms-access-for-endpoint\",\n });\n\n var dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new Aws.Iam.RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\",\n Role = dms_access_for_endpoint.Name,\n });\n\n var dms_cloudwatch_logs_role = new Aws.Iam.Role(\"dms-cloudwatch-logs-role\", new()\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"dms-cloudwatch-logs-role\",\n });\n\n var dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new Aws.Iam.RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\",\n Role = dms_cloudwatch_logs_role.Name,\n });\n\n var dms_vpc_role = new Aws.Iam.Role(\"dms-vpc-role\", new()\n {\n AssumeRolePolicy = dmsAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"dms-vpc-role\",\n });\n\n var dms_vpc_role_AmazonDMSVPCManagementRole = new Aws.Iam.RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n Role = dms_vpc_role.Name,\n });\n\n // Create a new replication instance\n var test = new Aws.Dms.ReplicationInstance(\"test\", new()\n {\n AllocatedStorage = 20,\n ApplyImmediately = true,\n AutoMinorVersionUpgrade = true,\n AvailabilityZone = \"us-west-2c\",\n EngineVersion = \"3.1.4\",\n KmsKeyArn = \"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\",\n MultiAz = false,\n PreferredMaintenanceWindow = \"sun:10:30-sun:14:30\",\n PubliclyAccessible = true,\n ReplicationInstanceClass = \"dms.t2.micro\",\n ReplicationInstanceId = \"test-dms-replication-instance-tf\",\n ReplicationSubnetGroupId = test_dms_replication_subnet_group_tf.Id,\n Tags = \n {\n { \"Name\", \"test\" },\n },\n VpcSecurityGroupIds = new[]\n {\n \"sg-12345678\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n dms_access_for_endpoint_AmazonDMSRedshiftS3Role, \n dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole, \n dms_vpc_role_AmazonDMSVPCManagementRole, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Database Migration Service requires the below IAM Roles to be created before\n\t\t// replication instances can be created. See the DMS Documentation for\n\t\t// additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n\t\t// - dms-vpc-role\n\t\t// - dms-cloudwatch-logs-role\n\t\t// - dms-access-for-endpoint\n\t\tdmsAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"dms.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"dms-access-for-endpoint\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(dmsAssumeRole.Json),\n\t\t\tName: pulumi.String(\"dms-access-for-endpoint\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\"),\n\t\t\tRole: dms_access_for_endpoint.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"dms-cloudwatch-logs-role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(dmsAssumeRole.Json),\n\t\t\tName: pulumi.String(\"dms-cloudwatch-logs-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\"),\n\t\t\tRole: dms_cloudwatch_logs_role.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"dms-vpc-role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(dmsAssumeRole.Json),\n\t\t\tName: pulumi.String(\"dms-vpc-role\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"dms-vpc-role-AmazonDMSVPCManagementRole\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\"),\n\t\t\tRole: dms_vpc_role.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create a new replication instance\n\t\t_, err = dms.NewReplicationInstance(ctx, \"test\", \u0026dms.ReplicationInstanceArgs{\n\t\t\tAllocatedStorage: pulumi.Int(20),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tAutoMinorVersionUpgrade: pulumi.Bool(true),\n\t\t\tAvailabilityZone: pulumi.String(\"us-west-2c\"),\n\t\t\tEngineVersion: pulumi.String(\"3.1.4\"),\n\t\t\tKmsKeyArn: pulumi.String(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\"),\n\t\t\tMultiAz: pulumi.Bool(false),\n\t\t\tPreferredMaintenanceWindow: pulumi.String(\"sun:10:30-sun:14:30\"),\n\t\t\tPubliclyAccessible: pulumi.Bool(true),\n\t\t\tReplicationInstanceClass: pulumi.String(\"dms.t2.micro\"),\n\t\t\tReplicationInstanceId: pulumi.String(\"test-dms-replication-instance-tf\"),\n\t\t\tReplicationSubnetGroupId: pulumi.Any(test_dms_replication_subnet_group_tf.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sg-12345678\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tdms_access_for_endpoint_AmazonDMSRedshiftS3Role,\n\t\t\tdms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole,\n\t\t\tdms_vpc_role_AmazonDMSVPCManagementRole,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.dms.ReplicationInstance;\nimport com.pulumi.aws.dms.ReplicationInstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Database Migration Service requires the below IAM Roles to be created before\n // replication instances can be created. See the DMS Documentation for\n // additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n // * dms-vpc-role\n // * dms-cloudwatch-logs-role\n // * dms-access-for-endpoint\n final var dmsAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"dms.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var dms_access_for_endpoint = new Role(\"dms-access-for-endpoint\", RoleArgs.builder() \n .assumeRolePolicy(dmsAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"dms-access-for-endpoint\")\n .build());\n\n var dms_access_for_endpoint_AmazonDMSRedshiftS3Role = new RolePolicyAttachment(\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\")\n .role(dms_access_for_endpoint.name())\n .build());\n\n var dms_cloudwatch_logs_role = new Role(\"dms-cloudwatch-logs-role\", RoleArgs.builder() \n .assumeRolePolicy(dmsAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"dms-cloudwatch-logs-role\")\n .build());\n\n var dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole = new RolePolicyAttachment(\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\")\n .role(dms_cloudwatch_logs_role.name())\n .build());\n\n var dms_vpc_role = new Role(\"dms-vpc-role\", RoleArgs.builder() \n .assumeRolePolicy(dmsAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"dms-vpc-role\")\n .build());\n\n var dms_vpc_role_AmazonDMSVPCManagementRole = new RolePolicyAttachment(\"dms-vpc-role-AmazonDMSVPCManagementRole\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\")\n .role(dms_vpc_role.name())\n .build());\n\n // Create a new replication instance\n var test = new ReplicationInstance(\"test\", ReplicationInstanceArgs.builder() \n .allocatedStorage(20)\n .applyImmediately(true)\n .autoMinorVersionUpgrade(true)\n .availabilityZone(\"us-west-2c\")\n .engineVersion(\"3.1.4\")\n .kmsKeyArn(\"arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\")\n .multiAz(false)\n .preferredMaintenanceWindow(\"sun:10:30-sun:14:30\")\n .publiclyAccessible(true)\n .replicationInstanceClass(\"dms.t2.micro\")\n .replicationInstanceId(\"test-dms-replication-instance-tf\")\n .replicationSubnetGroupId(test_dms_replication_subnet_group_tf.id())\n .tags(Map.of(\"Name\", \"test\"))\n .vpcSecurityGroupIds(\"sg-12345678\")\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n dms_access_for_endpoint_AmazonDMSRedshiftS3Role,\n dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole,\n dms_vpc_role_AmazonDMSVPCManagementRole)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dms-access-for-endpoint:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${dmsAssumeRole.json}\n name: dms-access-for-endpoint\n dms-access-for-endpoint-AmazonDMSRedshiftS3Role:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSRedshiftS3Role\n role: ${[\"dms-access-for-endpoint\"].name}\n dms-cloudwatch-logs-role:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${dmsAssumeRole.json}\n name: dms-cloudwatch-logs-role\n dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSCloudWatchLogsRole\n role: ${[\"dms-cloudwatch-logs-role\"].name}\n dms-vpc-role:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${dmsAssumeRole.json}\n name: dms-vpc-role\n dms-vpc-role-AmazonDMSVPCManagementRole:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\n role: ${[\"dms-vpc-role\"].name}\n # Create a new replication instance\n test:\n type: aws:dms:ReplicationInstance\n properties:\n allocatedStorage: 20\n applyImmediately: true\n autoMinorVersionUpgrade: true\n availabilityZone: us-west-2c\n engineVersion: 3.1.4\n kmsKeyArn: arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012\n multiAz: false\n preferredMaintenanceWindow: sun:10:30-sun:14:30\n publiclyAccessible: true\n replicationInstanceClass: dms.t2.micro\n replicationInstanceId: test-dms-replication-instance-tf\n replicationSubnetGroupId: ${[\"test-dms-replication-subnet-group-tf\"].id}\n tags:\n Name: test\n vpcSecurityGroupIds:\n - sg-12345678\n options:\n dependson:\n - ${[\"dms-access-for-endpoint-AmazonDMSRedshiftS3Role\"]}\n - ${[\"dms-cloudwatch-logs-role-AmazonDMSCloudWatchLogsRole\"]}\n - ${[\"dms-vpc-role-AmazonDMSVPCManagementRole\"]}\nvariables:\n # Database Migration Service requires the below IAM Roles to be created before\n # replication instances can be created. See the DMS Documentation for\n # additional information: https://docs.aws.amazon.com/dms/latest/userguide/security-iam.html#CHAP_Security.APIRole\n # * dms-vpc-role\n # * dms-cloudwatch-logs-role\n # * dms-access-for-endpoint\n dmsAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - identifiers:\n - dms.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import replication instances using the `replication_instance_id`. For example:\n\n```sh\n$ pulumi import aws:dms/replicationInstance:ReplicationInstance test test-dms-replication-instance-tf\n```\n", "properties": { "allocatedStorage": { "type": "integer", @@ -205500,7 +205500,7 @@ } }, "aws:dms/replicationSubnetGroup:ReplicationSubnetGroup": { - "description": "Provides a DMS (Data Migration Service) replication subnet group resource. DMS replication subnet groups can be created, updated, deleted, and imported.\n\n\u003e **Note:** AWS requires a special IAM role called `dms-vpc-role` when using this resource. See the example below to create it as part of your configuration.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new replication subnet group\nconst example = new aws.dms.ReplicationSubnetGroup(\"example\", {\n replicationSubnetGroupDescription: \"Example replication subnet group\",\n replicationSubnetGroupId: \"example-dms-replication-subnet-group-tf\",\n subnetIds: [\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new replication subnet group\nexample = aws.dms.ReplicationSubnetGroup(\"example\",\n replication_subnet_group_description=\"Example replication subnet group\",\n replication_subnet_group_id=\"example-dms-replication-subnet-group-tf\",\n subnet_ids=[\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new replication subnet group\n var example = new Aws.Dms.ReplicationSubnetGroup(\"example\", new()\n {\n ReplicationSubnetGroupDescription = \"Example replication subnet group\",\n ReplicationSubnetGroupId = \"example-dms-replication-subnet-group-tf\",\n SubnetIds = new[]\n {\n \"subnet-12345678\",\n \"subnet-12345679\",\n },\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new replication subnet group\n\t\t_, err := dms.NewReplicationSubnetGroup(ctx, \"example\", \u0026dms.ReplicationSubnetGroupArgs{\n\t\t\tReplicationSubnetGroupDescription: pulumi.String(\"Example replication subnet group\"),\n\t\t\tReplicationSubnetGroupId: pulumi.String(\"example-dms-replication-subnet-group-tf\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-12345678\"),\n\t\t\t\tpulumi.String(\"subnet-12345679\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.ReplicationSubnetGroup;\nimport com.pulumi.aws.dms.ReplicationSubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new replication subnet group\n var example = new ReplicationSubnetGroup(\"example\", ReplicationSubnetGroupArgs.builder() \n .replicationSubnetGroupDescription(\"Example replication subnet group\")\n .replicationSubnetGroupId(\"example-dms-replication-subnet-group-tf\")\n .subnetIds( \n \"subnet-12345678\",\n \"subnet-12345679\")\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new replication subnet group\n example:\n type: aws:dms:ReplicationSubnetGroup\n properties:\n replicationSubnetGroupDescription: Example replication subnet group\n replicationSubnetGroupId: example-dms-replication-subnet-group-tf\n subnetIds:\n - subnet-12345678\n - subnet-12345679\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Creating special IAM role\n\nIf your account does not already include the `dms-vpc-role` IAM role, you will need to create it to allow DMS to manage subnets in the VPC.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dms_vpc_role = new aws.iam.Role(\"dms-vpc-role\", {\n name: \"dms-vpc-role\",\n description: \"Allows DMS to manage VPC\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n service: \"dms.amazonaws.com\",\n },\n action: \"sts:AssumeRole\",\n }],\n }),\n});\nconst example = new aws.iam.RolePolicyAttachment(\"example\", {\n role: dms_vpc_role.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n});\nconst exampleReplicationSubnetGroup = new aws.dms.ReplicationSubnetGroup(\"example\", {\n replicationSubnetGroupDescription: \"Example\",\n replicationSubnetGroupId: \"example-id\",\n subnetIds: [\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags: {\n Name: \"example-id\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ndms_vpc_role = aws.iam.Role(\"dms-vpc-role\",\n name=\"dms-vpc-role\",\n description=\"Allows DMS to manage VPC\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": \"dms.amazonaws.com\",\n },\n \"action\": \"sts:AssumeRole\",\n }],\n }))\nexample = aws.iam.RolePolicyAttachment(\"example\",\n role=dms_vpc_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\")\nexample_replication_subnet_group = aws.dms.ReplicationSubnetGroup(\"example\",\n replication_subnet_group_description=\"Example\",\n replication_subnet_group_id=\"example-id\",\n subnet_ids=[\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags={\n \"Name\": \"example-id\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dms_vpc_role = new Aws.Iam.Role(\"dms-vpc-role\", new()\n {\n Name = \"dms-vpc-role\",\n Description = \"Allows DMS to manage VPC\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"dms.amazonaws.com\",\n },\n [\"action\"] = \"sts:AssumeRole\",\n },\n },\n }),\n });\n\n var example = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = dms_vpc_role.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n });\n\n var exampleReplicationSubnetGroup = new Aws.Dms.ReplicationSubnetGroup(\"example\", new()\n {\n ReplicationSubnetGroupDescription = \"Example\",\n ReplicationSubnetGroupId = \"example-id\",\n SubnetIds = new[]\n {\n \"subnet-12345678\",\n \"subnet-12345679\",\n },\n Tags = \n {\n { \"Name\", \"example-id\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"dms.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRole(ctx, \"dms-vpc-role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"dms-vpc-role\"),\n\t\t\tDescription: pulumi.String(\"Allows DMS to manage VPC\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: dms_vpc_role.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dms.NewReplicationSubnetGroup(ctx, \"example\", \u0026dms.ReplicationSubnetGroupArgs{\n\t\t\tReplicationSubnetGroupDescription: pulumi.String(\"Example\"),\n\t\t\tReplicationSubnetGroupId: pulumi.String(\"example-id\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-12345678\"),\n\t\t\t\tpulumi.String(\"subnet-12345679\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-id\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.dms.ReplicationSubnetGroup;\nimport com.pulumi.aws.dms.ReplicationSubnetGroupArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dms_vpc_role = new Role(\"dms-vpc-role\", RoleArgs.builder() \n .name(\"dms-vpc-role\")\n .description(\"Allows DMS to manage VPC\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"dms.amazonaws.com\")\n )),\n jsonProperty(\"action\", \"sts:AssumeRole\")\n )))\n )))\n .build());\n\n var example = new RolePolicyAttachment(\"example\", RolePolicyAttachmentArgs.builder() \n .role(dms_vpc_role.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\")\n .build());\n\n var exampleReplicationSubnetGroup = new ReplicationSubnetGroup(\"exampleReplicationSubnetGroup\", ReplicationSubnetGroupArgs.builder() \n .replicationSubnetGroupDescription(\"Example\")\n .replicationSubnetGroupId(\"example-id\")\n .subnetIds( \n \"subnet-12345678\",\n \"subnet-12345679\")\n .tags(Map.of(\"Name\", \"example-id\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dms-vpc-role:\n type: aws:iam:Role\n properties:\n name: dms-vpc-role\n description: Allows DMS to manage VPC\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - effect: Allow\n principal:\n service: dms.amazonaws.com\n action: sts:AssumeRole\n example:\n type: aws:iam:RolePolicyAttachment\n properties:\n role: ${[\"dms-vpc-role\"].name}\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\n exampleReplicationSubnetGroup:\n type: aws:dms:ReplicationSubnetGroup\n name: example\n properties:\n replicationSubnetGroupDescription: Example\n replicationSubnetGroupId: example-id\n subnetIds:\n - subnet-12345678\n - subnet-12345679\n tags:\n Name: example-id\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import replication subnet groups using the `replication_subnet_group_id`. For example:\n\n```sh\n$ pulumi import aws:dms/replicationSubnetGroup:ReplicationSubnetGroup test test-dms-replication-subnet-group-tf\n```\n", + "description": "Provides a DMS (Data Migration Service) replication subnet group resource. DMS replication subnet groups can be created, updated, deleted, and imported.\n\n\u003e **Note:** AWS requires a special IAM role called `dms-vpc-role` when using this resource. See the example below to create it as part of your configuration.\n\n## Example Usage\n\n### Basic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Create a new replication subnet group\nconst example = new aws.dms.ReplicationSubnetGroup(\"example\", {\n replicationSubnetGroupDescription: \"Example replication subnet group\",\n replicationSubnetGroupId: \"example-dms-replication-subnet-group-tf\",\n subnetIds: [\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags: {\n Name: \"example\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Create a new replication subnet group\nexample = aws.dms.ReplicationSubnetGroup(\"example\",\n replication_subnet_group_description=\"Example replication subnet group\",\n replication_subnet_group_id=\"example-dms-replication-subnet-group-tf\",\n subnet_ids=[\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags={\n \"Name\": \"example\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create a new replication subnet group\n var example = new Aws.Dms.ReplicationSubnetGroup(\"example\", new()\n {\n ReplicationSubnetGroupDescription = \"Example replication subnet group\",\n ReplicationSubnetGroupId = \"example-dms-replication-subnet-group-tf\",\n SubnetIds = new[]\n {\n \"subnet-12345678\",\n \"subnet-12345679\",\n },\n Tags = \n {\n { \"Name\", \"example\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create a new replication subnet group\n\t\t_, err := dms.NewReplicationSubnetGroup(ctx, \"example\", \u0026dms.ReplicationSubnetGroupArgs{\n\t\t\tReplicationSubnetGroupDescription: pulumi.String(\"Example replication subnet group\"),\n\t\t\tReplicationSubnetGroupId: pulumi.String(\"example-dms-replication-subnet-group-tf\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-12345678\"),\n\t\t\t\tpulumi.String(\"subnet-12345679\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.ReplicationSubnetGroup;\nimport com.pulumi.aws.dms.ReplicationSubnetGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create a new replication subnet group\n var example = new ReplicationSubnetGroup(\"example\", ReplicationSubnetGroupArgs.builder() \n .replicationSubnetGroupDescription(\"Example replication subnet group\")\n .replicationSubnetGroupId(\"example-dms-replication-subnet-group-tf\")\n .subnetIds( \n \"subnet-12345678\",\n \"subnet-12345679\")\n .tags(Map.of(\"Name\", \"example\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create a new replication subnet group\n example:\n type: aws:dms:ReplicationSubnetGroup\n properties:\n replicationSubnetGroupDescription: Example replication subnet group\n replicationSubnetGroupId: example-dms-replication-subnet-group-tf\n subnetIds:\n - subnet-12345678\n - subnet-12345679\n tags:\n Name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Creating special IAM role\n\nIf your account does not already include the `dms-vpc-role` IAM role, you will need to create it to allow DMS to manage subnets in the VPC.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst dms_vpc_role = new aws.iam.Role(\"dms-vpc-role\", {\n name: \"dms-vpc-role\",\n description: \"Allows DMS to manage VPC\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Principal: {\n Service: \"dms.amazonaws.com\",\n },\n Action: \"sts:AssumeRole\",\n }],\n }),\n});\nconst example = new aws.iam.RolePolicyAttachment(\"example\", {\n role: dms_vpc_role.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n});\nconst exampleReplicationSubnetGroup = new aws.dms.ReplicationSubnetGroup(\"example\", {\n replicationSubnetGroupDescription: \"Example\",\n replicationSubnetGroupId: \"example-id\",\n subnetIds: [\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags: {\n Name: \"example-id\",\n },\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ndms_vpc_role = aws.iam.Role(\"dms-vpc-role\",\n name=\"dms-vpc-role\",\n description=\"Allows DMS to manage VPC\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dms.amazonaws.com\",\n },\n \"Action\": \"sts:AssumeRole\",\n }],\n }))\nexample = aws.iam.RolePolicyAttachment(\"example\",\n role=dms_vpc_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\")\nexample_replication_subnet_group = aws.dms.ReplicationSubnetGroup(\"example\",\n replication_subnet_group_description=\"Example\",\n replication_subnet_group_id=\"example-id\",\n subnet_ids=[\n \"subnet-12345678\",\n \"subnet-12345679\",\n ],\n tags={\n \"Name\": \"example-id\",\n },\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dms_vpc_role = new Aws.Iam.Role(\"dms-vpc-role\", new()\n {\n Name = \"dms-vpc-role\",\n Description = \"Allows DMS to manage VPC\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dms.amazonaws.com\",\n },\n [\"Action\"] = \"sts:AssumeRole\",\n },\n },\n }),\n });\n\n var example = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = dms_vpc_role.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\",\n });\n\n var exampleReplicationSubnetGroup = new Aws.Dms.ReplicationSubnetGroup(\"example\", new()\n {\n ReplicationSubnetGroupDescription = \"Example\",\n ReplicationSubnetGroupId = \"example-id\",\n SubnetIds = new[]\n {\n \"subnet-12345678\",\n \"subnet-12345679\",\n },\n Tags = \n {\n { \"Name\", \"example-id\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dms.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRole(ctx, \"dms-vpc-role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"dms-vpc-role\"),\n\t\t\tDescription: pulumi.String(\"Allows DMS to manage VPC\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: dms_vpc_role.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dms.NewReplicationSubnetGroup(ctx, \"example\", \u0026dms.ReplicationSubnetGroupArgs{\n\t\t\tReplicationSubnetGroupDescription: pulumi.String(\"Example\"),\n\t\t\tReplicationSubnetGroupId: pulumi.String(\"example-id\"),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-12345678\"),\n\t\t\t\tpulumi.String(\"subnet-12345679\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example-id\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.dms.ReplicationSubnetGroup;\nimport com.pulumi.aws.dms.ReplicationSubnetGroupArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dms_vpc_role = new Role(\"dms-vpc-role\", RoleArgs.builder() \n .name(\"dms-vpc-role\")\n .description(\"Allows DMS to manage VPC\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dms.amazonaws.com\")\n )),\n jsonProperty(\"Action\", \"sts:AssumeRole\")\n )))\n )))\n .build());\n\n var example = new RolePolicyAttachment(\"example\", RolePolicyAttachmentArgs.builder() \n .role(dms_vpc_role.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\")\n .build());\n\n var exampleReplicationSubnetGroup = new ReplicationSubnetGroup(\"exampleReplicationSubnetGroup\", ReplicationSubnetGroupArgs.builder() \n .replicationSubnetGroupDescription(\"Example\")\n .replicationSubnetGroupId(\"example-id\")\n .subnetIds( \n \"subnet-12345678\",\n \"subnet-12345679\")\n .tags(Map.of(\"Name\", \"example-id\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dms-vpc-role:\n type: aws:iam:Role\n properties:\n name: dms-vpc-role\n description: Allows DMS to manage VPC\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Principal:\n Service: dms.amazonaws.com\n Action: sts:AssumeRole\n example:\n type: aws:iam:RolePolicyAttachment\n properties:\n role: ${[\"dms-vpc-role\"].name}\n policyArn: arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole\n exampleReplicationSubnetGroup:\n type: aws:dms:ReplicationSubnetGroup\n name: example\n properties:\n replicationSubnetGroupDescription: Example\n replicationSubnetGroupId: example-id\n subnetIds:\n - subnet-12345678\n - subnet-12345679\n tags:\n Name: example-id\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import replication subnet groups using the `replication_subnet_group_id`. For example:\n\n```sh\n$ pulumi import aws:dms/replicationSubnetGroup:ReplicationSubnetGroup test test-dms-replication-subnet-group-tf\n```\n", "properties": { "replicationSubnetGroupArn": { "type": "string" @@ -205836,7 +205836,7 @@ } }, "aws:dms/s3Endpoint:S3Endpoint": { - "description": "Provides a DMS (Data Migration Service) S3 endpoint resource. DMS S3 endpoints can be created, updated, deleted, and imported.\n\n\u003e **Note:** AWS is deprecating `extra_connection_attributes`, such as used with `aws.dms.Endpoint`. This resource is an alternative to `aws.dms.Endpoint` and does not use `extra_connection_attributes`. (AWS currently includes `extra_connection_attributes` in the raw responses to the AWS Provider requests and so they may be visible in the logs.)\n\n\u003e **Note:** Some of this resource's arguments have default values that come from the AWS Provider. Other default values are provided by AWS and subject to change without notice. When relying on AWS defaults, the provider state will often have a zero value. For example, the AWS Provider does not provide a default for `cdc_max_batch_interval` but the AWS default is `60` (seconds). However, the provider state will show `0` since this is the value return by AWS when no value is present. Below, we aim to flag the defaults that come from AWS (_e.g._, \"AWS default...\").\n\n## Example Usage\n\n### Minimal Configuration\n\nThis is the minimal configuration for an `aws.dms.S3Endpoint`. This endpoint will rely on the AWS Provider and AWS defaults.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dms.S3Endpoint(\"example\", {\n endpointId: \"donnedtipi\",\n endpointType: \"target\",\n bucketName: \"beckut_name\",\n serviceAccessRoleArn: exampleAwsIamRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dms.S3Endpoint(\"example\",\n endpoint_id=\"donnedtipi\",\n endpoint_type=\"target\",\n bucket_name=\"beckut_name\",\n service_access_role_arn=example_aws_iam_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Dms.S3Endpoint(\"example\", new()\n {\n EndpointId = \"donnedtipi\",\n EndpointType = \"target\",\n BucketName = \"beckut_name\",\n ServiceAccessRoleArn = exampleAwsIamRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.NewS3Endpoint(ctx, \"example\", \u0026dms.S3EndpointArgs{\n\t\t\tEndpointId: pulumi.String(\"donnedtipi\"),\n\t\t\tEndpointType: pulumi.String(\"target\"),\n\t\t\tBucketName: pulumi.String(\"beckut_name\"),\n\t\t\tServiceAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.S3Endpoint;\nimport com.pulumi.aws.dms.S3EndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new S3Endpoint(\"example\", S3EndpointArgs.builder() \n .endpointId(\"donnedtipi\")\n .endpointType(\"target\")\n .bucketName(\"beckut_name\")\n .serviceAccessRoleArn(exampleAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dms:S3Endpoint\n properties:\n endpointId: donnedtipi\n endpointType: target\n bucketName: beckut_name\n serviceAccessRoleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Complete Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dms.S3Endpoint(\"example\", {\n endpointId: \"donnedtipi\",\n endpointType: \"target\",\n sslMode: \"none\",\n tags: {\n Name: \"donnedtipi\",\n Update: \"to-update\",\n Remove: \"to-remove\",\n },\n addColumnName: true,\n addTrailingPaddingCharacter: false,\n bucketFolder: \"folder\",\n bucketName: \"bucket_name\",\n cannedAclForObjects: \"private\",\n cdcInsertsAndUpdates: true,\n cdcInsertsOnly: false,\n cdcMaxBatchInterval: 100,\n cdcMinFileSize: 16,\n cdcPath: \"cdc/path\",\n compressionType: \"GZIP\",\n csvDelimiter: \";\",\n csvNoSupValue: \"x\",\n csvNullValue: \"?\",\n csvRowDelimiter: \"\\\\r\\\\n\",\n dataFormat: \"parquet\",\n dataPageSize: 1100000,\n datePartitionDelimiter: \"UNDERSCORE\",\n datePartitionEnabled: true,\n datePartitionSequence: \"yyyymmddhh\",\n datePartitionTimezone: \"Asia/Seoul\",\n dictPageSizeLimit: 1000000,\n enableStatistics: false,\n encodingType: \"plain\",\n encryptionMode: \"SSE_S3\",\n expectedBucketOwner: current.accountId,\n externalTableDefinition: \"etd\",\n ignoreHeaderRows: 1,\n includeOpForFullLoad: true,\n maxFileSize: 1000000,\n parquetTimestampInMillisecond: true,\n parquetVersion: \"parquet-2-0\",\n preserveTransactions: false,\n rfc4180: false,\n rowGroupLength: 11000,\n serverSideEncryptionKmsKeyId: exampleAwsKmsKey.arn,\n serviceAccessRoleArn: exampleAwsIamRole.arn,\n timestampColumnName: \"tx_commit_time\",\n useCsvNoSupValue: false,\n useTaskStartTimeForFullLoadTimestamp: true,\n glueCatalogGeneration: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dms.S3Endpoint(\"example\",\n endpoint_id=\"donnedtipi\",\n endpoint_type=\"target\",\n ssl_mode=\"none\",\n tags={\n \"Name\": \"donnedtipi\",\n \"Update\": \"to-update\",\n \"Remove\": \"to-remove\",\n },\n add_column_name=True,\n add_trailing_padding_character=False,\n bucket_folder=\"folder\",\n bucket_name=\"bucket_name\",\n canned_acl_for_objects=\"private\",\n cdc_inserts_and_updates=True,\n cdc_inserts_only=False,\n cdc_max_batch_interval=100,\n cdc_min_file_size=16,\n cdc_path=\"cdc/path\",\n compression_type=\"GZIP\",\n csv_delimiter=\";\",\n csv_no_sup_value=\"x\",\n csv_null_value=\"?\",\n csv_row_delimiter=\"\\\\r\\\\n\",\n data_format=\"parquet\",\n data_page_size=1100000,\n date_partition_delimiter=\"UNDERSCORE\",\n date_partition_enabled=True,\n date_partition_sequence=\"yyyymmddhh\",\n date_partition_timezone=\"Asia/Seoul\",\n dict_page_size_limit=1000000,\n enable_statistics=False,\n encoding_type=\"plain\",\n encryption_mode=\"SSE_S3\",\n expected_bucket_owner=current[\"accountId\"],\n external_table_definition=\"etd\",\n ignore_header_rows=1,\n include_op_for_full_load=True,\n max_file_size=1000000,\n parquet_timestamp_in_millisecond=True,\n parquet_version=\"parquet-2-0\",\n preserve_transactions=False,\n rfc4180=False,\n row_group_length=11000,\n server_side_encryption_kms_key_id=example_aws_kms_key[\"arn\"],\n service_access_role_arn=example_aws_iam_role[\"arn\"],\n timestamp_column_name=\"tx_commit_time\",\n use_csv_no_sup_value=False,\n use_task_start_time_for_full_load_timestamp=True,\n glue_catalog_generation=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Dms.S3Endpoint(\"example\", new()\n {\n EndpointId = \"donnedtipi\",\n EndpointType = \"target\",\n SslMode = \"none\",\n Tags = \n {\n { \"Name\", \"donnedtipi\" },\n { \"Update\", \"to-update\" },\n { \"Remove\", \"to-remove\" },\n },\n AddColumnName = true,\n AddTrailingPaddingCharacter = false,\n BucketFolder = \"folder\",\n BucketName = \"bucket_name\",\n CannedAclForObjects = \"private\",\n CdcInsertsAndUpdates = true,\n CdcInsertsOnly = false,\n CdcMaxBatchInterval = 100,\n CdcMinFileSize = 16,\n CdcPath = \"cdc/path\",\n CompressionType = \"GZIP\",\n CsvDelimiter = \";\",\n CsvNoSupValue = \"x\",\n CsvNullValue = \"?\",\n CsvRowDelimiter = \"\\\\r\\\\n\",\n DataFormat = \"parquet\",\n DataPageSize = 1100000,\n DatePartitionDelimiter = \"UNDERSCORE\",\n DatePartitionEnabled = true,\n DatePartitionSequence = \"yyyymmddhh\",\n DatePartitionTimezone = \"Asia/Seoul\",\n DictPageSizeLimit = 1000000,\n EnableStatistics = false,\n EncodingType = \"plain\",\n EncryptionMode = \"SSE_S3\",\n ExpectedBucketOwner = current.AccountId,\n ExternalTableDefinition = \"etd\",\n IgnoreHeaderRows = 1,\n IncludeOpForFullLoad = true,\n MaxFileSize = 1000000,\n ParquetTimestampInMillisecond = true,\n ParquetVersion = \"parquet-2-0\",\n PreserveTransactions = false,\n Rfc4180 = false,\n RowGroupLength = 11000,\n ServerSideEncryptionKmsKeyId = exampleAwsKmsKey.Arn,\n ServiceAccessRoleArn = exampleAwsIamRole.Arn,\n TimestampColumnName = \"tx_commit_time\",\n UseCsvNoSupValue = false,\n UseTaskStartTimeForFullLoadTimestamp = true,\n GlueCatalogGeneration = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.NewS3Endpoint(ctx, \"example\", \u0026dms.S3EndpointArgs{\n\t\t\tEndpointId: pulumi.String(\"donnedtipi\"),\n\t\t\tEndpointType: pulumi.String(\"target\"),\n\t\t\tSslMode: pulumi.String(\"none\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"donnedtipi\"),\n\t\t\t\t\"Update\": pulumi.String(\"to-update\"),\n\t\t\t\t\"Remove\": pulumi.String(\"to-remove\"),\n\t\t\t},\n\t\t\tAddColumnName: pulumi.Bool(true),\n\t\t\tAddTrailingPaddingCharacter: pulumi.Bool(false),\n\t\t\tBucketFolder: pulumi.String(\"folder\"),\n\t\t\tBucketName: pulumi.String(\"bucket_name\"),\n\t\t\tCannedAclForObjects: pulumi.String(\"private\"),\n\t\t\tCdcInsertsAndUpdates: pulumi.Bool(true),\n\t\t\tCdcInsertsOnly: pulumi.Bool(false),\n\t\t\tCdcMaxBatchInterval: pulumi.Int(100),\n\t\t\tCdcMinFileSize: pulumi.Int(16),\n\t\t\tCdcPath: pulumi.String(\"cdc/path\"),\n\t\t\tCompressionType: pulumi.String(\"GZIP\"),\n\t\t\tCsvDelimiter: pulumi.String(\";\"),\n\t\t\tCsvNoSupValue: pulumi.String(\"x\"),\n\t\t\tCsvNullValue: pulumi.String(\"?\"),\n\t\t\tCsvRowDelimiter: pulumi.String(\"\\\\r\\\\n\"),\n\t\t\tDataFormat: pulumi.String(\"parquet\"),\n\t\t\tDataPageSize: pulumi.Int(1100000),\n\t\t\tDatePartitionDelimiter: pulumi.String(\"UNDERSCORE\"),\n\t\t\tDatePartitionEnabled: pulumi.Bool(true),\n\t\t\tDatePartitionSequence: pulumi.String(\"yyyymmddhh\"),\n\t\t\tDatePartitionTimezone: pulumi.String(\"Asia/Seoul\"),\n\t\t\tDictPageSizeLimit: pulumi.Int(1000000),\n\t\t\tEnableStatistics: pulumi.Bool(false),\n\t\t\tEncodingType: pulumi.String(\"plain\"),\n\t\t\tEncryptionMode: pulumi.String(\"SSE_S3\"),\n\t\t\tExpectedBucketOwner: pulumi.Any(current.AccountId),\n\t\t\tExternalTableDefinition: pulumi.String(\"etd\"),\n\t\t\tIgnoreHeaderRows: pulumi.Int(1),\n\t\t\tIncludeOpForFullLoad: pulumi.Bool(true),\n\t\t\tMaxFileSize: pulumi.Int(1000000),\n\t\t\tParquetTimestampInMillisecond: pulumi.Bool(true),\n\t\t\tParquetVersion: pulumi.String(\"parquet-2-0\"),\n\t\t\tPreserveTransactions: pulumi.Bool(false),\n\t\t\tRfc4180: pulumi.Bool(false),\n\t\t\tRowGroupLength: pulumi.Int(11000),\n\t\t\tServerSideEncryptionKmsKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\tServiceAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tTimestampColumnName: pulumi.String(\"tx_commit_time\"),\n\t\t\tUseCsvNoSupValue: pulumi.Bool(false),\n\t\t\tUseTaskStartTimeForFullLoadTimestamp: pulumi.Bool(true),\n\t\t\tGlueCatalogGeneration: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.S3Endpoint;\nimport com.pulumi.aws.dms.S3EndpointArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new S3Endpoint(\"example\", S3EndpointArgs.builder() \n .endpointId(\"donnedtipi\")\n .endpointType(\"target\")\n .sslMode(\"none\")\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"donnedtipi\"),\n Map.entry(\"Update\", \"to-update\"),\n Map.entry(\"Remove\", \"to-remove\")\n ))\n .addColumnName(true)\n .addTrailingPaddingCharacter(false)\n .bucketFolder(\"folder\")\n .bucketName(\"bucket_name\")\n .cannedAclForObjects(\"private\")\n .cdcInsertsAndUpdates(true)\n .cdcInsertsOnly(false)\n .cdcMaxBatchInterval(100)\n .cdcMinFileSize(16)\n .cdcPath(\"cdc/path\")\n .compressionType(\"GZIP\")\n .csvDelimiter(\";\")\n .csvNoSupValue(\"x\")\n .csvNullValue(\"?\")\n .csvRowDelimiter(\"\\\\r\\\\n\")\n .dataFormat(\"parquet\")\n .dataPageSize(1100000)\n .datePartitionDelimiter(\"UNDERSCORE\")\n .datePartitionEnabled(true)\n .datePartitionSequence(\"yyyymmddhh\")\n .datePartitionTimezone(\"Asia/Seoul\")\n .dictPageSizeLimit(1000000)\n .enableStatistics(false)\n .encodingType(\"plain\")\n .encryptionMode(\"SSE_S3\")\n .expectedBucketOwner(current.accountId())\n .externalTableDefinition(\"etd\")\n .ignoreHeaderRows(1)\n .includeOpForFullLoad(true)\n .maxFileSize(1000000)\n .parquetTimestampInMillisecond(true)\n .parquetVersion(\"parquet-2-0\")\n .preserveTransactions(false)\n .rfc4180(false)\n .rowGroupLength(11000)\n .serverSideEncryptionKmsKeyId(exampleAwsKmsKey.arn())\n .serviceAccessRoleArn(exampleAwsIamRole.arn())\n .timestampColumnName(\"tx_commit_time\")\n .useCsvNoSupValue(false)\n .useTaskStartTimeForFullLoadTimestamp(true)\n .glueCatalogGeneration(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dms:S3Endpoint\n properties:\n endpointId: donnedtipi\n endpointType: target\n sslMode: none\n tags:\n Name: donnedtipi\n Update: to-update\n Remove: to-remove\n addColumnName: true\n addTrailingPaddingCharacter: false\n bucketFolder: folder\n bucketName: bucket_name\n cannedAclForObjects: private\n cdcInsertsAndUpdates: true\n cdcInsertsOnly: false\n cdcMaxBatchInterval: 100\n cdcMinFileSize: 16\n cdcPath: cdc/path\n compressionType: GZIP\n csvDelimiter: ;\n csvNoSupValue: x\n csvNullValue: '?'\n csvRowDelimiter: \\r\\n\n dataFormat: parquet\n dataPageSize: 1.1e+06\n datePartitionDelimiter: UNDERSCORE\n datePartitionEnabled: true\n datePartitionSequence: yyyymmddhh\n datePartitionTimezone: Asia/Seoul\n dictPageSizeLimit: 1e+06\n enableStatistics: false\n encodingType: plain\n encryptionMode: SSE_S3\n expectedBucketOwner: ${current.accountId}\n externalTableDefinition: etd\n ignoreHeaderRows: 1\n includeOpForFullLoad: true\n maxFileSize: 1e+06\n parquetTimestampInMillisecond: true\n parquetVersion: parquet-2-0\n preserveTransactions: false\n rfc4180: false\n rowGroupLength: 11000\n serverSideEncryptionKmsKeyId: ${exampleAwsKmsKey.arn}\n serviceAccessRoleArn: ${exampleAwsIamRole.arn}\n timestampColumnName: tx_commit_time\n useCsvNoSupValue: false\n useTaskStartTimeForFullLoadTimestamp: true\n glueCatalogGeneration: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import endpoints using the `endpoint_id`. For example:\n\n```sh\n$ pulumi import aws:dms/s3Endpoint:S3Endpoint example example-dms-endpoint-tf\n```\n", + "description": "Provides a DMS (Data Migration Service) S3 endpoint resource. DMS S3 endpoints can be created, updated, deleted, and imported.\n\n\u003e **Note:** AWS is deprecating `extra_connection_attributes`, such as used with `aws.dms.Endpoint`. This resource is an alternative to `aws.dms.Endpoint` and does not use `extra_connection_attributes`. (AWS currently includes `extra_connection_attributes` in the raw responses to the AWS Provider requests and so they may be visible in the logs.)\n\n\u003e **Note:** Some of this resource's arguments have default values that come from the AWS Provider. Other default values are provided by AWS and subject to change without notice. When relying on AWS defaults, the provider state will often have a zero value. For example, the AWS Provider does not provide a default for `cdc_max_batch_interval` but the AWS default is `60` (seconds). However, the provider state will show `0` since this is the value return by AWS when no value is present. Below, we aim to flag the defaults that come from AWS (_e.g._, \"AWS default...\").\n\n## Example Usage\n\n### Minimal Configuration\n\nThis is the minimal configuration for an `aws.dms.S3Endpoint`. This endpoint will rely on the AWS Provider and AWS defaults.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dms.S3Endpoint(\"example\", {\n endpointId: \"donnedtipi\",\n endpointType: \"target\",\n bucketName: \"beckut_name\",\n serviceAccessRoleArn: exampleAwsIamRole.arn,\n}, {\n dependsOn: [exampleAwsIamRolePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dms.S3Endpoint(\"example\",\n endpoint_id=\"donnedtipi\",\n endpoint_type=\"target\",\n bucket_name=\"beckut_name\",\n service_access_role_arn=example_aws_iam_role[\"arn\"],\n opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Dms.S3Endpoint(\"example\", new()\n {\n EndpointId = \"donnedtipi\",\n EndpointType = \"target\",\n BucketName = \"beckut_name\",\n ServiceAccessRoleArn = exampleAwsIamRole.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicy, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.NewS3Endpoint(ctx, \"example\", \u0026dms.S3EndpointArgs{\n\t\t\tEndpointId: pulumi.String(\"donnedtipi\"),\n\t\t\tEndpointType: pulumi.String(\"target\"),\n\t\t\tBucketName: pulumi.String(\"beckut_name\"),\n\t\t\tServiceAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.S3Endpoint;\nimport com.pulumi.aws.dms.S3EndpointArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new S3Endpoint(\"example\", S3EndpointArgs.builder() \n .endpointId(\"donnedtipi\")\n .endpointType(\"target\")\n .bucketName(\"beckut_name\")\n .serviceAccessRoleArn(exampleAwsIamRole.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dms:S3Endpoint\n properties:\n endpointId: donnedtipi\n endpointType: target\n bucketName: beckut_name\n serviceAccessRoleArn: ${exampleAwsIamRole.arn}\n options:\n dependson:\n - ${exampleAwsIamRolePolicy}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Complete Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.dms.S3Endpoint(\"example\", {\n endpointId: \"donnedtipi\",\n endpointType: \"target\",\n sslMode: \"none\",\n tags: {\n Name: \"donnedtipi\",\n Update: \"to-update\",\n Remove: \"to-remove\",\n },\n addColumnName: true,\n addTrailingPaddingCharacter: false,\n bucketFolder: \"folder\",\n bucketName: \"bucket_name\",\n cannedAclForObjects: \"private\",\n cdcInsertsAndUpdates: true,\n cdcInsertsOnly: false,\n cdcMaxBatchInterval: 100,\n cdcMinFileSize: 16,\n cdcPath: \"cdc/path\",\n compressionType: \"GZIP\",\n csvDelimiter: \";\",\n csvNoSupValue: \"x\",\n csvNullValue: \"?\",\n csvRowDelimiter: \"\\\\r\\\\n\",\n dataFormat: \"parquet\",\n dataPageSize: 1100000,\n datePartitionDelimiter: \"UNDERSCORE\",\n datePartitionEnabled: true,\n datePartitionSequence: \"yyyymmddhh\",\n datePartitionTimezone: \"Asia/Seoul\",\n dictPageSizeLimit: 1000000,\n enableStatistics: false,\n encodingType: \"plain\",\n encryptionMode: \"SSE_S3\",\n expectedBucketOwner: current.accountId,\n externalTableDefinition: \"etd\",\n ignoreHeaderRows: 1,\n includeOpForFullLoad: true,\n maxFileSize: 1000000,\n parquetTimestampInMillisecond: true,\n parquetVersion: \"parquet-2-0\",\n preserveTransactions: false,\n rfc4180: false,\n rowGroupLength: 11000,\n serverSideEncryptionKmsKeyId: exampleAwsKmsKey.arn,\n serviceAccessRoleArn: exampleAwsIamRole.arn,\n timestampColumnName: \"tx_commit_time\",\n useCsvNoSupValue: false,\n useTaskStartTimeForFullLoadTimestamp: true,\n glueCatalogGeneration: true,\n}, {\n dependsOn: [exampleAwsIamRolePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.dms.S3Endpoint(\"example\",\n endpoint_id=\"donnedtipi\",\n endpoint_type=\"target\",\n ssl_mode=\"none\",\n tags={\n \"Name\": \"donnedtipi\",\n \"Update\": \"to-update\",\n \"Remove\": \"to-remove\",\n },\n add_column_name=True,\n add_trailing_padding_character=False,\n bucket_folder=\"folder\",\n bucket_name=\"bucket_name\",\n canned_acl_for_objects=\"private\",\n cdc_inserts_and_updates=True,\n cdc_inserts_only=False,\n cdc_max_batch_interval=100,\n cdc_min_file_size=16,\n cdc_path=\"cdc/path\",\n compression_type=\"GZIP\",\n csv_delimiter=\";\",\n csv_no_sup_value=\"x\",\n csv_null_value=\"?\",\n csv_row_delimiter=\"\\\\r\\\\n\",\n data_format=\"parquet\",\n data_page_size=1100000,\n date_partition_delimiter=\"UNDERSCORE\",\n date_partition_enabled=True,\n date_partition_sequence=\"yyyymmddhh\",\n date_partition_timezone=\"Asia/Seoul\",\n dict_page_size_limit=1000000,\n enable_statistics=False,\n encoding_type=\"plain\",\n encryption_mode=\"SSE_S3\",\n expected_bucket_owner=current[\"accountId\"],\n external_table_definition=\"etd\",\n ignore_header_rows=1,\n include_op_for_full_load=True,\n max_file_size=1000000,\n parquet_timestamp_in_millisecond=True,\n parquet_version=\"parquet-2-0\",\n preserve_transactions=False,\n rfc4180=False,\n row_group_length=11000,\n server_side_encryption_kms_key_id=example_aws_kms_key[\"arn\"],\n service_access_role_arn=example_aws_iam_role[\"arn\"],\n timestamp_column_name=\"tx_commit_time\",\n use_csv_no_sup_value=False,\n use_task_start_time_for_full_load_timestamp=True,\n glue_catalog_generation=True,\n opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Dms.S3Endpoint(\"example\", new()\n {\n EndpointId = \"donnedtipi\",\n EndpointType = \"target\",\n SslMode = \"none\",\n Tags = \n {\n { \"Name\", \"donnedtipi\" },\n { \"Update\", \"to-update\" },\n { \"Remove\", \"to-remove\" },\n },\n AddColumnName = true,\n AddTrailingPaddingCharacter = false,\n BucketFolder = \"folder\",\n BucketName = \"bucket_name\",\n CannedAclForObjects = \"private\",\n CdcInsertsAndUpdates = true,\n CdcInsertsOnly = false,\n CdcMaxBatchInterval = 100,\n CdcMinFileSize = 16,\n CdcPath = \"cdc/path\",\n CompressionType = \"GZIP\",\n CsvDelimiter = \";\",\n CsvNoSupValue = \"x\",\n CsvNullValue = \"?\",\n CsvRowDelimiter = \"\\\\r\\\\n\",\n DataFormat = \"parquet\",\n DataPageSize = 1100000,\n DatePartitionDelimiter = \"UNDERSCORE\",\n DatePartitionEnabled = true,\n DatePartitionSequence = \"yyyymmddhh\",\n DatePartitionTimezone = \"Asia/Seoul\",\n DictPageSizeLimit = 1000000,\n EnableStatistics = false,\n EncodingType = \"plain\",\n EncryptionMode = \"SSE_S3\",\n ExpectedBucketOwner = current.AccountId,\n ExternalTableDefinition = \"etd\",\n IgnoreHeaderRows = 1,\n IncludeOpForFullLoad = true,\n MaxFileSize = 1000000,\n ParquetTimestampInMillisecond = true,\n ParquetVersion = \"parquet-2-0\",\n PreserveTransactions = false,\n Rfc4180 = false,\n RowGroupLength = 11000,\n ServerSideEncryptionKmsKeyId = exampleAwsKmsKey.Arn,\n ServiceAccessRoleArn = exampleAwsIamRole.Arn,\n TimestampColumnName = \"tx_commit_time\",\n UseCsvNoSupValue = false,\n UseTaskStartTimeForFullLoadTimestamp = true,\n GlueCatalogGeneration = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicy, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dms.NewS3Endpoint(ctx, \"example\", \u0026dms.S3EndpointArgs{\n\t\t\tEndpointId: pulumi.String(\"donnedtipi\"),\n\t\t\tEndpointType: pulumi.String(\"target\"),\n\t\t\tSslMode: pulumi.String(\"none\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"donnedtipi\"),\n\t\t\t\t\"Update\": pulumi.String(\"to-update\"),\n\t\t\t\t\"Remove\": pulumi.String(\"to-remove\"),\n\t\t\t},\n\t\t\tAddColumnName: pulumi.Bool(true),\n\t\t\tAddTrailingPaddingCharacter: pulumi.Bool(false),\n\t\t\tBucketFolder: pulumi.String(\"folder\"),\n\t\t\tBucketName: pulumi.String(\"bucket_name\"),\n\t\t\tCannedAclForObjects: pulumi.String(\"private\"),\n\t\t\tCdcInsertsAndUpdates: pulumi.Bool(true),\n\t\t\tCdcInsertsOnly: pulumi.Bool(false),\n\t\t\tCdcMaxBatchInterval: pulumi.Int(100),\n\t\t\tCdcMinFileSize: pulumi.Int(16),\n\t\t\tCdcPath: pulumi.String(\"cdc/path\"),\n\t\t\tCompressionType: pulumi.String(\"GZIP\"),\n\t\t\tCsvDelimiter: pulumi.String(\";\"),\n\t\t\tCsvNoSupValue: pulumi.String(\"x\"),\n\t\t\tCsvNullValue: pulumi.String(\"?\"),\n\t\t\tCsvRowDelimiter: pulumi.String(\"\\\\r\\\\n\"),\n\t\t\tDataFormat: pulumi.String(\"parquet\"),\n\t\t\tDataPageSize: pulumi.Int(1100000),\n\t\t\tDatePartitionDelimiter: pulumi.String(\"UNDERSCORE\"),\n\t\t\tDatePartitionEnabled: pulumi.Bool(true),\n\t\t\tDatePartitionSequence: pulumi.String(\"yyyymmddhh\"),\n\t\t\tDatePartitionTimezone: pulumi.String(\"Asia/Seoul\"),\n\t\t\tDictPageSizeLimit: pulumi.Int(1000000),\n\t\t\tEnableStatistics: pulumi.Bool(false),\n\t\t\tEncodingType: pulumi.String(\"plain\"),\n\t\t\tEncryptionMode: pulumi.String(\"SSE_S3\"),\n\t\t\tExpectedBucketOwner: pulumi.Any(current.AccountId),\n\t\t\tExternalTableDefinition: pulumi.String(\"etd\"),\n\t\t\tIgnoreHeaderRows: pulumi.Int(1),\n\t\t\tIncludeOpForFullLoad: pulumi.Bool(true),\n\t\t\tMaxFileSize: pulumi.Int(1000000),\n\t\t\tParquetTimestampInMillisecond: pulumi.Bool(true),\n\t\t\tParquetVersion: pulumi.String(\"parquet-2-0\"),\n\t\t\tPreserveTransactions: pulumi.Bool(false),\n\t\t\tRfc4180: pulumi.Bool(false),\n\t\t\tRowGroupLength: pulumi.Int(11000),\n\t\t\tServerSideEncryptionKmsKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\tServiceAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tTimestampColumnName: pulumi.String(\"tx_commit_time\"),\n\t\t\tUseCsvNoSupValue: pulumi.Bool(false),\n\t\t\tUseTaskStartTimeForFullLoadTimestamp: pulumi.Bool(true),\n\t\t\tGlueCatalogGeneration: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dms.S3Endpoint;\nimport com.pulumi.aws.dms.S3EndpointArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new S3Endpoint(\"example\", S3EndpointArgs.builder() \n .endpointId(\"donnedtipi\")\n .endpointType(\"target\")\n .sslMode(\"none\")\n .tags(Map.ofEntries(\n Map.entry(\"Name\", \"donnedtipi\"),\n Map.entry(\"Update\", \"to-update\"),\n Map.entry(\"Remove\", \"to-remove\")\n ))\n .addColumnName(true)\n .addTrailingPaddingCharacter(false)\n .bucketFolder(\"folder\")\n .bucketName(\"bucket_name\")\n .cannedAclForObjects(\"private\")\n .cdcInsertsAndUpdates(true)\n .cdcInsertsOnly(false)\n .cdcMaxBatchInterval(100)\n .cdcMinFileSize(16)\n .cdcPath(\"cdc/path\")\n .compressionType(\"GZIP\")\n .csvDelimiter(\";\")\n .csvNoSupValue(\"x\")\n .csvNullValue(\"?\")\n .csvRowDelimiter(\"\\\\r\\\\n\")\n .dataFormat(\"parquet\")\n .dataPageSize(1100000)\n .datePartitionDelimiter(\"UNDERSCORE\")\n .datePartitionEnabled(true)\n .datePartitionSequence(\"yyyymmddhh\")\n .datePartitionTimezone(\"Asia/Seoul\")\n .dictPageSizeLimit(1000000)\n .enableStatistics(false)\n .encodingType(\"plain\")\n .encryptionMode(\"SSE_S3\")\n .expectedBucketOwner(current.accountId())\n .externalTableDefinition(\"etd\")\n .ignoreHeaderRows(1)\n .includeOpForFullLoad(true)\n .maxFileSize(1000000)\n .parquetTimestampInMillisecond(true)\n .parquetVersion(\"parquet-2-0\")\n .preserveTransactions(false)\n .rfc4180(false)\n .rowGroupLength(11000)\n .serverSideEncryptionKmsKeyId(exampleAwsKmsKey.arn())\n .serviceAccessRoleArn(exampleAwsIamRole.arn())\n .timestampColumnName(\"tx_commit_time\")\n .useCsvNoSupValue(false)\n .useTaskStartTimeForFullLoadTimestamp(true)\n .glueCatalogGeneration(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:dms:S3Endpoint\n properties:\n endpointId: donnedtipi\n endpointType: target\n sslMode: none\n tags:\n Name: donnedtipi\n Update: to-update\n Remove: to-remove\n addColumnName: true\n addTrailingPaddingCharacter: false\n bucketFolder: folder\n bucketName: bucket_name\n cannedAclForObjects: private\n cdcInsertsAndUpdates: true\n cdcInsertsOnly: false\n cdcMaxBatchInterval: 100\n cdcMinFileSize: 16\n cdcPath: cdc/path\n compressionType: GZIP\n csvDelimiter: ;\n csvNoSupValue: x\n csvNullValue: '?'\n csvRowDelimiter: \\r\\n\n dataFormat: parquet\n dataPageSize: 1.1e+06\n datePartitionDelimiter: UNDERSCORE\n datePartitionEnabled: true\n datePartitionSequence: yyyymmddhh\n datePartitionTimezone: Asia/Seoul\n dictPageSizeLimit: 1e+06\n enableStatistics: false\n encodingType: plain\n encryptionMode: SSE_S3\n expectedBucketOwner: ${current.accountId}\n externalTableDefinition: etd\n ignoreHeaderRows: 1\n includeOpForFullLoad: true\n maxFileSize: 1e+06\n parquetTimestampInMillisecond: true\n parquetVersion: parquet-2-0\n preserveTransactions: false\n rfc4180: false\n rowGroupLength: 11000\n serverSideEncryptionKmsKeyId: ${exampleAwsKmsKey.arn}\n serviceAccessRoleArn: ${exampleAwsIamRole.arn}\n timestampColumnName: tx_commit_time\n useCsvNoSupValue: false\n useTaskStartTimeForFullLoadTimestamp: true\n glueCatalogGeneration: true\n options:\n dependson:\n - ${exampleAwsIamRolePolicy}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import endpoints using the `endpoint_id`. For example:\n\n```sh\n$ pulumi import aws:dms/s3Endpoint:S3Endpoint example example-dms-endpoint-tf\n```\n", "properties": { "addColumnName": { "type": "boolean", @@ -208040,7 +208040,7 @@ } }, "aws:docdb/globalCluster:GlobalCluster": { - "description": "Manages an DocumentDB Global Cluster. A global cluster consists of one primary region and up to five read-only secondary regions. You issue write operations directly to the primary cluster in the primary region and Amazon DocumentDB automatically replicates the data to the secondary regions using dedicated infrastructure.\n\nMore information about DocumentDB Global Clusters can be found in the [DocumentDB Developer Guide](https://docs.aws.amazon.com/documentdb/latest/developerguide/global-clusters.html).\n\n## Example Usage\n\n### New DocumentDB Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"docdb\",\n engineVersion: \"4.0.0\",\n});\nconst primary = new aws.docdb.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n masterUsername: \"username\",\n masterPassword: \"somepass123\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.docdb.ClusterInstance(\"primary\", {\n engine: example.engine,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: \"db.r5.large\",\n});\nconst secondary = new aws.docdb.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst secondaryClusterInstance = new aws.docdb.ClusterInstance(\"secondary\", {\n engine: example.engine,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: \"db.r5.large\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"docdb\",\n engine_version=\"4.0.0\")\nprimary = aws.docdb.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n master_username=\"username\",\n master_password=\"somepass123\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.docdb.ClusterInstance(\"primary\",\n engine=example.engine,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=\"db.r5.large\")\nsecondary = aws.docdb.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nsecondary_cluster_instance = aws.docdb.ClusterInstance(\"secondary\",\n engine=example.engine,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=\"db.r5.large\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DocDB.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"docdb\",\n EngineVersion = \"4.0.0\",\n });\n\n var primary = new Aws.DocDB.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n MasterUsername = \"username\",\n MasterPassword = \"somepass123\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.DocDB.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = \"db.r5.large\",\n });\n\n var secondary = new Aws.DocDB.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var secondaryClusterInstance = new Aws.DocDB.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = \"db.r5.large\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := docdb.NewGlobalCluster(ctx, \"example\", \u0026docdb.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"docdb\"),\n\t\t\tEngineVersion: pulumi.String(\"4.0.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := docdb.NewCluster(ctx, \"primary\", \u0026docdb.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tMasterUsername: pulumi.String(\"username\"),\n\t\t\tMasterPassword: pulumi.String(\"somepass123\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = docdb.NewClusterInstance(ctx, \"primary\", \u0026docdb.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := docdb.NewCluster(ctx, \"secondary\", \u0026docdb.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = docdb.NewClusterInstance(ctx, \"secondary\", \u0026docdb.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.GlobalCluster;\nimport com.pulumi.aws.docdb.GlobalClusterArgs;\nimport com.pulumi.aws.docdb.Cluster;\nimport com.pulumi.aws.docdb.ClusterArgs;\nimport com.pulumi.aws.docdb.ClusterInstance;\nimport com.pulumi.aws.docdb.ClusterInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"global-test\")\n .engine(\"docdb\")\n .engineVersion(\"4.0.0\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .masterUsername(\"username\")\n .masterPassword(\"somepass123\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r5.large\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r5.large\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:docdb:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: docdb\n engineVersion: 4.0.0\n primary:\n type: aws:docdb:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n masterUsername: username\n masterPassword: somepass123\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n primaryClusterInstance:\n type: aws:docdb:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r5.large\n secondary:\n type: aws:docdb:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n secondaryClusterInstance:\n type: aws:docdb:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r5.large\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New Global Cluster From Existing DB Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.Cluster(\"example\", {});\nconst exampleGlobalCluster = new aws.docdb.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"example\",\n sourceDbClusterIdentifier: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.Cluster(\"example\")\nexample_global_cluster = aws.docdb.GlobalCluster(\"example\",\n global_cluster_identifier=\"example\",\n source_db_cluster_identifier=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DocDB.Cluster(\"example\");\n\n var exampleGlobalCluster = new Aws.DocDB.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"example\",\n SourceDbClusterIdentifier = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := docdb.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = docdb.NewGlobalCluster(ctx, \"example\", \u0026docdb.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceDbClusterIdentifier: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.Cluster;\nimport com.pulumi.aws.docdb.GlobalCluster;\nimport com.pulumi.aws.docdb.GlobalClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\");\n\n var exampleGlobalCluster = new GlobalCluster(\"exampleGlobalCluster\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"example\")\n .sourceDbClusterIdentifier(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:docdb:Cluster\n exampleGlobalCluster:\n type: aws:docdb:GlobalCluster\n name: example\n properties:\n globalClusterIdentifier: example\n sourceDbClusterIdentifier: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_docdb_global_cluster` using the Global Cluster identifier. For example:\n\n```sh\n$ pulumi import aws:docdb/globalCluster:GlobalCluster example example\n```\nCertain resource arguments, like `source_db_cluster_identifier`, do not have an API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", + "description": "Manages an DocumentDB Global Cluster. A global cluster consists of one primary region and up to five read-only secondary regions. You issue write operations directly to the primary cluster in the primary region and Amazon DocumentDB automatically replicates the data to the secondary regions using dedicated infrastructure.\n\nMore information about DocumentDB Global Clusters can be found in the [DocumentDB Developer Guide](https://docs.aws.amazon.com/documentdb/latest/developerguide/global-clusters.html).\n\n## Example Usage\n\n### New DocumentDB Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"docdb\",\n engineVersion: \"4.0.0\",\n});\nconst primary = new aws.docdb.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n masterUsername: \"username\",\n masterPassword: \"somepass123\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.docdb.ClusterInstance(\"primary\", {\n engine: example.engine,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: \"db.r5.large\",\n});\nconst secondary = new aws.docdb.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n}, {\n dependsOn: [primary],\n});\nconst secondaryClusterInstance = new aws.docdb.ClusterInstance(\"secondary\", {\n engine: example.engine,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: \"db.r5.large\",\n}, {\n dependsOn: [primaryClusterInstance],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"docdb\",\n engine_version=\"4.0.0\")\nprimary = aws.docdb.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n master_username=\"username\",\n master_password=\"somepass123\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.docdb.ClusterInstance(\"primary\",\n engine=example.engine,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=\"db.r5.large\")\nsecondary = aws.docdb.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\",\n opts=pulumi.ResourceOptions(depends_on=[primary]))\nsecondary_cluster_instance = aws.docdb.ClusterInstance(\"secondary\",\n engine=example.engine,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=\"db.r5.large\",\n opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DocDB.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"docdb\",\n EngineVersion = \"4.0.0\",\n });\n\n var primary = new Aws.DocDB.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n MasterUsername = \"username\",\n MasterPassword = \"somepass123\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.DocDB.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = \"db.r5.large\",\n });\n\n var secondary = new Aws.DocDB.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primary, \n },\n });\n\n var secondaryClusterInstance = new Aws.DocDB.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = \"db.r5.large\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryClusterInstance, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := docdb.NewGlobalCluster(ctx, \"example\", \u0026docdb.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"docdb\"),\n\t\t\tEngineVersion: pulumi.String(\"4.0.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := docdb.NewCluster(ctx, \"primary\", \u0026docdb.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tMasterUsername: pulumi.String(\"username\"),\n\t\t\tMasterPassword: pulumi.String(\"somepass123\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryClusterInstance, err := docdb.NewClusterInstance(ctx, \"primary\", \u0026docdb.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := docdb.NewCluster(ctx, \"secondary\", \u0026docdb.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimary,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = docdb.NewClusterInstance(ctx, \"secondary\", \u0026docdb.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryClusterInstance,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.GlobalCluster;\nimport com.pulumi.aws.docdb.GlobalClusterArgs;\nimport com.pulumi.aws.docdb.Cluster;\nimport com.pulumi.aws.docdb.ClusterArgs;\nimport com.pulumi.aws.docdb.ClusterInstance;\nimport com.pulumi.aws.docdb.ClusterInstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"global-test\")\n .engine(\"docdb\")\n .engineVersion(\"4.0.0\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .masterUsername(\"username\")\n .masterPassword(\"somepass123\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r5.large\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primary)\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r5.large\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryClusterInstance)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:docdb:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: docdb\n engineVersion: 4.0.0\n primary:\n type: aws:docdb:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n masterUsername: username\n masterPassword: somepass123\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n primaryClusterInstance:\n type: aws:docdb:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r5.large\n secondary:\n type: aws:docdb:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n options:\n dependson:\n - ${primary}\n secondaryClusterInstance:\n type: aws:docdb:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r5.large\n options:\n dependson:\n - ${primaryClusterInstance}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New Global Cluster From Existing DB Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.docdb.Cluster(\"example\", {});\nconst exampleGlobalCluster = new aws.docdb.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"example\",\n sourceDbClusterIdentifier: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.docdb.Cluster(\"example\")\nexample_global_cluster = aws.docdb.GlobalCluster(\"example\",\n global_cluster_identifier=\"example\",\n source_db_cluster_identifier=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.DocDB.Cluster(\"example\");\n\n var exampleGlobalCluster = new Aws.DocDB.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"example\",\n SourceDbClusterIdentifier = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/docdb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := docdb.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = docdb.NewGlobalCluster(ctx, \"example\", \u0026docdb.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceDbClusterIdentifier: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.docdb.Cluster;\nimport com.pulumi.aws.docdb.GlobalCluster;\nimport com.pulumi.aws.docdb.GlobalClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\");\n\n var exampleGlobalCluster = new GlobalCluster(\"exampleGlobalCluster\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"example\")\n .sourceDbClusterIdentifier(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:docdb:Cluster\n exampleGlobalCluster:\n type: aws:docdb:GlobalCluster\n name: example\n properties:\n globalClusterIdentifier: example\n sourceDbClusterIdentifier: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_docdb_global_cluster` using the Global Cluster identifier. For example:\n\n```sh\n$ pulumi import aws:docdb/globalCluster:GlobalCluster example example\n```\nCertain resource arguments, like `source_db_cluster_identifier`, do not have an API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", @@ -208377,7 +208377,7 @@ } }, "aws:dynamodb/globalTable:GlobalTable": { - "description": "Manages [DynamoDB Global Tables V1 (version 2017.11.29)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html). These are layered on top of existing DynamoDB Tables.\n\n\u003e **NOTE:** To instead manage [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html), use the `aws.dynamodb.Table` resource `replica` configuration block.\n\n\u003e Note: There are many restrictions before you can properly create DynamoDB Global Tables in multiple regions. See the [AWS DynamoDB Global Table Requirements](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables_reqs_bestpractices.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst us_east_1 = new aws.dynamodb.Table(\"us-east-1\", {\n hashKey: \"myAttribute\",\n name: \"myTable\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n readCapacity: 1,\n writeCapacity: 1,\n attributes: [{\n name: \"myAttribute\",\n type: \"S\",\n }],\n});\nconst us_west_2 = new aws.dynamodb.Table(\"us-west-2\", {\n hashKey: \"myAttribute\",\n name: \"myTable\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n readCapacity: 1,\n writeCapacity: 1,\n attributes: [{\n name: \"myAttribute\",\n type: \"S\",\n }],\n});\nconst myTable = new aws.dynamodb.GlobalTable(\"myTable\", {\n name: \"myTable\",\n replicas: [\n {\n regionName: \"us-east-1\",\n },\n {\n regionName: \"us-west-2\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nus_east_1 = aws.dynamodb.Table(\"us-east-1\",\n hash_key=\"myAttribute\",\n name=\"myTable\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n read_capacity=1,\n write_capacity=1,\n attributes=[aws.dynamodb.TableAttributeArgs(\n name=\"myAttribute\",\n type=\"S\",\n )])\nus_west_2 = aws.dynamodb.Table(\"us-west-2\",\n hash_key=\"myAttribute\",\n name=\"myTable\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n read_capacity=1,\n write_capacity=1,\n attributes=[aws.dynamodb.TableAttributeArgs(\n name=\"myAttribute\",\n type=\"S\",\n )])\nmy_table = aws.dynamodb.GlobalTable(\"myTable\",\n name=\"myTable\",\n replicas=[\n aws.dynamodb.GlobalTableReplicaArgs(\n region_name=\"us-east-1\",\n ),\n aws.dynamodb.GlobalTableReplicaArgs(\n region_name=\"us-west-2\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var us_east_1 = new Aws.DynamoDB.Table(\"us-east-1\", new()\n {\n HashKey = \"myAttribute\",\n Name = \"myTable\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n ReadCapacity = 1,\n WriteCapacity = 1,\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"myAttribute\",\n Type = \"S\",\n },\n },\n });\n\n var us_west_2 = new Aws.DynamoDB.Table(\"us-west-2\", new()\n {\n HashKey = \"myAttribute\",\n Name = \"myTable\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n ReadCapacity = 1,\n WriteCapacity = 1,\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"myAttribute\",\n Type = \"S\",\n },\n },\n });\n\n var myTable = new Aws.DynamoDB.GlobalTable(\"myTable\", new()\n {\n Name = \"myTable\",\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.GlobalTableReplicaArgs\n {\n RegionName = \"us-east-1\",\n },\n new Aws.DynamoDB.Inputs.GlobalTableReplicaArgs\n {\n RegionName = \"us-west-2\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"us-east-1\", \u0026dynamodb.TableArgs{\n\t\t\tHashKey: pulumi.String(\"myAttribute\"),\n\t\t\tName: pulumi.String(\"myTable\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tReadCapacity: pulumi.Int(1),\n\t\t\tWriteCapacity: pulumi.Int(1),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"myAttribute\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewTable(ctx, \"us-west-2\", \u0026dynamodb.TableArgs{\n\t\t\tHashKey: pulumi.String(\"myAttribute\"),\n\t\t\tName: pulumi.String(\"myTable\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tReadCapacity: pulumi.Int(1),\n\t\t\tWriteCapacity: pulumi.Int(1),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"myAttribute\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewGlobalTable(ctx, \"myTable\", \u0026dynamodb.GlobalTableArgs{\n\t\t\tName: pulumi.String(\"myTable\"),\n\t\t\tReplicas: dynamodb.GlobalTableReplicaArray{\n\t\t\t\t\u0026dynamodb.GlobalTableReplicaArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-east-1\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.GlobalTableReplicaArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.GlobalTable;\nimport com.pulumi.aws.dynamodb.GlobalTableArgs;\nimport com.pulumi.aws.dynamodb.inputs.GlobalTableReplicaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var us_east_1 = new Table(\"us-east-1\", TableArgs.builder() \n .hashKey(\"myAttribute\")\n .name(\"myTable\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .readCapacity(1)\n .writeCapacity(1)\n .attributes(TableAttributeArgs.builder()\n .name(\"myAttribute\")\n .type(\"S\")\n .build())\n .build());\n\n var us_west_2 = new Table(\"us-west-2\", TableArgs.builder() \n .hashKey(\"myAttribute\")\n .name(\"myTable\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .readCapacity(1)\n .writeCapacity(1)\n .attributes(TableAttributeArgs.builder()\n .name(\"myAttribute\")\n .type(\"S\")\n .build())\n .build());\n\n var myTable = new GlobalTable(\"myTable\", GlobalTableArgs.builder() \n .name(\"myTable\")\n .replicas( \n GlobalTableReplicaArgs.builder()\n .regionName(\"us-east-1\")\n .build(),\n GlobalTableReplicaArgs.builder()\n .regionName(\"us-west-2\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n us-east-1:\n type: aws:dynamodb:Table\n properties:\n hashKey: myAttribute\n name: myTable\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n readCapacity: 1\n writeCapacity: 1\n attributes:\n - name: myAttribute\n type: S\n us-west-2:\n type: aws:dynamodb:Table\n properties:\n hashKey: myAttribute\n name: myTable\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n readCapacity: 1\n writeCapacity: 1\n attributes:\n - name: myAttribute\n type: S\n myTable:\n type: aws:dynamodb:GlobalTable\n properties:\n name: myTable\n replicas:\n - regionName: us-east-1\n - regionName: us-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DynamoDB Global Tables using the global table name. For example:\n\n```sh\n$ pulumi import aws:dynamodb/globalTable:GlobalTable MyTable MyTable\n```\n", + "description": "Manages [DynamoDB Global Tables V1 (version 2017.11.29)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V1.html). These are layered on top of existing DynamoDB Tables.\n\n\u003e **NOTE:** To instead manage [DynamoDB Global Tables V2 (version 2019.11.21)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.V2.html), use the `aws.dynamodb.Table` resource `replica` configuration block.\n\n\u003e Note: There are many restrictions before you can properly create DynamoDB Global Tables in multiple regions. See the [AWS DynamoDB Global Table Requirements](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables_reqs_bestpractices.html) for more information.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst us_east_1 = new aws.dynamodb.Table(\"us-east-1\", {\n hashKey: \"myAttribute\",\n name: \"myTable\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n readCapacity: 1,\n writeCapacity: 1,\n attributes: [{\n name: \"myAttribute\",\n type: \"S\",\n }],\n});\nconst us_west_2 = new aws.dynamodb.Table(\"us-west-2\", {\n hashKey: \"myAttribute\",\n name: \"myTable\",\n streamEnabled: true,\n streamViewType: \"NEW_AND_OLD_IMAGES\",\n readCapacity: 1,\n writeCapacity: 1,\n attributes: [{\n name: \"myAttribute\",\n type: \"S\",\n }],\n});\nconst myTable = new aws.dynamodb.GlobalTable(\"myTable\", {\n name: \"myTable\",\n replicas: [\n {\n regionName: \"us-east-1\",\n },\n {\n regionName: \"us-west-2\",\n },\n ],\n}, {\n dependsOn: [\n us_east_1,\n us_west_2,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nus_east_1 = aws.dynamodb.Table(\"us-east-1\",\n hash_key=\"myAttribute\",\n name=\"myTable\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n read_capacity=1,\n write_capacity=1,\n attributes=[aws.dynamodb.TableAttributeArgs(\n name=\"myAttribute\",\n type=\"S\",\n )])\nus_west_2 = aws.dynamodb.Table(\"us-west-2\",\n hash_key=\"myAttribute\",\n name=\"myTable\",\n stream_enabled=True,\n stream_view_type=\"NEW_AND_OLD_IMAGES\",\n read_capacity=1,\n write_capacity=1,\n attributes=[aws.dynamodb.TableAttributeArgs(\n name=\"myAttribute\",\n type=\"S\",\n )])\nmy_table = aws.dynamodb.GlobalTable(\"myTable\",\n name=\"myTable\",\n replicas=[\n aws.dynamodb.GlobalTableReplicaArgs(\n region_name=\"us-east-1\",\n ),\n aws.dynamodb.GlobalTableReplicaArgs(\n region_name=\"us-west-2\",\n ),\n ],\n opts=pulumi.ResourceOptions(depends_on=[\n us_east_1,\n us_west_2,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var us_east_1 = new Aws.DynamoDB.Table(\"us-east-1\", new()\n {\n HashKey = \"myAttribute\",\n Name = \"myTable\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n ReadCapacity = 1,\n WriteCapacity = 1,\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"myAttribute\",\n Type = \"S\",\n },\n },\n });\n\n var us_west_2 = new Aws.DynamoDB.Table(\"us-west-2\", new()\n {\n HashKey = \"myAttribute\",\n Name = \"myTable\",\n StreamEnabled = true,\n StreamViewType = \"NEW_AND_OLD_IMAGES\",\n ReadCapacity = 1,\n WriteCapacity = 1,\n Attributes = new[]\n {\n new Aws.DynamoDB.Inputs.TableAttributeArgs\n {\n Name = \"myAttribute\",\n Type = \"S\",\n },\n },\n });\n\n var myTable = new Aws.DynamoDB.GlobalTable(\"myTable\", new()\n {\n Name = \"myTable\",\n Replicas = new[]\n {\n new Aws.DynamoDB.Inputs.GlobalTableReplicaArgs\n {\n RegionName = \"us-east-1\",\n },\n new Aws.DynamoDB.Inputs.GlobalTableReplicaArgs\n {\n RegionName = \"us-west-2\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n us_east_1, \n us_west_2, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dynamodb.NewTable(ctx, \"us-east-1\", \u0026dynamodb.TableArgs{\n\t\t\tHashKey: pulumi.String(\"myAttribute\"),\n\t\t\tName: pulumi.String(\"myTable\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tReadCapacity: pulumi.Int(1),\n\t\t\tWriteCapacity: pulumi.Int(1),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"myAttribute\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewTable(ctx, \"us-west-2\", \u0026dynamodb.TableArgs{\n\t\t\tHashKey: pulumi.String(\"myAttribute\"),\n\t\t\tName: pulumi.String(\"myTable\"),\n\t\t\tStreamEnabled: pulumi.Bool(true),\n\t\t\tStreamViewType: pulumi.String(\"NEW_AND_OLD_IMAGES\"),\n\t\t\tReadCapacity: pulumi.Int(1),\n\t\t\tWriteCapacity: pulumi.Int(1),\n\t\t\tAttributes: dynamodb.TableAttributeArray{\n\t\t\t\t\u0026dynamodb.TableAttributeArgs{\n\t\t\t\t\tName: pulumi.String(\"myAttribute\"),\n\t\t\t\t\tType: pulumi.String(\"S\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dynamodb.NewGlobalTable(ctx, \"myTable\", \u0026dynamodb.GlobalTableArgs{\n\t\t\tName: pulumi.String(\"myTable\"),\n\t\t\tReplicas: dynamodb.GlobalTableReplicaArray{\n\t\t\t\t\u0026dynamodb.GlobalTableReplicaArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-east-1\"),\n\t\t\t\t},\n\t\t\t\t\u0026dynamodb.GlobalTableReplicaArgs{\n\t\t\t\t\tRegionName: pulumi.String(\"us-west-2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tus_east_1,\n\t\t\tus_west_2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.dynamodb.Table;\nimport com.pulumi.aws.dynamodb.TableArgs;\nimport com.pulumi.aws.dynamodb.inputs.TableAttributeArgs;\nimport com.pulumi.aws.dynamodb.GlobalTable;\nimport com.pulumi.aws.dynamodb.GlobalTableArgs;\nimport com.pulumi.aws.dynamodb.inputs.GlobalTableReplicaArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var us_east_1 = new Table(\"us-east-1\", TableArgs.builder() \n .hashKey(\"myAttribute\")\n .name(\"myTable\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .readCapacity(1)\n .writeCapacity(1)\n .attributes(TableAttributeArgs.builder()\n .name(\"myAttribute\")\n .type(\"S\")\n .build())\n .build());\n\n var us_west_2 = new Table(\"us-west-2\", TableArgs.builder() \n .hashKey(\"myAttribute\")\n .name(\"myTable\")\n .streamEnabled(true)\n .streamViewType(\"NEW_AND_OLD_IMAGES\")\n .readCapacity(1)\n .writeCapacity(1)\n .attributes(TableAttributeArgs.builder()\n .name(\"myAttribute\")\n .type(\"S\")\n .build())\n .build());\n\n var myTable = new GlobalTable(\"myTable\", GlobalTableArgs.builder() \n .name(\"myTable\")\n .replicas( \n GlobalTableReplicaArgs.builder()\n .regionName(\"us-east-1\")\n .build(),\n GlobalTableReplicaArgs.builder()\n .regionName(\"us-west-2\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n us_east_1,\n us_west_2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n us-east-1:\n type: aws:dynamodb:Table\n properties:\n hashKey: myAttribute\n name: myTable\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n readCapacity: 1\n writeCapacity: 1\n attributes:\n - name: myAttribute\n type: S\n us-west-2:\n type: aws:dynamodb:Table\n properties:\n hashKey: myAttribute\n name: myTable\n streamEnabled: true\n streamViewType: NEW_AND_OLD_IMAGES\n readCapacity: 1\n writeCapacity: 1\n attributes:\n - name: myAttribute\n type: S\n myTable:\n type: aws:dynamodb:GlobalTable\n properties:\n name: myTable\n replicas:\n - regionName: us-east-1\n - regionName: us-west-2\n options:\n dependson:\n - ${[\"us-east-1\"]}\n - ${[\"us-west-2\"]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import DynamoDB Global Tables using the global table name. For example:\n\n```sh\n$ pulumi import aws:dynamodb/globalTable:GlobalTable MyTable MyTable\n```\n", "properties": { "arn": { "type": "string", @@ -213460,7 +213460,7 @@ } }, "aws:ec2/eip:Eip": { - "description": "Provides an Elastic IP resource.\n\n\u003e **Note:** EIP may require IGW to exist prior to association. Use `depends_on` to set an explicit dependency on the IGW.\n\n\u003e **Note:** Do not use `network_interface` to associate the EIP to `aws.lb.LoadBalancer` or `aws.ec2.NatGateway` resources. Instead use the `allocation_id` available in those resources to allow AWS to manage the association, otherwise you will see `AuthFailure` errors.\n\n## Example Usage\n\n### Single EIP associated with an instance\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.ec2.Eip(\"lb\", {\n instance: web.id,\n domain: \"vpc\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.ec2.Eip(\"lb\",\n instance=web[\"id\"],\n domain=\"vpc\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Ec2.Eip(\"lb\", new()\n {\n Instance = web.Id,\n Domain = \"vpc\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewEip(ctx, \"lb\", \u0026ec2.EipArgs{\n\t\t\tInstance: pulumi.Any(web.Id),\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new Eip(\"lb\", EipArgs.builder() \n .instance(web.id())\n .domain(\"vpc\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lb:\n type: aws:ec2:Eip\n properties:\n instance: ${web.id}\n domain: vpc\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Multiple EIPs associated with a single network interface\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst multi_ip = new aws.ec2.NetworkInterface(\"multi-ip\", {\n subnetId: main.id,\n privateIps: [\n \"10.0.0.10\",\n \"10.0.0.11\",\n ],\n});\nconst one = new aws.ec2.Eip(\"one\", {\n domain: \"vpc\",\n networkInterface: multi_ip.id,\n associateWithPrivateIp: \"10.0.0.10\",\n});\nconst two = new aws.ec2.Eip(\"two\", {\n domain: \"vpc\",\n networkInterface: multi_ip.id,\n associateWithPrivateIp: \"10.0.0.11\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmulti_ip = aws.ec2.NetworkInterface(\"multi-ip\",\n subnet_id=main[\"id\"],\n private_ips=[\n \"10.0.0.10\",\n \"10.0.0.11\",\n ])\none = aws.ec2.Eip(\"one\",\n domain=\"vpc\",\n network_interface=multi_ip.id,\n associate_with_private_ip=\"10.0.0.10\")\ntwo = aws.ec2.Eip(\"two\",\n domain=\"vpc\",\n network_interface=multi_ip.id,\n associate_with_private_ip=\"10.0.0.11\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var multi_ip = new Aws.Ec2.NetworkInterface(\"multi-ip\", new()\n {\n SubnetId = main.Id,\n PrivateIps = new[]\n {\n \"10.0.0.10\",\n \"10.0.0.11\",\n },\n });\n\n var one = new Aws.Ec2.Eip(\"one\", new()\n {\n Domain = \"vpc\",\n NetworkInterface = multi_ip.Id,\n AssociateWithPrivateIp = \"10.0.0.10\",\n });\n\n var two = new Aws.Ec2.Eip(\"two\", new()\n {\n Domain = \"vpc\",\n NetworkInterface = multi_ip.Id,\n AssociateWithPrivateIp = \"10.0.0.11\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNetworkInterface(ctx, \"multi-ip\", \u0026ec2.NetworkInterfaceArgs{\n\t\t\tSubnetId: pulumi.Any(main.Id),\n\t\t\tPrivateIps: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.10\"),\n\t\t\t\tpulumi.String(\"10.0.0.11\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEip(ctx, \"one\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tNetworkInterface: multi_ip.ID(),\n\t\t\tAssociateWithPrivateIp: pulumi.String(\"10.0.0.10\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEip(ctx, \"two\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tNetworkInterface: multi_ip.ID(),\n\t\t\tAssociateWithPrivateIp: pulumi.String(\"10.0.0.11\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NetworkInterface;\nimport com.pulumi.aws.ec2.NetworkInterfaceArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var multi_ip = new NetworkInterface(\"multi-ip\", NetworkInterfaceArgs.builder() \n .subnetId(main.id())\n .privateIps( \n \"10.0.0.10\",\n \"10.0.0.11\")\n .build());\n\n var one = new Eip(\"one\", EipArgs.builder() \n .domain(\"vpc\")\n .networkInterface(multi_ip.id())\n .associateWithPrivateIp(\"10.0.0.10\")\n .build());\n\n var two = new Eip(\"two\", EipArgs.builder() \n .domain(\"vpc\")\n .networkInterface(multi_ip.id())\n .associateWithPrivateIp(\"10.0.0.11\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n multi-ip:\n type: aws:ec2:NetworkInterface\n properties:\n subnetId: ${main.id}\n privateIps:\n - 10.0.0.10\n - 10.0.0.11\n one:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n networkInterface: ${[\"multi-ip\"].id}\n associateWithPrivateIp: 10.0.0.10\n two:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n networkInterface: ${[\"multi-ip\"].id}\n associateWithPrivateIp: 10.0.0.11\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Attaching an EIP to an Instance with a pre-assigned private ip (VPC Only)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.ec2.Vpc(\"default\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsHostnames: true,\n});\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: _default.id});\nconst myTestSubnet = new aws.ec2.Subnet(\"my_test_subnet\", {\n vpcId: _default.id,\n cidrBlock: \"10.0.0.0/24\",\n mapPublicIpOnLaunch: true,\n});\nconst foo = new aws.ec2.Instance(\"foo\", {\n ami: \"ami-5189a661\",\n instanceType: aws.ec2.InstanceType.T2_Micro,\n privateIp: \"10.0.0.12\",\n subnetId: myTestSubnet.id,\n});\nconst bar = new aws.ec2.Eip(\"bar\", {\n domain: \"vpc\",\n instance: foo.id,\n associateWithPrivateIp: \"10.0.0.12\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.Vpc(\"default\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_hostnames=True)\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=default.id)\nmy_test_subnet = aws.ec2.Subnet(\"my_test_subnet\",\n vpc_id=default.id,\n cidr_block=\"10.0.0.0/24\",\n map_public_ip_on_launch=True)\nfoo = aws.ec2.Instance(\"foo\",\n ami=\"ami-5189a661\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n private_ip=\"10.0.0.12\",\n subnet_id=my_test_subnet.id)\nbar = aws.ec2.Eip(\"bar\",\n domain=\"vpc\",\n instance=foo.id,\n associate_with_private_ip=\"10.0.0.12\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Ec2.Vpc(\"default\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsHostnames = true,\n });\n\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = @default.Id,\n });\n\n var myTestSubnet = new Aws.Ec2.Subnet(\"my_test_subnet\", new()\n {\n VpcId = @default.Id,\n CidrBlock = \"10.0.0.0/24\",\n MapPublicIpOnLaunch = true,\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\", new()\n {\n Ami = \"ami-5189a661\",\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n PrivateIp = \"10.0.0.12\",\n SubnetId = myTestSubnet.Id,\n });\n\n var bar = new Aws.Ec2.Eip(\"bar\", new()\n {\n Domain = \"vpc\",\n Instance = foo.Id,\n AssociateWithPrivateIp = \"10.0.0.12\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpc(ctx, \"default\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyTestSubnet, err := ec2.NewSubnet(ctx, \"my_test_subnet\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: _default.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/24\"),\n\t\t\tMapPublicIpOnLaunch: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewInstance(ctx, \"foo\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-5189a661\"),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tPrivateIp: pulumi.String(\"10.0.0.12\"),\n\t\t\tSubnetId: myTestSubnet.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEip(ctx, \"bar\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tInstance: foo.ID(),\n\t\t\tAssociateWithPrivateIp: pulumi.String(\"10.0.0.12\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Vpc(\"default\", VpcArgs.builder() \n .cidrBlock(\"10.0.0.0/16\")\n .enableDnsHostnames(true)\n .build());\n\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder() \n .vpcId(default_.id())\n .build());\n\n var myTestSubnet = new Subnet(\"myTestSubnet\", SubnetArgs.builder() \n .vpcId(default_.id())\n .cidrBlock(\"10.0.0.0/24\")\n .mapPublicIpOnLaunch(true)\n .build());\n\n var foo = new Instance(\"foo\", InstanceArgs.builder() \n .ami(\"ami-5189a661\")\n .instanceType(\"t2.micro\")\n .privateIp(\"10.0.0.12\")\n .subnetId(myTestSubnet.id())\n .build());\n\n var bar = new Eip(\"bar\", EipArgs.builder() \n .domain(\"vpc\")\n .instance(foo.id())\n .associateWithPrivateIp(\"10.0.0.12\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n enableDnsHostnames: true\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${default.id}\n myTestSubnet:\n type: aws:ec2:Subnet\n name: my_test_subnet\n properties:\n vpcId: ${default.id}\n cidrBlock: 10.0.0.0/24\n mapPublicIpOnLaunch: true\n foo:\n type: aws:ec2:Instance\n properties:\n ami: ami-5189a661\n instanceType: t2.micro\n privateIp: 10.0.0.12\n subnetId: ${myTestSubnet.id}\n bar:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n instance: ${foo.id}\n associateWithPrivateIp: 10.0.0.12\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Allocating EIP from the BYOIP pool\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byoip_ip = new aws.ec2.Eip(\"byoip-ip\", {\n domain: \"vpc\",\n publicIpv4Pool: \"ipv4pool-ec2-012345\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbyoip_ip = aws.ec2.Eip(\"byoip-ip\",\n domain=\"vpc\",\n public_ipv4_pool=\"ipv4pool-ec2-012345\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byoip_ip = new Aws.Ec2.Eip(\"byoip-ip\", new()\n {\n Domain = \"vpc\",\n PublicIpv4Pool = \"ipv4pool-ec2-012345\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewEip(ctx, \"byoip-ip\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tPublicIpv4Pool: pulumi.String(\"ipv4pool-ec2-012345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var byoip_ip = new Eip(\"byoip-ip\", EipArgs.builder() \n .domain(\"vpc\")\n .publicIpv4Pool(\"ipv4pool-ec2-012345\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n byoip-ip:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n publicIpv4Pool: ipv4pool-ec2-012345\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EIPs in a VPC using their Allocation ID. For example:\n\n```sh\n$ pulumi import aws:ec2/eip:Eip bar eipalloc-00a10e96\n```\n", + "description": "Provides an Elastic IP resource.\n\n\u003e **Note:** EIP may require IGW to exist prior to association. Use `depends_on` to set an explicit dependency on the IGW.\n\n\u003e **Note:** Do not use `network_interface` to associate the EIP to `aws.lb.LoadBalancer` or `aws.ec2.NatGateway` resources. Instead use the `allocation_id` available in those resources to allow AWS to manage the association, otherwise you will see `AuthFailure` errors.\n\n## Example Usage\n\n### Single EIP associated with an instance\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.ec2.Eip(\"lb\", {\n instance: web.id,\n domain: \"vpc\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlb = aws.ec2.Eip(\"lb\",\n instance=web[\"id\"],\n domain=\"vpc\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Ec2.Eip(\"lb\", new()\n {\n Instance = web.Id,\n Domain = \"vpc\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewEip(ctx, \"lb\", \u0026ec2.EipArgs{\n\t\t\tInstance: pulumi.Any(web.Id),\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new Eip(\"lb\", EipArgs.builder() \n .instance(web.id())\n .domain(\"vpc\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lb:\n type: aws:ec2:Eip\n properties:\n instance: ${web.id}\n domain: vpc\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Multiple EIPs associated with a single network interface\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst multi_ip = new aws.ec2.NetworkInterface(\"multi-ip\", {\n subnetId: main.id,\n privateIps: [\n \"10.0.0.10\",\n \"10.0.0.11\",\n ],\n});\nconst one = new aws.ec2.Eip(\"one\", {\n domain: \"vpc\",\n networkInterface: multi_ip.id,\n associateWithPrivateIp: \"10.0.0.10\",\n});\nconst two = new aws.ec2.Eip(\"two\", {\n domain: \"vpc\",\n networkInterface: multi_ip.id,\n associateWithPrivateIp: \"10.0.0.11\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmulti_ip = aws.ec2.NetworkInterface(\"multi-ip\",\n subnet_id=main[\"id\"],\n private_ips=[\n \"10.0.0.10\",\n \"10.0.0.11\",\n ])\none = aws.ec2.Eip(\"one\",\n domain=\"vpc\",\n network_interface=multi_ip.id,\n associate_with_private_ip=\"10.0.0.10\")\ntwo = aws.ec2.Eip(\"two\",\n domain=\"vpc\",\n network_interface=multi_ip.id,\n associate_with_private_ip=\"10.0.0.11\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var multi_ip = new Aws.Ec2.NetworkInterface(\"multi-ip\", new()\n {\n SubnetId = main.Id,\n PrivateIps = new[]\n {\n \"10.0.0.10\",\n \"10.0.0.11\",\n },\n });\n\n var one = new Aws.Ec2.Eip(\"one\", new()\n {\n Domain = \"vpc\",\n NetworkInterface = multi_ip.Id,\n AssociateWithPrivateIp = \"10.0.0.10\",\n });\n\n var two = new Aws.Ec2.Eip(\"two\", new()\n {\n Domain = \"vpc\",\n NetworkInterface = multi_ip.Id,\n AssociateWithPrivateIp = \"10.0.0.11\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNetworkInterface(ctx, \"multi-ip\", \u0026ec2.NetworkInterfaceArgs{\n\t\t\tSubnetId: pulumi.Any(main.Id),\n\t\t\tPrivateIps: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.10\"),\n\t\t\t\tpulumi.String(\"10.0.0.11\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEip(ctx, \"one\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tNetworkInterface: multi_ip.ID(),\n\t\t\tAssociateWithPrivateIp: pulumi.String(\"10.0.0.10\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEip(ctx, \"two\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tNetworkInterface: multi_ip.ID(),\n\t\t\tAssociateWithPrivateIp: pulumi.String(\"10.0.0.11\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NetworkInterface;\nimport com.pulumi.aws.ec2.NetworkInterfaceArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var multi_ip = new NetworkInterface(\"multi-ip\", NetworkInterfaceArgs.builder() \n .subnetId(main.id())\n .privateIps( \n \"10.0.0.10\",\n \"10.0.0.11\")\n .build());\n\n var one = new Eip(\"one\", EipArgs.builder() \n .domain(\"vpc\")\n .networkInterface(multi_ip.id())\n .associateWithPrivateIp(\"10.0.0.10\")\n .build());\n\n var two = new Eip(\"two\", EipArgs.builder() \n .domain(\"vpc\")\n .networkInterface(multi_ip.id())\n .associateWithPrivateIp(\"10.0.0.11\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n multi-ip:\n type: aws:ec2:NetworkInterface\n properties:\n subnetId: ${main.id}\n privateIps:\n - 10.0.0.10\n - 10.0.0.11\n one:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n networkInterface: ${[\"multi-ip\"].id}\n associateWithPrivateIp: 10.0.0.10\n two:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n networkInterface: ${[\"multi-ip\"].id}\n associateWithPrivateIp: 10.0.0.11\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Attaching an EIP to an Instance with a pre-assigned private ip (VPC Only)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.ec2.Vpc(\"default\", {\n cidrBlock: \"10.0.0.0/16\",\n enableDnsHostnames: true,\n});\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: _default.id});\nconst myTestSubnet = new aws.ec2.Subnet(\"my_test_subnet\", {\n vpcId: _default.id,\n cidrBlock: \"10.0.0.0/24\",\n mapPublicIpOnLaunch: true,\n}, {\n dependsOn: [gw],\n});\nconst foo = new aws.ec2.Instance(\"foo\", {\n ami: \"ami-5189a661\",\n instanceType: aws.ec2.InstanceType.T2_Micro,\n privateIp: \"10.0.0.12\",\n subnetId: myTestSubnet.id,\n});\nconst bar = new aws.ec2.Eip(\"bar\", {\n domain: \"vpc\",\n instance: foo.id,\n associateWithPrivateIp: \"10.0.0.12\",\n}, {\n dependsOn: [gw],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.ec2.Vpc(\"default\",\n cidr_block=\"10.0.0.0/16\",\n enable_dns_hostnames=True)\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=default.id)\nmy_test_subnet = aws.ec2.Subnet(\"my_test_subnet\",\n vpc_id=default.id,\n cidr_block=\"10.0.0.0/24\",\n map_public_ip_on_launch=True,\n opts=pulumi.ResourceOptions(depends_on=[gw]))\nfoo = aws.ec2.Instance(\"foo\",\n ami=\"ami-5189a661\",\n instance_type=aws.ec2.InstanceType.T2_MICRO,\n private_ip=\"10.0.0.12\",\n subnet_id=my_test_subnet.id)\nbar = aws.ec2.Eip(\"bar\",\n domain=\"vpc\",\n instance=foo.id,\n associate_with_private_ip=\"10.0.0.12\",\n opts=pulumi.ResourceOptions(depends_on=[gw]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Ec2.Vpc(\"default\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n EnableDnsHostnames = true,\n });\n\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = @default.Id,\n });\n\n var myTestSubnet = new Aws.Ec2.Subnet(\"my_test_subnet\", new()\n {\n VpcId = @default.Id,\n CidrBlock = \"10.0.0.0/24\",\n MapPublicIpOnLaunch = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gw, \n },\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\", new()\n {\n Ami = \"ami-5189a661\",\n InstanceType = Aws.Ec2.InstanceType.T2_Micro,\n PrivateIp = \"10.0.0.12\",\n SubnetId = myTestSubnet.Id,\n });\n\n var bar = new Aws.Ec2.Eip(\"bar\", new()\n {\n Domain = \"vpc\",\n Instance = foo.Id,\n AssociateWithPrivateIp = \"10.0.0.12\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gw, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpc(ctx, \"default\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tEnableDnsHostnames: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgw, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmyTestSubnet, err := ec2.NewSubnet(ctx, \"my_test_subnet\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: _default.ID(),\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/24\"),\n\t\t\tMapPublicIpOnLaunch: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfoo, err := ec2.NewInstance(ctx, \"foo\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(\"ami-5189a661\"),\n\t\t\tInstanceType: pulumi.String(ec2.InstanceType_T2_Micro),\n\t\t\tPrivateIp: pulumi.String(\"10.0.0.12\"),\n\t\t\tSubnetId: myTestSubnet.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewEip(ctx, \"bar\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tInstance: foo.ID(),\n\t\t\tAssociateWithPrivateIp: pulumi.String(\"10.0.0.12\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Vpc(\"default\", VpcArgs.builder() \n .cidrBlock(\"10.0.0.0/16\")\n .enableDnsHostnames(true)\n .build());\n\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder() \n .vpcId(default_.id())\n .build());\n\n var myTestSubnet = new Subnet(\"myTestSubnet\", SubnetArgs.builder() \n .vpcId(default_.id())\n .cidrBlock(\"10.0.0.0/24\")\n .mapPublicIpOnLaunch(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(gw)\n .build());\n\n var foo = new Instance(\"foo\", InstanceArgs.builder() \n .ami(\"ami-5189a661\")\n .instanceType(\"t2.micro\")\n .privateIp(\"10.0.0.12\")\n .subnetId(myTestSubnet.id())\n .build());\n\n var bar = new Eip(\"bar\", EipArgs.builder() \n .domain(\"vpc\")\n .instance(foo.id())\n .associateWithPrivateIp(\"10.0.0.12\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(gw)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n enableDnsHostnames: true\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${default.id}\n myTestSubnet:\n type: aws:ec2:Subnet\n name: my_test_subnet\n properties:\n vpcId: ${default.id}\n cidrBlock: 10.0.0.0/24\n mapPublicIpOnLaunch: true\n options:\n dependson:\n - ${gw}\n foo:\n type: aws:ec2:Instance\n properties:\n ami: ami-5189a661\n instanceType: t2.micro\n privateIp: 10.0.0.12\n subnetId: ${myTestSubnet.id}\n bar:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n instance: ${foo.id}\n associateWithPrivateIp: 10.0.0.12\n options:\n dependson:\n - ${gw}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Allocating EIP from the BYOIP pool\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst byoip_ip = new aws.ec2.Eip(\"byoip-ip\", {\n domain: \"vpc\",\n publicIpv4Pool: \"ipv4pool-ec2-012345\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbyoip_ip = aws.ec2.Eip(\"byoip-ip\",\n domain=\"vpc\",\n public_ipv4_pool=\"ipv4pool-ec2-012345\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var byoip_ip = new Aws.Ec2.Eip(\"byoip-ip\", new()\n {\n Domain = \"vpc\",\n PublicIpv4Pool = \"ipv4pool-ec2-012345\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewEip(ctx, \"byoip-ip\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t\tPublicIpv4Pool: pulumi.String(\"ipv4pool-ec2-012345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var byoip_ip = new Eip(\"byoip-ip\", EipArgs.builder() \n .domain(\"vpc\")\n .publicIpv4Pool(\"ipv4pool-ec2-012345\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n byoip-ip:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n publicIpv4Pool: ipv4pool-ec2-012345\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EIPs in a VPC using their Allocation ID. For example:\n\n```sh\n$ pulumi import aws:ec2/eip:Eip bar eipalloc-00a10e96\n```\n", "properties": { "address": { "type": "string", @@ -215410,7 +215410,7 @@ "additionalProperties": { "type": "string" }, - "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **Note:** It's recommended to denote that the AWS Instance or Elastic IP depends on the Internet Gateway. For example:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: main.id});\nconst foo = new aws.ec2.Instance(\"foo\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=main[\"id\"])\nfoo = aws.ec2.Instance(\"foo\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = main.Id,\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"foo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder() \n .vpcId(main.id())\n .build());\n\n var foo = new Instance(\"foo\");\n\n }\n}\n```\n```yaml\nresources:\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${main.id}\n foo:\n type: aws:ec2:Instance\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" + "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **Note:** It's recommended to denote that the AWS Instance or Elastic IP depends on the Internet Gateway. For example:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: main.id});\nconst foo = new aws.ec2.Instance(\"foo\", {}, {\n dependsOn: [gw],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=main[\"id\"])\nfoo = aws.ec2.Instance(\"foo\", opts=pulumi.ResourceOptions(depends_on=[gw]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = main.Id,\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\", new()\n {\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gw, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgw, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"foo\", nil, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder() \n .vpcId(main.id())\n .build());\n\n var foo = new Instance(\"foo\", InstanceArgs.Empty, CustomResourceOptions.builder()\n .dependsOn(gw)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${main.id}\n foo:\n type: aws:ec2:Instance\n options:\n dependson:\n - ${gw}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "tagsAll": { "type": "object", @@ -215437,7 +215437,7 @@ "additionalProperties": { "type": "string" }, - "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **Note:** It's recommended to denote that the AWS Instance or Elastic IP depends on the Internet Gateway. For example:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: main.id});\nconst foo = new aws.ec2.Instance(\"foo\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=main[\"id\"])\nfoo = aws.ec2.Instance(\"foo\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = main.Id,\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"foo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder() \n .vpcId(main.id())\n .build());\n\n var foo = new Instance(\"foo\");\n\n }\n}\n```\n```yaml\nresources:\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${main.id}\n foo:\n type: aws:ec2:Instance\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" + "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **Note:** It's recommended to denote that the AWS Instance or Elastic IP depends on the Internet Gateway. For example:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: main.id});\nconst foo = new aws.ec2.Instance(\"foo\", {}, {\n dependsOn: [gw],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=main[\"id\"])\nfoo = aws.ec2.Instance(\"foo\", opts=pulumi.ResourceOptions(depends_on=[gw]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = main.Id,\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\", new()\n {\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gw, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgw, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"foo\", nil, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder() \n .vpcId(main.id())\n .build());\n\n var foo = new Instance(\"foo\", InstanceArgs.Empty, CustomResourceOptions.builder()\n .dependsOn(gw)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${main.id}\n foo:\n type: aws:ec2:Instance\n options:\n dependson:\n - ${gw}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "vpcId": { "type": "string", @@ -215460,7 +215460,7 @@ "additionalProperties": { "type": "string" }, - "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **Note:** It's recommended to denote that the AWS Instance or Elastic IP depends on the Internet Gateway. For example:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: main.id});\nconst foo = new aws.ec2.Instance(\"foo\", {});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=main[\"id\"])\nfoo = aws.ec2.Instance(\"foo\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = main.Id,\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\");\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"foo\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder() \n .vpcId(main.id())\n .build());\n\n var foo = new Instance(\"foo\");\n\n }\n}\n```\n```yaml\nresources:\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${main.id}\n foo:\n type: aws:ec2:Instance\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" + "description": "A map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.\n\n\u003e **Note:** It's recommended to denote that the AWS Instance or Elastic IP depends on the Internet Gateway. For example:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst gw = new aws.ec2.InternetGateway(\"gw\", {vpcId: main.id});\nconst foo = new aws.ec2.Instance(\"foo\", {}, {\n dependsOn: [gw],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ngw = aws.ec2.InternetGateway(\"gw\", vpc_id=main[\"id\"])\nfoo = aws.ec2.Instance(\"foo\", opts=pulumi.ResourceOptions(depends_on=[gw]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var gw = new Aws.Ec2.InternetGateway(\"gw\", new()\n {\n VpcId = main.Id,\n });\n\n var foo = new Aws.Ec2.Instance(\"foo\", new()\n {\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gw, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tgw, err := ec2.NewInternetGateway(ctx, \"gw\", \u0026ec2.InternetGatewayArgs{\n\t\t\tVpcId: pulumi.Any(main.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewInstance(ctx, \"foo\", nil, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgw,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.InternetGateway;\nimport com.pulumi.aws.ec2.InternetGatewayArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var gw = new InternetGateway(\"gw\", InternetGatewayArgs.builder() \n .vpcId(main.id())\n .build());\n\n var foo = new Instance(\"foo\", InstanceArgs.Empty, CustomResourceOptions.builder()\n .dependsOn(gw)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n gw:\n type: aws:ec2:InternetGateway\n properties:\n vpcId: ${main.id}\n foo:\n type: aws:ec2:Instance\n options:\n dependson:\n - ${gw}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n" }, "tagsAll": { "type": "object", @@ -216992,7 +216992,7 @@ } }, "aws:ec2/natGateway:NatGateway": { - "description": "Provides a resource to create a VPC NAT Gateway.\n\n## Example Usage\n\n### Public NAT\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n allocationId: exampleAwsEip.id,\n subnetId: exampleAwsSubnet.id,\n tags: {\n Name: \"gw NAT\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n allocation_id=example_aws_eip[\"id\"],\n subnet_id=example_aws_subnet[\"id\"],\n tags={\n \"Name\": \"gw NAT\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n AllocationId = exampleAwsEip.Id,\n SubnetId = exampleAwsSubnet.Id,\n Tags = \n {\n { \"Name\", \"gw NAT\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tAllocationId: pulumi.Any(exampleAwsEip.Id),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"gw NAT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder() \n .allocationId(exampleAwsEip.id())\n .subnetId(exampleAwsSubnet.id())\n .tags(Map.of(\"Name\", \"gw NAT\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n allocationId: ${exampleAwsEip.id}\n subnetId: ${exampleAwsSubnet.id}\n tags:\n Name: gw NAT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Public NAT with Secondary Private IP Addresses\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n allocationId: exampleAwsEip.id,\n subnetId: exampleAwsSubnet.id,\n secondaryAllocationIds: [secondary.id],\n secondaryPrivateIpAddresses: [\"10.0.1.5\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n allocation_id=example_aws_eip[\"id\"],\n subnet_id=example_aws_subnet[\"id\"],\n secondary_allocation_ids=[secondary[\"id\"]],\n secondary_private_ip_addresses=[\"10.0.1.5\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n AllocationId = exampleAwsEip.Id,\n SubnetId = exampleAwsSubnet.Id,\n SecondaryAllocationIds = new[]\n {\n secondary.Id,\n },\n SecondaryPrivateIpAddresses = new[]\n {\n \"10.0.1.5\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tAllocationId: pulumi.Any(exampleAwsEip.Id),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tSecondaryAllocationIds: pulumi.StringArray{\n\t\t\t\tsecondary.Id,\n\t\t\t},\n\t\t\tSecondaryPrivateIpAddresses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.1.5\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder() \n .allocationId(exampleAwsEip.id())\n .subnetId(exampleAwsSubnet.id())\n .secondaryAllocationIds(secondary.id())\n .secondaryPrivateIpAddresses(\"10.0.1.5\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n allocationId: ${exampleAwsEip.id}\n subnetId: ${exampleAwsSubnet.id}\n secondaryAllocationIds:\n - ${secondary.id}\n secondaryPrivateIpAddresses:\n - 10.0.1.5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Private NAT\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n connectivityType: \"private\",\n subnetId: exampleAwsSubnet.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n connectivity_type=\"private\",\n subnet_id=example_aws_subnet[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n ConnectivityType = \"private\",\n SubnetId = exampleAwsSubnet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tConnectivityType: pulumi.String(\"private\"),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder() \n .connectivityType(\"private\")\n .subnetId(exampleAwsSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n connectivityType: private\n subnetId: ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Private NAT with Secondary Private IP Addresses\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n connectivityType: \"private\",\n subnetId: exampleAwsSubnet.id,\n secondaryPrivateIpAddressCount: 7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n connectivity_type=\"private\",\n subnet_id=example_aws_subnet[\"id\"],\n secondary_private_ip_address_count=7)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n ConnectivityType = \"private\",\n SubnetId = exampleAwsSubnet.Id,\n SecondaryPrivateIpAddressCount = 7,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tConnectivityType: pulumi.String(\"private\"),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tSecondaryPrivateIpAddressCount: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder() \n .connectivityType(\"private\")\n .subnetId(exampleAwsSubnet.id())\n .secondaryPrivateIpAddressCount(7)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n connectivityType: private\n subnetId: ${exampleAwsSubnet.id}\n secondaryPrivateIpAddressCount: 7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import NAT Gateways using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/natGateway:NatGateway private_gw nat-05dba92075d71c408\n```\n", + "description": "Provides a resource to create a VPC NAT Gateway.\n\n## Example Usage\n\n### Public NAT\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n allocationId: exampleAwsEip.id,\n subnetId: exampleAwsSubnet.id,\n tags: {\n Name: \"gw NAT\",\n },\n}, {\n dependsOn: [exampleAwsInternetGateway],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n allocation_id=example_aws_eip[\"id\"],\n subnet_id=example_aws_subnet[\"id\"],\n tags={\n \"Name\": \"gw NAT\",\n },\n opts=pulumi.ResourceOptions(depends_on=[example_aws_internet_gateway]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n AllocationId = exampleAwsEip.Id,\n SubnetId = exampleAwsSubnet.Id,\n Tags = \n {\n { \"Name\", \"gw NAT\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsInternetGateway, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tAllocationId: pulumi.Any(exampleAwsEip.Id),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"gw NAT\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsInternetGateway,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder() \n .allocationId(exampleAwsEip.id())\n .subnetId(exampleAwsSubnet.id())\n .tags(Map.of(\"Name\", \"gw NAT\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsInternetGateway)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n allocationId: ${exampleAwsEip.id}\n subnetId: ${exampleAwsSubnet.id}\n tags:\n Name: gw NAT\n options:\n dependson:\n - ${exampleAwsInternetGateway}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Public NAT with Secondary Private IP Addresses\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n allocationId: exampleAwsEip.id,\n subnetId: exampleAwsSubnet.id,\n secondaryAllocationIds: [secondary.id],\n secondaryPrivateIpAddresses: [\"10.0.1.5\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n allocation_id=example_aws_eip[\"id\"],\n subnet_id=example_aws_subnet[\"id\"],\n secondary_allocation_ids=[secondary[\"id\"]],\n secondary_private_ip_addresses=[\"10.0.1.5\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n AllocationId = exampleAwsEip.Id,\n SubnetId = exampleAwsSubnet.Id,\n SecondaryAllocationIds = new[]\n {\n secondary.Id,\n },\n SecondaryPrivateIpAddresses = new[]\n {\n \"10.0.1.5\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tAllocationId: pulumi.Any(exampleAwsEip.Id),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tSecondaryAllocationIds: pulumi.StringArray{\n\t\t\t\tsecondary.Id,\n\t\t\t},\n\t\t\tSecondaryPrivateIpAddresses: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.1.5\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder() \n .allocationId(exampleAwsEip.id())\n .subnetId(exampleAwsSubnet.id())\n .secondaryAllocationIds(secondary.id())\n .secondaryPrivateIpAddresses(\"10.0.1.5\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n allocationId: ${exampleAwsEip.id}\n subnetId: ${exampleAwsSubnet.id}\n secondaryAllocationIds:\n - ${secondary.id}\n secondaryPrivateIpAddresses:\n - 10.0.1.5\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Private NAT\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n connectivityType: \"private\",\n subnetId: exampleAwsSubnet.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n connectivity_type=\"private\",\n subnet_id=example_aws_subnet[\"id\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n ConnectivityType = \"private\",\n SubnetId = exampleAwsSubnet.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tConnectivityType: pulumi.String(\"private\"),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder() \n .connectivityType(\"private\")\n .subnetId(exampleAwsSubnet.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n connectivityType: private\n subnetId: ${exampleAwsSubnet.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Private NAT with Secondary Private IP Addresses\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ec2.NatGateway(\"example\", {\n connectivityType: \"private\",\n subnetId: exampleAwsSubnet.id,\n secondaryPrivateIpAddressCount: 7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.NatGateway(\"example\",\n connectivity_type=\"private\",\n subnet_id=example_aws_subnet[\"id\"],\n secondary_private_ip_address_count=7)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ec2.NatGateway(\"example\", new()\n {\n ConnectivityType = \"private\",\n SubnetId = exampleAwsSubnet.Id,\n SecondaryPrivateIpAddressCount = 7,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewNatGateway(ctx, \"example\", \u0026ec2.NatGatewayArgs{\n\t\t\tConnectivityType: pulumi.String(\"private\"),\n\t\t\tSubnetId: pulumi.Any(exampleAwsSubnet.Id),\n\t\t\tSecondaryPrivateIpAddressCount: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.NatGateway;\nimport com.pulumi.aws.ec2.NatGatewayArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NatGateway(\"example\", NatGatewayArgs.builder() \n .connectivityType(\"private\")\n .subnetId(exampleAwsSubnet.id())\n .secondaryPrivateIpAddressCount(7)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:NatGateway\n properties:\n connectivityType: private\n subnetId: ${exampleAwsSubnet.id}\n secondaryPrivateIpAddressCount: 7\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import NAT Gateways using the `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/natGateway:NatGateway private_gw nat-05dba92075d71c408\n```\n", "properties": { "allocationId": { "type": "string", @@ -219822,7 +219822,7 @@ } }, "aws:ec2/spotFleetRequest:SpotFleetRequest": { - "description": "Provides an EC2 Spot Fleet Request resource. This allows a fleet of Spot\ninstances to be requested on the Spot market.\n\n\u003e **NOTE [AWS strongly discourages](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-best-practices.html#which-spot-request-method-to-use) the use of the legacy APIs called by this resource.\nWe recommend using the EC2 Fleet or Auto Scaling Group resources instead.\n\n## Example Usage\n\n### Using launch specifications\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Request a Spot fleet\nconst cheapCompute = new aws.ec2.SpotFleetRequest(\"cheap_compute\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.03\",\n allocationStrategy: \"diversified\",\n targetCapacity: 6,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchSpecifications: [\n {\n instanceType: \"m4.10xlarge\",\n ami: \"ami-1234\",\n spotPrice: \"2.793\",\n placementTenancy: \"dedicated\",\n iamInstanceProfileArn: example.arn,\n },\n {\n instanceType: \"m4.4xlarge\",\n ami: \"ami-5678\",\n keyName: \"my-key\",\n spotPrice: \"1.117\",\n iamInstanceProfileArn: example.arn,\n availabilityZone: \"us-west-1a\",\n subnetId: \"subnet-1234\",\n weightedCapacity: \"35\",\n rootBlockDevices: [{\n volumeSize: 300,\n volumeType: \"gp2\",\n }],\n tags: {\n Name: \"spot-fleet-example\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Request a Spot fleet\ncheap_compute = aws.ec2.SpotFleetRequest(\"cheap_compute\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.03\",\n allocation_strategy=\"diversified\",\n target_capacity=6,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_specifications=[\n aws.ec2.SpotFleetRequestLaunchSpecificationArgs(\n instance_type=\"m4.10xlarge\",\n ami=\"ami-1234\",\n spot_price=\"2.793\",\n placement_tenancy=\"dedicated\",\n iam_instance_profile_arn=example[\"arn\"],\n ),\n aws.ec2.SpotFleetRequestLaunchSpecificationArgs(\n instance_type=\"m4.4xlarge\",\n ami=\"ami-5678\",\n key_name=\"my-key\",\n spot_price=\"1.117\",\n iam_instance_profile_arn=example[\"arn\"],\n availability_zone=\"us-west-1a\",\n subnet_id=\"subnet-1234\",\n weighted_capacity=\"35\",\n root_block_devices=[aws.ec2.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs(\n volume_size=300,\n volume_type=\"gp2\",\n )],\n tags={\n \"Name\": \"spot-fleet-example\",\n },\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Request a Spot fleet\n var cheapCompute = new Aws.Ec2.SpotFleetRequest(\"cheap_compute\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.03\",\n AllocationStrategy = \"diversified\",\n TargetCapacity = 6,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchSpecifications = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m4.10xlarge\",\n Ami = \"ami-1234\",\n SpotPrice = \"2.793\",\n PlacementTenancy = \"dedicated\",\n IamInstanceProfileArn = example.Arn,\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m4.4xlarge\",\n Ami = \"ami-5678\",\n KeyName = \"my-key\",\n SpotPrice = \"1.117\",\n IamInstanceProfileArn = example.Arn,\n AvailabilityZone = \"us-west-1a\",\n SubnetId = \"subnet-1234\",\n WeightedCapacity = \"35\",\n RootBlockDevices = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs\n {\n VolumeSize = 300,\n VolumeType = \"gp2\",\n },\n },\n Tags = \n {\n { \"Name\", \"spot-fleet-example\" },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Request a Spot fleet\n\t\t_, err := ec2.NewSpotFleetRequest(ctx, \"cheap_compute\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tSpotPrice: pulumi.String(\"0.03\"),\n\t\t\tAllocationStrategy: pulumi.String(\"diversified\"),\n\t\t\tTargetCapacity: pulumi.Int(6),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t\tLaunchSpecifications: ec2.SpotFleetRequestLaunchSpecificationArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.10xlarge\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-1234\"),\n\t\t\t\t\tSpotPrice: pulumi.String(\"2.793\"),\n\t\t\t\t\tPlacementTenancy: pulumi.String(\"dedicated\"),\n\t\t\t\t\tIamInstanceProfileArn: pulumi.Any(example.Arn),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.4xlarge\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-5678\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t\tSpotPrice: pulumi.String(\"1.117\"),\n\t\t\t\t\tIamInstanceProfileArn: pulumi.Any(example.Arn),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-1a\"),\n\t\t\t\t\tSubnetId: pulumi.String(\"subnet-1234\"),\n\t\t\t\t\tWeightedCapacity: pulumi.String(\"35\"),\n\t\t\t\t\tRootBlockDevices: ec2.SpotFleetRequestLaunchSpecificationRootBlockDeviceArray{\n\t\t\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs{\n\t\t\t\t\t\t\tVolumeSize: pulumi.Int(300),\n\t\t\t\t\t\t\tVolumeType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\"Name\": pulumi.String(\"spot-fleet-example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Request a Spot fleet\n var cheapCompute = new SpotFleetRequest(\"cheapCompute\", SpotFleetRequestArgs.builder() \n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.03\")\n .allocationStrategy(\"diversified\")\n .targetCapacity(6)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchSpecifications( \n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m4.10xlarge\")\n .ami(\"ami-1234\")\n .spotPrice(\"2.793\")\n .placementTenancy(\"dedicated\")\n .iamInstanceProfileArn(example.arn())\n .build(),\n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m4.4xlarge\")\n .ami(\"ami-5678\")\n .keyName(\"my-key\")\n .spotPrice(\"1.117\")\n .iamInstanceProfileArn(example.arn())\n .availabilityZone(\"us-west-1a\")\n .subnetId(\"subnet-1234\")\n .weightedCapacity(35)\n .rootBlockDevices(SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs.builder()\n .volumeSize(\"300\")\n .volumeType(\"gp2\")\n .build())\n .tags(Map.of(\"Name\", \"spot-fleet-example\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Request a Spot fleet\n cheapCompute:\n type: aws:ec2:SpotFleetRequest\n name: cheap_compute\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.03'\n allocationStrategy: diversified\n targetCapacity: 6\n validUntil: 2019-11-04T20:44:20Z\n launchSpecifications:\n - instanceType: m4.10xlarge\n ami: ami-1234\n spotPrice: '2.793'\n placementTenancy: dedicated\n iamInstanceProfileArn: ${example.arn}\n - instanceType: m4.4xlarge\n ami: ami-5678\n keyName: my-key\n spotPrice: '1.117'\n iamInstanceProfileArn: ${example.arn}\n availabilityZone: us-west-1a\n subnetId: subnet-1234\n weightedCapacity: 35\n rootBlockDevices:\n - volumeSize: '300'\n volumeType: gp2\n tags:\n Name: spot-fleet-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using launch templates\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.LaunchTemplate(\"foo\", {\n name: \"launch-template\",\n imageId: \"ami-516b9131\",\n instanceType: \"m1.small\",\n keyName: \"some-key\",\n});\nconst fooSpotFleetRequest = new aws.ec2.SpotFleetRequest(\"foo\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.005\",\n targetCapacity: 2,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchTemplateConfigs: [{\n launchTemplateSpecification: {\n id: foo.id,\n version: foo.latestVersion,\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.LaunchTemplate(\"foo\",\n name=\"launch-template\",\n image_id=\"ami-516b9131\",\n instance_type=\"m1.small\",\n key_name=\"some-key\")\nfoo_spot_fleet_request = aws.ec2.SpotFleetRequest(\"foo\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.005\",\n target_capacity=2,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_template_configs=[aws.ec2.SpotFleetRequestLaunchTemplateConfigArgs(\n launch_template_specification=aws.ec2.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs(\n id=foo.id,\n version=foo.latest_version,\n ),\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.LaunchTemplate(\"foo\", new()\n {\n Name = \"launch-template\",\n ImageId = \"ami-516b9131\",\n InstanceType = \"m1.small\",\n KeyName = \"some-key\",\n });\n\n var fooSpotFleetRequest = new Aws.Ec2.SpotFleetRequest(\"foo\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.005\",\n TargetCapacity = 2,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchTemplateConfigs = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigArgs\n {\n LaunchTemplateSpecification = new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs\n {\n Id = foo.Id,\n Version = foo.LatestVersion,\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.NewLaunchTemplate(ctx, \"foo\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tName: pulumi.String(\"launch-template\"),\n\t\t\tImageId: pulumi.String(\"ami-516b9131\"),\n\t\t\tInstanceType: pulumi.String(\"m1.small\"),\n\t\t\tKeyName: pulumi.String(\"some-key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSpotFleetRequest(ctx, \"foo\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tSpotPrice: pulumi.String(\"0.005\"),\n\t\t\tTargetCapacity: pulumi.Int(2),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t\tLaunchTemplateConfigs: ec2.SpotFleetRequestLaunchTemplateConfigArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchTemplateConfigArgs{\n\t\t\t\t\tLaunchTemplateSpecification: \u0026ec2.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs{\n\t\t\t\t\t\tId: foo.ID(),\n\t\t\t\t\t\tVersion: foo.LatestVersion,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new LaunchTemplate(\"foo\", LaunchTemplateArgs.builder() \n .name(\"launch-template\")\n .imageId(\"ami-516b9131\")\n .instanceType(\"m1.small\")\n .keyName(\"some-key\")\n .build());\n\n var fooSpotFleetRequest = new SpotFleetRequest(\"fooSpotFleetRequest\", SpotFleetRequestArgs.builder() \n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.005\")\n .targetCapacity(2)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchTemplateConfigs(SpotFleetRequestLaunchTemplateConfigArgs.builder()\n .launchTemplateSpecification(SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs.builder()\n .id(foo.id())\n .version(foo.latestVersion())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:LaunchTemplate\n properties:\n name: launch-template\n imageId: ami-516b9131\n instanceType: m1.small\n keyName: some-key\n fooSpotFleetRequest:\n type: aws:ec2:SpotFleetRequest\n name: foo\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.005'\n targetCapacity: 2\n validUntil: 2019-11-04T20:44:20Z\n launchTemplateConfigs:\n - launchTemplateSpecification:\n id: ${foo.id}\n version: ${foo.latestVersion}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **NOTE:** This provider does not support the functionality where multiple `subnet_id` or `availability_zone` parameters can be specified in the same\nlaunch configuration block. If you want to specify multiple values, then separate launch configuration blocks should be used or launch template overrides should be configured, one per subnet:\n\n### Using multiple launch specifications\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.SpotFleetRequest(\"foo\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.005\",\n targetCapacity: 2,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchSpecifications: [\n {\n instanceType: \"m1.small\",\n ami: \"ami-d06a90b0\",\n keyName: \"my-key\",\n availabilityZone: \"us-west-2a\",\n },\n {\n instanceType: \"m5.large\",\n ami: \"ami-d06a90b0\",\n keyName: \"my-key\",\n availabilityZone: \"us-west-2a\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.SpotFleetRequest(\"foo\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.005\",\n target_capacity=2,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_specifications=[\n aws.ec2.SpotFleetRequestLaunchSpecificationArgs(\n instance_type=\"m1.small\",\n ami=\"ami-d06a90b0\",\n key_name=\"my-key\",\n availability_zone=\"us-west-2a\",\n ),\n aws.ec2.SpotFleetRequestLaunchSpecificationArgs(\n instance_type=\"m5.large\",\n ami=\"ami-d06a90b0\",\n key_name=\"my-key\",\n availability_zone=\"us-west-2a\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.SpotFleetRequest(\"foo\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.005\",\n TargetCapacity = 2,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchSpecifications = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m1.small\",\n Ami = \"ami-d06a90b0\",\n KeyName = \"my-key\",\n AvailabilityZone = \"us-west-2a\",\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m5.large\",\n Ami = \"ami-d06a90b0\",\n KeyName = \"my-key\",\n AvailabilityZone = \"us-west-2a\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSpotFleetRequest(ctx, \"foo\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tSpotPrice: pulumi.String(\"0.005\"),\n\t\t\tTargetCapacity: pulumi.Int(2),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t\tLaunchSpecifications: ec2.SpotFleetRequestLaunchSpecificationArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m1.small\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-d06a90b0\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m5.large\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-d06a90b0\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new SpotFleetRequest(\"foo\", SpotFleetRequestArgs.builder() \n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.005\")\n .targetCapacity(2)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchSpecifications( \n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m1.small\")\n .ami(\"ami-d06a90b0\")\n .keyName(\"my-key\")\n .availabilityZone(\"us-west-2a\")\n .build(),\n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m5.large\")\n .ami(\"ami-d06a90b0\")\n .keyName(\"my-key\")\n .availabilityZone(\"us-west-2a\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:SpotFleetRequest\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.005'\n targetCapacity: 2\n validUntil: 2019-11-04T20:44:20Z\n launchSpecifications:\n - instanceType: m1.small\n ami: ami-d06a90b0\n keyName: my-key\n availabilityZone: us-west-2a\n - instanceType: m5.large\n ami: ami-d06a90b0\n keyName: my-key\n availabilityZone: us-west-2a\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e In this example, we use a `dynamic` block to define zero or more `launch_specification` blocks, producing one for each element in the list of subnet ids.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst subnets = config.requireObject(\"subnets\");\nconst example = new aws.ec2.SpotFleetRequest(\"example\", {\n launchSpecifications: .map(s =\u003e ({\n subnetId: s[1],\n })).map((v, k) =\u003e ({key: k, value: v})).map(entry =\u003e ({\n ami: \"ami-1234\",\n instanceType: \"m4.4xlarge\",\n subnetId: entry.value.subnetId,\n vpcSecurityGroupIds: \"sg-123456\",\n rootBlockDevices: [{\n volumeSize: 8,\n volumeType: \"gp2\",\n deleteOnTermination: true,\n }],\n tags: {\n Name: \"Spot Node\",\n tag_builder: \"builder\",\n },\n })),\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n targetCapacity: 3,\n validUntil: \"2019-11-04T20:44:20Z\",\n allocationStrategy: \"lowestPrice\",\n fleetType: \"request\",\n waitForFulfillment: true,\n terminateInstancesWithExpiration: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsubnets = config.require_object(\"subnets\")\nexample = aws.ec2.SpotFleetRequest(\"example\",\n launch_specifications=[aws.ec2.SpotFleetRequestLaunchSpecificationArgs(\n ami=\"ami-1234\",\n instance_type=\"m4.4xlarge\",\n subnet_id=entry[\"value\"][\"subnetId\"],\n vpc_security_group_ids=\"sg-123456\",\n root_block_devices=[aws.ec2.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs(\n volume_size=8,\n volume_type=\"gp2\",\n delete_on_termination=True,\n )],\n tags={\n \"Name\": \"Spot Node\",\n \"tag_builder\": \"builder\",\n },\n ) for entry in [{\"key\": k, \"value\": v} for k, v in [{\n \"subnetId\": s[1],\n } for s in subnets]]],\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n target_capacity=3,\n valid_until=\"2019-11-04T20:44:20Z\",\n allocation_strategy=\"lowestPrice\",\n fleet_type=\"request\",\n wait_for_fulfillment=True,\n terminate_instances_with_expiration=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var subnets = config.RequireObject\u003cdynamic\u003e(\"subnets\");\n var example = new Aws.Ec2.SpotFleetRequest(\"example\", new()\n {\n LaunchSpecifications = .Select(s =\u003e \n {\n return \n {\n { \"subnetId\", s[1] },\n };\n }).ToList().Select((v, k) =\u003e new { Key = k, Value = v }).Select(entry =\u003e \n {\n return new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n Ami = \"ami-1234\",\n InstanceType = \"m4.4xlarge\",\n SubnetId = entry.Value.SubnetId,\n VpcSecurityGroupIds = \"sg-123456\",\n RootBlockDevices = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs\n {\n VolumeSize = 8,\n VolumeType = \"gp2\",\n DeleteOnTermination = true,\n },\n },\n Tags = \n {\n { \"Name\", \"Spot Node\" },\n { \"tag_builder\", \"builder\" },\n },\n };\n }).ToList(),\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n TargetCapacity = 3,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n AllocationStrategy = \"lowestPrice\",\n FleetType = \"request\",\n WaitForFulfillment = true,\n TerminateInstancesWithExpiration = true,\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using multiple launch configurations\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getSubnets({\n filters: [{\n name: \"vpc-id\",\n values: [vpcId],\n }],\n});\nconst foo = new aws.ec2.LaunchTemplate(\"foo\", {\n name: \"launch-template\",\n imageId: \"ami-516b9131\",\n instanceType: \"m1.small\",\n keyName: \"some-key\",\n});\nconst fooSpotFleetRequest = new aws.ec2.SpotFleetRequest(\"foo\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.005\",\n targetCapacity: 2,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchTemplateConfigs: [{\n launchTemplateSpecification: {\n id: foo.id,\n version: foo.latestVersion,\n },\n overrides: [\n {\n subnetId: example.then(example =\u003e example.ids?.[0]),\n },\n {\n subnetId: example.then(example =\u003e example.ids?.[1]),\n },\n {\n subnetId: example.then(example =\u003e example.ids?.[2]),\n },\n ],\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_subnets(filters=[aws.ec2.GetSubnetsFilterArgs(\n name=\"vpc-id\",\n values=[vpc_id],\n)])\nfoo = aws.ec2.LaunchTemplate(\"foo\",\n name=\"launch-template\",\n image_id=\"ami-516b9131\",\n instance_type=\"m1.small\",\n key_name=\"some-key\")\nfoo_spot_fleet_request = aws.ec2.SpotFleetRequest(\"foo\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.005\",\n target_capacity=2,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_template_configs=[aws.ec2.SpotFleetRequestLaunchTemplateConfigArgs(\n launch_template_specification=aws.ec2.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs(\n id=foo.id,\n version=foo.latest_version,\n ),\n overrides=[\n aws.ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs(\n subnet_id=example.ids[0],\n ),\n aws.ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs(\n subnet_id=example.ids[1],\n ),\n aws.ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs(\n subnet_id=example.ids[2],\n ),\n ],\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetSubnets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetsFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n vpcId,\n },\n },\n },\n });\n\n var foo = new Aws.Ec2.LaunchTemplate(\"foo\", new()\n {\n Name = \"launch-template\",\n ImageId = \"ami-516b9131\",\n InstanceType = \"m1.small\",\n KeyName = \"some-key\",\n });\n\n var fooSpotFleetRequest = new Aws.Ec2.SpotFleetRequest(\"foo\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.005\",\n TargetCapacity = 2,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchTemplateConfigs = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigArgs\n {\n LaunchTemplateSpecification = new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs\n {\n Id = foo.Id,\n Version = foo.LatestVersion,\n },\n Overrides = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigOverrideArgs\n {\n SubnetId = example.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[0]),\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigOverrideArgs\n {\n SubnetId = example.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[1]),\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigOverrideArgs\n {\n SubnetId = example.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[2]),\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexample, err := ec2.GetSubnets(ctx, \u0026ec2.GetSubnetsArgs{\nFilters: []ec2.GetSubnetsFilter{\n{\nName: \"vpc-id\",\nValues: interface{}{\nvpcId,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nfoo, err := ec2.NewLaunchTemplate(ctx, \"foo\", \u0026ec2.LaunchTemplateArgs{\nName: pulumi.String(\"launch-template\"),\nImageId: pulumi.String(\"ami-516b9131\"),\nInstanceType: pulumi.String(\"m1.small\"),\nKeyName: pulumi.String(\"some-key\"),\n})\nif err != nil {\nreturn err\n}\n_, err = ec2.NewSpotFleetRequest(ctx, \"foo\", \u0026ec2.SpotFleetRequestArgs{\nIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\nSpotPrice: pulumi.String(\"0.005\"),\nTargetCapacity: pulumi.Int(2),\nValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\nLaunchTemplateConfigs: ec2.SpotFleetRequestLaunchTemplateConfigArray{\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigArgs{\nLaunchTemplateSpecification: \u0026ec2.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs{\nId: foo.ID(),\nVersion: foo.LatestVersion,\n},\nOverrides: ec2.SpotFleetRequestLaunchTemplateConfigOverrideArray{\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs{\nSubnetId: pulumi.String(example.Ids[0]),\n},\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs{\nSubnetId: pulumi.String(example.Ids[1]),\n},\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs{\nSubnetId: pulumi.String(example.Ids[2]),\n},\n},\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSubnetsArgs;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getSubnets(GetSubnetsArgs.builder()\n .filters(GetSubnetsFilterArgs.builder()\n .name(\"vpc-id\")\n .values(vpcId)\n .build())\n .build());\n\n var foo = new LaunchTemplate(\"foo\", LaunchTemplateArgs.builder() \n .name(\"launch-template\")\n .imageId(\"ami-516b9131\")\n .instanceType(\"m1.small\")\n .keyName(\"some-key\")\n .build());\n\n var fooSpotFleetRequest = new SpotFleetRequest(\"fooSpotFleetRequest\", SpotFleetRequestArgs.builder() \n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.005\")\n .targetCapacity(2)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchTemplateConfigs(SpotFleetRequestLaunchTemplateConfigArgs.builder()\n .launchTemplateSpecification(SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs.builder()\n .id(foo.id())\n .version(foo.latestVersion())\n .build())\n .overrides( \n SpotFleetRequestLaunchTemplateConfigOverrideArgs.builder()\n .subnetId(example.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[0]))\n .build(),\n SpotFleetRequestLaunchTemplateConfigOverrideArgs.builder()\n .subnetId(example.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[1]))\n .build(),\n SpotFleetRequestLaunchTemplateConfigOverrideArgs.builder()\n .subnetId(example.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[2]))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:LaunchTemplate\n properties:\n name: launch-template\n imageId: ami-516b9131\n instanceType: m1.small\n keyName: some-key\n fooSpotFleetRequest:\n type: aws:ec2:SpotFleetRequest\n name: foo\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.005'\n targetCapacity: 2\n validUntil: 2019-11-04T20:44:20Z\n launchTemplateConfigs:\n - launchTemplateSpecification:\n id: ${foo.id}\n version: ${foo.latestVersion}\n overrides:\n - subnetId: ${example.ids[0]}\n - subnetId: ${example.ids[1]}\n - subnetId: ${example.ids[2]}\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getSubnets\n Arguments:\n filters:\n - name: vpc-id\n values:\n - ${vpcId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Spot Fleet Requests using `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/spotFleetRequest:SpotFleetRequest fleet sfr-005e9ec8-5546-4c31-b317-31a62325411e\n```\n", + "description": "Provides an EC2 Spot Fleet Request resource. This allows a fleet of Spot\ninstances to be requested on the Spot market.\n\n\u003e **NOTE [AWS strongly discourages](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-best-practices.html#which-spot-request-method-to-use) the use of the legacy APIs called by this resource.\nWe recommend using the EC2 Fleet or Auto Scaling Group resources instead.\n\n## Example Usage\n\n### Using launch specifications\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Request a Spot fleet\nconst cheapCompute = new aws.ec2.SpotFleetRequest(\"cheap_compute\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.03\",\n allocationStrategy: \"diversified\",\n targetCapacity: 6,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchSpecifications: [\n {\n instanceType: \"m4.10xlarge\",\n ami: \"ami-1234\",\n spotPrice: \"2.793\",\n placementTenancy: \"dedicated\",\n iamInstanceProfileArn: example.arn,\n },\n {\n instanceType: \"m4.4xlarge\",\n ami: \"ami-5678\",\n keyName: \"my-key\",\n spotPrice: \"1.117\",\n iamInstanceProfileArn: example.arn,\n availabilityZone: \"us-west-1a\",\n subnetId: \"subnet-1234\",\n weightedCapacity: \"35\",\n rootBlockDevices: [{\n volumeSize: 300,\n volumeType: \"gp2\",\n }],\n tags: {\n Name: \"spot-fleet-example\",\n },\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Request a Spot fleet\ncheap_compute = aws.ec2.SpotFleetRequest(\"cheap_compute\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.03\",\n allocation_strategy=\"diversified\",\n target_capacity=6,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_specifications=[\n aws.ec2.SpotFleetRequestLaunchSpecificationArgs(\n instance_type=\"m4.10xlarge\",\n ami=\"ami-1234\",\n spot_price=\"2.793\",\n placement_tenancy=\"dedicated\",\n iam_instance_profile_arn=example[\"arn\"],\n ),\n aws.ec2.SpotFleetRequestLaunchSpecificationArgs(\n instance_type=\"m4.4xlarge\",\n ami=\"ami-5678\",\n key_name=\"my-key\",\n spot_price=\"1.117\",\n iam_instance_profile_arn=example[\"arn\"],\n availability_zone=\"us-west-1a\",\n subnet_id=\"subnet-1234\",\n weighted_capacity=\"35\",\n root_block_devices=[aws.ec2.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs(\n volume_size=300,\n volume_type=\"gp2\",\n )],\n tags={\n \"Name\": \"spot-fleet-example\",\n },\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Request a Spot fleet\n var cheapCompute = new Aws.Ec2.SpotFleetRequest(\"cheap_compute\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.03\",\n AllocationStrategy = \"diversified\",\n TargetCapacity = 6,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchSpecifications = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m4.10xlarge\",\n Ami = \"ami-1234\",\n SpotPrice = \"2.793\",\n PlacementTenancy = \"dedicated\",\n IamInstanceProfileArn = example.Arn,\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m4.4xlarge\",\n Ami = \"ami-5678\",\n KeyName = \"my-key\",\n SpotPrice = \"1.117\",\n IamInstanceProfileArn = example.Arn,\n AvailabilityZone = \"us-west-1a\",\n SubnetId = \"subnet-1234\",\n WeightedCapacity = \"35\",\n RootBlockDevices = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs\n {\n VolumeSize = 300,\n VolumeType = \"gp2\",\n },\n },\n Tags = \n {\n { \"Name\", \"spot-fleet-example\" },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Request a Spot fleet\n\t\t_, err := ec2.NewSpotFleetRequest(ctx, \"cheap_compute\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tSpotPrice: pulumi.String(\"0.03\"),\n\t\t\tAllocationStrategy: pulumi.String(\"diversified\"),\n\t\t\tTargetCapacity: pulumi.Int(6),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t\tLaunchSpecifications: ec2.SpotFleetRequestLaunchSpecificationArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.10xlarge\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-1234\"),\n\t\t\t\t\tSpotPrice: pulumi.String(\"2.793\"),\n\t\t\t\t\tPlacementTenancy: pulumi.String(\"dedicated\"),\n\t\t\t\t\tIamInstanceProfileArn: pulumi.Any(example.Arn),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m4.4xlarge\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-5678\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t\tSpotPrice: pulumi.String(\"1.117\"),\n\t\t\t\t\tIamInstanceProfileArn: pulumi.Any(example.Arn),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-1a\"),\n\t\t\t\t\tSubnetId: pulumi.String(\"subnet-1234\"),\n\t\t\t\t\tWeightedCapacity: pulumi.String(\"35\"),\n\t\t\t\t\tRootBlockDevices: ec2.SpotFleetRequestLaunchSpecificationRootBlockDeviceArray{\n\t\t\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs{\n\t\t\t\t\t\t\tVolumeSize: pulumi.Int(300),\n\t\t\t\t\t\t\tVolumeType: pulumi.String(\"gp2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\"Name\": pulumi.String(\"spot-fleet-example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Request a Spot fleet\n var cheapCompute = new SpotFleetRequest(\"cheapCompute\", SpotFleetRequestArgs.builder() \n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.03\")\n .allocationStrategy(\"diversified\")\n .targetCapacity(6)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchSpecifications( \n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m4.10xlarge\")\n .ami(\"ami-1234\")\n .spotPrice(\"2.793\")\n .placementTenancy(\"dedicated\")\n .iamInstanceProfileArn(example.arn())\n .build(),\n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m4.4xlarge\")\n .ami(\"ami-5678\")\n .keyName(\"my-key\")\n .spotPrice(\"1.117\")\n .iamInstanceProfileArn(example.arn())\n .availabilityZone(\"us-west-1a\")\n .subnetId(\"subnet-1234\")\n .weightedCapacity(35)\n .rootBlockDevices(SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs.builder()\n .volumeSize(\"300\")\n .volumeType(\"gp2\")\n .build())\n .tags(Map.of(\"Name\", \"spot-fleet-example\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Request a Spot fleet\n cheapCompute:\n type: aws:ec2:SpotFleetRequest\n name: cheap_compute\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.03'\n allocationStrategy: diversified\n targetCapacity: 6\n validUntil: 2019-11-04T20:44:20Z\n launchSpecifications:\n - instanceType: m4.10xlarge\n ami: ami-1234\n spotPrice: '2.793'\n placementTenancy: dedicated\n iamInstanceProfileArn: ${example.arn}\n - instanceType: m4.4xlarge\n ami: ami-5678\n keyName: my-key\n spotPrice: '1.117'\n iamInstanceProfileArn: ${example.arn}\n availabilityZone: us-west-1a\n subnetId: subnet-1234\n weightedCapacity: 35\n rootBlockDevices:\n - volumeSize: '300'\n volumeType: gp2\n tags:\n Name: spot-fleet-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using launch templates\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.LaunchTemplate(\"foo\", {\n name: \"launch-template\",\n imageId: \"ami-516b9131\",\n instanceType: \"m1.small\",\n keyName: \"some-key\",\n});\nconst fooSpotFleetRequest = new aws.ec2.SpotFleetRequest(\"foo\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.005\",\n targetCapacity: 2,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchTemplateConfigs: [{\n launchTemplateSpecification: {\n id: foo.id,\n version: foo.latestVersion,\n },\n }],\n}, {\n dependsOn: [test_attach],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.LaunchTemplate(\"foo\",\n name=\"launch-template\",\n image_id=\"ami-516b9131\",\n instance_type=\"m1.small\",\n key_name=\"some-key\")\nfoo_spot_fleet_request = aws.ec2.SpotFleetRequest(\"foo\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.005\",\n target_capacity=2,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_template_configs=[aws.ec2.SpotFleetRequestLaunchTemplateConfigArgs(\n launch_template_specification=aws.ec2.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs(\n id=foo.id,\n version=foo.latest_version,\n ),\n )],\n opts=pulumi.ResourceOptions(depends_on=[test_attach]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.LaunchTemplate(\"foo\", new()\n {\n Name = \"launch-template\",\n ImageId = \"ami-516b9131\",\n InstanceType = \"m1.small\",\n KeyName = \"some-key\",\n });\n\n var fooSpotFleetRequest = new Aws.Ec2.SpotFleetRequest(\"foo\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.005\",\n TargetCapacity = 2,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchTemplateConfigs = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigArgs\n {\n LaunchTemplateSpecification = new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs\n {\n Id = foo.Id,\n Version = foo.LatestVersion,\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test_attach, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tfoo, err := ec2.NewLaunchTemplate(ctx, \"foo\", \u0026ec2.LaunchTemplateArgs{\n\t\t\tName: pulumi.String(\"launch-template\"),\n\t\t\tImageId: pulumi.String(\"ami-516b9131\"),\n\t\t\tInstanceType: pulumi.String(\"m1.small\"),\n\t\t\tKeyName: pulumi.String(\"some-key\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewSpotFleetRequest(ctx, \"foo\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tSpotPrice: pulumi.String(\"0.005\"),\n\t\t\tTargetCapacity: pulumi.Int(2),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t\tLaunchTemplateConfigs: ec2.SpotFleetRequestLaunchTemplateConfigArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchTemplateConfigArgs{\n\t\t\t\t\tLaunchTemplateSpecification: \u0026ec2.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs{\n\t\t\t\t\t\tId: foo.ID(),\n\t\t\t\t\t\tVersion: foo.LatestVersion,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttest_attach,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new LaunchTemplate(\"foo\", LaunchTemplateArgs.builder() \n .name(\"launch-template\")\n .imageId(\"ami-516b9131\")\n .instanceType(\"m1.small\")\n .keyName(\"some-key\")\n .build());\n\n var fooSpotFleetRequest = new SpotFleetRequest(\"fooSpotFleetRequest\", SpotFleetRequestArgs.builder() \n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.005\")\n .targetCapacity(2)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchTemplateConfigs(SpotFleetRequestLaunchTemplateConfigArgs.builder()\n .launchTemplateSpecification(SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs.builder()\n .id(foo.id())\n .version(foo.latestVersion())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test_attach)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:LaunchTemplate\n properties:\n name: launch-template\n imageId: ami-516b9131\n instanceType: m1.small\n keyName: some-key\n fooSpotFleetRequest:\n type: aws:ec2:SpotFleetRequest\n name: foo\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.005'\n targetCapacity: 2\n validUntil: 2019-11-04T20:44:20Z\n launchTemplateConfigs:\n - launchTemplateSpecification:\n id: ${foo.id}\n version: ${foo.latestVersion}\n options:\n dependson:\n - ${[\"test-attach\"]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **NOTE:** This provider does not support the functionality where multiple `subnet_id` or `availability_zone` parameters can be specified in the same\nlaunch configuration block. If you want to specify multiple values, then separate launch configuration blocks should be used or launch template overrides should be configured, one per subnet:\n\n### Using multiple launch specifications\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst foo = new aws.ec2.SpotFleetRequest(\"foo\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.005\",\n targetCapacity: 2,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchSpecifications: [\n {\n instanceType: \"m1.small\",\n ami: \"ami-d06a90b0\",\n keyName: \"my-key\",\n availabilityZone: \"us-west-2a\",\n },\n {\n instanceType: \"m5.large\",\n ami: \"ami-d06a90b0\",\n keyName: \"my-key\",\n availabilityZone: \"us-west-2a\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nfoo = aws.ec2.SpotFleetRequest(\"foo\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.005\",\n target_capacity=2,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_specifications=[\n aws.ec2.SpotFleetRequestLaunchSpecificationArgs(\n instance_type=\"m1.small\",\n ami=\"ami-d06a90b0\",\n key_name=\"my-key\",\n availability_zone=\"us-west-2a\",\n ),\n aws.ec2.SpotFleetRequestLaunchSpecificationArgs(\n instance_type=\"m5.large\",\n ami=\"ami-d06a90b0\",\n key_name=\"my-key\",\n availability_zone=\"us-west-2a\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var foo = new Aws.Ec2.SpotFleetRequest(\"foo\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.005\",\n TargetCapacity = 2,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchSpecifications = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m1.small\",\n Ami = \"ami-d06a90b0\",\n KeyName = \"my-key\",\n AvailabilityZone = \"us-west-2a\",\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n InstanceType = \"m5.large\",\n Ami = \"ami-d06a90b0\",\n KeyName = \"my-key\",\n AvailabilityZone = \"us-west-2a\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewSpotFleetRequest(ctx, \"foo\", \u0026ec2.SpotFleetRequestArgs{\n\t\t\tIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\n\t\t\tSpotPrice: pulumi.String(\"0.005\"),\n\t\t\tTargetCapacity: pulumi.Int(2),\n\t\t\tValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\n\t\t\tLaunchSpecifications: ec2.SpotFleetRequestLaunchSpecificationArray{\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m1.small\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-d06a90b0\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\t\t},\n\t\t\t\t\u0026ec2.SpotFleetRequestLaunchSpecificationArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"m5.large\"),\n\t\t\t\t\tAmi: pulumi.String(\"ami-d06a90b0\"),\n\t\t\t\t\tKeyName: pulumi.String(\"my-key\"),\n\t\t\t\t\tAvailabilityZone: pulumi.String(\"us-west-2a\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchSpecificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var foo = new SpotFleetRequest(\"foo\", SpotFleetRequestArgs.builder() \n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.005\")\n .targetCapacity(2)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchSpecifications( \n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m1.small\")\n .ami(\"ami-d06a90b0\")\n .keyName(\"my-key\")\n .availabilityZone(\"us-west-2a\")\n .build(),\n SpotFleetRequestLaunchSpecificationArgs.builder()\n .instanceType(\"m5.large\")\n .ami(\"ami-d06a90b0\")\n .keyName(\"my-key\")\n .availabilityZone(\"us-west-2a\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:SpotFleetRequest\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.005'\n targetCapacity: 2\n validUntil: 2019-11-04T20:44:20Z\n launchSpecifications:\n - instanceType: m1.small\n ami: ami-d06a90b0\n keyName: my-key\n availabilityZone: us-west-2a\n - instanceType: m5.large\n ami: ami-d06a90b0\n keyName: my-key\n availabilityZone: us-west-2a\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e In this example, we use a `dynamic` block to define zero or more `launch_specification` blocks, producing one for each element in the list of subnet ids.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst subnets = config.requireObject(\"subnets\");\nconst example = new aws.ec2.SpotFleetRequest(\"example\", {\n launchSpecifications: .map(s =\u003e ({\n subnetId: s[1],\n })).map((v, k) =\u003e ({key: k, value: v})).map(entry =\u003e ({\n ami: \"ami-1234\",\n instanceType: \"m4.4xlarge\",\n subnetId: entry.value.subnetId,\n vpcSecurityGroupIds: \"sg-123456\",\n rootBlockDevices: [{\n volumeSize: 8,\n volumeType: \"gp2\",\n deleteOnTermination: true,\n }],\n tags: {\n Name: \"Spot Node\",\n tag_builder: \"builder\",\n },\n })),\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n targetCapacity: 3,\n validUntil: \"2019-11-04T20:44:20Z\",\n allocationStrategy: \"lowestPrice\",\n fleetType: \"request\",\n waitForFulfillment: true,\n terminateInstancesWithExpiration: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nsubnets = config.require_object(\"subnets\")\nexample = aws.ec2.SpotFleetRequest(\"example\",\n launch_specifications=[aws.ec2.SpotFleetRequestLaunchSpecificationArgs(\n ami=\"ami-1234\",\n instance_type=\"m4.4xlarge\",\n subnet_id=entry[\"value\"][\"subnetId\"],\n vpc_security_group_ids=\"sg-123456\",\n root_block_devices=[aws.ec2.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs(\n volume_size=8,\n volume_type=\"gp2\",\n delete_on_termination=True,\n )],\n tags={\n \"Name\": \"Spot Node\",\n \"tag_builder\": \"builder\",\n },\n ) for entry in [{\"key\": k, \"value\": v} for k, v in [{\n \"subnetId\": s[1],\n } for s in subnets]]],\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n target_capacity=3,\n valid_until=\"2019-11-04T20:44:20Z\",\n allocation_strategy=\"lowestPrice\",\n fleet_type=\"request\",\n wait_for_fulfillment=True,\n terminate_instances_with_expiration=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var subnets = config.RequireObject\u003cdynamic\u003e(\"subnets\");\n var example = new Aws.Ec2.SpotFleetRequest(\"example\", new()\n {\n LaunchSpecifications = .Select(s =\u003e \n {\n return \n {\n { \"subnetId\", s[1] },\n };\n }).ToList().Select((v, k) =\u003e new { Key = k, Value = v }).Select(entry =\u003e \n {\n return new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationArgs\n {\n Ami = \"ami-1234\",\n InstanceType = \"m4.4xlarge\",\n SubnetId = entry.Value.SubnetId,\n VpcSecurityGroupIds = \"sg-123456\",\n RootBlockDevices = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchSpecificationRootBlockDeviceArgs\n {\n VolumeSize = 8,\n VolumeType = \"gp2\",\n DeleteOnTermination = true,\n },\n },\n Tags = \n {\n { \"Name\", \"Spot Node\" },\n { \"tag_builder\", \"builder\" },\n },\n };\n }).ToList(),\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n TargetCapacity = 3,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n AllocationStrategy = \"lowestPrice\",\n FleetType = \"request\",\n WaitForFulfillment = true,\n TerminateInstancesWithExpiration = true,\n });\n\n});\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using multiple launch configurations\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.ec2.getSubnets({\n filters: [{\n name: \"vpc-id\",\n values: [vpcId],\n }],\n});\nconst foo = new aws.ec2.LaunchTemplate(\"foo\", {\n name: \"launch-template\",\n imageId: \"ami-516b9131\",\n instanceType: \"m1.small\",\n keyName: \"some-key\",\n});\nconst fooSpotFleetRequest = new aws.ec2.SpotFleetRequest(\"foo\", {\n iamFleetRole: \"arn:aws:iam::12345678:role/spot-fleet\",\n spotPrice: \"0.005\",\n targetCapacity: 2,\n validUntil: \"2019-11-04T20:44:20Z\",\n launchTemplateConfigs: [{\n launchTemplateSpecification: {\n id: foo.id,\n version: foo.latestVersion,\n },\n overrides: [\n {\n subnetId: example.then(example =\u003e example.ids?.[0]),\n },\n {\n subnetId: example.then(example =\u003e example.ids?.[1]),\n },\n {\n subnetId: example.then(example =\u003e example.ids?.[2]),\n },\n ],\n }],\n}, {\n dependsOn: [test_attach],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ec2.get_subnets(filters=[aws.ec2.GetSubnetsFilterArgs(\n name=\"vpc-id\",\n values=[vpc_id],\n)])\nfoo = aws.ec2.LaunchTemplate(\"foo\",\n name=\"launch-template\",\n image_id=\"ami-516b9131\",\n instance_type=\"m1.small\",\n key_name=\"some-key\")\nfoo_spot_fleet_request = aws.ec2.SpotFleetRequest(\"foo\",\n iam_fleet_role=\"arn:aws:iam::12345678:role/spot-fleet\",\n spot_price=\"0.005\",\n target_capacity=2,\n valid_until=\"2019-11-04T20:44:20Z\",\n launch_template_configs=[aws.ec2.SpotFleetRequestLaunchTemplateConfigArgs(\n launch_template_specification=aws.ec2.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs(\n id=foo.id,\n version=foo.latest_version,\n ),\n overrides=[\n aws.ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs(\n subnet_id=example.ids[0],\n ),\n aws.ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs(\n subnet_id=example.ids[1],\n ),\n aws.ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs(\n subnet_id=example.ids[2],\n ),\n ],\n )],\n opts=pulumi.ResourceOptions(depends_on=[test_attach]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Ec2.GetSubnets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetsFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n vpcId,\n },\n },\n },\n });\n\n var foo = new Aws.Ec2.LaunchTemplate(\"foo\", new()\n {\n Name = \"launch-template\",\n ImageId = \"ami-516b9131\",\n InstanceType = \"m1.small\",\n KeyName = \"some-key\",\n });\n\n var fooSpotFleetRequest = new Aws.Ec2.SpotFleetRequest(\"foo\", new()\n {\n IamFleetRole = \"arn:aws:iam::12345678:role/spot-fleet\",\n SpotPrice = \"0.005\",\n TargetCapacity = 2,\n ValidUntil = \"2019-11-04T20:44:20Z\",\n LaunchTemplateConfigs = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigArgs\n {\n LaunchTemplateSpecification = new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs\n {\n Id = foo.Id,\n Version = foo.LatestVersion,\n },\n Overrides = new[]\n {\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigOverrideArgs\n {\n SubnetId = example.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[0]),\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigOverrideArgs\n {\n SubnetId = example.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[1]),\n },\n new Aws.Ec2.Inputs.SpotFleetRequestLaunchTemplateConfigOverrideArgs\n {\n SubnetId = example.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[2]),\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test_attach, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nexample, err := ec2.GetSubnets(ctx, \u0026ec2.GetSubnetsArgs{\nFilters: []ec2.GetSubnetsFilter{\n{\nName: \"vpc-id\",\nValues: interface{}{\nvpcId,\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\nfoo, err := ec2.NewLaunchTemplate(ctx, \"foo\", \u0026ec2.LaunchTemplateArgs{\nName: pulumi.String(\"launch-template\"),\nImageId: pulumi.String(\"ami-516b9131\"),\nInstanceType: pulumi.String(\"m1.small\"),\nKeyName: pulumi.String(\"some-key\"),\n})\nif err != nil {\nreturn err\n}\n_, err = ec2.NewSpotFleetRequest(ctx, \"foo\", \u0026ec2.SpotFleetRequestArgs{\nIamFleetRole: pulumi.String(\"arn:aws:iam::12345678:role/spot-fleet\"),\nSpotPrice: pulumi.String(\"0.005\"),\nTargetCapacity: pulumi.Int(2),\nValidUntil: pulumi.String(\"2019-11-04T20:44:20Z\"),\nLaunchTemplateConfigs: ec2.SpotFleetRequestLaunchTemplateConfigArray{\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigArgs{\nLaunchTemplateSpecification: \u0026ec2.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs{\nId: foo.ID(),\nVersion: foo.LatestVersion,\n},\nOverrides: ec2.SpotFleetRequestLaunchTemplateConfigOverrideArray{\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs{\nSubnetId: pulumi.String(example.Ids[0]),\n},\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs{\nSubnetId: pulumi.String(example.Ids[1]),\n},\n\u0026ec2.SpotFleetRequestLaunchTemplateConfigOverrideArgs{\nSubnetId: pulumi.String(example.Ids[2]),\n},\n},\n},\n},\n}, pulumi.DependsOn([]pulumi.Resource{\ntest_attach,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetSubnetsArgs;\nimport com.pulumi.aws.ec2.LaunchTemplate;\nimport com.pulumi.aws.ec2.LaunchTemplateArgs;\nimport com.pulumi.aws.ec2.SpotFleetRequest;\nimport com.pulumi.aws.ec2.SpotFleetRequestArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigArgs;\nimport com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = Ec2Functions.getSubnets(GetSubnetsArgs.builder()\n .filters(GetSubnetsFilterArgs.builder()\n .name(\"vpc-id\")\n .values(vpcId)\n .build())\n .build());\n\n var foo = new LaunchTemplate(\"foo\", LaunchTemplateArgs.builder() \n .name(\"launch-template\")\n .imageId(\"ami-516b9131\")\n .instanceType(\"m1.small\")\n .keyName(\"some-key\")\n .build());\n\n var fooSpotFleetRequest = new SpotFleetRequest(\"fooSpotFleetRequest\", SpotFleetRequestArgs.builder() \n .iamFleetRole(\"arn:aws:iam::12345678:role/spot-fleet\")\n .spotPrice(\"0.005\")\n .targetCapacity(2)\n .validUntil(\"2019-11-04T20:44:20Z\")\n .launchTemplateConfigs(SpotFleetRequestLaunchTemplateConfigArgs.builder()\n .launchTemplateSpecification(SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs.builder()\n .id(foo.id())\n .version(foo.latestVersion())\n .build())\n .overrides( \n SpotFleetRequestLaunchTemplateConfigOverrideArgs.builder()\n .subnetId(example.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[0]))\n .build(),\n SpotFleetRequestLaunchTemplateConfigOverrideArgs.builder()\n .subnetId(example.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[1]))\n .build(),\n SpotFleetRequestLaunchTemplateConfigOverrideArgs.builder()\n .subnetId(example.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[2]))\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test_attach)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n foo:\n type: aws:ec2:LaunchTemplate\n properties:\n name: launch-template\n imageId: ami-516b9131\n instanceType: m1.small\n keyName: some-key\n fooSpotFleetRequest:\n type: aws:ec2:SpotFleetRequest\n name: foo\n properties:\n iamFleetRole: arn:aws:iam::12345678:role/spot-fleet\n spotPrice: '0.005'\n targetCapacity: 2\n validUntil: 2019-11-04T20:44:20Z\n launchTemplateConfigs:\n - launchTemplateSpecification:\n id: ${foo.id}\n version: ${foo.latestVersion}\n overrides:\n - subnetId: ${example.ids[0]}\n - subnetId: ${example.ids[1]}\n - subnetId: ${example.ids[2]}\n options:\n dependson:\n - ${[\"test-attach\"]}\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getSubnets\n Arguments:\n filters:\n - name: vpc-id\n values:\n - ${vpcId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Spot Fleet Requests using `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/spotFleetRequest:SpotFleetRequest fleet sfr-005e9ec8-5546-4c31-b317-31a62325411e\n```\n", "properties": { "allocationStrategy": { "type": "string", @@ -222336,7 +222336,7 @@ } }, "aws:ec2/vpc:Vpc": { - "description": "Provides a VPC resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder() \n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBasic usage with tags:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n instanceTenancy: \"default\",\n tags: {\n Name: \"main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\",\n cidr_block=\"10.0.0.0/16\",\n instance_tenancy=\"default\",\n tags={\n \"Name\": \"main\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n InstanceTenancy = \"default\",\n Tags = \n {\n { \"Name\", \"main\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tInstanceTenancy: pulumi.String(\"default\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder() \n .cidrBlock(\"10.0.0.0/16\")\n .instanceTenancy(\"default\")\n .tags(Map.of(\"Name\", \"main\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n instanceTenancy: default\n tags:\n Name: main\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nVPC with CIDR from AWS IPAM:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst test = new aws.ec2.VpcIpam(\"test\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst testVpcIpamPool = new aws.ec2.VpcIpamPool(\"test\", {\n addressFamily: \"ipv4\",\n ipamScopeId: test.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst testVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"test\", {\n ipamPoolId: testVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\nconst testVpc = new aws.ec2.Vpc(\"test\", {\n ipv4IpamPoolId: testVpcIpamPool.id,\n ipv4NetmaskLength: 28,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\ntest = aws.ec2.VpcIpam(\"test\", operating_regions=[aws.ec2.VpcIpamOperatingRegionArgs(\n region_name=current.name,\n)])\ntest_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"test\",\n address_family=\"ipv4\",\n ipam_scope_id=test.private_default_scope_id,\n locale=current.name)\ntest_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"test\",\n ipam_pool_id=test_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\ntest_vpc = aws.ec2.Vpc(\"test\",\n ipv4_ipam_pool_id=test_vpc_ipam_pool.id,\n ipv4_netmask_length=28)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var test = new Aws.Ec2.VpcIpam(\"test\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var testVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"test\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = test.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var testVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"test\", new()\n {\n IpamPoolId = testVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n var testVpc = new Aws.Ec2.Vpc(\"test\", new()\n {\n Ipv4IpamPoolId = testVpcIpamPool.Id,\n Ipv4NetmaskLength = 28,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := ec2.NewVpcIpam(ctx, \"test\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"test\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: test.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidr(ctx, \"test\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: testVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpc(ctx, \"test\", \u0026ec2.VpcArgs{\n\t\t\tIpv4IpamPoolId: testVpcIpamPool.ID(),\n\t\t\tIpv4NetmaskLength: pulumi.Int(28),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var test = new VpcIpam(\"test\", VpcIpamArgs.builder() \n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var testVpcIpamPool = new VpcIpamPool(\"testVpcIpamPool\", VpcIpamPoolArgs.builder() \n .addressFamily(\"ipv4\")\n .ipamScopeId(test.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var testVpcIpamPoolCidr = new VpcIpamPoolCidr(\"testVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder() \n .ipamPoolId(testVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n var testVpc = new Vpc(\"testVpc\", VpcArgs.builder() \n .ipv4IpamPoolId(testVpcIpamPool.id())\n .ipv4NetmaskLength(28)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:VpcIpam\n properties:\n operatingRegions:\n - regionName: ${current.name}\n testVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: test\n properties:\n addressFamily: ipv4\n ipamScopeId: ${test.privateDefaultScopeId}\n locale: ${current.name}\n testVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: test\n properties:\n ipamPoolId: ${testVpcIpamPool.id}\n cidr: 172.20.0.0/16\n testVpc:\n type: aws:ec2:Vpc\n name: test\n properties:\n ipv4IpamPoolId: ${testVpcIpamPool.id}\n ipv4NetmaskLength: 28\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPCs using the VPC `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpc:Vpc test_vpc vpc-a01106c2\n```\n", + "description": "Provides a VPC resource.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {cidrBlock: \"10.0.0.0/16\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\", cidr_block=\"10.0.0.0/16\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder() \n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nBasic usage with tags:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = new aws.ec2.Vpc(\"main\", {\n cidrBlock: \"10.0.0.0/16\",\n instanceTenancy: \"default\",\n tags: {\n Name: \"main\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmain = aws.ec2.Vpc(\"main\",\n cidr_block=\"10.0.0.0/16\",\n instance_tenancy=\"default\",\n tags={\n \"Name\": \"main\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = new Aws.Ec2.Vpc(\"main\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n InstanceTenancy = \"default\",\n Tags = \n {\n { \"Name\", \"main\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ec2.NewVpc(ctx, \"main\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t\tInstanceTenancy: pulumi.String(\"default\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"main\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var main = new Vpc(\"main\", VpcArgs.builder() \n .cidrBlock(\"10.0.0.0/16\")\n .instanceTenancy(\"default\")\n .tags(Map.of(\"Name\", \"main\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n main:\n type: aws:ec2:Vpc\n properties:\n cidrBlock: 10.0.0.0/16\n instanceTenancy: default\n tags:\n Name: main\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nVPC with CIDR from AWS IPAM:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst test = new aws.ec2.VpcIpam(\"test\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst testVpcIpamPool = new aws.ec2.VpcIpamPool(\"test\", {\n addressFamily: \"ipv4\",\n ipamScopeId: test.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst testVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"test\", {\n ipamPoolId: testVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\nconst testVpc = new aws.ec2.Vpc(\"test\", {\n ipv4IpamPoolId: testVpcIpamPool.id,\n ipv4NetmaskLength: 28,\n}, {\n dependsOn: [testVpcIpamPoolCidr],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\ntest = aws.ec2.VpcIpam(\"test\", operating_regions=[aws.ec2.VpcIpamOperatingRegionArgs(\n region_name=current.name,\n)])\ntest_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"test\",\n address_family=\"ipv4\",\n ipam_scope_id=test.private_default_scope_id,\n locale=current.name)\ntest_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"test\",\n ipam_pool_id=test_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\ntest_vpc = aws.ec2.Vpc(\"test\",\n ipv4_ipam_pool_id=test_vpc_ipam_pool.id,\n ipv4_netmask_length=28,\n opts=pulumi.ResourceOptions(depends_on=[test_vpc_ipam_pool_cidr]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var test = new Aws.Ec2.VpcIpam(\"test\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var testVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"test\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = test.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var testVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"test\", new()\n {\n IpamPoolId = testVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n var testVpc = new Aws.Ec2.Vpc(\"test\", new()\n {\n Ipv4IpamPoolId = testVpcIpamPool.Id,\n Ipv4NetmaskLength = 28,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testVpcIpamPoolCidr, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := ec2.NewVpcIpam(ctx, \"test\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"test\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: test.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, \"test\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: testVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpc(ctx, \"test\", \u0026ec2.VpcArgs{\n\t\t\tIpv4IpamPoolId: testVpcIpamPool.ID(),\n\t\t\tIpv4NetmaskLength: pulumi.Int(28),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestVpcIpamPoolCidr,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var test = new VpcIpam(\"test\", VpcIpamArgs.builder() \n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var testVpcIpamPool = new VpcIpamPool(\"testVpcIpamPool\", VpcIpamPoolArgs.builder() \n .addressFamily(\"ipv4\")\n .ipamScopeId(test.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var testVpcIpamPoolCidr = new VpcIpamPoolCidr(\"testVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder() \n .ipamPoolId(testVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n var testVpc = new Vpc(\"testVpc\", VpcArgs.builder() \n .ipv4IpamPoolId(testVpcIpamPool.id())\n .ipv4NetmaskLength(28)\n .build(), CustomResourceOptions.builder()\n .dependsOn(testVpcIpamPoolCidr)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:VpcIpam\n properties:\n operatingRegions:\n - regionName: ${current.name}\n testVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: test\n properties:\n addressFamily: ipv4\n ipamScopeId: ${test.privateDefaultScopeId}\n locale: ${current.name}\n testVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: test\n properties:\n ipamPoolId: ${testVpcIpamPool.id}\n cidr: 172.20.0.0/16\n testVpc:\n type: aws:ec2:Vpc\n name: test\n properties:\n ipv4IpamPoolId: ${testVpcIpamPool.id}\n ipv4NetmaskLength: 28\n options:\n dependson:\n - ${testVpcIpamPoolCidr}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPCs using the VPC `id`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpc:Vpc test_vpc vpc-a01106c2\n```\n", "properties": { "arn": { "type": "string", @@ -224347,7 +224347,7 @@ } }, "aws:ec2/vpcIpamPoolCidrAllocation:VpcIpamPoolCidrAllocation": { - "description": "Allocates (reserves) a CIDR from an IPAM address pool, preventing usage by IPAM. Only works for private IPv4.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst exampleVpcIpam = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: exampleVpcIpam.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst example = new aws.ec2.VpcIpamPoolCidrAllocation(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/24\",\n});\nconst exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample_vpc_ipam = aws.ec2.VpcIpam(\"example\", operating_regions=[aws.ec2.VpcIpamOperatingRegionArgs(\n region_name=current.name,\n)])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example_vpc_ipam.private_default_scope_id,\n locale=current.name)\nexample = aws.ec2.VpcIpamPoolCidrAllocation(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/24\")\nexample_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var exampleVpcIpam = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = exampleVpcIpam.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var example = new Aws.Ec2.VpcIpamPoolCidrAllocation(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/24\",\n });\n\n var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpam, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: exampleVpcIpam.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidrAllocation(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrAllocationArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidr(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var exampleVpcIpam = new VpcIpam(\"exampleVpcIpam\", VpcIpamArgs.builder() \n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder() \n .addressFamily(\"ipv4\")\n .ipamScopeId(exampleVpcIpam.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var example = new VpcIpamPoolCidrAllocation(\"example\", VpcIpamPoolCidrAllocationArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/24\")\n .build());\n\n var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr(\"exampleVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpamPoolCidrAllocation\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/24\n exampleVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: example\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/16\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${exampleVpcIpam.privateDefaultScopeId}\n locale: ${current.name}\n exampleVpcIpam:\n type: aws:ec2:VpcIpam\n name: example\n properties:\n operatingRegions:\n - regionName: ${current.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith the `disallowed_cidrs` attribute:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst exampleVpcIpam = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: exampleVpcIpam.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst example = new aws.ec2.VpcIpamPoolCidrAllocation(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n netmaskLength: 28,\n disallowedCidrs: [\"172.20.0.0/28\"],\n});\nconst exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample_vpc_ipam = aws.ec2.VpcIpam(\"example\", operating_regions=[aws.ec2.VpcIpamOperatingRegionArgs(\n region_name=current.name,\n)])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example_vpc_ipam.private_default_scope_id,\n locale=current.name)\nexample = aws.ec2.VpcIpamPoolCidrAllocation(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n netmask_length=28,\n disallowed_cidrs=[\"172.20.0.0/28\"])\nexample_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var exampleVpcIpam = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = exampleVpcIpam.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var example = new Aws.Ec2.VpcIpamPoolCidrAllocation(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n NetmaskLength = 28,\n DisallowedCidrs = new[]\n {\n \"172.20.0.0/28\",\n },\n });\n\n var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpam, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: exampleVpcIpam.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidrAllocation(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrAllocationArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tNetmaskLength: pulumi.Int(28),\n\t\t\tDisallowedCidrs: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"172.20.0.0/28\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidr(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var exampleVpcIpam = new VpcIpam(\"exampleVpcIpam\", VpcIpamArgs.builder() \n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder() \n .addressFamily(\"ipv4\")\n .ipamScopeId(exampleVpcIpam.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var example = new VpcIpamPoolCidrAllocation(\"example\", VpcIpamPoolCidrAllocationArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .netmaskLength(28)\n .disallowedCidrs(\"172.20.0.0/28\")\n .build());\n\n var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr(\"exampleVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpamPoolCidrAllocation\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n netmaskLength: 28\n disallowedCidrs:\n - 172.20.0.0/28\n exampleVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: example\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/16\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${exampleVpcIpam.privateDefaultScopeId}\n locale: ${current.name}\n exampleVpcIpam:\n type: aws:ec2:VpcIpam\n name: example\n properties:\n operatingRegions:\n - regionName: ${current.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IPAM allocations using the allocation `id` and `pool id`, separated by `_`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpamPoolCidrAllocation:VpcIpamPoolCidrAllocation example ipam-pool-alloc-0dc6d196509c049ba8b549ff99f639736_ipam-pool-07cfb559e0921fcbe\n```\n", + "description": "Allocates (reserves) a CIDR from an IPAM address pool, preventing usage by IPAM. Only works for private IPv4.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst exampleVpcIpam = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: exampleVpcIpam.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\nconst example = new aws.ec2.VpcIpamPoolCidrAllocation(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/24\",\n}, {\n dependsOn: [exampleVpcIpamPoolCidr],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample_vpc_ipam = aws.ec2.VpcIpam(\"example\", operating_regions=[aws.ec2.VpcIpamOperatingRegionArgs(\n region_name=current.name,\n)])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example_vpc_ipam.private_default_scope_id,\n locale=current.name)\nexample_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\nexample = aws.ec2.VpcIpamPoolCidrAllocation(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/24\",\n opts=pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var exampleVpcIpam = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = exampleVpcIpam.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n var example = new Aws.Ec2.VpcIpamPoolCidrAllocation(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/24\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleVpcIpamPoolCidr, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpam, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: exampleVpcIpam.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidrAllocation(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrAllocationArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/24\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleVpcIpamPoolCidr,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var exampleVpcIpam = new VpcIpam(\"exampleVpcIpam\", VpcIpamArgs.builder() \n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder() \n .addressFamily(\"ipv4\")\n .ipamScopeId(exampleVpcIpam.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr(\"exampleVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n var example = new VpcIpamPoolCidrAllocation(\"example\", VpcIpamPoolCidrAllocationArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/24\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleVpcIpamPoolCidr)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpamPoolCidrAllocation\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/24\n options:\n dependson:\n - ${exampleVpcIpamPoolCidr}\n exampleVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: example\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/16\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${exampleVpcIpam.privateDefaultScopeId}\n locale: ${current.name}\n exampleVpcIpam:\n type: aws:ec2:VpcIpam\n name: example\n properties:\n operatingRegions:\n - regionName: ${current.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWith the `disallowed_cidrs` attribute:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst exampleVpcIpam = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: exampleVpcIpam.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\nconst example = new aws.ec2.VpcIpamPoolCidrAllocation(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n netmaskLength: 28,\n disallowedCidrs: [\"172.20.0.0/28\"],\n}, {\n dependsOn: [exampleVpcIpamPoolCidr],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample_vpc_ipam = aws.ec2.VpcIpam(\"example\", operating_regions=[aws.ec2.VpcIpamOperatingRegionArgs(\n region_name=current.name,\n)])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example_vpc_ipam.private_default_scope_id,\n locale=current.name)\nexample_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\nexample = aws.ec2.VpcIpamPoolCidrAllocation(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n netmask_length=28,\n disallowed_cidrs=[\"172.20.0.0/28\"],\n opts=pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var exampleVpcIpam = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = exampleVpcIpam.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n var example = new Aws.Ec2.VpcIpamPoolCidrAllocation(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n NetmaskLength = 28,\n DisallowedCidrs = new[]\n {\n \"172.20.0.0/28\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleVpcIpamPoolCidr, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpam, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: exampleVpcIpam.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidrAllocation(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrAllocationArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tNetmaskLength: pulumi.Int(28),\n\t\t\tDisallowedCidrs: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"172.20.0.0/28\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleVpcIpamPoolCidr,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var exampleVpcIpam = new VpcIpam(\"exampleVpcIpam\", VpcIpamArgs.builder() \n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder() \n .addressFamily(\"ipv4\")\n .ipamScopeId(exampleVpcIpam.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr(\"exampleVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n var example = new VpcIpamPoolCidrAllocation(\"example\", VpcIpamPoolCidrAllocationArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .netmaskLength(28)\n .disallowedCidrs(\"172.20.0.0/28\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleVpcIpamPoolCidr)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpamPoolCidrAllocation\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n netmaskLength: 28\n disallowedCidrs:\n - 172.20.0.0/28\n options:\n dependson:\n - ${exampleVpcIpamPoolCidr}\n exampleVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: example\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/16\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${exampleVpcIpam.privateDefaultScopeId}\n locale: ${current.name}\n exampleVpcIpam:\n type: aws:ec2:VpcIpam\n name: example\n properties:\n operatingRegions:\n - regionName: ${current.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IPAM allocations using the allocation `id` and `pool id`, separated by `_`. For example:\n\n```sh\n$ pulumi import aws:ec2/vpcIpamPoolCidrAllocation:VpcIpamPoolCidrAllocation example ipam-pool-alloc-0dc6d196509c049ba8b549ff99f639736_ipam-pool-07cfb559e0921fcbe\n```\n", "properties": { "cidr": { "type": "string", @@ -224480,7 +224480,7 @@ } }, "aws:ec2/vpcIpamPreviewNextCidr:VpcIpamPreviewNextCidr": { - "description": "Previews a CIDR from an IPAM address pool. Only works for private IPv4.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst exampleVpcIpam = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: exampleVpcIpam.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst example = new aws.ec2.VpcIpamPreviewNextCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n netmaskLength: 28,\n disallowedCidrs: [\"172.2.0.0/32\"],\n});\nconst exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample_vpc_ipam = aws.ec2.VpcIpam(\"example\", operating_regions=[aws.ec2.VpcIpamOperatingRegionArgs(\n region_name=current.name,\n)])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example_vpc_ipam.private_default_scope_id,\n locale=current.name)\nexample = aws.ec2.VpcIpamPreviewNextCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n netmask_length=28,\n disallowed_cidrs=[\"172.2.0.0/32\"])\nexample_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var exampleVpcIpam = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = exampleVpcIpam.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var example = new Aws.Ec2.VpcIpamPreviewNextCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n NetmaskLength = 28,\n DisallowedCidrs = new[]\n {\n \"172.2.0.0/32\",\n },\n });\n\n var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpam, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: exampleVpcIpam.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPreviewNextCidr(ctx, \"example\", \u0026ec2.VpcIpamPreviewNextCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tNetmaskLength: pulumi.Int(28),\n\t\t\tDisallowedCidrs: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"172.2.0.0/32\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPoolCidr(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPreviewNextCidr;\nimport com.pulumi.aws.ec2.VpcIpamPreviewNextCidrArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var exampleVpcIpam = new VpcIpam(\"exampleVpcIpam\", VpcIpamArgs.builder() \n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder() \n .addressFamily(\"ipv4\")\n .ipamScopeId(exampleVpcIpam.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var example = new VpcIpamPreviewNextCidr(\"example\", VpcIpamPreviewNextCidrArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .netmaskLength(28)\n .disallowedCidrs(\"172.2.0.0/32\")\n .build());\n\n var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr(\"exampleVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpamPreviewNextCidr\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n netmaskLength: 28\n disallowedCidrs:\n - 172.2.0.0/32\n exampleVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: example\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/16\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${exampleVpcIpam.privateDefaultScopeId}\n locale: ${current.name}\n exampleVpcIpam:\n type: aws:ec2:VpcIpam\n name: example\n properties:\n operatingRegions:\n - regionName: ${current.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Previews a CIDR from an IPAM address pool. Only works for private IPv4.\n\n## Example Usage\n\nBasic usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst exampleVpcIpam = new aws.ec2.VpcIpam(\"example\", {operatingRegions: [{\n regionName: current.then(current =\u003e current.name),\n}]});\nconst exampleVpcIpamPool = new aws.ec2.VpcIpamPool(\"example\", {\n addressFamily: \"ipv4\",\n ipamScopeId: exampleVpcIpam.privateDefaultScopeId,\n locale: current.then(current =\u003e current.name),\n});\nconst exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n cidr: \"172.20.0.0/16\",\n});\nconst example = new aws.ec2.VpcIpamPreviewNextCidr(\"example\", {\n ipamPoolId: exampleVpcIpamPool.id,\n netmaskLength: 28,\n disallowedCidrs: [\"172.2.0.0/32\"],\n}, {\n dependsOn: [exampleVpcIpamPoolCidr],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample_vpc_ipam = aws.ec2.VpcIpam(\"example\", operating_regions=[aws.ec2.VpcIpamOperatingRegionArgs(\n region_name=current.name,\n)])\nexample_vpc_ipam_pool = aws.ec2.VpcIpamPool(\"example\",\n address_family=\"ipv4\",\n ipam_scope_id=example_vpc_ipam.private_default_scope_id,\n locale=current.name)\nexample_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n cidr=\"172.20.0.0/16\")\nexample = aws.ec2.VpcIpamPreviewNextCidr(\"example\",\n ipam_pool_id=example_vpc_ipam_pool.id,\n netmask_length=28,\n disallowed_cidrs=[\"172.2.0.0/32\"],\n opts=pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var exampleVpcIpam = new Aws.Ec2.VpcIpam(\"example\", new()\n {\n OperatingRegions = new[]\n {\n new Aws.Ec2.Inputs.VpcIpamOperatingRegionArgs\n {\n RegionName = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n },\n },\n });\n\n var exampleVpcIpamPool = new Aws.Ec2.VpcIpamPool(\"example\", new()\n {\n AddressFamily = \"ipv4\",\n IpamScopeId = exampleVpcIpam.PrivateDefaultScopeId,\n Locale = current.Apply(getRegionResult =\u003e getRegionResult.Name),\n });\n\n var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n Cidr = \"172.20.0.0/16\",\n });\n\n var example = new Aws.Ec2.VpcIpamPreviewNextCidr(\"example\", new()\n {\n IpamPoolId = exampleVpcIpamPool.Id,\n NetmaskLength = 28,\n DisallowedCidrs = new[]\n {\n \"172.2.0.0/32\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleVpcIpamPoolCidr, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpam, err := ec2.NewVpcIpam(ctx, \"example\", \u0026ec2.VpcIpamArgs{\n\t\t\tOperatingRegions: ec2.VpcIpamOperatingRegionArray{\n\t\t\t\t\u0026ec2.VpcIpamOperatingRegionArgs{\n\t\t\t\t\tRegionName: pulumi.String(current.Name),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPool, err := ec2.NewVpcIpamPool(ctx, \"example\", \u0026ec2.VpcIpamPoolArgs{\n\t\t\tAddressFamily: pulumi.String(\"ipv4\"),\n\t\t\tIpamScopeId: exampleVpcIpam.PrivateDefaultScopeId,\n\t\t\tLocale: pulumi.String(current.Name),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, \"example\", \u0026ec2.VpcIpamPoolCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tCidr: pulumi.String(\"172.20.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpcIpamPreviewNextCidr(ctx, \"example\", \u0026ec2.VpcIpamPreviewNextCidrArgs{\n\t\t\tIpamPoolId: exampleVpcIpamPool.ID(),\n\t\t\tNetmaskLength: pulumi.Int(28),\n\t\t\tDisallowedCidrs: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"172.2.0.0/32\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleVpcIpamPoolCidr,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpam;\nimport com.pulumi.aws.ec2.VpcIpamArgs;\nimport com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs;\nimport com.pulumi.aws.ec2.VpcIpamPool;\nimport com.pulumi.aws.ec2.VpcIpamPoolArgs;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidr;\nimport com.pulumi.aws.ec2.VpcIpamPoolCidrArgs;\nimport com.pulumi.aws.ec2.VpcIpamPreviewNextCidr;\nimport com.pulumi.aws.ec2.VpcIpamPreviewNextCidrArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var exampleVpcIpam = new VpcIpam(\"exampleVpcIpam\", VpcIpamArgs.builder() \n .operatingRegions(VpcIpamOperatingRegionArgs.builder()\n .regionName(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build())\n .build());\n\n var exampleVpcIpamPool = new VpcIpamPool(\"exampleVpcIpamPool\", VpcIpamPoolArgs.builder() \n .addressFamily(\"ipv4\")\n .ipamScopeId(exampleVpcIpam.privateDefaultScopeId())\n .locale(current.applyValue(getRegionResult -\u003e getRegionResult.name()))\n .build());\n\n var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr(\"exampleVpcIpamPoolCidr\", VpcIpamPoolCidrArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .cidr(\"172.20.0.0/16\")\n .build());\n\n var example = new VpcIpamPreviewNextCidr(\"example\", VpcIpamPreviewNextCidrArgs.builder() \n .ipamPoolId(exampleVpcIpamPool.id())\n .netmaskLength(28)\n .disallowedCidrs(\"172.2.0.0/32\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleVpcIpamPoolCidr)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:VpcIpamPreviewNextCidr\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n netmaskLength: 28\n disallowedCidrs:\n - 172.2.0.0/32\n options:\n dependson:\n - ${exampleVpcIpamPoolCidr}\n exampleVpcIpamPoolCidr:\n type: aws:ec2:VpcIpamPoolCidr\n name: example\n properties:\n ipamPoolId: ${exampleVpcIpamPool.id}\n cidr: 172.20.0.0/16\n exampleVpcIpamPool:\n type: aws:ec2:VpcIpamPool\n name: example\n properties:\n addressFamily: ipv4\n ipamScopeId: ${exampleVpcIpam.privateDefaultScopeId}\n locale: ${current.name}\n exampleVpcIpam:\n type: aws:ec2:VpcIpam\n name: example\n properties:\n operatingRegions:\n - regionName: ${current.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "cidr": { "type": "string", @@ -229701,7 +229701,7 @@ } }, "aws:ecr/registryPolicy:RegistryPolicy": { - "description": "Provides an Elastic Container Registry Policy.\n\n\u003e **NOTE on ECR Registry Policies:** While the AWS Management Console interface may suggest the ability to define multiple policies by creating multiple statements, ECR registry policies are effectively managed as singular entities at the regional level by the AWS APIs. Therefore, the `aws.ecr.RegistryPolicy` resource should be configured only once per region with all necessary statements defined in the same policy. Attempting to define multiple `aws.ecr.RegistryPolicy` resources may result in perpetual differences, with one policy overriding another.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetRegion = aws.getRegion({});\nconst currentGetPartition = aws.getPartition({});\nconst example = new aws.ecr.RegistryPolicy(\"example\", {policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n sid: \"testpolicy\",\n effect: \"Allow\",\n principal: {\n AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) =\u003e `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`),\n },\n action: [\"ecr:ReplicateImage\"],\n resource: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) =\u003e `arn:${currentGetPartition.partition}:ecr:${currentGetRegion.name}:${current.accountId}:repository/*`)],\n }],\n})});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_region = aws.get_region()\ncurrent_get_partition = aws.get_partition()\nexample = aws.ecr.RegistryPolicy(\"example\", policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"sid\": \"testpolicy\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": f\"arn:{current_get_partition.partition}:iam::{current.account_id}:root\",\n },\n \"action\": [\"ecr:ReplicateImage\"],\n \"resource\": [f\"arn:{current_get_partition.partition}:ecr:{current_get_region.name}:{current.account_id}:repository/*\"],\n }],\n}))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var example = new Aws.Ecr.RegistryPolicy(\"example\", new()\n {\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"sid\"] = \"testpolicy\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(currentGetPartition, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var current = values.Item2;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"action\"] = new[]\n {\n \"ecr:ReplicateImage\",\n },\n [\"resource\"] = new[]\n {\n Output.Tuple(currentGetPartition, currentGetRegion, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var currentGetRegion = values.Item2;\n var current = values.Item3;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:ecr:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:repository/*\";\n }),\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"sid\": \"testpolicy\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", currentGetPartition.Partition, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"ecr:ReplicateImage\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:%v:ecr:%v:%v:repository/*\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = ecr.NewRegistryPolicy(ctx, \"example\", \u0026ecr.RegistryPolicyArgs{\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.ecr.RegistryPolicy;\nimport com.pulumi.aws.ecr.RegistryPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n var example = new RegistryPolicy(\"example\", RegistryPolicyArgs.builder() \n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"sid\", \"testpolicy\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"action\", jsonArray(\"ecr:ReplicateImage\")),\n jsonProperty(\"resource\", jsonArray(String.format(\"arn:%s:ecr:%s:%s:repository/*\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecr:RegistryPolicy\n properties:\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - sid: testpolicy\n effect: Allow\n principal:\n AWS: arn:${currentGetPartition.partition}:iam::${current.accountId}:root\n action:\n - ecr:ReplicateImage\n resource:\n - arn:${currentGetPartition.partition}:ecr:${currentGetRegion.name}:${current.accountId}:repository/*\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECR Registry Policy using the registry id. For example:\n\n```sh\n$ pulumi import aws:ecr/registryPolicy:RegistryPolicy example 123456789012\n```\n", + "description": "Provides an Elastic Container Registry Policy.\n\n\u003e **NOTE on ECR Registry Policies:** While the AWS Management Console interface may suggest the ability to define multiple policies by creating multiple statements, ECR registry policies are effectively managed as singular entities at the regional level by the AWS APIs. Therefore, the `aws.ecr.RegistryPolicy` resource should be configured only once per region with all necessary statements defined in the same policy. Attempting to define multiple `aws.ecr.RegistryPolicy` resources may result in perpetual differences, with one policy overriding another.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetRegion = aws.getRegion({});\nconst currentGetPartition = aws.getPartition({});\nconst example = new aws.ecr.RegistryPolicy(\"example\", {policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"testpolicy\",\n Effect: \"Allow\",\n Principal: {\n AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) =\u003e `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`),\n },\n Action: [\"ecr:ReplicateImage\"],\n Resource: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) =\u003e `arn:${currentGetPartition.partition}:ecr:${currentGetRegion.name}:${current.accountId}:repository/*`)],\n }],\n})});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_region = aws.get_region()\ncurrent_get_partition = aws.get_partition()\nexample = aws.ecr.RegistryPolicy(\"example\", policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"testpolicy\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:{current_get_partition.partition}:iam::{current.account_id}:root\",\n },\n \"Action\": [\"ecr:ReplicateImage\"],\n \"Resource\": [f\"arn:{current_get_partition.partition}:ecr:{current_get_region.name}:{current.account_id}:repository/*\"],\n }],\n}))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var example = new Aws.Ecr.RegistryPolicy(\"example\", new()\n {\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"testpolicy\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(currentGetPartition, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var current = values.Item2;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"Action\"] = new[]\n {\n \"ecr:ReplicateImage\",\n },\n [\"Resource\"] = new[]\n {\n Output.Tuple(currentGetPartition, currentGetRegion, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var currentGetRegion = values.Item2;\n var current = values.Item3;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:ecr:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:repository/*\";\n }),\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"testpolicy\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", currentGetPartition.Partition, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ecr:ReplicateImage\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:%v:ecr:%v:%v:repository/*\", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = ecr.NewRegistryPolicy(ctx, \"example\", \u0026ecr.RegistryPolicyArgs{\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.ecr.RegistryPolicy;\nimport com.pulumi.aws.ecr.RegistryPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n var example = new RegistryPolicy(\"example\", RegistryPolicyArgs.builder() \n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"testpolicy\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\"ecr:ReplicateImage\")),\n jsonProperty(\"Resource\", jsonArray(String.format(\"arn:%s:ecr:%s:%s:repository/*\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecr:RegistryPolicy\n properties:\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: testpolicy\n Effect: Allow\n Principal:\n AWS: arn:${currentGetPartition.partition}:iam::${current.accountId}:root\n Action:\n - ecr:ReplicateImage\n Resource:\n - arn:${currentGetPartition.partition}:ecr:${currentGetRegion.name}:${current.accountId}:repository/*\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECR Registry Policy using the registry id. For example:\n\n```sh\n$ pulumi import aws:ecr/registryPolicy:RegistryPolicy example 123456789012\n```\n", "properties": { "policy": { "type": "string", @@ -230620,7 +230620,7 @@ } }, "aws:ecs/service:Service": { - "description": "\u003e **Note:** To prevent a race condition during service deletion, make sure to set `depends_on` to the related `aws.iam.RolePolicy`; otherwise, the policy may be destroyed too soon and the ECS service will then get stuck in the `DRAINING` state.\n\nProvides an ECS service - effectively a task that is expected to run until an error occurs or a user terminates it (typically a webserver or a database).\n\nSee [ECS Services section in AWS developer guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mongo = new aws.ecs.Service(\"mongo\", {\n name: \"mongodb\",\n cluster: fooAwsEcsCluster.id,\n taskDefinition: mongoAwsEcsTaskDefinition.arn,\n desiredCount: 3,\n iamRole: fooAwsIamRole.arn,\n orderedPlacementStrategies: [{\n type: \"binpack\",\n field: \"cpu\",\n }],\n loadBalancers: [{\n targetGroupArn: foo.arn,\n containerName: \"mongo\",\n containerPort: 8080,\n }],\n placementConstraints: [{\n type: \"memberOf\",\n expression: \"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmongo = aws.ecs.Service(\"mongo\",\n name=\"mongodb\",\n cluster=foo_aws_ecs_cluster[\"id\"],\n task_definition=mongo_aws_ecs_task_definition[\"arn\"],\n desired_count=3,\n iam_role=foo_aws_iam_role[\"arn\"],\n ordered_placement_strategies=[aws.ecs.ServiceOrderedPlacementStrategyArgs(\n type=\"binpack\",\n field=\"cpu\",\n )],\n load_balancers=[aws.ecs.ServiceLoadBalancerArgs(\n target_group_arn=foo[\"arn\"],\n container_name=\"mongo\",\n container_port=8080,\n )],\n placement_constraints=[aws.ecs.ServicePlacementConstraintArgs(\n type=\"memberOf\",\n expression=\"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mongo = new Aws.Ecs.Service(\"mongo\", new()\n {\n Name = \"mongodb\",\n Cluster = fooAwsEcsCluster.Id,\n TaskDefinition = mongoAwsEcsTaskDefinition.Arn,\n DesiredCount = 3,\n IamRole = fooAwsIamRole.Arn,\n OrderedPlacementStrategies = new[]\n {\n new Aws.Ecs.Inputs.ServiceOrderedPlacementStrategyArgs\n {\n Type = \"binpack\",\n Field = \"cpu\",\n },\n },\n LoadBalancers = new[]\n {\n new Aws.Ecs.Inputs.ServiceLoadBalancerArgs\n {\n TargetGroupArn = foo.Arn,\n ContainerName = \"mongo\",\n ContainerPort = 8080,\n },\n },\n PlacementConstraints = new[]\n {\n new Aws.Ecs.Inputs.ServicePlacementConstraintArgs\n {\n Type = \"memberOf\",\n Expression = \"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"mongo\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"mongodb\"),\n\t\t\tCluster: pulumi.Any(fooAwsEcsCluster.Id),\n\t\t\tTaskDefinition: pulumi.Any(mongoAwsEcsTaskDefinition.Arn),\n\t\t\tDesiredCount: pulumi.Int(3),\n\t\t\tIamRole: pulumi.Any(fooAwsIamRole.Arn),\n\t\t\tOrderedPlacementStrategies: ecs.ServiceOrderedPlacementStrategyArray{\n\t\t\t\t\u0026ecs.ServiceOrderedPlacementStrategyArgs{\n\t\t\t\t\tType: pulumi.String(\"binpack\"),\n\t\t\t\t\tField: pulumi.String(\"cpu\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancers: ecs.ServiceLoadBalancerArray{\n\t\t\t\t\u0026ecs.ServiceLoadBalancerArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.Any(foo.Arn),\n\t\t\t\t\tContainerName: pulumi.String(\"mongo\"),\n\t\t\t\t\tContainerPort: pulumi.Int(8080),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPlacementConstraints: ecs.ServicePlacementConstraintArray{\n\t\t\t\t\u0026ecs.ServicePlacementConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"memberOf\"),\n\t\t\t\t\tExpression: pulumi.String(\"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceOrderedPlacementStrategyArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceLoadBalancerArgs;\nimport com.pulumi.aws.ecs.inputs.ServicePlacementConstraintArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mongo = new Service(\"mongo\", ServiceArgs.builder() \n .name(\"mongodb\")\n .cluster(fooAwsEcsCluster.id())\n .taskDefinition(mongoAwsEcsTaskDefinition.arn())\n .desiredCount(3)\n .iamRole(fooAwsIamRole.arn())\n .orderedPlacementStrategies(ServiceOrderedPlacementStrategyArgs.builder()\n .type(\"binpack\")\n .field(\"cpu\")\n .build())\n .loadBalancers(ServiceLoadBalancerArgs.builder()\n .targetGroupArn(foo.arn())\n .containerName(\"mongo\")\n .containerPort(8080)\n .build())\n .placementConstraints(ServicePlacementConstraintArgs.builder()\n .type(\"memberOf\")\n .expression(\"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mongo:\n type: aws:ecs:Service\n properties:\n name: mongodb\n cluster: ${fooAwsEcsCluster.id}\n taskDefinition: ${mongoAwsEcsTaskDefinition.arn}\n desiredCount: 3\n iamRole: ${fooAwsIamRole.arn}\n orderedPlacementStrategies:\n - type: binpack\n field: cpu\n loadBalancers:\n - targetGroupArn: ${foo.arn}\n containerName: mongo\n containerPort: 8080\n placementConstraints:\n - type: memberOf\n expression: attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ignoring Changes to Desired Count\n\nYou can use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) to create an ECS service with an initial count of running instances, then ignore any changes to that count caused externally (e.g. Application Autoscaling).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {desiredCount: 2});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\", desired_count=2)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Service(\"example\", new()\n {\n DesiredCount = 2,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tDesiredCount: pulumi.Int(2),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder() \n .desiredCount(2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Service\n properties:\n desiredCount: 2 # Optional: Allow external changes without this provider plan difference\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Daemon Scheduling Strategy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.ecs.Service(\"bar\", {\n name: \"bar\",\n cluster: foo.id,\n taskDefinition: barAwsEcsTaskDefinition.arn,\n schedulingStrategy: \"DAEMON\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.ecs.Service(\"bar\",\n name=\"bar\",\n cluster=foo[\"id\"],\n task_definition=bar_aws_ecs_task_definition[\"arn\"],\n scheduling_strategy=\"DAEMON\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.Ecs.Service(\"bar\", new()\n {\n Name = \"bar\",\n Cluster = foo.Id,\n TaskDefinition = barAwsEcsTaskDefinition.Arn,\n SchedulingStrategy = \"DAEMON\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"bar\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"bar\"),\n\t\t\tCluster: pulumi.Any(foo.Id),\n\t\t\tTaskDefinition: pulumi.Any(barAwsEcsTaskDefinition.Arn),\n\t\t\tSchedulingStrategy: pulumi.String(\"DAEMON\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new Service(\"bar\", ServiceArgs.builder() \n .name(\"bar\")\n .cluster(foo.id())\n .taskDefinition(barAwsEcsTaskDefinition.arn())\n .schedulingStrategy(\"DAEMON\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:ecs:Service\n properties:\n name: bar\n cluster: ${foo.id}\n taskDefinition: ${barAwsEcsTaskDefinition.arn}\n schedulingStrategy: DAEMON\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CloudWatch Deployment Alarms\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {\n name: \"example\",\n cluster: exampleAwsEcsCluster.id,\n alarms: {\n enable: true,\n rollback: true,\n alarmNames: [exampleAwsCloudwatchMetricAlarm.alarmName],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\",\n name=\"example\",\n cluster=example_aws_ecs_cluster[\"id\"],\n alarms=aws.ecs.ServiceAlarmsArgs(\n enable=True,\n rollback=True,\n alarm_names=[example_aws_cloudwatch_metric_alarm[\"alarmName\"]],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Service(\"example\", new()\n {\n Name = \"example\",\n Cluster = exampleAwsEcsCluster.Id,\n Alarms = new Aws.Ecs.Inputs.ServiceAlarmsArgs\n {\n Enable = true,\n Rollback = true,\n AlarmNames = new[]\n {\n exampleAwsCloudwatchMetricAlarm.AlarmName,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tCluster: pulumi.Any(exampleAwsEcsCluster.Id),\n\t\t\tAlarms: \u0026ecs.ServiceAlarmsArgs{\n\t\t\t\tEnable: pulumi.Bool(true),\n\t\t\t\tRollback: pulumi.Bool(true),\n\t\t\t\tAlarmNames: pulumi.StringArray{\n\t\t\t\t\texampleAwsCloudwatchMetricAlarm.AlarmName,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceAlarmsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder() \n .name(\"example\")\n .cluster(exampleAwsEcsCluster.id())\n .alarms(ServiceAlarmsArgs.builder()\n .enable(true)\n .rollback(true)\n .alarmNames(exampleAwsCloudwatchMetricAlarm.alarmName())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Service\n properties:\n name: example\n cluster: ${exampleAwsEcsCluster.id}\n alarms:\n enable: true\n rollback: true\n alarmNames:\n - ${exampleAwsCloudwatchMetricAlarm.alarmName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### External Deployment Controller\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {\n name: \"example\",\n cluster: exampleAwsEcsCluster.id,\n deploymentController: {\n type: \"EXTERNAL\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\",\n name=\"example\",\n cluster=example_aws_ecs_cluster[\"id\"],\n deployment_controller=aws.ecs.ServiceDeploymentControllerArgs(\n type=\"EXTERNAL\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Service(\"example\", new()\n {\n Name = \"example\",\n Cluster = exampleAwsEcsCluster.Id,\n DeploymentController = new Aws.Ecs.Inputs.ServiceDeploymentControllerArgs\n {\n Type = \"EXTERNAL\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tCluster: pulumi.Any(exampleAwsEcsCluster.Id),\n\t\t\tDeploymentController: \u0026ecs.ServiceDeploymentControllerArgs{\n\t\t\t\tType: pulumi.String(\"EXTERNAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceDeploymentControllerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder() \n .name(\"example\")\n .cluster(exampleAwsEcsCluster.id())\n .deploymentController(ServiceDeploymentControllerArgs.builder()\n .type(\"EXTERNAL\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Service\n properties:\n name: example\n cluster: ${exampleAwsEcsCluster.id}\n deploymentController:\n type: EXTERNAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECS services using the `name` together with ecs cluster `name`. For example:\n\n```sh\n$ pulumi import aws:ecs/service:Service imported cluster-name/service-name\n```\n", + "description": "\u003e **Note:** To prevent a race condition during service deletion, make sure to set `depends_on` to the related `aws.iam.RolePolicy`; otherwise, the policy may be destroyed too soon and the ECS service will then get stuck in the `DRAINING` state.\n\nProvides an ECS service - effectively a task that is expected to run until an error occurs or a user terminates it (typically a webserver or a database).\n\nSee [ECS Services section in AWS developer guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst mongo = new aws.ecs.Service(\"mongo\", {\n name: \"mongodb\",\n cluster: fooAwsEcsCluster.id,\n taskDefinition: mongoAwsEcsTaskDefinition.arn,\n desiredCount: 3,\n iamRole: fooAwsIamRole.arn,\n orderedPlacementStrategies: [{\n type: \"binpack\",\n field: \"cpu\",\n }],\n loadBalancers: [{\n targetGroupArn: fooAwsLbTargetGroup.arn,\n containerName: \"mongo\",\n containerPort: 8080,\n }],\n placementConstraints: [{\n type: \"memberOf\",\n expression: \"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n }],\n}, {\n dependsOn: [foo],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmongo = aws.ecs.Service(\"mongo\",\n name=\"mongodb\",\n cluster=foo_aws_ecs_cluster[\"id\"],\n task_definition=mongo_aws_ecs_task_definition[\"arn\"],\n desired_count=3,\n iam_role=foo_aws_iam_role[\"arn\"],\n ordered_placement_strategies=[aws.ecs.ServiceOrderedPlacementStrategyArgs(\n type=\"binpack\",\n field=\"cpu\",\n )],\n load_balancers=[aws.ecs.ServiceLoadBalancerArgs(\n target_group_arn=foo_aws_lb_target_group[\"arn\"],\n container_name=\"mongo\",\n container_port=8080,\n )],\n placement_constraints=[aws.ecs.ServicePlacementConstraintArgs(\n type=\"memberOf\",\n expression=\"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n )],\n opts=pulumi.ResourceOptions(depends_on=[foo]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var mongo = new Aws.Ecs.Service(\"mongo\", new()\n {\n Name = \"mongodb\",\n Cluster = fooAwsEcsCluster.Id,\n TaskDefinition = mongoAwsEcsTaskDefinition.Arn,\n DesiredCount = 3,\n IamRole = fooAwsIamRole.Arn,\n OrderedPlacementStrategies = new[]\n {\n new Aws.Ecs.Inputs.ServiceOrderedPlacementStrategyArgs\n {\n Type = \"binpack\",\n Field = \"cpu\",\n },\n },\n LoadBalancers = new[]\n {\n new Aws.Ecs.Inputs.ServiceLoadBalancerArgs\n {\n TargetGroupArn = fooAwsLbTargetGroup.Arn,\n ContainerName = \"mongo\",\n ContainerPort = 8080,\n },\n },\n PlacementConstraints = new[]\n {\n new Aws.Ecs.Inputs.ServicePlacementConstraintArgs\n {\n Type = \"memberOf\",\n Expression = \"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n foo, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"mongo\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"mongodb\"),\n\t\t\tCluster: pulumi.Any(fooAwsEcsCluster.Id),\n\t\t\tTaskDefinition: pulumi.Any(mongoAwsEcsTaskDefinition.Arn),\n\t\t\tDesiredCount: pulumi.Int(3),\n\t\t\tIamRole: pulumi.Any(fooAwsIamRole.Arn),\n\t\t\tOrderedPlacementStrategies: ecs.ServiceOrderedPlacementStrategyArray{\n\t\t\t\t\u0026ecs.ServiceOrderedPlacementStrategyArgs{\n\t\t\t\t\tType: pulumi.String(\"binpack\"),\n\t\t\t\t\tField: pulumi.String(\"cpu\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancers: ecs.ServiceLoadBalancerArray{\n\t\t\t\t\u0026ecs.ServiceLoadBalancerArgs{\n\t\t\t\t\tTargetGroupArn: pulumi.Any(fooAwsLbTargetGroup.Arn),\n\t\t\t\t\tContainerName: pulumi.String(\"mongo\"),\n\t\t\t\t\tContainerPort: pulumi.Int(8080),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPlacementConstraints: ecs.ServicePlacementConstraintArray{\n\t\t\t\t\u0026ecs.ServicePlacementConstraintArgs{\n\t\t\t\t\tType: pulumi.String(\"memberOf\"),\n\t\t\t\t\tExpression: pulumi.String(\"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfoo,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceOrderedPlacementStrategyArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceLoadBalancerArgs;\nimport com.pulumi.aws.ecs.inputs.ServicePlacementConstraintArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var mongo = new Service(\"mongo\", ServiceArgs.builder() \n .name(\"mongodb\")\n .cluster(fooAwsEcsCluster.id())\n .taskDefinition(mongoAwsEcsTaskDefinition.arn())\n .desiredCount(3)\n .iamRole(fooAwsIamRole.arn())\n .orderedPlacementStrategies(ServiceOrderedPlacementStrategyArgs.builder()\n .type(\"binpack\")\n .field(\"cpu\")\n .build())\n .loadBalancers(ServiceLoadBalancerArgs.builder()\n .targetGroupArn(fooAwsLbTargetGroup.arn())\n .containerName(\"mongo\")\n .containerPort(8080)\n .build())\n .placementConstraints(ServicePlacementConstraintArgs.builder()\n .type(\"memberOf\")\n .expression(\"attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(foo)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n mongo:\n type: aws:ecs:Service\n properties:\n name: mongodb\n cluster: ${fooAwsEcsCluster.id}\n taskDefinition: ${mongoAwsEcsTaskDefinition.arn}\n desiredCount: 3\n iamRole: ${fooAwsIamRole.arn}\n orderedPlacementStrategies:\n - type: binpack\n field: cpu\n loadBalancers:\n - targetGroupArn: ${fooAwsLbTargetGroup.arn}\n containerName: mongo\n containerPort: 8080\n placementConstraints:\n - type: memberOf\n expression: attribute:ecs.availability-zone in [us-west-2a, us-west-2b]\n options:\n dependson:\n - ${foo}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ignoring Changes to Desired Count\n\nYou can use [`ignoreChanges`](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) to create an ECS service with an initial count of running instances, then ignore any changes to that count caused externally (e.g. Application Autoscaling).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {desiredCount: 2});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\", desired_count=2)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Service(\"example\", new()\n {\n DesiredCount = 2,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tDesiredCount: pulumi.Int(2),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder() \n .desiredCount(2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Service\n properties:\n desiredCount: 2 # Optional: Allow external changes without this provider plan difference\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Daemon Scheduling Strategy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bar = new aws.ecs.Service(\"bar\", {\n name: \"bar\",\n cluster: foo.id,\n taskDefinition: barAwsEcsTaskDefinition.arn,\n schedulingStrategy: \"DAEMON\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbar = aws.ecs.Service(\"bar\",\n name=\"bar\",\n cluster=foo[\"id\"],\n task_definition=bar_aws_ecs_task_definition[\"arn\"],\n scheduling_strategy=\"DAEMON\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bar = new Aws.Ecs.Service(\"bar\", new()\n {\n Name = \"bar\",\n Cluster = foo.Id,\n TaskDefinition = barAwsEcsTaskDefinition.Arn,\n SchedulingStrategy = \"DAEMON\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"bar\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"bar\"),\n\t\t\tCluster: pulumi.Any(foo.Id),\n\t\t\tTaskDefinition: pulumi.Any(barAwsEcsTaskDefinition.Arn),\n\t\t\tSchedulingStrategy: pulumi.String(\"DAEMON\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bar = new Service(\"bar\", ServiceArgs.builder() \n .name(\"bar\")\n .cluster(foo.id())\n .taskDefinition(barAwsEcsTaskDefinition.arn())\n .schedulingStrategy(\"DAEMON\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bar:\n type: aws:ecs:Service\n properties:\n name: bar\n cluster: ${foo.id}\n taskDefinition: ${barAwsEcsTaskDefinition.arn}\n schedulingStrategy: DAEMON\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### CloudWatch Deployment Alarms\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {\n name: \"example\",\n cluster: exampleAwsEcsCluster.id,\n alarms: {\n enable: true,\n rollback: true,\n alarmNames: [exampleAwsCloudwatchMetricAlarm.alarmName],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\",\n name=\"example\",\n cluster=example_aws_ecs_cluster[\"id\"],\n alarms=aws.ecs.ServiceAlarmsArgs(\n enable=True,\n rollback=True,\n alarm_names=[example_aws_cloudwatch_metric_alarm[\"alarmName\"]],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Service(\"example\", new()\n {\n Name = \"example\",\n Cluster = exampleAwsEcsCluster.Id,\n Alarms = new Aws.Ecs.Inputs.ServiceAlarmsArgs\n {\n Enable = true,\n Rollback = true,\n AlarmNames = new[]\n {\n exampleAwsCloudwatchMetricAlarm.AlarmName,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tCluster: pulumi.Any(exampleAwsEcsCluster.Id),\n\t\t\tAlarms: \u0026ecs.ServiceAlarmsArgs{\n\t\t\t\tEnable: pulumi.Bool(true),\n\t\t\t\tRollback: pulumi.Bool(true),\n\t\t\t\tAlarmNames: pulumi.StringArray{\n\t\t\t\t\texampleAwsCloudwatchMetricAlarm.AlarmName,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceAlarmsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder() \n .name(\"example\")\n .cluster(exampleAwsEcsCluster.id())\n .alarms(ServiceAlarmsArgs.builder()\n .enable(true)\n .rollback(true)\n .alarmNames(exampleAwsCloudwatchMetricAlarm.alarmName())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Service\n properties:\n name: example\n cluster: ${exampleAwsEcsCluster.id}\n alarms:\n enable: true\n rollback: true\n alarmNames:\n - ${exampleAwsCloudwatchMetricAlarm.alarmName}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### External Deployment Controller\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ecs.Service(\"example\", {\n name: \"example\",\n cluster: exampleAwsEcsCluster.id,\n deploymentController: {\n type: \"EXTERNAL\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ecs.Service(\"example\",\n name=\"example\",\n cluster=example_aws_ecs_cluster[\"id\"],\n deployment_controller=aws.ecs.ServiceDeploymentControllerArgs(\n type=\"EXTERNAL\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ecs.Service(\"example\", new()\n {\n Name = \"example\",\n Cluster = exampleAwsEcsCluster.Id,\n DeploymentController = new Aws.Ecs.Inputs.ServiceDeploymentControllerArgs\n {\n Type = \"EXTERNAL\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ecs.NewService(ctx, \"example\", \u0026ecs.ServiceArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tCluster: pulumi.Any(exampleAwsEcsCluster.Id),\n\t\t\tDeploymentController: \u0026ecs.ServiceDeploymentControllerArgs{\n\t\t\t\tType: pulumi.String(\"EXTERNAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ecs.Service;\nimport com.pulumi.aws.ecs.ServiceArgs;\nimport com.pulumi.aws.ecs.inputs.ServiceDeploymentControllerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder() \n .name(\"example\")\n .cluster(exampleAwsEcsCluster.id())\n .deploymentController(ServiceDeploymentControllerArgs.builder()\n .type(\"EXTERNAL\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ecs:Service\n properties:\n name: example\n cluster: ${exampleAwsEcsCluster.id}\n deploymentController:\n type: EXTERNAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import ECS services using the `name` together with ecs cluster `name`. For example:\n\n```sh\n$ pulumi import aws:ecs/service:Service imported cluster-name/service-name\n```\n", "properties": { "alarms": { "$ref": "#/types/aws:ecs/ServiceAlarms:ServiceAlarms", @@ -232999,7 +232999,7 @@ } }, "aws:eks/cluster:Cluster": { - "description": "Manages an EKS Cluster.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const example = new aws.eks.Cluster(\"example\", {\n name: \"example\",\n roleArn: exampleAwsIamRole.arn,\n vpcConfig: {\n subnetIds: [\n example1.id,\n example2.id,\n ],\n },\n });\n return {\n endpoint: example.endpoint,\n \"kubeconfig-certificate-authority-data\": example.certificateAuthority.apply(certificateAuthority =\u003e certificateAuthority.data),\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.Cluster(\"example\",\n name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n vpc_config=aws.eks.ClusterVpcConfigArgs(\n subnet_ids=[\n example1[\"id\"],\n example2[\"id\"],\n ],\n ))\npulumi.export(\"endpoint\", example.endpoint)\npulumi.export(\"kubeconfig-certificate-authority-data\", example.certificate_authority.data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.Cluster(\"example\", new()\n {\n Name = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs\n {\n SubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"endpoint\"] = example.Endpoint,\n [\"kubeconfig-certificate-authority-data\"] = example.CertificateAuthority.Apply(certificateAuthority =\u003e certificateAuthority.Data),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tVpcConfig: \u0026eks.ClusterVpcConfigArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\texample1.Id,\n\t\t\t\t\texample2.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"endpoint\", example.Endpoint)\n\t\tctx.Export(\"kubeconfig-certificate-authority-data\", example.CertificateAuthority.ApplyT(func(certificateAuthority eks.ClusterCertificateAuthority) (*string, error) {\n\t\t\treturn \u0026certificateAuthority.Data, nil\n\t\t}).(pulumi.StringPtrOutput))\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder() \n .name(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .vpcConfig(ClusterVpcConfigArgs.builder()\n .subnetIds( \n example1.id(),\n example2.id())\n .build())\n .build());\n\n ctx.export(\"endpoint\", example.endpoint());\n ctx.export(\"kubeconfig-certificate-authority-data\", example.certificateAuthority().applyValue(certificateAuthority -\u003e certificateAuthority.data()));\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:Cluster\n properties:\n name: example\n roleArn: ${exampleAwsIamRole.arn}\n vpcConfig:\n subnetIds:\n - ${example1.id}\n - ${example2.id}\noutputs:\n endpoint: ${example.endpoint}\n kubeconfig-certificate-authority-data: ${example.certificateAuthority.data}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for EKS Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"eks.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"eks-cluster-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst example_AmazonEKSClusterPolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n role: example.name,\n});\n// Optionally, enable Security Groups for Pods\n// Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\nconst example_AmazonEKSVPCResourceController = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"eks.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nexample = aws.iam.Role(\"example\",\n name=\"eks-cluster-example\",\n assume_role_policy=assume_role.json)\nexample__amazon_eks_cluster_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n role=example.name)\n# Optionally, enable Security Groups for Pods\n# Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\nexample__amazon_eksvpc_resource_controller = aws.iam.RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"eks.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"eks-cluster-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example_AmazonEKSClusterPolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n Role = example.Name,\n });\n\n // Optionally, enable Security Groups for Pods\n // Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n var example_AmazonEKSVPCResourceController = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"eks.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"eks-cluster-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSClusterPolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Optionally, enable Security Groups for Pods\n\t\t// Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSVPCResourceController\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"eks.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"eks-cluster-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var example_AmazonEKSClusterPolicy = new RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\")\n .role(example.name())\n .build());\n\n // Optionally, enable Security Groups for Pods\n // Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n var example_AmazonEKSVPCResourceController = new RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\")\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: eks-cluster-example\n assumeRolePolicy: ${assumeRole.json}\n example-AmazonEKSClusterPolicy:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\n role: ${example.name}\n # Optionally, enable Security Groups for Pods\n # Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n example-AmazonEKSVPCResourceController:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\n role: ${example.name}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - eks.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling Control Plane Logging\n\n[EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) can be enabled via the `enabled_cluster_log_types` argument. To manage the CloudWatch Log Group retention period, the `aws.cloudwatch.LogGroup` resource can be used.\n\n\u003e The below configuration uses [`dependsOn`](https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson) to prevent ordering issues with EKS automatically creating the log group first and a variable for naming consistency. Other ordering and naming methodologies may be more appropriate for your environment.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst clusterName = config.get(\"clusterName\") || \"example\";\nconst example = new aws.eks.Cluster(\"example\", {\n enabledClusterLogTypes: [\n \"api\",\n \"audit\",\n ],\n name: clusterName,\n});\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {\n name: `/aws/eks/${clusterName}/cluster`,\n retentionInDays: 7,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ncluster_name = config.get(\"clusterName\")\nif cluster_name is None:\n cluster_name = \"example\"\nexample = aws.eks.Cluster(\"example\",\n enabled_cluster_log_types=[\n \"api\",\n \"audit\",\n ],\n name=cluster_name)\nexample_log_group = aws.cloudwatch.LogGroup(\"example\",\n name=f\"/aws/eks/{cluster_name}/cluster\",\n retention_in_days=7)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var clusterName = config.Get(\"clusterName\") ?? \"example\";\n var example = new Aws.Eks.Cluster(\"example\", new()\n {\n EnabledClusterLogTypes = new[]\n {\n \"api\",\n \"audit\",\n },\n Name = clusterName,\n });\n\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = $\"/aws/eks/{clusterName}/cluster\",\n RetentionInDays = 7,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tclusterName := \"example\"\n\t\tif param := cfg.Get(\"clusterName\"); param != \"\" {\n\t\t\tclusterName = param\n\t\t}\n\t\t_, err := eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tEnabledClusterLogTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api\"),\n\t\t\t\tpulumi.String(\"audit\"),\n\t\t\t},\n\t\t\tName: pulumi.String(clusterName),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"/aws/eks/%v/cluster\", clusterName)),\n\t\t\tRetentionInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var clusterName = config.get(\"clusterName\").orElse(\"example\");\n var example = new Cluster(\"example\", ClusterArgs.builder() \n .enabledClusterLogTypes( \n \"api\",\n \"audit\")\n .name(clusterName)\n .build());\n\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder() \n .name(String.format(\"/aws/eks/%s/cluster\", clusterName))\n .retentionInDays(7)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n clusterName:\n type: string\n default: example\nresources:\n example:\n type: aws:eks:Cluster\n properties:\n enabledClusterLogTypes:\n - api\n - audit\n name: ${clusterName}\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: /aws/eks/${clusterName}/cluster\n retentionInDays: 7 # ... potentially other configuration ...\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling IAM Roles for Service Accounts\n\nOnly available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. For more information about this feature, see the [EKS User Guide](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\nimport * as tls from \"@pulumi/tls\";\n\nconst exampleCluster = new aws.eks.Cluster(\"example\", {});\nconst example = exampleCluster.identities.apply(identities =\u003e tls.getCertificateOutput({\n url: identities[0].oidcs?.[0]?.issuer,\n}));\nconst exampleOpenIdConnectProvider = new aws.iam.OpenIdConnectProvider(\"example\", {\n clientIdLists: [\"sts.amazonaws.com\"],\n thumbprintLists: [example.apply(example =\u003e example.certificates?.[0]?.sha1Fingerprint)],\n url: example.apply(example =\u003e example.url),\n});\nconst exampleAssumeRolePolicy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"sts:AssumeRoleWithWebIdentity\"],\n effect: \"Allow\",\n conditions: [{\n test: \"StringEquals\",\n variable: std.replaceOutput({\n text: exampleOpenIdConnectProvider.url,\n search: \"https://\",\n replace: \"\",\n }).apply(invoke =\u003e `${invoke.result}:sub`),\n values: [\"system:serviceaccount:kube-system:aws-node\"],\n }],\n principals: [{\n identifiers: [exampleOpenIdConnectProvider.arn],\n type: \"Federated\",\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAssumeRolePolicy.apply(exampleAssumeRolePolicy =\u003e exampleAssumeRolePolicy.json),\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\nimport pulumi_tls as tls\n\nexample_cluster = aws.eks.Cluster(\"example\")\nexample = example_cluster.identities.apply(lambda identities: tls.get_certificate_output(url=identities[0].oidcs[0].issuer))\nexample_open_id_connect_provider = aws.iam.OpenIdConnectProvider(\"example\",\n client_id_lists=[\"sts.amazonaws.com\"],\n thumbprint_lists=[example.certificates[0].sha1_fingerprint],\n url=example.url)\nexample_assume_role_policy = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRoleWithWebIdentity\"],\n effect=\"Allow\",\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"StringEquals\",\n variable=std.replace_output(text=example_open_id_connect_provider.url,\n search=\"https://\",\n replace=\"\").apply(lambda invoke: f\"{invoke.result}:sub\"),\n values=[\"system:serviceaccount:kube-system:aws-node\"],\n )],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n identifiers=[example_open_id_connect_provider.arn],\n type=\"Federated\",\n )],\n)])\nexample_role = aws.iam.Role(\"example\",\n assume_role_policy=example_assume_role_policy.json,\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\nusing Tls = Pulumi.Tls;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCluster = new Aws.Eks.Cluster(\"example\");\n\n var example = Tls.GetCertificate.Invoke(new()\n {\n Url = exampleCluster.Identities[0].Oidcs[0]?.Issuer,\n });\n\n var exampleOpenIdConnectProvider = new Aws.Iam.OpenIdConnectProvider(\"example\", new()\n {\n ClientIdLists = new[]\n {\n \"sts.amazonaws.com\",\n },\n ThumbprintLists = new[]\n {\n example.Apply(getCertificateResult =\u003e getCertificateResult.Certificates[0]?.Sha1Fingerprint),\n },\n Url = example.Apply(getCertificateResult =\u003e getCertificateResult.Url),\n });\n\n var exampleAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRoleWithWebIdentity\",\n },\n Effect = \"Allow\",\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = $\"{Std.Replace.Invoke(new()\n {\n Text = exampleOpenIdConnectProvider.Url,\n Search = \"https://\",\n Replace = \"\",\n }).Result}:sub\",\n Values = new[]\n {\n \"system:serviceaccount:kube-system:aws-node\",\n },\n },\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n exampleOpenIdConnectProvider.Arn,\n },\n Type = \"Federated\",\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi-tls/sdk/v4/go/tls\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCluster, err := eks.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := exampleCluster.Identities.ApplyT(func(identities []eks.ClusterIdentity) (tls.GetCertificateResult, error) {\n\t\t\treturn tls.GetCertificateOutput(ctx, tls.GetCertificateOutputArgs{\n\t\t\t\tUrl: identities[0].Oidcs[0].Issuer,\n\t\t\t}, nil), nil\n\t\t}).(tls.GetCertificateResultOutput)\n\t\texampleOpenIdConnectProvider, err := iam.NewOpenIdConnectProvider(ctx, \"example\", \u0026iam.OpenIdConnectProviderArgs{\n\t\t\tClientIdLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sts.amazonaws.com\"),\n\t\t\t},\n\t\t\tThumbprintLists: pulumi.StringArray{\n\t\t\t\texample.ApplyT(func(example tls.GetCertificateResult) (*string, error) {\n\t\t\t\t\treturn \u0026example.Certificates[0].Sha1Fingerprint, nil\n\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t},\n\t\t\tUrl: example.ApplyT(func(example tls.GetCertificateResult) (*string, error) {\n\t\t\t\treturn \u0026example.Url, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAssumeRolePolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sts:AssumeRoleWithWebIdentity\"),\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: std.ReplaceOutput(ctx, std.ReplaceOutputArgs{\n\t\t\t\t\t\t\t\tText: exampleOpenIdConnectProvider.Url,\n\t\t\t\t\t\t\t\tSearch: pulumi.String(\"https://\"),\n\t\t\t\t\t\t\t\tReplace: pulumi.String(\"\"),\n\t\t\t\t\t\t\t}, nil).ApplyT(func(invoke std.ReplaceResult) (string, error) {\n\t\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v:sub\", invoke.Result), nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"system:serviceaccount:kube-system:aws-node\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\texampleOpenIdConnectProvider.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: pulumi.String(\"Federated\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: exampleAssumeRolePolicy.ApplyT(func(exampleAssumeRolePolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026exampleAssumeRolePolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.tls.TlsFunctions;\nimport com.pulumi.tls.inputs.GetCertificateArgs;\nimport com.pulumi.aws.iam.OpenIdConnectProvider;\nimport com.pulumi.aws.iam.OpenIdConnectProviderArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCluster = new Cluster(\"exampleCluster\");\n\n final var example = TlsFunctions.getCertificate(GetCertificateArgs.builder()\n .url(exampleCluster.identities().applyValue(identities -\u003e identities[0].oidcs()[0].issuer()))\n .build());\n\n var exampleOpenIdConnectProvider = new OpenIdConnectProvider(\"exampleOpenIdConnectProvider\", OpenIdConnectProviderArgs.builder() \n .clientIdLists(\"sts.amazonaws.com\")\n .thumbprintLists(example.applyValue(getCertificateResult -\u003e getCertificateResult).applyValue(example -\u003e example.applyValue(getCertificateResult -\u003e getCertificateResult.certificates()[0].sha1Fingerprint())))\n .url(example.applyValue(getCertificateResult -\u003e getCertificateResult).applyValue(example -\u003e example.applyValue(getCertificateResult -\u003e getCertificateResult.url())))\n .build());\n\n final var exampleAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRoleWithWebIdentity\")\n .effect(\"Allow\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(StdFunctions.replace().applyValue(invoke -\u003e String.format(\"%s:sub\", invoke.result())))\n .values(\"system:serviceaccount:kube-system:aws-node\")\n .build())\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(exampleOpenIdConnectProvider.arn())\n .type(\"Federated\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .assumeRolePolicy(exampleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(exampleAssumeRolePolicy -\u003e exampleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleCluster:\n type: aws:eks:Cluster\n name: example\n exampleOpenIdConnectProvider:\n type: aws:iam:OpenIdConnectProvider\n name: example\n properties:\n clientIdLists:\n - sts.amazonaws.com\n thumbprintLists:\n - ${example.certificates[0].sha1Fingerprint}\n url: ${example.url}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n assumeRolePolicy: ${exampleAssumeRolePolicy.json}\n name: example\nvariables:\n example:\n fn::invoke:\n Function: tls:getCertificate\n Arguments:\n url: ${exampleCluster.identities[0].oidcs[0].issuer}\n exampleAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRoleWithWebIdentity\n effect: Allow\n conditions:\n - test: StringEquals\n variable:\n fn::join:\n -\n - - fn::invoke:\n Function: std:replace\n Arguments:\n text: ${exampleOpenIdConnectProvider.url}\n search: https://\n replace:\n Return: result\n - :sub\n values:\n - system:serviceaccount:kube-system:aws-node\n principals:\n - identifiers:\n - ${exampleOpenIdConnectProvider.arn}\n type: Federated\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### EKS Cluster on AWS Outpost\n\n[Creating a local Amazon EKS cluster on an AWS Outpost](https://docs.aws.amazon.com/eks/latest/userguide/create-cluster-outpost.html)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAssumeRolePolicy.json,\n name: \"example\",\n});\nconst exampleCluster = new aws.eks.Cluster(\"example\", {\n name: \"example-cluster\",\n roleArn: example.arn,\n vpcConfig: {\n endpointPrivateAccess: true,\n endpointPublicAccess: false,\n },\n outpostConfig: {\n controlPlaneInstanceType: \"m5d.large\",\n outpostArns: [exampleAwsOutpostsOutpost.arn],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n assume_role_policy=example_assume_role_policy[\"json\"],\n name=\"example\")\nexample_cluster = aws.eks.Cluster(\"example\",\n name=\"example-cluster\",\n role_arn=example.arn,\n vpc_config=aws.eks.ClusterVpcConfigArgs(\n endpoint_private_access=True,\n endpoint_public_access=False,\n ),\n outpost_config=aws.eks.ClusterOutpostConfigArgs(\n control_plane_instance_type=\"m5d.large\",\n outpost_arns=[example_aws_outposts_outpost[\"arn\"]],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAssumeRolePolicy.Json,\n Name = \"example\",\n });\n\n var exampleCluster = new Aws.Eks.Cluster(\"example\", new()\n {\n Name = \"example-cluster\",\n RoleArn = example.Arn,\n VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs\n {\n EndpointPrivateAccess = true,\n EndpointPublicAccess = false,\n },\n OutpostConfig = new Aws.Eks.Inputs.ClusterOutpostConfigArgs\n {\n ControlPlaneInstanceType = \"m5d.large\",\n OutpostArns = new[]\n {\n exampleAwsOutpostsOutpost.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.Any(exampleAssumeRolePolicy.Json),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tName: pulumi.String(\"example-cluster\"),\n\t\t\tRoleArn: example.Arn,\n\t\t\tVpcConfig: \u0026eks.ClusterVpcConfigArgs{\n\t\t\t\tEndpointPrivateAccess: pulumi.Bool(true),\n\t\t\t\tEndpointPublicAccess: pulumi.Bool(false),\n\t\t\t},\n\t\t\tOutpostConfig: \u0026eks.ClusterOutpostConfigArgs{\n\t\t\t\tControlPlaneInstanceType: pulumi.String(\"m5d.large\"),\n\t\t\t\tOutpostArns: pulumi.StringArray{\n\t\t\t\t\texampleAwsOutpostsOutpost.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;\nimport com.pulumi.aws.eks.inputs.ClusterOutpostConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .assumeRolePolicy(exampleAssumeRolePolicy.json())\n .name(\"example\")\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder() \n .name(\"example-cluster\")\n .roleArn(example.arn())\n .vpcConfig(ClusterVpcConfigArgs.builder()\n .endpointPrivateAccess(true)\n .endpointPublicAccess(false)\n .build())\n .outpostConfig(ClusterOutpostConfigArgs.builder()\n .controlPlaneInstanceType(\"m5d.large\")\n .outpostArns(exampleAwsOutpostsOutpost.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${exampleAssumeRolePolicy.json}\n name: example\n exampleCluster:\n type: aws:eks:Cluster\n name: example\n properties:\n name: example-cluster\n roleArn: ${example.arn}\n vpcConfig:\n endpointPrivateAccess: true\n endpointPublicAccess: false\n outpostConfig:\n controlPlaneInstanceType: m5d.large\n outpostArns:\n - ${exampleAwsOutpostsOutpost.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### EKS Cluster with Access Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAssumeRolePolicy.json,\n name: \"example\",\n});\nconst exampleCluster = new aws.eks.Cluster(\"example\", {\n name: \"example-cluster\",\n roleArn: example.arn,\n vpcConfig: {\n endpointPrivateAccess: true,\n endpointPublicAccess: false,\n },\n accessConfig: {\n authenticationMode: \"CONFIG_MAP\",\n bootstrapClusterCreatorAdminPermissions: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n assume_role_policy=example_assume_role_policy[\"json\"],\n name=\"example\")\nexample_cluster = aws.eks.Cluster(\"example\",\n name=\"example-cluster\",\n role_arn=example.arn,\n vpc_config=aws.eks.ClusterVpcConfigArgs(\n endpoint_private_access=True,\n endpoint_public_access=False,\n ),\n access_config=aws.eks.ClusterAccessConfigArgs(\n authentication_mode=\"CONFIG_MAP\",\n bootstrap_cluster_creator_admin_permissions=True,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAssumeRolePolicy.Json,\n Name = \"example\",\n });\n\n var exampleCluster = new Aws.Eks.Cluster(\"example\", new()\n {\n Name = \"example-cluster\",\n RoleArn = example.Arn,\n VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs\n {\n EndpointPrivateAccess = true,\n EndpointPublicAccess = false,\n },\n AccessConfig = new Aws.Eks.Inputs.ClusterAccessConfigArgs\n {\n AuthenticationMode = \"CONFIG_MAP\",\n BootstrapClusterCreatorAdminPermissions = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.Any(exampleAssumeRolePolicy.Json),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tName: pulumi.String(\"example-cluster\"),\n\t\t\tRoleArn: example.Arn,\n\t\t\tVpcConfig: \u0026eks.ClusterVpcConfigArgs{\n\t\t\t\tEndpointPrivateAccess: pulumi.Bool(true),\n\t\t\t\tEndpointPublicAccess: pulumi.Bool(false),\n\t\t\t},\n\t\t\tAccessConfig: \u0026eks.ClusterAccessConfigArgs{\n\t\t\t\tAuthenticationMode: pulumi.String(\"CONFIG_MAP\"),\n\t\t\t\tBootstrapClusterCreatorAdminPermissions: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;\nimport com.pulumi.aws.eks.inputs.ClusterAccessConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .assumeRolePolicy(exampleAssumeRolePolicy.json())\n .name(\"example\")\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder() \n .name(\"example-cluster\")\n .roleArn(example.arn())\n .vpcConfig(ClusterVpcConfigArgs.builder()\n .endpointPrivateAccess(true)\n .endpointPublicAccess(false)\n .build())\n .accessConfig(ClusterAccessConfigArgs.builder()\n .authenticationMode(\"CONFIG_MAP\")\n .bootstrapClusterCreatorAdminPermissions(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${exampleAssumeRolePolicy.json}\n name: example\n exampleCluster:\n type: aws:eks:Cluster\n name: example\n properties:\n name: example-cluster\n roleArn: ${example.arn}\n vpcConfig:\n endpointPrivateAccess: true\n endpointPublicAccess: false\n accessConfig:\n authenticationMode: CONFIG_MAP\n bootstrapClusterCreatorAdminPermissions: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nAfter adding inline IAM Policies (e.g., `aws.iam.RolePolicy` resource) or attaching IAM Policies (e.g., `aws.iam.Policy` resource and `aws.iam.RolePolicyAttachment` resource) with the desired permissions to the IAM Role, annotate the Kubernetes service account (e.g., `kubernetes_service_account` resource) and recreate any pods.\n\n## Import\n\nUsing `pulumi import`, import EKS Clusters using the `name`. For example:\n\n```sh\n$ pulumi import aws:eks/cluster:Cluster my_cluster my_cluster\n```\n", + "description": "Manages an EKS Cluster.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nexport = async () =\u003e {\n const example = new aws.eks.Cluster(\"example\", {\n name: \"example\",\n roleArn: exampleAwsIamRole.arn,\n vpcConfig: {\n subnetIds: [\n example1.id,\n example2.id,\n ],\n },\n }, {\n dependsOn: [\n example_AmazonEKSClusterPolicy,\n example_AmazonEKSVPCResourceController,\n ],\n });\n return {\n endpoint: example.endpoint,\n \"kubeconfig-certificate-authority-data\": example.certificateAuthority.apply(certificateAuthority =\u003e certificateAuthority.data),\n };\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.Cluster(\"example\",\n name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n vpc_config=aws.eks.ClusterVpcConfigArgs(\n subnet_ids=[\n example1[\"id\"],\n example2[\"id\"],\n ],\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n example__amazon_eks_cluster_policy,\n example__amazon_eksvpc_resource_controller,\n ]))\npulumi.export(\"endpoint\", example.endpoint)\npulumi.export(\"kubeconfig-certificate-authority-data\", example.certificate_authority.data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.Cluster(\"example\", new()\n {\n Name = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs\n {\n SubnetIds = new[]\n {\n example1.Id,\n example2.Id,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example_AmazonEKSClusterPolicy, \n example_AmazonEKSVPCResourceController, \n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"endpoint\"] = example.Endpoint,\n [\"kubeconfig-certificate-authority-data\"] = example.CertificateAuthority.Apply(certificateAuthority =\u003e certificateAuthority.Data),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tVpcConfig: \u0026eks.ClusterVpcConfigArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\texample1.Id,\n\t\t\t\t\texample2.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample_AmazonEKSClusterPolicy,\n\t\t\texample_AmazonEKSVPCResourceController,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"endpoint\", example.Endpoint)\n\t\tctx.Export(\"kubeconfig-certificate-authority-data\", example.CertificateAuthority.ApplyT(func(certificateAuthority eks.ClusterCertificateAuthority) (*string, error) {\n\t\t\treturn \u0026certificateAuthority.Data, nil\n\t\t}).(pulumi.StringPtrOutput))\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\", ClusterArgs.builder() \n .name(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .vpcConfig(ClusterVpcConfigArgs.builder()\n .subnetIds( \n example1.id(),\n example2.id())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example_AmazonEKSClusterPolicy,\n example_AmazonEKSVPCResourceController)\n .build());\n\n ctx.export(\"endpoint\", example.endpoint());\n ctx.export(\"kubeconfig-certificate-authority-data\", example.certificateAuthority().applyValue(certificateAuthority -\u003e certificateAuthority.data()));\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:Cluster\n properties:\n name: example\n roleArn: ${exampleAwsIamRole.arn}\n vpcConfig:\n subnetIds:\n - ${example1.id}\n - ${example2.id}\n options:\n dependson:\n - ${[\"example-AmazonEKSClusterPolicy\"]}\n - ${[\"example-AmazonEKSVPCResourceController\"]}\noutputs:\n endpoint: ${example.endpoint}\n kubeconfig-certificate-authority-data: ${example.certificateAuthority.data}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for EKS Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"eks.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"eks-cluster-example\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst example_AmazonEKSClusterPolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n role: example.name,\n});\n// Optionally, enable Security Groups for Pods\n// Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\nconst example_AmazonEKSVPCResourceController = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"eks.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nexample = aws.iam.Role(\"example\",\n name=\"eks-cluster-example\",\n assume_role_policy=assume_role.json)\nexample__amazon_eks_cluster_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n role=example.name)\n# Optionally, enable Security Groups for Pods\n# Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\nexample__amazon_eksvpc_resource_controller = aws.iam.RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"eks.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"eks-cluster-example\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var example_AmazonEKSClusterPolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\",\n Role = example.Name,\n });\n\n // Optionally, enable Security Groups for Pods\n // Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n var example_AmazonEKSVPCResourceController = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"eks.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"eks-cluster-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSClusterPolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Optionally, enable Security Groups for Pods\n\t\t// Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSVPCResourceController\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"eks.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"eks-cluster-example\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var example_AmazonEKSClusterPolicy = new RolePolicyAttachment(\"example-AmazonEKSClusterPolicy\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\")\n .role(example.name())\n .build());\n\n // Optionally, enable Security Groups for Pods\n // Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n var example_AmazonEKSVPCResourceController = new RolePolicyAttachment(\"example-AmazonEKSVPCResourceController\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\")\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: eks-cluster-example\n assumeRolePolicy: ${assumeRole.json}\n example-AmazonEKSClusterPolicy:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSClusterPolicy\n role: ${example.name}\n # Optionally, enable Security Groups for Pods\n # Reference: https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html\n example-AmazonEKSVPCResourceController:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSVPCResourceController\n role: ${example.name}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - eks.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling Control Plane Logging\n\n[EKS Control Plane Logging](https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) can be enabled via the `enabled_cluster_log_types` argument. To manage the CloudWatch Log Group retention period, the `aws.cloudwatch.LogGroup` resource can be used.\n\n\u003e The below configuration uses [`dependsOn`](https://www.pulumi.com/docs/intro/concepts/programming-model/#dependson) to prevent ordering issues with EKS automatically creating the log group first and a variable for naming consistency. Other ordering and naming methodologies may be more appropriate for your environment.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst clusterName = config.get(\"clusterName\") || \"example\";\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {\n name: `/aws/eks/${clusterName}/cluster`,\n retentionInDays: 7,\n});\nconst example = new aws.eks.Cluster(\"example\", {\n enabledClusterLogTypes: [\n \"api\",\n \"audit\",\n ],\n name: clusterName,\n}, {\n dependsOn: [exampleLogGroup],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ncluster_name = config.get(\"clusterName\")\nif cluster_name is None:\n cluster_name = \"example\"\nexample_log_group = aws.cloudwatch.LogGroup(\"example\",\n name=f\"/aws/eks/{cluster_name}/cluster\",\n retention_in_days=7)\nexample = aws.eks.Cluster(\"example\",\n enabled_cluster_log_types=[\n \"api\",\n \"audit\",\n ],\n name=cluster_name,\n opts=pulumi.ResourceOptions(depends_on=[example_log_group]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var clusterName = config.Get(\"clusterName\") ?? \"example\";\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = $\"/aws/eks/{clusterName}/cluster\",\n RetentionInDays = 7,\n });\n\n var example = new Aws.Eks.Cluster(\"example\", new()\n {\n EnabledClusterLogTypes = new[]\n {\n \"api\",\n \"audit\",\n },\n Name = clusterName,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleLogGroup, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tclusterName := \"example\"\n\t\tif param := cfg.Get(\"clusterName\"); param != \"\" {\n\t\t\tclusterName = param\n\t\t}\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"/aws/eks/%v/cluster\", clusterName)),\n\t\t\tRetentionInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tEnabledClusterLogTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"api\"),\n\t\t\t\tpulumi.String(\"audit\"),\n\t\t\t},\n\t\t\tName: pulumi.String(clusterName),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleLogGroup,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var clusterName = config.get(\"clusterName\").orElse(\"example\");\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder() \n .name(String.format(\"/aws/eks/%s/cluster\", clusterName))\n .retentionInDays(7)\n .build());\n\n var example = new Cluster(\"example\", ClusterArgs.builder() \n .enabledClusterLogTypes( \n \"api\",\n \"audit\")\n .name(clusterName)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleLogGroup)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n clusterName:\n type: string\n default: example\nresources:\n example:\n type: aws:eks:Cluster\n properties:\n enabledClusterLogTypes:\n - api\n - audit\n name: ${clusterName}\n options:\n dependson:\n - ${exampleLogGroup}\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: /aws/eks/${clusterName}/cluster\n retentionInDays: 7 # ... potentially other configuration ...\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling IAM Roles for Service Accounts\n\nOnly available on Kubernetes version 1.13 and 1.14 clusters created or upgraded on or after September 3, 2019. For more information about this feature, see the [EKS User Guide](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\nimport * as tls from \"@pulumi/tls\";\n\nconst exampleCluster = new aws.eks.Cluster(\"example\", {});\nconst example = exampleCluster.identities.apply(identities =\u003e tls.getCertificateOutput({\n url: identities[0].oidcs?.[0]?.issuer,\n}));\nconst exampleOpenIdConnectProvider = new aws.iam.OpenIdConnectProvider(\"example\", {\n clientIdLists: [\"sts.amazonaws.com\"],\n thumbprintLists: [example.apply(example =\u003e example.certificates?.[0]?.sha1Fingerprint)],\n url: example.apply(example =\u003e example.url),\n});\nconst exampleAssumeRolePolicy = aws.iam.getPolicyDocumentOutput({\n statements: [{\n actions: [\"sts:AssumeRoleWithWebIdentity\"],\n effect: \"Allow\",\n conditions: [{\n test: \"StringEquals\",\n variable: std.replaceOutput({\n text: exampleOpenIdConnectProvider.url,\n search: \"https://\",\n replace: \"\",\n }).apply(invoke =\u003e `${invoke.result}:sub`),\n values: [\"system:serviceaccount:kube-system:aws-node\"],\n }],\n principals: [{\n identifiers: [exampleOpenIdConnectProvider.arn],\n type: \"Federated\",\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAssumeRolePolicy.apply(exampleAssumeRolePolicy =\u003e exampleAssumeRolePolicy.json),\n name: \"example\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\nimport pulumi_tls as tls\n\nexample_cluster = aws.eks.Cluster(\"example\")\nexample = example_cluster.identities.apply(lambda identities: tls.get_certificate_output(url=identities[0].oidcs[0].issuer))\nexample_open_id_connect_provider = aws.iam.OpenIdConnectProvider(\"example\",\n client_id_lists=[\"sts.amazonaws.com\"],\n thumbprint_lists=[example.certificates[0].sha1_fingerprint],\n url=example.url)\nexample_assume_role_policy = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRoleWithWebIdentity\"],\n effect=\"Allow\",\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"StringEquals\",\n variable=std.replace_output(text=example_open_id_connect_provider.url,\n search=\"https://\",\n replace=\"\").apply(lambda invoke: f\"{invoke.result}:sub\"),\n values=[\"system:serviceaccount:kube-system:aws-node\"],\n )],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n identifiers=[example_open_id_connect_provider.arn],\n type=\"Federated\",\n )],\n)])\nexample_role = aws.iam.Role(\"example\",\n assume_role_policy=example_assume_role_policy.json,\n name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\nusing Tls = Pulumi.Tls;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCluster = new Aws.Eks.Cluster(\"example\");\n\n var example = Tls.GetCertificate.Invoke(new()\n {\n Url = exampleCluster.Identities[0].Oidcs[0]?.Issuer,\n });\n\n var exampleOpenIdConnectProvider = new Aws.Iam.OpenIdConnectProvider(\"example\", new()\n {\n ClientIdLists = new[]\n {\n \"sts.amazonaws.com\",\n },\n ThumbprintLists = new[]\n {\n example.Apply(getCertificateResult =\u003e getCertificateResult.Certificates[0]?.Sha1Fingerprint),\n },\n Url = example.Apply(getCertificateResult =\u003e getCertificateResult.Url),\n });\n\n var exampleAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRoleWithWebIdentity\",\n },\n Effect = \"Allow\",\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"StringEquals\",\n Variable = $\"{Std.Replace.Invoke(new()\n {\n Text = exampleOpenIdConnectProvider.Url,\n Search = \"https://\",\n Replace = \"\",\n }).Result}:sub\",\n Values = new[]\n {\n \"system:serviceaccount:kube-system:aws-node\",\n },\n },\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n exampleOpenIdConnectProvider.Arn,\n },\n Type = \"Federated\",\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi-tls/sdk/v4/go/tls\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCluster, err := eks.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := exampleCluster.Identities.ApplyT(func(identities []eks.ClusterIdentity) (tls.GetCertificateResult, error) {\n\t\t\treturn tls.GetCertificateOutput(ctx, tls.GetCertificateOutputArgs{\n\t\t\t\tUrl: identities[0].Oidcs[0].Issuer,\n\t\t\t}, nil), nil\n\t\t}).(tls.GetCertificateResultOutput)\n\t\texampleOpenIdConnectProvider, err := iam.NewOpenIdConnectProvider(ctx, \"example\", \u0026iam.OpenIdConnectProviderArgs{\n\t\t\tClientIdLists: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sts.amazonaws.com\"),\n\t\t\t},\n\t\t\tThumbprintLists: pulumi.StringArray{\n\t\t\t\texample.ApplyT(func(example tls.GetCertificateResult) (*string, error) {\n\t\t\t\t\treturn \u0026example.Certificates[0].Sha1Fingerprint, nil\n\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t},\n\t\t\tUrl: example.ApplyT(func(example tls.GetCertificateResult) (*string, error) {\n\t\t\t\treturn \u0026example.Url, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAssumeRolePolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sts:AssumeRoleWithWebIdentity\"),\n\t\t\t\t\t},\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"StringEquals\"),\n\t\t\t\t\t\t\tVariable: std.ReplaceOutput(ctx, std.ReplaceOutputArgs{\n\t\t\t\t\t\t\t\tText: exampleOpenIdConnectProvider.Url,\n\t\t\t\t\t\t\t\tSearch: pulumi.String(\"https://\"),\n\t\t\t\t\t\t\t\tReplace: pulumi.String(\"\"),\n\t\t\t\t\t\t\t}, nil).ApplyT(func(invoke std.ReplaceResult) (string, error) {\n\t\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v:sub\", invoke.Result), nil\n\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"system:serviceaccount:kube-system:aws-node\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\texampleOpenIdConnectProvider.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: pulumi.String(\"Federated\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: exampleAssumeRolePolicy.ApplyT(func(exampleAssumeRolePolicy iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026exampleAssumeRolePolicy.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.tls.TlsFunctions;\nimport com.pulumi.tls.inputs.GetCertificateArgs;\nimport com.pulumi.aws.iam.OpenIdConnectProvider;\nimport com.pulumi.aws.iam.OpenIdConnectProviderArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCluster = new Cluster(\"exampleCluster\");\n\n final var example = TlsFunctions.getCertificate(GetCertificateArgs.builder()\n .url(exampleCluster.identities().applyValue(identities -\u003e identities[0].oidcs()[0].issuer()))\n .build());\n\n var exampleOpenIdConnectProvider = new OpenIdConnectProvider(\"exampleOpenIdConnectProvider\", OpenIdConnectProviderArgs.builder() \n .clientIdLists(\"sts.amazonaws.com\")\n .thumbprintLists(example.applyValue(getCertificateResult -\u003e getCertificateResult).applyValue(example -\u003e example.applyValue(getCertificateResult -\u003e getCertificateResult.certificates()[0].sha1Fingerprint())))\n .url(example.applyValue(getCertificateResult -\u003e getCertificateResult).applyValue(example -\u003e example.applyValue(getCertificateResult -\u003e getCertificateResult.url())))\n .build());\n\n final var exampleAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRoleWithWebIdentity\")\n .effect(\"Allow\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"StringEquals\")\n .variable(StdFunctions.replace().applyValue(invoke -\u003e String.format(\"%s:sub\", invoke.result())))\n .values(\"system:serviceaccount:kube-system:aws-node\")\n .build())\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(exampleOpenIdConnectProvider.arn())\n .type(\"Federated\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .assumeRolePolicy(exampleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(exampleAssumeRolePolicy -\u003e exampleAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleCluster:\n type: aws:eks:Cluster\n name: example\n exampleOpenIdConnectProvider:\n type: aws:iam:OpenIdConnectProvider\n name: example\n properties:\n clientIdLists:\n - sts.amazonaws.com\n thumbprintLists:\n - ${example.certificates[0].sha1Fingerprint}\n url: ${example.url}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n assumeRolePolicy: ${exampleAssumeRolePolicy.json}\n name: example\nvariables:\n example:\n fn::invoke:\n Function: tls:getCertificate\n Arguments:\n url: ${exampleCluster.identities[0].oidcs[0].issuer}\n exampleAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRoleWithWebIdentity\n effect: Allow\n conditions:\n - test: StringEquals\n variable:\n fn::join:\n -\n - - fn::invoke:\n Function: std:replace\n Arguments:\n text: ${exampleOpenIdConnectProvider.url}\n search: https://\n replace:\n Return: result\n - :sub\n values:\n - system:serviceaccount:kube-system:aws-node\n principals:\n - identifiers:\n - ${exampleOpenIdConnectProvider.arn}\n type: Federated\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### EKS Cluster on AWS Outpost\n\n[Creating a local Amazon EKS cluster on an AWS Outpost](https://docs.aws.amazon.com/eks/latest/userguide/create-cluster-outpost.html)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAssumeRolePolicy.json,\n name: \"example\",\n});\nconst exampleCluster = new aws.eks.Cluster(\"example\", {\n name: \"example-cluster\",\n roleArn: example.arn,\n vpcConfig: {\n endpointPrivateAccess: true,\n endpointPublicAccess: false,\n },\n outpostConfig: {\n controlPlaneInstanceType: \"m5d.large\",\n outpostArns: [exampleAwsOutpostsOutpost.arn],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n assume_role_policy=example_assume_role_policy[\"json\"],\n name=\"example\")\nexample_cluster = aws.eks.Cluster(\"example\",\n name=\"example-cluster\",\n role_arn=example.arn,\n vpc_config=aws.eks.ClusterVpcConfigArgs(\n endpoint_private_access=True,\n endpoint_public_access=False,\n ),\n outpost_config=aws.eks.ClusterOutpostConfigArgs(\n control_plane_instance_type=\"m5d.large\",\n outpost_arns=[example_aws_outposts_outpost[\"arn\"]],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAssumeRolePolicy.Json,\n Name = \"example\",\n });\n\n var exampleCluster = new Aws.Eks.Cluster(\"example\", new()\n {\n Name = \"example-cluster\",\n RoleArn = example.Arn,\n VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs\n {\n EndpointPrivateAccess = true,\n EndpointPublicAccess = false,\n },\n OutpostConfig = new Aws.Eks.Inputs.ClusterOutpostConfigArgs\n {\n ControlPlaneInstanceType = \"m5d.large\",\n OutpostArns = new[]\n {\n exampleAwsOutpostsOutpost.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.Any(exampleAssumeRolePolicy.Json),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tName: pulumi.String(\"example-cluster\"),\n\t\t\tRoleArn: example.Arn,\n\t\t\tVpcConfig: \u0026eks.ClusterVpcConfigArgs{\n\t\t\t\tEndpointPrivateAccess: pulumi.Bool(true),\n\t\t\t\tEndpointPublicAccess: pulumi.Bool(false),\n\t\t\t},\n\t\t\tOutpostConfig: \u0026eks.ClusterOutpostConfigArgs{\n\t\t\t\tControlPlaneInstanceType: pulumi.String(\"m5d.large\"),\n\t\t\t\tOutpostArns: pulumi.StringArray{\n\t\t\t\t\texampleAwsOutpostsOutpost.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;\nimport com.pulumi.aws.eks.inputs.ClusterOutpostConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .assumeRolePolicy(exampleAssumeRolePolicy.json())\n .name(\"example\")\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder() \n .name(\"example-cluster\")\n .roleArn(example.arn())\n .vpcConfig(ClusterVpcConfigArgs.builder()\n .endpointPrivateAccess(true)\n .endpointPublicAccess(false)\n .build())\n .outpostConfig(ClusterOutpostConfigArgs.builder()\n .controlPlaneInstanceType(\"m5d.large\")\n .outpostArns(exampleAwsOutpostsOutpost.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${exampleAssumeRolePolicy.json}\n name: example\n exampleCluster:\n type: aws:eks:Cluster\n name: example\n properties:\n name: example-cluster\n roleArn: ${example.arn}\n vpcConfig:\n endpointPrivateAccess: true\n endpointPublicAccess: false\n outpostConfig:\n controlPlaneInstanceType: m5d.large\n outpostArns:\n - ${exampleAwsOutpostsOutpost.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### EKS Cluster with Access Config\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: exampleAssumeRolePolicy.json,\n name: \"example\",\n});\nconst exampleCluster = new aws.eks.Cluster(\"example\", {\n name: \"example-cluster\",\n roleArn: example.arn,\n vpcConfig: {\n endpointPrivateAccess: true,\n endpointPublicAccess: false,\n },\n accessConfig: {\n authenticationMode: \"CONFIG_MAP\",\n bootstrapClusterCreatorAdminPermissions: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n assume_role_policy=example_assume_role_policy[\"json\"],\n name=\"example\")\nexample_cluster = aws.eks.Cluster(\"example\",\n name=\"example-cluster\",\n role_arn=example.arn,\n vpc_config=aws.eks.ClusterVpcConfigArgs(\n endpoint_private_access=True,\n endpoint_public_access=False,\n ),\n access_config=aws.eks.ClusterAccessConfigArgs(\n authentication_mode=\"CONFIG_MAP\",\n bootstrap_cluster_creator_admin_permissions=True,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = exampleAssumeRolePolicy.Json,\n Name = \"example\",\n });\n\n var exampleCluster = new Aws.Eks.Cluster(\"example\", new()\n {\n Name = \"example-cluster\",\n RoleArn = example.Arn,\n VpcConfig = new Aws.Eks.Inputs.ClusterVpcConfigArgs\n {\n EndpointPrivateAccess = true,\n EndpointPublicAccess = false,\n },\n AccessConfig = new Aws.Eks.Inputs.ClusterAccessConfigArgs\n {\n AuthenticationMode = \"CONFIG_MAP\",\n BootstrapClusterCreatorAdminPermissions = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.Any(exampleAssumeRolePolicy.Json),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = eks.NewCluster(ctx, \"example\", \u0026eks.ClusterArgs{\n\t\t\tName: pulumi.String(\"example-cluster\"),\n\t\t\tRoleArn: example.Arn,\n\t\t\tVpcConfig: \u0026eks.ClusterVpcConfigArgs{\n\t\t\t\tEndpointPrivateAccess: pulumi.Bool(true),\n\t\t\t\tEndpointPublicAccess: pulumi.Bool(false),\n\t\t\t},\n\t\t\tAccessConfig: \u0026eks.ClusterAccessConfigArgs{\n\t\t\t\tAuthenticationMode: pulumi.String(\"CONFIG_MAP\"),\n\t\t\t\tBootstrapClusterCreatorAdminPermissions: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.eks.Cluster;\nimport com.pulumi.aws.eks.ClusterArgs;\nimport com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs;\nimport com.pulumi.aws.eks.inputs.ClusterAccessConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .assumeRolePolicy(exampleAssumeRolePolicy.json())\n .name(\"example\")\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder() \n .name(\"example-cluster\")\n .roleArn(example.arn())\n .vpcConfig(ClusterVpcConfigArgs.builder()\n .endpointPrivateAccess(true)\n .endpointPublicAccess(false)\n .build())\n .accessConfig(ClusterAccessConfigArgs.builder()\n .authenticationMode(\"CONFIG_MAP\")\n .bootstrapClusterCreatorAdminPermissions(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${exampleAssumeRolePolicy.json}\n name: example\n exampleCluster:\n type: aws:eks:Cluster\n name: example\n properties:\n name: example-cluster\n roleArn: ${example.arn}\n vpcConfig:\n endpointPrivateAccess: true\n endpointPublicAccess: false\n accessConfig:\n authenticationMode: CONFIG_MAP\n bootstrapClusterCreatorAdminPermissions: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nAfter adding inline IAM Policies (e.g., `aws.iam.RolePolicy` resource) or attaching IAM Policies (e.g., `aws.iam.Policy` resource and `aws.iam.RolePolicyAttachment` resource) with the desired permissions to the IAM Role, annotate the Kubernetes service account (e.g., `kubernetes_service_account` resource) and recreate any pods.\n\n## Import\n\nUsing `pulumi import`, import EKS Clusters using the `name`. For example:\n\n```sh\n$ pulumi import aws:eks/cluster:Cluster my_cluster my_cluster\n```\n", "properties": { "accessConfig": { "$ref": "#/types/aws:eks/ClusterAccessConfig:ClusterAccessConfig", @@ -233292,7 +233292,7 @@ } }, "aws:eks/fargateProfile:FargateProfile": { - "description": "Manages an EKS Fargate Profile.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.FargateProfile(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n fargateProfileName: \"example\",\n podExecutionRoleArn: exampleAwsIamRole.arn,\n subnetIds: exampleAwsSubnet.map(__item =\u003e __item.id),\n selectors: [{\n namespace: \"example\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.FargateProfile(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n fargate_profile_name=\"example\",\n pod_execution_role_arn=example_aws_iam_role[\"arn\"],\n subnet_ids=[__item[\"id\"] for __item in example_aws_subnet],\n selectors=[aws.eks.FargateProfileSelectorArgs(\n namespace=\"example\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.FargateProfile(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n FargateProfileName = \"example\",\n PodExecutionRoleArn = exampleAwsIamRole.Arn,\n SubnetIds = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n Selectors = new[]\n {\n new Aws.Eks.Inputs.FargateProfileSelectorArgs\n {\n Namespace = \"example\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Id)\n}\n_, err := eks.NewFargateProfile(ctx, \"example\", \u0026eks.FargateProfileArgs{\nClusterName: pulumi.Any(exampleAwsEksCluster.Name),\nFargateProfileName: pulumi.String(\"example\"),\nPodExecutionRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nSubnetIds: toPulumiArray(splat0),\nSelectors: eks.FargateProfileSelectorArray{\n\u0026eks.FargateProfileSelectorArgs{\nNamespace: pulumi.String(\"example\"),\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.FargateProfile;\nimport com.pulumi.aws.eks.FargateProfileArgs;\nimport com.pulumi.aws.eks.inputs.FargateProfileSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FargateProfile(\"example\", FargateProfileArgs.builder() \n .clusterName(exampleAwsEksCluster.name())\n .fargateProfileName(\"example\")\n .podExecutionRoleArn(exampleAwsIamRole.arn())\n .subnetIds(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .selectors(FargateProfileSelectorArgs.builder()\n .namespace(\"example\")\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for EKS Fargate Profile\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: \"eks-fargate-profile-example\",\n assumeRolePolicy: JSON.stringify({\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n principal: {\n service: \"eks-fargate-pods.amazonaws.com\",\n },\n }],\n version: \"2012-10-17\",\n }),\n});\nconst example_AmazonEKSFargatePodExecutionRolePolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=\"eks-fargate-profile-example\",\n assume_role_policy=json.dumps({\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": \"eks-fargate-pods.amazonaws.com\",\n },\n }],\n \"version\": \"2012-10-17\",\n }))\nexample__amazon_eks_fargate_pod_execution_role_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"eks-fargate-profile-example\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"eks-fargate-pods.amazonaws.com\",\n },\n },\n },\n [\"version\"] = \"2012-10-17\",\n }),\n });\n\n var example_AmazonEKSFargatePodExecutionRolePolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"eks-fargate-pods.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"eks-fargate-profile-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSFargatePodExecutionRolePolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"eks-fargate-profile-example\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"eks-fargate-pods.amazonaws.com\")\n ))\n ))),\n jsonProperty(\"version\", \"2012-10-17\")\n )))\n .build());\n\n var example_AmazonEKSFargatePodExecutionRolePolicy = new RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\")\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: eks-fargate-profile-example\n assumeRolePolicy:\n fn::toJSON:\n statement:\n - action: sts:AssumeRole\n effect: Allow\n principal:\n service: eks-fargate-pods.amazonaws.com\n version: 2012-10-17\n example-AmazonEKSFargatePodExecutionRolePolicy:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\n role: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS Fargate Profiles using the `cluster_name` and `fargate_profile_name` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:eks/fargateProfile:FargateProfile my_fargate_profile my_cluster:my_fargate_profile\n```\n", + "description": "Manages an EKS Fargate Profile.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.FargateProfile(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n fargateProfileName: \"example\",\n podExecutionRoleArn: exampleAwsIamRole.arn,\n subnetIds: exampleAwsSubnet.map(__item =\u003e __item.id),\n selectors: [{\n namespace: \"example\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.FargateProfile(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n fargate_profile_name=\"example\",\n pod_execution_role_arn=example_aws_iam_role[\"arn\"],\n subnet_ids=[__item[\"id\"] for __item in example_aws_subnet],\n selectors=[aws.eks.FargateProfileSelectorArgs(\n namespace=\"example\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.FargateProfile(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n FargateProfileName = \"example\",\n PodExecutionRoleArn = exampleAwsIamRole.Arn,\n SubnetIds = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n Selectors = new[]\n {\n new Aws.Eks.Inputs.FargateProfileSelectorArgs\n {\n Namespace = \"example\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Id)\n}\n_, err := eks.NewFargateProfile(ctx, \"example\", \u0026eks.FargateProfileArgs{\nClusterName: pulumi.Any(exampleAwsEksCluster.Name),\nFargateProfileName: pulumi.String(\"example\"),\nPodExecutionRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nSubnetIds: toPulumiArray(splat0),\nSelectors: eks.FargateProfileSelectorArray{\n\u0026eks.FargateProfileSelectorArgs{\nNamespace: pulumi.String(\"example\"),\n},\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.FargateProfile;\nimport com.pulumi.aws.eks.FargateProfileArgs;\nimport com.pulumi.aws.eks.inputs.FargateProfileSelectorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FargateProfile(\"example\", FargateProfileArgs.builder() \n .clusterName(exampleAwsEksCluster.name())\n .fargateProfileName(\"example\")\n .podExecutionRoleArn(exampleAwsIamRole.arn())\n .subnetIds(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .selectors(FargateProfileSelectorArgs.builder()\n .namespace(\"example\")\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for EKS Fargate Profile\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: \"eks-fargate-profile-example\",\n assumeRolePolicy: JSON.stringify({\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Principal: {\n Service: \"eks-fargate-pods.amazonaws.com\",\n },\n }],\n Version: \"2012-10-17\",\n }),\n});\nconst example_AmazonEKSFargatePodExecutionRolePolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=\"eks-fargate-profile-example\",\n assume_role_policy=json.dumps({\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"eks-fargate-pods.amazonaws.com\",\n },\n }],\n \"Version\": \"2012-10-17\",\n }))\nexample__amazon_eks_fargate_pod_execution_role_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"eks-fargate-profile-example\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"eks-fargate-pods.amazonaws.com\",\n },\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var example_AmazonEKSFargatePodExecutionRolePolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"eks-fargate-pods.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"eks-fargate-profile-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSFargatePodExecutionRolePolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"eks-fargate-profile-example\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"eks-fargate-pods.amazonaws.com\")\n ))\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var example_AmazonEKSFargatePodExecutionRolePolicy = new RolePolicyAttachment(\"example-AmazonEKSFargatePodExecutionRolePolicy\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\")\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: eks-fargate-profile-example\n assumeRolePolicy:\n fn::toJSON:\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Principal:\n Service: eks-fargate-pods.amazonaws.com\n Version: 2012-10-17\n example-AmazonEKSFargatePodExecutionRolePolicy:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy\n role: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS Fargate Profiles using the `cluster_name` and `fargate_profile_name` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:eks/fargateProfile:FargateProfile my_fargate_profile my_cluster:my_fargate_profile\n```\n", "properties": { "arn": { "type": "string", @@ -233565,7 +233565,7 @@ } }, "aws:eks/nodeGroup:NodeGroup": { - "description": "Manages an EKS Node Group, which can provision and optionally update an Auto Scaling Group of Kubernetes worker nodes compatible with EKS. Additional documentation about this functionality can be found in the [EKS User Guide](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.NodeGroup(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n nodeGroupName: \"example\",\n nodeRoleArn: exampleAwsIamRole.arn,\n subnetIds: exampleAwsSubnet.map(__item =\u003e __item.id),\n scalingConfig: {\n desiredSize: 1,\n maxSize: 2,\n minSize: 1,\n },\n updateConfig: {\n maxUnavailable: 1,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.NodeGroup(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n node_group_name=\"example\",\n node_role_arn=example_aws_iam_role[\"arn\"],\n subnet_ids=[__item[\"id\"] for __item in example_aws_subnet],\n scaling_config=aws.eks.NodeGroupScalingConfigArgs(\n desired_size=1,\n max_size=2,\n min_size=1,\n ),\n update_config=aws.eks.NodeGroupUpdateConfigArgs(\n max_unavailable=1,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.NodeGroup(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n NodeGroupName = \"example\",\n NodeRoleArn = exampleAwsIamRole.Arn,\n SubnetIds = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n ScalingConfig = new Aws.Eks.Inputs.NodeGroupScalingConfigArgs\n {\n DesiredSize = 1,\n MaxSize = 2,\n MinSize = 1,\n },\n UpdateConfig = new Aws.Eks.Inputs.NodeGroupUpdateConfigArgs\n {\n MaxUnavailable = 1,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Id)\n}\n_, err := eks.NewNodeGroup(ctx, \"example\", \u0026eks.NodeGroupArgs{\nClusterName: pulumi.Any(exampleAwsEksCluster.Name),\nNodeGroupName: pulumi.String(\"example\"),\nNodeRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nSubnetIds: toPulumiArray(splat0),\nScalingConfig: \u0026eks.NodeGroupScalingConfigArgs{\nDesiredSize: pulumi.Int(1),\nMaxSize: pulumi.Int(2),\nMinSize: pulumi.Int(1),\n},\nUpdateConfig: \u0026eks.NodeGroupUpdateConfigArgs{\nMaxUnavailable: pulumi.Int(1),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.NodeGroup;\nimport com.pulumi.aws.eks.NodeGroupArgs;\nimport com.pulumi.aws.eks.inputs.NodeGroupScalingConfigArgs;\nimport com.pulumi.aws.eks.inputs.NodeGroupUpdateConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NodeGroup(\"example\", NodeGroupArgs.builder() \n .clusterName(exampleAwsEksCluster.name())\n .nodeGroupName(\"example\")\n .nodeRoleArn(exampleAwsIamRole.arn())\n .subnetIds(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .scalingConfig(NodeGroupScalingConfigArgs.builder()\n .desiredSize(1)\n .maxSize(2)\n .minSize(1)\n .build())\n .updateConfig(NodeGroupUpdateConfigArgs.builder()\n .maxUnavailable(1)\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ignoring Changes to Desired Size\n\nYou can utilize [ignoreChanges](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) create an EKS Node Group with an initial size of running instances, then ignore any changes to that count caused externally (e.g. Application Autoscaling).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.NodeGroup(\"example\", {scalingConfig: {\n desiredSize: 2,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.NodeGroup(\"example\", scaling_config=aws.eks.NodeGroupScalingConfigArgs(\n desired_size=2,\n))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.NodeGroup(\"example\", new()\n {\n ScalingConfig = new Aws.Eks.Inputs.NodeGroupScalingConfigArgs\n {\n DesiredSize = 2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.NewNodeGroup(ctx, \"example\", \u0026eks.NodeGroupArgs{\n\t\t\tScalingConfig: \u0026eks.NodeGroupScalingConfigArgs{\n\t\t\t\tDesiredSize: pulumi.Int(2),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.NodeGroup;\nimport com.pulumi.aws.eks.NodeGroupArgs;\nimport com.pulumi.aws.eks.inputs.NodeGroupScalingConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NodeGroup(\"example\", NodeGroupArgs.builder() \n .scalingConfig(NodeGroupScalingConfigArgs.builder()\n .desiredSize(2)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:NodeGroup\n properties:\n scalingConfig:\n desiredSize: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for EKS Node Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: \"eks-node-group-example\",\n assumeRolePolicy: JSON.stringify({\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n principal: {\n service: \"ec2.amazonaws.com\",\n },\n }],\n version: \"2012-10-17\",\n }),\n});\nconst example_AmazonEKSWorkerNodePolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n role: example.name,\n});\nconst example_AmazonEKSCNIPolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKS_CNI_Policy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n role: example.name,\n});\nconst example_AmazonEC2ContainerRegistryReadOnly = new aws.iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=\"eks-node-group-example\",\n assume_role_policy=json.dumps({\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": \"ec2.amazonaws.com\",\n },\n }],\n \"version\": \"2012-10-17\",\n }))\nexample__amazon_eks_worker_node_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n role=example.name)\nexample__amazon_ekscni_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKS_CNI_Policy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n role=example.name)\nexample__amazon_ec2_container_registry_read_only = aws.iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"eks-node-group-example\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n [\"version\"] = \"2012-10-17\",\n }),\n });\n\n var example_AmazonEKSWorkerNodePolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n Role = example.Name,\n });\n\n var example_AmazonEKSCNIPolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKS_CNI_Policy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n Role = example.Name,\n });\n\n var example_AmazonEC2ContainerRegistryReadOnly = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"eks-node-group-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSWorkerNodePolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKS_CNI_Policy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEC2ContainerRegistryReadOnly\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"eks-node-group-example\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"ec2.amazonaws.com\")\n ))\n ))),\n jsonProperty(\"version\", \"2012-10-17\")\n )))\n .build());\n\n var example_AmazonEKSWorkerNodePolicy = new RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\")\n .role(example.name())\n .build());\n\n var example_AmazonEKSCNIPolicy = new RolePolicyAttachment(\"example-AmazonEKSCNIPolicy\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\")\n .role(example.name())\n .build());\n\n var example_AmazonEC2ContainerRegistryReadOnly = new RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\")\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: eks-node-group-example\n assumeRolePolicy:\n fn::toJSON:\n statement:\n - action: sts:AssumeRole\n effect: Allow\n principal:\n service: ec2.amazonaws.com\n version: 2012-10-17\n example-AmazonEKSWorkerNodePolicy:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\n role: ${example.name}\n example-AmazonEKSCNIPolicy:\n type: aws:iam:RolePolicyAttachment\n name: example-AmazonEKS_CNI_Policy\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\n role: ${example.name}\n example-AmazonEC2ContainerRegistryReadOnly:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\n role: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Subnets for EKS Node Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n});\nconst example: aws.ec2.Subnet[] = [];\nfor (const range = {value: 0}; range.value \u003c 2; range.value++) {\n example.push(new aws.ec2.Subnet(`example-${range.value}`, {\n availabilityZone: available.then(available =\u003e available.names[range.value]),\n cidrBlock: std.cidrsubnet({\n input: exampleAwsVpc.cidrBlock,\n newbits: 8,\n netnum: range.value,\n }).then(invoke =\u003e invoke.result),\n vpcId: exampleAwsVpc.id,\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\navailable = aws.get_availability_zones(state=\"available\")\nexample = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n example.append(aws.ec2.Subnet(f\"example-{range['value']}\",\n availability_zone=available.names[range[\"value\"]],\n cidr_block=std.cidrsubnet(input=example_aws_vpc[\"cidrBlock\"],\n newbits=8,\n netnum=range[\"value\"]).result,\n vpc_id=example_aws_vpc[\"id\"]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n });\n\n var example = new List\u003cAws.Ec2.Subnet\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Ec2.Subnet($\"example-{range.Value}\", new()\n {\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names)[range.Value],\n CidrBlock = Std.Cidrsubnet.Invoke(new()\n {\n Input = exampleAwsVpc.CidrBlock,\n Newbits = 8,\n Netnum = range.Value,\n }).Apply(invoke =\u003e invoke.Result),\n VpcId = exampleAwsVpc.Id,\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeCidrsubnet, err := std.Cidrsubnet(ctx, \u0026std.CidrsubnetArgs{\n\t\t\tInput: exampleAwsVpc.CidrBlock,\n\t\t\tNewbits: 8,\n\t\t\tNetnum: val0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar example []*ec2.Subnet\n\t\tfor index := 0; index \u003c 2; index++ {\n\t\t\tkey0 := index\n\t\t\tval0 := index\n\t\t\t__res, err := ec2.NewSubnet(ctx, fmt.Sprintf(\"example-%v\", key0), \u0026ec2.SubnetArgs{\n\t\t\t\tAvailabilityZone: available.Names[val0],\n\t\t\t\tCidrBlock: invokeCidrsubnet.Result,\n\t\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\texample = append(example, __res)\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .build());\n\n for (var i = 0; i \u003c 2; i++) {\n new Subnet(\"example-\" + i, SubnetArgs.builder() \n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names())[range.value()])\n .cidrBlock(StdFunctions.cidrsubnet(CidrsubnetArgs.builder()\n .input(exampleAwsVpc.cidrBlock())\n .newbits(8)\n .netnum(range.value())\n .build()).result())\n .vpcId(exampleAwsVpc.id())\n .build());\n\n \n}\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS Node Groups using the `cluster_name` and `node_group_name` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:eks/nodeGroup:NodeGroup my_node_group my_cluster:my_node_group\n```\n", + "description": "Manages an EKS Node Group, which can provision and optionally update an Auto Scaling Group of Kubernetes worker nodes compatible with EKS. Additional documentation about this functionality can be found in the [EKS User Guide](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.NodeGroup(\"example\", {\n clusterName: exampleAwsEksCluster.name,\n nodeGroupName: \"example\",\n nodeRoleArn: exampleAwsIamRole.arn,\n subnetIds: exampleAwsSubnet.map(__item =\u003e __item.id),\n scalingConfig: {\n desiredSize: 1,\n maxSize: 2,\n minSize: 1,\n },\n updateConfig: {\n maxUnavailable: 1,\n },\n}, {\n dependsOn: [\n example_AmazonEKSWorkerNodePolicy,\n example_AmazonEKSCNIPolicy,\n example_AmazonEC2ContainerRegistryReadOnly,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.NodeGroup(\"example\",\n cluster_name=example_aws_eks_cluster[\"name\"],\n node_group_name=\"example\",\n node_role_arn=example_aws_iam_role[\"arn\"],\n subnet_ids=[__item[\"id\"] for __item in example_aws_subnet],\n scaling_config=aws.eks.NodeGroupScalingConfigArgs(\n desired_size=1,\n max_size=2,\n min_size=1,\n ),\n update_config=aws.eks.NodeGroupUpdateConfigArgs(\n max_unavailable=1,\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n example__amazon_eks_worker_node_policy,\n example__amazon_ekscni_policy,\n example__amazon_ec2_container_registry_read_only,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.NodeGroup(\"example\", new()\n {\n ClusterName = exampleAwsEksCluster.Name,\n NodeGroupName = \"example\",\n NodeRoleArn = exampleAwsIamRole.Arn,\n SubnetIds = exampleAwsSubnet.Select(__item =\u003e __item.Id).ToList(),\n ScalingConfig = new Aws.Eks.Inputs.NodeGroupScalingConfigArgs\n {\n DesiredSize = 1,\n MaxSize = 2,\n MinSize = 1,\n },\n UpdateConfig = new Aws.Eks.Inputs.NodeGroupUpdateConfigArgs\n {\n MaxUnavailable = 1,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example_AmazonEKSWorkerNodePolicy, \n example_AmazonEKSCNIPolicy, \n example_AmazonEC2ContainerRegistryReadOnly, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Id)\n}\n_, err := eks.NewNodeGroup(ctx, \"example\", \u0026eks.NodeGroupArgs{\nClusterName: pulumi.Any(exampleAwsEksCluster.Name),\nNodeGroupName: pulumi.String(\"example\"),\nNodeRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\nSubnetIds: toPulumiArray(splat0),\nScalingConfig: \u0026eks.NodeGroupScalingConfigArgs{\nDesiredSize: pulumi.Int(1),\nMaxSize: pulumi.Int(2),\nMinSize: pulumi.Int(1),\n},\nUpdateConfig: \u0026eks.NodeGroupUpdateConfigArgs{\nMaxUnavailable: pulumi.Int(1),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\nexample_AmazonEKSWorkerNodePolicy,\nexample_AmazonEKSCNIPolicy,\nexample_AmazonEC2ContainerRegistryReadOnly,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.NodeGroup;\nimport com.pulumi.aws.eks.NodeGroupArgs;\nimport com.pulumi.aws.eks.inputs.NodeGroupScalingConfigArgs;\nimport com.pulumi.aws.eks.inputs.NodeGroupUpdateConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NodeGroup(\"example\", NodeGroupArgs.builder() \n .clusterName(exampleAwsEksCluster.name())\n .nodeGroupName(\"example\")\n .nodeRoleArn(exampleAwsIamRole.arn())\n .subnetIds(exampleAwsSubnet.stream().map(element -\u003e element.id()).collect(toList()))\n .scalingConfig(NodeGroupScalingConfigArgs.builder()\n .desiredSize(1)\n .maxSize(2)\n .minSize(1)\n .build())\n .updateConfig(NodeGroupUpdateConfigArgs.builder()\n .maxUnavailable(1)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example_AmazonEKSWorkerNodePolicy,\n example_AmazonEKSCNIPolicy,\n example_AmazonEC2ContainerRegistryReadOnly)\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ignoring Changes to Desired Size\n\nYou can utilize [ignoreChanges](https://www.pulumi.com/docs/intro/concepts/programming-model/#ignorechanges) create an EKS Node Group with an initial size of running instances, then ignore any changes to that count caused externally (e.g. Application Autoscaling).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.eks.NodeGroup(\"example\", {scalingConfig: {\n desiredSize: 2,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.eks.NodeGroup(\"example\", scaling_config=aws.eks.NodeGroupScalingConfigArgs(\n desired_size=2,\n))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Eks.NodeGroup(\"example\", new()\n {\n ScalingConfig = new Aws.Eks.Inputs.NodeGroupScalingConfigArgs\n {\n DesiredSize = 2,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/eks\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := eks.NewNodeGroup(ctx, \"example\", \u0026eks.NodeGroupArgs{\n\t\t\tScalingConfig: \u0026eks.NodeGroupScalingConfigArgs{\n\t\t\t\tDesiredSize: pulumi.Int(2),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.eks.NodeGroup;\nimport com.pulumi.aws.eks.NodeGroupArgs;\nimport com.pulumi.aws.eks.inputs.NodeGroupScalingConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new NodeGroup(\"example\", NodeGroupArgs.builder() \n .scalingConfig(NodeGroupScalingConfigArgs.builder()\n .desiredSize(2)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:eks:NodeGroup\n properties:\n scalingConfig:\n desiredSize: 2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for EKS Node Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: \"eks-node-group-example\",\n assumeRolePolicy: JSON.stringify({\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n Version: \"2012-10-17\",\n }),\n});\nconst example_AmazonEKSWorkerNodePolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n role: example.name,\n});\nconst example_AmazonEKSCNIPolicy = new aws.iam.RolePolicyAttachment(\"example-AmazonEKS_CNI_Policy\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n role: example.name,\n});\nconst example_AmazonEC2ContainerRegistryReadOnly = new aws.iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", {\n policyArn: \"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=\"eks-node-group-example\",\n assume_role_policy=json.dumps({\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n \"Version\": \"2012-10-17\",\n }))\nexample__amazon_eks_worker_node_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n role=example.name)\nexample__amazon_ekscni_policy = aws.iam.RolePolicyAttachment(\"example-AmazonEKS_CNI_Policy\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n role=example.name)\nexample__amazon_ec2_container_registry_read_only = aws.iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\",\n policy_arn=\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"eks-node-group-example\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var example_AmazonEKSWorkerNodePolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\",\n Role = example.Name,\n });\n\n var example_AmazonEKSCNIPolicy = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEKS_CNI_Policy\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\",\n Role = example.Name,\n });\n\n var example_AmazonEC2ContainerRegistryReadOnly = new Aws.Iam.RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", new()\n {\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"eks-node-group-example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKSWorkerNodePolicy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEKS_CNI_Policy\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example-AmazonEC2ContainerRegistryReadOnly\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\"),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"eks-node-group-example\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"ec2.amazonaws.com\")\n ))\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var example_AmazonEKSWorkerNodePolicy = new RolePolicyAttachment(\"example-AmazonEKSWorkerNodePolicy\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\")\n .role(example.name())\n .build());\n\n var example_AmazonEKSCNIPolicy = new RolePolicyAttachment(\"example-AmazonEKSCNIPolicy\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\")\n .role(example.name())\n .build());\n\n var example_AmazonEC2ContainerRegistryReadOnly = new RolePolicyAttachment(\"example-AmazonEC2ContainerRegistryReadOnly\", RolePolicyAttachmentArgs.builder() \n .policyArn(\"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\")\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: eks-node-group-example\n assumeRolePolicy:\n fn::toJSON:\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Principal:\n Service: ec2.amazonaws.com\n Version: 2012-10-17\n example-AmazonEKSWorkerNodePolicy:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\n role: ${example.name}\n example-AmazonEKSCNIPolicy:\n type: aws:iam:RolePolicyAttachment\n name: example-AmazonEKS_CNI_Policy\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\n role: ${example.name}\n example-AmazonEC2ContainerRegistryReadOnly:\n type: aws:iam:RolePolicyAttachment\n properties:\n policyArn: arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly\n role: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example Subnets for EKS Node Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n});\nconst example: aws.ec2.Subnet[] = [];\nfor (const range = {value: 0}; range.value \u003c 2; range.value++) {\n example.push(new aws.ec2.Subnet(`example-${range.value}`, {\n availabilityZone: available.then(available =\u003e available.names[range.value]),\n cidrBlock: std.cidrsubnet({\n input: exampleAwsVpc.cidrBlock,\n newbits: 8,\n netnum: range.value,\n }).then(invoke =\u003e invoke.result),\n vpcId: exampleAwsVpc.id,\n }));\n}\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\navailable = aws.get_availability_zones(state=\"available\")\nexample = []\nfor range in [{\"value\": i} for i in range(0, 2)]:\n example.append(aws.ec2.Subnet(f\"example-{range['value']}\",\n availability_zone=available.names[range[\"value\"]],\n cidr_block=std.cidrsubnet(input=example_aws_vpc[\"cidrBlock\"],\n newbits=8,\n netnum=range[\"value\"]).result,\n vpc_id=example_aws_vpc[\"id\"]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n });\n\n var example = new List\u003cAws.Ec2.Subnet\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 2; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Ec2.Subnet($\"example-{range.Value}\", new()\n {\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names)[range.Value],\n CidrBlock = Std.Cidrsubnet.Invoke(new()\n {\n Input = exampleAwsVpc.CidrBlock,\n Newbits = 8,\n Netnum = range.Value,\n }).Apply(invoke =\u003e invoke.Result),\n VpcId = exampleAwsVpc.Id,\n }));\n }\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeCidrsubnet, err := std.Cidrsubnet(ctx, \u0026std.CidrsubnetArgs{\n\t\t\tInput: exampleAwsVpc.CidrBlock,\n\t\t\tNewbits: 8,\n\t\t\tNetnum: val0,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvar example []*ec2.Subnet\n\t\tfor index := 0; index \u003c 2; index++ {\n\t\t\tkey0 := index\n\t\t\tval0 := index\n\t\t\t__res, err := ec2.NewSubnet(ctx, fmt.Sprintf(\"example-%v\", key0), \u0026ec2.SubnetArgs{\n\t\t\t\tAvailabilityZone: available.Names[val0],\n\t\t\t\tCidrBlock: invokeCidrsubnet.Result,\n\t\t\t\tVpcId: pulumi.Any(exampleAwsVpc.Id),\n\t\t\t})\n\t\t\tif err != nil {\n\t\t\t\treturn err\n\t\t\t}\n\t\t\texample = append(example, __res)\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.codegen.internal.KeyedValue;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .build());\n\n for (var i = 0; i \u003c 2; i++) {\n new Subnet(\"example-\" + i, SubnetArgs.builder() \n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names())[range.value()])\n .cidrBlock(StdFunctions.cidrsubnet(CidrsubnetArgs.builder()\n .input(exampleAwsVpc.cidrBlock())\n .newbits(8)\n .netnum(range.value())\n .build()).result())\n .vpcId(exampleAwsVpc.id())\n .build());\n\n \n}\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import EKS Node Groups using the `cluster_name` and `node_group_name` separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:eks/nodeGroup:NodeGroup my_node_group my_cluster:my_node_group\n```\n", "properties": { "amiType": { "type": "string", @@ -237124,7 +237124,7 @@ } }, "aws:elasticsearch/domain:Domain": { - "description": "Manages an AWS Elasticsearch Domain.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticsearch.Domain(\"example\", {\n domainName: \"example\",\n elasticsearchVersion: \"7.10\",\n clusterConfig: {\n instanceType: \"r4.large.elasticsearch\",\n },\n tags: {\n Domain: \"TestDomain\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticsearch.Domain(\"example\",\n domain_name=\"example\",\n elasticsearch_version=\"7.10\",\n cluster_config=aws.elasticsearch.DomainClusterConfigArgs(\n instance_type=\"r4.large.elasticsearch\",\n ),\n tags={\n \"Domain\": \"TestDomain\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n ElasticsearchVersion = \"7.10\",\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r4.large.elasticsearch\",\n },\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tElasticsearchVersion: pulumi.String(\"7.10\"),\n\t\t\tClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r4.large.elasticsearch\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Domain\": pulumi.String(\"TestDomain\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(\"example\")\n .elasticsearchVersion(\"7.10\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r4.large.elasticsearch\")\n .build())\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticsearch:Domain\n properties:\n domainName: example\n elasticsearchVersion: '7.10'\n clusterConfig:\n instanceType: r4.large.elasticsearch\n tags:\n Domain: TestDomain\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Access Policy\n\n\u003e See also: `aws.elasticsearch.DomainPolicy` resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst example = new aws.elasticsearch.Domain(\"example\", {\n domainName: domain,\n accessPolicies: Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n}\n`),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample = aws.elasticsearch.Domain(\"example\",\n domain_name=domain,\n access_policies=f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\",\n \"Condition\": {{\n \"IpAddress\": {{\"aws:SourceIp\": [\"66.193.100.22/32\"]}}\n }}\n }}\n ]\n}}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n DomainName = domain,\n AccessPolicies = Output.Tuple(current, currentGetCallerIdentity).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": \"\"es:*\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\"\",\n \"\"Condition\"\": {{\n \"\"IpAddress\"\": {{\"\"aws:SourceIp\"\": [\"\"66.193.100.22/32\"\"]}}\n }}\n }}\n ]\n}}\n\";\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tdomain := \"tf-test\"\n\t\tif param := cfg.Get(\"domain\"); param != \"\" {\n\t\t\tdomain = param\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(domain),\n\t\t\tAccessPolicies: pulumi.Any(fmt.Sprintf(`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:%v:%v:domain/%v/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n}\n`, current.Name, currentGetCallerIdentity.AccountId, domain)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(domain)\n .accessPolicies(\"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:%s:%s:domain/%s/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n}\n\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n domain:\n type: string\n default: tf-test\nresources:\n example:\n type: aws:elasticsearch:Domain\n properties:\n domainName: ${domain}\n accessPolicies: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n }\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Log Publishing to CloudWatch Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"es.amazonaws.com\"],\n }],\n actions: [\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n resources: [\"arn:aws:logs:*\"],\n }],\n});\nconst exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"example\", {\n policyName: \"example\",\n policyDocument: example.then(example =\u003e example.json),\n});\nconst exampleDomain = new aws.elasticsearch.Domain(\"example\", {logPublishingOptions: [{\n cloudwatchLogGroupArn: exampleLogGroup.arn,\n logType: \"INDEX_SLOW_LOGS\",\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"es.amazonaws.com\"],\n )],\n actions=[\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n resources=[\"arn:aws:logs:*\"],\n)])\nexample_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"example\",\n policy_name=\"example\",\n policy_document=example.json)\nexample_domain = aws.elasticsearch.Domain(\"example\", log_publishing_options=[aws.elasticsearch.DomainLogPublishingOptionArgs(\n cloudwatch_log_group_arn=example_log_group.arn,\n log_type=\"INDEX_SLOW_LOGS\",\n)])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"es.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*\",\n },\n },\n },\n });\n\n var exampleLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"example\", new()\n {\n PolicyName = \"example\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDomain = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n LogPublishingOptions = new[]\n {\n new Aws.ElasticSearch.Inputs.DomainLogPublishingOptionArgs\n {\n CloudwatchLogGroupArn = exampleLogGroup.Arn,\n LogType = \"INDEX_SLOW_LOGS\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"es.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t\t\"logs:PutLogEventsBatch\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"example\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyName: pulumi.String(\"example\"),\n\t\t\tPolicyDocument: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tLogPublishingOptions: elasticsearch.DomainLogPublishingOptionArray{\n\t\t\t\t\u0026elasticsearch.DomainLogPublishingOptionArgs{\n\t\t\t\t\tCloudwatchLogGroupArn: exampleLogGroup.Arn,\n\t\t\t\t\tLogType: pulumi.String(\"INDEX_SLOW_LOGS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainLogPublishingOptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder() \n .name(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"es.amazonaws.com\")\n .build())\n .actions( \n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\")\n .resources(\"arn:aws:logs:*\")\n .build())\n .build());\n\n var exampleLogResourcePolicy = new LogResourcePolicy(\"exampleLogResourcePolicy\", LogResourcePolicyArgs.builder() \n .policyName(\"example\")\n .policyDocument(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder() \n .logPublishingOptions(DomainLogPublishingOptionArgs.builder()\n .cloudwatchLogGroupArn(exampleLogGroup.arn())\n .logType(\"INDEX_SLOW_LOGS\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: example\n exampleLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: example\n properties:\n policyName: example\n policyDocument: ${example.json}\n exampleDomain:\n type: aws:elasticsearch:Domain\n name: example\n properties:\n logPublishingOptions:\n - cloudwatchLogGroupArn: ${exampleLogGroup.arn}\n logType: INDEX_SLOW_LOGS\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - es.amazonaws.com\n actions:\n - logs:PutLogEvents\n - logs:PutLogEventsBatch\n - logs:CreateLogStream\n resources:\n - arn:aws:logs:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### VPC based ES\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst vpc = config.requireObject(\"vpc\");\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst selected = aws.ec2.getVpc({\n tags: {\n Name: vpc,\n },\n});\nconst selectedGetSubnets = selected.then(selected =\u003e aws.ec2.getSubnets({\n filters: [{\n name: \"vpc-id\",\n values: [selected.id],\n }],\n tags: {\n Tier: \"private\",\n },\n}));\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst es = new aws.ec2.SecurityGroup(\"es\", {\n name: `${vpc}-elasticsearch-${domain}`,\n description: \"Managed by Pulumi\",\n vpcId: selected.then(selected =\u003e selected.id),\n ingress: [{\n fromPort: 443,\n toPort: 443,\n protocol: \"tcp\",\n cidrBlocks: [selected.then(selected =\u003e selected.cidrBlock)],\n }],\n});\nconst esServiceLinkedRole = new aws.iam.ServiceLinkedRole(\"es\", {awsServiceName: \"opensearchservice.amazonaws.com\"});\nconst esDomain = new aws.elasticsearch.Domain(\"es\", {\n domainName: domain,\n elasticsearchVersion: \"6.3\",\n clusterConfig: {\n instanceType: \"m4.large.elasticsearch\",\n zoneAwarenessEnabled: true,\n },\n vpcOptions: {\n subnetIds: [\n selectedGetSubnets.then(selectedGetSubnets =\u003e selectedGetSubnets.ids?.[0]),\n selectedGetSubnets.then(selectedGetSubnets =\u003e selectedGetSubnets.ids?.[1]),\n ],\n securityGroupIds: [es.id],\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n accessPolicies: Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e `{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\"\n\t\t}\n\t]\n}\n`),\n tags: {\n Domain: \"TestDomain\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nvpc = config.require_object(\"vpc\")\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\nselected = aws.ec2.get_vpc(tags={\n \"Name\": vpc,\n})\nselected_get_subnets = aws.ec2.get_subnets(filters=[aws.ec2.GetSubnetsFilterArgs(\n name=\"vpc-id\",\n values=[selected.id],\n )],\n tags={\n \"Tier\": \"private\",\n })\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nes = aws.ec2.SecurityGroup(\"es\",\n name=f\"{vpc}-elasticsearch-{domain}\",\n description=\"Managed by Pulumi\",\n vpc_id=selected.id,\n ingress=[aws.ec2.SecurityGroupIngressArgs(\n from_port=443,\n to_port=443,\n protocol=\"tcp\",\n cidr_blocks=[selected.cidr_block],\n )])\nes_service_linked_role = aws.iam.ServiceLinkedRole(\"es\", aws_service_name=\"opensearchservice.amazonaws.com\")\nes_domain = aws.elasticsearch.Domain(\"es\",\n domain_name=domain,\n elasticsearch_version=\"6.3\",\n cluster_config=aws.elasticsearch.DomainClusterConfigArgs(\n instance_type=\"m4.large.elasticsearch\",\n zone_awareness_enabled=True,\n ),\n vpc_options=aws.elasticsearch.DomainVpcOptionsArgs(\n subnet_ids=[\n selected_get_subnets.ids[0],\n selected_get_subnets.ids[1],\n ],\n security_group_ids=[es.id],\n ),\n advanced_options={\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n access_policies=f\"\"\"{{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\"\n\t\t}}\n\t]\n}}\n\"\"\",\n tags={\n \"Domain\": \"TestDomain\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var vpc = config.RequireObject\u003cdynamic\u003e(\"vpc\");\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var selected = Aws.Ec2.GetVpc.Invoke(new()\n {\n Tags = \n {\n { \"Name\", vpc },\n },\n });\n\n var selectedGetSubnets = Aws.Ec2.GetSubnets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetsFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n selected.Apply(getVpcResult =\u003e getVpcResult.Id),\n },\n },\n },\n Tags = \n {\n { \"Tier\", \"private\" },\n },\n });\n\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var es = new Aws.Ec2.SecurityGroup(\"es\", new()\n {\n Name = $\"{vpc}-elasticsearch-{domain}\",\n Description = \"Managed by Pulumi\",\n VpcId = selected.Apply(getVpcResult =\u003e getVpcResult.Id),\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n FromPort = 443,\n ToPort = 443,\n Protocol = \"tcp\",\n CidrBlocks = new[]\n {\n selected.Apply(getVpcResult =\u003e getVpcResult.CidrBlock),\n },\n },\n },\n });\n\n var esServiceLinkedRole = new Aws.Iam.ServiceLinkedRole(\"es\", new()\n {\n AwsServiceName = \"opensearchservice.amazonaws.com\",\n });\n\n var esDomain = new Aws.ElasticSearch.Domain(\"es\", new()\n {\n DomainName = domain,\n ElasticsearchVersion = \"6.3\",\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"m4.large.elasticsearch\",\n ZoneAwarenessEnabled = true,\n },\n VpcOptions = new Aws.ElasticSearch.Inputs.DomainVpcOptionsArgs\n {\n SubnetIds = new[]\n {\n selectedGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[0]),\n selectedGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[1]),\n },\n SecurityGroupIds = new[]\n {\n es.Id,\n },\n },\n AdvancedOptions = \n {\n { \"rest.action.multi.allow_explicit_index\", \"true\" },\n },\n AccessPolicies = Output.Tuple(current, currentGetCallerIdentity).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n return @$\"{{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{{\n\t\t\t\"\"Action\"\": \"\"es:*\"\",\n\t\t\t\"\"Principal\"\": \"\"*\"\",\n\t\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\t\"\"Resource\"\": \"\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\"\"\n\t\t}}\n\t]\n}}\n\";\n }),\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncfg := config.New(ctx, \"\")\nvpc := cfg.RequireObject(\"vpc\")\ndomain := \"tf-test\";\nif param := cfg.Get(\"domain\"); param != \"\"{\ndomain = param\n}\nselected, err := ec2.LookupVpc(ctx, \u0026ec2.LookupVpcArgs{\nTags: interface{}{\nName: vpc,\n},\n}, nil);\nif err != nil {\nreturn err\n}\nselectedGetSubnets, err := ec2.GetSubnets(ctx, \u0026ec2.GetSubnetsArgs{\nFilters: []ec2.GetSubnetsFilter{\n{\nName: \"vpc-id\",\nValues: interface{}{\nselected.Id,\n},\n},\n},\nTags: map[string]interface{}{\n\"Tier\": \"private\",\n},\n}, nil);\nif err != nil {\nreturn err\n}\ncurrent, err := aws.GetRegion(ctx, nil, nil);\nif err != nil {\nreturn err\n}\ncurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nes, err := ec2.NewSecurityGroup(ctx, \"es\", \u0026ec2.SecurityGroupArgs{\nName: pulumi.String(fmt.Sprintf(\"%v-elasticsearch-%v\", vpc, domain)),\nDescription: pulumi.String(\"Managed by Pulumi\"),\nVpcId: pulumi.String(selected.Id),\nIngress: ec2.SecurityGroupIngressArray{\n\u0026ec2.SecurityGroupIngressArgs{\nFromPort: pulumi.Int(443),\nToPort: pulumi.Int(443),\nProtocol: pulumi.String(\"tcp\"),\nCidrBlocks: pulumi.StringArray{\npulumi.String(selected.CidrBlock),\n},\n},\n},\n})\nif err != nil {\nreturn err\n}\n_, err = iam.NewServiceLinkedRole(ctx, \"es\", \u0026iam.ServiceLinkedRoleArgs{\nAwsServiceName: pulumi.String(\"opensearchservice.amazonaws.com\"),\n})\nif err != nil {\nreturn err\n}\n_, err = elasticsearch.NewDomain(ctx, \"es\", \u0026elasticsearch.DomainArgs{\nDomainName: pulumi.String(domain),\nElasticsearchVersion: pulumi.String(\"6.3\"),\nClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\nInstanceType: pulumi.String(\"m4.large.elasticsearch\"),\nZoneAwarenessEnabled: pulumi.Bool(true),\n},\nVpcOptions: \u0026elasticsearch.DomainVpcOptionsArgs{\nSubnetIds: pulumi.StringArray{\npulumi.String(selectedGetSubnets.Ids[0]),\npulumi.String(selectedGetSubnets.Ids[1]),\n},\nSecurityGroupIds: pulumi.StringArray{\nes.ID(),\n},\n},\nAdvancedOptions: pulumi.StringMap{\n\"rest.action.multi.allow_explicit_index\": pulumi.String(\"true\"),\n},\nAccessPolicies: pulumi.Any(fmt.Sprintf(`{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:%v:%v:domain/%v/*\"\n\t\t}\n\t]\n}\n`, current.Name, currentGetCallerIdentity.AccountId, domain)),\nTags: pulumi.StringMap{\n\"Domain\": pulumi.String(\"TestDomain\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcArgs;\nimport com.pulumi.aws.ec2.inputs.GetSubnetsArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;\nimport com.pulumi.aws.iam.ServiceLinkedRole;\nimport com.pulumi.aws.iam.ServiceLinkedRoleArgs;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainVpcOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var vpc = config.get(\"vpc\");\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var selected = Ec2Functions.getVpc(GetVpcArgs.builder()\n .tags(Map.of(\"Name\", vpc))\n .build());\n\n final var selectedGetSubnets = Ec2Functions.getSubnets(GetSubnetsArgs.builder()\n .filters(GetSubnetsFilterArgs.builder()\n .name(\"vpc-id\")\n .values(selected.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .build())\n .tags(Map.of(\"Tier\", \"private\"))\n .build());\n\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var es = new SecurityGroup(\"es\", SecurityGroupArgs.builder() \n .name(String.format(\"%s-elasticsearch-%s\", vpc,domain))\n .description(\"Managed by Pulumi\")\n .vpcId(selected.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .ingress(SecurityGroupIngressArgs.builder()\n .fromPort(443)\n .toPort(443)\n .protocol(\"tcp\")\n .cidrBlocks(selected.applyValue(getVpcResult -\u003e getVpcResult.cidrBlock()))\n .build())\n .build());\n\n var esServiceLinkedRole = new ServiceLinkedRole(\"esServiceLinkedRole\", ServiceLinkedRoleArgs.builder() \n .awsServiceName(\"opensearchservice.amazonaws.com\")\n .build());\n\n var esDomain = new Domain(\"esDomain\", DomainArgs.builder() \n .domainName(domain)\n .elasticsearchVersion(\"6.3\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"m4.large.elasticsearch\")\n .zoneAwarenessEnabled(true)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .subnetIds( \n selectedGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[0]),\n selectedGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[1]))\n .securityGroupIds(es.id())\n .build())\n .advancedOptions(Map.of(\"rest.action.multi.allow_explicit_index\", \"true\"))\n .accessPolicies(\"\"\"\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:%s:%s:domain/%s/*\"\n\t\t}\n\t]\n}\n\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n vpc:\n type: dynamic\n domain:\n type: string\n default: tf-test\nresources:\n es:\n type: aws:ec2:SecurityGroup\n properties:\n name: ${vpc}-elasticsearch-${domain}\n description: Managed by Pulumi\n vpcId: ${selected.id}\n ingress:\n - fromPort: 443\n toPort: 443\n protocol: tcp\n cidrBlocks:\n - ${selected.cidrBlock}\n esServiceLinkedRole:\n type: aws:iam:ServiceLinkedRole\n name: es\n properties:\n awsServiceName: opensearchservice.amazonaws.com\n esDomain:\n type: aws:elasticsearch:Domain\n name: es\n properties:\n domainName: ${domain}\n elasticsearchVersion: '6.3'\n clusterConfig:\n instanceType: m4.large.elasticsearch\n zoneAwarenessEnabled: true\n vpcOptions:\n subnetIds:\n - ${selectedGetSubnets.ids[0]}\n - ${selectedGetSubnets.ids[1]}\n securityGroupIds:\n - ${es.id}\n advancedOptions:\n rest.action.multi.allow_explicit_index: 'true'\n accessPolicies: |\n {\n \t\"Version\": \"2012-10-17\",\n \t\"Statement\": [\n \t\t{\n \t\t\t\"Action\": \"es:*\",\n \t\t\t\"Principal\": \"*\",\n \t\t\t\"Effect\": \"Allow\",\n \t\t\t\"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\"\n \t\t}\n \t]\n }\n tags:\n Domain: TestDomain\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getVpc\n Arguments:\n tags:\n Name: ${vpc}\n selectedGetSubnets:\n fn::invoke:\n Function: aws:ec2:getSubnets\n Arguments:\n filters:\n - name: vpc-id\n values:\n - ${selected.id}\n tags:\n Tier: private\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Elasticsearch domains using the `domain_name`. For example:\n\n```sh\n$ pulumi import aws:elasticsearch/domain:Domain example domain_name\n```\n", + "description": "Manages an AWS Elasticsearch Domain.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.elasticsearch.Domain(\"example\", {\n domainName: \"example\",\n elasticsearchVersion: \"7.10\",\n clusterConfig: {\n instanceType: \"r4.large.elasticsearch\",\n },\n tags: {\n Domain: \"TestDomain\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.elasticsearch.Domain(\"example\",\n domain_name=\"example\",\n elasticsearch_version=\"7.10\",\n cluster_config=aws.elasticsearch.DomainClusterConfigArgs(\n instance_type=\"r4.large.elasticsearch\",\n ),\n tags={\n \"Domain\": \"TestDomain\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n ElasticsearchVersion = \"7.10\",\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r4.large.elasticsearch\",\n },\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tElasticsearchVersion: pulumi.String(\"7.10\"),\n\t\t\tClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r4.large.elasticsearch\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Domain\": pulumi.String(\"TestDomain\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(\"example\")\n .elasticsearchVersion(\"7.10\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r4.large.elasticsearch\")\n .build())\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:elasticsearch:Domain\n properties:\n domainName: example\n elasticsearchVersion: '7.10'\n clusterConfig:\n instanceType: r4.large.elasticsearch\n tags:\n Domain: TestDomain\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Access Policy\n\n\u003e See also: `aws.elasticsearch.DomainPolicy` resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst example = new aws.elasticsearch.Domain(\"example\", {\n domainName: domain,\n accessPolicies: Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e `{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n}\n`),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample = aws.elasticsearch.Domain(\"example\",\n domain_name=domain,\n access_policies=f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\",\n \"Condition\": {{\n \"IpAddress\": {{\"aws:SourceIp\": [\"66.193.100.22/32\"]}}\n }}\n }}\n ]\n}}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n DomainName = domain,\n AccessPolicies = Output.Tuple(current, currentGetCallerIdentity).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Action\"\": \"\"es:*\"\",\n \"\"Principal\"\": \"\"*\"\",\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Resource\"\": \"\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\"\",\n \"\"Condition\"\": {{\n \"\"IpAddress\"\": {{\"\"aws:SourceIp\"\": [\"\"66.193.100.22/32\"\"]}}\n }}\n }}\n ]\n}}\n\";\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tdomain := \"tf-test\"\n\t\tif param := cfg.Get(\"domain\"); param != \"\" {\n\t\t\tdomain = param\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(domain),\n\t\t\tAccessPolicies: pulumi.Any(fmt.Sprintf(`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:%v:%v:domain/%v/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n}\n`, current.Name, currentGetCallerIdentity.AccountId, domain)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(domain)\n .accessPolicies(\"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:%s:%s:domain/%s/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n}\n\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n domain:\n type: string\n default: tf-test\nresources:\n example:\n type: aws:elasticsearch:Domain\n properties:\n domainName: ${domain}\n accessPolicies: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"es:*\",\n \"Principal\": \"*\",\n \"Effect\": \"Allow\",\n \"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\",\n \"Condition\": {\n \"IpAddress\": {\"aws:SourceIp\": [\"66.193.100.22/32\"]}\n }\n }\n ]\n }\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Log Publishing to CloudWatch Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"es.amazonaws.com\"],\n }],\n actions: [\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n resources: [\"arn:aws:logs:*\"],\n }],\n});\nconst exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"example\", {\n policyName: \"example\",\n policyDocument: example.then(example =\u003e example.json),\n});\nconst exampleDomain = new aws.elasticsearch.Domain(\"example\", {logPublishingOptions: [{\n cloudwatchLogGroupArn: exampleLogGroup.arn,\n logType: \"INDEX_SLOW_LOGS\",\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"es.amazonaws.com\"],\n )],\n actions=[\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n resources=[\"arn:aws:logs:*\"],\n)])\nexample_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"example\",\n policy_name=\"example\",\n policy_document=example.json)\nexample_domain = aws.elasticsearch.Domain(\"example\", log_publishing_options=[aws.elasticsearch.DomainLogPublishingOptionArgs(\n cloudwatch_log_group_arn=example_log_group.arn,\n log_type=\"INDEX_SLOW_LOGS\",\n)])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"es.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*\",\n },\n },\n },\n });\n\n var exampleLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"example\", new()\n {\n PolicyName = \"example\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDomain = new Aws.ElasticSearch.Domain(\"example\", new()\n {\n LogPublishingOptions = new[]\n {\n new Aws.ElasticSearch.Inputs.DomainLogPublishingOptionArgs\n {\n CloudwatchLogGroupArn = exampleLogGroup.Arn,\n LogType = \"INDEX_SLOW_LOGS\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"es.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t\t\"logs:PutLogEventsBatch\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"example\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyName: pulumi.String(\"example\"),\n\t\t\tPolicyDocument: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = elasticsearch.NewDomain(ctx, \"example\", \u0026elasticsearch.DomainArgs{\n\t\t\tLogPublishingOptions: elasticsearch.DomainLogPublishingOptionArray{\n\t\t\t\t\u0026elasticsearch.DomainLogPublishingOptionArgs{\n\t\t\t\t\tCloudwatchLogGroupArn: exampleLogGroup.Arn,\n\t\t\t\t\tLogType: pulumi.String(\"INDEX_SLOW_LOGS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainLogPublishingOptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder() \n .name(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"es.amazonaws.com\")\n .build())\n .actions( \n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\")\n .resources(\"arn:aws:logs:*\")\n .build())\n .build());\n\n var exampleLogResourcePolicy = new LogResourcePolicy(\"exampleLogResourcePolicy\", LogResourcePolicyArgs.builder() \n .policyName(\"example\")\n .policyDocument(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder() \n .logPublishingOptions(DomainLogPublishingOptionArgs.builder()\n .cloudwatchLogGroupArn(exampleLogGroup.arn())\n .logType(\"INDEX_SLOW_LOGS\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: example\n exampleLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: example\n properties:\n policyName: example\n policyDocument: ${example.json}\n exampleDomain:\n type: aws:elasticsearch:Domain\n name: example\n properties:\n logPublishingOptions:\n - cloudwatchLogGroupArn: ${exampleLogGroup.arn}\n logType: INDEX_SLOW_LOGS\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - es.amazonaws.com\n actions:\n - logs:PutLogEvents\n - logs:PutLogEventsBatch\n - logs:CreateLogStream\n resources:\n - arn:aws:logs:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### VPC based ES\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst vpc = config.requireObject(\"vpc\");\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst selected = aws.ec2.getVpc({\n tags: {\n Name: vpc,\n },\n});\nconst selectedGetSubnets = selected.then(selected =\u003e aws.ec2.getSubnets({\n filters: [{\n name: \"vpc-id\",\n values: [selected.id],\n }],\n tags: {\n Tier: \"private\",\n },\n}));\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst es = new aws.ec2.SecurityGroup(\"es\", {\n name: `${vpc}-elasticsearch-${domain}`,\n description: \"Managed by Pulumi\",\n vpcId: selected.then(selected =\u003e selected.id),\n ingress: [{\n fromPort: 443,\n toPort: 443,\n protocol: \"tcp\",\n cidrBlocks: [selected.then(selected =\u003e selected.cidrBlock)],\n }],\n});\nconst esServiceLinkedRole = new aws.iam.ServiceLinkedRole(\"es\", {awsServiceName: \"opensearchservice.amazonaws.com\"});\nconst esDomain = new aws.elasticsearch.Domain(\"es\", {\n domainName: domain,\n elasticsearchVersion: \"6.3\",\n clusterConfig: {\n instanceType: \"m4.large.elasticsearch\",\n zoneAwarenessEnabled: true,\n },\n vpcOptions: {\n subnetIds: [\n selectedGetSubnets.then(selectedGetSubnets =\u003e selectedGetSubnets.ids?.[0]),\n selectedGetSubnets.then(selectedGetSubnets =\u003e selectedGetSubnets.ids?.[1]),\n ],\n securityGroupIds: [es.id],\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n accessPolicies: Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e `{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\"\n\t\t}\n\t]\n}\n`),\n tags: {\n Domain: \"TestDomain\",\n },\n}, {\n dependsOn: [esServiceLinkedRole],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nvpc = config.require_object(\"vpc\")\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\nselected = aws.ec2.get_vpc(tags={\n \"Name\": vpc,\n})\nselected_get_subnets = aws.ec2.get_subnets(filters=[aws.ec2.GetSubnetsFilterArgs(\n name=\"vpc-id\",\n values=[selected.id],\n )],\n tags={\n \"Tier\": \"private\",\n })\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nes = aws.ec2.SecurityGroup(\"es\",\n name=f\"{vpc}-elasticsearch-{domain}\",\n description=\"Managed by Pulumi\",\n vpc_id=selected.id,\n ingress=[aws.ec2.SecurityGroupIngressArgs(\n from_port=443,\n to_port=443,\n protocol=\"tcp\",\n cidr_blocks=[selected.cidr_block],\n )])\nes_service_linked_role = aws.iam.ServiceLinkedRole(\"es\", aws_service_name=\"opensearchservice.amazonaws.com\")\nes_domain = aws.elasticsearch.Domain(\"es\",\n domain_name=domain,\n elasticsearch_version=\"6.3\",\n cluster_config=aws.elasticsearch.DomainClusterConfigArgs(\n instance_type=\"m4.large.elasticsearch\",\n zone_awareness_enabled=True,\n ),\n vpc_options=aws.elasticsearch.DomainVpcOptionsArgs(\n subnet_ids=[\n selected_get_subnets.ids[0],\n selected_get_subnets.ids[1],\n ],\n security_group_ids=[es.id],\n ),\n advanced_options={\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n access_policies=f\"\"\"{{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\"\n\t\t}}\n\t]\n}}\n\"\"\",\n tags={\n \"Domain\": \"TestDomain\",\n },\n opts=pulumi.ResourceOptions(depends_on=[es_service_linked_role]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var vpc = config.RequireObject\u003cdynamic\u003e(\"vpc\");\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var selected = Aws.Ec2.GetVpc.Invoke(new()\n {\n Tags = \n {\n { \"Name\", vpc },\n },\n });\n\n var selectedGetSubnets = Aws.Ec2.GetSubnets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetsFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n selected.Apply(getVpcResult =\u003e getVpcResult.Id),\n },\n },\n },\n Tags = \n {\n { \"Tier\", \"private\" },\n },\n });\n\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var es = new Aws.Ec2.SecurityGroup(\"es\", new()\n {\n Name = $\"{vpc}-elasticsearch-{domain}\",\n Description = \"Managed by Pulumi\",\n VpcId = selected.Apply(getVpcResult =\u003e getVpcResult.Id),\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n FromPort = 443,\n ToPort = 443,\n Protocol = \"tcp\",\n CidrBlocks = new[]\n {\n selected.Apply(getVpcResult =\u003e getVpcResult.CidrBlock),\n },\n },\n },\n });\n\n var esServiceLinkedRole = new Aws.Iam.ServiceLinkedRole(\"es\", new()\n {\n AwsServiceName = \"opensearchservice.amazonaws.com\",\n });\n\n var esDomain = new Aws.ElasticSearch.Domain(\"es\", new()\n {\n DomainName = domain,\n ElasticsearchVersion = \"6.3\",\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"m4.large.elasticsearch\",\n ZoneAwarenessEnabled = true,\n },\n VpcOptions = new Aws.ElasticSearch.Inputs.DomainVpcOptionsArgs\n {\n SubnetIds = new[]\n {\n selectedGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[0]),\n selectedGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[1]),\n },\n SecurityGroupIds = new[]\n {\n es.Id,\n },\n },\n AdvancedOptions = \n {\n { \"rest.action.multi.allow_explicit_index\", \"true\" },\n },\n AccessPolicies = Output.Tuple(current, currentGetCallerIdentity).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n return @$\"{{\n\t\"\"Version\"\": \"\"2012-10-17\"\",\n\t\"\"Statement\"\": [\n\t\t{{\n\t\t\t\"\"Action\"\": \"\"es:*\"\",\n\t\t\t\"\"Principal\"\": \"\"*\"\",\n\t\t\t\"\"Effect\"\": \"\"Allow\"\",\n\t\t\t\"\"Resource\"\": \"\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\"\"\n\t\t}}\n\t]\n}}\n\";\n }),\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n esServiceLinkedRole, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncfg := config.New(ctx, \"\")\nvpc := cfg.RequireObject(\"vpc\")\ndomain := \"tf-test\";\nif param := cfg.Get(\"domain\"); param != \"\"{\ndomain = param\n}\nselected, err := ec2.LookupVpc(ctx, \u0026ec2.LookupVpcArgs{\nTags: interface{}{\nName: vpc,\n},\n}, nil);\nif err != nil {\nreturn err\n}\nselectedGetSubnets, err := ec2.GetSubnets(ctx, \u0026ec2.GetSubnetsArgs{\nFilters: []ec2.GetSubnetsFilter{\n{\nName: \"vpc-id\",\nValues: interface{}{\nselected.Id,\n},\n},\n},\nTags: map[string]interface{}{\n\"Tier\": \"private\",\n},\n}, nil);\nif err != nil {\nreturn err\n}\ncurrent, err := aws.GetRegion(ctx, nil, nil);\nif err != nil {\nreturn err\n}\ncurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nes, err := ec2.NewSecurityGroup(ctx, \"es\", \u0026ec2.SecurityGroupArgs{\nName: pulumi.String(fmt.Sprintf(\"%v-elasticsearch-%v\", vpc, domain)),\nDescription: pulumi.String(\"Managed by Pulumi\"),\nVpcId: pulumi.String(selected.Id),\nIngress: ec2.SecurityGroupIngressArray{\n\u0026ec2.SecurityGroupIngressArgs{\nFromPort: pulumi.Int(443),\nToPort: pulumi.Int(443),\nProtocol: pulumi.String(\"tcp\"),\nCidrBlocks: pulumi.StringArray{\npulumi.String(selected.CidrBlock),\n},\n},\n},\n})\nif err != nil {\nreturn err\n}\nesServiceLinkedRole, err := iam.NewServiceLinkedRole(ctx, \"es\", \u0026iam.ServiceLinkedRoleArgs{\nAwsServiceName: pulumi.String(\"opensearchservice.amazonaws.com\"),\n})\nif err != nil {\nreturn err\n}\n_, err = elasticsearch.NewDomain(ctx, \"es\", \u0026elasticsearch.DomainArgs{\nDomainName: pulumi.String(domain),\nElasticsearchVersion: pulumi.String(\"6.3\"),\nClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\nInstanceType: pulumi.String(\"m4.large.elasticsearch\"),\nZoneAwarenessEnabled: pulumi.Bool(true),\n},\nVpcOptions: \u0026elasticsearch.DomainVpcOptionsArgs{\nSubnetIds: pulumi.StringArray{\npulumi.String(selectedGetSubnets.Ids[0]),\npulumi.String(selectedGetSubnets.Ids[1]),\n},\nSecurityGroupIds: pulumi.StringArray{\nes.ID(),\n},\n},\nAdvancedOptions: pulumi.StringMap{\n\"rest.action.multi.allow_explicit_index\": pulumi.String(\"true\"),\n},\nAccessPolicies: pulumi.Any(fmt.Sprintf(`{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:%v:%v:domain/%v/*\"\n\t\t}\n\t]\n}\n`, current.Name, currentGetCallerIdentity.AccountId, domain)),\nTags: pulumi.StringMap{\n\"Domain\": pulumi.String(\"TestDomain\"),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\nesServiceLinkedRole,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcArgs;\nimport com.pulumi.aws.ec2.inputs.GetSubnetsArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;\nimport com.pulumi.aws.iam.ServiceLinkedRole;\nimport com.pulumi.aws.iam.ServiceLinkedRoleArgs;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainVpcOptionsArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var vpc = config.get(\"vpc\");\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var selected = Ec2Functions.getVpc(GetVpcArgs.builder()\n .tags(Map.of(\"Name\", vpc))\n .build());\n\n final var selectedGetSubnets = Ec2Functions.getSubnets(GetSubnetsArgs.builder()\n .filters(GetSubnetsFilterArgs.builder()\n .name(\"vpc-id\")\n .values(selected.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .build())\n .tags(Map.of(\"Tier\", \"private\"))\n .build());\n\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var es = new SecurityGroup(\"es\", SecurityGroupArgs.builder() \n .name(String.format(\"%s-elasticsearch-%s\", vpc,domain))\n .description(\"Managed by Pulumi\")\n .vpcId(selected.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .ingress(SecurityGroupIngressArgs.builder()\n .fromPort(443)\n .toPort(443)\n .protocol(\"tcp\")\n .cidrBlocks(selected.applyValue(getVpcResult -\u003e getVpcResult.cidrBlock()))\n .build())\n .build());\n\n var esServiceLinkedRole = new ServiceLinkedRole(\"esServiceLinkedRole\", ServiceLinkedRoleArgs.builder() \n .awsServiceName(\"opensearchservice.amazonaws.com\")\n .build());\n\n var esDomain = new Domain(\"esDomain\", DomainArgs.builder() \n .domainName(domain)\n .elasticsearchVersion(\"6.3\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"m4.large.elasticsearch\")\n .zoneAwarenessEnabled(true)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .subnetIds( \n selectedGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[0]),\n selectedGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[1]))\n .securityGroupIds(es.id())\n .build())\n .advancedOptions(Map.of(\"rest.action.multi.allow_explicit_index\", \"true\"))\n .accessPolicies(\"\"\"\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n\t\t\t\"Action\": \"es:*\",\n\t\t\t\"Principal\": \"*\",\n\t\t\t\"Effect\": \"Allow\",\n\t\t\t\"Resource\": \"arn:aws:es:%s:%s:domain/%s/*\"\n\t\t}\n\t]\n}\n\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(esServiceLinkedRole)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n vpc:\n type: dynamic\n domain:\n type: string\n default: tf-test\nresources:\n es:\n type: aws:ec2:SecurityGroup\n properties:\n name: ${vpc}-elasticsearch-${domain}\n description: Managed by Pulumi\n vpcId: ${selected.id}\n ingress:\n - fromPort: 443\n toPort: 443\n protocol: tcp\n cidrBlocks:\n - ${selected.cidrBlock}\n esServiceLinkedRole:\n type: aws:iam:ServiceLinkedRole\n name: es\n properties:\n awsServiceName: opensearchservice.amazonaws.com\n esDomain:\n type: aws:elasticsearch:Domain\n name: es\n properties:\n domainName: ${domain}\n elasticsearchVersion: '6.3'\n clusterConfig:\n instanceType: m4.large.elasticsearch\n zoneAwarenessEnabled: true\n vpcOptions:\n subnetIds:\n - ${selectedGetSubnets.ids[0]}\n - ${selectedGetSubnets.ids[1]}\n securityGroupIds:\n - ${es.id}\n advancedOptions:\n rest.action.multi.allow_explicit_index: 'true'\n accessPolicies: |\n {\n \t\"Version\": \"2012-10-17\",\n \t\"Statement\": [\n \t\t{\n \t\t\t\"Action\": \"es:*\",\n \t\t\t\"Principal\": \"*\",\n \t\t\t\"Effect\": \"Allow\",\n \t\t\t\"Resource\": \"arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\"\n \t\t}\n \t]\n }\n tags:\n Domain: TestDomain\n options:\n dependson:\n - ${esServiceLinkedRole}\nvariables:\n selected:\n fn::invoke:\n Function: aws:ec2:getVpc\n Arguments:\n tags:\n Name: ${vpc}\n selectedGetSubnets:\n fn::invoke:\n Function: aws:ec2:getSubnets\n Arguments:\n filters:\n - name: vpc-id\n values:\n - ${selected.id}\n tags:\n Tier: private\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Elasticsearch domains using the `domain_name`. For example:\n\n```sh\n$ pulumi import aws:elasticsearch/domain:Domain example domain_name\n```\n", "properties": { "accessPolicies": { "type": "string", @@ -242609,7 +242609,7 @@ } }, "aws:finspace/kxUser:KxUser": { - "description": "Resource for managing an AWS FinSpace Kx User.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {\n description: \"Example KMS Key\",\n deletionWindowInDays: 7,\n});\nconst exampleKxEnvironment = new aws.finspace.KxEnvironment(\"example\", {\n name: \"my-tf-kx-environment\",\n kmsKeyId: example.arn,\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example-role\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleKxUser = new aws.finspace.KxUser(\"example\", {\n name: \"my-tf-kx-user\",\n environmentId: exampleKxEnvironment.id,\n iamRole: exampleRole.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\",\n description=\"Example KMS Key\",\n deletion_window_in_days=7)\nexample_kx_environment = aws.finspace.KxEnvironment(\"example\",\n name=\"my-tf-kx-environment\",\n kms_key_id=example.arn)\nexample_role = aws.iam.Role(\"example\",\n name=\"example-role\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"ec2.amazonaws.com\",\n },\n }],\n }))\nexample_kx_user = aws.finspace.KxUser(\"example\",\n name=\"my-tf-kx-user\",\n environment_id=example_kx_environment.id,\n iam_role=example_role.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Example KMS Key\",\n DeletionWindowInDays = 7,\n });\n\n var exampleKxEnvironment = new Aws.FinSpace.KxEnvironment(\"example\", new()\n {\n Name = \"my-tf-kx-environment\",\n KmsKeyId = example.Arn,\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example-role\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleKxUser = new Aws.FinSpace.KxUser(\"example\", new()\n {\n Name = \"my-tf-kx-user\",\n EnvironmentId = exampleKxEnvironment.Id,\n IamRole = exampleRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/finspace\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Example KMS Key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKxEnvironment, err := finspace.NewKxEnvironment(ctx, \"example\", \u0026finspace.KxEnvironmentArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-environment\"),\n\t\t\tKmsKeyId: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = finspace.NewKxUser(ctx, \"example\", \u0026finspace.KxUserArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-user\"),\n\t\t\tEnvironmentId: exampleKxEnvironment.ID(),\n\t\t\tIamRole: exampleRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.finspace.KxEnvironment;\nimport com.pulumi.aws.finspace.KxEnvironmentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.finspace.KxUser;\nimport com.pulumi.aws.finspace.KxUserArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder() \n .description(\"Example KMS Key\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleKxEnvironment = new KxEnvironment(\"exampleKxEnvironment\", KxEnvironmentArgs.builder() \n .name(\"my-tf-kx-environment\")\n .kmsKeyId(example.arn())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"example-role\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleKxUser = new KxUser(\"exampleKxUser\", KxUserArgs.builder() \n .name(\"my-tf-kx-user\")\n .environmentId(exampleKxEnvironment.id())\n .iamRole(exampleRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: Example KMS Key\n deletionWindowInDays: 7\n exampleKxEnvironment:\n type: aws:finspace:KxEnvironment\n name: example\n properties:\n name: my-tf-kx-environment\n kmsKeyId: ${example.arn}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example-role\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: ec2.amazonaws.com\n exampleKxUser:\n type: aws:finspace:KxUser\n name: example\n properties:\n name: my-tf-kx-user\n environmentId: ${exampleKxEnvironment.id}\n iamRole: ${exampleRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an AWS FinSpace Kx User using the `id` (environment ID and user name, comma-delimited). For example:\n\n```sh\n$ pulumi import aws:finspace/kxUser:KxUser example n3ceo7wqxoxcti5tujqwzs,my-tf-kx-user\n```\n", + "description": "Resource for managing an AWS FinSpace Kx User.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {\n description: \"Example KMS Key\",\n deletionWindowInDays: 7,\n});\nconst exampleKxEnvironment = new aws.finspace.KxEnvironment(\"example\", {\n name: \"my-tf-kx-environment\",\n kmsKeyId: example.arn,\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example-role\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleKxUser = new aws.finspace.KxUser(\"example\", {\n name: \"my-tf-kx-user\",\n environmentId: exampleKxEnvironment.id,\n iamRole: exampleRole.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\",\n description=\"Example KMS Key\",\n deletion_window_in_days=7)\nexample_kx_environment = aws.finspace.KxEnvironment(\"example\",\n name=\"my-tf-kx-environment\",\n kms_key_id=example.arn)\nexample_role = aws.iam.Role(\"example\",\n name=\"example-role\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n }))\nexample_kx_user = aws.finspace.KxUser(\"example\",\n name=\"my-tf-kx-user\",\n environment_id=example_kx_environment.id,\n iam_role=example_role.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Example KMS Key\",\n DeletionWindowInDays = 7,\n });\n\n var exampleKxEnvironment = new Aws.FinSpace.KxEnvironment(\"example\", new()\n {\n Name = \"my-tf-kx-environment\",\n KmsKeyId = example.Arn,\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example-role\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleKxUser = new Aws.FinSpace.KxUser(\"example\", new()\n {\n Name = \"my-tf-kx-user\",\n EnvironmentId = exampleKxEnvironment.Id,\n IamRole = exampleRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/finspace\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Example KMS Key\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKxEnvironment, err := finspace.NewKxEnvironment(ctx, \"example\", \u0026finspace.KxEnvironmentArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-environment\"),\n\t\t\tKmsKeyId: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example-role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = finspace.NewKxUser(ctx, \"example\", \u0026finspace.KxUserArgs{\n\t\t\tName: pulumi.String(\"my-tf-kx-user\"),\n\t\t\tEnvironmentId: exampleKxEnvironment.ID(),\n\t\t\tIamRole: exampleRole.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.finspace.KxEnvironment;\nimport com.pulumi.aws.finspace.KxEnvironmentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.finspace.KxUser;\nimport com.pulumi.aws.finspace.KxUserArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder() \n .description(\"Example KMS Key\")\n .deletionWindowInDays(7)\n .build());\n\n var exampleKxEnvironment = new KxEnvironment(\"exampleKxEnvironment\", KxEnvironmentArgs.builder() \n .name(\"my-tf-kx-environment\")\n .kmsKeyId(example.arn())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"example-role\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleKxUser = new KxUser(\"exampleKxUser\", KxUserArgs.builder() \n .name(\"my-tf-kx-user\")\n .environmentId(exampleKxEnvironment.id())\n .iamRole(exampleRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: Example KMS Key\n deletionWindowInDays: 7\n exampleKxEnvironment:\n type: aws:finspace:KxEnvironment\n name: example\n properties:\n name: my-tf-kx-environment\n kmsKeyId: ${example.arn}\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example-role\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: ec2.amazonaws.com\n exampleKxUser:\n type: aws:finspace:KxUser\n name: example\n properties:\n name: my-tf-kx-user\n environmentId: ${exampleKxEnvironment.id}\n iamRole: ${exampleRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an AWS FinSpace Kx User using the `id` (environment ID and user name, comma-delimited). For example:\n\n```sh\n$ pulumi import aws:finspace/kxUser:KxUser example n3ceo7wqxoxcti5tujqwzs,my-tf-kx-user\n```\n", "properties": { "arn": { "type": "string", @@ -246859,7 +246859,7 @@ } }, "aws:gamelift/gameServerGroup:GameServerGroup": { - "description": "Provides an GameLift Game Server Group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.GameServerGroup(\"example\", {\n gameServerGroupName: \"example\",\n instanceDefinitions: [\n {\n instanceType: \"c5.large\",\n },\n {\n instanceType: \"c5a.large\",\n },\n ],\n launchTemplate: {\n id: exampleAwsLaunchTemplate.id,\n },\n maxSize: 1,\n minSize: 1,\n roleArn: exampleAwsIamRole.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.GameServerGroup(\"example\",\n game_server_group_name=\"example\",\n instance_definitions=[\n aws.gamelift.GameServerGroupInstanceDefinitionArgs(\n instance_type=\"c5.large\",\n ),\n aws.gamelift.GameServerGroupInstanceDefinitionArgs(\n instance_type=\"c5a.large\",\n ),\n ],\n launch_template=aws.gamelift.GameServerGroupLaunchTemplateArgs(\n id=example_aws_launch_template[\"id\"],\n ),\n max_size=1,\n min_size=1,\n role_arn=example_aws_iam_role[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GameLift.GameServerGroup(\"example\", new()\n {\n GameServerGroupName = \"example\",\n InstanceDefinitions = new[]\n {\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5.large\",\n },\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5a.large\",\n },\n },\n LaunchTemplate = new Aws.GameLift.Inputs.GameServerGroupLaunchTemplateArgs\n {\n Id = exampleAwsLaunchTemplate.Id,\n },\n MaxSize = 1,\n MinSize = 1,\n RoleArn = exampleAwsIamRole.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewGameServerGroup(ctx, \"example\", \u0026gamelift.GameServerGroupArgs{\n\t\t\tGameServerGroupName: pulumi.String(\"example\"),\n\t\t\tInstanceDefinitions: gamelift.GameServerGroupInstanceDefinitionArray{\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t\t\t},\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5a.large\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLaunchTemplate: \u0026gamelift.GameServerGroupLaunchTemplateArgs{\n\t\t\t\tId: pulumi.Any(exampleAwsLaunchTemplate.Id),\n\t\t\t},\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.GameServerGroup;\nimport com.pulumi.aws.gamelift.GameServerGroupArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupInstanceDefinitionArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupLaunchTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GameServerGroup(\"example\", GameServerGroupArgs.builder() \n .gameServerGroupName(\"example\")\n .instanceDefinitions( \n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5.large\")\n .build(),\n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5a.large\")\n .build())\n .launchTemplate(GameServerGroupLaunchTemplateArgs.builder()\n .id(exampleAwsLaunchTemplate.id())\n .build())\n .maxSize(1)\n .minSize(1)\n .roleArn(exampleAwsIamRole.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:gamelift:GameServerGroup\n properties:\n gameServerGroupName: example\n instanceDefinitions:\n - instanceType: c5.large\n - instanceType: c5a.large\n launchTemplate:\n id: ${exampleAwsLaunchTemplate.id}\n maxSize: 1\n minSize: 1\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nFull usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.GameServerGroup(\"example\", {\n autoScalingPolicy: {\n estimatedInstanceWarmup: 60,\n targetTrackingConfiguration: {\n targetValue: 75,\n },\n },\n balancingStrategy: \"SPOT_ONLY\",\n gameServerGroupName: \"example\",\n gameServerProtectionPolicy: \"FULL_PROTECTION\",\n instanceDefinitions: [\n {\n instanceType: \"c5.large\",\n weightedCapacity: \"1\",\n },\n {\n instanceType: \"c5.2xlarge\",\n weightedCapacity: \"2\",\n },\n ],\n launchTemplate: {\n id: exampleAwsLaunchTemplate.id,\n version: \"1\",\n },\n maxSize: 1,\n minSize: 1,\n roleArn: exampleAwsIamRole.arn,\n tags: {\n Name: \"example\",\n },\n vpcSubnets: [\n \"subnet-12345678\",\n \"subnet-23456789\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.GameServerGroup(\"example\",\n auto_scaling_policy=aws.gamelift.GameServerGroupAutoScalingPolicyArgs(\n estimated_instance_warmup=60,\n target_tracking_configuration=aws.gamelift.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs(\n target_value=75,\n ),\n ),\n balancing_strategy=\"SPOT_ONLY\",\n game_server_group_name=\"example\",\n game_server_protection_policy=\"FULL_PROTECTION\",\n instance_definitions=[\n aws.gamelift.GameServerGroupInstanceDefinitionArgs(\n instance_type=\"c5.large\",\n weighted_capacity=\"1\",\n ),\n aws.gamelift.GameServerGroupInstanceDefinitionArgs(\n instance_type=\"c5.2xlarge\",\n weighted_capacity=\"2\",\n ),\n ],\n launch_template=aws.gamelift.GameServerGroupLaunchTemplateArgs(\n id=example_aws_launch_template[\"id\"],\n version=\"1\",\n ),\n max_size=1,\n min_size=1,\n role_arn=example_aws_iam_role[\"arn\"],\n tags={\n \"Name\": \"example\",\n },\n vpc_subnets=[\n \"subnet-12345678\",\n \"subnet-23456789\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GameLift.GameServerGroup(\"example\", new()\n {\n AutoScalingPolicy = new Aws.GameLift.Inputs.GameServerGroupAutoScalingPolicyArgs\n {\n EstimatedInstanceWarmup = 60,\n TargetTrackingConfiguration = new Aws.GameLift.Inputs.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs\n {\n TargetValue = 75,\n },\n },\n BalancingStrategy = \"SPOT_ONLY\",\n GameServerGroupName = \"example\",\n GameServerProtectionPolicy = \"FULL_PROTECTION\",\n InstanceDefinitions = new[]\n {\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5.large\",\n WeightedCapacity = \"1\",\n },\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5.2xlarge\",\n WeightedCapacity = \"2\",\n },\n },\n LaunchTemplate = new Aws.GameLift.Inputs.GameServerGroupLaunchTemplateArgs\n {\n Id = exampleAwsLaunchTemplate.Id,\n Version = \"1\",\n },\n MaxSize = 1,\n MinSize = 1,\n RoleArn = exampleAwsIamRole.Arn,\n Tags = \n {\n { \"Name\", \"example\" },\n },\n VpcSubnets = new[]\n {\n \"subnet-12345678\",\n \"subnet-23456789\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewGameServerGroup(ctx, \"example\", \u0026gamelift.GameServerGroupArgs{\n\t\t\tAutoScalingPolicy: \u0026gamelift.GameServerGroupAutoScalingPolicyArgs{\n\t\t\t\tEstimatedInstanceWarmup: pulumi.Int(60),\n\t\t\t\tTargetTrackingConfiguration: \u0026gamelift.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs{\n\t\t\t\t\tTargetValue: pulumi.Float64(75),\n\t\t\t\t},\n\t\t\t},\n\t\t\tBalancingStrategy: pulumi.String(\"SPOT_ONLY\"),\n\t\t\tGameServerGroupName: pulumi.String(\"example\"),\n\t\t\tGameServerProtectionPolicy: pulumi.String(\"FULL_PROTECTION\"),\n\t\t\tInstanceDefinitions: gamelift.GameServerGroupInstanceDefinitionArray{\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t\t\t\tWeightedCapacity: pulumi.String(\"1\"),\n\t\t\t\t},\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5.2xlarge\"),\n\t\t\t\t\tWeightedCapacity: pulumi.String(\"2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLaunchTemplate: \u0026gamelift.GameServerGroupLaunchTemplateArgs{\n\t\t\t\tId: pulumi.Any(exampleAwsLaunchTemplate.Id),\n\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t},\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t\tVpcSubnets: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-12345678\"),\n\t\t\t\tpulumi.String(\"subnet-23456789\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.GameServerGroup;\nimport com.pulumi.aws.gamelift.GameServerGroupArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupAutoScalingPolicyArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupInstanceDefinitionArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupLaunchTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GameServerGroup(\"example\", GameServerGroupArgs.builder() \n .autoScalingPolicy(GameServerGroupAutoScalingPolicyArgs.builder()\n .estimatedInstanceWarmup(60)\n .targetTrackingConfiguration(GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs.builder()\n .targetValue(75)\n .build())\n .build())\n .balancingStrategy(\"SPOT_ONLY\")\n .gameServerGroupName(\"example\")\n .gameServerProtectionPolicy(\"FULL_PROTECTION\")\n .instanceDefinitions( \n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5.large\")\n .weightedCapacity(\"1\")\n .build(),\n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5.2xlarge\")\n .weightedCapacity(\"2\")\n .build())\n .launchTemplate(GameServerGroupLaunchTemplateArgs.builder()\n .id(exampleAwsLaunchTemplate.id())\n .version(\"1\")\n .build())\n .maxSize(1)\n .minSize(1)\n .roleArn(exampleAwsIamRole.arn())\n .tags(Map.of(\"Name\", \"example\"))\n .vpcSubnets( \n \"subnet-12345678\",\n \"subnet-23456789\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:gamelift:GameServerGroup\n properties:\n autoScalingPolicy:\n estimatedInstanceWarmup: 60\n targetTrackingConfiguration:\n targetValue: 75\n balancingStrategy: SPOT_ONLY\n gameServerGroupName: example\n gameServerProtectionPolicy: FULL_PROTECTION\n instanceDefinitions:\n - instanceType: c5.large\n weightedCapacity: '1'\n - instanceType: c5.2xlarge\n weightedCapacity: '2'\n launchTemplate:\n id: ${exampleAwsLaunchTemplate.id}\n version: '1'\n maxSize: 1\n minSize: 1\n roleArn: ${exampleAwsIamRole.arn}\n tags:\n Name: example\n vpcSubnets:\n - subnet-12345678\n - subnet-23456789\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for GameLift Game Server Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getPartition({});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n name: \"gamelift-game-server-group-example\",\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n policyArn: current.then(current =\u003e `arn:${current.partition}:iam::aws:policy/GameLiftGameServerGroupPolicy`),\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_partition()\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nexample = aws.iam.Role(\"example\",\n assume_role_policy=assume_role.json,\n name=\"gamelift-game-server-group-example\")\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n policy_arn=f\"arn:{current.partition}:iam::aws:policy/GameLiftGameServerGroupPolicy\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetPartition.Invoke();\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"gamelift-game-server-group-example\",\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n PolicyArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::aws:policy/GameLiftGameServerGroupPolicy\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"autoscaling.amazonaws.com\",\n\t\t\t\t\t\t\t\t\"gamelift.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t\tName: pulumi.String(\"gamelift-game-server-group-example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(fmt.Sprintf(\"arn:%v:iam::aws:policy/GameLiftGameServerGroupPolicy\", current.Partition)),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getPartition();\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers( \n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder() \n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"gamelift-game-server-group-example\")\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .policyArn(String.format(\"arn:%s:iam::aws:policy/GameLiftGameServerGroupPolicy\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${assumeRole.json}\n name: gamelift-game-server-group-example\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n policyArn: arn:${current.partition}:iam::aws:policy/GameLiftGameServerGroupPolicy\n role: ${example.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - autoscaling.amazonaws.com\n - gamelift.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GameLift Game Server Group using the `name`. For example:\n\n```sh\n$ pulumi import aws:gamelift/gameServerGroup:GameServerGroup example example\n```\n", + "description": "Provides an GameLift Game Server Group resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.GameServerGroup(\"example\", {\n gameServerGroupName: \"example\",\n instanceDefinitions: [\n {\n instanceType: \"c5.large\",\n },\n {\n instanceType: \"c5a.large\",\n },\n ],\n launchTemplate: {\n id: exampleAwsLaunchTemplate.id,\n },\n maxSize: 1,\n minSize: 1,\n roleArn: exampleAwsIamRole.arn,\n}, {\n dependsOn: [exampleAwsIamRolePolicyAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.GameServerGroup(\"example\",\n game_server_group_name=\"example\",\n instance_definitions=[\n aws.gamelift.GameServerGroupInstanceDefinitionArgs(\n instance_type=\"c5.large\",\n ),\n aws.gamelift.GameServerGroupInstanceDefinitionArgs(\n instance_type=\"c5a.large\",\n ),\n ],\n launch_template=aws.gamelift.GameServerGroupLaunchTemplateArgs(\n id=example_aws_launch_template[\"id\"],\n ),\n max_size=1,\n min_size=1,\n role_arn=example_aws_iam_role[\"arn\"],\n opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GameLift.GameServerGroup(\"example\", new()\n {\n GameServerGroupName = \"example\",\n InstanceDefinitions = new[]\n {\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5.large\",\n },\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5a.large\",\n },\n },\n LaunchTemplate = new Aws.GameLift.Inputs.GameServerGroupLaunchTemplateArgs\n {\n Id = exampleAwsLaunchTemplate.Id,\n },\n MaxSize = 1,\n MinSize = 1,\n RoleArn = exampleAwsIamRole.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicyAttachment, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewGameServerGroup(ctx, \"example\", \u0026gamelift.GameServerGroupArgs{\n\t\t\tGameServerGroupName: pulumi.String(\"example\"),\n\t\t\tInstanceDefinitions: gamelift.GameServerGroupInstanceDefinitionArray{\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t\t\t},\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5a.large\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLaunchTemplate: \u0026gamelift.GameServerGroupLaunchTemplateArgs{\n\t\t\t\tId: pulumi.Any(exampleAwsLaunchTemplate.Id),\n\t\t\t},\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.GameServerGroup;\nimport com.pulumi.aws.gamelift.GameServerGroupArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupInstanceDefinitionArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupLaunchTemplateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GameServerGroup(\"example\", GameServerGroupArgs.builder() \n .gameServerGroupName(\"example\")\n .instanceDefinitions( \n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5.large\")\n .build(),\n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5a.large\")\n .build())\n .launchTemplate(GameServerGroupLaunchTemplateArgs.builder()\n .id(exampleAwsLaunchTemplate.id())\n .build())\n .maxSize(1)\n .minSize(1)\n .roleArn(exampleAwsIamRole.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicyAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:gamelift:GameServerGroup\n properties:\n gameServerGroupName: example\n instanceDefinitions:\n - instanceType: c5.large\n - instanceType: c5a.large\n launchTemplate:\n id: ${exampleAwsLaunchTemplate.id}\n maxSize: 1\n minSize: 1\n roleArn: ${exampleAwsIamRole.arn}\n options:\n dependson:\n - ${exampleAwsIamRolePolicyAttachment}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nFull usage:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.gamelift.GameServerGroup(\"example\", {\n autoScalingPolicy: {\n estimatedInstanceWarmup: 60,\n targetTrackingConfiguration: {\n targetValue: 75,\n },\n },\n balancingStrategy: \"SPOT_ONLY\",\n gameServerGroupName: \"example\",\n gameServerProtectionPolicy: \"FULL_PROTECTION\",\n instanceDefinitions: [\n {\n instanceType: \"c5.large\",\n weightedCapacity: \"1\",\n },\n {\n instanceType: \"c5.2xlarge\",\n weightedCapacity: \"2\",\n },\n ],\n launchTemplate: {\n id: exampleAwsLaunchTemplate.id,\n version: \"1\",\n },\n maxSize: 1,\n minSize: 1,\n roleArn: exampleAwsIamRole.arn,\n tags: {\n Name: \"example\",\n },\n vpcSubnets: [\n \"subnet-12345678\",\n \"subnet-23456789\",\n ],\n}, {\n dependsOn: [exampleAwsIamRolePolicyAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.gamelift.GameServerGroup(\"example\",\n auto_scaling_policy=aws.gamelift.GameServerGroupAutoScalingPolicyArgs(\n estimated_instance_warmup=60,\n target_tracking_configuration=aws.gamelift.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs(\n target_value=75,\n ),\n ),\n balancing_strategy=\"SPOT_ONLY\",\n game_server_group_name=\"example\",\n game_server_protection_policy=\"FULL_PROTECTION\",\n instance_definitions=[\n aws.gamelift.GameServerGroupInstanceDefinitionArgs(\n instance_type=\"c5.large\",\n weighted_capacity=\"1\",\n ),\n aws.gamelift.GameServerGroupInstanceDefinitionArgs(\n instance_type=\"c5.2xlarge\",\n weighted_capacity=\"2\",\n ),\n ],\n launch_template=aws.gamelift.GameServerGroupLaunchTemplateArgs(\n id=example_aws_launch_template[\"id\"],\n version=\"1\",\n ),\n max_size=1,\n min_size=1,\n role_arn=example_aws_iam_role[\"arn\"],\n tags={\n \"Name\": \"example\",\n },\n vpc_subnets=[\n \"subnet-12345678\",\n \"subnet-23456789\",\n ],\n opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.GameLift.GameServerGroup(\"example\", new()\n {\n AutoScalingPolicy = new Aws.GameLift.Inputs.GameServerGroupAutoScalingPolicyArgs\n {\n EstimatedInstanceWarmup = 60,\n TargetTrackingConfiguration = new Aws.GameLift.Inputs.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs\n {\n TargetValue = 75,\n },\n },\n BalancingStrategy = \"SPOT_ONLY\",\n GameServerGroupName = \"example\",\n GameServerProtectionPolicy = \"FULL_PROTECTION\",\n InstanceDefinitions = new[]\n {\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5.large\",\n WeightedCapacity = \"1\",\n },\n new Aws.GameLift.Inputs.GameServerGroupInstanceDefinitionArgs\n {\n InstanceType = \"c5.2xlarge\",\n WeightedCapacity = \"2\",\n },\n },\n LaunchTemplate = new Aws.GameLift.Inputs.GameServerGroupLaunchTemplateArgs\n {\n Id = exampleAwsLaunchTemplate.Id,\n Version = \"1\",\n },\n MaxSize = 1,\n MinSize = 1,\n RoleArn = exampleAwsIamRole.Arn,\n Tags = \n {\n { \"Name\", \"example\" },\n },\n VpcSubnets = new[]\n {\n \"subnet-12345678\",\n \"subnet-23456789\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsIamRolePolicyAttachment, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/gamelift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := gamelift.NewGameServerGroup(ctx, \"example\", \u0026gamelift.GameServerGroupArgs{\n\t\t\tAutoScalingPolicy: \u0026gamelift.GameServerGroupAutoScalingPolicyArgs{\n\t\t\t\tEstimatedInstanceWarmup: pulumi.Int(60),\n\t\t\t\tTargetTrackingConfiguration: \u0026gamelift.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs{\n\t\t\t\t\tTargetValue: pulumi.Float64(75),\n\t\t\t\t},\n\t\t\t},\n\t\t\tBalancingStrategy: pulumi.String(\"SPOT_ONLY\"),\n\t\t\tGameServerGroupName: pulumi.String(\"example\"),\n\t\t\tGameServerProtectionPolicy: pulumi.String(\"FULL_PROTECTION\"),\n\t\t\tInstanceDefinitions: gamelift.GameServerGroupInstanceDefinitionArray{\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5.large\"),\n\t\t\t\t\tWeightedCapacity: pulumi.String(\"1\"),\n\t\t\t\t},\n\t\t\t\t\u0026gamelift.GameServerGroupInstanceDefinitionArgs{\n\t\t\t\t\tInstanceType: pulumi.String(\"c5.2xlarge\"),\n\t\t\t\t\tWeightedCapacity: pulumi.String(\"2\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLaunchTemplate: \u0026gamelift.GameServerGroupLaunchTemplateArgs{\n\t\t\t\tId: pulumi.Any(exampleAwsLaunchTemplate.Id),\n\t\t\t\tVersion: pulumi.String(\"1\"),\n\t\t\t},\n\t\t\tMaxSize: pulumi.Int(1),\n\t\t\tMinSize: pulumi.Int(1),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"example\"),\n\t\t\t},\n\t\t\tVpcSubnets: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-12345678\"),\n\t\t\t\tpulumi.String(\"subnet-23456789\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsIamRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.gamelift.GameServerGroup;\nimport com.pulumi.aws.gamelift.GameServerGroupArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupAutoScalingPolicyArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupInstanceDefinitionArgs;\nimport com.pulumi.aws.gamelift.inputs.GameServerGroupLaunchTemplateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GameServerGroup(\"example\", GameServerGroupArgs.builder() \n .autoScalingPolicy(GameServerGroupAutoScalingPolicyArgs.builder()\n .estimatedInstanceWarmup(60)\n .targetTrackingConfiguration(GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs.builder()\n .targetValue(75)\n .build())\n .build())\n .balancingStrategy(\"SPOT_ONLY\")\n .gameServerGroupName(\"example\")\n .gameServerProtectionPolicy(\"FULL_PROTECTION\")\n .instanceDefinitions( \n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5.large\")\n .weightedCapacity(\"1\")\n .build(),\n GameServerGroupInstanceDefinitionArgs.builder()\n .instanceType(\"c5.2xlarge\")\n .weightedCapacity(\"2\")\n .build())\n .launchTemplate(GameServerGroupLaunchTemplateArgs.builder()\n .id(exampleAwsLaunchTemplate.id())\n .version(\"1\")\n .build())\n .maxSize(1)\n .minSize(1)\n .roleArn(exampleAwsIamRole.arn())\n .tags(Map.of(\"Name\", \"example\"))\n .vpcSubnets( \n \"subnet-12345678\",\n \"subnet-23456789\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsIamRolePolicyAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:gamelift:GameServerGroup\n properties:\n autoScalingPolicy:\n estimatedInstanceWarmup: 60\n targetTrackingConfiguration:\n targetValue: 75\n balancingStrategy: SPOT_ONLY\n gameServerGroupName: example\n gameServerProtectionPolicy: FULL_PROTECTION\n instanceDefinitions:\n - instanceType: c5.large\n weightedCapacity: '1'\n - instanceType: c5.2xlarge\n weightedCapacity: '2'\n launchTemplate:\n id: ${exampleAwsLaunchTemplate.id}\n version: '1'\n maxSize: 1\n minSize: 1\n roleArn: ${exampleAwsIamRole.arn}\n tags:\n Name: example\n vpcSubnets:\n - subnet-12345678\n - subnet-23456789\n options:\n dependson:\n - ${exampleAwsIamRolePolicyAttachment}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example IAM Role for GameLift Game Server Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getPartition({});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n name: \"gamelift-game-server-group-example\",\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n policyArn: current.then(current =\u003e `arn:${current.partition}:iam::aws:policy/GameLiftGameServerGroupPolicy`),\n role: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_partition()\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n ],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nexample = aws.iam.Role(\"example\",\n assume_role_policy=assume_role.json,\n name=\"gamelift-game-server-group-example\")\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n policy_arn=f\"arn:{current.partition}:iam::aws:policy/GameLiftGameServerGroupPolicy\",\n role=example.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetPartition.Invoke();\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Name = \"gamelift-game-server-group-example\",\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n PolicyArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::aws:policy/GameLiftGameServerGroupPolicy\",\n Role = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"autoscaling.amazonaws.com\",\n\t\t\t\t\t\t\t\t\"gamelift.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t\tName: pulumi.String(\"gamelift-game-server-group-example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tPolicyArn: pulumi.String(fmt.Sprintf(\"arn:%v:iam::aws:policy/GameLiftGameServerGroupPolicy\", current.Partition)),\n\t\t\tRole: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getPartition();\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers( \n \"autoscaling.amazonaws.com\",\n \"gamelift.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder() \n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .name(\"gamelift-game-server-group-example\")\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .policyArn(String.format(\"arn:%s:iam::aws:policy/GameLiftGameServerGroupPolicy\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .role(example.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy: ${assumeRole.json}\n name: gamelift-game-server-group-example\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n policyArn: arn:${current.partition}:iam::aws:policy/GameLiftGameServerGroupPolicy\n role: ${example.name}\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - autoscaling.amazonaws.com\n - gamelift.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GameLift Game Server Group using the `name`. For example:\n\n```sh\n$ pulumi import aws:gamelift/gameServerGroup:GameServerGroup example example\n```\n", "properties": { "arn": { "type": "string", @@ -249331,7 +249331,7 @@ } }, "aws:glue/crawler:Crawler": { - "description": "Manages a Glue Crawler. More information can be found in the [AWS Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html)\n\n## Example Usage\n\n### DynamoDB Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n dynamodbTargets: [{\n path: \"table-name\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n dynamodb_targets=[aws.glue.CrawlerDynamodbTargetArgs(\n path=\"table-name\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n DynamodbTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerDynamodbTargetArgs\n {\n Path = \"table-name\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tDynamodbTargets: glue.CrawlerDynamodbTargetArray{\n\t\t\t\t\u0026glue.CrawlerDynamodbTargetArgs{\n\t\t\t\t\tPath: pulumi.String(\"table-name\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerDynamodbTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder() \n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .dynamodbTargets(CrawlerDynamodbTargetArgs.builder()\n .path(\"table-name\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n dynamodbTargets:\n - path: table-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### JDBC Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n jdbcTargets: [{\n connectionName: exampleAwsGlueConnection.name,\n path: \"database-name/%\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n jdbc_targets=[aws.glue.CrawlerJdbcTargetArgs(\n connection_name=example_aws_glue_connection[\"name\"],\n path=\"database-name/%\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n JdbcTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerJdbcTargetArgs\n {\n ConnectionName = exampleAwsGlueConnection.Name,\n Path = \"database-name/%\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tJdbcTargets: glue.CrawlerJdbcTargetArray{\n\t\t\t\t\u0026glue.CrawlerJdbcTargetArgs{\n\t\t\t\t\tConnectionName: pulumi.Any(exampleAwsGlueConnection.Name),\n\t\t\t\t\tPath: pulumi.String(\"database-name/%\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerJdbcTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder() \n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .jdbcTargets(CrawlerJdbcTargetArgs.builder()\n .connectionName(exampleAwsGlueConnection.name())\n .path(\"database-name/%\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n jdbcTargets:\n - connectionName: ${exampleAwsGlueConnection.name}\n path: database-name/%\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n s3Targets: [{\n path: `s3://${exampleAwsS3Bucket.bucket}`,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n s3_targets=[aws.glue.CrawlerS3TargetArgs(\n path=f\"s3://{example_aws_s3_bucket['bucket']}\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n S3Targets = new[]\n {\n new Aws.Glue.Inputs.CrawlerS3TargetArgs\n {\n Path = $\"s3://{exampleAwsS3Bucket.Bucket}\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tS3Targets: glue.CrawlerS3TargetArray{\n\t\t\t\t\u0026glue.CrawlerS3TargetArgs{\n\t\t\t\t\tPath: pulumi.String(fmt.Sprintf(\"s3://%v\", exampleAwsS3Bucket.Bucket)),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerS3TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder() \n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .s3Targets(CrawlerS3TargetArgs.builder()\n .path(String.format(\"s3://%s\", exampleAwsS3Bucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n s3Targets:\n - path: s3://${exampleAwsS3Bucket.bucket}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Catalog Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n catalogTargets: [{\n databaseName: exampleAwsGlueCatalogDatabase.name,\n tables: [exampleAwsGlueCatalogTable.name],\n }],\n schemaChangePolicy: {\n deleteBehavior: \"LOG\",\n },\n configuration: `{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n catalog_targets=[aws.glue.CrawlerCatalogTargetArgs(\n database_name=example_aws_glue_catalog_database[\"name\"],\n tables=[example_aws_glue_catalog_table[\"name\"]],\n )],\n schema_change_policy=aws.glue.CrawlerSchemaChangePolicyArgs(\n delete_behavior=\"LOG\",\n ),\n configuration=\"\"\"{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n CatalogTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerCatalogTargetArgs\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Tables = new[]\n {\n exampleAwsGlueCatalogTable.Name,\n },\n },\n },\n SchemaChangePolicy = new Aws.Glue.Inputs.CrawlerSchemaChangePolicyArgs\n {\n DeleteBehavior = \"LOG\",\n },\n Configuration = @\"{\n \"\"Version\"\":1.0,\n \"\"Grouping\"\": {\n \"\"TableGroupingPolicy\"\": \"\"CombineCompatibleSchemas\"\"\n }\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tCatalogTargets: glue.CrawlerCatalogTargetArray{\n\t\t\t\t\u0026glue.CrawlerCatalogTargetArgs{\n\t\t\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\t\t\tTables: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsGlueCatalogTable.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tSchemaChangePolicy: \u0026glue.CrawlerSchemaChangePolicyArgs{\n\t\t\t\tDeleteBehavior: pulumi.String(\"LOG\"),\n\t\t\t},\n\t\t\tConfiguration: pulumi.String(`{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerCatalogTargetArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerSchemaChangePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder() \n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .catalogTargets(CrawlerCatalogTargetArgs.builder()\n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .tables(exampleAwsGlueCatalogTable.name())\n .build())\n .schemaChangePolicy(CrawlerSchemaChangePolicyArgs.builder()\n .deleteBehavior(\"LOG\")\n .build())\n .configuration(\"\"\"\n{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n catalogTargets:\n - databaseName: ${exampleAwsGlueCatalogDatabase.name}\n tables:\n - ${exampleAwsGlueCatalogTable.name}\n schemaChangePolicy:\n deleteBehavior: LOG\n configuration: |\n {\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### MongoDB Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n mongodbTargets: [{\n connectionName: exampleAwsGlueConnection.name,\n path: \"database-name/%\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n mongodb_targets=[aws.glue.CrawlerMongodbTargetArgs(\n connection_name=example_aws_glue_connection[\"name\"],\n path=\"database-name/%\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n MongodbTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerMongodbTargetArgs\n {\n ConnectionName = exampleAwsGlueConnection.Name,\n Path = \"database-name/%\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tMongodbTargets: glue.CrawlerMongodbTargetArray{\n\t\t\t\t\u0026glue.CrawlerMongodbTargetArgs{\n\t\t\t\t\tConnectionName: pulumi.Any(exampleAwsGlueConnection.Name),\n\t\t\t\t\tPath: pulumi.String(\"database-name/%\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerMongodbTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder() \n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .mongodbTargets(CrawlerMongodbTargetArgs.builder()\n .connectionName(exampleAwsGlueConnection.name())\n .path(\"database-name/%\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n mongodbTargets:\n - connectionName: ${exampleAwsGlueConnection.name}\n path: database-name/%\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Configuration Settings Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst eventsCrawler = new aws.glue.Crawler(\"events_crawler\", {\n databaseName: glueDatabase.name,\n schedule: \"cron(0 1 * * ? *)\",\n name: `events_crawler_${environmentName}`,\n role: glueRole.arn,\n tags: tags,\n configuration: JSON.stringify({\n grouping: {\n tableGroupingPolicy: \"CombineCompatibleSchemas\",\n },\n crawlerOutput: {\n partitions: {\n addOrUpdateBehavior: \"InheritFromTable\",\n },\n },\n version: 1,\n }),\n s3Targets: [{\n path: `s3://${dataLakeBucket.bucket}`,\n }],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nevents_crawler = aws.glue.Crawler(\"events_crawler\",\n database_name=glue_database[\"name\"],\n schedule=\"cron(0 1 * * ? *)\",\n name=f\"events_crawler_{environment_name}\",\n role=glue_role[\"arn\"],\n tags=tags,\n configuration=json.dumps({\n \"grouping\": {\n \"tableGroupingPolicy\": \"CombineCompatibleSchemas\",\n },\n \"crawlerOutput\": {\n \"partitions\": {\n \"addOrUpdateBehavior\": \"InheritFromTable\",\n },\n },\n \"version\": 1,\n }),\n s3_targets=[aws.glue.CrawlerS3TargetArgs(\n path=f\"s3://{data_lake_bucket['bucket']}\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var eventsCrawler = new Aws.Glue.Crawler(\"events_crawler\", new()\n {\n DatabaseName = glueDatabase.Name,\n Schedule = \"cron(0 1 * * ? *)\",\n Name = $\"events_crawler_{environmentName}\",\n Role = glueRole.Arn,\n Tags = tags,\n Configuration = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"grouping\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"tableGroupingPolicy\"] = \"CombineCompatibleSchemas\",\n },\n [\"crawlerOutput\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"partitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"addOrUpdateBehavior\"] = \"InheritFromTable\",\n },\n },\n [\"version\"] = 1,\n }),\n S3Targets = new[]\n {\n new Aws.Glue.Inputs.CrawlerS3TargetArgs\n {\n Path = $\"s3://{dataLakeBucket.Bucket}\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"grouping\": map[string]interface{}{\n\t\t\t\t\"tableGroupingPolicy\": \"CombineCompatibleSchemas\",\n\t\t\t},\n\t\t\t\"crawlerOutput\": map[string]interface{}{\n\t\t\t\t\"partitions\": map[string]interface{}{\n\t\t\t\t\t\"addOrUpdateBehavior\": \"InheritFromTable\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": 1,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = glue.NewCrawler(ctx, \"events_crawler\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(glueDatabase.Name),\n\t\t\tSchedule: pulumi.String(\"cron(0 1 * * ? *)\"),\n\t\t\tName: pulumi.String(fmt.Sprintf(\"events_crawler_%v\", environmentName)),\n\t\t\tRole: pulumi.Any(glueRole.Arn),\n\t\t\tTags: pulumi.Any(tags),\n\t\t\tConfiguration: pulumi.String(json0),\n\t\t\tS3Targets: glue.CrawlerS3TargetArray{\n\t\t\t\t\u0026glue.CrawlerS3TargetArgs{\n\t\t\t\t\tPath: pulumi.String(fmt.Sprintf(\"s3://%v\", dataLakeBucket.Bucket)),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerS3TargetArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var eventsCrawler = new Crawler(\"eventsCrawler\", CrawlerArgs.builder() \n .databaseName(glueDatabase.name())\n .schedule(\"cron(0 1 * * ? *)\")\n .name(String.format(\"events_crawler_%s\", environmentName))\n .role(glueRole.arn())\n .tags(tags)\n .configuration(serializeJson(\n jsonObject(\n jsonProperty(\"grouping\", jsonObject(\n jsonProperty(\"tableGroupingPolicy\", \"CombineCompatibleSchemas\")\n )),\n jsonProperty(\"crawlerOutput\", jsonObject(\n jsonProperty(\"partitions\", jsonObject(\n jsonProperty(\"addOrUpdateBehavior\", \"InheritFromTable\")\n ))\n )),\n jsonProperty(\"version\", 1)\n )))\n .s3Targets(CrawlerS3TargetArgs.builder()\n .path(String.format(\"s3://%s\", dataLakeBucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n eventsCrawler:\n type: aws:glue:Crawler\n name: events_crawler\n properties:\n databaseName: ${glueDatabase.name}\n schedule: cron(0 1 * * ? *)\n name: events_crawler_${environmentName}\n role: ${glueRole.arn}\n tags: ${tags}\n configuration:\n fn::toJSON:\n grouping:\n tableGroupingPolicy: CombineCompatibleSchemas\n crawlerOutput:\n partitions:\n addOrUpdateBehavior: InheritFromTable\n version: 1\n s3Targets:\n - path: s3://${dataLakeBucket.bucket}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Crawlers using `name`. For example:\n\n```sh\n$ pulumi import aws:glue/crawler:Crawler MyJob MyJob\n```\n", + "description": "Manages a Glue Crawler. More information can be found in the [AWS Glue Developer Guide](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html)\n\n## Example Usage\n\n### DynamoDB Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n dynamodbTargets: [{\n path: \"table-name\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n dynamodb_targets=[aws.glue.CrawlerDynamodbTargetArgs(\n path=\"table-name\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n DynamodbTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerDynamodbTargetArgs\n {\n Path = \"table-name\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tDynamodbTargets: glue.CrawlerDynamodbTargetArray{\n\t\t\t\t\u0026glue.CrawlerDynamodbTargetArgs{\n\t\t\t\t\tPath: pulumi.String(\"table-name\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerDynamodbTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder() \n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .dynamodbTargets(CrawlerDynamodbTargetArgs.builder()\n .path(\"table-name\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n dynamodbTargets:\n - path: table-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### JDBC Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n jdbcTargets: [{\n connectionName: exampleAwsGlueConnection.name,\n path: \"database-name/%\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n jdbc_targets=[aws.glue.CrawlerJdbcTargetArgs(\n connection_name=example_aws_glue_connection[\"name\"],\n path=\"database-name/%\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n JdbcTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerJdbcTargetArgs\n {\n ConnectionName = exampleAwsGlueConnection.Name,\n Path = \"database-name/%\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tJdbcTargets: glue.CrawlerJdbcTargetArray{\n\t\t\t\t\u0026glue.CrawlerJdbcTargetArgs{\n\t\t\t\t\tConnectionName: pulumi.Any(exampleAwsGlueConnection.Name),\n\t\t\t\t\tPath: pulumi.String(\"database-name/%\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerJdbcTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder() \n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .jdbcTargets(CrawlerJdbcTargetArgs.builder()\n .connectionName(exampleAwsGlueConnection.name())\n .path(\"database-name/%\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n jdbcTargets:\n - connectionName: ${exampleAwsGlueConnection.name}\n path: database-name/%\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n s3Targets: [{\n path: `s3://${exampleAwsS3Bucket.bucket}`,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n s3_targets=[aws.glue.CrawlerS3TargetArgs(\n path=f\"s3://{example_aws_s3_bucket['bucket']}\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n S3Targets = new[]\n {\n new Aws.Glue.Inputs.CrawlerS3TargetArgs\n {\n Path = $\"s3://{exampleAwsS3Bucket.Bucket}\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tS3Targets: glue.CrawlerS3TargetArray{\n\t\t\t\t\u0026glue.CrawlerS3TargetArgs{\n\t\t\t\t\tPath: pulumi.String(fmt.Sprintf(\"s3://%v\", exampleAwsS3Bucket.Bucket)),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerS3TargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder() \n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .s3Targets(CrawlerS3TargetArgs.builder()\n .path(String.format(\"s3://%s\", exampleAwsS3Bucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n s3Targets:\n - path: s3://${exampleAwsS3Bucket.bucket}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Catalog Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n catalogTargets: [{\n databaseName: exampleAwsGlueCatalogDatabase.name,\n tables: [exampleAwsGlueCatalogTable.name],\n }],\n schemaChangePolicy: {\n deleteBehavior: \"LOG\",\n },\n configuration: `{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n catalog_targets=[aws.glue.CrawlerCatalogTargetArgs(\n database_name=example_aws_glue_catalog_database[\"name\"],\n tables=[example_aws_glue_catalog_table[\"name\"]],\n )],\n schema_change_policy=aws.glue.CrawlerSchemaChangePolicyArgs(\n delete_behavior=\"LOG\",\n ),\n configuration=\"\"\"{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n CatalogTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerCatalogTargetArgs\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Tables = new[]\n {\n exampleAwsGlueCatalogTable.Name,\n },\n },\n },\n SchemaChangePolicy = new Aws.Glue.Inputs.CrawlerSchemaChangePolicyArgs\n {\n DeleteBehavior = \"LOG\",\n },\n Configuration = @\"{\n \"\"Version\"\":1.0,\n \"\"Grouping\"\": {\n \"\"TableGroupingPolicy\"\": \"\"CombineCompatibleSchemas\"\"\n }\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tCatalogTargets: glue.CrawlerCatalogTargetArray{\n\t\t\t\t\u0026glue.CrawlerCatalogTargetArgs{\n\t\t\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\t\t\tTables: pulumi.StringArray{\n\t\t\t\t\t\texampleAwsGlueCatalogTable.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tSchemaChangePolicy: \u0026glue.CrawlerSchemaChangePolicyArgs{\n\t\t\t\tDeleteBehavior: pulumi.String(\"LOG\"),\n\t\t\t},\n\t\t\tConfiguration: pulumi.String(`{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerCatalogTargetArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerSchemaChangePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder() \n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .catalogTargets(CrawlerCatalogTargetArgs.builder()\n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .tables(exampleAwsGlueCatalogTable.name())\n .build())\n .schemaChangePolicy(CrawlerSchemaChangePolicyArgs.builder()\n .deleteBehavior(\"LOG\")\n .build())\n .configuration(\"\"\"\n{\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n catalogTargets:\n - databaseName: ${exampleAwsGlueCatalogDatabase.name}\n tables:\n - ${exampleAwsGlueCatalogTable.name}\n schemaChangePolicy:\n deleteBehavior: LOG\n configuration: |\n {\n \"Version\":1.0,\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\"\n }\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### MongoDB Target Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.glue.Crawler(\"example\", {\n databaseName: exampleAwsGlueCatalogDatabase.name,\n name: \"example\",\n role: exampleAwsIamRole.arn,\n mongodbTargets: [{\n connectionName: exampleAwsGlueConnection.name,\n path: \"database-name/%\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.glue.Crawler(\"example\",\n database_name=example_aws_glue_catalog_database[\"name\"],\n name=\"example\",\n role=example_aws_iam_role[\"arn\"],\n mongodb_targets=[aws.glue.CrawlerMongodbTargetArgs(\n connection_name=example_aws_glue_connection[\"name\"],\n path=\"database-name/%\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Glue.Crawler(\"example\", new()\n {\n DatabaseName = exampleAwsGlueCatalogDatabase.Name,\n Name = \"example\",\n Role = exampleAwsIamRole.Arn,\n MongodbTargets = new[]\n {\n new Aws.Glue.Inputs.CrawlerMongodbTargetArgs\n {\n ConnectionName = exampleAwsGlueConnection.Name,\n Path = \"database-name/%\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := glue.NewCrawler(ctx, \"example\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(exampleAwsGlueCatalogDatabase.Name),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tMongodbTargets: glue.CrawlerMongodbTargetArray{\n\t\t\t\t\u0026glue.CrawlerMongodbTargetArgs{\n\t\t\t\t\tConnectionName: pulumi.Any(exampleAwsGlueConnection.Name),\n\t\t\t\t\tPath: pulumi.String(\"database-name/%\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerMongodbTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Crawler(\"example\", CrawlerArgs.builder() \n .databaseName(exampleAwsGlueCatalogDatabase.name())\n .name(\"example\")\n .role(exampleAwsIamRole.arn())\n .mongodbTargets(CrawlerMongodbTargetArgs.builder()\n .connectionName(exampleAwsGlueConnection.name())\n .path(\"database-name/%\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:glue:Crawler\n properties:\n databaseName: ${exampleAwsGlueCatalogDatabase.name}\n name: example\n role: ${exampleAwsIamRole.arn}\n mongodbTargets:\n - connectionName: ${exampleAwsGlueConnection.name}\n path: database-name/%\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Configuration Settings Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst eventsCrawler = new aws.glue.Crawler(\"events_crawler\", {\n databaseName: glueDatabase.name,\n schedule: \"cron(0 1 * * ? *)\",\n name: `events_crawler_${environmentName}`,\n role: glueRole.arn,\n tags: tags,\n configuration: JSON.stringify({\n Grouping: {\n TableGroupingPolicy: \"CombineCompatibleSchemas\",\n },\n CrawlerOutput: {\n Partitions: {\n AddOrUpdateBehavior: \"InheritFromTable\",\n },\n },\n Version: 1,\n }),\n s3Targets: [{\n path: `s3://${dataLakeBucket.bucket}`,\n }],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nevents_crawler = aws.glue.Crawler(\"events_crawler\",\n database_name=glue_database[\"name\"],\n schedule=\"cron(0 1 * * ? *)\",\n name=f\"events_crawler_{environment_name}\",\n role=glue_role[\"arn\"],\n tags=tags,\n configuration=json.dumps({\n \"Grouping\": {\n \"TableGroupingPolicy\": \"CombineCompatibleSchemas\",\n },\n \"CrawlerOutput\": {\n \"Partitions\": {\n \"AddOrUpdateBehavior\": \"InheritFromTable\",\n },\n },\n \"Version\": 1,\n }),\n s3_targets=[aws.glue.CrawlerS3TargetArgs(\n path=f\"s3://{data_lake_bucket['bucket']}\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var eventsCrawler = new Aws.Glue.Crawler(\"events_crawler\", new()\n {\n DatabaseName = glueDatabase.Name,\n Schedule = \"cron(0 1 * * ? *)\",\n Name = $\"events_crawler_{environmentName}\",\n Role = glueRole.Arn,\n Tags = tags,\n Configuration = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Grouping\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"TableGroupingPolicy\"] = \"CombineCompatibleSchemas\",\n },\n [\"CrawlerOutput\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Partitions\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AddOrUpdateBehavior\"] = \"InheritFromTable\",\n },\n },\n [\"Version\"] = 1,\n }),\n S3Targets = new[]\n {\n new Aws.Glue.Inputs.CrawlerS3TargetArgs\n {\n Path = $\"s3://{dataLakeBucket.Bucket}\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Grouping\": map[string]interface{}{\n\t\t\t\t\"TableGroupingPolicy\": \"CombineCompatibleSchemas\",\n\t\t\t},\n\t\t\t\"CrawlerOutput\": map[string]interface{}{\n\t\t\t\t\"Partitions\": map[string]interface{}{\n\t\t\t\t\t\"AddOrUpdateBehavior\": \"InheritFromTable\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": 1,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = glue.NewCrawler(ctx, \"events_crawler\", \u0026glue.CrawlerArgs{\n\t\t\tDatabaseName: pulumi.Any(glueDatabase.Name),\n\t\t\tSchedule: pulumi.String(\"cron(0 1 * * ? *)\"),\n\t\t\tName: pulumi.String(fmt.Sprintf(\"events_crawler_%v\", environmentName)),\n\t\t\tRole: pulumi.Any(glueRole.Arn),\n\t\t\tTags: pulumi.Any(tags),\n\t\t\tConfiguration: pulumi.String(json0),\n\t\t\tS3Targets: glue.CrawlerS3TargetArray{\n\t\t\t\t\u0026glue.CrawlerS3TargetArgs{\n\t\t\t\t\tPath: pulumi.String(fmt.Sprintf(\"s3://%v\", dataLakeBucket.Bucket)),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.Crawler;\nimport com.pulumi.aws.glue.CrawlerArgs;\nimport com.pulumi.aws.glue.inputs.CrawlerS3TargetArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var eventsCrawler = new Crawler(\"eventsCrawler\", CrawlerArgs.builder() \n .databaseName(glueDatabase.name())\n .schedule(\"cron(0 1 * * ? *)\")\n .name(String.format(\"events_crawler_%s\", environmentName))\n .role(glueRole.arn())\n .tags(tags)\n .configuration(serializeJson(\n jsonObject(\n jsonProperty(\"Grouping\", jsonObject(\n jsonProperty(\"TableGroupingPolicy\", \"CombineCompatibleSchemas\")\n )),\n jsonProperty(\"CrawlerOutput\", jsonObject(\n jsonProperty(\"Partitions\", jsonObject(\n jsonProperty(\"AddOrUpdateBehavior\", \"InheritFromTable\")\n ))\n )),\n jsonProperty(\"Version\", 1)\n )))\n .s3Targets(CrawlerS3TargetArgs.builder()\n .path(String.format(\"s3://%s\", dataLakeBucket.bucket()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n eventsCrawler:\n type: aws:glue:Crawler\n name: events_crawler\n properties:\n databaseName: ${glueDatabase.name}\n schedule: cron(0 1 * * ? *)\n name: events_crawler_${environmentName}\n role: ${glueRole.arn}\n tags: ${tags}\n configuration:\n fn::toJSON:\n Grouping:\n TableGroupingPolicy: CombineCompatibleSchemas\n CrawlerOutput:\n Partitions:\n AddOrUpdateBehavior: InheritFromTable\n Version: 1\n s3Targets:\n - path: s3://${dataLakeBucket.bucket}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue Crawlers using `name`. For example:\n\n```sh\n$ pulumi import aws:glue/crawler:Crawler MyJob MyJob\n```\n", "properties": { "arn": { "type": "string", @@ -250603,7 +250603,7 @@ } }, "aws:glue/mLTransform:MLTransform": { - "description": "Provides a Glue ML Transform resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCatalogDatabase = new aws.glue.CatalogDatabase(\"test\", {name: \"example\"});\nconst testCatalogTable = new aws.glue.CatalogTable(\"test\", {\n name: \"example\",\n databaseName: testCatalogDatabase.name,\n owner: \"my_owner\",\n retention: 1,\n tableType: \"VIRTUAL_VIEW\",\n viewExpandedText: \"view_expanded_text_1\",\n viewOriginalText: \"view_original_text_1\",\n storageDescriptor: {\n bucketColumns: [\"bucket_column_1\"],\n compressed: false,\n inputFormat: \"SequenceFileInputFormat\",\n location: \"my_location\",\n numberOfBuckets: 1,\n outputFormat: \"SequenceFileInputFormat\",\n storedAsSubDirectories: false,\n parameters: {\n param1: \"param1_val\",\n },\n columns: [\n {\n name: \"my_column_1\",\n type: \"int\",\n comment: \"my_column1_comment\",\n },\n {\n name: \"my_column_2\",\n type: \"string\",\n comment: \"my_column2_comment\",\n },\n ],\n serDeInfo: {\n name: \"ser_de_name\",\n parameters: {\n param1: \"param_val_1\",\n },\n serializationLibrary: \"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n },\n sortColumns: [{\n column: \"my_column_1\",\n sortOrder: 1,\n }],\n skewedInfo: {\n skewedColumnNames: [\"my_column_1\"],\n skewedColumnValueLocationMaps: {\n my_column_1: \"my_column_1_val_loc_map\",\n },\n skewedColumnValues: [\"skewed_val_1\"],\n },\n },\n partitionKeys: [\n {\n name: \"my_column_1\",\n type: \"int\",\n comment: \"my_column_1_comment\",\n },\n {\n name: \"my_column_2\",\n type: \"string\",\n comment: \"my_column_2_comment\",\n },\n ],\n parameters: {\n param1: \"param1_val\",\n },\n});\nconst test = new aws.glue.MLTransform(\"test\", {\n name: \"example\",\n roleArn: testAwsIamRole.arn,\n inputRecordTables: [{\n databaseName: testCatalogTable.databaseName,\n tableName: testCatalogTable.name,\n }],\n parameters: {\n transformType: \"FIND_MATCHES\",\n findMatchesParameters: {\n primaryKeyColumnName: \"my_column_1\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_catalog_database = aws.glue.CatalogDatabase(\"test\", name=\"example\")\ntest_catalog_table = aws.glue.CatalogTable(\"test\",\n name=\"example\",\n database_name=test_catalog_database.name,\n owner=\"my_owner\",\n retention=1,\n table_type=\"VIRTUAL_VIEW\",\n view_expanded_text=\"view_expanded_text_1\",\n view_original_text=\"view_original_text_1\",\n storage_descriptor=aws.glue.CatalogTableStorageDescriptorArgs(\n bucket_columns=[\"bucket_column_1\"],\n compressed=False,\n input_format=\"SequenceFileInputFormat\",\n location=\"my_location\",\n number_of_buckets=1,\n output_format=\"SequenceFileInputFormat\",\n stored_as_sub_directories=False,\n parameters={\n \"param1\": \"param1_val\",\n },\n columns=[\n aws.glue.CatalogTableStorageDescriptorColumnArgs(\n name=\"my_column_1\",\n type=\"int\",\n comment=\"my_column1_comment\",\n ),\n aws.glue.CatalogTableStorageDescriptorColumnArgs(\n name=\"my_column_2\",\n type=\"string\",\n comment=\"my_column2_comment\",\n ),\n ],\n ser_de_info=aws.glue.CatalogTableStorageDescriptorSerDeInfoArgs(\n name=\"ser_de_name\",\n parameters={\n \"param1\": \"param_val_1\",\n },\n serialization_library=\"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n ),\n sort_columns=[aws.glue.CatalogTableStorageDescriptorSortColumnArgs(\n column=\"my_column_1\",\n sort_order=1,\n )],\n skewed_info=aws.glue.CatalogTableStorageDescriptorSkewedInfoArgs(\n skewed_column_names=[\"my_column_1\"],\n skewed_column_value_location_maps={\n \"my_column_1\": \"my_column_1_val_loc_map\",\n },\n skewed_column_values=[\"skewed_val_1\"],\n ),\n ),\n partition_keys=[\n aws.glue.CatalogTablePartitionKeyArgs(\n name=\"my_column_1\",\n type=\"int\",\n comment=\"my_column_1_comment\",\n ),\n aws.glue.CatalogTablePartitionKeyArgs(\n name=\"my_column_2\",\n type=\"string\",\n comment=\"my_column_2_comment\",\n ),\n ],\n parameters={\n \"param1\": \"param1_val\",\n })\ntest = aws.glue.MLTransform(\"test\",\n name=\"example\",\n role_arn=test_aws_iam_role[\"arn\"],\n input_record_tables=[aws.glue.MLTransformInputRecordTableArgs(\n database_name=test_catalog_table.database_name,\n table_name=test_catalog_table.name,\n )],\n parameters=aws.glue.MLTransformParametersArgs(\n transform_type=\"FIND_MATCHES\",\n find_matches_parameters=aws.glue.MLTransformParametersFindMatchesParametersArgs(\n primary_key_column_name=\"my_column_1\",\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCatalogDatabase = new Aws.Glue.CatalogDatabase(\"test\", new()\n {\n Name = \"example\",\n });\n\n var testCatalogTable = new Aws.Glue.CatalogTable(\"test\", new()\n {\n Name = \"example\",\n DatabaseName = testCatalogDatabase.Name,\n Owner = \"my_owner\",\n Retention = 1,\n TableType = \"VIRTUAL_VIEW\",\n ViewExpandedText = \"view_expanded_text_1\",\n ViewOriginalText = \"view_original_text_1\",\n StorageDescriptor = new Aws.Glue.Inputs.CatalogTableStorageDescriptorArgs\n {\n BucketColumns = new[]\n {\n \"bucket_column_1\",\n },\n Compressed = false,\n InputFormat = \"SequenceFileInputFormat\",\n Location = \"my_location\",\n NumberOfBuckets = 1,\n OutputFormat = \"SequenceFileInputFormat\",\n StoredAsSubDirectories = false,\n Parameters = \n {\n { \"param1\", \"param1_val\" },\n },\n Columns = new[]\n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_column_1\",\n Type = \"int\",\n Comment = \"my_column1_comment\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_column_2\",\n Type = \"string\",\n Comment = \"my_column2_comment\",\n },\n },\n SerDeInfo = new Aws.Glue.Inputs.CatalogTableStorageDescriptorSerDeInfoArgs\n {\n Name = \"ser_de_name\",\n Parameters = \n {\n { \"param1\", \"param_val_1\" },\n },\n SerializationLibrary = \"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n },\n SortColumns = new[]\n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorSortColumnArgs\n {\n Column = \"my_column_1\",\n SortOrder = 1,\n },\n },\n SkewedInfo = new Aws.Glue.Inputs.CatalogTableStorageDescriptorSkewedInfoArgs\n {\n SkewedColumnNames = new[]\n {\n \"my_column_1\",\n },\n SkewedColumnValueLocationMaps = \n {\n { \"my_column_1\", \"my_column_1_val_loc_map\" },\n },\n SkewedColumnValues = new[]\n {\n \"skewed_val_1\",\n },\n },\n },\n PartitionKeys = new[]\n {\n new Aws.Glue.Inputs.CatalogTablePartitionKeyArgs\n {\n Name = \"my_column_1\",\n Type = \"int\",\n Comment = \"my_column_1_comment\",\n },\n new Aws.Glue.Inputs.CatalogTablePartitionKeyArgs\n {\n Name = \"my_column_2\",\n Type = \"string\",\n Comment = \"my_column_2_comment\",\n },\n },\n Parameters = \n {\n { \"param1\", \"param1_val\" },\n },\n });\n\n var test = new Aws.Glue.MLTransform(\"test\", new()\n {\n Name = \"example\",\n RoleArn = testAwsIamRole.Arn,\n InputRecordTables = new[]\n {\n new Aws.Glue.Inputs.MLTransformInputRecordTableArgs\n {\n DatabaseName = testCatalogTable.DatabaseName,\n TableName = testCatalogTable.Name,\n },\n },\n Parameters = new Aws.Glue.Inputs.MLTransformParametersArgs\n {\n TransformType = \"FIND_MATCHES\",\n FindMatchesParameters = new Aws.Glue.Inputs.MLTransformParametersFindMatchesParametersArgs\n {\n PrimaryKeyColumnName = \"my_column_1\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCatalogDatabase, err := glue.NewCatalogDatabase(ctx, \"test\", \u0026glue.CatalogDatabaseArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestCatalogTable, err := glue.NewCatalogTable(ctx, \"test\", \u0026glue.CatalogTableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDatabaseName: testCatalogDatabase.Name,\n\t\t\tOwner: pulumi.String(\"my_owner\"),\n\t\t\tRetention: pulumi.Int(1),\n\t\t\tTableType: pulumi.String(\"VIRTUAL_VIEW\"),\n\t\t\tViewExpandedText: pulumi.String(\"view_expanded_text_1\"),\n\t\t\tViewOriginalText: pulumi.String(\"view_original_text_1\"),\n\t\t\tStorageDescriptor: \u0026glue.CatalogTableStorageDescriptorArgs{\n\t\t\t\tBucketColumns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"bucket_column_1\"),\n\t\t\t\t},\n\t\t\t\tCompressed: pulumi.Bool(false),\n\t\t\t\tInputFormat: pulumi.String(\"SequenceFileInputFormat\"),\n\t\t\t\tLocation: pulumi.String(\"my_location\"),\n\t\t\t\tNumberOfBuckets: pulumi.Int(1),\n\t\t\t\tOutputFormat: pulumi.String(\"SequenceFileInputFormat\"),\n\t\t\t\tStoredAsSubDirectories: pulumi.Bool(false),\n\t\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\t\"param1\": pulumi.String(\"param1_val\"),\n\t\t\t\t},\n\t\t\t\tColumns: glue.CatalogTableStorageDescriptorColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_column_1\"),\n\t\t\t\t\t\tType: pulumi.String(\"int\"),\n\t\t\t\t\t\tComment: pulumi.String(\"my_column1_comment\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_column_2\"),\n\t\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\t\tComment: pulumi.String(\"my_column2_comment\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSerDeInfo: \u0026glue.CatalogTableStorageDescriptorSerDeInfoArgs{\n\t\t\t\t\tName: pulumi.String(\"ser_de_name\"),\n\t\t\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"param1\": pulumi.String(\"param_val_1\"),\n\t\t\t\t\t},\n\t\t\t\t\tSerializationLibrary: pulumi.String(\"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\"),\n\t\t\t\t},\n\t\t\t\tSortColumns: glue.CatalogTableStorageDescriptorSortColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorSortColumnArgs{\n\t\t\t\t\t\tColumn: pulumi.String(\"my_column_1\"),\n\t\t\t\t\t\tSortOrder: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSkewedInfo: \u0026glue.CatalogTableStorageDescriptorSkewedInfoArgs{\n\t\t\t\t\tSkewedColumnNames: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"my_column_1\"),\n\t\t\t\t\t},\n\t\t\t\t\tSkewedColumnValueLocationMaps: pulumi.StringMap{\n\t\t\t\t\t\t\"my_column_1\": pulumi.String(\"my_column_1_val_loc_map\"),\n\t\t\t\t\t},\n\t\t\t\t\tSkewedColumnValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"skewed_val_1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPartitionKeys: glue.CatalogTablePartitionKeyArray{\n\t\t\t\t\u0026glue.CatalogTablePartitionKeyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_column_1\"),\n\t\t\t\t\tType: pulumi.String(\"int\"),\n\t\t\t\t\tComment: pulumi.String(\"my_column_1_comment\"),\n\t\t\t\t},\n\t\t\t\t\u0026glue.CatalogTablePartitionKeyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_column_2\"),\n\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\tComment: pulumi.String(\"my_column_2_comment\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"param1\": pulumi.String(\"param1_val\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewMLTransform(ctx, \"test\", \u0026glue.MLTransformArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(testAwsIamRole.Arn),\n\t\t\tInputRecordTables: glue.MLTransformInputRecordTableArray{\n\t\t\t\t\u0026glue.MLTransformInputRecordTableArgs{\n\t\t\t\t\tDatabaseName: testCatalogTable.DatabaseName,\n\t\t\t\t\tTableName: testCatalogTable.Name,\n\t\t\t\t},\n\t\t\t},\n\t\t\tParameters: \u0026glue.MLTransformParametersArgs{\n\t\t\t\tTransformType: pulumi.String(\"FIND_MATCHES\"),\n\t\t\t\tFindMatchesParameters: \u0026glue.MLTransformParametersFindMatchesParametersArgs{\n\t\t\t\t\tPrimaryKeyColumnName: pulumi.String(\"my_column_1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.CatalogDatabase;\nimport com.pulumi.aws.glue.CatalogDatabaseArgs;\nimport com.pulumi.aws.glue.CatalogTable;\nimport com.pulumi.aws.glue.CatalogTableArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorSerDeInfoArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorSkewedInfoArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTablePartitionKeyArgs;\nimport com.pulumi.aws.glue.MLTransform;\nimport com.pulumi.aws.glue.MLTransformArgs;\nimport com.pulumi.aws.glue.inputs.MLTransformInputRecordTableArgs;\nimport com.pulumi.aws.glue.inputs.MLTransformParametersArgs;\nimport com.pulumi.aws.glue.inputs.MLTransformParametersFindMatchesParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCatalogDatabase = new CatalogDatabase(\"testCatalogDatabase\", CatalogDatabaseArgs.builder() \n .name(\"example\")\n .build());\n\n var testCatalogTable = new CatalogTable(\"testCatalogTable\", CatalogTableArgs.builder() \n .name(\"example\")\n .databaseName(testCatalogDatabase.name())\n .owner(\"my_owner\")\n .retention(1)\n .tableType(\"VIRTUAL_VIEW\")\n .viewExpandedText(\"view_expanded_text_1\")\n .viewOriginalText(\"view_original_text_1\")\n .storageDescriptor(CatalogTableStorageDescriptorArgs.builder()\n .bucketColumns(\"bucket_column_1\")\n .compressed(false)\n .inputFormat(\"SequenceFileInputFormat\")\n .location(\"my_location\")\n .numberOfBuckets(1)\n .outputFormat(\"SequenceFileInputFormat\")\n .storedAsSubDirectories(false)\n .parameters(Map.of(\"param1\", \"param1_val\"))\n .columns( \n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_column_1\")\n .type(\"int\")\n .comment(\"my_column1_comment\")\n .build(),\n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_column_2\")\n .type(\"string\")\n .comment(\"my_column2_comment\")\n .build())\n .serDeInfo(CatalogTableStorageDescriptorSerDeInfoArgs.builder()\n .name(\"ser_de_name\")\n .parameters(Map.of(\"param1\", \"param_val_1\"))\n .serializationLibrary(\"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\")\n .build())\n .sortColumns(CatalogTableStorageDescriptorSortColumnArgs.builder()\n .column(\"my_column_1\")\n .sortOrder(1)\n .build())\n .skewedInfo(CatalogTableStorageDescriptorSkewedInfoArgs.builder()\n .skewedColumnNames(\"my_column_1\")\n .skewedColumnValueLocationMaps(Map.of(\"my_column_1\", \"my_column_1_val_loc_map\"))\n .skewedColumnValues(\"skewed_val_1\")\n .build())\n .build())\n .partitionKeys( \n CatalogTablePartitionKeyArgs.builder()\n .name(\"my_column_1\")\n .type(\"int\")\n .comment(\"my_column_1_comment\")\n .build(),\n CatalogTablePartitionKeyArgs.builder()\n .name(\"my_column_2\")\n .type(\"string\")\n .comment(\"my_column_2_comment\")\n .build())\n .parameters(Map.of(\"param1\", \"param1_val\"))\n .build());\n\n var test = new MLTransform(\"test\", MLTransformArgs.builder() \n .name(\"example\")\n .roleArn(testAwsIamRole.arn())\n .inputRecordTables(MLTransformInputRecordTableArgs.builder()\n .databaseName(testCatalogTable.databaseName())\n .tableName(testCatalogTable.name())\n .build())\n .parameters(MLTransformParametersArgs.builder()\n .transformType(\"FIND_MATCHES\")\n .findMatchesParameters(MLTransformParametersFindMatchesParametersArgs.builder()\n .primaryKeyColumnName(\"my_column_1\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:glue:MLTransform\n properties:\n name: example\n roleArn: ${testAwsIamRole.arn}\n inputRecordTables:\n - databaseName: ${testCatalogTable.databaseName}\n tableName: ${testCatalogTable.name}\n parameters:\n transformType: FIND_MATCHES\n findMatchesParameters:\n primaryKeyColumnName: my_column_1\n testCatalogDatabase:\n type: aws:glue:CatalogDatabase\n name: test\n properties:\n name: example\n testCatalogTable:\n type: aws:glue:CatalogTable\n name: test\n properties:\n name: example\n databaseName: ${testCatalogDatabase.name}\n owner: my_owner\n retention: 1\n tableType: VIRTUAL_VIEW\n viewExpandedText: view_expanded_text_1\n viewOriginalText: view_original_text_1\n storageDescriptor:\n bucketColumns:\n - bucket_column_1\n compressed: false\n inputFormat: SequenceFileInputFormat\n location: my_location\n numberOfBuckets: 1\n outputFormat: SequenceFileInputFormat\n storedAsSubDirectories: false\n parameters:\n param1: param1_val\n columns:\n - name: my_column_1\n type: int\n comment: my_column1_comment\n - name: my_column_2\n type: string\n comment: my_column2_comment\n serDeInfo:\n name: ser_de_name\n parameters:\n param1: param_val_1\n serializationLibrary: org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\n sortColumns:\n - column: my_column_1\n sortOrder: 1\n skewedInfo:\n skewedColumnNames:\n - my_column_1\n skewedColumnValueLocationMaps:\n my_column_1: my_column_1_val_loc_map\n skewedColumnValues:\n - skewed_val_1\n partitionKeys:\n - name: my_column_1\n type: int\n comment: my_column_1_comment\n - name: my_column_2\n type: string\n comment: my_column_2_comment\n parameters:\n param1: param1_val\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue ML Transforms using `id`. For example:\n\n```sh\n$ pulumi import aws:glue/mLTransform:MLTransform example tfm-c2cafbe83b1c575f49eaca9939220e2fcd58e2d5\n```\n", + "description": "Provides a Glue ML Transform resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCatalogDatabase = new aws.glue.CatalogDatabase(\"test\", {name: \"example\"});\nconst testCatalogTable = new aws.glue.CatalogTable(\"test\", {\n name: \"example\",\n databaseName: testCatalogDatabase.name,\n owner: \"my_owner\",\n retention: 1,\n tableType: \"VIRTUAL_VIEW\",\n viewExpandedText: \"view_expanded_text_1\",\n viewOriginalText: \"view_original_text_1\",\n storageDescriptor: {\n bucketColumns: [\"bucket_column_1\"],\n compressed: false,\n inputFormat: \"SequenceFileInputFormat\",\n location: \"my_location\",\n numberOfBuckets: 1,\n outputFormat: \"SequenceFileInputFormat\",\n storedAsSubDirectories: false,\n parameters: {\n param1: \"param1_val\",\n },\n columns: [\n {\n name: \"my_column_1\",\n type: \"int\",\n comment: \"my_column1_comment\",\n },\n {\n name: \"my_column_2\",\n type: \"string\",\n comment: \"my_column2_comment\",\n },\n ],\n serDeInfo: {\n name: \"ser_de_name\",\n parameters: {\n param1: \"param_val_1\",\n },\n serializationLibrary: \"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n },\n sortColumns: [{\n column: \"my_column_1\",\n sortOrder: 1,\n }],\n skewedInfo: {\n skewedColumnNames: [\"my_column_1\"],\n skewedColumnValueLocationMaps: {\n my_column_1: \"my_column_1_val_loc_map\",\n },\n skewedColumnValues: [\"skewed_val_1\"],\n },\n },\n partitionKeys: [\n {\n name: \"my_column_1\",\n type: \"int\",\n comment: \"my_column_1_comment\",\n },\n {\n name: \"my_column_2\",\n type: \"string\",\n comment: \"my_column_2_comment\",\n },\n ],\n parameters: {\n param1: \"param1_val\",\n },\n});\nconst test = new aws.glue.MLTransform(\"test\", {\n name: \"example\",\n roleArn: testAwsIamRole.arn,\n inputRecordTables: [{\n databaseName: testCatalogTable.databaseName,\n tableName: testCatalogTable.name,\n }],\n parameters: {\n transformType: \"FIND_MATCHES\",\n findMatchesParameters: {\n primaryKeyColumnName: \"my_column_1\",\n },\n },\n}, {\n dependsOn: [testAwsIamRolePolicyAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_catalog_database = aws.glue.CatalogDatabase(\"test\", name=\"example\")\ntest_catalog_table = aws.glue.CatalogTable(\"test\",\n name=\"example\",\n database_name=test_catalog_database.name,\n owner=\"my_owner\",\n retention=1,\n table_type=\"VIRTUAL_VIEW\",\n view_expanded_text=\"view_expanded_text_1\",\n view_original_text=\"view_original_text_1\",\n storage_descriptor=aws.glue.CatalogTableStorageDescriptorArgs(\n bucket_columns=[\"bucket_column_1\"],\n compressed=False,\n input_format=\"SequenceFileInputFormat\",\n location=\"my_location\",\n number_of_buckets=1,\n output_format=\"SequenceFileInputFormat\",\n stored_as_sub_directories=False,\n parameters={\n \"param1\": \"param1_val\",\n },\n columns=[\n aws.glue.CatalogTableStorageDescriptorColumnArgs(\n name=\"my_column_1\",\n type=\"int\",\n comment=\"my_column1_comment\",\n ),\n aws.glue.CatalogTableStorageDescriptorColumnArgs(\n name=\"my_column_2\",\n type=\"string\",\n comment=\"my_column2_comment\",\n ),\n ],\n ser_de_info=aws.glue.CatalogTableStorageDescriptorSerDeInfoArgs(\n name=\"ser_de_name\",\n parameters={\n \"param1\": \"param_val_1\",\n },\n serialization_library=\"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n ),\n sort_columns=[aws.glue.CatalogTableStorageDescriptorSortColumnArgs(\n column=\"my_column_1\",\n sort_order=1,\n )],\n skewed_info=aws.glue.CatalogTableStorageDescriptorSkewedInfoArgs(\n skewed_column_names=[\"my_column_1\"],\n skewed_column_value_location_maps={\n \"my_column_1\": \"my_column_1_val_loc_map\",\n },\n skewed_column_values=[\"skewed_val_1\"],\n ),\n ),\n partition_keys=[\n aws.glue.CatalogTablePartitionKeyArgs(\n name=\"my_column_1\",\n type=\"int\",\n comment=\"my_column_1_comment\",\n ),\n aws.glue.CatalogTablePartitionKeyArgs(\n name=\"my_column_2\",\n type=\"string\",\n comment=\"my_column_2_comment\",\n ),\n ],\n parameters={\n \"param1\": \"param1_val\",\n })\ntest = aws.glue.MLTransform(\"test\",\n name=\"example\",\n role_arn=test_aws_iam_role[\"arn\"],\n input_record_tables=[aws.glue.MLTransformInputRecordTableArgs(\n database_name=test_catalog_table.database_name,\n table_name=test_catalog_table.name,\n )],\n parameters=aws.glue.MLTransformParametersArgs(\n transform_type=\"FIND_MATCHES\",\n find_matches_parameters=aws.glue.MLTransformParametersFindMatchesParametersArgs(\n primary_key_column_name=\"my_column_1\",\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[test_aws_iam_role_policy_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCatalogDatabase = new Aws.Glue.CatalogDatabase(\"test\", new()\n {\n Name = \"example\",\n });\n\n var testCatalogTable = new Aws.Glue.CatalogTable(\"test\", new()\n {\n Name = \"example\",\n DatabaseName = testCatalogDatabase.Name,\n Owner = \"my_owner\",\n Retention = 1,\n TableType = \"VIRTUAL_VIEW\",\n ViewExpandedText = \"view_expanded_text_1\",\n ViewOriginalText = \"view_original_text_1\",\n StorageDescriptor = new Aws.Glue.Inputs.CatalogTableStorageDescriptorArgs\n {\n BucketColumns = new[]\n {\n \"bucket_column_1\",\n },\n Compressed = false,\n InputFormat = \"SequenceFileInputFormat\",\n Location = \"my_location\",\n NumberOfBuckets = 1,\n OutputFormat = \"SequenceFileInputFormat\",\n StoredAsSubDirectories = false,\n Parameters = \n {\n { \"param1\", \"param1_val\" },\n },\n Columns = new[]\n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_column_1\",\n Type = \"int\",\n Comment = \"my_column1_comment\",\n },\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorColumnArgs\n {\n Name = \"my_column_2\",\n Type = \"string\",\n Comment = \"my_column2_comment\",\n },\n },\n SerDeInfo = new Aws.Glue.Inputs.CatalogTableStorageDescriptorSerDeInfoArgs\n {\n Name = \"ser_de_name\",\n Parameters = \n {\n { \"param1\", \"param_val_1\" },\n },\n SerializationLibrary = \"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\",\n },\n SortColumns = new[]\n {\n new Aws.Glue.Inputs.CatalogTableStorageDescriptorSortColumnArgs\n {\n Column = \"my_column_1\",\n SortOrder = 1,\n },\n },\n SkewedInfo = new Aws.Glue.Inputs.CatalogTableStorageDescriptorSkewedInfoArgs\n {\n SkewedColumnNames = new[]\n {\n \"my_column_1\",\n },\n SkewedColumnValueLocationMaps = \n {\n { \"my_column_1\", \"my_column_1_val_loc_map\" },\n },\n SkewedColumnValues = new[]\n {\n \"skewed_val_1\",\n },\n },\n },\n PartitionKeys = new[]\n {\n new Aws.Glue.Inputs.CatalogTablePartitionKeyArgs\n {\n Name = \"my_column_1\",\n Type = \"int\",\n Comment = \"my_column_1_comment\",\n },\n new Aws.Glue.Inputs.CatalogTablePartitionKeyArgs\n {\n Name = \"my_column_2\",\n Type = \"string\",\n Comment = \"my_column_2_comment\",\n },\n },\n Parameters = \n {\n { \"param1\", \"param1_val\" },\n },\n });\n\n var test = new Aws.Glue.MLTransform(\"test\", new()\n {\n Name = \"example\",\n RoleArn = testAwsIamRole.Arn,\n InputRecordTables = new[]\n {\n new Aws.Glue.Inputs.MLTransformInputRecordTableArgs\n {\n DatabaseName = testCatalogTable.DatabaseName,\n TableName = testCatalogTable.Name,\n },\n },\n Parameters = new Aws.Glue.Inputs.MLTransformParametersArgs\n {\n TransformType = \"FIND_MATCHES\",\n FindMatchesParameters = new Aws.Glue.Inputs.MLTransformParametersFindMatchesParametersArgs\n {\n PrimaryKeyColumnName = \"my_column_1\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testAwsIamRolePolicyAttachment, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/glue\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCatalogDatabase, err := glue.NewCatalogDatabase(ctx, \"test\", \u0026glue.CatalogDatabaseArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestCatalogTable, err := glue.NewCatalogTable(ctx, \"test\", \u0026glue.CatalogTableArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDatabaseName: testCatalogDatabase.Name,\n\t\t\tOwner: pulumi.String(\"my_owner\"),\n\t\t\tRetention: pulumi.Int(1),\n\t\t\tTableType: pulumi.String(\"VIRTUAL_VIEW\"),\n\t\t\tViewExpandedText: pulumi.String(\"view_expanded_text_1\"),\n\t\t\tViewOriginalText: pulumi.String(\"view_original_text_1\"),\n\t\t\tStorageDescriptor: \u0026glue.CatalogTableStorageDescriptorArgs{\n\t\t\t\tBucketColumns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"bucket_column_1\"),\n\t\t\t\t},\n\t\t\t\tCompressed: pulumi.Bool(false),\n\t\t\t\tInputFormat: pulumi.String(\"SequenceFileInputFormat\"),\n\t\t\t\tLocation: pulumi.String(\"my_location\"),\n\t\t\t\tNumberOfBuckets: pulumi.Int(1),\n\t\t\t\tOutputFormat: pulumi.String(\"SequenceFileInputFormat\"),\n\t\t\t\tStoredAsSubDirectories: pulumi.Bool(false),\n\t\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\t\"param1\": pulumi.String(\"param1_val\"),\n\t\t\t\t},\n\t\t\t\tColumns: glue.CatalogTableStorageDescriptorColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_column_1\"),\n\t\t\t\t\t\tType: pulumi.String(\"int\"),\n\t\t\t\t\t\tComment: pulumi.String(\"my_column1_comment\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorColumnArgs{\n\t\t\t\t\t\tName: pulumi.String(\"my_column_2\"),\n\t\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\t\tComment: pulumi.String(\"my_column2_comment\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSerDeInfo: \u0026glue.CatalogTableStorageDescriptorSerDeInfoArgs{\n\t\t\t\t\tName: pulumi.String(\"ser_de_name\"),\n\t\t\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"param1\": pulumi.String(\"param_val_1\"),\n\t\t\t\t\t},\n\t\t\t\t\tSerializationLibrary: pulumi.String(\"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\"),\n\t\t\t\t},\n\t\t\t\tSortColumns: glue.CatalogTableStorageDescriptorSortColumnArray{\n\t\t\t\t\t\u0026glue.CatalogTableStorageDescriptorSortColumnArgs{\n\t\t\t\t\t\tColumn: pulumi.String(\"my_column_1\"),\n\t\t\t\t\t\tSortOrder: pulumi.Int(1),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSkewedInfo: \u0026glue.CatalogTableStorageDescriptorSkewedInfoArgs{\n\t\t\t\t\tSkewedColumnNames: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"my_column_1\"),\n\t\t\t\t\t},\n\t\t\t\t\tSkewedColumnValueLocationMaps: pulumi.StringMap{\n\t\t\t\t\t\t\"my_column_1\": pulumi.String(\"my_column_1_val_loc_map\"),\n\t\t\t\t\t},\n\t\t\t\t\tSkewedColumnValues: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"skewed_val_1\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tPartitionKeys: glue.CatalogTablePartitionKeyArray{\n\t\t\t\t\u0026glue.CatalogTablePartitionKeyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_column_1\"),\n\t\t\t\t\tType: pulumi.String(\"int\"),\n\t\t\t\t\tComment: pulumi.String(\"my_column_1_comment\"),\n\t\t\t\t},\n\t\t\t\t\u0026glue.CatalogTablePartitionKeyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_column_2\"),\n\t\t\t\t\tType: pulumi.String(\"string\"),\n\t\t\t\t\tComment: pulumi.String(\"my_column_2_comment\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tParameters: pulumi.StringMap{\n\t\t\t\t\"param1\": pulumi.String(\"param1_val\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = glue.NewMLTransform(ctx, \"test\", \u0026glue.MLTransformArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(testAwsIamRole.Arn),\n\t\t\tInputRecordTables: glue.MLTransformInputRecordTableArray{\n\t\t\t\t\u0026glue.MLTransformInputRecordTableArgs{\n\t\t\t\t\tDatabaseName: testCatalogTable.DatabaseName,\n\t\t\t\t\tTableName: testCatalogTable.Name,\n\t\t\t\t},\n\t\t\t},\n\t\t\tParameters: \u0026glue.MLTransformParametersArgs{\n\t\t\t\tTransformType: pulumi.String(\"FIND_MATCHES\"),\n\t\t\t\tFindMatchesParameters: \u0026glue.MLTransformParametersFindMatchesParametersArgs{\n\t\t\t\t\tPrimaryKeyColumnName: pulumi.String(\"my_column_1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestAwsIamRolePolicyAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.glue.CatalogDatabase;\nimport com.pulumi.aws.glue.CatalogDatabaseArgs;\nimport com.pulumi.aws.glue.CatalogTable;\nimport com.pulumi.aws.glue.CatalogTableArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorSerDeInfoArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTableStorageDescriptorSkewedInfoArgs;\nimport com.pulumi.aws.glue.inputs.CatalogTablePartitionKeyArgs;\nimport com.pulumi.aws.glue.MLTransform;\nimport com.pulumi.aws.glue.MLTransformArgs;\nimport com.pulumi.aws.glue.inputs.MLTransformInputRecordTableArgs;\nimport com.pulumi.aws.glue.inputs.MLTransformParametersArgs;\nimport com.pulumi.aws.glue.inputs.MLTransformParametersFindMatchesParametersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCatalogDatabase = new CatalogDatabase(\"testCatalogDatabase\", CatalogDatabaseArgs.builder() \n .name(\"example\")\n .build());\n\n var testCatalogTable = new CatalogTable(\"testCatalogTable\", CatalogTableArgs.builder() \n .name(\"example\")\n .databaseName(testCatalogDatabase.name())\n .owner(\"my_owner\")\n .retention(1)\n .tableType(\"VIRTUAL_VIEW\")\n .viewExpandedText(\"view_expanded_text_1\")\n .viewOriginalText(\"view_original_text_1\")\n .storageDescriptor(CatalogTableStorageDescriptorArgs.builder()\n .bucketColumns(\"bucket_column_1\")\n .compressed(false)\n .inputFormat(\"SequenceFileInputFormat\")\n .location(\"my_location\")\n .numberOfBuckets(1)\n .outputFormat(\"SequenceFileInputFormat\")\n .storedAsSubDirectories(false)\n .parameters(Map.of(\"param1\", \"param1_val\"))\n .columns( \n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_column_1\")\n .type(\"int\")\n .comment(\"my_column1_comment\")\n .build(),\n CatalogTableStorageDescriptorColumnArgs.builder()\n .name(\"my_column_2\")\n .type(\"string\")\n .comment(\"my_column2_comment\")\n .build())\n .serDeInfo(CatalogTableStorageDescriptorSerDeInfoArgs.builder()\n .name(\"ser_de_name\")\n .parameters(Map.of(\"param1\", \"param_val_1\"))\n .serializationLibrary(\"org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\")\n .build())\n .sortColumns(CatalogTableStorageDescriptorSortColumnArgs.builder()\n .column(\"my_column_1\")\n .sortOrder(1)\n .build())\n .skewedInfo(CatalogTableStorageDescriptorSkewedInfoArgs.builder()\n .skewedColumnNames(\"my_column_1\")\n .skewedColumnValueLocationMaps(Map.of(\"my_column_1\", \"my_column_1_val_loc_map\"))\n .skewedColumnValues(\"skewed_val_1\")\n .build())\n .build())\n .partitionKeys( \n CatalogTablePartitionKeyArgs.builder()\n .name(\"my_column_1\")\n .type(\"int\")\n .comment(\"my_column_1_comment\")\n .build(),\n CatalogTablePartitionKeyArgs.builder()\n .name(\"my_column_2\")\n .type(\"string\")\n .comment(\"my_column_2_comment\")\n .build())\n .parameters(Map.of(\"param1\", \"param1_val\"))\n .build());\n\n var test = new MLTransform(\"test\", MLTransformArgs.builder() \n .name(\"example\")\n .roleArn(testAwsIamRole.arn())\n .inputRecordTables(MLTransformInputRecordTableArgs.builder()\n .databaseName(testCatalogTable.databaseName())\n .tableName(testCatalogTable.name())\n .build())\n .parameters(MLTransformParametersArgs.builder()\n .transformType(\"FIND_MATCHES\")\n .findMatchesParameters(MLTransformParametersFindMatchesParametersArgs.builder()\n .primaryKeyColumnName(\"my_column_1\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(testAwsIamRolePolicyAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:glue:MLTransform\n properties:\n name: example\n roleArn: ${testAwsIamRole.arn}\n inputRecordTables:\n - databaseName: ${testCatalogTable.databaseName}\n tableName: ${testCatalogTable.name}\n parameters:\n transformType: FIND_MATCHES\n findMatchesParameters:\n primaryKeyColumnName: my_column_1\n options:\n dependson:\n - ${testAwsIamRolePolicyAttachment}\n testCatalogDatabase:\n type: aws:glue:CatalogDatabase\n name: test\n properties:\n name: example\n testCatalogTable:\n type: aws:glue:CatalogTable\n name: test\n properties:\n name: example\n databaseName: ${testCatalogDatabase.name}\n owner: my_owner\n retention: 1\n tableType: VIRTUAL_VIEW\n viewExpandedText: view_expanded_text_1\n viewOriginalText: view_original_text_1\n storageDescriptor:\n bucketColumns:\n - bucket_column_1\n compressed: false\n inputFormat: SequenceFileInputFormat\n location: my_location\n numberOfBuckets: 1\n outputFormat: SequenceFileInputFormat\n storedAsSubDirectories: false\n parameters:\n param1: param1_val\n columns:\n - name: my_column_1\n type: int\n comment: my_column1_comment\n - name: my_column_2\n type: string\n comment: my_column2_comment\n serDeInfo:\n name: ser_de_name\n parameters:\n param1: param_val_1\n serializationLibrary: org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe\n sortColumns:\n - column: my_column_1\n sortOrder: 1\n skewedInfo:\n skewedColumnNames:\n - my_column_1\n skewedColumnValueLocationMaps:\n my_column_1: my_column_1_val_loc_map\n skewedColumnValues:\n - skewed_val_1\n partitionKeys:\n - name: my_column_1\n type: int\n comment: my_column_1_comment\n - name: my_column_2\n type: string\n comment: my_column_2_comment\n parameters:\n param1: param1_val\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Glue ML Transforms using `id`. For example:\n\n```sh\n$ pulumi import aws:glue/mLTransform:MLTransform example tfm-c2cafbe83b1c575f49eaca9939220e2fcd58e2d5\n```\n", "properties": { "arn": { "type": "string", @@ -251939,7 +251939,7 @@ } }, "aws:grafana/licenseAssociation:LicenseAssociation": { - "description": "Provides an Amazon Managed Grafana workspace license association resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleWorkspace = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\nconst example = new aws.grafana.LicenseAssociation(\"example\", {\n licenseType: \"ENTERPRISE_FREE_TRIAL\",\n workspaceId: exampleWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample_workspace = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\nexample = aws.grafana.LicenseAssociation(\"example\",\n license_type=\"ENTERPRISE_FREE_TRIAL\",\n workspace_id=example_workspace.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleWorkspace = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n var example = new Aws.Grafana.LicenseAssociation(\"example\", new()\n {\n LicenseType = \"ENTERPRISE_FREE_TRIAL\",\n WorkspaceId = exampleWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewLicenseAssociation(ctx, \"example\", \u0026grafana.LicenseAssociationArgs{\n\t\t\tLicenseType: pulumi.String(\"ENTERPRISE_FREE_TRIAL\"),\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport com.pulumi.aws.grafana.LicenseAssociation;\nimport com.pulumi.aws.grafana.LicenseAssociationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder() \n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder() \n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n var example = new LicenseAssociation(\"example\", LicenseAssociationArgs.builder() \n .licenseType(\"ENTERPRISE_FREE_TRIAL\")\n .workspaceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:LicenseAssociation\n properties:\n licenseType: ENTERPRISE_FREE_TRIAL\n workspaceId: ${exampleWorkspace.id}\n exampleWorkspace:\n type: aws:grafana:Workspace\n name: example\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Grafana workspace license association using the workspace's `id`. For example:\n\n```sh\n$ pulumi import aws:grafana/licenseAssociation:LicenseAssociation example g-2054c75a02\n```\n", + "description": "Provides an Amazon Managed Grafana workspace license association resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleWorkspace = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\nconst example = new aws.grafana.LicenseAssociation(\"example\", {\n licenseType: \"ENTERPRISE_FREE_TRIAL\",\n workspaceId: exampleWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample_workspace = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\nexample = aws.grafana.LicenseAssociation(\"example\",\n license_type=\"ENTERPRISE_FREE_TRIAL\",\n workspace_id=example_workspace.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleWorkspace = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n var example = new Aws.Grafana.LicenseAssociation(\"example\", new()\n {\n LicenseType = \"ENTERPRISE_FREE_TRIAL\",\n WorkspaceId = exampleWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewLicenseAssociation(ctx, \"example\", \u0026grafana.LicenseAssociationArgs{\n\t\t\tLicenseType: pulumi.String(\"ENTERPRISE_FREE_TRIAL\"),\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport com.pulumi.aws.grafana.LicenseAssociation;\nimport com.pulumi.aws.grafana.LicenseAssociationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder() \n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder() \n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n var example = new LicenseAssociation(\"example\", LicenseAssociationArgs.builder() \n .licenseType(\"ENTERPRISE_FREE_TRIAL\")\n .workspaceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:LicenseAssociation\n properties:\n licenseType: ENTERPRISE_FREE_TRIAL\n workspaceId: ${exampleWorkspace.id}\n exampleWorkspace:\n type: aws:grafana:Workspace\n name: example\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Grafana workspace license association using the workspace's `id`. For example:\n\n```sh\n$ pulumi import aws:grafana/licenseAssociation:LicenseAssociation example g-2054c75a02\n```\n", "properties": { "freeTrialExpiration": { "type": "string", @@ -252006,7 +252006,7 @@ } }, "aws:grafana/roleAssociation:RoleAssociation": { - "description": "Provides an Amazon Managed Grafana workspace role association resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleWorkspace = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\nconst example = new aws.grafana.RoleAssociation(\"example\", {\n role: \"ADMIN\",\n userIds: [\n \"USER_ID_1\",\n \"USER_ID_2\",\n ],\n workspaceId: exampleWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample_workspace = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\nexample = aws.grafana.RoleAssociation(\"example\",\n role=\"ADMIN\",\n user_ids=[\n \"USER_ID_1\",\n \"USER_ID_2\",\n ],\n workspace_id=example_workspace.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleWorkspace = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n var example = new Aws.Grafana.RoleAssociation(\"example\", new()\n {\n Role = \"ADMIN\",\n UserIds = new[]\n {\n \"USER_ID_1\",\n \"USER_ID_2\",\n },\n WorkspaceId = exampleWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewRoleAssociation(ctx, \"example\", \u0026grafana.RoleAssociationArgs{\n\t\t\tRole: pulumi.String(\"ADMIN\"),\n\t\t\tUserIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"USER_ID_1\"),\n\t\t\t\tpulumi.String(\"USER_ID_2\"),\n\t\t\t},\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport com.pulumi.aws.grafana.RoleAssociation;\nimport com.pulumi.aws.grafana.RoleAssociationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder() \n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder() \n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n var example = new RoleAssociation(\"example\", RoleAssociationArgs.builder() \n .role(\"ADMIN\")\n .userIds( \n \"USER_ID_1\",\n \"USER_ID_2\")\n .workspaceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:RoleAssociation\n properties:\n role: ADMIN\n userIds:\n - USER_ID_1\n - USER_ID_2\n workspaceId: ${exampleWorkspace.id}\n exampleWorkspace:\n type: aws:grafana:Workspace\n name: example\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Provides an Amazon Managed Grafana workspace role association resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleWorkspace = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\nconst example = new aws.grafana.RoleAssociation(\"example\", {\n role: \"ADMIN\",\n userIds: [\n \"USER_ID_1\",\n \"USER_ID_2\",\n ],\n workspaceId: exampleWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample_workspace = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\nexample = aws.grafana.RoleAssociation(\"example\",\n role=\"ADMIN\",\n user_ids=[\n \"USER_ID_1\",\n \"USER_ID_2\",\n ],\n workspace_id=example_workspace.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleWorkspace = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n var example = new Aws.Grafana.RoleAssociation(\"example\", new()\n {\n Role = \"ADMIN\",\n UserIds = new[]\n {\n \"USER_ID_1\",\n \"USER_ID_2\",\n },\n WorkspaceId = exampleWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewRoleAssociation(ctx, \"example\", \u0026grafana.RoleAssociationArgs{\n\t\t\tRole: pulumi.String(\"ADMIN\"),\n\t\t\tUserIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"USER_ID_1\"),\n\t\t\t\tpulumi.String(\"USER_ID_2\"),\n\t\t\t},\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport com.pulumi.aws.grafana.RoleAssociation;\nimport com.pulumi.aws.grafana.RoleAssociationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder() \n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder() \n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n var example = new RoleAssociation(\"example\", RoleAssociationArgs.builder() \n .role(\"ADMIN\")\n .userIds( \n \"USER_ID_1\",\n \"USER_ID_2\")\n .workspaceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:RoleAssociation\n properties:\n role: ADMIN\n userIds:\n - USER_ID_1\n - USER_ID_2\n workspaceId: ${exampleWorkspace.id}\n exampleWorkspace:\n type: aws:grafana:Workspace\n name: example\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "groupIds": { "type": "array", @@ -252095,7 +252095,7 @@ } }, "aws:grafana/workspace:Workspace": { - "description": "Provides an Amazon Managed Grafana workspace resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst example = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var example = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder() \n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var example = new Workspace(\"example\", WorkspaceArgs.builder() \n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:Workspace\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Grafana Workspace using the workspace's `id`. For example:\n\n```sh\n$ pulumi import aws:grafana/workspace:Workspace example g-2054c75a02\n```\n", + "description": "Provides an Amazon Managed Grafana workspace resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst example = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var example = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder() \n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var example = new Workspace(\"example\", WorkspaceArgs.builder() \n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:Workspace\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Grafana Workspace using the workspace's `id`. For example:\n\n```sh\n$ pulumi import aws:grafana/workspace:Workspace example g-2054c75a02\n```\n", "properties": { "accountAccessType": { "type": "string", @@ -252492,7 +252492,7 @@ } }, "aws:grafana/workspaceSamlConfiguration:WorkspaceSamlConfiguration": { - "description": "Provides an Amazon Managed Grafana workspace SAML configuration resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleWorkspace = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\nconst example = new aws.grafana.WorkspaceSamlConfiguration(\"example\", {\n editorRoleValues: [\"editor\"],\n idpMetadataUrl: \"https://my_idp_metadata.url\",\n workspaceId: exampleWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample_workspace = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\nexample = aws.grafana.WorkspaceSamlConfiguration(\"example\",\n editor_role_values=[\"editor\"],\n idp_metadata_url=\"https://my_idp_metadata.url\",\n workspace_id=example_workspace.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleWorkspace = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n var example = new Aws.Grafana.WorkspaceSamlConfiguration(\"example\", new()\n {\n EditorRoleValues = new[]\n {\n \"editor\",\n },\n IdpMetadataUrl = \"https://my_idp_metadata.url\",\n WorkspaceId = exampleWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewWorkspaceSamlConfiguration(ctx, \"example\", \u0026grafana.WorkspaceSamlConfigurationArgs{\n\t\t\tEditorRoleValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"editor\"),\n\t\t\t},\n\t\t\tIdpMetadataUrl: pulumi.String(\"https://my_idp_metadata.url\"),\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport com.pulumi.aws.grafana.WorkspaceSamlConfiguration;\nimport com.pulumi.aws.grafana.WorkspaceSamlConfigurationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder() \n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder() \n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n var example = new WorkspaceSamlConfiguration(\"example\", WorkspaceSamlConfigurationArgs.builder() \n .editorRoleValues(\"editor\")\n .idpMetadataUrl(\"https://my_idp_metadata.url\")\n .workspaceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:WorkspaceSamlConfiguration\n properties:\n editorRoleValues:\n - editor\n idpMetadataUrl: https://my_idp_metadata.url\n workspaceId: ${exampleWorkspace.id}\n exampleWorkspace:\n type: aws:grafana:Workspace\n name: example\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Grafana Workspace SAML configuration using the workspace's `id`. For example:\n\n```sh\n$ pulumi import aws:grafana/workspaceSamlConfiguration:WorkspaceSamlConfiguration example g-2054c75a02\n```\n", + "description": "Provides an Amazon Managed Grafana workspace SAML configuration resource.\n\n## Example Usage\n\n### Basic configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assume = new aws.iam.Role(\"assume\", {\n name: \"grafana-assume\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"grafana.amazonaws.com\",\n },\n }],\n }),\n});\nconst exampleWorkspace = new aws.grafana.Workspace(\"example\", {\n accountAccessType: \"CURRENT_ACCOUNT\",\n authenticationProviders: [\"SAML\"],\n permissionType: \"SERVICE_MANAGED\",\n roleArn: assume.arn,\n});\nconst example = new aws.grafana.WorkspaceSamlConfiguration(\"example\", {\n editorRoleValues: [\"editor\"],\n idpMetadataUrl: \"https://my_idp_metadata.url\",\n workspaceId: exampleWorkspace.id,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nassume = aws.iam.Role(\"assume\",\n name=\"grafana-assume\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"grafana.amazonaws.com\",\n },\n }],\n }))\nexample_workspace = aws.grafana.Workspace(\"example\",\n account_access_type=\"CURRENT_ACCOUNT\",\n authentication_providers=[\"SAML\"],\n permission_type=\"SERVICE_MANAGED\",\n role_arn=assume.arn)\nexample = aws.grafana.WorkspaceSamlConfiguration(\"example\",\n editor_role_values=[\"editor\"],\n idp_metadata_url=\"https://my_idp_metadata.url\",\n workspace_id=example_workspace.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assume = new Aws.Iam.Role(\"assume\", new()\n {\n Name = \"grafana-assume\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"grafana.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var exampleWorkspace = new Aws.Grafana.Workspace(\"example\", new()\n {\n AccountAccessType = \"CURRENT_ACCOUNT\",\n AuthenticationProviders = new[]\n {\n \"SAML\",\n },\n PermissionType = \"SERVICE_MANAGED\",\n RoleArn = assume.Arn,\n });\n\n var example = new Aws.Grafana.WorkspaceSamlConfiguration(\"example\", new()\n {\n EditorRoleValues = new[]\n {\n \"editor\",\n },\n IdpMetadataUrl = \"https://my_idp_metadata.url\",\n WorkspaceId = exampleWorkspace.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/grafana\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"grafana.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tassume, err := iam.NewRole(ctx, \"assume\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"grafana-assume\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := grafana.NewWorkspace(ctx, \"example\", \u0026grafana.WorkspaceArgs{\n\t\t\tAccountAccessType: pulumi.String(\"CURRENT_ACCOUNT\"),\n\t\t\tAuthenticationProviders: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"SAML\"),\n\t\t\t},\n\t\t\tPermissionType: pulumi.String(\"SERVICE_MANAGED\"),\n\t\t\tRoleArn: assume.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = grafana.NewWorkspaceSamlConfiguration(ctx, \"example\", \u0026grafana.WorkspaceSamlConfigurationArgs{\n\t\t\tEditorRoleValues: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"editor\"),\n\t\t\t},\n\t\t\tIdpMetadataUrl: pulumi.String(\"https://my_idp_metadata.url\"),\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.grafana.Workspace;\nimport com.pulumi.aws.grafana.WorkspaceArgs;\nimport com.pulumi.aws.grafana.WorkspaceSamlConfiguration;\nimport com.pulumi.aws.grafana.WorkspaceSamlConfigurationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var assume = new Role(\"assume\", RoleArgs.builder() \n .name(\"grafana-assume\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"grafana.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder() \n .accountAccessType(\"CURRENT_ACCOUNT\")\n .authenticationProviders(\"SAML\")\n .permissionType(\"SERVICE_MANAGED\")\n .roleArn(assume.arn())\n .build());\n\n var example = new WorkspaceSamlConfiguration(\"example\", WorkspaceSamlConfigurationArgs.builder() \n .editorRoleValues(\"editor\")\n .idpMetadataUrl(\"https://my_idp_metadata.url\")\n .workspaceId(exampleWorkspace.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:grafana:WorkspaceSamlConfiguration\n properties:\n editorRoleValues:\n - editor\n idpMetadataUrl: https://my_idp_metadata.url\n workspaceId: ${exampleWorkspace.id}\n exampleWorkspace:\n type: aws:grafana:Workspace\n name: example\n properties:\n accountAccessType: CURRENT_ACCOUNT\n authenticationProviders:\n - SAML\n permissionType: SERVICE_MANAGED\n roleArn: ${assume.arn}\n assume:\n type: aws:iam:Role\n properties:\n name: grafana-assume\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: grafana.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Grafana Workspace SAML configuration using the workspace's `id`. For example:\n\n```sh\n$ pulumi import aws:grafana/workspaceSamlConfiguration:WorkspaceSamlConfiguration example g-2054c75a02\n```\n", "properties": { "adminRoleValues": { "type": "array", @@ -253191,7 +253191,7 @@ } }, "aws:guardduty/inviteAccepter:InviteAccepter": { - "description": "Provides a resource to accept a pending GuardDuty invite on creation, ensure the detector has the correct primary account on read, and disassociate with the primary account upon removal.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.guardduty.Detector(\"primary\", {});\nconst memberDetector = new aws.guardduty.Detector(\"member\", {});\nconst member = new aws.guardduty.InviteAccepter(\"member\", {\n detectorId: memberDetector.id,\n masterAccountId: primary.accountId,\n});\nconst memberMember = new aws.guardduty.Member(\"member\", {\n accountId: memberDetector.accountId,\n detectorId: primary.id,\n email: \"required@example.com\",\n invite: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.guardduty.Detector(\"primary\")\nmember_detector = aws.guardduty.Detector(\"member\")\nmember = aws.guardduty.InviteAccepter(\"member\",\n detector_id=member_detector.id,\n master_account_id=primary.account_id)\nmember_member = aws.guardduty.Member(\"member\",\n account_id=member_detector.account_id,\n detector_id=primary.id,\n email=\"required@example.com\",\n invite=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.GuardDuty.Detector(\"primary\");\n\n var memberDetector = new Aws.GuardDuty.Detector(\"member\");\n\n var member = new Aws.GuardDuty.InviteAccepter(\"member\", new()\n {\n DetectorId = memberDetector.Id,\n MasterAccountId = primary.AccountId,\n });\n\n var memberMember = new Aws.GuardDuty.Member(\"member\", new()\n {\n AccountId = memberDetector.AccountId,\n DetectorId = primary.Id,\n Email = \"required@example.com\",\n Invite = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := guardduty.NewDetector(ctx, \"primary\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmemberDetector, err := guardduty.NewDetector(ctx, \"member\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewInviteAccepter(ctx, \"member\", \u0026guardduty.InviteAccepterArgs{\n\t\t\tDetectorId: memberDetector.ID(),\n\t\t\tMasterAccountId: primary.AccountId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewMember(ctx, \"member\", \u0026guardduty.MemberArgs{\n\t\t\tAccountId: memberDetector.AccountId,\n\t\t\tDetectorId: primary.ID(),\n\t\t\tEmail: pulumi.String(\"required@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.InviteAccepter;\nimport com.pulumi.aws.guardduty.InviteAccepterArgs;\nimport com.pulumi.aws.guardduty.Member;\nimport com.pulumi.aws.guardduty.MemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Detector(\"primary\");\n\n var memberDetector = new Detector(\"memberDetector\");\n\n var member = new InviteAccepter(\"member\", InviteAccepterArgs.builder() \n .detectorId(memberDetector.id())\n .masterAccountId(primary.accountId())\n .build());\n\n var memberMember = new Member(\"memberMember\", MemberArgs.builder() \n .accountId(memberDetector.accountId())\n .detectorId(primary.id())\n .email(\"required@example.com\")\n .invite(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: aws:guardduty:InviteAccepter\n properties:\n detectorId: ${memberDetector.id}\n masterAccountId: ${primary.accountId}\n memberMember:\n type: aws:guardduty:Member\n name: member\n properties:\n accountId: ${memberDetector.accountId}\n detectorId: ${primary.id}\n email: required@example.com\n invite: true\n primary:\n type: aws:guardduty:Detector\n memberDetector:\n type: aws:guardduty:Detector\n name: member\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_guardduty_invite_accepter` using the member GuardDuty detector ID. For example:\n\n```sh\n$ pulumi import aws:guardduty/inviteAccepter:InviteAccepter member 00b00fd5aecc0ab60a708659477e9617\n```\n", + "description": "Provides a resource to accept a pending GuardDuty invite on creation, ensure the detector has the correct primary account on read, and disassociate with the primary account upon removal.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.guardduty.Detector(\"primary\", {});\nconst memberDetector = new aws.guardduty.Detector(\"member\", {});\nconst memberMember = new aws.guardduty.Member(\"member\", {\n accountId: memberDetector.accountId,\n detectorId: primary.id,\n email: \"required@example.com\",\n invite: true,\n});\nconst member = new aws.guardduty.InviteAccepter(\"member\", {\n detectorId: memberDetector.id,\n masterAccountId: primary.accountId,\n}, {\n dependsOn: [memberMember],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.guardduty.Detector(\"primary\")\nmember_detector = aws.guardduty.Detector(\"member\")\nmember_member = aws.guardduty.Member(\"member\",\n account_id=member_detector.account_id,\n detector_id=primary.id,\n email=\"required@example.com\",\n invite=True)\nmember = aws.guardduty.InviteAccepter(\"member\",\n detector_id=member_detector.id,\n master_account_id=primary.account_id,\n opts=pulumi.ResourceOptions(depends_on=[member_member]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.GuardDuty.Detector(\"primary\");\n\n var memberDetector = new Aws.GuardDuty.Detector(\"member\");\n\n var memberMember = new Aws.GuardDuty.Member(\"member\", new()\n {\n AccountId = memberDetector.AccountId,\n DetectorId = primary.Id,\n Email = \"required@example.com\",\n Invite = true,\n });\n\n var member = new Aws.GuardDuty.InviteAccepter(\"member\", new()\n {\n DetectorId = memberDetector.Id,\n MasterAccountId = primary.AccountId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n memberMember, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := guardduty.NewDetector(ctx, \"primary\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmemberDetector, err := guardduty.NewDetector(ctx, \"member\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmemberMember, err := guardduty.NewMember(ctx, \"member\", \u0026guardduty.MemberArgs{\n\t\t\tAccountId: memberDetector.AccountId,\n\t\t\tDetectorId: primary.ID(),\n\t\t\tEmail: pulumi.String(\"required@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewInviteAccepter(ctx, \"member\", \u0026guardduty.InviteAccepterArgs{\n\t\t\tDetectorId: memberDetector.ID(),\n\t\t\tMasterAccountId: primary.AccountId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tmemberMember,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.Member;\nimport com.pulumi.aws.guardduty.MemberArgs;\nimport com.pulumi.aws.guardduty.InviteAccepter;\nimport com.pulumi.aws.guardduty.InviteAccepterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Detector(\"primary\");\n\n var memberDetector = new Detector(\"memberDetector\");\n\n var memberMember = new Member(\"memberMember\", MemberArgs.builder() \n .accountId(memberDetector.accountId())\n .detectorId(primary.id())\n .email(\"required@example.com\")\n .invite(true)\n .build());\n\n var member = new InviteAccepter(\"member\", InviteAccepterArgs.builder() \n .detectorId(memberDetector.id())\n .masterAccountId(primary.accountId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(memberMember)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: aws:guardduty:InviteAccepter\n properties:\n detectorId: ${memberDetector.id}\n masterAccountId: ${primary.accountId}\n options:\n dependson:\n - ${memberMember}\n memberMember:\n type: aws:guardduty:Member\n name: member\n properties:\n accountId: ${memberDetector.accountId}\n detectorId: ${primary.id}\n email: required@example.com\n invite: true\n primary:\n type: aws:guardduty:Detector\n memberDetector:\n type: aws:guardduty:Detector\n name: member\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_guardduty_invite_accepter` using the member GuardDuty detector ID. For example:\n\n```sh\n$ pulumi import aws:guardduty/inviteAccepter:InviteAccepter member 00b00fd5aecc0ab60a708659477e9617\n```\n", "properties": { "detectorId": { "type": "string", @@ -253354,7 +253354,7 @@ } }, "aws:guardduty/organizationAdminAccount:OrganizationAdminAccount": { - "description": "Manages a GuardDuty Organization Admin Account. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in GuardDuty can be found in the [GuardDuty User Guide](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"guardduty.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleDetector = new aws.guardduty.Detector(\"example\", {});\nconst exampleOrganizationAdminAccount = new aws.guardduty.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"guardduty.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_detector = aws.guardduty.Detector(\"example\")\nexample_organization_admin_account = aws.guardduty.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleDetector = new Aws.GuardDuty.Detector(\"example\");\n\n var exampleOrganizationAdminAccount = new Aws.GuardDuty.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"guardduty.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewDetector(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewOrganizationAdminAccount(ctx, \"example\", \u0026guardduty.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.OrganizationAdminAccount;\nimport com.pulumi.aws.guardduty.OrganizationAdminAccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"guardduty.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleDetector = new Detector(\"exampleDetector\");\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder() \n .adminAccountId(\"123456789012\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - guardduty.amazonaws.com\n featureSet: ALL\n exampleDetector:\n type: aws:guardduty:Detector\n name: example\n exampleOrganizationAdminAccount:\n type: aws:guardduty:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: '123456789012'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GuardDuty Organization Admin Account using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:guardduty/organizationAdminAccount:OrganizationAdminAccount example 123456789012\n```\n", + "description": "Manages a GuardDuty Organization Admin Account. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in GuardDuty can be found in the [GuardDuty User Guide](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"guardduty.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleDetector = new aws.guardduty.Detector(\"example\", {});\nconst exampleOrganizationAdminAccount = new aws.guardduty.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"guardduty.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_detector = aws.guardduty.Detector(\"example\")\nexample_organization_admin_account = aws.guardduty.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleDetector = new Aws.GuardDuty.Detector(\"example\");\n\n var exampleOrganizationAdminAccount = new Aws.GuardDuty.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"guardduty.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewDetector(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewOrganizationAdminAccount(ctx, \"example\", \u0026guardduty.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.OrganizationAdminAccount;\nimport com.pulumi.aws.guardduty.OrganizationAdminAccountArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"guardduty.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleDetector = new Detector(\"exampleDetector\");\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder() \n .adminAccountId(\"123456789012\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - guardduty.amazonaws.com\n featureSet: ALL\n exampleDetector:\n type: aws:guardduty:Detector\n name: example\n exampleOrganizationAdminAccount:\n type: aws:guardduty:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: '123456789012'\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import GuardDuty Organization Admin Account using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:guardduty/organizationAdminAccount:OrganizationAdminAccount example 123456789012\n```\n", "properties": { "adminAccountId": { "type": "string", @@ -253547,7 +253547,7 @@ } }, "aws:guardduty/publishingDestination:PublishingDestination": { - "description": "Provides a resource to manage a GuardDuty PublishingDestination. Requires an existing GuardDuty Detector.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetRegion = aws.getRegion({});\nconst gdBucket = new aws.s3.BucketV2(\"gd_bucket\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst bucketPol = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n sid: \"Allow PutObject\",\n actions: [\"s3:PutObject\"],\n resources: [pulumi.interpolate`${gdBucket.arn}/*`],\n principals: [{\n type: \"Service\",\n identifiers: [\"guardduty.amazonaws.com\"],\n }],\n },\n {\n sid: \"Allow GetBucketLocation\",\n actions: [\"s3:GetBucketLocation\"],\n resources: [gdBucket.arn],\n principals: [{\n type: \"Service\",\n identifiers: [\"guardduty.amazonaws.com\"],\n }],\n },\n ],\n});\nconst kmsPol = Promise.all([currentGetRegion, current, currentGetRegion, current, current]).then(([currentGetRegion, current, currentGetRegion1, current1, current2]) =\u003e aws.iam.getPolicyDocument({\n statements: [\n {\n sid: \"Allow GuardDuty to encrypt findings\",\n actions: [\"kms:GenerateDataKey\"],\n resources: [`arn:aws:kms:${currentGetRegion.name}:${current.accountId}:key/*`],\n principals: [{\n type: \"Service\",\n identifiers: [\"guardduty.amazonaws.com\"],\n }],\n },\n {\n sid: \"Allow all users to modify/delete key (test only)\",\n actions: [\"kms:*\"],\n resources: [`arn:aws:kms:${currentGetRegion1.name}:${current1.accountId}:key/*`],\n principals: [{\n type: \"AWS\",\n identifiers: [`arn:aws:iam::${current2.accountId}:root`],\n }],\n },\n ],\n}));\nconst testGd = new aws.guardduty.Detector(\"test_gd\", {enable: true});\nconst gdBucketAcl = new aws.s3.BucketAclV2(\"gd_bucket_acl\", {\n bucket: gdBucket.id,\n acl: \"private\",\n});\nconst gdBucketPolicy = new aws.s3.BucketPolicy(\"gd_bucket_policy\", {\n bucket: gdBucket.id,\n policy: bucketPol.apply(bucketPol =\u003e bucketPol.json),\n});\nconst gdKey = new aws.kms.Key(\"gd_key\", {\n description: \"Temporary key for AccTest of TF\",\n deletionWindowInDays: 7,\n policy: kmsPol.then(kmsPol =\u003e kmsPol.json),\n});\nconst test = new aws.guardduty.PublishingDestination(\"test\", {\n detectorId: testGd.id,\n destinationArn: gdBucket.arn,\n kmsKeyArn: gdKey.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_region = aws.get_region()\ngd_bucket = aws.s3.BucketV2(\"gd_bucket\",\n bucket=\"example\",\n force_destroy=True)\nbucket_pol = aws.iam.get_policy_document_output(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"Allow PutObject\",\n actions=[\"s3:PutObject\"],\n resources=[gd_bucket.arn.apply(lambda arn: f\"{arn}/*\")],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"guardduty.amazonaws.com\"],\n )],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"Allow GetBucketLocation\",\n actions=[\"s3:GetBucketLocation\"],\n resources=[gd_bucket.arn],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"guardduty.amazonaws.com\"],\n )],\n ),\n])\nkms_pol = aws.iam.get_policy_document(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"Allow GuardDuty to encrypt findings\",\n actions=[\"kms:GenerateDataKey\"],\n resources=[f\"arn:aws:kms:{current_get_region.name}:{current.account_id}:key/*\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"guardduty.amazonaws.com\"],\n )],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"Allow all users to modify/delete key (test only)\",\n actions=[\"kms:*\"],\n resources=[f\"arn:aws:kms:{current_get_region.name}:{current.account_id}:key/*\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"AWS\",\n identifiers=[f\"arn:aws:iam::{current.account_id}:root\"],\n )],\n ),\n])\ntest_gd = aws.guardduty.Detector(\"test_gd\", enable=True)\ngd_bucket_acl = aws.s3.BucketAclV2(\"gd_bucket_acl\",\n bucket=gd_bucket.id,\n acl=\"private\")\ngd_bucket_policy = aws.s3.BucketPolicy(\"gd_bucket_policy\",\n bucket=gd_bucket.id,\n policy=bucket_pol.json)\ngd_key = aws.kms.Key(\"gd_key\",\n description=\"Temporary key for AccTest of TF\",\n deletion_window_in_days=7,\n policy=kms_pol.json)\ntest = aws.guardduty.PublishingDestination(\"test\",\n detector_id=test_gd.id,\n destination_arn=gd_bucket.arn,\n kms_key_arn=gd_key.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var gdBucket = new Aws.S3.BucketV2(\"gd_bucket\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var bucketPol = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow PutObject\",\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n $\"{gdBucket.Arn}/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow GetBucketLocation\",\n Actions = new[]\n {\n \"s3:GetBucketLocation\",\n },\n Resources = new[]\n {\n gdBucket.Arn,\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var kmsPol = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow GuardDuty to encrypt findings\",\n Actions = new[]\n {\n \"kms:GenerateDataKey\",\n },\n Resources = new[]\n {\n $\"arn:aws:kms:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:key/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow all users to modify/delete key (test only)\",\n Actions = new[]\n {\n \"kms:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:kms:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:key/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n },\n },\n },\n },\n });\n\n var testGd = new Aws.GuardDuty.Detector(\"test_gd\", new()\n {\n Enable = true,\n });\n\n var gdBucketAcl = new Aws.S3.BucketAclV2(\"gd_bucket_acl\", new()\n {\n Bucket = gdBucket.Id,\n Acl = \"private\",\n });\n\n var gdBucketPolicy = new Aws.S3.BucketPolicy(\"gd_bucket_policy\", new()\n {\n Bucket = gdBucket.Id,\n Policy = bucketPol.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var gdKey = new Aws.Kms.Key(\"gd_key\", new()\n {\n Description = \"Temporary key for AccTest of TF\",\n DeletionWindowInDays = 7,\n Policy = kmsPol.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var test = new Aws.GuardDuty.PublishingDestination(\"test\", new()\n {\n DetectorId = testGd.Id,\n DestinationArn = gdBucket.Arn,\n KmsKeyArn = gdKey.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgdBucket, err := s3.NewBucketV2(ctx, \"gd_bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucketPol := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"Allow PutObject\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tgdBucket.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"guardduty.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"Allow GetBucketLocation\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketLocation\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tgdBucket.Arn,\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"guardduty.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tkmsPol, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Allow GuardDuty to encrypt findings\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kms:GenerateDataKey\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:kms:%v:%v:key/*\", currentGetRegion.Name, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"guardduty.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Allow all users to modify/delete key (test only)\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kms:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:kms:%v:%v:key/*\", currentGetRegion.Name, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestGd, err := guardduty.NewDetector(ctx, \"test_gd\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"gd_bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: gdBucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPolicy(ctx, \"gd_bucket_policy\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: gdBucket.ID(),\n\t\t\tPolicy: bucketPol.ApplyT(func(bucketPol iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026bucketPol.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgdKey, err := kms.NewKey(ctx, \"gd_key\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Temporary key for AccTest of TF\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tPolicy: pulumi.String(kmsPol.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewPublishingDestination(ctx, \"test\", \u0026guardduty.PublishingDestinationArgs{\n\t\t\tDetectorId: testGd.ID(),\n\t\t\tDestinationArn: gdBucket.Arn,\n\t\t\tKmsKeyArn: gdKey.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.DetectorArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.guardduty.PublishingDestination;\nimport com.pulumi.aws.guardduty.PublishingDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n var gdBucket = new BucketV2(\"gdBucket\", BucketV2Args.builder() \n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n final var bucketPol = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow PutObject\")\n .actions(\"s3:PutObject\")\n .resources(gdBucket.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"guardduty.amazonaws.com\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow GetBucketLocation\")\n .actions(\"s3:GetBucketLocation\")\n .resources(gdBucket.arn())\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"guardduty.amazonaws.com\")\n .build())\n .build())\n .build());\n\n final var kmsPol = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow GuardDuty to encrypt findings\")\n .actions(\"kms:GenerateDataKey\")\n .resources(String.format(\"arn:aws:kms:%s:%s:key/*\", currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"guardduty.amazonaws.com\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow all users to modify/delete key (test only)\")\n .actions(\"kms:*\")\n .resources(String.format(\"arn:aws:kms:%s:%s:key/*\", currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .build())\n .build());\n\n var testGd = new Detector(\"testGd\", DetectorArgs.builder() \n .enable(true)\n .build());\n\n var gdBucketAcl = new BucketAclV2(\"gdBucketAcl\", BucketAclV2Args.builder() \n .bucket(gdBucket.id())\n .acl(\"private\")\n .build());\n\n var gdBucketPolicy = new BucketPolicy(\"gdBucketPolicy\", BucketPolicyArgs.builder() \n .bucket(gdBucket.id())\n .policy(bucketPol.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(bucketPol -\u003e bucketPol.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var gdKey = new Key(\"gdKey\", KeyArgs.builder() \n .description(\"Temporary key for AccTest of TF\")\n .deletionWindowInDays(7)\n .policy(kmsPol.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var test = new PublishingDestination(\"test\", PublishingDestinationArgs.builder() \n .detectorId(testGd.id())\n .destinationArn(gdBucket.arn())\n .kmsKeyArn(gdKey.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testGd:\n type: aws:guardduty:Detector\n name: test_gd\n properties:\n enable: true\n gdBucket:\n type: aws:s3:BucketV2\n name: gd_bucket\n properties:\n bucket: example\n forceDestroy: true\n gdBucketAcl:\n type: aws:s3:BucketAclV2\n name: gd_bucket_acl\n properties:\n bucket: ${gdBucket.id}\n acl: private\n gdBucketPolicy:\n type: aws:s3:BucketPolicy\n name: gd_bucket_policy\n properties:\n bucket: ${gdBucket.id}\n policy: ${bucketPol.json}\n gdKey:\n type: aws:kms:Key\n name: gd_key\n properties:\n description: Temporary key for AccTest of TF\n deletionWindowInDays: 7\n policy: ${kmsPol.json}\n test:\n type: aws:guardduty:PublishingDestination\n properties:\n detectorId: ${testGd.id}\n destinationArn: ${gdBucket.arn}\n kmsKeyArn: ${gdKey.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n bucketPol:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Allow PutObject\n actions:\n - s3:PutObject\n resources:\n - ${gdBucket.arn}/*\n principals:\n - type: Service\n identifiers:\n - guardduty.amazonaws.com\n - sid: Allow GetBucketLocation\n actions:\n - s3:GetBucketLocation\n resources:\n - ${gdBucket.arn}\n principals:\n - type: Service\n identifiers:\n - guardduty.amazonaws.com\n kmsPol:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Allow GuardDuty to encrypt findings\n actions:\n - kms:GenerateDataKey\n resources:\n - arn:aws:kms:${currentGetRegion.name}:${current.accountId}:key/*\n principals:\n - type: Service\n identifiers:\n - guardduty.amazonaws.com\n - sid: Allow all users to modify/delete key (test only)\n actions:\n - kms:*\n resources:\n - arn:aws:kms:${currentGetRegion.name}:${current.accountId}:key/*\n principals:\n - type: AWS\n identifiers:\n - arn:aws:iam::${current.accountId}:root\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Note:** Please do not use this simple example for Bucket-Policy and KMS Key Policy in a production environment. It is much too open for such a use-case. Refer to the AWS documentation here: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_exportfindings.html\n\n## Import\n\nUsing `pulumi import`, import GuardDuty PublishingDestination using the master GuardDuty detector ID and PublishingDestinationID. For example:\n\n```sh\n$ pulumi import aws:guardduty/publishingDestination:PublishingDestination test a4b86f26fa42e7e7cf0d1c333ea77777:a4b86f27a0e464e4a7e0516d242f1234\n```\n", + "description": "Provides a resource to manage a GuardDuty PublishingDestination. Requires an existing GuardDuty Detector.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetRegion = aws.getRegion({});\nconst gdBucket = new aws.s3.BucketV2(\"gd_bucket\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst bucketPol = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n sid: \"Allow PutObject\",\n actions: [\"s3:PutObject\"],\n resources: [pulumi.interpolate`${gdBucket.arn}/*`],\n principals: [{\n type: \"Service\",\n identifiers: [\"guardduty.amazonaws.com\"],\n }],\n },\n {\n sid: \"Allow GetBucketLocation\",\n actions: [\"s3:GetBucketLocation\"],\n resources: [gdBucket.arn],\n principals: [{\n type: \"Service\",\n identifiers: [\"guardduty.amazonaws.com\"],\n }],\n },\n ],\n});\nconst kmsPol = Promise.all([currentGetRegion, current, currentGetRegion, current, current]).then(([currentGetRegion, current, currentGetRegion1, current1, current2]) =\u003e aws.iam.getPolicyDocument({\n statements: [\n {\n sid: \"Allow GuardDuty to encrypt findings\",\n actions: [\"kms:GenerateDataKey\"],\n resources: [`arn:aws:kms:${currentGetRegion.name}:${current.accountId}:key/*`],\n principals: [{\n type: \"Service\",\n identifiers: [\"guardduty.amazonaws.com\"],\n }],\n },\n {\n sid: \"Allow all users to modify/delete key (test only)\",\n actions: [\"kms:*\"],\n resources: [`arn:aws:kms:${currentGetRegion1.name}:${current1.accountId}:key/*`],\n principals: [{\n type: \"AWS\",\n identifiers: [`arn:aws:iam::${current2.accountId}:root`],\n }],\n },\n ],\n}));\nconst testGd = new aws.guardduty.Detector(\"test_gd\", {enable: true});\nconst gdBucketAcl = new aws.s3.BucketAclV2(\"gd_bucket_acl\", {\n bucket: gdBucket.id,\n acl: \"private\",\n});\nconst gdBucketPolicy = new aws.s3.BucketPolicy(\"gd_bucket_policy\", {\n bucket: gdBucket.id,\n policy: bucketPol.apply(bucketPol =\u003e bucketPol.json),\n});\nconst gdKey = new aws.kms.Key(\"gd_key\", {\n description: \"Temporary key for AccTest of TF\",\n deletionWindowInDays: 7,\n policy: kmsPol.then(kmsPol =\u003e kmsPol.json),\n});\nconst test = new aws.guardduty.PublishingDestination(\"test\", {\n detectorId: testGd.id,\n destinationArn: gdBucket.arn,\n kmsKeyArn: gdKey.arn,\n}, {\n dependsOn: [gdBucketPolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_region = aws.get_region()\ngd_bucket = aws.s3.BucketV2(\"gd_bucket\",\n bucket=\"example\",\n force_destroy=True)\nbucket_pol = aws.iam.get_policy_document_output(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"Allow PutObject\",\n actions=[\"s3:PutObject\"],\n resources=[gd_bucket.arn.apply(lambda arn: f\"{arn}/*\")],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"guardduty.amazonaws.com\"],\n )],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"Allow GetBucketLocation\",\n actions=[\"s3:GetBucketLocation\"],\n resources=[gd_bucket.arn],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"guardduty.amazonaws.com\"],\n )],\n ),\n])\nkms_pol = aws.iam.get_policy_document(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"Allow GuardDuty to encrypt findings\",\n actions=[\"kms:GenerateDataKey\"],\n resources=[f\"arn:aws:kms:{current_get_region.name}:{current.account_id}:key/*\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"guardduty.amazonaws.com\"],\n )],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"Allow all users to modify/delete key (test only)\",\n actions=[\"kms:*\"],\n resources=[f\"arn:aws:kms:{current_get_region.name}:{current.account_id}:key/*\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"AWS\",\n identifiers=[f\"arn:aws:iam::{current.account_id}:root\"],\n )],\n ),\n])\ntest_gd = aws.guardduty.Detector(\"test_gd\", enable=True)\ngd_bucket_acl = aws.s3.BucketAclV2(\"gd_bucket_acl\",\n bucket=gd_bucket.id,\n acl=\"private\")\ngd_bucket_policy = aws.s3.BucketPolicy(\"gd_bucket_policy\",\n bucket=gd_bucket.id,\n policy=bucket_pol.json)\ngd_key = aws.kms.Key(\"gd_key\",\n description=\"Temporary key for AccTest of TF\",\n deletion_window_in_days=7,\n policy=kms_pol.json)\ntest = aws.guardduty.PublishingDestination(\"test\",\n detector_id=test_gd.id,\n destination_arn=gd_bucket.arn,\n kms_key_arn=gd_key.arn,\n opts=pulumi.ResourceOptions(depends_on=[gd_bucket_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetRegion = Aws.GetRegion.Invoke();\n\n var gdBucket = new Aws.S3.BucketV2(\"gd_bucket\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var bucketPol = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow PutObject\",\n Actions = new[]\n {\n \"s3:PutObject\",\n },\n Resources = new[]\n {\n $\"{gdBucket.Arn}/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow GetBucketLocation\",\n Actions = new[]\n {\n \"s3:GetBucketLocation\",\n },\n Resources = new[]\n {\n gdBucket.Arn,\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var kmsPol = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow GuardDuty to encrypt findings\",\n Actions = new[]\n {\n \"kms:GenerateDataKey\",\n },\n Resources = new[]\n {\n $\"arn:aws:kms:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:key/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"guardduty.amazonaws.com\",\n },\n },\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"Allow all users to modify/delete key (test only)\",\n Actions = new[]\n {\n \"kms:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:kms:{currentGetRegion.Apply(getRegionResult =\u003e getRegionResult.Name)}:{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:key/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"AWS\",\n Identifiers = new[]\n {\n $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n },\n },\n },\n },\n });\n\n var testGd = new Aws.GuardDuty.Detector(\"test_gd\", new()\n {\n Enable = true,\n });\n\n var gdBucketAcl = new Aws.S3.BucketAclV2(\"gd_bucket_acl\", new()\n {\n Bucket = gdBucket.Id,\n Acl = \"private\",\n });\n\n var gdBucketPolicy = new Aws.S3.BucketPolicy(\"gd_bucket_policy\", new()\n {\n Bucket = gdBucket.Id,\n Policy = bucketPol.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var gdKey = new Aws.Kms.Key(\"gd_key\", new()\n {\n Description = \"Temporary key for AccTest of TF\",\n DeletionWindowInDays = 7,\n Policy = kmsPol.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var test = new Aws.GuardDuty.PublishingDestination(\"test\", new()\n {\n DetectorId = testGd.Id,\n DestinationArn = gdBucket.Arn,\n KmsKeyArn = gdKey.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gdBucketPolicy, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetRegion, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgdBucket, err := s3.NewBucketV2(ctx, \"gd_bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucketPol := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"Allow PutObject\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tgdBucket.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"guardduty.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"Allow GetBucketLocation\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketLocation\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tgdBucket.Arn,\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"guardduty.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tkmsPol, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Allow GuardDuty to encrypt findings\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kms:GenerateDataKey\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:kms:%v:%v:key/*\", currentGetRegion.Name, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"guardduty.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t{\n\t\t\t\t\tSid: pulumi.StringRef(\"Allow all users to modify/delete key (test only)\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"kms:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:kms:%v:%v:key/*\", currentGetRegion.Name, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"AWS\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestGd, err := guardduty.NewDetector(ctx, \"test_gd\", \u0026guardduty.DetectorArgs{\n\t\t\tEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"gd_bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: gdBucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgdBucketPolicy, err := s3.NewBucketPolicy(ctx, \"gd_bucket_policy\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: gdBucket.ID(),\n\t\t\tPolicy: bucketPol.ApplyT(func(bucketPol iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026bucketPol.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgdKey, err := kms.NewKey(ctx, \"gd_key\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Temporary key for AccTest of TF\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tPolicy: pulumi.String(kmsPol.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = guardduty.NewPublishingDestination(ctx, \"test\", \u0026guardduty.PublishingDestinationArgs{\n\t\t\tDetectorId: testGd.ID(),\n\t\t\tDestinationArn: gdBucket.Arn,\n\t\t\tKmsKeyArn: gdKey.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgdBucketPolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.guardduty.Detector;\nimport com.pulumi.aws.guardduty.DetectorArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.guardduty.PublishingDestination;\nimport com.pulumi.aws.guardduty.PublishingDestinationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetRegion = AwsFunctions.getRegion();\n\n var gdBucket = new BucketV2(\"gdBucket\", BucketV2Args.builder() \n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n final var bucketPol = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow PutObject\")\n .actions(\"s3:PutObject\")\n .resources(gdBucket.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"guardduty.amazonaws.com\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow GetBucketLocation\")\n .actions(\"s3:GetBucketLocation\")\n .resources(gdBucket.arn())\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"guardduty.amazonaws.com\")\n .build())\n .build())\n .build());\n\n final var kmsPol = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow GuardDuty to encrypt findings\")\n .actions(\"kms:GenerateDataKey\")\n .resources(String.format(\"arn:aws:kms:%s:%s:key/*\", currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"guardduty.amazonaws.com\")\n .build())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .sid(\"Allow all users to modify/delete key (test only)\")\n .actions(\"kms:*\")\n .resources(String.format(\"arn:aws:kms:%s:%s:key/*\", currentGetRegion.applyValue(getRegionResult -\u003e getRegionResult.name()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"AWS\")\n .identifiers(String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n .build())\n .build())\n .build());\n\n var testGd = new Detector(\"testGd\", DetectorArgs.builder() \n .enable(true)\n .build());\n\n var gdBucketAcl = new BucketAclV2(\"gdBucketAcl\", BucketAclV2Args.builder() \n .bucket(gdBucket.id())\n .acl(\"private\")\n .build());\n\n var gdBucketPolicy = new BucketPolicy(\"gdBucketPolicy\", BucketPolicyArgs.builder() \n .bucket(gdBucket.id())\n .policy(bucketPol.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(bucketPol -\u003e bucketPol.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var gdKey = new Key(\"gdKey\", KeyArgs.builder() \n .description(\"Temporary key for AccTest of TF\")\n .deletionWindowInDays(7)\n .policy(kmsPol.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var test = new PublishingDestination(\"test\", PublishingDestinationArgs.builder() \n .detectorId(testGd.id())\n .destinationArn(gdBucket.arn())\n .kmsKeyArn(gdKey.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(gdBucketPolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testGd:\n type: aws:guardduty:Detector\n name: test_gd\n properties:\n enable: true\n gdBucket:\n type: aws:s3:BucketV2\n name: gd_bucket\n properties:\n bucket: example\n forceDestroy: true\n gdBucketAcl:\n type: aws:s3:BucketAclV2\n name: gd_bucket_acl\n properties:\n bucket: ${gdBucket.id}\n acl: private\n gdBucketPolicy:\n type: aws:s3:BucketPolicy\n name: gd_bucket_policy\n properties:\n bucket: ${gdBucket.id}\n policy: ${bucketPol.json}\n gdKey:\n type: aws:kms:Key\n name: gd_key\n properties:\n description: Temporary key for AccTest of TF\n deletionWindowInDays: 7\n policy: ${kmsPol.json}\n test:\n type: aws:guardduty:PublishingDestination\n properties:\n detectorId: ${testGd.id}\n destinationArn: ${gdBucket.arn}\n kmsKeyArn: ${gdKey.arn}\n options:\n dependson:\n - ${gdBucketPolicy}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetRegion:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n bucketPol:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Allow PutObject\n actions:\n - s3:PutObject\n resources:\n - ${gdBucket.arn}/*\n principals:\n - type: Service\n identifiers:\n - guardduty.amazonaws.com\n - sid: Allow GetBucketLocation\n actions:\n - s3:GetBucketLocation\n resources:\n - ${gdBucket.arn}\n principals:\n - type: Service\n identifiers:\n - guardduty.amazonaws.com\n kmsPol:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: Allow GuardDuty to encrypt findings\n actions:\n - kms:GenerateDataKey\n resources:\n - arn:aws:kms:${currentGetRegion.name}:${current.accountId}:key/*\n principals:\n - type: Service\n identifiers:\n - guardduty.amazonaws.com\n - sid: Allow all users to modify/delete key (test only)\n actions:\n - kms:*\n resources:\n - arn:aws:kms:${currentGetRegion.name}:${current.accountId}:key/*\n principals:\n - type: AWS\n identifiers:\n - arn:aws:iam::${current.accountId}:root\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\u003e **Note:** Please do not use this simple example for Bucket-Policy and KMS Key Policy in a production environment. It is much too open for such a use-case. Refer to the AWS documentation here: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_exportfindings.html\n\n## Import\n\nUsing `pulumi import`, import GuardDuty PublishingDestination using the master GuardDuty detector ID and PublishingDestinationID. For example:\n\n```sh\n$ pulumi import aws:guardduty/publishingDestination:PublishingDestination test a4b86f26fa42e7e7cf0d1c333ea77777:a4b86f27a0e464e4a7e0516d242f1234\n```\n", "properties": { "destinationArn": { "type": "string", @@ -254190,7 +254190,7 @@ } }, "aws:iam/groupPolicy:GroupPolicy": { - "description": "Provides an IAM policy attached to a group.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDevelopers = new aws.iam.Group(\"my_developers\", {\n name: \"developers\",\n path: \"/users/\",\n});\nconst myDeveloperPolicy = new aws.iam.GroupPolicy(\"my_developer_policy\", {\n name: \"my_developer_policy\",\n group: myDevelopers.name,\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\"ec2:Describe*\"],\n effect: \"Allow\",\n resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmy_developers = aws.iam.Group(\"my_developers\",\n name=\"developers\",\n path=\"/users/\")\nmy_developer_policy = aws.iam.GroupPolicy(\"my_developer_policy\",\n name=\"my_developer_policy\",\n group=my_developers.name,\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\"ec2:Describe*\"],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDevelopers = new Aws.Iam.Group(\"my_developers\", new()\n {\n Name = \"developers\",\n Path = \"/users/\",\n });\n\n var myDeveloperPolicy = new Aws.Iam.GroupPolicy(\"my_developer_policy\", new()\n {\n Name = \"my_developer_policy\",\n Group = myDevelopers.Name,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDevelopers, err := iam.NewGroup(ctx, \"my_developers\", \u0026iam.GroupArgs{\n\t\t\tName: pulumi.String(\"developers\"),\n\t\t\tPath: pulumi.String(\"/users/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewGroupPolicy(ctx, \"my_developer_policy\", \u0026iam.GroupPolicyArgs{\n\t\t\tName: pulumi.String(\"my_developer_policy\"),\n\t\t\tGroup: myDevelopers.Name,\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Group;\nimport com.pulumi.aws.iam.GroupArgs;\nimport com.pulumi.aws.iam.GroupPolicy;\nimport com.pulumi.aws.iam.GroupPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDevelopers = new Group(\"myDevelopers\", GroupArgs.builder() \n .name(\"developers\")\n .path(\"/users/\")\n .build());\n\n var myDeveloperPolicy = new GroupPolicy(\"myDeveloperPolicy\", GroupPolicyArgs.builder() \n .name(\"my_developer_policy\")\n .group(myDevelopers.name())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDeveloperPolicy:\n type: aws:iam:GroupPolicy\n name: my_developer_policy\n properties:\n name: my_developer_policy\n group: ${myDevelopers.name}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - ec2:Describe*\n effect: Allow\n resource: '*'\n myDevelopers:\n type: aws:iam:Group\n name: my_developers\n properties:\n name: developers\n path: /users/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Group Policies using the `group_name:group_policy_name`. For example:\n\n```sh\n$ pulumi import aws:iam/groupPolicy:GroupPolicy mypolicy group_of_mypolicy_name:mypolicy_name\n```\n", + "description": "Provides an IAM policy attached to a group.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDevelopers = new aws.iam.Group(\"my_developers\", {\n name: \"developers\",\n path: \"/users/\",\n});\nconst myDeveloperPolicy = new aws.iam.GroupPolicy(\"my_developer_policy\", {\n name: \"my_developer_policy\",\n group: myDevelopers.name,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmy_developers = aws.iam.Group(\"my_developers\",\n name=\"developers\",\n path=\"/users/\")\nmy_developer_policy = aws.iam.GroupPolicy(\"my_developer_policy\",\n name=\"my_developer_policy\",\n group=my_developers.name,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDevelopers = new Aws.Iam.Group(\"my_developers\", new()\n {\n Name = \"developers\",\n Path = \"/users/\",\n });\n\n var myDeveloperPolicy = new Aws.Iam.GroupPolicy(\"my_developer_policy\", new()\n {\n Name = \"my_developer_policy\",\n Group = myDevelopers.Name,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDevelopers, err := iam.NewGroup(ctx, \"my_developers\", \u0026iam.GroupArgs{\n\t\t\tName: pulumi.String(\"developers\"),\n\t\t\tPath: pulumi.String(\"/users/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewGroupPolicy(ctx, \"my_developer_policy\", \u0026iam.GroupPolicyArgs{\n\t\t\tName: pulumi.String(\"my_developer_policy\"),\n\t\t\tGroup: myDevelopers.Name,\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Group;\nimport com.pulumi.aws.iam.GroupArgs;\nimport com.pulumi.aws.iam.GroupPolicy;\nimport com.pulumi.aws.iam.GroupPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDevelopers = new Group(\"myDevelopers\", GroupArgs.builder() \n .name(\"developers\")\n .path(\"/users/\")\n .build());\n\n var myDeveloperPolicy = new GroupPolicy(\"myDeveloperPolicy\", GroupPolicyArgs.builder() \n .name(\"my_developer_policy\")\n .group(myDevelopers.name())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDeveloperPolicy:\n type: aws:iam:GroupPolicy\n name: my_developer_policy\n properties:\n name: my_developer_policy\n group: ${myDevelopers.name}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n myDevelopers:\n type: aws:iam:Group\n name: my_developers\n properties:\n name: developers\n path: /users/\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Group Policies using the `group_name:group_policy_name`. For example:\n\n```sh\n$ pulumi import aws:iam/groupPolicy:GroupPolicy mypolicy group_of_mypolicy_name:mypolicy_name\n```\n", "properties": { "group": { "type": "string", @@ -254637,7 +254637,7 @@ } }, "aws:iam/policy:Policy": { - "description": "Provides an IAM policy.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst policy = new aws.iam.Policy(\"policy\", {\n name: \"test_policy\",\n path: \"/\",\n description: \"My test policy\",\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\"ec2:Describe*\"],\n effect: \"Allow\",\n resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\npolicy = aws.iam.Policy(\"policy\",\n name=\"test_policy\",\n path=\"/\",\n description=\"My test policy\",\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\"ec2:Describe*\"],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policy = new Aws.Iam.Policy(\"policy\", new()\n {\n Name = \"test_policy\",\n Path = \"/\",\n Description = \"My test policy\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"test_policy\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tDescription: pulumi.String(\"My test policy\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var policy = new Policy(\"policy\", PolicyArgs.builder() \n .name(\"test_policy\")\n .path(\"/\")\n .description(\"My test policy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: aws:iam:Policy\n properties:\n name: test_policy\n path: /\n description: My test policy\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - ec2:Describe*\n effect: Allow\n resource: '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Policies using the `arn`. For example:\n\n```sh\n$ pulumi import aws:iam/policy:Policy administrator arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\n```\n", + "description": "Provides an IAM policy.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst policy = new aws.iam.Policy(\"policy\", {\n name: \"test_policy\",\n path: \"/\",\n description: \"My test policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\npolicy = aws.iam.Policy(\"policy\",\n name=\"test_policy\",\n path=\"/\",\n description=\"My test policy\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policy = new Aws.Iam.Policy(\"policy\", new()\n {\n Name = \"test_policy\",\n Path = \"/\",\n Description = \"My test policy\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewPolicy(ctx, \"policy\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"test_policy\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tDescription: pulumi.String(\"My test policy\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var policy = new Policy(\"policy\", PolicyArgs.builder() \n .name(\"test_policy\")\n .path(\"/\")\n .description(\"My test policy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: aws:iam:Policy\n properties:\n name: test_policy\n path: /\n description: My test policy\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Policies using the `arn`. For example:\n\n```sh\n$ pulumi import aws:iam/policy:Policy administrator arn:aws:iam::123456789012:policy/UsersManageOwnCredentials\n```\n", "properties": { "arn": { "type": "string", @@ -254983,7 +254983,7 @@ } }, "aws:iam/role:Role": { - "description": "Provides an IAM role.\n\n\u003e **NOTE:** If policies are attached to the role via the `aws.iam.PolicyAttachment` resource and you are modifying the role `name` or `path`, the `force_detach_policies` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `aws.iam.RolePolicyAttachment` resource (recommended) does not have this requirement.\n\n\u003e **NOTE:** If you use this resource's `managed_policy_arns` argument or `inline_policy` configuration blocks, this resource will take over exclusive management of the role's respective policy types (e.g., both policy types if both arguments are used). These arguments are incompatible with other ways of managing a role's policies, such as `aws.iam.PolicyAttachment`, `aws.iam.RolePolicyAttachment`, and `aws.iam.RolePolicy`. If you attempt to manage a role's policies by multiple means, you will get resource cycling and/or errors.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRole = new aws.iam.Role(\"test_role\", {\n name: \"test_role\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n tags: {\n \"tag-key\": \"tag-value\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest_role = aws.iam.Role(\"test_role\",\n name=\"test_role\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"ec2.amazonaws.com\",\n },\n }],\n }),\n tags={\n \"tag-key\": \"tag-value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testRole = new Aws.Iam.Role(\"test_role\", new()\n {\n Name = \"test_role\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n Tags = \n {\n { \"tag-key\", \"tag-value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRole(ctx, \"test_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag-key\": pulumi.String(\"tag-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testRole = new Role(\"testRole\", RoleArgs.builder() \n .name(\"test_role\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .tags(Map.of(\"tag-key\", \"tag-value\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testRole:\n type: aws:iam:Role\n name: test_role\n properties:\n name: test_role\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: ec2.amazonaws.com\n tags:\n tag-key: tag-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Using Data Source for Assume Role Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst instanceAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"ec2.amazonaws.com\"],\n }],\n }],\n});\nconst instance = new aws.iam.Role(\"instance\", {\n name: \"instance_role\",\n path: \"/system/\",\n assumeRolePolicy: instanceAssumeRolePolicy.then(instanceAssumeRolePolicy =\u003e instanceAssumeRolePolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ninstance_assume_role_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"ec2.amazonaws.com\"],\n )],\n)])\ninstance = aws.iam.Role(\"instance\",\n name=\"instance_role\",\n path=\"/system/\",\n assume_role_policy=instance_assume_role_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var instanceAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var instance = new Aws.Iam.Role(\"instance\", new()\n {\n Name = \"instance_role\",\n Path = \"/system/\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinstanceAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"instance\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"instance_role\"),\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(instanceAssumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var instanceAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ec2.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var instance = new Role(\"instance\", RoleArgs.builder() \n .name(\"instance_role\")\n .path(\"/system/\")\n .assumeRolePolicy(instanceAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n instance:\n type: aws:iam:Role\n properties:\n name: instance_role\n path: /system/\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\nvariables:\n instanceAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - ec2.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Exclusive Inline Policies\n\nThis example creates an IAM role with two inline IAM policies. If someone adds another inline policy out-of-band, on the next apply, this provider will remove that policy. If someone deletes these policies out-of-band, this provider will recreate them.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst inlinePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"ec2:DescribeAccountAttributes\"],\n resources: [\"*\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n inlinePolicies: [\n {\n name: \"my_inline_policy\",\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\"ec2:Describe*\"],\n effect: \"Allow\",\n resource: \"*\",\n }],\n }),\n },\n {\n name: \"policy-8675309\",\n policy: inlinePolicy.then(inlinePolicy =\u003e inlinePolicy.json),\n },\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ninline_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"ec2:DescribeAccountAttributes\"],\n resources=[\"*\"],\n)])\nexample = aws.iam.Role(\"example\",\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"],\n inline_policies=[\n aws.iam.RoleInlinePolicyArgs(\n name=\"my_inline_policy\",\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\"ec2:Describe*\"],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n }],\n }),\n ),\n aws.iam.RoleInlinePolicyArgs(\n name=\"policy-8675309\",\n policy=inline_policy.json,\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var inlinePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"ec2:DescribeAccountAttributes\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n InlinePolicies = new[]\n {\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"my_inline_policy\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = \"*\",\n },\n },\n }),\n },\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"policy-8675309\",\n Policy = inlinePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinlinePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:DescribeAccountAttributes\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_inline_policy\"),\n\t\t\t\t\tPolicy: pulumi.String(json0),\n\t\t\t\t},\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"policy-8675309\"),\n\t\t\t\t\tPolicy: pulumi.String(inlinePolicy.Json),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var inlinePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"ec2:DescribeAccountAttributes\")\n .resources(\"*\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .inlinePolicies( \n RoleInlinePolicyArgs.builder()\n .name(\"my_inline_policy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", \"*\")\n )))\n )))\n .build(),\n RoleInlinePolicyArgs.builder()\n .name(\"policy-8675309\")\n .policy(inlinePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n inlinePolicies:\n - name: my_inline_policy\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - ec2:Describe*\n effect: Allow\n resource: '*'\n - name: policy-8675309\n policy: ${inlinePolicy.json}\nvariables:\n inlinePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - ec2:DescribeAccountAttributes\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Removing Inline Policies\n\nThis example creates an IAM role with what appears to be empty IAM `inline_policy` argument instead of using `inline_policy` as a configuration block. The result is that if someone were to add an inline policy out-of-band, on the next apply, this provider will remove that policy.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n inlinePolicies: [{}],\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n inline_policies=[aws.iam.RoleInlinePolicyArgs()],\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n InlinePolicies = new[]\n {\n null,\n },\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\tnil,\n\t\t\t},\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .inlinePolicies()\n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n inlinePolicies:\n - {}\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Exclusive Managed Policies\n\nThis example creates an IAM role and attaches two managed IAM policies. If someone attaches another managed policy out-of-band, on the next apply, this provider will detach that policy. If someone detaches these policies out-of-band, this provider will attach them again.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst policyOne = new aws.iam.Policy(\"policy_one\", {\n name: \"policy-618033\",\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\"ec2:Describe*\"],\n effect: \"Allow\",\n resource: \"*\",\n }],\n }),\n});\nconst policyTwo = new aws.iam.Policy(\"policy_two\", {\n name: \"policy-381966\",\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\n \"s3:ListAllMyBuckets\",\n \"s3:ListBucket\",\n \"s3:HeadBucket\",\n ],\n effect: \"Allow\",\n resource: \"*\",\n }],\n }),\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n managedPolicyArns: [\n policyOne.arn,\n policyTwo.arn,\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\npolicy_one = aws.iam.Policy(\"policy_one\",\n name=\"policy-618033\",\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\"ec2:Describe*\"],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n }],\n }))\npolicy_two = aws.iam.Policy(\"policy_two\",\n name=\"policy-381966\",\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\n \"s3:ListAllMyBuckets\",\n \"s3:ListBucket\",\n \"s3:HeadBucket\",\n ],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n }],\n }))\nexample = aws.iam.Role(\"example\",\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"],\n managed_policy_arns=[\n policy_one.arn,\n policy_two.arn,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policyOne = new Aws.Iam.Policy(\"policy_one\", new()\n {\n Name = \"policy-618033\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = \"*\",\n },\n },\n }),\n });\n\n var policyTwo = new Aws.Iam.Policy(\"policy_two\", new()\n {\n Name = \"policy-381966\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"s3:ListAllMyBuckets\",\n \"s3:ListBucket\",\n \"s3:HeadBucket\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = \"*\",\n },\n },\n }),\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n ManagedPolicyArns = new[]\n {\n policyOne.Arn,\n policyTwo.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tpolicyOne, err := iam.NewPolicy(ctx, \"policy_one\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"policy-618033\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"s3:ListAllMyBuckets\",\n\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t\t\"s3:HeadBucket\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\tpolicyTwo, err := iam.NewPolicy(ctx, \"policy_two\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"policy-381966\"),\n\t\t\tPolicy: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\tpolicyOne.Arn,\n\t\t\t\tpolicyTwo.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var policyOne = new Policy(\"policyOne\", PolicyArgs.builder() \n .name(\"policy-618033\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", \"*\")\n )))\n )))\n .build());\n\n var policyTwo = new Policy(\"policyTwo\", PolicyArgs.builder() \n .name(\"policy-381966\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\n \"s3:ListAllMyBuckets\", \n \"s3:ListBucket\", \n \"s3:HeadBucket\"\n )),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", \"*\")\n )))\n )))\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .managedPolicyArns( \n policyOne.arn(),\n policyTwo.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n managedPolicyArns:\n - ${policyOne.arn}\n - ${policyTwo.arn}\n policyOne:\n type: aws:iam:Policy\n name: policy_one\n properties:\n name: policy-618033\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - ec2:Describe*\n effect: Allow\n resource: '*'\n policyTwo:\n type: aws:iam:Policy\n name: policy_two\n properties:\n name: policy-381966\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - s3:ListAllMyBuckets\n - s3:ListBucket\n - s3:HeadBucket\n effect: Allow\n resource: '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Removing Managed Policies\n\nThis example creates an IAM role with an empty `managed_policy_arns` argument. If someone attaches a policy out-of-band, on the next apply, this provider will detach that policy.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n managedPolicyArns: [],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"],\n managed_policy_arns=[])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n ManagedPolicyArns = new[] {},\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t\tManagedPolicyArns: pulumi.StringArray{},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .managedPolicyArns()\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n managedPolicyArns: []\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Roles using the `name`. For example:\n\n```sh\n$ pulumi import aws:iam/role:Role developer developer_name\n```\n", + "description": "Provides an IAM role.\n\n\u003e **NOTE:** If policies are attached to the role via the `aws.iam.PolicyAttachment` resource and you are modifying the role `name` or `path`, the `force_detach_policies` argument must be set to `true` and applied before attempting the operation otherwise you will encounter a `DeleteConflict` error. The `aws.iam.RolePolicyAttachment` resource (recommended) does not have this requirement.\n\n\u003e **NOTE:** If you use this resource's `managed_policy_arns` argument or `inline_policy` configuration blocks, this resource will take over exclusive management of the role's respective policy types (e.g., both policy types if both arguments are used). These arguments are incompatible with other ways of managing a role's policies, such as `aws.iam.PolicyAttachment`, `aws.iam.RolePolicyAttachment`, and `aws.iam.RolePolicy`. If you attempt to manage a role's policies by multiple means, you will get resource cycling and/or errors.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRole = new aws.iam.Role(\"test_role\", {\n name: \"test_role\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n tags: {\n \"tag-key\": \"tag-value\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest_role = aws.iam.Role(\"test_role\",\n name=\"test_role\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n }),\n tags={\n \"tag-key\": \"tag-value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testRole = new Aws.Iam.Role(\"test_role\", new()\n {\n Name = \"test_role\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n Tags = \n {\n { \"tag-key\", \"tag-value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRole(ctx, \"test_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag-key\": pulumi.String(\"tag-value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testRole = new Role(\"testRole\", RoleArgs.builder() \n .name(\"test_role\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .tags(Map.of(\"tag-key\", \"tag-value\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testRole:\n type: aws:iam:Role\n name: test_role\n properties:\n name: test_role\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: ec2.amazonaws.com\n tags:\n tag-key: tag-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Using Data Source for Assume Role Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst instanceAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"ec2.amazonaws.com\"],\n }],\n }],\n});\nconst instance = new aws.iam.Role(\"instance\", {\n name: \"instance_role\",\n path: \"/system/\",\n assumeRolePolicy: instanceAssumeRolePolicy.then(instanceAssumeRolePolicy =\u003e instanceAssumeRolePolicy.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ninstance_assume_role_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"ec2.amazonaws.com\"],\n )],\n)])\ninstance = aws.iam.Role(\"instance\",\n name=\"instance_role\",\n path=\"/system/\",\n assume_role_policy=instance_assume_role_policy.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var instanceAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ec2.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var instance = new Aws.Iam.Role(\"instance\", new()\n {\n Name = \"instance_role\",\n Path = \"/system/\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinstanceAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ec2.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"instance\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"instance_role\"),\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(instanceAssumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var instanceAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ec2.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var instance = new Role(\"instance\", RoleArgs.builder() \n .name(\"instance_role\")\n .path(\"/system/\")\n .assumeRolePolicy(instanceAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n instance:\n type: aws:iam:Role\n properties:\n name: instance_role\n path: /system/\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\nvariables:\n instanceAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - ec2.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Exclusive Inline Policies\n\nThis example creates an IAM role with two inline IAM policies. If someone adds another inline policy out-of-band, on the next apply, this provider will remove that policy. If someone deletes these policies out-of-band, this provider will recreate them.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst inlinePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"ec2:DescribeAccountAttributes\"],\n resources: [\"*\"],\n }],\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n inlinePolicies: [\n {\n name: \"my_inline_policy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n },\n {\n name: \"policy-8675309\",\n policy: inlinePolicy.then(inlinePolicy =\u003e inlinePolicy.json),\n },\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ninline_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"ec2:DescribeAccountAttributes\"],\n resources=[\"*\"],\n)])\nexample = aws.iam.Role(\"example\",\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"],\n inline_policies=[\n aws.iam.RoleInlinePolicyArgs(\n name=\"my_inline_policy\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }),\n ),\n aws.iam.RoleInlinePolicyArgs(\n name=\"policy-8675309\",\n policy=inline_policy.json,\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var inlinePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"ec2:DescribeAccountAttributes\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n InlinePolicies = new[]\n {\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"my_inline_policy\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n },\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"policy-8675309\",\n Policy = inlinePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinlinePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"ec2:DescribeAccountAttributes\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"my_inline_policy\"),\n\t\t\t\t\tPolicy: pulumi.String(json0),\n\t\t\t\t},\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"policy-8675309\"),\n\t\t\t\t\tPolicy: pulumi.String(inlinePolicy.Json),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var inlinePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"ec2:DescribeAccountAttributes\")\n .resources(\"*\")\n .build())\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .inlinePolicies( \n RoleInlinePolicyArgs.builder()\n .name(\"my_inline_policy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build(),\n RoleInlinePolicyArgs.builder()\n .name(\"policy-8675309\")\n .policy(inlinePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n inlinePolicies:\n - name: my_inline_policy\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n - name: policy-8675309\n policy: ${inlinePolicy.json}\nvariables:\n inlinePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - ec2:DescribeAccountAttributes\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Removing Inline Policies\n\nThis example creates an IAM role with what appears to be empty IAM `inline_policy` argument instead of using `inline_policy` as a configuration block. The result is that if someone were to add an inline policy out-of-band, on the next apply, this provider will remove that policy.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n inlinePolicies: [{}],\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n inline_policies=[aws.iam.RoleInlinePolicyArgs()],\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n InlinePolicies = new[]\n {\n null,\n },\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\tnil,\n\t\t\t},\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .inlinePolicies()\n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n inlinePolicies:\n - {}\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Exclusive Managed Policies\n\nThis example creates an IAM role and attaches two managed IAM policies. If someone attaches another managed policy out-of-band, on the next apply, this provider will detach that policy. If someone detaches these policies out-of-band, this provider will attach them again.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst policyOne = new aws.iam.Policy(\"policy_one\", {\n name: \"policy-618033\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\nconst policyTwo = new aws.iam.Policy(\"policy_two\", {\n name: \"policy-381966\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\n \"s3:ListAllMyBuckets\",\n \"s3:ListBucket\",\n \"s3:HeadBucket\",\n ],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\nconst example = new aws.iam.Role(\"example\", {\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n managedPolicyArns: [\n policyOne.arn,\n policyTwo.arn,\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\npolicy_one = aws.iam.Policy(\"policy_one\",\n name=\"policy-618033\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\npolicy_two = aws.iam.Policy(\"policy_two\",\n name=\"policy-381966\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\n \"s3:ListAllMyBuckets\",\n \"s3:ListBucket\",\n \"s3:HeadBucket\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\nexample = aws.iam.Role(\"example\",\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"],\n managed_policy_arns=[\n policy_one.arn,\n policy_two.arn,\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policyOne = new Aws.Iam.Policy(\"policy_one\", new()\n {\n Name = \"policy-618033\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n var policyTwo = new Aws.Iam.Policy(\"policy_two\", new()\n {\n Name = \"policy-381966\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"s3:ListAllMyBuckets\",\n \"s3:ListBucket\",\n \"s3:HeadBucket\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n ManagedPolicyArns = new[]\n {\n policyOne.Arn,\n policyTwo.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tpolicyOne, err := iam.NewPolicy(ctx, \"policy_one\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"policy-618033\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"s3:ListAllMyBuckets\",\n\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t\t\"s3:HeadBucket\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\tpolicyTwo, err := iam.NewPolicy(ctx, \"policy_two\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"policy-381966\"),\n\t\t\tPolicy: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t\tManagedPolicyArns: pulumi.StringArray{\n\t\t\t\tpolicyOne.Arn,\n\t\t\t\tpolicyTwo.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var policyOne = new Policy(\"policyOne\", PolicyArgs.builder() \n .name(\"policy-618033\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n var policyTwo = new Policy(\"policyTwo\", PolicyArgs.builder() \n .name(\"policy-381966\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"s3:ListAllMyBuckets\", \n \"s3:ListBucket\", \n \"s3:HeadBucket\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .managedPolicyArns( \n policyOne.arn(),\n policyTwo.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n managedPolicyArns:\n - ${policyOne.arn}\n - ${policyTwo.arn}\n policyOne:\n type: aws:iam:Policy\n name: policy_one\n properties:\n name: policy-618033\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n policyTwo:\n type: aws:iam:Policy\n name: policy_two\n properties:\n name: policy-381966\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - s3:ListAllMyBuckets\n - s3:ListBucket\n - s3:HeadBucket\n Effect: Allow\n Resource: '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example of Removing Managed Policies\n\nThis example creates an IAM role with an empty `managed_policy_arns` argument. If someone attaches a policy out-of-band, on the next apply, this provider will detach that policy.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: \"yak_role\",\n assumeRolePolicy: instanceAssumeRolePolicy.json,\n managedPolicyArns: [],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=\"yak_role\",\n assume_role_policy=instance_assume_role_policy[\"json\"],\n managed_policy_arns=[])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"yak_role\",\n AssumeRolePolicy = instanceAssumeRolePolicy.Json,\n ManagedPolicyArns = new[] {},\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"yak_role\"),\n\t\t\tAssumeRolePolicy: pulumi.Any(instanceAssumeRolePolicy.Json),\n\t\t\tManagedPolicyArns: pulumi.StringArray{},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .name(\"yak_role\")\n .assumeRolePolicy(instanceAssumeRolePolicy.json())\n .managedPolicyArns()\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: yak_role\n assumeRolePolicy: ${instanceAssumeRolePolicy.json}\n managedPolicyArns: []\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Roles using the `name`. For example:\n\n```sh\n$ pulumi import aws:iam/role:Role developer developer_name\n```\n", "properties": { "arn": { "type": "string", @@ -255230,7 +255230,7 @@ } }, "aws:iam/rolePolicy:RolePolicy": { - "description": "Provides an IAM role inline policy.\n\n\u003e **NOTE:** For a given role, this resource is incompatible with using the `aws.iam.Role` resource `inline_policy` argument. When using that argument and this resource, both will attempt to manage the role's inline policies and the provider will show a permanent difference.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRole = new aws.iam.Role(\"test_role\", {\n name: \"test_role\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n});\nconst testPolicy = new aws.iam.RolePolicy(\"test_policy\", {\n name: \"test_policy\",\n role: testRole.id,\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\"ec2:Describe*\"],\n effect: \"Allow\",\n resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest_role = aws.iam.Role(\"test_role\",\n name=\"test_role\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"ec2.amazonaws.com\",\n },\n }],\n }))\ntest_policy = aws.iam.RolePolicy(\"test_policy\",\n name=\"test_policy\",\n role=test_role.id,\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\"ec2:Describe*\"],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testRole = new Aws.Iam.Role(\"test_role\", new()\n {\n Name = \"test_role\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var testPolicy = new Aws.Iam.RolePolicy(\"test_policy\", new()\n {\n Name = \"test_policy\",\n Role = testRole.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttestRole, err := iam.NewRole(ctx, \"test_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = iam.NewRolePolicy(ctx, \"test_policy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"test_policy\"),\n\t\t\tRole: testRole.ID(),\n\t\t\tPolicy: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testRole = new Role(\"testRole\", RoleArgs.builder() \n .name(\"test_role\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var testPolicy = new RolePolicy(\"testPolicy\", RolePolicyArgs.builder() \n .name(\"test_policy\")\n .role(testRole.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testPolicy:\n type: aws:iam:RolePolicy\n name: test_policy\n properties:\n name: test_policy\n role: ${testRole.id}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - ec2:Describe*\n effect: Allow\n resource: '*'\n testRole:\n type: aws:iam:Role\n name: test_role\n properties:\n name: test_role\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: ec2.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Role Policies using the `role_name:role_policy_name`. For example:\n\n```sh\n$ pulumi import aws:iam/rolePolicy:RolePolicy mypolicy role_of_mypolicy_name:mypolicy_name\n```\n", + "description": "Provides an IAM role inline policy.\n\n\u003e **NOTE:** For a given role, this resource is incompatible with using the `aws.iam.Role` resource `inline_policy` argument. When using that argument and this resource, both will attempt to manage the role's inline policies and the provider will show a permanent difference.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testRole = new aws.iam.Role(\"test_role\", {\n name: \"test_role\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"ec2.amazonaws.com\",\n },\n }],\n }),\n});\nconst testPolicy = new aws.iam.RolePolicy(\"test_policy\", {\n name: \"test_policy\",\n role: testRole.id,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest_role = aws.iam.Role(\"test_role\",\n name=\"test_role\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\",\n },\n }],\n }))\ntest_policy = aws.iam.RolePolicy(\"test_policy\",\n name=\"test_policy\",\n role=test_role.id,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testRole = new Aws.Iam.Role(\"test_role\", new()\n {\n Name = \"test_role\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"ec2.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var testPolicy = new Aws.Iam.RolePolicy(\"test_policy\", new()\n {\n Name = \"test_policy\",\n Role = testRole.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"ec2.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttestRole, err := iam.NewRole(ctx, \"test_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\t_, err = iam.NewRolePolicy(ctx, \"test_policy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"test_policy\"),\n\t\t\tRole: testRole.ID(),\n\t\t\tPolicy: pulumi.String(json1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testRole = new Role(\"testRole\", RoleArgs.builder() \n .name(\"test_role\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"ec2.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var testPolicy = new RolePolicy(\"testPolicy\", RolePolicyArgs.builder() \n .name(\"test_policy\")\n .role(testRole.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testPolicy:\n type: aws:iam:RolePolicy\n name: test_policy\n properties:\n name: test_policy\n role: ${testRole.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n testRole:\n type: aws:iam:Role\n name: test_role\n properties:\n name: test_role\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: ec2.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM Role Policies using the `role_name:role_policy_name`. For example:\n\n```sh\n$ pulumi import aws:iam/rolePolicy:RolePolicy mypolicy role_of_mypolicy_name:mypolicy_name\n```\n", "properties": { "name": { "type": "string", @@ -256398,7 +256398,7 @@ } }, "aws:iam/userPolicy:UserPolicy": { - "description": "Provides an IAM policy attached to a user.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.iam.User(\"lb\", {\n name: \"loadbalancer\",\n path: \"/system/\",\n});\nconst lbRo = new aws.iam.UserPolicy(\"lb_ro\", {\n name: \"test\",\n user: lb.name,\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\"ec2:Describe*\"],\n effect: \"Allow\",\n resource: \"*\",\n }],\n }),\n});\nconst lbAccessKey = new aws.iam.AccessKey(\"lb\", {user: lb.name});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nlb = aws.iam.User(\"lb\",\n name=\"loadbalancer\",\n path=\"/system/\")\nlb_ro = aws.iam.UserPolicy(\"lb_ro\",\n name=\"test\",\n user=lb.name,\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\"ec2:Describe*\"],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n }],\n }))\nlb_access_key = aws.iam.AccessKey(\"lb\", user=lb.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Iam.User(\"lb\", new()\n {\n Name = \"loadbalancer\",\n Path = \"/system/\",\n });\n\n var lbRo = new Aws.Iam.UserPolicy(\"lb_ro\", new()\n {\n Name = \"test\",\n User = lb.Name,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = \"*\",\n },\n },\n }),\n });\n\n var lbAccessKey = new Aws.Iam.AccessKey(\"lb\", new()\n {\n User = lb.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := iam.NewUser(ctx, \"lb\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"loadbalancer\"),\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewUserPolicy(ctx, \"lb_ro\", \u0026iam.UserPolicyArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tUser: lb.Name,\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewAccessKey(ctx, \"lb\", \u0026iam.AccessKeyArgs{\n\t\t\tUser: lb.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.UserPolicy;\nimport com.pulumi.aws.iam.UserPolicyArgs;\nimport com.pulumi.aws.iam.AccessKey;\nimport com.pulumi.aws.iam.AccessKeyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new User(\"lb\", UserArgs.builder() \n .name(\"loadbalancer\")\n .path(\"/system/\")\n .build());\n\n var lbRo = new UserPolicy(\"lbRo\", UserPolicyArgs.builder() \n .name(\"test\")\n .user(lb.name())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", \"*\")\n )))\n )))\n .build());\n\n var lbAccessKey = new AccessKey(\"lbAccessKey\", AccessKeyArgs.builder() \n .user(lb.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lbRo:\n type: aws:iam:UserPolicy\n name: lb_ro\n properties:\n name: test\n user: ${lb.name}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - ec2:Describe*\n effect: Allow\n resource: '*'\n lb:\n type: aws:iam:User\n properties:\n name: loadbalancer\n path: /system/\n lbAccessKey:\n type: aws:iam:AccessKey\n name: lb\n properties:\n user: ${lb.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM User Policies using the `user_name:user_policy_name`. For example:\n\n```sh\n$ pulumi import aws:iam/userPolicy:UserPolicy mypolicy user_of_mypolicy_name:mypolicy_name\n```\n", + "description": "Provides an IAM policy attached to a user.\n\n\u003e **NOTE:** We suggest using explicit JSON encoding or `aws.iam.getPolicyDocument` when assigning a value to `policy`. They seamlessly translate configuration to JSON, enabling you to maintain consistency within your configuration without the need for context switches. Also, you can sidestep potential complications arising from formatting discrepancies, whitespace inconsistencies, and other nuances inherent to JSON.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst lb = new aws.iam.User(\"lb\", {\n name: \"loadbalancer\",\n path: \"/system/\",\n});\nconst lbRo = new aws.iam.UserPolicy(\"lb_ro\", {\n name: \"test\",\n user: lb.name,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"ec2:Describe*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\nconst lbAccessKey = new aws.iam.AccessKey(\"lb\", {user: lb.name});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nlb = aws.iam.User(\"lb\",\n name=\"loadbalancer\",\n path=\"/system/\")\nlb_ro = aws.iam.UserPolicy(\"lb_ro\",\n name=\"test\",\n user=lb.name,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"ec2:Describe*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\nlb_access_key = aws.iam.AccessKey(\"lb\", user=lb.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var lb = new Aws.Iam.User(\"lb\", new()\n {\n Name = \"loadbalancer\",\n Path = \"/system/\",\n });\n\n var lbRo = new Aws.Iam.UserPolicy(\"lb_ro\", new()\n {\n Name = \"test\",\n User = lb.Name,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"ec2:Describe*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n var lbAccessKey = new Aws.Iam.AccessKey(\"lb\", new()\n {\n User = lb.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tlb, err := iam.NewUser(ctx, \"lb\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"loadbalancer\"),\n\t\t\tPath: pulumi.String(\"/system/\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:Describe*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewUserPolicy(ctx, \"lb_ro\", \u0026iam.UserPolicyArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tUser: lb.Name,\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewAccessKey(ctx, \"lb\", \u0026iam.AccessKeyArgs{\n\t\t\tUser: lb.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.iam.UserPolicy;\nimport com.pulumi.aws.iam.UserPolicyArgs;\nimport com.pulumi.aws.iam.AccessKey;\nimport com.pulumi.aws.iam.AccessKeyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var lb = new User(\"lb\", UserArgs.builder() \n .name(\"loadbalancer\")\n .path(\"/system/\")\n .build());\n\n var lbRo = new UserPolicy(\"lbRo\", UserPolicyArgs.builder() \n .name(\"test\")\n .user(lb.name())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"ec2:Describe*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n var lbAccessKey = new AccessKey(\"lbAccessKey\", AccessKeyArgs.builder() \n .user(lb.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n lbRo:\n type: aws:iam:UserPolicy\n name: lb_ro\n properties:\n name: test\n user: ${lb.name}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - ec2:Describe*\n Effect: Allow\n Resource: '*'\n lb:\n type: aws:iam:User\n properties:\n name: loadbalancer\n path: /system/\n lbAccessKey:\n type: aws:iam:AccessKey\n name: lb\n properties:\n user: ${lb.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IAM User Policies using the `user_name:user_policy_name`. For example:\n\n```sh\n$ pulumi import aws:iam/userPolicy:UserPolicy mypolicy user_of_mypolicy_name:mypolicy_name\n```\n", "properties": { "name": { "type": "string", @@ -260282,7 +260282,7 @@ } }, "aws:iot/policy:Policy": { - "description": "Provides an IoT policy.\n\n\u003e **NOTE on policy versions:** Updating this resource creates a new, default policy version. If updating the resource would exceed the maximum number of versions (5), the oldest non-default version of the policy is deleted before the new policy version is created.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pubsub = new aws.iot.Policy(\"pubsub\", {\n name: \"PubSubToAnyTopic\",\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\"iot:*\"],\n effect: \"Allow\",\n resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\npubsub = aws.iot.Policy(\"pubsub\",\n name=\"PubSubToAnyTopic\",\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\"iot:*\"],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pubsub = new Aws.Iot.Policy(\"pubsub\", new()\n {\n Name = \"PubSubToAnyTopic\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"iot:*\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"iot:*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iot.NewPolicy(ctx, \"pubsub\", \u0026iot.PolicyArgs{\n\t\t\tName: pulumi.String(\"PubSubToAnyTopic\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.Policy;\nimport com.pulumi.aws.iot.PolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pubsub = new Policy(\"pubsub\", PolicyArgs.builder() \n .name(\"PubSubToAnyTopic\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\"iot:*\")),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pubsub:\n type: aws:iot:Policy\n properties:\n name: PubSubToAnyTopic\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - iot:*\n effect: Allow\n resource: '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT policies using the `name`. For example:\n\n```sh\n$ pulumi import aws:iot/policy:Policy pubsub PubSubToAnyTopic\n```\n", + "description": "Provides an IoT policy.\n\n\u003e **NOTE on policy versions:** Updating this resource creates a new, default policy version. If updating the resource would exceed the maximum number of versions (5), the oldest non-default version of the policy is deleted before the new policy version is created.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst pubsub = new aws.iot.Policy(\"pubsub\", {\n name: \"PubSubToAnyTopic\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\"iot:*\"],\n Effect: \"Allow\",\n Resource: \"*\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\npubsub = aws.iot.Policy(\"pubsub\",\n name=\"PubSubToAnyTopic\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\"iot:*\"],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var pubsub = new Aws.Iot.Policy(\"pubsub\", new()\n {\n Name = \"PubSubToAnyTopic\",\n PolicyDocument = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"iot:*\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"iot:*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iot.NewPolicy(ctx, \"pubsub\", \u0026iot.PolicyArgs{\n\t\t\tName: pulumi.String(\"PubSubToAnyTopic\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iot.Policy;\nimport com.pulumi.aws.iot.PolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var pubsub = new Policy(\"pubsub\", PolicyArgs.builder() \n .name(\"PubSubToAnyTopic\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\"iot:*\")),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n pubsub:\n type: aws:iot:Policy\n properties:\n name: PubSubToAnyTopic\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - iot:*\n Effect: Allow\n Resource: '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT policies using the `name`. For example:\n\n```sh\n$ pulumi import aws:iot/policy:Policy pubsub PubSubToAnyTopic\n```\n", "properties": { "arn": { "type": "string", @@ -260469,7 +260469,7 @@ } }, "aws:iot/provisioningTemplate:ProvisioningTemplate": { - "description": "Manages an IoT fleet provisioning template. For more info, see the AWS documentation on [fleet provisioning](https://docs.aws.amazon.com/iot/latest/developerguide/provision-wo-cert.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst iotAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"iot.amazonaws.com\"],\n }],\n }],\n});\nconst iotFleetProvisioning = new aws.iam.Role(\"iot_fleet_provisioning\", {\n name: \"IoTProvisioningServiceRole\",\n path: \"/service-role/\",\n assumeRolePolicy: iotAssumeRolePolicy.then(iotAssumeRolePolicy =\u003e iotAssumeRolePolicy.json),\n});\nconst iotFleetProvisioningRegistration = new aws.iam.RolePolicyAttachment(\"iot_fleet_provisioning_registration\", {\n role: iotFleetProvisioning.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\",\n});\nconst devicePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"iot:Subscribe\"],\n resources: [\"*\"],\n }],\n});\nconst devicePolicyPolicy = new aws.iot.Policy(\"device_policy\", {\n name: \"DevicePolicy\",\n policy: devicePolicy.then(devicePolicy =\u003e devicePolicy.json),\n});\nconst fleet = new aws.iot.ProvisioningTemplate(\"fleet\", {\n name: \"FleetTemplate\",\n description: \"My provisioning template\",\n provisioningRoleArn: iotFleetProvisioning.arn,\n enabled: true,\n templateBody: pulumi.jsonStringify({\n parameters: {\n serialNumber: {\n type: \"String\",\n },\n },\n resources: {\n certificate: {\n properties: {\n certificateId: {\n ref: \"AWS::IoT::Certificate::Id\",\n },\n status: \"Active\",\n },\n type: \"AWS::IoT::Certificate\",\n },\n policy: {\n properties: {\n policyName: devicePolicyPolicy.name,\n },\n type: \"AWS::IoT::Policy\",\n },\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\niot_assume_role_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"iot.amazonaws.com\"],\n )],\n)])\niot_fleet_provisioning = aws.iam.Role(\"iot_fleet_provisioning\",\n name=\"IoTProvisioningServiceRole\",\n path=\"/service-role/\",\n assume_role_policy=iot_assume_role_policy.json)\niot_fleet_provisioning_registration = aws.iam.RolePolicyAttachment(\"iot_fleet_provisioning_registration\",\n role=iot_fleet_provisioning.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\")\ndevice_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"iot:Subscribe\"],\n resources=[\"*\"],\n)])\ndevice_policy_policy = aws.iot.Policy(\"device_policy\",\n name=\"DevicePolicy\",\n policy=device_policy.json)\nfleet = aws.iot.ProvisioningTemplate(\"fleet\",\n name=\"FleetTemplate\",\n description=\"My provisioning template\",\n provisioning_role_arn=iot_fleet_provisioning.arn,\n enabled=True,\n template_body=pulumi.Output.json_dumps({\n \"parameters\": {\n \"serialNumber\": {\n \"type\": \"String\",\n },\n },\n \"resources\": {\n \"certificate\": {\n \"properties\": {\n \"certificateId\": {\n \"ref\": \"AWS::IoT::Certificate::Id\",\n },\n \"status\": \"Active\",\n },\n \"type\": \"AWS::IoT::Certificate\",\n },\n \"policy\": {\n \"properties\": {\n \"policyName\": device_policy_policy.name,\n },\n \"type\": \"AWS::IoT::Policy\",\n },\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iotAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"iot.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var iotFleetProvisioning = new Aws.Iam.Role(\"iot_fleet_provisioning\", new()\n {\n Name = \"IoTProvisioningServiceRole\",\n Path = \"/service-role/\",\n AssumeRolePolicy = iotAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var iotFleetProvisioningRegistration = new Aws.Iam.RolePolicyAttachment(\"iot_fleet_provisioning_registration\", new()\n {\n Role = iotFleetProvisioning.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\",\n });\n\n var devicePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"iot:Subscribe\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var devicePolicyPolicy = new Aws.Iot.Policy(\"device_policy\", new()\n {\n Name = \"DevicePolicy\",\n PolicyDocument = devicePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var fleet = new Aws.Iot.ProvisioningTemplate(\"fleet\", new()\n {\n Name = \"FleetTemplate\",\n Description = \"My provisioning template\",\n ProvisioningRoleArn = iotFleetProvisioning.Arn,\n Enabled = true,\n TemplateBody = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"serialNumber\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"type\"] = \"String\",\n },\n },\n [\"resources\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"certificate\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"certificateId\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ref\"] = \"AWS::IoT::Certificate::Id\",\n },\n [\"status\"] = \"Active\",\n },\n [\"type\"] = \"AWS::IoT::Certificate\",\n },\n [\"policy\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"policyName\"] = devicePolicyPolicy.Name,\n },\n [\"type\"] = \"AWS::IoT::Policy\",\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tiotAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"iot.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiotFleetProvisioning, err := iam.NewRole(ctx, \"iot_fleet_provisioning\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"IoTProvisioningServiceRole\"),\n\t\t\tPath: pulumi.String(\"/service-role/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(iotAssumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"iot_fleet_provisioning_registration\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: iotFleetProvisioning.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdevicePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"iot:Subscribe\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdevicePolicyPolicy, err := iot.NewPolicy(ctx, \"device_policy\", \u0026iot.PolicyArgs{\n\t\t\tName: pulumi.String(\"DevicePolicy\"),\n\t\t\tPolicy: pulumi.String(devicePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewProvisioningTemplate(ctx, \"fleet\", \u0026iot.ProvisioningTemplateArgs{\n\t\t\tName: pulumi.String(\"FleetTemplate\"),\n\t\t\tDescription: pulumi.String(\"My provisioning template\"),\n\t\t\tProvisioningRoleArn: iotFleetProvisioning.Arn,\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tTemplateBody: devicePolicyPolicy.Name.ApplyT(func(name string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"parameters\": map[string]interface{}{\n\t\t\t\t\t\t\"serialNumber\": map[string]interface{}{\n\t\t\t\t\t\t\t\"type\": \"String\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"resources\": map[string]interface{}{\n\t\t\t\t\t\t\"certificate\": map[string]interface{}{\n\t\t\t\t\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"certificateId\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"ref\": \"AWS::IoT::Certificate::Id\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\"status\": \"Active\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"type\": \"AWS::IoT::Certificate\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"policy\": map[string]interface{}{\n\t\t\t\t\t\t\t\"properties\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"policyName\": name,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"type\": \"AWS::IoT::Policy\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.iot.Policy;\nimport com.pulumi.aws.iot.PolicyArgs;\nimport com.pulumi.aws.iot.ProvisioningTemplate;\nimport com.pulumi.aws.iot.ProvisioningTemplateArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var iotAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"iot.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var iotFleetProvisioning = new Role(\"iotFleetProvisioning\", RoleArgs.builder() \n .name(\"IoTProvisioningServiceRole\")\n .path(\"/service-role/\")\n .assumeRolePolicy(iotAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var iotFleetProvisioningRegistration = new RolePolicyAttachment(\"iotFleetProvisioningRegistration\", RolePolicyAttachmentArgs.builder() \n .role(iotFleetProvisioning.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\")\n .build());\n\n final var devicePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"iot:Subscribe\")\n .resources(\"*\")\n .build())\n .build());\n\n var devicePolicyPolicy = new Policy(\"devicePolicyPolicy\", PolicyArgs.builder() \n .name(\"DevicePolicy\")\n .policy(devicePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var fleet = new ProvisioningTemplate(\"fleet\", ProvisioningTemplateArgs.builder() \n .name(\"FleetTemplate\")\n .description(\"My provisioning template\")\n .provisioningRoleArn(iotFleetProvisioning.arn())\n .enabled(true)\n .templateBody(devicePolicyPolicy.name().applyValue(name -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"parameters\", jsonObject(\n jsonProperty(\"serialNumber\", jsonObject(\n jsonProperty(\"type\", \"String\")\n ))\n )),\n jsonProperty(\"resources\", jsonObject(\n jsonProperty(\"certificate\", jsonObject(\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"certificateId\", jsonObject(\n jsonProperty(\"ref\", \"AWS::IoT::Certificate::Id\")\n )),\n jsonProperty(\"status\", \"Active\")\n )),\n jsonProperty(\"type\", \"AWS::IoT::Certificate\")\n )),\n jsonProperty(\"policy\", jsonObject(\n jsonProperty(\"properties\", jsonObject(\n jsonProperty(\"policyName\", name)\n )),\n jsonProperty(\"type\", \"AWS::IoT::Policy\")\n ))\n ))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iotFleetProvisioning:\n type: aws:iam:Role\n name: iot_fleet_provisioning\n properties:\n name: IoTProvisioningServiceRole\n path: /service-role/\n assumeRolePolicy: ${iotAssumeRolePolicy.json}\n iotFleetProvisioningRegistration:\n type: aws:iam:RolePolicyAttachment\n name: iot_fleet_provisioning_registration\n properties:\n role: ${iotFleetProvisioning.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\n devicePolicyPolicy:\n type: aws:iot:Policy\n name: device_policy\n properties:\n name: DevicePolicy\n policy: ${devicePolicy.json}\n fleet:\n type: aws:iot:ProvisioningTemplate\n properties:\n name: FleetTemplate\n description: My provisioning template\n provisioningRoleArn: ${iotFleetProvisioning.arn}\n enabled: true\n templateBody:\n fn::toJSON:\n parameters:\n serialNumber:\n type: String\n resources:\n certificate:\n properties:\n certificateId:\n ref: AWS::IoT::Certificate::Id\n status: Active\n type: AWS::IoT::Certificate\n policy:\n properties:\n policyName: ${devicePolicyPolicy.name}\n type: AWS::IoT::Policy\nvariables:\n iotAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - iot.amazonaws.com\n devicePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - iot:Subscribe\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT fleet provisioning templates using the `name`. For example:\n\n```sh\n$ pulumi import aws:iot/provisioningTemplate:ProvisioningTemplate fleet FleetProvisioningTemplate\n```\n", + "description": "Manages an IoT fleet provisioning template. For more info, see the AWS documentation on [fleet provisioning](https://docs.aws.amazon.com/iot/latest/developerguide/provision-wo-cert.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst iotAssumeRolePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"iot.amazonaws.com\"],\n }],\n }],\n});\nconst iotFleetProvisioning = new aws.iam.Role(\"iot_fleet_provisioning\", {\n name: \"IoTProvisioningServiceRole\",\n path: \"/service-role/\",\n assumeRolePolicy: iotAssumeRolePolicy.then(iotAssumeRolePolicy =\u003e iotAssumeRolePolicy.json),\n});\nconst iotFleetProvisioningRegistration = new aws.iam.RolePolicyAttachment(\"iot_fleet_provisioning_registration\", {\n role: iotFleetProvisioning.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\",\n});\nconst devicePolicy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"iot:Subscribe\"],\n resources: [\"*\"],\n }],\n});\nconst devicePolicyPolicy = new aws.iot.Policy(\"device_policy\", {\n name: \"DevicePolicy\",\n policy: devicePolicy.then(devicePolicy =\u003e devicePolicy.json),\n});\nconst fleet = new aws.iot.ProvisioningTemplate(\"fleet\", {\n name: \"FleetTemplate\",\n description: \"My provisioning template\",\n provisioningRoleArn: iotFleetProvisioning.arn,\n enabled: true,\n templateBody: pulumi.jsonStringify({\n Parameters: {\n SerialNumber: {\n Type: \"String\",\n },\n },\n Resources: {\n certificate: {\n Properties: {\n CertificateId: {\n Ref: \"AWS::IoT::Certificate::Id\",\n },\n Status: \"Active\",\n },\n Type: \"AWS::IoT::Certificate\",\n },\n policy: {\n Properties: {\n PolicyName: devicePolicyPolicy.name,\n },\n Type: \"AWS::IoT::Policy\",\n },\n },\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\niot_assume_role_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"iot.amazonaws.com\"],\n )],\n)])\niot_fleet_provisioning = aws.iam.Role(\"iot_fleet_provisioning\",\n name=\"IoTProvisioningServiceRole\",\n path=\"/service-role/\",\n assume_role_policy=iot_assume_role_policy.json)\niot_fleet_provisioning_registration = aws.iam.RolePolicyAttachment(\"iot_fleet_provisioning_registration\",\n role=iot_fleet_provisioning.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\")\ndevice_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"iot:Subscribe\"],\n resources=[\"*\"],\n)])\ndevice_policy_policy = aws.iot.Policy(\"device_policy\",\n name=\"DevicePolicy\",\n policy=device_policy.json)\nfleet = aws.iot.ProvisioningTemplate(\"fleet\",\n name=\"FleetTemplate\",\n description=\"My provisioning template\",\n provisioning_role_arn=iot_fleet_provisioning.arn,\n enabled=True,\n template_body=pulumi.Output.json_dumps({\n \"Parameters\": {\n \"SerialNumber\": {\n \"Type\": \"String\",\n },\n },\n \"Resources\": {\n \"certificate\": {\n \"Properties\": {\n \"CertificateId\": {\n \"Ref\": \"AWS::IoT::Certificate::Id\",\n },\n \"Status\": \"Active\",\n },\n \"Type\": \"AWS::IoT::Certificate\",\n },\n \"policy\": {\n \"Properties\": {\n \"PolicyName\": device_policy_policy.name,\n },\n \"Type\": \"AWS::IoT::Policy\",\n },\n },\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iotAssumeRolePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"iot.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var iotFleetProvisioning = new Aws.Iam.Role(\"iot_fleet_provisioning\", new()\n {\n Name = \"IoTProvisioningServiceRole\",\n Path = \"/service-role/\",\n AssumeRolePolicy = iotAssumeRolePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var iotFleetProvisioningRegistration = new Aws.Iam.RolePolicyAttachment(\"iot_fleet_provisioning_registration\", new()\n {\n Role = iotFleetProvisioning.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\",\n });\n\n var devicePolicy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"iot:Subscribe\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var devicePolicyPolicy = new Aws.Iot.Policy(\"device_policy\", new()\n {\n Name = \"DevicePolicy\",\n PolicyDocument = devicePolicy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var fleet = new Aws.Iot.ProvisioningTemplate(\"fleet\", new()\n {\n Name = \"FleetTemplate\",\n Description = \"My provisioning template\",\n ProvisioningRoleArn = iotFleetProvisioning.Arn,\n Enabled = true,\n TemplateBody = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Parameters\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"SerialNumber\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Type\"] = \"String\",\n },\n },\n [\"Resources\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"certificate\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"CertificateId\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Ref\"] = \"AWS::IoT::Certificate::Id\",\n },\n [\"Status\"] = \"Active\",\n },\n [\"Type\"] = \"AWS::IoT::Certificate\",\n },\n [\"policy\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Properties\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"PolicyName\"] = devicePolicyPolicy.Name,\n },\n [\"Type\"] = \"AWS::IoT::Policy\",\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tiotAssumeRolePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"iot.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiotFleetProvisioning, err := iam.NewRole(ctx, \"iot_fleet_provisioning\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"IoTProvisioningServiceRole\"),\n\t\t\tPath: pulumi.String(\"/service-role/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(iotAssumeRolePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"iot_fleet_provisioning_registration\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: iotFleetProvisioning.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdevicePolicy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"iot:Subscribe\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdevicePolicyPolicy, err := iot.NewPolicy(ctx, \"device_policy\", \u0026iot.PolicyArgs{\n\t\t\tName: pulumi.String(\"DevicePolicy\"),\n\t\t\tPolicy: pulumi.String(devicePolicy.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iot.NewProvisioningTemplate(ctx, \"fleet\", \u0026iot.ProvisioningTemplateArgs{\n\t\t\tName: pulumi.String(\"FleetTemplate\"),\n\t\t\tDescription: pulumi.String(\"My provisioning template\"),\n\t\t\tProvisioningRoleArn: iotFleetProvisioning.Arn,\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tTemplateBody: devicePolicyPolicy.Name.ApplyT(func(name string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Parameters\": map[string]interface{}{\n\t\t\t\t\t\t\"SerialNumber\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Type\": \"String\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"Resources\": map[string]interface{}{\n\t\t\t\t\t\t\"certificate\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Properties\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"CertificateId\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\t\"Ref\": \"AWS::IoT::Certificate::Id\",\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\"Status\": \"Active\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Type\": \"AWS::IoT::Certificate\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"policy\": map[string]interface{}{\n\t\t\t\t\t\t\t\"Properties\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"PolicyName\": name,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Type\": \"AWS::IoT::Policy\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.iot.Policy;\nimport com.pulumi.aws.iot.PolicyArgs;\nimport com.pulumi.aws.iot.ProvisioningTemplate;\nimport com.pulumi.aws.iot.ProvisioningTemplateArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var iotAssumeRolePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"iot.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var iotFleetProvisioning = new Role(\"iotFleetProvisioning\", RoleArgs.builder() \n .name(\"IoTProvisioningServiceRole\")\n .path(\"/service-role/\")\n .assumeRolePolicy(iotAssumeRolePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var iotFleetProvisioningRegistration = new RolePolicyAttachment(\"iotFleetProvisioningRegistration\", RolePolicyAttachmentArgs.builder() \n .role(iotFleetProvisioning.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\")\n .build());\n\n final var devicePolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"iot:Subscribe\")\n .resources(\"*\")\n .build())\n .build());\n\n var devicePolicyPolicy = new Policy(\"devicePolicyPolicy\", PolicyArgs.builder() \n .name(\"DevicePolicy\")\n .policy(devicePolicy.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var fleet = new ProvisioningTemplate(\"fleet\", ProvisioningTemplateArgs.builder() \n .name(\"FleetTemplate\")\n .description(\"My provisioning template\")\n .provisioningRoleArn(iotFleetProvisioning.arn())\n .enabled(true)\n .templateBody(devicePolicyPolicy.name().applyValue(name -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Parameters\", jsonObject(\n jsonProperty(\"SerialNumber\", jsonObject(\n jsonProperty(\"Type\", \"String\")\n ))\n )),\n jsonProperty(\"Resources\", jsonObject(\n jsonProperty(\"certificate\", jsonObject(\n jsonProperty(\"Properties\", jsonObject(\n jsonProperty(\"CertificateId\", jsonObject(\n jsonProperty(\"Ref\", \"AWS::IoT::Certificate::Id\")\n )),\n jsonProperty(\"Status\", \"Active\")\n )),\n jsonProperty(\"Type\", \"AWS::IoT::Certificate\")\n )),\n jsonProperty(\"policy\", jsonObject(\n jsonProperty(\"Properties\", jsonObject(\n jsonProperty(\"PolicyName\", name)\n )),\n jsonProperty(\"Type\", \"AWS::IoT::Policy\")\n ))\n ))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iotFleetProvisioning:\n type: aws:iam:Role\n name: iot_fleet_provisioning\n properties:\n name: IoTProvisioningServiceRole\n path: /service-role/\n assumeRolePolicy: ${iotAssumeRolePolicy.json}\n iotFleetProvisioningRegistration:\n type: aws:iam:RolePolicyAttachment\n name: iot_fleet_provisioning_registration\n properties:\n role: ${iotFleetProvisioning.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration\n devicePolicyPolicy:\n type: aws:iot:Policy\n name: device_policy\n properties:\n name: DevicePolicy\n policy: ${devicePolicy.json}\n fleet:\n type: aws:iot:ProvisioningTemplate\n properties:\n name: FleetTemplate\n description: My provisioning template\n provisioningRoleArn: ${iotFleetProvisioning.arn}\n enabled: true\n templateBody:\n fn::toJSON:\n Parameters:\n SerialNumber:\n Type: String\n Resources:\n certificate:\n Properties:\n CertificateId:\n Ref: AWS::IoT::Certificate::Id\n Status: Active\n Type: AWS::IoT::Certificate\n policy:\n Properties:\n PolicyName: ${devicePolicyPolicy.name}\n Type: AWS::IoT::Policy\nvariables:\n iotAssumeRolePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - iot.amazonaws.com\n devicePolicy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - iot:Subscribe\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import IoT fleet provisioning templates using the `name`. For example:\n\n```sh\n$ pulumi import aws:iot/provisioningTemplate:ProvisioningTemplate fleet FleetProvisioningTemplate\n```\n", "properties": { "arn": { "type": "string", @@ -262331,7 +262331,7 @@ } }, "aws:kendra/dataSource:DataSource": { - "description": "Resource for managing an AWS Kendra Data Source.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n description: \"example\",\n languageCode: \"en\",\n type: \"CUSTOM\",\n tags: {\n hello: \"world\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n description=\"example\",\n language_code=\"en\",\n type=\"CUSTOM\",\n tags={\n \"hello\": \"world\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Description = \"example\",\n LanguageCode = \"en\",\n Type = \"CUSTOM\",\n Tags = \n {\n { \"hello\", \"world\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tLanguageCode: pulumi.String(\"en\"),\n\t\t\tType: pulumi.String(\"CUSTOM\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"hello\": pulumi.String(\"world\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .description(\"example\")\n .languageCode(\"en\")\n .type(\"CUSTOM\")\n .tags(Map.of(\"hello\", \"world\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n description: example\n languageCode: en\n type: CUSTOM\n tags:\n hello: world\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Connector\n\n### With Schedule\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"S3\",\n roleArn: exampleAwsIamRole.arn,\n schedule: \"cron(9 10 1 * ? *)\",\n configuration: {\n s3Configuration: {\n bucketName: exampleAwsS3Bucket.id,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"S3\",\n role_arn=example_aws_iam_role[\"arn\"],\n schedule=\"cron(9 10 1 * ? *)\",\n configuration=aws.kendra.DataSourceConfigurationArgs(\n s3_configuration=aws.kendra.DataSourceConfigurationS3ConfigurationArgs(\n bucket_name=example_aws_s3_bucket[\"id\"],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"S3\",\n RoleArn = exampleAwsIamRole.Arn,\n Schedule = \"cron(9 10 1 * ? *)\",\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n S3Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"S3\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSchedule: pulumi.String(\"cron(9 10 1 * ? *)\"),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026kendra.DataSourceConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"S3\")\n .roleArn(exampleAwsIamRole.arn())\n .schedule(\"cron(9 10 1 * ? *)\")\n .configuration(DataSourceConfigurationArgs.builder()\n .s3Configuration(DataSourceConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: S3\n roleArn: ${exampleAwsIamRole.arn}\n schedule: cron(9 10 1 * ? *)\n configuration:\n s3Configuration:\n bucketName: ${exampleAwsS3Bucket.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Access Control List\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"S3\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n s3Configuration: {\n bucketName: exampleAwsS3Bucket.id,\n accessControlListConfiguration: {\n keyPath: `s3://${exampleAwsS3Bucket.id}/path-1`,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"S3\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n s3_configuration=aws.kendra.DataSourceConfigurationS3ConfigurationArgs(\n bucket_name=example_aws_s3_bucket[\"id\"],\n access_control_list_configuration=aws.kendra.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs(\n key_path=f\"s3://{example_aws_s3_bucket['id']}/path-1\",\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"S3\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n S3Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n AccessControlListConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs\n {\n KeyPath = $\"s3://{exampleAwsS3Bucket.Id}/path-1\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"S3\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026kendra.DataSourceConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tAccessControlListConfiguration: \u0026kendra.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs{\n\t\t\t\t\t\tKeyPath: pulumi.String(fmt.Sprintf(\"s3://%v/path-1\", exampleAwsS3Bucket.Id)),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"S3\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .s3Configuration(DataSourceConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .accessControlListConfiguration(DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs.builder()\n .keyPath(String.format(\"s3://%s/path-1\", exampleAwsS3Bucket.id()))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: S3\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n s3Configuration:\n bucketName: ${exampleAwsS3Bucket.id}\n accessControlListConfiguration:\n keyPath: s3://${exampleAwsS3Bucket.id}/path-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Documents Metadata Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"S3\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n s3Configuration: {\n bucketName: exampleAwsS3Bucket.id,\n exclusionPatterns: [\"example\"],\n inclusionPatterns: [\"hello\"],\n inclusionPrefixes: [\"world\"],\n documentsMetadataConfiguration: {\n s3Prefix: \"example\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"S3\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n s3_configuration=aws.kendra.DataSourceConfigurationS3ConfigurationArgs(\n bucket_name=example_aws_s3_bucket[\"id\"],\n exclusion_patterns=[\"example\"],\n inclusion_patterns=[\"hello\"],\n inclusion_prefixes=[\"world\"],\n documents_metadata_configuration=aws.kendra.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs(\n s3_prefix=\"example\",\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"S3\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n S3Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n ExclusionPatterns = new[]\n {\n \"example\",\n },\n InclusionPatterns = new[]\n {\n \"hello\",\n },\n InclusionPrefixes = new[]\n {\n \"world\",\n },\n DocumentsMetadataConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs\n {\n S3Prefix = \"example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"S3\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026kendra.DataSourceConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tExclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t\tInclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"hello\"),\n\t\t\t\t\t},\n\t\t\t\t\tInclusionPrefixes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"world\"),\n\t\t\t\t\t},\n\t\t\t\t\tDocumentsMetadataConfiguration: \u0026kendra.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs{\n\t\t\t\t\t\tS3Prefix: pulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"S3\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .s3Configuration(DataSourceConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .exclusionPatterns(\"example\")\n .inclusionPatterns(\"hello\")\n .inclusionPrefixes(\"world\")\n .documentsMetadataConfiguration(DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs.builder()\n .s3Prefix(\"example\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: S3\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n s3Configuration:\n bucketName: ${exampleAwsS3Bucket.id}\n exclusionPatterns:\n - example\n inclusionPatterns:\n - hello\n inclusionPrefixes:\n - world\n documentsMetadataConfiguration:\n s3Prefix: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Web Crawler Connector\n\n### With Seed URLs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Site Maps\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urls: {\n siteMapsConfiguration: {\n siteMaps: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n site_maps_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs(\n site_maps=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SiteMapsConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs\n {\n SiteMaps = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSiteMapsConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs{\n\t\t\t\t\t\t\tSiteMaps: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .siteMapsConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs.builder()\n .siteMaps(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urls:\n siteMapsConfiguration:\n siteMaps:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Web Crawler Mode\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urls: {\n seedUrlConfiguration: {\n webCrawlerMode: \"SUBDOMAINS\",\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n web_crawler_mode=\"SUBDOMAINS\",\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n WebCrawlerMode = \"SUBDOMAINS\",\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tWebCrawlerMode: pulumi.String(\"SUBDOMAINS\"),\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .webCrawlerMode(\"SUBDOMAINS\")\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urls:\n seedUrlConfiguration:\n webCrawlerMode: SUBDOMAINS\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Authentication Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n authenticationConfiguration: {\n basicAuthentications: [{\n credentials: exampleAwsSecretsmanagerSecret.arn,\n host: \"a.example.com\",\n port: 443,\n }],\n },\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n authentication_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs(\n basic_authentications=[aws.kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs(\n credentials=example_aws_secretsmanager_secret[\"arn\"],\n host=\"a.example.com\",\n port=443,\n )],\n ),\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n AuthenticationConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs\n {\n BasicAuthentications = new[]\n {\n new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs\n {\n Credentials = exampleAwsSecretsmanagerSecret.Arn,\n Host = \"a.example.com\",\n Port = 443,\n },\n },\n },\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tAuthenticationConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs{\n\t\t\t\t\t\tBasicAuthentications: kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArray{\n\t\t\t\t\t\t\t\u0026kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs{\n\t\t\t\t\t\t\t\tCredentials: pulumi.Any(exampleAwsSecretsmanagerSecret.Arn),\n\t\t\t\t\t\t\t\tHost: pulumi.String(\"a.example.com\"),\n\t\t\t\t\t\t\t\tPort: pulumi.Int(443),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .authenticationConfiguration(DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs.builder()\n .basicAuthentications(DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs.builder()\n .credentials(exampleAwsSecretsmanagerSecret.arn())\n .host(\"a.example.com\")\n .port(\"443\")\n .build())\n .build())\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n authenticationConfiguration:\n basicAuthentications:\n - credentials: ${exampleAwsSecretsmanagerSecret.arn}\n host: a.example.com\n port: '443'\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Crawl Depth\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n crawlDepth: 3,\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n crawl_depth=3,\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n CrawlDepth = 3,\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tCrawlDepth: pulumi.Int(3),\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .crawlDepth(3)\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n crawlDepth: 3\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Max Links Per Page\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n maxLinksPerPage: 100,\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n max_links_per_page=100,\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n MaxLinksPerPage = 100,\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tMaxLinksPerPage: pulumi.Int(100),\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .maxLinksPerPage(100)\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n maxLinksPerPage: 100\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Max Urls Per Minute Crawl Rate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n maxUrlsPerMinuteCrawlRate: 300,\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n max_urls_per_minute_crawl_rate=300,\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n MaxUrlsPerMinuteCrawlRate = 300,\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tMaxUrlsPerMinuteCrawlRate: pulumi.Int(300),\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .maxUrlsPerMinuteCrawlRate(300)\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n maxUrlsPerMinuteCrawlRate: 300\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Proxy Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n proxyConfiguration: {\n credentials: exampleAwsSecretsmanagerSecret.arn,\n host: \"a.example.com\",\n port: 443,\n },\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n proxy_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs(\n credentials=example_aws_secretsmanager_secret[\"arn\"],\n host=\"a.example.com\",\n port=443,\n ),\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n ProxyConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs\n {\n Credentials = exampleAwsSecretsmanagerSecret.Arn,\n Host = \"a.example.com\",\n Port = 443,\n },\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tProxyConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs{\n\t\t\t\t\t\tCredentials: pulumi.Any(exampleAwsSecretsmanagerSecret.Arn),\n\t\t\t\t\t\tHost: pulumi.String(\"a.example.com\"),\n\t\t\t\t\t\tPort: pulumi.Int(443),\n\t\t\t\t\t},\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .proxyConfiguration(DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs.builder()\n .credentials(exampleAwsSecretsmanagerSecret.arn())\n .host(\"a.example.com\")\n .port(\"443\")\n .build())\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n proxyConfiguration:\n credentials: ${exampleAwsSecretsmanagerSecret.arn}\n host: a.example.com\n port: '443'\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With URL Exclusion and Inclusion Patterns\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urlExclusionPatterns: [\"example\"],\n urlInclusionPatterns: [\"hello\"],\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n url_exclusion_patterns=[\"example\"],\n url_inclusion_patterns=[\"hello\"],\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n UrlExclusionPatterns = new[]\n {\n \"example\",\n },\n UrlInclusionPatterns = new[]\n {\n \"hello\",\n },\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrlExclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t\tUrlInclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"hello\"),\n\t\t\t\t\t},\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urlExclusionPatterns(\"example\")\n .urlInclusionPatterns(\"hello\")\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urlExclusionPatterns:\n - example\n urlInclusionPatterns:\n - hello\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kendra Data Source using the unique identifiers of the data_source and index separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:kendra/dataSource:DataSource example 1045d08d-66ef-4882-b3ed-dfb7df183e90/b34dfdf7-1f2b-4704-9581-79e00296845f\n```\n", + "description": "Resource for managing an AWS Kendra Data Source.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n description: \"example\",\n languageCode: \"en\",\n type: \"CUSTOM\",\n tags: {\n hello: \"world\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n description=\"example\",\n language_code=\"en\",\n type=\"CUSTOM\",\n tags={\n \"hello\": \"world\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Description = \"example\",\n LanguageCode = \"en\",\n Type = \"CUSTOM\",\n Tags = \n {\n { \"hello\", \"world\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t\tLanguageCode: pulumi.String(\"en\"),\n\t\t\tType: pulumi.String(\"CUSTOM\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"hello\": pulumi.String(\"world\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .description(\"example\")\n .languageCode(\"en\")\n .type(\"CUSTOM\")\n .tags(Map.of(\"hello\", \"world\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n description: example\n languageCode: en\n type: CUSTOM\n tags:\n hello: world\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Connector\n\n### With Schedule\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"S3\",\n roleArn: exampleAwsIamRole.arn,\n schedule: \"cron(9 10 1 * ? *)\",\n configuration: {\n s3Configuration: {\n bucketName: exampleAwsS3Bucket.id,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"S3\",\n role_arn=example_aws_iam_role[\"arn\"],\n schedule=\"cron(9 10 1 * ? *)\",\n configuration=aws.kendra.DataSourceConfigurationArgs(\n s3_configuration=aws.kendra.DataSourceConfigurationS3ConfigurationArgs(\n bucket_name=example_aws_s3_bucket[\"id\"],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"S3\",\n RoleArn = exampleAwsIamRole.Arn,\n Schedule = \"cron(9 10 1 * ? *)\",\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n S3Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"S3\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSchedule: pulumi.String(\"cron(9 10 1 * ? *)\"),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026kendra.DataSourceConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"S3\")\n .roleArn(exampleAwsIamRole.arn())\n .schedule(\"cron(9 10 1 * ? *)\")\n .configuration(DataSourceConfigurationArgs.builder()\n .s3Configuration(DataSourceConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: S3\n roleArn: ${exampleAwsIamRole.arn}\n schedule: cron(9 10 1 * ? *)\n configuration:\n s3Configuration:\n bucketName: ${exampleAwsS3Bucket.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Access Control List\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"S3\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n s3Configuration: {\n bucketName: exampleAwsS3Bucket.id,\n accessControlListConfiguration: {\n keyPath: `s3://${exampleAwsS3Bucket.id}/path-1`,\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"S3\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n s3_configuration=aws.kendra.DataSourceConfigurationS3ConfigurationArgs(\n bucket_name=example_aws_s3_bucket[\"id\"],\n access_control_list_configuration=aws.kendra.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs(\n key_path=f\"s3://{example_aws_s3_bucket['id']}/path-1\",\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"S3\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n S3Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n AccessControlListConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs\n {\n KeyPath = $\"s3://{exampleAwsS3Bucket.Id}/path-1\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"S3\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026kendra.DataSourceConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tAccessControlListConfiguration: \u0026kendra.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs{\n\t\t\t\t\t\tKeyPath: pulumi.String(fmt.Sprintf(\"s3://%v/path-1\", exampleAwsS3Bucket.Id)),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"S3\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .s3Configuration(DataSourceConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .accessControlListConfiguration(DataSourceConfigurationS3ConfigurationAccessControlListConfigurationArgs.builder()\n .keyPath(String.format(\"s3://%s/path-1\", exampleAwsS3Bucket.id()))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: S3\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n s3Configuration:\n bucketName: ${exampleAwsS3Bucket.id}\n accessControlListConfiguration:\n keyPath: s3://${exampleAwsS3Bucket.id}/path-1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Documents Metadata Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"S3\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n s3Configuration: {\n bucketName: exampleAwsS3Bucket.id,\n exclusionPatterns: [\"example\"],\n inclusionPatterns: [\"hello\"],\n inclusionPrefixes: [\"world\"],\n documentsMetadataConfiguration: {\n s3Prefix: \"example\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"S3\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n s3_configuration=aws.kendra.DataSourceConfigurationS3ConfigurationArgs(\n bucket_name=example_aws_s3_bucket[\"id\"],\n exclusion_patterns=[\"example\"],\n inclusion_patterns=[\"hello\"],\n inclusion_prefixes=[\"world\"],\n documents_metadata_configuration=aws.kendra.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs(\n s3_prefix=\"example\",\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"S3\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n S3Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationArgs\n {\n BucketName = exampleAwsS3Bucket.Id,\n ExclusionPatterns = new[]\n {\n \"example\",\n },\n InclusionPatterns = new[]\n {\n \"hello\",\n },\n InclusionPrefixes = new[]\n {\n \"world\",\n },\n DocumentsMetadataConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs\n {\n S3Prefix = \"example\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"S3\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tS3Configuration: \u0026kendra.DataSourceConfigurationS3ConfigurationArgs{\n\t\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\t\t\tExclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t\tInclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"hello\"),\n\t\t\t\t\t},\n\t\t\t\t\tInclusionPrefixes: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"world\"),\n\t\t\t\t\t},\n\t\t\t\t\tDocumentsMetadataConfiguration: \u0026kendra.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs{\n\t\t\t\t\t\tS3Prefix: pulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"S3\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .s3Configuration(DataSourceConfigurationS3ConfigurationArgs.builder()\n .bucketName(exampleAwsS3Bucket.id())\n .exclusionPatterns(\"example\")\n .inclusionPatterns(\"hello\")\n .inclusionPrefixes(\"world\")\n .documentsMetadataConfiguration(DataSourceConfigurationS3ConfigurationDocumentsMetadataConfigurationArgs.builder()\n .s3Prefix(\"example\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: S3\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n s3Configuration:\n bucketName: ${exampleAwsS3Bucket.id}\n exclusionPatterns:\n - example\n inclusionPatterns:\n - hello\n inclusionPrefixes:\n - world\n documentsMetadataConfiguration:\n s3Prefix: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Web Crawler Connector\n\n### With Seed URLs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Site Maps\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urls: {\n siteMapsConfiguration: {\n siteMaps: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n site_maps_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs(\n site_maps=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SiteMapsConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs\n {\n SiteMaps = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSiteMapsConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs{\n\t\t\t\t\t\t\tSiteMaps: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .siteMapsConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSiteMapsConfigurationArgs.builder()\n .siteMaps(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urls:\n siteMapsConfiguration:\n siteMaps:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Web Crawler Mode\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urls: {\n seedUrlConfiguration: {\n webCrawlerMode: \"SUBDOMAINS\",\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n web_crawler_mode=\"SUBDOMAINS\",\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n WebCrawlerMode = \"SUBDOMAINS\",\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tWebCrawlerMode: pulumi.String(\"SUBDOMAINS\"),\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .webCrawlerMode(\"SUBDOMAINS\")\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urls:\n seedUrlConfiguration:\n webCrawlerMode: SUBDOMAINS\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Authentication Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n authenticationConfiguration: {\n basicAuthentications: [{\n credentials: exampleAwsSecretsmanagerSecret.arn,\n host: \"a.example.com\",\n port: 443,\n }],\n },\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n}, {\n dependsOn: [exampleAwsSecretsmanagerSecretVersion],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n authentication_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs(\n basic_authentications=[aws.kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs(\n credentials=example_aws_secretsmanager_secret[\"arn\"],\n host=\"a.example.com\",\n port=443,\n )],\n ),\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_aws_secretsmanager_secret_version]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n AuthenticationConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs\n {\n BasicAuthentications = new[]\n {\n new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs\n {\n Credentials = exampleAwsSecretsmanagerSecret.Arn,\n Host = \"a.example.com\",\n Port = 443,\n },\n },\n },\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSecretsmanagerSecretVersion, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tAuthenticationConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs{\n\t\t\t\t\t\tBasicAuthentications: kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArray{\n\t\t\t\t\t\t\t\u0026kendra.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs{\n\t\t\t\t\t\t\t\tCredentials: pulumi.Any(exampleAwsSecretsmanagerSecret.Arn),\n\t\t\t\t\t\t\t\tHost: pulumi.String(\"a.example.com\"),\n\t\t\t\t\t\t\t\tPort: pulumi.Int(443),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSecretsmanagerSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .authenticationConfiguration(DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs.builder()\n .basicAuthentications(DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationBasicAuthenticationArgs.builder()\n .credentials(exampleAwsSecretsmanagerSecret.arn())\n .host(\"a.example.com\")\n .port(\"443\")\n .build())\n .build())\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSecretsmanagerSecretVersion)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n authenticationConfiguration:\n basicAuthentications:\n - credentials: ${exampleAwsSecretsmanagerSecret.arn}\n host: a.example.com\n port: '443'\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n options:\n dependson:\n - ${exampleAwsSecretsmanagerSecretVersion}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Crawl Depth\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n crawlDepth: 3,\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n crawl_depth=3,\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n CrawlDepth = 3,\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tCrawlDepth: pulumi.Int(3),\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .crawlDepth(3)\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n crawlDepth: 3\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Max Links Per Page\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n maxLinksPerPage: 100,\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n max_links_per_page=100,\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n MaxLinksPerPage = 100,\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tMaxLinksPerPage: pulumi.Int(100),\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .maxLinksPerPage(100)\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n maxLinksPerPage: 100\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Max Urls Per Minute Crawl Rate\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n maxUrlsPerMinuteCrawlRate: 300,\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n max_urls_per_minute_crawl_rate=300,\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n MaxUrlsPerMinuteCrawlRate = 300,\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tMaxUrlsPerMinuteCrawlRate: pulumi.Int(300),\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .maxUrlsPerMinuteCrawlRate(300)\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n maxUrlsPerMinuteCrawlRate: 300\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Proxy Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n proxyConfiguration: {\n credentials: exampleAwsSecretsmanagerSecret.arn,\n host: \"a.example.com\",\n port: 443,\n },\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n}, {\n dependsOn: [exampleAwsSecretsmanagerSecretVersion],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n proxy_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs(\n credentials=example_aws_secretsmanager_secret[\"arn\"],\n host=\"a.example.com\",\n port=443,\n ),\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_aws_secretsmanager_secret_version]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n ProxyConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs\n {\n Credentials = exampleAwsSecretsmanagerSecret.Arn,\n Host = \"a.example.com\",\n Port = 443,\n },\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSecretsmanagerSecretVersion, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tProxyConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs{\n\t\t\t\t\t\tCredentials: pulumi.Any(exampleAwsSecretsmanagerSecret.Arn),\n\t\t\t\t\t\tHost: pulumi.String(\"a.example.com\"),\n\t\t\t\t\t\tPort: pulumi.Int(443),\n\t\t\t\t\t},\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSecretsmanagerSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .proxyConfiguration(DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs.builder()\n .credentials(exampleAwsSecretsmanagerSecret.arn())\n .host(\"a.example.com\")\n .port(\"443\")\n .build())\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSecretsmanagerSecretVersion)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n proxyConfiguration:\n credentials: ${exampleAwsSecretsmanagerSecret.arn}\n host: a.example.com\n port: '443'\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n options:\n dependson:\n - ${exampleAwsSecretsmanagerSecretVersion}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With URL Exclusion and Inclusion Patterns\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kendra.DataSource(\"example\", {\n indexId: exampleAwsKendraIndex.id,\n name: \"example\",\n type: \"WEBCRAWLER\",\n roleArn: exampleAwsIamRole.arn,\n configuration: {\n webCrawlerConfiguration: {\n urlExclusionPatterns: [\"example\"],\n urlInclusionPatterns: [\"hello\"],\n urls: {\n seedUrlConfiguration: {\n seedUrls: [\"REPLACE_WITH_YOUR_URL\"],\n },\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.kendra.DataSource(\"example\",\n index_id=example_aws_kendra_index[\"id\"],\n name=\"example\",\n type=\"WEBCRAWLER\",\n role_arn=example_aws_iam_role[\"arn\"],\n configuration=aws.kendra.DataSourceConfigurationArgs(\n web_crawler_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationArgs(\n url_exclusion_patterns=[\"example\"],\n url_inclusion_patterns=[\"hello\"],\n urls=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs(\n seed_url_configuration=aws.kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs(\n seed_urls=[\"REPLACE_WITH_YOUR_URL\"],\n ),\n ),\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kendra.DataSource(\"example\", new()\n {\n IndexId = exampleAwsKendraIndex.Id,\n Name = \"example\",\n Type = \"WEBCRAWLER\",\n RoleArn = exampleAwsIamRole.Arn,\n Configuration = new Aws.Kendra.Inputs.DataSourceConfigurationArgs\n {\n WebCrawlerConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationArgs\n {\n UrlExclusionPatterns = new[]\n {\n \"example\",\n },\n UrlInclusionPatterns = new[]\n {\n \"hello\",\n },\n Urls = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs\n {\n SeedUrlConfiguration = new Aws.Kendra.Inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs\n {\n SeedUrls = new[]\n {\n \"REPLACE_WITH_YOUR_URL\",\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kendra\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kendra.NewDataSource(ctx, \"example\", \u0026kendra.DataSourceArgs{\n\t\t\tIndexId: pulumi.Any(exampleAwsKendraIndex.Id),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"WEBCRAWLER\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tConfiguration: \u0026kendra.DataSourceConfigurationArgs{\n\t\t\t\tWebCrawlerConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationArgs{\n\t\t\t\t\tUrlExclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t\tUrlInclusionPatterns: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"hello\"),\n\t\t\t\t\t},\n\t\t\t\t\tUrls: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs{\n\t\t\t\t\t\tSeedUrlConfiguration: \u0026kendra.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs{\n\t\t\t\t\t\t\tSeedUrls: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"REPLACE_WITH_YOUR_URL\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kendra.DataSource;\nimport com.pulumi.aws.kendra.DataSourceArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs;\nimport com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DataSource(\"example\", DataSourceArgs.builder() \n .indexId(exampleAwsKendraIndex.id())\n .name(\"example\")\n .type(\"WEBCRAWLER\")\n .roleArn(exampleAwsIamRole.arn())\n .configuration(DataSourceConfigurationArgs.builder()\n .webCrawlerConfiguration(DataSourceConfigurationWebCrawlerConfigurationArgs.builder()\n .urlExclusionPatterns(\"example\")\n .urlInclusionPatterns(\"hello\")\n .urls(DataSourceConfigurationWebCrawlerConfigurationUrlsArgs.builder()\n .seedUrlConfiguration(DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs.builder()\n .seedUrls(\"REPLACE_WITH_YOUR_URL\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kendra:DataSource\n properties:\n indexId: ${exampleAwsKendraIndex.id}\n name: example\n type: WEBCRAWLER\n roleArn: ${exampleAwsIamRole.arn}\n configuration:\n webCrawlerConfiguration:\n urlExclusionPatterns:\n - example\n urlInclusionPatterns:\n - hello\n urls:\n seedUrlConfiguration:\n seedUrls:\n - REPLACE_WITH_YOUR_URL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kendra Data Source using the unique identifiers of the data_source and index separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:kendra/dataSource:DataSource example 1045d08d-66ef-4882-b3ed-dfb7df183e90/b34dfdf7-1f2b-4704-9581-79e00296845f\n```\n", "properties": { "arn": { "type": "string", @@ -263938,7 +263938,7 @@ } }, "aws:kinesis/firehoseDeliveryStream:FirehoseDeliveryStream": { - "description": "Provides a Kinesis Firehose Delivery Stream resource. Amazon Kinesis Firehose is a fully managed, elastic service to easily deliver real-time data streams to destinations such as Amazon S3 and Amazon Redshift.\n\nFor more details, see the [Amazon Kinesis Firehose Documentation](https://aws.amazon.com/documentation/firehose/).\n\n## Example Usage\n\n### Extended S3 Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"tf-test-bucket\"});\nconst firehoseAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"firehose.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst firehoseRole = new aws.iam.Role(\"firehose_role\", {\n name: \"firehose_test_role\",\n assumeRolePolicy: firehoseAssumeRole.then(firehoseAssumeRole =\u003e firehoseAssumeRole.json),\n});\nconst lambdaAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst lambdaIam = new aws.iam.Role(\"lambda_iam\", {\n name: \"lambda_iam\",\n assumeRolePolicy: lambdaAssumeRole.then(lambdaAssumeRole =\u003e lambdaAssumeRole.json),\n});\nconst lambdaProcessor = new aws.lambda.Function(\"lambda_processor\", {\n code: new pulumi.asset.FileArchive(\"lambda.zip\"),\n name: \"firehose_lambda_processor\",\n role: lambdaIam.arn,\n handler: \"exports.handler\",\n runtime: aws.lambda.Runtime.NodeJS16dX,\n});\nconst extendedS3Stream = new aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", {\n name: \"kinesis-firehose-extended-s3-test-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: pulumi.interpolate`${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\nconst bucketAcl = new aws.s3.BucketAclV2(\"bucket_acl\", {\n bucket: bucket.id,\n acl: \"private\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"tf-test-bucket\")\nfirehose_assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"firehose.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nfirehose_role = aws.iam.Role(\"firehose_role\",\n name=\"firehose_test_role\",\n assume_role_policy=firehose_assume_role.json)\nlambda_assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nlambda_iam = aws.iam.Role(\"lambda_iam\",\n name=\"lambda_iam\",\n assume_role_policy=lambda_assume_role.json)\nlambda_processor = aws.lambda_.Function(\"lambda_processor\",\n code=pulumi.FileArchive(\"lambda.zip\"),\n name=\"firehose_lambda_processor\",\n role=lambda_iam.arn,\n handler=\"exports.handler\",\n runtime=aws.lambda_.Runtime.NODE_JS16D_X)\nextended_s3_stream = aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\",\n name=\"kinesis-firehose-extended-s3-test-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs(\n role_arn=firehose_role.arn,\n bucket_arn=bucket.arn,\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs(\n type=\"Lambda\",\n parameters=[aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"LambdaArn\",\n parameter_value=lambda_processor.arn.apply(lambda arn: f\"{arn}:$LATEST\"),\n )],\n )],\n ),\n ))\nbucket_acl = aws.s3.BucketAclV2(\"bucket_acl\",\n bucket=bucket.id,\n acl=\"private\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"tf-test-bucket\",\n });\n\n var firehoseAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"firehose.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var firehoseRole = new Aws.Iam.Role(\"firehose_role\", new()\n {\n Name = \"firehose_test_role\",\n AssumeRolePolicy = firehoseAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambdaAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var lambdaIam = new Aws.Iam.Role(\"lambda_iam\", new()\n {\n Name = \"lambda_iam\",\n AssumeRolePolicy = lambdaAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambdaProcessor = new Aws.Lambda.Function(\"lambda_processor\", new()\n {\n Code = new FileArchive(\"lambda.zip\"),\n Name = \"firehose_lambda_processor\",\n Role = lambdaIam.Arn,\n Handler = \"exports.handler\",\n Runtime = Aws.Lambda.Runtime.NodeJS16dX,\n });\n\n var extendedS3Stream = new Aws.Kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", new()\n {\n Name = \"kinesis-firehose-extended-s3-test-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = lambdaProcessor.Arn.Apply(arn =\u003e $\"{arn}:$LATEST\"),\n },\n },\n },\n },\n },\n },\n });\n\n var bucketAcl = new Aws.S3.BucketAclV2(\"bucket_acl\", new()\n {\n Bucket = bucket.Id,\n Acl = \"private\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"firehose.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseRole, err := iam.NewRole(ctx, \"firehose_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"firehose_test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(firehoseAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaIam, err := iam.NewRole(ctx, \"lambda_iam\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"lambda_iam\"),\n\t\t\tAssumeRolePolicy: pulumi.String(lambdaAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaProcessor, err := lambda.NewFunction(ctx, \"lambda_processor\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda.zip\"),\n\t\t\tName: pulumi.String(\"firehose_lambda_processor\"),\n\t\t\tRole: lambdaIam.Arn,\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS16dX),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"extended_s3_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-extended-s3-test-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: firehoseRole.Arn,\n\t\t\t\tBucketArn: bucket.Arn,\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: lambdaProcessor.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v:$LATEST\", arn), nil\n\t\t\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"tf-test-bucket\")\n .build());\n\n final var firehoseAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"firehose.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var firehoseRole = new Role(\"firehoseRole\", RoleArgs.builder() \n .name(\"firehose_test_role\")\n .assumeRolePolicy(firehoseAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var lambdaAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var lambdaIam = new Role(\"lambdaIam\", RoleArgs.builder() \n .name(\"lambda_iam\")\n .assumeRolePolicy(lambdaAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var lambdaProcessor = new Function(\"lambdaProcessor\", FunctionArgs.builder() \n .code(new FileArchive(\"lambda.zip\"))\n .name(\"firehose_lambda_processor\")\n .role(lambdaIam.arn())\n .handler(\"exports.handler\")\n .runtime(\"nodejs16.x\")\n .build());\n\n var extendedS3Stream = new FirehoseDeliveryStream(\"extendedS3Stream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-extended-s3-test-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .processingConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(lambdaProcessor.arn().applyValue(arn -\u003e String.format(\"%s:$LATEST\", arn)))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n var bucketAcl = new BucketAclV2(\"bucketAcl\", BucketAclV2Args.builder() \n .bucket(bucket.id())\n .acl(\"private\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n extendedS3Stream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: extended_s3_stream\n properties:\n name: kinesis-firehose-extended-s3-test-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket\n bucketAcl:\n type: aws:s3:BucketAclV2\n name: bucket_acl\n properties:\n bucket: ${bucket.id}\n acl: private\n firehoseRole:\n type: aws:iam:Role\n name: firehose_role\n properties:\n name: firehose_test_role\n assumeRolePolicy: ${firehoseAssumeRole.json}\n lambdaIam:\n type: aws:iam:Role\n name: lambda_iam\n properties:\n name: lambda_iam\n assumeRolePolicy: ${lambdaAssumeRole.json}\n lambdaProcessor:\n type: aws:lambda:Function\n name: lambda_processor\n properties:\n code:\n fn::FileArchive: lambda.zip\n name: firehose_lambda_processor\n role: ${lambdaIam.arn}\n handler: exports.handler\n runtime: nodejs16.x\nvariables:\n firehoseAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - firehose.amazonaws.com\n actions:\n - sts:AssumeRole\n lambdaAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Extended S3 Destination with dynamic partitioning\n\nThese examples use built-in Firehose functionality, rather than requiring a lambda.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst extendedS3Stream = new aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", {\n name: \"kinesis-firehose-extended-s3-test-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 64,\n dynamicPartitioningConfiguration: {\n enabled: true,\n },\n prefix: \"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n errorOutputPrefix: \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n processingConfiguration: {\n enabled: true,\n processors: [\n {\n type: \"RecordDeAggregation\",\n parameters: [{\n parameterName: \"SubRecordType\",\n parameterValue: \"JSON\",\n }],\n },\n {\n type: \"AppendDelimiterToRecord\",\n },\n {\n type: \"MetadataExtraction\",\n parameters: [\n {\n parameterName: \"JsonParsingEngine\",\n parameterValue: \"JQ-1.6\",\n },\n {\n parameterName: \"MetadataExtractionQuery\",\n parameterValue: \"{customer_id:.customer_id}\",\n },\n ],\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nextended_s3_stream = aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\",\n name=\"kinesis-firehose-extended-s3-test-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=64,\n dynamic_partitioning_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs(\n enabled=True,\n ),\n prefix=\"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n error_output_prefix=\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs(\n type=\"RecordDeAggregation\",\n parameters=[aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"SubRecordType\",\n parameter_value=\"JSON\",\n )],\n ),\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs(\n type=\"AppendDelimiterToRecord\",\n ),\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs(\n type=\"MetadataExtraction\",\n parameters=[\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"JsonParsingEngine\",\n parameter_value=\"JQ-1.6\",\n ),\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"MetadataExtractionQuery\",\n parameter_value=\"{customer_id:.customer_id}\",\n ),\n ],\n ),\n ],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var extendedS3Stream = new Aws.Kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", new()\n {\n Name = \"kinesis-firehose-extended-s3-test-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 64,\n DynamicPartitioningConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs\n {\n Enabled = true,\n },\n Prefix = \"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n ErrorOutputPrefix = \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"RecordDeAggregation\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"SubRecordType\",\n ParameterValue = \"JSON\",\n },\n },\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"AppendDelimiterToRecord\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"MetadataExtraction\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"JsonParsingEngine\",\n ParameterValue = \"JQ-1.6\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"MetadataExtractionQuery\",\n ParameterValue = \"{customer_id:.customer_id}\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"extended_s3_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-extended-s3-test-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\tBufferingSize: pulumi.Int(64),\n\t\t\t\tDynamicPartitioningConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tPrefix: pulumi.String(\"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\"),\n\t\t\t\tErrorOutputPrefix: pulumi.String(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\"),\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"RecordDeAggregation\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"SubRecordType\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"JSON\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AppendDelimiterToRecord\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"MetadataExtraction\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"JsonParsingEngine\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"JQ-1.6\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"MetadataExtractionQuery\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"{customer_id:.customer_id}\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var extendedS3Stream = new FirehoseDeliveryStream(\"extendedS3Stream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-extended-s3-test-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(64)\n .dynamicPartitioningConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs.builder()\n .enabled(\"true\")\n .build())\n .prefix(\"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\")\n .errorOutputPrefix(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\")\n .processingConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors( \n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"RecordDeAggregation\")\n .parameters(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"SubRecordType\")\n .parameterValue(\"JSON\")\n .build())\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"AppendDelimiterToRecord\")\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"MetadataExtraction\")\n .parameters( \n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"JsonParsingEngine\")\n .parameterValue(\"JQ-1.6\")\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"MetadataExtractionQuery\")\n .parameterValue(\"{customer_id:.customer_id}\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n extendedS3Stream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: extended_s3_stream\n properties:\n name: kinesis-firehose-extended-s3-test-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 64\n dynamicPartitioningConfiguration:\n enabled: 'true'\n prefix: data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\n errorOutputPrefix: errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: RecordDeAggregation\n parameters:\n - parameterName: SubRecordType\n parameterValue: JSON\n - type: AppendDelimiterToRecord\n - type: MetadataExtraction\n parameters:\n - parameterName: JsonParsingEngine\n parameterValue: JQ-1.6\n - parameterName: MetadataExtractionQuery\n parameterValue: '{customer_id:.customer_id}'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nMultiple Dynamic Partitioning Keys (maximum of 50) can be added by comma separating the `parameter_value`.\n\nThe following example adds the Dynamic Partitioning Keys: `store_id` and `customer_id` to the S3 prefix.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst extendedS3Stream = new aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", {\n name: \"kinesis-firehose-extended-s3-test-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 64,\n dynamicPartitioningConfiguration: {\n enabled: true,\n },\n prefix: \"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n errorOutputPrefix: \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"MetadataExtraction\",\n parameters: [\n {\n parameterName: \"JsonParsingEngine\",\n parameterValue: \"JQ-1.6\",\n },\n {\n parameterName: \"MetadataExtractionQuery\",\n parameterValue: \"{store_id:.store_id,customer_id:.customer_id}\",\n },\n ],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nextended_s3_stream = aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\",\n name=\"kinesis-firehose-extended-s3-test-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=64,\n dynamic_partitioning_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs(\n enabled=True,\n ),\n prefix=\"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n error_output_prefix=\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs(\n type=\"MetadataExtraction\",\n parameters=[\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"JsonParsingEngine\",\n parameter_value=\"JQ-1.6\",\n ),\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"MetadataExtractionQuery\",\n parameter_value=\"{store_id:.store_id,customer_id:.customer_id}\",\n ),\n ],\n )],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var extendedS3Stream = new Aws.Kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", new()\n {\n Name = \"kinesis-firehose-extended-s3-test-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 64,\n DynamicPartitioningConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs\n {\n Enabled = true,\n },\n Prefix = \"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n ErrorOutputPrefix = \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"MetadataExtraction\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"JsonParsingEngine\",\n ParameterValue = \"JQ-1.6\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"MetadataExtractionQuery\",\n ParameterValue = \"{store_id:.store_id,customer_id:.customer_id}\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"extended_s3_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-extended-s3-test-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\tBufferingSize: pulumi.Int(64),\n\t\t\t\tDynamicPartitioningConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tPrefix: pulumi.String(\"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\"),\n\t\t\t\tErrorOutputPrefix: pulumi.String(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\"),\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"MetadataExtraction\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"JsonParsingEngine\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"JQ-1.6\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"MetadataExtractionQuery\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"{store_id:.store_id,customer_id:.customer_id}\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var extendedS3Stream = new FirehoseDeliveryStream(\"extendedS3Stream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-extended-s3-test-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(64)\n .dynamicPartitioningConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs.builder()\n .enabled(\"true\")\n .build())\n .prefix(\"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\")\n .errorOutputPrefix(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\")\n .processingConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"MetadataExtraction\")\n .parameters( \n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"JsonParsingEngine\")\n .parameterValue(\"JQ-1.6\")\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"MetadataExtractionQuery\")\n .parameterValue(\"{store_id:.store_id,customer_id:.customer_id}\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n extendedS3Stream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: extended_s3_stream\n properties:\n name: kinesis-firehose-extended-s3-test-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 64\n dynamicPartitioningConfiguration:\n enabled: 'true'\n prefix: data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\n errorOutputPrefix: errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: MetadataExtraction\n parameters:\n - parameterName: JsonParsingEngine\n parameterValue: JQ-1.6\n - parameterName: MetadataExtractionQuery\n parameterValue: '{store_id:.store_id,customer_id:.customer_id}'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redshift Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.redshift.Cluster(\"test_cluster\", {\n clusterIdentifier: \"tf-redshift-cluster\",\n databaseName: \"test\",\n masterUsername: \"testuser\",\n masterPassword: \"T3stPass\",\n nodeType: \"dc1.large\",\n clusterType: \"single-node\",\n});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"redshift\",\n redshiftConfiguration: {\n roleArn: firehoseRole.arn,\n clusterJdbcurl: pulumi.interpolate`jdbc:redshift://${testCluster.endpoint}/${testCluster.databaseName}`,\n username: \"testuser\",\n password: \"T3stPass\",\n dataTableName: \"test-table\",\n copyOptions: \"delimiter '|'\",\n dataTableColumns: \"test-col\",\n s3BackupMode: \"Enabled\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n s3BackupConfiguration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 15,\n bufferingInterval: 300,\n compressionFormat: \"GZIP\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.redshift.Cluster(\"test_cluster\",\n cluster_identifier=\"tf-redshift-cluster\",\n database_name=\"test\",\n master_username=\"testuser\",\n master_password=\"T3stPass\",\n node_type=\"dc1.large\",\n cluster_type=\"single-node\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"redshift\",\n redshift_configuration=aws.kinesis.FirehoseDeliveryStreamRedshiftConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n cluster_jdbcurl=pulumi.Output.all(test_cluster.endpoint, test_cluster.database_name).apply(lambda endpoint, database_name: f\"jdbc:redshift://{endpoint}/{database_name}\"),\n username=\"testuser\",\n password=\"T3stPass\",\n data_table_name=\"test-table\",\n copy_options=\"delimiter '|'\",\n data_table_columns=\"test-col\",\n s3_backup_mode=\"Enabled\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n s3_backup_configuration=aws.kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=15,\n buffering_interval=300,\n compression_format=\"GZIP\",\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.RedShift.Cluster(\"test_cluster\", new()\n {\n ClusterIdentifier = \"tf-redshift-cluster\",\n DatabaseName = \"test\",\n MasterUsername = \"testuser\",\n MasterPassword = \"T3stPass\",\n NodeType = \"dc1.large\",\n ClusterType = \"single-node\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"redshift\",\n RedshiftConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n ClusterJdbcurl = Output.Tuple(testCluster.Endpoint, testCluster.DatabaseName).Apply(values =\u003e\n {\n var endpoint = values.Item1;\n var databaseName = values.Item2;\n return $\"jdbc:redshift://{endpoint}/{databaseName}\";\n }),\n Username = \"testuser\",\n Password = \"T3stPass\",\n DataTableName = \"test-table\",\n CopyOptions = \"delimiter '|'\",\n DataTableColumns = \"test-col\",\n S3BackupMode = \"Enabled\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n S3BackupConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 15,\n BufferingInterval = 300,\n CompressionFormat = \"GZIP\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := redshift.NewCluster(ctx, \"test_cluster\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"tf-redshift-cluster\"),\n\t\t\tDatabaseName: pulumi.String(\"test\"),\n\t\t\tMasterUsername: pulumi.String(\"testuser\"),\n\t\t\tMasterPassword: pulumi.String(\"T3stPass\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"redshift\"),\n\t\t\tRedshiftConfiguration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationArgs{\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tClusterJdbcurl: pulumi.All(testCluster.Endpoint, testCluster.DatabaseName).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\tendpoint := _args[0].(string)\n\t\t\t\t\tdatabaseName := _args[1].(string)\n\t\t\t\t\treturn fmt.Sprintf(\"jdbc:redshift://%v/%v\", endpoint, databaseName), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tUsername: pulumi.String(\"testuser\"),\n\t\t\t\tPassword: pulumi.String(\"T3stPass\"),\n\t\t\t\tDataTableName: pulumi.String(\"test-table\"),\n\t\t\t\tCopyOptions: pulumi.String(\"delimiter '|'\"),\n\t\t\t\tDataTableColumns: pulumi.String(\"test-col\"),\n\t\t\t\tS3BackupMode: pulumi.String(\"Enabled\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tS3BackupConfiguration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(15),\n\t\t\t\t\tBufferingInterval: pulumi.Int(300),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Cluster(\"testCluster\", ClusterArgs.builder() \n .clusterIdentifier(\"tf-redshift-cluster\")\n .databaseName(\"test\")\n .masterUsername(\"testuser\")\n .masterPassword(\"T3stPass\")\n .nodeType(\"dc1.large\")\n .clusterType(\"single-node\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"redshift\")\n .redshiftConfiguration(FirehoseDeliveryStreamRedshiftConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .clusterJdbcurl(Output.tuple(testCluster.endpoint(), testCluster.databaseName()).applyValue(values -\u003e {\n var endpoint = values.t1;\n var databaseName = values.t2;\n return String.format(\"jdbc:redshift://%s/%s\", endpoint,databaseName);\n }))\n .username(\"testuser\")\n .password(\"T3stPass\")\n .dataTableName(\"test-table\")\n .copyOptions(\"delimiter '|'\")\n .dataTableColumns(\"test-col\")\n .s3BackupMode(\"Enabled\")\n .s3Configuration(FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .s3BackupConfiguration(FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(15)\n .bufferingInterval(300)\n .compressionFormat(\"GZIP\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:redshift:Cluster\n name: test_cluster\n properties:\n clusterIdentifier: tf-redshift-cluster\n databaseName: test\n masterUsername: testuser\n masterPassword: T3stPass\n nodeType: dc1.large\n clusterType: single-node\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: redshift\n redshiftConfiguration:\n roleArn: ${firehoseRole.arn}\n clusterJdbcurl: jdbc:redshift://${testCluster.endpoint}/${testCluster.databaseName}\n username: testuser\n password: T3stPass\n dataTableName: test-table\n copyOptions: delimiter '|'\n dataTableColumns: test-col\n s3BackupMode: Enabled\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n s3BackupConfiguration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 15\n bufferingInterval: 300\n compressionFormat: GZIP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Elasticsearch Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.elasticsearch.Domain(\"test_cluster\", {domainName: \"firehose-es-test\"});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"elasticsearch\",\n elasticsearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehoseRole.arn,\n indexName: \"test\",\n typeName: \"test\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: `${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.elasticsearch.Domain(\"test_cluster\", domain_name=\"firehose-es-test\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"elasticsearch\",\n elasticsearch_configuration=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs(\n domain_arn=test_cluster.arn,\n role_arn=firehose_role[\"arn\"],\n index_name=\"test\",\n type_name=\"test\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs(\n type=\"Lambda\",\n parameters=[aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"LambdaArn\",\n parameter_value=f\"{lambda_processor['arn']}:$LATEST\",\n )],\n )],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.ElasticSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"firehose-es-test\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"elasticsearch\",\n ElasticsearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehoseRole.Arn,\n IndexName = \"test\",\n TypeName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = $\"{lambdaProcessor.Arn}:$LATEST\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := elasticsearch.NewDomain(ctx, \"test_cluster\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"firehose-es-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"elasticsearch\"),\n\t\t\tElasticsearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tTypeName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(fmt.Sprintf(\"%v:$LATEST\", lambdaProcessor.Arn)),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder() \n .domainName(\"firehose-es-test\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"elasticsearch\")\n .elasticsearchConfiguration(FirehoseDeliveryStreamElasticsearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehoseRole.arn())\n .indexName(\"test\")\n .typeName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .processingConfiguration(FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(String.format(\"%s:$LATEST\", lambdaProcessor.arn()))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:elasticsearch:Domain\n name: test_cluster\n properties:\n domainName: firehose-es-test\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: elasticsearch\n elasticsearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehoseRole.arn}\n indexName: test\n typeName: test\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Elasticsearch Destination With VPC\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.elasticsearch.Domain(\"test_cluster\", {\n domainName: \"es-test\",\n clusterConfig: {\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n instanceType: \"t2.small.elasticsearch\",\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n vpcOptions: {\n securityGroupIds: [first.id],\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n },\n});\nconst firehose-elasticsearch = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n actions: [\"es:*\"],\n resources: [\n testCluster.arn,\n pulumi.interpolate`${testCluster.arn}/*`,\n ],\n },\n {\n effect: \"Allow\",\n actions: [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\",\n ],\n resources: [\"*\"],\n },\n ],\n});\nconst firehose_elasticsearchRolePolicy = new aws.iam.RolePolicy(\"firehose-elasticsearch\", {\n name: \"elasticsearch\",\n role: firehose.id,\n policy: firehose_elasticsearch.apply(firehose_elasticsearch =\u003e firehose_elasticsearch.json),\n});\nconst test = new aws.kinesis.FirehoseDeliveryStream(\"test\", {\n name: \"kinesis-firehose-es\",\n destination: \"elasticsearch\",\n elasticsearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehose.arn,\n indexName: \"test\",\n typeName: \"test\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n },\n vpcConfig: {\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n securityGroupIds: [first.id],\n roleArn: firehose.arn,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.elasticsearch.Domain(\"test_cluster\",\n domain_name=\"es-test\",\n cluster_config=aws.elasticsearch.DomainClusterConfigArgs(\n instance_count=2,\n zone_awareness_enabled=True,\n instance_type=\"t2.small.elasticsearch\",\n ),\n ebs_options=aws.elasticsearch.DomainEbsOptionsArgs(\n ebs_enabled=True,\n volume_size=10,\n ),\n vpc_options=aws.elasticsearch.DomainVpcOptionsArgs(\n security_group_ids=[first[\"id\"]],\n subnet_ids=[\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n ))\nfirehose_elasticsearch = aws.iam.get_policy_document_output(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\"es:*\"],\n resources=[\n test_cluster.arn,\n test_cluster.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\",\n ],\n resources=[\"*\"],\n ),\n])\nfirehose_elasticsearch_role_policy = aws.iam.RolePolicy(\"firehose-elasticsearch\",\n name=\"elasticsearch\",\n role=firehose[\"id\"],\n policy=firehose_elasticsearch.json)\ntest = aws.kinesis.FirehoseDeliveryStream(\"test\",\n name=\"kinesis-firehose-es\",\n destination=\"elasticsearch\",\n elasticsearch_configuration=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs(\n domain_arn=test_cluster.arn,\n role_arn=firehose[\"arn\"],\n index_name=\"test\",\n type_name=\"test\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs(\n role_arn=firehose[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n ),\n vpc_config=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs(\n subnet_ids=[\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n security_group_ids=[first[\"id\"]],\n role_arn=firehose[\"arn\"],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.ElasticSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"es-test\",\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceCount = 2,\n ZoneAwarenessEnabled = true,\n InstanceType = \"t2.small.elasticsearch\",\n },\n EbsOptions = new Aws.ElasticSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n VpcOptions = new Aws.ElasticSearch.Inputs.DomainVpcOptionsArgs\n {\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n },\n });\n\n var firehose_elasticsearch = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"es:*\",\n },\n Resources = new[]\n {\n testCluster.Arn,\n $\"{testCluster.Arn}/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var firehose_elasticsearchRolePolicy = new Aws.Iam.RolePolicy(\"firehose-elasticsearch\", new()\n {\n Name = \"elasticsearch\",\n Role = firehose.Id,\n Policy = firehose_elasticsearch.Apply(firehose_elasticsearch =\u003e firehose_elasticsearch.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n });\n\n var test = new Aws.Kinesis.FirehoseDeliveryStream(\"test\", new()\n {\n Name = \"kinesis-firehose-es\",\n Destination = \"elasticsearch\",\n ElasticsearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehose.Arn,\n IndexName = \"test\",\n TypeName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n },\n VpcConfig = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs\n {\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n RoleArn = firehose.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := elasticsearch.NewDomain(ctx, \"test_cluster\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"es-test\"),\n\t\t\tClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceCount: pulumi.Int(2),\n\t\t\t\tZoneAwarenessEnabled: pulumi.Bool(true),\n\t\t\t\tInstanceType: pulumi.String(\"t2.small.elasticsearch\"),\n\t\t\t},\n\t\t\tEbsOptions: \u0026elasticsearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t\tVpcOptions: \u0026elasticsearch.DomainVpcOptionsArgs{\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tfirst.Id,\n\t\t\t\t},\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\tsecond.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehose_elasticsearch := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"es:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\ttestCluster.Arn,\n\t\t\t\t\t\ttestCluster.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeVpcs\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeVpcAttribute\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeSubnets\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeSecurityGroups\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeNetworkInterfaces\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:CreateNetworkInterface\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:CreateNetworkInterfacePermission\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DeleteNetworkInterface\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"firehose-elasticsearch\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"elasticsearch\"),\n\t\t\tRole: pulumi.Any(firehose.Id),\n\t\t\tPolicy: firehose_elasticsearch.ApplyT(func(firehose_elasticsearch iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026firehose_elasticsearch.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-es\"),\n\t\t\tDestination: pulumi.String(\"elasticsearch\"),\n\t\t\tElasticsearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tTypeName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t},\n\t\t\t\tVpcConfig: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs{\n\t\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\t\tsecond.Id,\n\t\t\t\t\t},\n\t\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\t\tfirst.Id,\n\t\t\t\t\t},\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainEbsOptionsArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainVpcOptionsArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder() \n .domainName(\"es-test\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceCount(2)\n .zoneAwarenessEnabled(true)\n .instanceType(\"t2.small.elasticsearch\")\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .securityGroupIds(first.id())\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .build())\n .build());\n\n final var firehose-elasticsearch = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"es:*\")\n .resources( \n testCluster.arn(),\n testCluster.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\")\n .resources(\"*\")\n .build())\n .build());\n\n var firehose_elasticsearchRolePolicy = new RolePolicy(\"firehose-elasticsearchRolePolicy\", RolePolicyArgs.builder() \n .name(\"elasticsearch\")\n .role(firehose.id())\n .policy(firehose_elasticsearch.applyValue(firehose_elasticsearch -\u003e firehose_elasticsearch.json()))\n .build());\n\n var test = new FirehoseDeliveryStream(\"test\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-es\")\n .destination(\"elasticsearch\")\n .elasticsearchConfiguration(FirehoseDeliveryStreamElasticsearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehose.arn())\n .indexName(\"test\")\n .typeName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .build())\n .vpcConfig(FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs.builder()\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .securityGroupIds(first.id())\n .roleArn(firehose.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:elasticsearch:Domain\n name: test_cluster\n properties:\n domainName: es-test\n clusterConfig:\n instanceCount: 2\n zoneAwarenessEnabled: true\n instanceType: t2.small.elasticsearch\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n vpcOptions:\n securityGroupIds:\n - ${first.id}\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n firehose-elasticsearchRolePolicy:\n type: aws:iam:RolePolicy\n name: firehose-elasticsearch\n properties:\n name: elasticsearch\n role: ${firehose.id}\n policy: ${[\"firehose-elasticsearch\"].json}\n test:\n type: aws:kinesis:FirehoseDeliveryStream\n properties:\n name: kinesis-firehose-es\n destination: elasticsearch\n elasticsearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehose.arn}\n indexName: test\n typeName: test\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n vpcConfig:\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n securityGroupIds:\n - ${first.id}\n roleArn: ${firehose.arn}\nvariables:\n firehose-elasticsearch:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - es:*\n resources:\n - ${testCluster.arn}\n - ${testCluster.arn}/*\n - effect: Allow\n actions:\n - ec2:DescribeVpcs\n - ec2:DescribeVpcAttribute\n - ec2:DescribeSubnets\n - ec2:DescribeSecurityGroups\n - ec2:DescribeNetworkInterfaces\n - ec2:CreateNetworkInterface\n - ec2:CreateNetworkInterfacePermission\n - ec2:DeleteNetworkInterface\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenSearch Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.opensearch.Domain(\"test_cluster\", {domainName: \"firehose-os-test\"});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"opensearch\",\n opensearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehoseRole.arn,\n indexName: \"test\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: `${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.opensearch.Domain(\"test_cluster\", domain_name=\"firehose-os-test\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"opensearch\",\n opensearch_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationArgs(\n domain_arn=test_cluster.arn,\n role_arn=firehose_role[\"arn\"],\n index_name=\"test\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs(\n type=\"Lambda\",\n parameters=[aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"LambdaArn\",\n parameter_value=f\"{lambda_processor['arn']}:$LATEST\",\n )],\n )],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.OpenSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"firehose-os-test\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"opensearch\",\n OpensearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehoseRole.Arn,\n IndexName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = $\"{lambdaProcessor.Arn}:$LATEST\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := opensearch.NewDomain(ctx, \"test_cluster\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"firehose-os-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"opensearch\"),\n\t\t\tOpensearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(fmt.Sprintf(\"%v:$LATEST\", lambdaProcessor.Arn)),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder() \n .domainName(\"firehose-os-test\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"opensearch\")\n .opensearchConfiguration(FirehoseDeliveryStreamOpensearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehoseRole.arn())\n .indexName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .processingConfiguration(FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(String.format(\"%s:$LATEST\", lambdaProcessor.arn()))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:opensearch:Domain\n name: test_cluster\n properties:\n domainName: firehose-os-test\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: opensearch\n opensearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehoseRole.arn}\n indexName: test\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenSearch Destination With VPC\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.opensearch.Domain(\"test_cluster\", {\n domainName: \"es-test\",\n clusterConfig: {\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n instanceType: \"m4.large.search\",\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n vpcOptions: {\n securityGroupIds: [first.id],\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n },\n});\nconst firehose_opensearch = new aws.iam.RolePolicy(\"firehose-opensearch\", {\n name: \"opensearch\",\n role: firehose.id,\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"${testCluster.arn}\",\n \"${testCluster.arn}/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n`,\n});\nconst test = new aws.kinesis.FirehoseDeliveryStream(\"test\", {\n name: \"pulumi-kinesis-firehose-os\",\n destination: \"opensearch\",\n opensearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehose.arn,\n indexName: \"test\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n },\n vpcConfig: {\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n securityGroupIds: [first.id],\n roleArn: firehose.arn,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.opensearch.Domain(\"test_cluster\",\n domain_name=\"es-test\",\n cluster_config=aws.opensearch.DomainClusterConfigArgs(\n instance_count=2,\n zone_awareness_enabled=True,\n instance_type=\"m4.large.search\",\n ),\n ebs_options=aws.opensearch.DomainEbsOptionsArgs(\n ebs_enabled=True,\n volume_size=10,\n ),\n vpc_options=aws.opensearch.DomainVpcOptionsArgs(\n security_group_ids=[first[\"id\"]],\n subnet_ids=[\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n ))\nfirehose_opensearch = aws.iam.RolePolicy(\"firehose-opensearch\",\n name=\"opensearch\",\n role=firehose[\"id\"],\n policy=pulumi.Output.all(test_cluster.arn, test_cluster.arn).apply(lambda testClusterArn, testClusterArn1: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"{test_cluster_arn}\",\n \"{test_cluster_arn1}/*\"\n ]\n }},\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }}\n ]\n}}\n\"\"\"))\ntest = aws.kinesis.FirehoseDeliveryStream(\"test\",\n name=\"pulumi-kinesis-firehose-os\",\n destination=\"opensearch\",\n opensearch_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationArgs(\n domain_arn=test_cluster.arn,\n role_arn=firehose[\"arn\"],\n index_name=\"test\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs(\n role_arn=firehose[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n ),\n vpc_config=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs(\n subnet_ids=[\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n security_group_ids=[first[\"id\"]],\n role_arn=firehose[\"arn\"],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.OpenSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"es-test\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceCount = 2,\n ZoneAwarenessEnabled = true,\n InstanceType = \"m4.large.search\",\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n VpcOptions = new Aws.OpenSearch.Inputs.DomainVpcOptionsArgs\n {\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n },\n });\n\n var firehose_opensearch = new Aws.Iam.RolePolicy(\"firehose-opensearch\", new()\n {\n Name = \"opensearch\",\n Role = firehose.Id,\n Policy = Output.Tuple(testCluster.Arn, testCluster.Arn).Apply(values =\u003e\n {\n var testClusterArn = values.Item1;\n var testClusterArn1 = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"es:*\"\"\n ],\n \"\"Resource\"\": [\n \"\"{testClusterArn}\"\",\n \"\"{testClusterArn1}/*\"\"\n ]\n }},\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"ec2:DescribeVpcs\"\",\n \"\"ec2:DescribeVpcAttribute\"\",\n \"\"ec2:DescribeSubnets\"\",\n \"\"ec2:DescribeSecurityGroups\"\",\n \"\"ec2:DescribeNetworkInterfaces\"\",\n \"\"ec2:CreateNetworkInterface\"\",\n \"\"ec2:CreateNetworkInterfacePermission\"\",\n \"\"ec2:DeleteNetworkInterface\"\"\n ],\n \"\"Resource\"\": [\n \"\"*\"\"\n ]\n }}\n ]\n}}\n\";\n }),\n });\n\n var test = new Aws.Kinesis.FirehoseDeliveryStream(\"test\", new()\n {\n Name = \"pulumi-kinesis-firehose-os\",\n Destination = \"opensearch\",\n OpensearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehose.Arn,\n IndexName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n },\n VpcConfig = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs\n {\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n RoleArn = firehose.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := opensearch.NewDomain(ctx, \"test_cluster\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"es-test\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceCount: pulumi.Int(2),\n\t\t\t\tZoneAwarenessEnabled: pulumi.Bool(true),\n\t\t\t\tInstanceType: pulumi.String(\"m4.large.search\"),\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t\tVpcOptions: \u0026opensearch.DomainVpcOptionsArgs{\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tfirst.Id,\n\t\t\t\t},\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\tsecond.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"firehose-opensearch\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"opensearch\"),\n\t\t\tRole: pulumi.Any(firehose.Id),\n\t\t\tPolicy: pulumi.All(testCluster.Arn, testCluster.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\ttestClusterArn := _args[0].(string)\n\t\t\t\ttestClusterArn1 := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"%v\",\n \"%v/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n`, testClusterArn, testClusterArn1), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"pulumi-kinesis-firehose-os\"),\n\t\t\tDestination: pulumi.String(\"opensearch\"),\n\t\t\tOpensearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t},\n\t\t\t\tVpcConfig: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs{\n\t\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\t\tsecond.Id,\n\t\t\t\t\t},\n\t\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\t\tfirst.Id,\n\t\t\t\t\t},\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainVpcOptionsArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder() \n .domainName(\"es-test\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceCount(2)\n .zoneAwarenessEnabled(true)\n .instanceType(\"m4.large.search\")\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .securityGroupIds(first.id())\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .build())\n .build());\n\n var firehose_opensearch = new RolePolicy(\"firehose-opensearch\", RolePolicyArgs.builder() \n .name(\"opensearch\")\n .role(firehose.id())\n .policy(Output.tuple(testCluster.arn(), testCluster.arn()).applyValue(values -\u003e {\n var testClusterArn = values.t1;\n var testClusterArn1 = values.t2;\n return \"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"%s\",\n \"%s/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n\", testClusterArn,testClusterArn1);\n }))\n .build());\n\n var test = new FirehoseDeliveryStream(\"test\", FirehoseDeliveryStreamArgs.builder() \n .name(\"pulumi-kinesis-firehose-os\")\n .destination(\"opensearch\")\n .opensearchConfiguration(FirehoseDeliveryStreamOpensearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehose.arn())\n .indexName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .build())\n .vpcConfig(FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs.builder()\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .securityGroupIds(first.id())\n .roleArn(firehose.arn())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:opensearch:Domain\n name: test_cluster\n properties:\n domainName: es-test\n clusterConfig:\n instanceCount: 2\n zoneAwarenessEnabled: true\n instanceType: m4.large.search\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n vpcOptions:\n securityGroupIds:\n - ${first.id}\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n firehose-opensearch:\n type: aws:iam:RolePolicy\n properties:\n name: opensearch\n role: ${firehose.id}\n policy: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"${testCluster.arn}\",\n \"${testCluster.arn}/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n }\n test:\n type: aws:kinesis:FirehoseDeliveryStream\n properties:\n name: pulumi-kinesis-firehose-os\n destination: opensearch\n opensearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehose.arn}\n indexName: test\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n vpcConfig:\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n securityGroupIds:\n - ${first.id}\n roleArn: ${firehose.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenSearch Serverless Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCollection = new aws.opensearch.ServerlessCollection(\"test_collection\", {name: \"firehose-osserverless-test\"});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"opensearchserverless\",\n opensearchserverlessConfiguration: {\n collectionEndpoint: testCollection.collectionEndpoint,\n roleArn: firehoseRole.arn,\n indexName: \"test\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: `${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_collection = aws.opensearch.ServerlessCollection(\"test_collection\", name=\"firehose-osserverless-test\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"opensearchserverless\",\n opensearchserverless_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs(\n collection_endpoint=test_collection.collection_endpoint,\n role_arn=firehose_role[\"arn\"],\n index_name=\"test\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[aws.kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs(\n type=\"Lambda\",\n parameters=[aws.kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"LambdaArn\",\n parameter_value=f\"{lambda_processor['arn']}:$LATEST\",\n )],\n )],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCollection = new Aws.OpenSearch.ServerlessCollection(\"test_collection\", new()\n {\n Name = \"firehose-osserverless-test\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"opensearchserverless\",\n OpensearchserverlessConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs\n {\n CollectionEndpoint = testCollection.CollectionEndpoint,\n RoleArn = firehoseRole.Arn,\n IndexName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = $\"{lambdaProcessor.Arn}:$LATEST\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCollection, err := opensearch.NewServerlessCollection(ctx, \"test_collection\", \u0026opensearch.ServerlessCollectionArgs{\n\t\t\tName: pulumi.String(\"firehose-osserverless-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"opensearchserverless\"),\n\t\t\tOpensearchserverlessConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs{\n\t\t\t\tCollectionEndpoint: testCollection.CollectionEndpoint,\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(fmt.Sprintf(\"%v:$LATEST\", lambdaProcessor.Arn)),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessCollection;\nimport com.pulumi.aws.opensearch.ServerlessCollectionArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCollection = new ServerlessCollection(\"testCollection\", ServerlessCollectionArgs.builder() \n .name(\"firehose-osserverless-test\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"opensearchserverless\")\n .opensearchserverlessConfiguration(FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs.builder()\n .collectionEndpoint(testCollection.collectionEndpoint())\n .roleArn(firehoseRole.arn())\n .indexName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .processingConfiguration(FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(String.format(\"%s:$LATEST\", lambdaProcessor.arn()))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCollection:\n type: aws:opensearch:ServerlessCollection\n name: test_collection\n properties:\n name: firehose-osserverless-test\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: opensearchserverless\n opensearchserverlessConfiguration:\n collectionEndpoint: ${testCollection.collectionEndpoint}\n roleArn: ${firehoseRole.arn}\n indexName: test\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Splunk Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"splunk\",\n splunkConfiguration: {\n hecEndpoint: \"https://http-inputs-mydomain.splunkcloud.com:443\",\n hecToken: \"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n hecAcknowledgmentTimeout: 600,\n hecEndpointType: \"Event\",\n s3BackupMode: \"FailedEventsOnly\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"splunk\",\n splunk_configuration=aws.kinesis.FirehoseDeliveryStreamSplunkConfigurationArgs(\n hec_endpoint=\"https://http-inputs-mydomain.splunkcloud.com:443\",\n hec_token=\"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n hec_acknowledgment_timeout=600,\n hec_endpoint_type=\"Event\",\n s3_backup_mode=\"FailedEventsOnly\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs(\n role_arn=firehose[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"splunk\",\n SplunkConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamSplunkConfigurationArgs\n {\n HecEndpoint = \"https://http-inputs-mydomain.splunkcloud.com:443\",\n HecToken = \"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n HecAcknowledgmentTimeout = 600,\n HecEndpointType = \"Event\",\n S3BackupMode = \"FailedEventsOnly\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"splunk\"),\n\t\t\tSplunkConfiguration: \u0026kinesis.FirehoseDeliveryStreamSplunkConfigurationArgs{\n\t\t\t\tHecEndpoint: pulumi.String(\"https://http-inputs-mydomain.splunkcloud.com:443\"),\n\t\t\t\tHecToken: pulumi.String(\"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\"),\n\t\t\t\tHecAcknowledgmentTimeout: pulumi.Int(600),\n\t\t\t\tHecEndpointType: pulumi.String(\"Event\"),\n\t\t\t\tS3BackupMode: pulumi.String(\"FailedEventsOnly\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamSplunkConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"splunk\")\n .splunkConfiguration(FirehoseDeliveryStreamSplunkConfigurationArgs.builder()\n .hecEndpoint(\"https://http-inputs-mydomain.splunkcloud.com:443\")\n .hecToken(\"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\")\n .hecAcknowledgmentTimeout(600)\n .hecEndpointType(\"Event\")\n .s3BackupMode(\"FailedEventsOnly\")\n .s3Configuration(FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: splunk\n splunkConfiguration:\n hecEndpoint: https://http-inputs-mydomain.splunkcloud.com:443\n hecToken: 51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\n hecAcknowledgmentTimeout: 600\n hecEndpointType: Event\n s3BackupMode: FailedEventsOnly\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### HTTP Endpoint (e.g., New Relic) Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"http_endpoint\",\n httpEndpointConfiguration: {\n url: \"https://aws-api.newrelic.com/firehose/v1\",\n name: \"New Relic\",\n accessKey: \"my-key\",\n bufferingSize: 15,\n bufferingInterval: 600,\n roleArn: firehose.arn,\n s3BackupMode: \"FailedDataOnly\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n requestConfiguration: {\n contentEncoding: \"GZIP\",\n commonAttributes: [\n {\n name: \"testname\",\n value: \"testvalue\",\n },\n {\n name: \"testname2\",\n value: \"testvalue2\",\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"http_endpoint\",\n http_endpoint_configuration=aws.kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationArgs(\n url=\"https://aws-api.newrelic.com/firehose/v1\",\n name=\"New Relic\",\n access_key=\"my-key\",\n buffering_size=15,\n buffering_interval=600,\n role_arn=firehose[\"arn\"],\n s3_backup_mode=\"FailedDataOnly\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs(\n role_arn=firehose[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n request_configuration=aws.kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs(\n content_encoding=\"GZIP\",\n common_attributes=[\n aws.kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs(\n name=\"testname\",\n value=\"testvalue\",\n ),\n aws.kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs(\n name=\"testname2\",\n value=\"testvalue2\",\n ),\n ],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"http_endpoint\",\n HttpEndpointConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationArgs\n {\n Url = \"https://aws-api.newrelic.com/firehose/v1\",\n Name = \"New Relic\",\n AccessKey = \"my-key\",\n BufferingSize = 15,\n BufferingInterval = 600,\n RoleArn = firehose.Arn,\n S3BackupMode = \"FailedDataOnly\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n RequestConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs\n {\n ContentEncoding = \"GZIP\",\n CommonAttributes = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs\n {\n Name = \"testname\",\n Value = \"testvalue\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs\n {\n Name = \"testname2\",\n Value = \"testvalue2\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"http_endpoint\"),\n\t\t\tHttpEndpointConfiguration: \u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationArgs{\n\t\t\t\tUrl: pulumi.String(\"https://aws-api.newrelic.com/firehose/v1\"),\n\t\t\t\tName: pulumi.String(\"New Relic\"),\n\t\t\t\tAccessKey: pulumi.String(\"my-key\"),\n\t\t\t\tBufferingSize: pulumi.Int(15),\n\t\t\t\tBufferingInterval: pulumi.Int(600),\n\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\tS3BackupMode: pulumi.String(\"FailedDataOnly\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tRequestConfiguration: \u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs{\n\t\t\t\t\tContentEncoding: pulumi.String(\"GZIP\"),\n\t\t\t\t\tCommonAttributes: kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"testname\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"testvalue\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"testname2\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"testvalue2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamHttpEndpointConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"http_endpoint\")\n .httpEndpointConfiguration(FirehoseDeliveryStreamHttpEndpointConfigurationArgs.builder()\n .url(\"https://aws-api.newrelic.com/firehose/v1\")\n .name(\"New Relic\")\n .accessKey(\"my-key\")\n .bufferingSize(15)\n .bufferingInterval(600)\n .roleArn(firehose.arn())\n .s3BackupMode(\"FailedDataOnly\")\n .s3Configuration(FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .requestConfiguration(FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs.builder()\n .contentEncoding(\"GZIP\")\n .commonAttributes( \n FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs.builder()\n .name(\"testname\")\n .value(\"testvalue\")\n .build(),\n FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs.builder()\n .name(\"testname2\")\n .value(\"testvalue2\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: http_endpoint\n httpEndpointConfiguration:\n url: https://aws-api.newrelic.com/firehose/v1\n name: New Relic\n accessKey: my-key\n bufferingSize: 15\n bufferingInterval: 600\n roleArn: ${firehose.arn}\n s3BackupMode: FailedDataOnly\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n requestConfiguration:\n contentEncoding: GZIP\n commonAttributes:\n - name: testname\n value: testvalue\n - name: testname2\n value: testvalue2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kinesis Firehose Delivery streams using the stream ARN. For example:\n\n```sh\n$ pulumi import aws:kinesis/firehoseDeliveryStream:FirehoseDeliveryStream foo arn:aws:firehose:us-east-1:XXX:deliverystream/example\n```\nNote: Import does not work for stream destination `s3`. Consider using `extended_s3` since `s3` destination is deprecated.\n\n", + "description": "Provides a Kinesis Firehose Delivery Stream resource. Amazon Kinesis Firehose is a fully managed, elastic service to easily deliver real-time data streams to destinations such as Amazon S3 and Amazon Redshift.\n\nFor more details, see the [Amazon Kinesis Firehose Documentation](https://aws.amazon.com/documentation/firehose/).\n\n## Example Usage\n\n### Extended S3 Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"tf-test-bucket\"});\nconst firehoseAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"firehose.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst firehoseRole = new aws.iam.Role(\"firehose_role\", {\n name: \"firehose_test_role\",\n assumeRolePolicy: firehoseAssumeRole.then(firehoseAssumeRole =\u003e firehoseAssumeRole.json),\n});\nconst lambdaAssumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst lambdaIam = new aws.iam.Role(\"lambda_iam\", {\n name: \"lambda_iam\",\n assumeRolePolicy: lambdaAssumeRole.then(lambdaAssumeRole =\u003e lambdaAssumeRole.json),\n});\nconst lambdaProcessor = new aws.lambda.Function(\"lambda_processor\", {\n code: new pulumi.asset.FileArchive(\"lambda.zip\"),\n name: \"firehose_lambda_processor\",\n role: lambdaIam.arn,\n handler: \"exports.handler\",\n runtime: aws.lambda.Runtime.NodeJS16dX,\n});\nconst extendedS3Stream = new aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", {\n name: \"kinesis-firehose-extended-s3-test-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: pulumi.interpolate`${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\nconst bucketAcl = new aws.s3.BucketAclV2(\"bucket_acl\", {\n bucket: bucket.id,\n acl: \"private\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"tf-test-bucket\")\nfirehose_assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"firehose.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nfirehose_role = aws.iam.Role(\"firehose_role\",\n name=\"firehose_test_role\",\n assume_role_policy=firehose_assume_role.json)\nlambda_assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nlambda_iam = aws.iam.Role(\"lambda_iam\",\n name=\"lambda_iam\",\n assume_role_policy=lambda_assume_role.json)\nlambda_processor = aws.lambda_.Function(\"lambda_processor\",\n code=pulumi.FileArchive(\"lambda.zip\"),\n name=\"firehose_lambda_processor\",\n role=lambda_iam.arn,\n handler=\"exports.handler\",\n runtime=aws.lambda_.Runtime.NODE_JS16D_X)\nextended_s3_stream = aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\",\n name=\"kinesis-firehose-extended-s3-test-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs(\n role_arn=firehose_role.arn,\n bucket_arn=bucket.arn,\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs(\n type=\"Lambda\",\n parameters=[aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"LambdaArn\",\n parameter_value=lambda_processor.arn.apply(lambda arn: f\"{arn}:$LATEST\"),\n )],\n )],\n ),\n ))\nbucket_acl = aws.s3.BucketAclV2(\"bucket_acl\",\n bucket=bucket.id,\n acl=\"private\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"tf-test-bucket\",\n });\n\n var firehoseAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"firehose.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var firehoseRole = new Aws.Iam.Role(\"firehose_role\", new()\n {\n Name = \"firehose_test_role\",\n AssumeRolePolicy = firehoseAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambdaAssumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var lambdaIam = new Aws.Iam.Role(\"lambda_iam\", new()\n {\n Name = \"lambda_iam\",\n AssumeRolePolicy = lambdaAssumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambdaProcessor = new Aws.Lambda.Function(\"lambda_processor\", new()\n {\n Code = new FileArchive(\"lambda.zip\"),\n Name = \"firehose_lambda_processor\",\n Role = lambdaIam.Arn,\n Handler = \"exports.handler\",\n Runtime = Aws.Lambda.Runtime.NodeJS16dX,\n });\n\n var extendedS3Stream = new Aws.Kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", new()\n {\n Name = \"kinesis-firehose-extended-s3-test-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = lambdaProcessor.Arn.Apply(arn =\u003e $\"{arn}:$LATEST\"),\n },\n },\n },\n },\n },\n },\n });\n\n var bucketAcl = new Aws.S3.BucketAclV2(\"bucket_acl\", new()\n {\n Bucket = bucket.Id,\n Acl = \"private\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"firehose.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehoseRole, err := iam.NewRole(ctx, \"firehose_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"firehose_test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(firehoseAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaAssumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaIam, err := iam.NewRole(ctx, \"lambda_iam\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"lambda_iam\"),\n\t\t\tAssumeRolePolicy: pulumi.String(lambdaAssumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaProcessor, err := lambda.NewFunction(ctx, \"lambda_processor\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda.zip\"),\n\t\t\tName: pulumi.String(\"firehose_lambda_processor\"),\n\t\t\tRole: lambdaIam.Arn,\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS16dX),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"extended_s3_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-extended-s3-test-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: firehoseRole.Arn,\n\t\t\t\tBucketArn: bucket.Arn,\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: lambdaProcessor.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v:$LATEST\", arn), nil\n\t\t\t\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"tf-test-bucket\")\n .build());\n\n final var firehoseAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"firehose.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var firehoseRole = new Role(\"firehoseRole\", RoleArgs.builder() \n .name(\"firehose_test_role\")\n .assumeRolePolicy(firehoseAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var lambdaAssumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var lambdaIam = new Role(\"lambdaIam\", RoleArgs.builder() \n .name(\"lambda_iam\")\n .assumeRolePolicy(lambdaAssumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var lambdaProcessor = new Function(\"lambdaProcessor\", FunctionArgs.builder() \n .code(new FileArchive(\"lambda.zip\"))\n .name(\"firehose_lambda_processor\")\n .role(lambdaIam.arn())\n .handler(\"exports.handler\")\n .runtime(\"nodejs16.x\")\n .build());\n\n var extendedS3Stream = new FirehoseDeliveryStream(\"extendedS3Stream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-extended-s3-test-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .processingConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(lambdaProcessor.arn().applyValue(arn -\u003e String.format(\"%s:$LATEST\", arn)))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n var bucketAcl = new BucketAclV2(\"bucketAcl\", BucketAclV2Args.builder() \n .bucket(bucket.id())\n .acl(\"private\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n extendedS3Stream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: extended_s3_stream\n properties:\n name: kinesis-firehose-extended-s3-test-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket\n bucketAcl:\n type: aws:s3:BucketAclV2\n name: bucket_acl\n properties:\n bucket: ${bucket.id}\n acl: private\n firehoseRole:\n type: aws:iam:Role\n name: firehose_role\n properties:\n name: firehose_test_role\n assumeRolePolicy: ${firehoseAssumeRole.json}\n lambdaIam:\n type: aws:iam:Role\n name: lambda_iam\n properties:\n name: lambda_iam\n assumeRolePolicy: ${lambdaAssumeRole.json}\n lambdaProcessor:\n type: aws:lambda:Function\n name: lambda_processor\n properties:\n code:\n fn::FileArchive: lambda.zip\n name: firehose_lambda_processor\n role: ${lambdaIam.arn}\n handler: exports.handler\n runtime: nodejs16.x\nvariables:\n firehoseAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - firehose.amazonaws.com\n actions:\n - sts:AssumeRole\n lambdaAssumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Extended S3 Destination with dynamic partitioning\n\nThese examples use built-in Firehose functionality, rather than requiring a lambda.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst extendedS3Stream = new aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", {\n name: \"kinesis-firehose-extended-s3-test-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 64,\n dynamicPartitioningConfiguration: {\n enabled: true,\n },\n prefix: \"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n errorOutputPrefix: \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n processingConfiguration: {\n enabled: true,\n processors: [\n {\n type: \"RecordDeAggregation\",\n parameters: [{\n parameterName: \"SubRecordType\",\n parameterValue: \"JSON\",\n }],\n },\n {\n type: \"AppendDelimiterToRecord\",\n },\n {\n type: \"MetadataExtraction\",\n parameters: [\n {\n parameterName: \"JsonParsingEngine\",\n parameterValue: \"JQ-1.6\",\n },\n {\n parameterName: \"MetadataExtractionQuery\",\n parameterValue: \"{customer_id:.customer_id}\",\n },\n ],\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nextended_s3_stream = aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\",\n name=\"kinesis-firehose-extended-s3-test-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=64,\n dynamic_partitioning_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs(\n enabled=True,\n ),\n prefix=\"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n error_output_prefix=\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs(\n type=\"RecordDeAggregation\",\n parameters=[aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"SubRecordType\",\n parameter_value=\"JSON\",\n )],\n ),\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs(\n type=\"AppendDelimiterToRecord\",\n ),\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs(\n type=\"MetadataExtraction\",\n parameters=[\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"JsonParsingEngine\",\n parameter_value=\"JQ-1.6\",\n ),\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"MetadataExtractionQuery\",\n parameter_value=\"{customer_id:.customer_id}\",\n ),\n ],\n ),\n ],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var extendedS3Stream = new Aws.Kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", new()\n {\n Name = \"kinesis-firehose-extended-s3-test-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 64,\n DynamicPartitioningConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs\n {\n Enabled = true,\n },\n Prefix = \"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n ErrorOutputPrefix = \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"RecordDeAggregation\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"SubRecordType\",\n ParameterValue = \"JSON\",\n },\n },\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"AppendDelimiterToRecord\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"MetadataExtraction\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"JsonParsingEngine\",\n ParameterValue = \"JQ-1.6\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"MetadataExtractionQuery\",\n ParameterValue = \"{customer_id:.customer_id}\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"extended_s3_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-extended-s3-test-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\tBufferingSize: pulumi.Int(64),\n\t\t\t\tDynamicPartitioningConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tPrefix: pulumi.String(\"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\"),\n\t\t\t\tErrorOutputPrefix: pulumi.String(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\"),\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"RecordDeAggregation\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"SubRecordType\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"JSON\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"AppendDelimiterToRecord\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"MetadataExtraction\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"JsonParsingEngine\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"JQ-1.6\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"MetadataExtractionQuery\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"{customer_id:.customer_id}\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var extendedS3Stream = new FirehoseDeliveryStream(\"extendedS3Stream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-extended-s3-test-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(64)\n .dynamicPartitioningConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs.builder()\n .enabled(\"true\")\n .build())\n .prefix(\"data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\")\n .errorOutputPrefix(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\")\n .processingConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors( \n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"RecordDeAggregation\")\n .parameters(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"SubRecordType\")\n .parameterValue(\"JSON\")\n .build())\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"AppendDelimiterToRecord\")\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"MetadataExtraction\")\n .parameters( \n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"JsonParsingEngine\")\n .parameterValue(\"JQ-1.6\")\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"MetadataExtractionQuery\")\n .parameterValue(\"{customer_id:.customer_id}\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n extendedS3Stream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: extended_s3_stream\n properties:\n name: kinesis-firehose-extended-s3-test-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 64\n dynamicPartitioningConfiguration:\n enabled: 'true'\n prefix: data/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\n errorOutputPrefix: errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: RecordDeAggregation\n parameters:\n - parameterName: SubRecordType\n parameterValue: JSON\n - type: AppendDelimiterToRecord\n - type: MetadataExtraction\n parameters:\n - parameterName: JsonParsingEngine\n parameterValue: JQ-1.6\n - parameterName: MetadataExtractionQuery\n parameterValue: '{customer_id:.customer_id}'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nMultiple Dynamic Partitioning Keys (maximum of 50) can be added by comma separating the `parameter_value`.\n\nThe following example adds the Dynamic Partitioning Keys: `store_id` and `customer_id` to the S3 prefix.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst extendedS3Stream = new aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", {\n name: \"kinesis-firehose-extended-s3-test-stream\",\n destination: \"extended_s3\",\n extendedS3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 64,\n dynamicPartitioningConfiguration: {\n enabled: true,\n },\n prefix: \"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n errorOutputPrefix: \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"MetadataExtraction\",\n parameters: [\n {\n parameterName: \"JsonParsingEngine\",\n parameterValue: \"JQ-1.6\",\n },\n {\n parameterName: \"MetadataExtractionQuery\",\n parameterValue: \"{store_id:.store_id,customer_id:.customer_id}\",\n },\n ],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nextended_s3_stream = aws.kinesis.FirehoseDeliveryStream(\"extended_s3_stream\",\n name=\"kinesis-firehose-extended-s3-test-stream\",\n destination=\"extended_s3\",\n extended_s3_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=64,\n dynamic_partitioning_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs(\n enabled=True,\n ),\n prefix=\"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n error_output_prefix=\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs(\n type=\"MetadataExtraction\",\n parameters=[\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"JsonParsingEngine\",\n parameter_value=\"JQ-1.6\",\n ),\n aws.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"MetadataExtractionQuery\",\n parameter_value=\"{store_id:.store_id,customer_id:.customer_id}\",\n ),\n ],\n )],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var extendedS3Stream = new Aws.Kinesis.FirehoseDeliveryStream(\"extended_s3_stream\", new()\n {\n Name = \"kinesis-firehose-extended-s3-test-stream\",\n Destination = \"extended_s3\",\n ExtendedS3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 64,\n DynamicPartitioningConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs\n {\n Enabled = true,\n },\n Prefix = \"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\",\n ErrorOutputPrefix = \"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\",\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"MetadataExtraction\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"JsonParsingEngine\",\n ParameterValue = \"JQ-1.6\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"MetadataExtractionQuery\",\n ParameterValue = \"{store_id:.store_id,customer_id:.customer_id}\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"extended_s3_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-extended-s3-test-stream\"),\n\t\t\tDestination: pulumi.String(\"extended_s3\"),\n\t\t\tExtendedS3Configuration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationArgs{\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\tBufferingSize: pulumi.Int(64),\n\t\t\t\tDynamicPartitioningConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t\tPrefix: pulumi.String(\"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\"),\n\t\t\t\tErrorOutputPrefix: pulumi.String(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\"),\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"MetadataExtraction\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"JsonParsingEngine\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"JQ-1.6\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"MetadataExtractionQuery\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(\"{store_id:.store_id,customer_id:.customer_id}\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var extendedS3Stream = new FirehoseDeliveryStream(\"extendedS3Stream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-extended-s3-test-stream\")\n .destination(\"extended_s3\")\n .extendedS3Configuration(FirehoseDeliveryStreamExtendedS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(64)\n .dynamicPartitioningConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfigurationArgs.builder()\n .enabled(\"true\")\n .build())\n .prefix(\"data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\")\n .errorOutputPrefix(\"errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\")\n .processingConfiguration(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"MetadataExtraction\")\n .parameters( \n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"JsonParsingEngine\")\n .parameterValue(\"JQ-1.6\")\n .build(),\n FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"MetadataExtractionQuery\")\n .parameterValue(\"{store_id:.store_id,customer_id:.customer_id}\")\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n extendedS3Stream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: extended_s3_stream\n properties:\n name: kinesis-firehose-extended-s3-test-stream\n destination: extended_s3\n extendedS3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 64\n dynamicPartitioningConfiguration:\n enabled: 'true'\n prefix: data/store_id=!{partitionKeyFromQuery:store_id}/customer_id=!{partitionKeyFromQuery:customer_id}/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/\n errorOutputPrefix: errors/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/!{firehose:error-output-type}/\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: MetadataExtraction\n parameters:\n - parameterName: JsonParsingEngine\n parameterValue: JQ-1.6\n - parameterName: MetadataExtractionQuery\n parameterValue: '{store_id:.store_id,customer_id:.customer_id}'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Redshift Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.redshift.Cluster(\"test_cluster\", {\n clusterIdentifier: \"tf-redshift-cluster\",\n databaseName: \"test\",\n masterUsername: \"testuser\",\n masterPassword: \"T3stPass\",\n nodeType: \"dc1.large\",\n clusterType: \"single-node\",\n});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"redshift\",\n redshiftConfiguration: {\n roleArn: firehoseRole.arn,\n clusterJdbcurl: pulumi.interpolate`jdbc:redshift://${testCluster.endpoint}/${testCluster.databaseName}`,\n username: \"testuser\",\n password: \"T3stPass\",\n dataTableName: \"test-table\",\n copyOptions: \"delimiter '|'\",\n dataTableColumns: \"test-col\",\n s3BackupMode: \"Enabled\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n s3BackupConfiguration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 15,\n bufferingInterval: 300,\n compressionFormat: \"GZIP\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.redshift.Cluster(\"test_cluster\",\n cluster_identifier=\"tf-redshift-cluster\",\n database_name=\"test\",\n master_username=\"testuser\",\n master_password=\"T3stPass\",\n node_type=\"dc1.large\",\n cluster_type=\"single-node\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"redshift\",\n redshift_configuration=aws.kinesis.FirehoseDeliveryStreamRedshiftConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n cluster_jdbcurl=pulumi.Output.all(test_cluster.endpoint, test_cluster.database_name).apply(lambda endpoint, database_name: f\"jdbc:redshift://{endpoint}/{database_name}\"),\n username=\"testuser\",\n password=\"T3stPass\",\n data_table_name=\"test-table\",\n copy_options=\"delimiter '|'\",\n data_table_columns=\"test-col\",\n s3_backup_mode=\"Enabled\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n s3_backup_configuration=aws.kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=15,\n buffering_interval=300,\n compression_format=\"GZIP\",\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.RedShift.Cluster(\"test_cluster\", new()\n {\n ClusterIdentifier = \"tf-redshift-cluster\",\n DatabaseName = \"test\",\n MasterUsername = \"testuser\",\n MasterPassword = \"T3stPass\",\n NodeType = \"dc1.large\",\n ClusterType = \"single-node\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"redshift\",\n RedshiftConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n ClusterJdbcurl = Output.Tuple(testCluster.Endpoint, testCluster.DatabaseName).Apply(values =\u003e\n {\n var endpoint = values.Item1;\n var databaseName = values.Item2;\n return $\"jdbc:redshift://{endpoint}/{databaseName}\";\n }),\n Username = \"testuser\",\n Password = \"T3stPass\",\n DataTableName = \"test-table\",\n CopyOptions = \"delimiter '|'\",\n DataTableColumns = \"test-col\",\n S3BackupMode = \"Enabled\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n S3BackupConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 15,\n BufferingInterval = 300,\n CompressionFormat = \"GZIP\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := redshift.NewCluster(ctx, \"test_cluster\", \u0026redshift.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"tf-redshift-cluster\"),\n\t\t\tDatabaseName: pulumi.String(\"test\"),\n\t\t\tMasterUsername: pulumi.String(\"testuser\"),\n\t\t\tMasterPassword: pulumi.String(\"T3stPass\"),\n\t\t\tNodeType: pulumi.String(\"dc1.large\"),\n\t\t\tClusterType: pulumi.String(\"single-node\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"redshift\"),\n\t\t\tRedshiftConfiguration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationArgs{\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tClusterJdbcurl: pulumi.All(testCluster.Endpoint, testCluster.DatabaseName).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\tendpoint := _args[0].(string)\n\t\t\t\t\tdatabaseName := _args[1].(string)\n\t\t\t\t\treturn fmt.Sprintf(\"jdbc:redshift://%v/%v\", endpoint, databaseName), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tUsername: pulumi.String(\"testuser\"),\n\t\t\t\tPassword: pulumi.String(\"T3stPass\"),\n\t\t\t\tDataTableName: pulumi.String(\"test-table\"),\n\t\t\t\tCopyOptions: pulumi.String(\"delimiter '|'\"),\n\t\t\t\tDataTableColumns: pulumi.String(\"test-col\"),\n\t\t\t\tS3BackupMode: pulumi.String(\"Enabled\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tS3BackupConfiguration: \u0026kinesis.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(15),\n\t\t\t\t\tBufferingInterval: pulumi.Int(300),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.Cluster;\nimport com.pulumi.aws.redshift.ClusterArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Cluster(\"testCluster\", ClusterArgs.builder() \n .clusterIdentifier(\"tf-redshift-cluster\")\n .databaseName(\"test\")\n .masterUsername(\"testuser\")\n .masterPassword(\"T3stPass\")\n .nodeType(\"dc1.large\")\n .clusterType(\"single-node\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"redshift\")\n .redshiftConfiguration(FirehoseDeliveryStreamRedshiftConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .clusterJdbcurl(Output.tuple(testCluster.endpoint(), testCluster.databaseName()).applyValue(values -\u003e {\n var endpoint = values.t1;\n var databaseName = values.t2;\n return String.format(\"jdbc:redshift://%s/%s\", endpoint,databaseName);\n }))\n .username(\"testuser\")\n .password(\"T3stPass\")\n .dataTableName(\"test-table\")\n .copyOptions(\"delimiter '|'\")\n .dataTableColumns(\"test-col\")\n .s3BackupMode(\"Enabled\")\n .s3Configuration(FirehoseDeliveryStreamRedshiftConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .s3BackupConfiguration(FirehoseDeliveryStreamRedshiftConfigurationS3BackupConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(15)\n .bufferingInterval(300)\n .compressionFormat(\"GZIP\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:redshift:Cluster\n name: test_cluster\n properties:\n clusterIdentifier: tf-redshift-cluster\n databaseName: test\n masterUsername: testuser\n masterPassword: T3stPass\n nodeType: dc1.large\n clusterType: single-node\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: redshift\n redshiftConfiguration:\n roleArn: ${firehoseRole.arn}\n clusterJdbcurl: jdbc:redshift://${testCluster.endpoint}/${testCluster.databaseName}\n username: testuser\n password: T3stPass\n dataTableName: test-table\n copyOptions: delimiter '|'\n dataTableColumns: test-col\n s3BackupMode: Enabled\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n s3BackupConfiguration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 15\n bufferingInterval: 300\n compressionFormat: GZIP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Elasticsearch Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.elasticsearch.Domain(\"test_cluster\", {domainName: \"firehose-es-test\"});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"elasticsearch\",\n elasticsearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehoseRole.arn,\n indexName: \"test\",\n typeName: \"test\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: `${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.elasticsearch.Domain(\"test_cluster\", domain_name=\"firehose-es-test\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"elasticsearch\",\n elasticsearch_configuration=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs(\n domain_arn=test_cluster.arn,\n role_arn=firehose_role[\"arn\"],\n index_name=\"test\",\n type_name=\"test\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs(\n type=\"Lambda\",\n parameters=[aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"LambdaArn\",\n parameter_value=f\"{lambda_processor['arn']}:$LATEST\",\n )],\n )],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.ElasticSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"firehose-es-test\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"elasticsearch\",\n ElasticsearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehoseRole.Arn,\n IndexName = \"test\",\n TypeName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = $\"{lambdaProcessor.Arn}:$LATEST\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := elasticsearch.NewDomain(ctx, \"test_cluster\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"firehose-es-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"elasticsearch\"),\n\t\t\tElasticsearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tTypeName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(fmt.Sprintf(\"%v:$LATEST\", lambdaProcessor.Arn)),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder() \n .domainName(\"firehose-es-test\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"elasticsearch\")\n .elasticsearchConfiguration(FirehoseDeliveryStreamElasticsearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehoseRole.arn())\n .indexName(\"test\")\n .typeName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .processingConfiguration(FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamElasticsearchConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(String.format(\"%s:$LATEST\", lambdaProcessor.arn()))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:elasticsearch:Domain\n name: test_cluster\n properties:\n domainName: firehose-es-test\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: elasticsearch\n elasticsearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehoseRole.arn}\n indexName: test\n typeName: test\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Elasticsearch Destination With VPC\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.elasticsearch.Domain(\"test_cluster\", {\n domainName: \"es-test\",\n clusterConfig: {\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n instanceType: \"t2.small.elasticsearch\",\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n vpcOptions: {\n securityGroupIds: [first.id],\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n },\n});\nconst firehose-elasticsearch = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n actions: [\"es:*\"],\n resources: [\n testCluster.arn,\n pulumi.interpolate`${testCluster.arn}/*`,\n ],\n },\n {\n effect: \"Allow\",\n actions: [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\",\n ],\n resources: [\"*\"],\n },\n ],\n});\nconst firehose_elasticsearchRolePolicy = new aws.iam.RolePolicy(\"firehose-elasticsearch\", {\n name: \"elasticsearch\",\n role: firehose.id,\n policy: firehose_elasticsearch.apply(firehose_elasticsearch =\u003e firehose_elasticsearch.json),\n});\nconst test = new aws.kinesis.FirehoseDeliveryStream(\"test\", {\n name: \"kinesis-firehose-es\",\n destination: \"elasticsearch\",\n elasticsearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehose.arn,\n indexName: \"test\",\n typeName: \"test\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n },\n vpcConfig: {\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n securityGroupIds: [first.id],\n roleArn: firehose.arn,\n },\n },\n}, {\n dependsOn: [firehose_elasticsearchRolePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.elasticsearch.Domain(\"test_cluster\",\n domain_name=\"es-test\",\n cluster_config=aws.elasticsearch.DomainClusterConfigArgs(\n instance_count=2,\n zone_awareness_enabled=True,\n instance_type=\"t2.small.elasticsearch\",\n ),\n ebs_options=aws.elasticsearch.DomainEbsOptionsArgs(\n ebs_enabled=True,\n volume_size=10,\n ),\n vpc_options=aws.elasticsearch.DomainVpcOptionsArgs(\n security_group_ids=[first[\"id\"]],\n subnet_ids=[\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n ))\nfirehose_elasticsearch = aws.iam.get_policy_document_output(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\"es:*\"],\n resources=[\n test_cluster.arn,\n test_cluster.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\",\n ],\n resources=[\"*\"],\n ),\n])\nfirehose_elasticsearch_role_policy = aws.iam.RolePolicy(\"firehose-elasticsearch\",\n name=\"elasticsearch\",\n role=firehose[\"id\"],\n policy=firehose_elasticsearch.json)\ntest = aws.kinesis.FirehoseDeliveryStream(\"test\",\n name=\"kinesis-firehose-es\",\n destination=\"elasticsearch\",\n elasticsearch_configuration=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs(\n domain_arn=test_cluster.arn,\n role_arn=firehose[\"arn\"],\n index_name=\"test\",\n type_name=\"test\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs(\n role_arn=firehose[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n ),\n vpc_config=aws.kinesis.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs(\n subnet_ids=[\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n security_group_ids=[first[\"id\"]],\n role_arn=firehose[\"arn\"],\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[firehose_elasticsearch_role_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.ElasticSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"es-test\",\n ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceCount = 2,\n ZoneAwarenessEnabled = true,\n InstanceType = \"t2.small.elasticsearch\",\n },\n EbsOptions = new Aws.ElasticSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n VpcOptions = new Aws.ElasticSearch.Inputs.DomainVpcOptionsArgs\n {\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n },\n });\n\n var firehose_elasticsearch = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"es:*\",\n },\n Resources = new[]\n {\n testCluster.Arn,\n $\"{testCluster.Arn}/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n },\n });\n\n var firehose_elasticsearchRolePolicy = new Aws.Iam.RolePolicy(\"firehose-elasticsearch\", new()\n {\n Name = \"elasticsearch\",\n Role = firehose.Id,\n Policy = firehose_elasticsearch.Apply(firehose_elasticsearch =\u003e firehose_elasticsearch.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n });\n\n var test = new Aws.Kinesis.FirehoseDeliveryStream(\"test\", new()\n {\n Name = \"kinesis-firehose-es\",\n Destination = \"elasticsearch\",\n ElasticsearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehose.Arn,\n IndexName = \"test\",\n TypeName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n },\n VpcConfig = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs\n {\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n RoleArn = firehose.Arn,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n firehose_elasticsearchRolePolicy, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := elasticsearch.NewDomain(ctx, \"test_cluster\", \u0026elasticsearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"es-test\"),\n\t\t\tClusterConfig: \u0026elasticsearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceCount: pulumi.Int(2),\n\t\t\t\tZoneAwarenessEnabled: pulumi.Bool(true),\n\t\t\t\tInstanceType: pulumi.String(\"t2.small.elasticsearch\"),\n\t\t\t},\n\t\t\tEbsOptions: \u0026elasticsearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t\tVpcOptions: \u0026elasticsearch.DomainVpcOptionsArgs{\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tfirst.Id,\n\t\t\t\t},\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\tsecond.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfirehose_elasticsearch := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"es:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\ttestCluster.Arn,\n\t\t\t\t\t\ttestCluster.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeVpcs\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeVpcAttribute\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeSubnets\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeSecurityGroups\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DescribeNetworkInterfaces\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:CreateNetworkInterface\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:CreateNetworkInterfacePermission\"),\n\t\t\t\t\t\tpulumi.String(\"ec2:DeleteNetworkInterface\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = iam.NewRolePolicy(ctx, \"firehose-elasticsearch\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"elasticsearch\"),\n\t\t\tRole: pulumi.Any(firehose.Id),\n\t\t\tPolicy: firehose_elasticsearch.ApplyT(func(firehose_elasticsearch iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026firehose_elasticsearch.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-es\"),\n\t\t\tDestination: pulumi.String(\"elasticsearch\"),\n\t\t\tElasticsearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tTypeName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t},\n\t\t\t\tVpcConfig: \u0026kinesis.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs{\n\t\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\t\tsecond.Id,\n\t\t\t\t\t},\n\t\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\t\tfirst.Id,\n\t\t\t\t\t},\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfirehose_elasticsearchRolePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.elasticsearch.Domain;\nimport com.pulumi.aws.elasticsearch.DomainArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainEbsOptionsArgs;\nimport com.pulumi.aws.elasticsearch.inputs.DomainVpcOptionsArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder() \n .domainName(\"es-test\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceCount(2)\n .zoneAwarenessEnabled(true)\n .instanceType(\"t2.small.elasticsearch\")\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .securityGroupIds(first.id())\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .build())\n .build());\n\n final var firehose-elasticsearch = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions(\"es:*\")\n .resources( \n testCluster.arn(),\n testCluster.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\")\n .resources(\"*\")\n .build())\n .build());\n\n var firehose_elasticsearchRolePolicy = new RolePolicy(\"firehose-elasticsearchRolePolicy\", RolePolicyArgs.builder() \n .name(\"elasticsearch\")\n .role(firehose.id())\n .policy(firehose_elasticsearch.applyValue(firehose_elasticsearch -\u003e firehose_elasticsearch.json()))\n .build());\n\n var test = new FirehoseDeliveryStream(\"test\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-es\")\n .destination(\"elasticsearch\")\n .elasticsearchConfiguration(FirehoseDeliveryStreamElasticsearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehose.arn())\n .indexName(\"test\")\n .typeName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .build())\n .vpcConfig(FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs.builder()\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .securityGroupIds(first.id())\n .roleArn(firehose.arn())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(firehose_elasticsearchRolePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:elasticsearch:Domain\n name: test_cluster\n properties:\n domainName: es-test\n clusterConfig:\n instanceCount: 2\n zoneAwarenessEnabled: true\n instanceType: t2.small.elasticsearch\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n vpcOptions:\n securityGroupIds:\n - ${first.id}\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n firehose-elasticsearchRolePolicy:\n type: aws:iam:RolePolicy\n name: firehose-elasticsearch\n properties:\n name: elasticsearch\n role: ${firehose.id}\n policy: ${[\"firehose-elasticsearch\"].json}\n test:\n type: aws:kinesis:FirehoseDeliveryStream\n properties:\n name: kinesis-firehose-es\n destination: elasticsearch\n elasticsearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehose.arn}\n indexName: test\n typeName: test\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n vpcConfig:\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n securityGroupIds:\n - ${first.id}\n roleArn: ${firehose.arn}\n options:\n dependson:\n - ${[\"firehose-elasticsearchRolePolicy\"]}\nvariables:\n firehose-elasticsearch:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - es:*\n resources:\n - ${testCluster.arn}\n - ${testCluster.arn}/*\n - effect: Allow\n actions:\n - ec2:DescribeVpcs\n - ec2:DescribeVpcAttribute\n - ec2:DescribeSubnets\n - ec2:DescribeSecurityGroups\n - ec2:DescribeNetworkInterfaces\n - ec2:CreateNetworkInterface\n - ec2:CreateNetworkInterfacePermission\n - ec2:DeleteNetworkInterface\n resources:\n - '*'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenSearch Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.opensearch.Domain(\"test_cluster\", {domainName: \"firehose-os-test\"});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"opensearch\",\n opensearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehoseRole.arn,\n indexName: \"test\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: `${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.opensearch.Domain(\"test_cluster\", domain_name=\"firehose-os-test\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"opensearch\",\n opensearch_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationArgs(\n domain_arn=test_cluster.arn,\n role_arn=firehose_role[\"arn\"],\n index_name=\"test\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs(\n type=\"Lambda\",\n parameters=[aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"LambdaArn\",\n parameter_value=f\"{lambda_processor['arn']}:$LATEST\",\n )],\n )],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.OpenSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"firehose-os-test\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"opensearch\",\n OpensearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehoseRole.Arn,\n IndexName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = $\"{lambdaProcessor.Arn}:$LATEST\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := opensearch.NewDomain(ctx, \"test_cluster\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"firehose-os-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"opensearch\"),\n\t\t\tOpensearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(fmt.Sprintf(\"%v:$LATEST\", lambdaProcessor.Arn)),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder() \n .domainName(\"firehose-os-test\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"opensearch\")\n .opensearchConfiguration(FirehoseDeliveryStreamOpensearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehoseRole.arn())\n .indexName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .processingConfiguration(FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamOpensearchConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(String.format(\"%s:$LATEST\", lambdaProcessor.arn()))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:opensearch:Domain\n name: test_cluster\n properties:\n domainName: firehose-os-test\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: opensearch\n opensearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehoseRole.arn}\n indexName: test\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenSearch Destination With VPC\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCluster = new aws.opensearch.Domain(\"test_cluster\", {\n domainName: \"es-test\",\n clusterConfig: {\n instanceCount: 2,\n zoneAwarenessEnabled: true,\n instanceType: \"m4.large.search\",\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n vpcOptions: {\n securityGroupIds: [first.id],\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n },\n});\nconst firehose_opensearch = new aws.iam.RolePolicy(\"firehose-opensearch\", {\n name: \"opensearch\",\n role: firehose.id,\n policy: pulumi.interpolate`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"${testCluster.arn}\",\n \"${testCluster.arn}/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n`,\n});\nconst test = new aws.kinesis.FirehoseDeliveryStream(\"test\", {\n name: \"pulumi-kinesis-firehose-os\",\n destination: \"opensearch\",\n opensearchConfiguration: {\n domainArn: testCluster.arn,\n roleArn: firehose.arn,\n indexName: \"test\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n },\n vpcConfig: {\n subnetIds: [\n firstAwsSubnet.id,\n second.id,\n ],\n securityGroupIds: [first.id],\n roleArn: firehose.arn,\n },\n },\n}, {\n dependsOn: [firehose_opensearch],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_cluster = aws.opensearch.Domain(\"test_cluster\",\n domain_name=\"es-test\",\n cluster_config=aws.opensearch.DomainClusterConfigArgs(\n instance_count=2,\n zone_awareness_enabled=True,\n instance_type=\"m4.large.search\",\n ),\n ebs_options=aws.opensearch.DomainEbsOptionsArgs(\n ebs_enabled=True,\n volume_size=10,\n ),\n vpc_options=aws.opensearch.DomainVpcOptionsArgs(\n security_group_ids=[first[\"id\"]],\n subnet_ids=[\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n ))\nfirehose_opensearch = aws.iam.RolePolicy(\"firehose-opensearch\",\n name=\"opensearch\",\n role=firehose[\"id\"],\n policy=pulumi.Output.all(test_cluster.arn, test_cluster.arn).apply(lambda testClusterArn, testClusterArn1: f\"\"\"{{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"{test_cluster_arn}\",\n \"{test_cluster_arn1}/*\"\n ]\n }},\n {{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }}\n ]\n}}\n\"\"\"))\ntest = aws.kinesis.FirehoseDeliveryStream(\"test\",\n name=\"pulumi-kinesis-firehose-os\",\n destination=\"opensearch\",\n opensearch_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationArgs(\n domain_arn=test_cluster.arn,\n role_arn=firehose[\"arn\"],\n index_name=\"test\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs(\n role_arn=firehose[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n ),\n vpc_config=aws.kinesis.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs(\n subnet_ids=[\n first_aws_subnet[\"id\"],\n second[\"id\"],\n ],\n security_group_ids=[first[\"id\"]],\n role_arn=firehose[\"arn\"],\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[firehose_opensearch]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCluster = new Aws.OpenSearch.Domain(\"test_cluster\", new()\n {\n DomainName = \"es-test\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceCount = 2,\n ZoneAwarenessEnabled = true,\n InstanceType = \"m4.large.search\",\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n VpcOptions = new Aws.OpenSearch.Inputs.DomainVpcOptionsArgs\n {\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n },\n });\n\n var firehose_opensearch = new Aws.Iam.RolePolicy(\"firehose-opensearch\", new()\n {\n Name = \"opensearch\",\n Role = firehose.Id,\n Policy = Output.Tuple(testCluster.Arn, testCluster.Arn).Apply(values =\u003e\n {\n var testClusterArn = values.Item1;\n var testClusterArn1 = values.Item2;\n return @$\"{{\n \"\"Version\"\": \"\"2012-10-17\"\",\n \"\"Statement\"\": [\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"es:*\"\"\n ],\n \"\"Resource\"\": [\n \"\"{testClusterArn}\"\",\n \"\"{testClusterArn1}/*\"\"\n ]\n }},\n {{\n \"\"Effect\"\": \"\"Allow\"\",\n \"\"Action\"\": [\n \"\"ec2:DescribeVpcs\"\",\n \"\"ec2:DescribeVpcAttribute\"\",\n \"\"ec2:DescribeSubnets\"\",\n \"\"ec2:DescribeSecurityGroups\"\",\n \"\"ec2:DescribeNetworkInterfaces\"\",\n \"\"ec2:CreateNetworkInterface\"\",\n \"\"ec2:CreateNetworkInterfacePermission\"\",\n \"\"ec2:DeleteNetworkInterface\"\"\n ],\n \"\"Resource\"\": [\n \"\"*\"\"\n ]\n }}\n ]\n}}\n\";\n }),\n });\n\n var test = new Aws.Kinesis.FirehoseDeliveryStream(\"test\", new()\n {\n Name = \"pulumi-kinesis-firehose-os\",\n Destination = \"opensearch\",\n OpensearchConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs\n {\n DomainArn = testCluster.Arn,\n RoleArn = firehose.Arn,\n IndexName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n },\n VpcConfig = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs\n {\n SubnetIds = new[]\n {\n firstAwsSubnet.Id,\n second.Id,\n },\n SecurityGroupIds = new[]\n {\n first.Id,\n },\n RoleArn = firehose.Arn,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n firehose_opensearch, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCluster, err := opensearch.NewDomain(ctx, \"test_cluster\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"es-test\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceCount: pulumi.Int(2),\n\t\t\t\tZoneAwarenessEnabled: pulumi.Bool(true),\n\t\t\t\tInstanceType: pulumi.String(\"m4.large.search\"),\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t\tVpcOptions: \u0026opensearch.DomainVpcOptionsArgs{\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tfirst.Id,\n\t\t\t\t},\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\tsecond.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"firehose-opensearch\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"opensearch\"),\n\t\t\tRole: pulumi.Any(firehose.Id),\n\t\t\tPolicy: pulumi.All(testCluster.Arn, testCluster.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\ttestClusterArn := _args[0].(string)\n\t\t\t\ttestClusterArn1 := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(`{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"%v\",\n \"%v/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n`, testClusterArn, testClusterArn1), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"pulumi-kinesis-firehose-os\"),\n\t\t\tDestination: pulumi.String(\"opensearch\"),\n\t\t\tOpensearchConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationArgs{\n\t\t\t\tDomainArn: testCluster.Arn,\n\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t},\n\t\t\t\tVpcConfig: \u0026kinesis.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs{\n\t\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\t\tfirstAwsSubnet.Id,\n\t\t\t\t\t\tsecond.Id,\n\t\t\t\t\t},\n\t\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\t\tfirst.Id,\n\t\t\t\t\t},\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tfirehose_opensearch,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainVpcOptionsArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCluster = new Domain(\"testCluster\", DomainArgs.builder() \n .domainName(\"es-test\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceCount(2)\n .zoneAwarenessEnabled(true)\n .instanceType(\"m4.large.search\")\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .securityGroupIds(first.id())\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .build())\n .build());\n\n var firehose_opensearch = new RolePolicy(\"firehose-opensearch\", RolePolicyArgs.builder() \n .name(\"opensearch\")\n .role(firehose.id())\n .policy(Output.tuple(testCluster.arn(), testCluster.arn()).applyValue(values -\u003e {\n var testClusterArn = values.t1;\n var testClusterArn1 = values.t2;\n return \"\"\"\n{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"%s\",\n \"%s/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n}\n\", testClusterArn,testClusterArn1);\n }))\n .build());\n\n var test = new FirehoseDeliveryStream(\"test\", FirehoseDeliveryStreamArgs.builder() \n .name(\"pulumi-kinesis-firehose-os\")\n .destination(\"opensearch\")\n .opensearchConfiguration(FirehoseDeliveryStreamOpensearchConfigurationArgs.builder()\n .domainArn(testCluster.arn())\n .roleArn(firehose.arn())\n .indexName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .build())\n .vpcConfig(FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs.builder()\n .subnetIds( \n firstAwsSubnet.id(),\n second.id())\n .securityGroupIds(first.id())\n .roleArn(firehose.arn())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(firehose_opensearch)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCluster:\n type: aws:opensearch:Domain\n name: test_cluster\n properties:\n domainName: es-test\n clusterConfig:\n instanceCount: 2\n zoneAwarenessEnabled: true\n instanceType: m4.large.search\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n vpcOptions:\n securityGroupIds:\n - ${first.id}\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n firehose-opensearch:\n type: aws:iam:RolePolicy\n properties:\n name: opensearch\n role: ${firehose.id}\n policy: |\n {\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"es:*\"\n ],\n \"Resource\": [\n \"${testCluster.arn}\",\n \"${testCluster.arn}/*\"\n ]\n },\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeVpcs\",\n \"ec2:DescribeVpcAttribute\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n \"ec2:DescribeNetworkInterfaces\",\n \"ec2:CreateNetworkInterface\",\n \"ec2:CreateNetworkInterfacePermission\",\n \"ec2:DeleteNetworkInterface\"\n ],\n \"Resource\": [\n \"*\"\n ]\n }\n ]\n }\n test:\n type: aws:kinesis:FirehoseDeliveryStream\n properties:\n name: pulumi-kinesis-firehose-os\n destination: opensearch\n opensearchConfiguration:\n domainArn: ${testCluster.arn}\n roleArn: ${firehose.arn}\n indexName: test\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n vpcConfig:\n subnetIds:\n - ${firstAwsSubnet.id}\n - ${second.id}\n securityGroupIds:\n - ${first.id}\n roleArn: ${firehose.arn}\n options:\n dependson:\n - ${[\"firehose-opensearch\"]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### OpenSearch Serverless Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testCollection = new aws.opensearch.ServerlessCollection(\"test_collection\", {name: \"firehose-osserverless-test\"});\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"opensearchserverless\",\n opensearchserverlessConfiguration: {\n collectionEndpoint: testCollection.collectionEndpoint,\n roleArn: firehoseRole.arn,\n indexName: \"test\",\n s3Configuration: {\n roleArn: firehoseRole.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n processingConfiguration: {\n enabled: true,\n processors: [{\n type: \"Lambda\",\n parameters: [{\n parameterName: \"LambdaArn\",\n parameterValue: `${lambdaProcessor.arn}:$LATEST`,\n }],\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_collection = aws.opensearch.ServerlessCollection(\"test_collection\", name=\"firehose-osserverless-test\")\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"opensearchserverless\",\n opensearchserverless_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs(\n collection_endpoint=test_collection.collection_endpoint,\n role_arn=firehose_role[\"arn\"],\n index_name=\"test\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs(\n role_arn=firehose_role[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n processing_configuration=aws.kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs(\n enabled=True,\n processors=[aws.kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs(\n type=\"Lambda\",\n parameters=[aws.kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs(\n parameter_name=\"LambdaArn\",\n parameter_value=f\"{lambda_processor['arn']}:$LATEST\",\n )],\n )],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testCollection = new Aws.OpenSearch.ServerlessCollection(\"test_collection\", new()\n {\n Name = \"firehose-osserverless-test\",\n });\n\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"opensearchserverless\",\n OpensearchserverlessConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs\n {\n CollectionEndpoint = testCollection.CollectionEndpoint,\n RoleArn = firehoseRole.Arn,\n IndexName = \"test\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs\n {\n RoleArn = firehoseRole.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n ProcessingConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs\n {\n Enabled = true,\n Processors = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs\n {\n Type = \"Lambda\",\n Parameters = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs\n {\n ParameterName = \"LambdaArn\",\n ParameterValue = $\"{lambdaProcessor.Arn}:$LATEST\",\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestCollection, err := opensearch.NewServerlessCollection(ctx, \"test_collection\", \u0026opensearch.ServerlessCollectionArgs{\n\t\t\tName: pulumi.String(\"firehose-osserverless-test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"opensearchserverless\"),\n\t\t\tOpensearchserverlessConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs{\n\t\t\t\tCollectionEndpoint: testCollection.CollectionEndpoint,\n\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\tIndexName: pulumi.String(\"test\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehoseRole.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tProcessingConfiguration: \u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs{\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tProcessors: kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Lambda\"),\n\t\t\t\t\t\t\tParameters: kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArray{\n\t\t\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs{\n\t\t\t\t\t\t\t\t\tParameterName: pulumi.String(\"LambdaArn\"),\n\t\t\t\t\t\t\t\t\tParameterValue: pulumi.String(fmt.Sprintf(\"%v:$LATEST\", lambdaProcessor.Arn)),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessCollection;\nimport com.pulumi.aws.opensearch.ServerlessCollectionArgs;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testCollection = new ServerlessCollection(\"testCollection\", ServerlessCollectionArgs.builder() \n .name(\"firehose-osserverless-test\")\n .build());\n\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"opensearchserverless\")\n .opensearchserverlessConfiguration(FirehoseDeliveryStreamOpensearchserverlessConfigurationArgs.builder()\n .collectionEndpoint(testCollection.collectionEndpoint())\n .roleArn(firehoseRole.arn())\n .indexName(\"test\")\n .s3Configuration(FirehoseDeliveryStreamOpensearchserverlessConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehoseRole.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .processingConfiguration(FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationArgs.builder()\n .enabled(\"true\")\n .processors(FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorArgs.builder()\n .type(\"Lambda\")\n .parameters(FirehoseDeliveryStreamOpensearchserverlessConfigurationProcessingConfigurationProcessorParameterArgs.builder()\n .parameterName(\"LambdaArn\")\n .parameterValue(String.format(\"%s:$LATEST\", lambdaProcessor.arn()))\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testCollection:\n type: aws:opensearch:ServerlessCollection\n name: test_collection\n properties:\n name: firehose-osserverless-test\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: opensearchserverless\n opensearchserverlessConfiguration:\n collectionEndpoint: ${testCollection.collectionEndpoint}\n roleArn: ${firehoseRole.arn}\n indexName: test\n s3Configuration:\n roleArn: ${firehoseRole.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n processingConfiguration:\n enabled: 'true'\n processors:\n - type: Lambda\n parameters:\n - parameterName: LambdaArn\n parameterValue: ${lambdaProcessor.arn}:$LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Splunk Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"splunk\",\n splunkConfiguration: {\n hecEndpoint: \"https://http-inputs-mydomain.splunkcloud.com:443\",\n hecToken: \"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n hecAcknowledgmentTimeout: 600,\n hecEndpointType: \"Event\",\n s3BackupMode: \"FailedEventsOnly\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"splunk\",\n splunk_configuration=aws.kinesis.FirehoseDeliveryStreamSplunkConfigurationArgs(\n hec_endpoint=\"https://http-inputs-mydomain.splunkcloud.com:443\",\n hec_token=\"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n hec_acknowledgment_timeout=600,\n hec_endpoint_type=\"Event\",\n s3_backup_mode=\"FailedEventsOnly\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs(\n role_arn=firehose[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"splunk\",\n SplunkConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamSplunkConfigurationArgs\n {\n HecEndpoint = \"https://http-inputs-mydomain.splunkcloud.com:443\",\n HecToken = \"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\",\n HecAcknowledgmentTimeout = 600,\n HecEndpointType = \"Event\",\n S3BackupMode = \"FailedEventsOnly\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"splunk\"),\n\t\t\tSplunkConfiguration: \u0026kinesis.FirehoseDeliveryStreamSplunkConfigurationArgs{\n\t\t\t\tHecEndpoint: pulumi.String(\"https://http-inputs-mydomain.splunkcloud.com:443\"),\n\t\t\t\tHecToken: pulumi.String(\"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\"),\n\t\t\t\tHecAcknowledgmentTimeout: pulumi.Int(600),\n\t\t\t\tHecEndpointType: pulumi.String(\"Event\"),\n\t\t\t\tS3BackupMode: pulumi.String(\"FailedEventsOnly\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamSplunkConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"splunk\")\n .splunkConfiguration(FirehoseDeliveryStreamSplunkConfigurationArgs.builder()\n .hecEndpoint(\"https://http-inputs-mydomain.splunkcloud.com:443\")\n .hecToken(\"51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\")\n .hecAcknowledgmentTimeout(600)\n .hecEndpointType(\"Event\")\n .s3BackupMode(\"FailedEventsOnly\")\n .s3Configuration(FirehoseDeliveryStreamSplunkConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: splunk\n splunkConfiguration:\n hecEndpoint: https://http-inputs-mydomain.splunkcloud.com:443\n hecToken: 51D4DA16-C61B-4F5F-8EC7-ED4301342A4A\n hecAcknowledgmentTimeout: 600\n hecEndpointType: Event\n s3BackupMode: FailedEventsOnly\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### HTTP Endpoint (e.g., New Relic) Destination\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testStream = new aws.kinesis.FirehoseDeliveryStream(\"test_stream\", {\n name: \"kinesis-firehose-test-stream\",\n destination: \"http_endpoint\",\n httpEndpointConfiguration: {\n url: \"https://aws-api.newrelic.com/firehose/v1\",\n name: \"New Relic\",\n accessKey: \"my-key\",\n bufferingSize: 15,\n bufferingInterval: 600,\n roleArn: firehose.arn,\n s3BackupMode: \"FailedDataOnly\",\n s3Configuration: {\n roleArn: firehose.arn,\n bucketArn: bucket.arn,\n bufferingSize: 10,\n bufferingInterval: 400,\n compressionFormat: \"GZIP\",\n },\n requestConfiguration: {\n contentEncoding: \"GZIP\",\n commonAttributes: [\n {\n name: \"testname\",\n value: \"testvalue\",\n },\n {\n name: \"testname2\",\n value: \"testvalue2\",\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_stream = aws.kinesis.FirehoseDeliveryStream(\"test_stream\",\n name=\"kinesis-firehose-test-stream\",\n destination=\"http_endpoint\",\n http_endpoint_configuration=aws.kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationArgs(\n url=\"https://aws-api.newrelic.com/firehose/v1\",\n name=\"New Relic\",\n access_key=\"my-key\",\n buffering_size=15,\n buffering_interval=600,\n role_arn=firehose[\"arn\"],\n s3_backup_mode=\"FailedDataOnly\",\n s3_configuration=aws.kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs(\n role_arn=firehose[\"arn\"],\n bucket_arn=bucket[\"arn\"],\n buffering_size=10,\n buffering_interval=400,\n compression_format=\"GZIP\",\n ),\n request_configuration=aws.kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs(\n content_encoding=\"GZIP\",\n common_attributes=[\n aws.kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs(\n name=\"testname\",\n value=\"testvalue\",\n ),\n aws.kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs(\n name=\"testname2\",\n value=\"testvalue2\",\n ),\n ],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testStream = new Aws.Kinesis.FirehoseDeliveryStream(\"test_stream\", new()\n {\n Name = \"kinesis-firehose-test-stream\",\n Destination = \"http_endpoint\",\n HttpEndpointConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationArgs\n {\n Url = \"https://aws-api.newrelic.com/firehose/v1\",\n Name = \"New Relic\",\n AccessKey = \"my-key\",\n BufferingSize = 15,\n BufferingInterval = 600,\n RoleArn = firehose.Arn,\n S3BackupMode = \"FailedDataOnly\",\n S3Configuration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs\n {\n RoleArn = firehose.Arn,\n BucketArn = bucket.Arn,\n BufferingSize = 10,\n BufferingInterval = 400,\n CompressionFormat = \"GZIP\",\n },\n RequestConfiguration = new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs\n {\n ContentEncoding = \"GZIP\",\n CommonAttributes = new[]\n {\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs\n {\n Name = \"testname\",\n Value = \"testvalue\",\n },\n new Aws.Kinesis.Inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs\n {\n Name = \"testname2\",\n Value = \"testvalue2\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kinesis\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kinesis.NewFirehoseDeliveryStream(ctx, \"test_stream\", \u0026kinesis.FirehoseDeliveryStreamArgs{\n\t\t\tName: pulumi.String(\"kinesis-firehose-test-stream\"),\n\t\t\tDestination: pulumi.String(\"http_endpoint\"),\n\t\t\tHttpEndpointConfiguration: \u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationArgs{\n\t\t\t\tUrl: pulumi.String(\"https://aws-api.newrelic.com/firehose/v1\"),\n\t\t\t\tName: pulumi.String(\"New Relic\"),\n\t\t\t\tAccessKey: pulumi.String(\"my-key\"),\n\t\t\t\tBufferingSize: pulumi.Int(15),\n\t\t\t\tBufferingInterval: pulumi.Int(600),\n\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\tS3BackupMode: pulumi.String(\"FailedDataOnly\"),\n\t\t\t\tS3Configuration: \u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs{\n\t\t\t\t\tRoleArn: pulumi.Any(firehose.Arn),\n\t\t\t\t\tBucketArn: pulumi.Any(bucket.Arn),\n\t\t\t\t\tBufferingSize: pulumi.Int(10),\n\t\t\t\t\tBufferingInterval: pulumi.Int(400),\n\t\t\t\t\tCompressionFormat: pulumi.String(\"GZIP\"),\n\t\t\t\t},\n\t\t\t\tRequestConfiguration: \u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs{\n\t\t\t\t\tContentEncoding: pulumi.String(\"GZIP\"),\n\t\t\t\t\tCommonAttributes: kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArray{\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"testname\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"testvalue\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026kinesis.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs{\n\t\t\t\t\t\t\tName: pulumi.String(\"testname2\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"testvalue2\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStream;\nimport com.pulumi.aws.kinesis.FirehoseDeliveryStreamArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamHttpEndpointConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs;\nimport com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testStream = new FirehoseDeliveryStream(\"testStream\", FirehoseDeliveryStreamArgs.builder() \n .name(\"kinesis-firehose-test-stream\")\n .destination(\"http_endpoint\")\n .httpEndpointConfiguration(FirehoseDeliveryStreamHttpEndpointConfigurationArgs.builder()\n .url(\"https://aws-api.newrelic.com/firehose/v1\")\n .name(\"New Relic\")\n .accessKey(\"my-key\")\n .bufferingSize(15)\n .bufferingInterval(600)\n .roleArn(firehose.arn())\n .s3BackupMode(\"FailedDataOnly\")\n .s3Configuration(FirehoseDeliveryStreamHttpEndpointConfigurationS3ConfigurationArgs.builder()\n .roleArn(firehose.arn())\n .bucketArn(bucket.arn())\n .bufferingSize(10)\n .bufferingInterval(400)\n .compressionFormat(\"GZIP\")\n .build())\n .requestConfiguration(FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationArgs.builder()\n .contentEncoding(\"GZIP\")\n .commonAttributes( \n FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs.builder()\n .name(\"testname\")\n .value(\"testvalue\")\n .build(),\n FirehoseDeliveryStreamHttpEndpointConfigurationRequestConfigurationCommonAttributeArgs.builder()\n .name(\"testname2\")\n .value(\"testvalue2\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testStream:\n type: aws:kinesis:FirehoseDeliveryStream\n name: test_stream\n properties:\n name: kinesis-firehose-test-stream\n destination: http_endpoint\n httpEndpointConfiguration:\n url: https://aws-api.newrelic.com/firehose/v1\n name: New Relic\n accessKey: my-key\n bufferingSize: 15\n bufferingInterval: 600\n roleArn: ${firehose.arn}\n s3BackupMode: FailedDataOnly\n s3Configuration:\n roleArn: ${firehose.arn}\n bucketArn: ${bucket.arn}\n bufferingSize: 10\n bufferingInterval: 400\n compressionFormat: GZIP\n requestConfiguration:\n contentEncoding: GZIP\n commonAttributes:\n - name: testname\n value: testvalue\n - name: testname2\n value: testvalue2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Kinesis Firehose Delivery streams using the stream ARN. For example:\n\n```sh\n$ pulumi import aws:kinesis/firehoseDeliveryStream:FirehoseDeliveryStream foo arn:aws:firehose:us-east-1:XXX:deliverystream/example\n```\nNote: Import does not work for stream destination `s3`. Consider using `extended_s3` since `s3` destination is deprecated.\n\n", "properties": { "arn": { "type": "string", @@ -265723,7 +265723,7 @@ } }, "aws:kms/keyPolicy:KeyPolicy": { - "description": "Attaches a policy to a KMS Key.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {description: \"example\"});\nconst exampleKeyPolicy = new aws.kms.KeyPolicy(\"example\", {\n keyId: example.id,\n policy: JSON.stringify({\n id: \"example\",\n statement: [{\n action: \"kms:*\",\n effect: \"Allow\",\n principal: {\n AWS: \"*\",\n },\n resource: \"*\",\n sid: \"Enable IAM User Permissions\",\n }],\n version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\", description=\"example\")\nexample_key_policy = aws.kms.KeyPolicy(\"example\",\n key_id=example.id,\n policy=json.dumps({\n \"id\": \"example\",\n \"statement\": [{\n \"action\": \"kms:*\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": \"*\",\n },\n \"resource\": \"*\",\n \"sid\": \"Enable IAM User Permissions\",\n }],\n \"version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"example\",\n });\n\n var exampleKeyPolicy = new Aws.Kms.KeyPolicy(\"example\", new()\n {\n KeyId = example.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"id\"] = \"example\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"kms:*\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"resource\"] = \"*\",\n [\"sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"id\": \"example\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"kms:*\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKeyPolicy(ctx, \"example\", \u0026kms.KeyPolicyArgs{\n\t\t\tKeyId: example.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.kms.KeyPolicy;\nimport com.pulumi.aws.kms.KeyPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder() \n .description(\"example\")\n .build());\n\n var exampleKeyPolicy = new KeyPolicy(\"exampleKeyPolicy\", KeyPolicyArgs.builder() \n .keyId(example.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"id\", \"example\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"kms:*\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"sid\", \"Enable IAM User Permissions\")\n ))),\n jsonProperty(\"version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: example\n exampleKeyPolicy:\n type: aws:kms:KeyPolicy\n name: example\n properties:\n keyId: ${example.id}\n policy:\n fn::toJSON:\n id: example\n statement:\n - action: kms:*\n effect: Allow\n principal:\n AWS: '*'\n resource: '*'\n sid: Enable IAM User Permissions\n version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import KMS Key Policies using the `key_id`. For example:\n\n```sh\n$ pulumi import aws:kms/keyPolicy:KeyPolicy a 1234abcd-12ab-34cd-56ef-1234567890ab\n```\n", + "description": "Attaches a policy to a KMS Key.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.kms.Key(\"example\", {description: \"example\"});\nconst exampleKeyPolicy = new aws.kms.KeyPolicy(\"example\", {\n keyId: example.id,\n policy: JSON.stringify({\n Id: \"example\",\n Statement: [{\n Action: \"kms:*\",\n Effect: \"Allow\",\n Principal: {\n AWS: \"*\",\n },\n Resource: \"*\",\n Sid: \"Enable IAM User Permissions\",\n }],\n Version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.kms.Key(\"example\", description=\"example\")\nexample_key_policy = aws.kms.KeyPolicy(\"example\",\n key_id=example.id,\n policy=json.dumps({\n \"Id\": \"example\",\n \"Statement\": [{\n \"Action\": \"kms:*\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"*\",\n },\n \"Resource\": \"*\",\n \"Sid\": \"Enable IAM User Permissions\",\n }],\n \"Version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"example\",\n });\n\n var exampleKeyPolicy = new Aws.Kms.KeyPolicy(\"example\", new()\n {\n KeyId = example.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Id\"] = \"example\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"Resource\"] = \"*\",\n [\"Sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Id\": \"example\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKeyPolicy(ctx, \"example\", \u0026kms.KeyPolicyArgs{\n\t\t\tKeyId: example.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.kms.KeyPolicy;\nimport com.pulumi.aws.kms.KeyPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Key(\"example\", KeyArgs.builder() \n .description(\"example\")\n .build());\n\n var exampleKeyPolicy = new KeyPolicy(\"exampleKeyPolicy\", KeyPolicyArgs.builder() \n .keyId(example.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Id\", \"example\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\")\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n description: example\n exampleKeyPolicy:\n type: aws:kms:KeyPolicy\n name: example\n properties:\n keyId: ${example.id}\n policy:\n fn::toJSON:\n Id: example\n Statement:\n - Action: kms:*\n Effect: Allow\n Principal:\n AWS: '*'\n Resource: '*'\n Sid: Enable IAM User Permissions\n Version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import KMS Key Policies using the `key_id`. For example:\n\n```sh\n$ pulumi import aws:kms/keyPolicy:KeyPolicy a 1234abcd-12ab-34cd-56ef-1234567890ab\n```\n", "properties": { "bypassPolicyLockoutSafetyCheck": { "type": "boolean", @@ -267162,7 +267162,7 @@ } }, "aws:lambda/eventSourceMapping:EventSourceMapping": { - "description": "Provides a Lambda event source mapping. This allows Lambda functions to get events from Kinesis, DynamoDB, SQS, Amazon MQ and Managed Streaming for Apache Kafka (MSK).\n\nFor information about Lambda and how to use it, see [What is AWS Lambda?](http://docs.aws.amazon.com/lambda/latest/dg/welcome.html).\nFor information about event source mappings, see [CreateEventSourceMapping](http://docs.aws.amazon.com/lambda/latest/dg/API_CreateEventSourceMapping.html) in the API docs.\n\n## Example Usage\n\n### DynamoDB\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: exampleAwsDynamodbTable.streamArn,\n functionName: exampleAwsLambdaFunction.arn,\n startingPosition: \"LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=example_aws_dynamodb_table[\"streamArn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n starting_position=\"LATEST\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = exampleAwsDynamodbTable.StreamArn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n StartingPosition = \"LATEST\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsDynamodbTable.StreamArn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tStartingPosition: pulumi.String(\"LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .eventSourceArn(exampleAwsDynamodbTable.streamArn())\n .functionName(exampleAwsLambdaFunction.arn())\n .startingPosition(\"LATEST\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${exampleAwsDynamodbTable.streamArn}\n functionName: ${exampleAwsLambdaFunction.arn}\n startingPosition: LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Kinesis\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: exampleAwsKinesisStream.arn,\n functionName: exampleAwsLambdaFunction.arn,\n startingPosition: \"LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=example_aws_kinesis_stream[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n starting_position=\"LATEST\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = exampleAwsKinesisStream.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n StartingPosition = \"LATEST\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsKinesisStream.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tStartingPosition: pulumi.String(\"LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .eventSourceArn(exampleAwsKinesisStream.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .startingPosition(\"LATEST\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${exampleAwsKinesisStream.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n startingPosition: LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Managed Streaming for Apache Kafka (MSK)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: exampleAwsMskCluster.arn,\n functionName: exampleAwsLambdaFunction.arn,\n topics: [\"Example\"],\n startingPosition: \"TRIM_HORIZON\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=example_aws_msk_cluster[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n topics=[\"Example\"],\n starting_position=\"TRIM_HORIZON\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = exampleAwsMskCluster.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n Topics = new[]\n {\n \"Example\",\n },\n StartingPosition = \"TRIM_HORIZON\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsMskCluster.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tTopics: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Example\"),\n\t\t\t},\n\t\t\tStartingPosition: pulumi.String(\"TRIM_HORIZON\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .eventSourceArn(exampleAwsMskCluster.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .topics(\"Example\")\n .startingPosition(\"TRIM_HORIZON\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${exampleAwsMskCluster.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n topics:\n - Example\n startingPosition: TRIM_HORIZON\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Self Managed Apache Kafka\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n functionName: exampleAwsLambdaFunction.arn,\n topics: [\"Example\"],\n startingPosition: \"TRIM_HORIZON\",\n selfManagedEventSource: {\n endpoints: {\n KAFKA_BOOTSTRAP_SERVERS: \"kafka1.example.com:9092,kafka2.example.com:9092\",\n },\n },\n sourceAccessConfigurations: [\n {\n type: \"VPC_SUBNET\",\n uri: \"subnet:subnet-example1\",\n },\n {\n type: \"VPC_SUBNET\",\n uri: \"subnet:subnet-example2\",\n },\n {\n type: \"VPC_SECURITY_GROUP\",\n uri: \"security_group:sg-example\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n function_name=example_aws_lambda_function[\"arn\"],\n topics=[\"Example\"],\n starting_position=\"TRIM_HORIZON\",\n self_managed_event_source=aws.lambda_.EventSourceMappingSelfManagedEventSourceArgs(\n endpoints={\n \"KAFKA_BOOTSTRAP_SERVERS\": \"kafka1.example.com:9092,kafka2.example.com:9092\",\n },\n ),\n source_access_configurations=[\n aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"VPC_SUBNET\",\n uri=\"subnet:subnet-example1\",\n ),\n aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"VPC_SUBNET\",\n uri=\"subnet:subnet-example2\",\n ),\n aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"VPC_SECURITY_GROUP\",\n uri=\"security_group:sg-example\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n FunctionName = exampleAwsLambdaFunction.Arn,\n Topics = new[]\n {\n \"Example\",\n },\n StartingPosition = \"TRIM_HORIZON\",\n SelfManagedEventSource = new Aws.Lambda.Inputs.EventSourceMappingSelfManagedEventSourceArgs\n {\n Endpoints = \n {\n { \"KAFKA_BOOTSTRAP_SERVERS\", \"kafka1.example.com:9092,kafka2.example.com:9092\" },\n },\n },\n SourceAccessConfigurations = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VPC_SUBNET\",\n Uri = \"subnet:subnet-example1\",\n },\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VPC_SUBNET\",\n Uri = \"subnet:subnet-example2\",\n },\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VPC_SECURITY_GROUP\",\n Uri = \"security_group:sg-example\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tTopics: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Example\"),\n\t\t\t},\n\t\t\tStartingPosition: pulumi.String(\"TRIM_HORIZON\"),\n\t\t\tSelfManagedEventSource: \u0026lambda.EventSourceMappingSelfManagedEventSourceArgs{\n\t\t\t\tEndpoints: pulumi.StringMap{\n\t\t\t\t\t\"KAFKA_BOOTSTRAP_SERVERS\": pulumi.String(\"kafka1.example.com:9092,kafka2.example.com:9092\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSourceAccessConfigurations: lambda.EventSourceMappingSourceAccessConfigurationArray{\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VPC_SUBNET\"),\n\t\t\t\t\tUri: pulumi.String(\"subnet:subnet-example1\"),\n\t\t\t\t},\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VPC_SUBNET\"),\n\t\t\t\t\tUri: pulumi.String(\"subnet:subnet-example2\"),\n\t\t\t\t},\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VPC_SECURITY_GROUP\"),\n\t\t\t\t\tUri: pulumi.String(\"security_group:sg-example\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSelfManagedEventSourceArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSourceAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .functionName(exampleAwsLambdaFunction.arn())\n .topics(\"Example\")\n .startingPosition(\"TRIM_HORIZON\")\n .selfManagedEventSource(EventSourceMappingSelfManagedEventSourceArgs.builder()\n .endpoints(Map.of(\"KAFKA_BOOTSTRAP_SERVERS\", \"kafka1.example.com:9092,kafka2.example.com:9092\"))\n .build())\n .sourceAccessConfigurations( \n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VPC_SUBNET\")\n .uri(\"subnet:subnet-example1\")\n .build(),\n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VPC_SUBNET\")\n .uri(\"subnet:subnet-example2\")\n .build(),\n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VPC_SECURITY_GROUP\")\n .uri(\"security_group:sg-example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n functionName: ${exampleAwsLambdaFunction.arn}\n topics:\n - Example\n startingPosition: TRIM_HORIZON\n selfManagedEventSource:\n endpoints:\n KAFKA_BOOTSTRAP_SERVERS: kafka1.example.com:9092,kafka2.example.com:9092\n sourceAccessConfigurations:\n - type: VPC_SUBNET\n uri: subnet:subnet-example1\n - type: VPC_SUBNET\n uri: subnet:subnet-example2\n - type: VPC_SECURITY_GROUP\n uri: security_group:sg-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SQS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: sqsQueueTest.arn,\n functionName: exampleAwsLambdaFunction.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=sqs_queue_test[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = sqsQueueTest.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(sqsQueueTest.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .eventSourceArn(sqsQueueTest.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${sqsQueueTest.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SQS with event filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: sqsQueueTest.arn,\n functionName: exampleAwsLambdaFunction.arn,\n filterCriteria: {\n filters: [{\n pattern: JSON.stringify({\n body: {\n temperature: [{\n numeric: [\n \"\u003e\",\n 0,\n \"\u003c=\",\n 100,\n ],\n }],\n location: [\"New York\"],\n },\n }),\n }],\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=sqs_queue_test[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n filter_criteria=aws.lambda_.EventSourceMappingFilterCriteriaArgs(\n filters=[aws.lambda_.EventSourceMappingFilterCriteriaFilterArgs(\n pattern=json.dumps({\n \"body\": {\n \"temperature\": [{\n \"numeric\": [\n \"\u003e\",\n 0,\n \"\u003c=\",\n 100,\n ],\n }],\n \"location\": [\"New York\"],\n },\n }),\n )],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = sqsQueueTest.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n FilterCriteria = new Aws.Lambda.Inputs.EventSourceMappingFilterCriteriaArgs\n {\n Filters = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingFilterCriteriaFilterArgs\n {\n Pattern = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"body\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"temperature\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"numeric\"] = new object?[]\n {\n \"\u003e\",\n 0,\n \"\u003c=\",\n 100,\n },\n },\n },\n [\"location\"] = new[]\n {\n \"New York\",\n },\n },\n }),\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"body\": map[string]interface{}{\n\t\t\t\t\"temperature\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"numeric\": []interface{}{\n\t\t\t\t\t\t\t\"\u003e\",\n\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\"\u003c=\",\n\t\t\t\t\t\t\t100,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"location\": []string{\n\t\t\t\t\t\"New York\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(sqsQueueTest.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tFilterCriteria: \u0026lambda.EventSourceMappingFilterCriteriaArgs{\n\t\t\t\tFilters: lambda.EventSourceMappingFilterCriteriaFilterArray{\n\t\t\t\t\t\u0026lambda.EventSourceMappingFilterCriteriaFilterArgs{\n\t\t\t\t\t\tPattern: pulumi.String(json0),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingFilterCriteriaArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .eventSourceArn(sqsQueueTest.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .filterCriteria(EventSourceMappingFilterCriteriaArgs.builder()\n .filters(EventSourceMappingFilterCriteriaFilterArgs.builder()\n .pattern(serializeJson(\n jsonObject(\n jsonProperty(\"body\", jsonObject(\n jsonProperty(\"temperature\", jsonArray(jsonObject(\n jsonProperty(\"numeric\", jsonArray(\n \"\u003e\", \n 0, \n \"\u003c=\", \n 100\n ))\n ))),\n jsonProperty(\"location\", jsonArray(\"New York\"))\n ))\n )))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${sqsQueueTest.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n filterCriteria:\n filters:\n - pattern:\n fn::toJSON:\n body:\n temperature:\n - numeric:\n - '\u003e'\n - 0\n - \u003c=\n - 100\n location:\n - New York\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Amazon MQ (ActiveMQ)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n batchSize: 10,\n eventSourceArn: exampleAwsMqBroker.arn,\n enabled: true,\n functionName: exampleAwsLambdaFunction.arn,\n queues: \"example\",\n sourceAccessConfigurations: [{\n type: \"BASIC_AUTH\",\n uri: exampleAwsSecretsmanagerSecretVersion.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n batch_size=10,\n event_source_arn=example_aws_mq_broker[\"arn\"],\n enabled=True,\n function_name=example_aws_lambda_function[\"arn\"],\n queues=\"example\",\n source_access_configurations=[aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"BASIC_AUTH\",\n uri=example_aws_secretsmanager_secret_version[\"arn\"],\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n BatchSize = 10,\n EventSourceArn = exampleAwsMqBroker.Arn,\n Enabled = true,\n FunctionName = exampleAwsLambdaFunction.Arn,\n Queues = \"example\",\n SourceAccessConfigurations = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"BASIC_AUTH\",\n Uri = exampleAwsSecretsmanagerSecretVersion.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tBatchSize: pulumi.Int(10),\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsMqBroker.Arn),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tQueues: pulumi.String(\"example\"),\n\t\t\tSourceAccessConfigurations: lambda.EventSourceMappingSourceAccessConfigurationArray{\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"BASIC_AUTH\"),\n\t\t\t\t\tUri: pulumi.Any(exampleAwsSecretsmanagerSecretVersion.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSourceAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .batchSize(10)\n .eventSourceArn(exampleAwsMqBroker.arn())\n .enabled(true)\n .functionName(exampleAwsLambdaFunction.arn())\n .queues(\"example\")\n .sourceAccessConfigurations(EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"BASIC_AUTH\")\n .uri(exampleAwsSecretsmanagerSecretVersion.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n batchSize: 10\n eventSourceArn: ${exampleAwsMqBroker.arn}\n enabled: true\n functionName: ${exampleAwsLambdaFunction.arn}\n queues: example\n sourceAccessConfigurations:\n - type: BASIC_AUTH\n uri: ${exampleAwsSecretsmanagerSecretVersion.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Amazon MQ (RabbitMQ)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n batchSize: 1,\n eventSourceArn: exampleAwsMqBroker.arn,\n enabled: true,\n functionName: exampleAwsLambdaFunction.arn,\n queues: \"example\",\n sourceAccessConfigurations: [\n {\n type: \"VIRTUAL_HOST\",\n uri: \"/example\",\n },\n {\n type: \"BASIC_AUTH\",\n uri: exampleAwsSecretsmanagerSecretVersion.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n batch_size=1,\n event_source_arn=example_aws_mq_broker[\"arn\"],\n enabled=True,\n function_name=example_aws_lambda_function[\"arn\"],\n queues=\"example\",\n source_access_configurations=[\n aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"VIRTUAL_HOST\",\n uri=\"/example\",\n ),\n aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"BASIC_AUTH\",\n uri=example_aws_secretsmanager_secret_version[\"arn\"],\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n BatchSize = 1,\n EventSourceArn = exampleAwsMqBroker.Arn,\n Enabled = true,\n FunctionName = exampleAwsLambdaFunction.Arn,\n Queues = \"example\",\n SourceAccessConfigurations = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VIRTUAL_HOST\",\n Uri = \"/example\",\n },\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"BASIC_AUTH\",\n Uri = exampleAwsSecretsmanagerSecretVersion.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tBatchSize: pulumi.Int(1),\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsMqBroker.Arn),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tQueues: pulumi.String(\"example\"),\n\t\t\tSourceAccessConfigurations: lambda.EventSourceMappingSourceAccessConfigurationArray{\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VIRTUAL_HOST\"),\n\t\t\t\t\tUri: pulumi.String(\"/example\"),\n\t\t\t\t},\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"BASIC_AUTH\"),\n\t\t\t\t\tUri: pulumi.Any(exampleAwsSecretsmanagerSecretVersion.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSourceAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .batchSize(1)\n .eventSourceArn(exampleAwsMqBroker.arn())\n .enabled(true)\n .functionName(exampleAwsLambdaFunction.arn())\n .queues(\"example\")\n .sourceAccessConfigurations( \n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VIRTUAL_HOST\")\n .uri(\"/example\")\n .build(),\n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"BASIC_AUTH\")\n .uri(exampleAwsSecretsmanagerSecretVersion.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n batchSize: 1\n eventSourceArn: ${exampleAwsMqBroker.arn}\n enabled: true\n functionName: ${exampleAwsLambdaFunction.arn}\n queues: example\n sourceAccessConfigurations:\n - type: VIRTUAL_HOST\n uri: /example\n - type: BASIC_AUTH\n uri: ${exampleAwsSecretsmanagerSecretVersion.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lambda event source mappings using the `UUID` (event source mapping identifier). For example:\n\n```sh\n$ pulumi import aws:lambda/eventSourceMapping:EventSourceMapping event_source_mapping 12345kxodurf3443\n```\n", + "description": "Provides a Lambda event source mapping. This allows Lambda functions to get events from Kinesis, DynamoDB, SQS, Amazon MQ and Managed Streaming for Apache Kafka (MSK).\n\nFor information about Lambda and how to use it, see [What is AWS Lambda?](http://docs.aws.amazon.com/lambda/latest/dg/welcome.html).\nFor information about event source mappings, see [CreateEventSourceMapping](http://docs.aws.amazon.com/lambda/latest/dg/API_CreateEventSourceMapping.html) in the API docs.\n\n## Example Usage\n\n### DynamoDB\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: exampleAwsDynamodbTable.streamArn,\n functionName: exampleAwsLambdaFunction.arn,\n startingPosition: \"LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=example_aws_dynamodb_table[\"streamArn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n starting_position=\"LATEST\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = exampleAwsDynamodbTable.StreamArn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n StartingPosition = \"LATEST\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsDynamodbTable.StreamArn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tStartingPosition: pulumi.String(\"LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .eventSourceArn(exampleAwsDynamodbTable.streamArn())\n .functionName(exampleAwsLambdaFunction.arn())\n .startingPosition(\"LATEST\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${exampleAwsDynamodbTable.streamArn}\n functionName: ${exampleAwsLambdaFunction.arn}\n startingPosition: LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Kinesis\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: exampleAwsKinesisStream.arn,\n functionName: exampleAwsLambdaFunction.arn,\n startingPosition: \"LATEST\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=example_aws_kinesis_stream[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n starting_position=\"LATEST\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = exampleAwsKinesisStream.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n StartingPosition = \"LATEST\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsKinesisStream.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tStartingPosition: pulumi.String(\"LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .eventSourceArn(exampleAwsKinesisStream.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .startingPosition(\"LATEST\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${exampleAwsKinesisStream.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n startingPosition: LATEST\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Managed Streaming for Apache Kafka (MSK)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: exampleAwsMskCluster.arn,\n functionName: exampleAwsLambdaFunction.arn,\n topics: [\"Example\"],\n startingPosition: \"TRIM_HORIZON\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=example_aws_msk_cluster[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n topics=[\"Example\"],\n starting_position=\"TRIM_HORIZON\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = exampleAwsMskCluster.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n Topics = new[]\n {\n \"Example\",\n },\n StartingPosition = \"TRIM_HORIZON\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsMskCluster.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tTopics: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Example\"),\n\t\t\t},\n\t\t\tStartingPosition: pulumi.String(\"TRIM_HORIZON\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .eventSourceArn(exampleAwsMskCluster.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .topics(\"Example\")\n .startingPosition(\"TRIM_HORIZON\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${exampleAwsMskCluster.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n topics:\n - Example\n startingPosition: TRIM_HORIZON\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Self Managed Apache Kafka\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n functionName: exampleAwsLambdaFunction.arn,\n topics: [\"Example\"],\n startingPosition: \"TRIM_HORIZON\",\n selfManagedEventSource: {\n endpoints: {\n KAFKA_BOOTSTRAP_SERVERS: \"kafka1.example.com:9092,kafka2.example.com:9092\",\n },\n },\n sourceAccessConfigurations: [\n {\n type: \"VPC_SUBNET\",\n uri: \"subnet:subnet-example1\",\n },\n {\n type: \"VPC_SUBNET\",\n uri: \"subnet:subnet-example2\",\n },\n {\n type: \"VPC_SECURITY_GROUP\",\n uri: \"security_group:sg-example\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n function_name=example_aws_lambda_function[\"arn\"],\n topics=[\"Example\"],\n starting_position=\"TRIM_HORIZON\",\n self_managed_event_source=aws.lambda_.EventSourceMappingSelfManagedEventSourceArgs(\n endpoints={\n \"KAFKA_BOOTSTRAP_SERVERS\": \"kafka1.example.com:9092,kafka2.example.com:9092\",\n },\n ),\n source_access_configurations=[\n aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"VPC_SUBNET\",\n uri=\"subnet:subnet-example1\",\n ),\n aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"VPC_SUBNET\",\n uri=\"subnet:subnet-example2\",\n ),\n aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"VPC_SECURITY_GROUP\",\n uri=\"security_group:sg-example\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n FunctionName = exampleAwsLambdaFunction.Arn,\n Topics = new[]\n {\n \"Example\",\n },\n StartingPosition = \"TRIM_HORIZON\",\n SelfManagedEventSource = new Aws.Lambda.Inputs.EventSourceMappingSelfManagedEventSourceArgs\n {\n Endpoints = \n {\n { \"KAFKA_BOOTSTRAP_SERVERS\", \"kafka1.example.com:9092,kafka2.example.com:9092\" },\n },\n },\n SourceAccessConfigurations = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VPC_SUBNET\",\n Uri = \"subnet:subnet-example1\",\n },\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VPC_SUBNET\",\n Uri = \"subnet:subnet-example2\",\n },\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VPC_SECURITY_GROUP\",\n Uri = \"security_group:sg-example\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tTopics: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Example\"),\n\t\t\t},\n\t\t\tStartingPosition: pulumi.String(\"TRIM_HORIZON\"),\n\t\t\tSelfManagedEventSource: \u0026lambda.EventSourceMappingSelfManagedEventSourceArgs{\n\t\t\t\tEndpoints: pulumi.StringMap{\n\t\t\t\t\t\"KAFKA_BOOTSTRAP_SERVERS\": pulumi.String(\"kafka1.example.com:9092,kafka2.example.com:9092\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tSourceAccessConfigurations: lambda.EventSourceMappingSourceAccessConfigurationArray{\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VPC_SUBNET\"),\n\t\t\t\t\tUri: pulumi.String(\"subnet:subnet-example1\"),\n\t\t\t\t},\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VPC_SUBNET\"),\n\t\t\t\t\tUri: pulumi.String(\"subnet:subnet-example2\"),\n\t\t\t\t},\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VPC_SECURITY_GROUP\"),\n\t\t\t\t\tUri: pulumi.String(\"security_group:sg-example\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSelfManagedEventSourceArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSourceAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .functionName(exampleAwsLambdaFunction.arn())\n .topics(\"Example\")\n .startingPosition(\"TRIM_HORIZON\")\n .selfManagedEventSource(EventSourceMappingSelfManagedEventSourceArgs.builder()\n .endpoints(Map.of(\"KAFKA_BOOTSTRAP_SERVERS\", \"kafka1.example.com:9092,kafka2.example.com:9092\"))\n .build())\n .sourceAccessConfigurations( \n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VPC_SUBNET\")\n .uri(\"subnet:subnet-example1\")\n .build(),\n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VPC_SUBNET\")\n .uri(\"subnet:subnet-example2\")\n .build(),\n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VPC_SECURITY_GROUP\")\n .uri(\"security_group:sg-example\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n functionName: ${exampleAwsLambdaFunction.arn}\n topics:\n - Example\n startingPosition: TRIM_HORIZON\n selfManagedEventSource:\n endpoints:\n KAFKA_BOOTSTRAP_SERVERS: kafka1.example.com:9092,kafka2.example.com:9092\n sourceAccessConfigurations:\n - type: VPC_SUBNET\n uri: subnet:subnet-example1\n - type: VPC_SUBNET\n uri: subnet:subnet-example2\n - type: VPC_SECURITY_GROUP\n uri: security_group:sg-example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SQS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: sqsQueueTest.arn,\n functionName: exampleAwsLambdaFunction.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=sqs_queue_test[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = sqsQueueTest.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(sqsQueueTest.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .eventSourceArn(sqsQueueTest.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${sqsQueueTest.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SQS with event filter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n eventSourceArn: sqsQueueTest.arn,\n functionName: exampleAwsLambdaFunction.arn,\n filterCriteria: {\n filters: [{\n pattern: JSON.stringify({\n body: {\n Temperature: [{\n numeric: [\n \"\u003e\",\n 0,\n \"\u003c=\",\n 100,\n ],\n }],\n Location: [\"New York\"],\n },\n }),\n }],\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n event_source_arn=sqs_queue_test[\"arn\"],\n function_name=example_aws_lambda_function[\"arn\"],\n filter_criteria=aws.lambda_.EventSourceMappingFilterCriteriaArgs(\n filters=[aws.lambda_.EventSourceMappingFilterCriteriaFilterArgs(\n pattern=json.dumps({\n \"body\": {\n \"Temperature\": [{\n \"numeric\": [\n \"\u003e\",\n 0,\n \"\u003c=\",\n 100,\n ],\n }],\n \"Location\": [\"New York\"],\n },\n }),\n )],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n EventSourceArn = sqsQueueTest.Arn,\n FunctionName = exampleAwsLambdaFunction.Arn,\n FilterCriteria = new Aws.Lambda.Inputs.EventSourceMappingFilterCriteriaArgs\n {\n Filters = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingFilterCriteriaFilterArgs\n {\n Pattern = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"body\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Temperature\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"numeric\"] = new object?[]\n {\n \"\u003e\",\n 0,\n \"\u003c=\",\n 100,\n },\n },\n },\n [\"Location\"] = new[]\n {\n \"New York\",\n },\n },\n }),\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"body\": map[string]interface{}{\n\t\t\t\t\"Temperature\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"numeric\": []interface{}{\n\t\t\t\t\t\t\t\"\u003e\",\n\t\t\t\t\t\t\t0,\n\t\t\t\t\t\t\t\"\u003c=\",\n\t\t\t\t\t\t\t100,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"Location\": []string{\n\t\t\t\t\t\"New York\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tEventSourceArn: pulumi.Any(sqsQueueTest.Arn),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tFilterCriteria: \u0026lambda.EventSourceMappingFilterCriteriaArgs{\n\t\t\t\tFilters: lambda.EventSourceMappingFilterCriteriaFilterArray{\n\t\t\t\t\t\u0026lambda.EventSourceMappingFilterCriteriaFilterArgs{\n\t\t\t\t\t\tPattern: pulumi.String(json0),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingFilterCriteriaArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .eventSourceArn(sqsQueueTest.arn())\n .functionName(exampleAwsLambdaFunction.arn())\n .filterCriteria(EventSourceMappingFilterCriteriaArgs.builder()\n .filters(EventSourceMappingFilterCriteriaFilterArgs.builder()\n .pattern(serializeJson(\n jsonObject(\n jsonProperty(\"body\", jsonObject(\n jsonProperty(\"Temperature\", jsonArray(jsonObject(\n jsonProperty(\"numeric\", jsonArray(\n \"\u003e\", \n 0, \n \"\u003c=\", \n 100\n ))\n ))),\n jsonProperty(\"Location\", jsonArray(\"New York\"))\n ))\n )))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n eventSourceArn: ${sqsQueueTest.arn}\n functionName: ${exampleAwsLambdaFunction.arn}\n filterCriteria:\n filters:\n - pattern:\n fn::toJSON:\n body:\n Temperature:\n - numeric:\n - '\u003e'\n - 0\n - \u003c=\n - 100\n Location:\n - New York\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Amazon MQ (ActiveMQ)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n batchSize: 10,\n eventSourceArn: exampleAwsMqBroker.arn,\n enabled: true,\n functionName: exampleAwsLambdaFunction.arn,\n queues: \"example\",\n sourceAccessConfigurations: [{\n type: \"BASIC_AUTH\",\n uri: exampleAwsSecretsmanagerSecretVersion.arn,\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n batch_size=10,\n event_source_arn=example_aws_mq_broker[\"arn\"],\n enabled=True,\n function_name=example_aws_lambda_function[\"arn\"],\n queues=\"example\",\n source_access_configurations=[aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"BASIC_AUTH\",\n uri=example_aws_secretsmanager_secret_version[\"arn\"],\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n BatchSize = 10,\n EventSourceArn = exampleAwsMqBroker.Arn,\n Enabled = true,\n FunctionName = exampleAwsLambdaFunction.Arn,\n Queues = \"example\",\n SourceAccessConfigurations = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"BASIC_AUTH\",\n Uri = exampleAwsSecretsmanagerSecretVersion.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tBatchSize: pulumi.Int(10),\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsMqBroker.Arn),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tQueues: pulumi.String(\"example\"),\n\t\t\tSourceAccessConfigurations: lambda.EventSourceMappingSourceAccessConfigurationArray{\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"BASIC_AUTH\"),\n\t\t\t\t\tUri: pulumi.Any(exampleAwsSecretsmanagerSecretVersion.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSourceAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .batchSize(10)\n .eventSourceArn(exampleAwsMqBroker.arn())\n .enabled(true)\n .functionName(exampleAwsLambdaFunction.arn())\n .queues(\"example\")\n .sourceAccessConfigurations(EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"BASIC_AUTH\")\n .uri(exampleAwsSecretsmanagerSecretVersion.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n batchSize: 10\n eventSourceArn: ${exampleAwsMqBroker.arn}\n enabled: true\n functionName: ${exampleAwsLambdaFunction.arn}\n queues: example\n sourceAccessConfigurations:\n - type: BASIC_AUTH\n uri: ${exampleAwsSecretsmanagerSecretVersion.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Amazon MQ (RabbitMQ)\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.EventSourceMapping(\"example\", {\n batchSize: 1,\n eventSourceArn: exampleAwsMqBroker.arn,\n enabled: true,\n functionName: exampleAwsLambdaFunction.arn,\n queues: \"example\",\n sourceAccessConfigurations: [\n {\n type: \"VIRTUAL_HOST\",\n uri: \"/example\",\n },\n {\n type: \"BASIC_AUTH\",\n uri: exampleAwsSecretsmanagerSecretVersion.arn,\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.EventSourceMapping(\"example\",\n batch_size=1,\n event_source_arn=example_aws_mq_broker[\"arn\"],\n enabled=True,\n function_name=example_aws_lambda_function[\"arn\"],\n queues=\"example\",\n source_access_configurations=[\n aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"VIRTUAL_HOST\",\n uri=\"/example\",\n ),\n aws.lambda_.EventSourceMappingSourceAccessConfigurationArgs(\n type=\"BASIC_AUTH\",\n uri=example_aws_secretsmanager_secret_version[\"arn\"],\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.EventSourceMapping(\"example\", new()\n {\n BatchSize = 1,\n EventSourceArn = exampleAwsMqBroker.Arn,\n Enabled = true,\n FunctionName = exampleAwsLambdaFunction.Arn,\n Queues = \"example\",\n SourceAccessConfigurations = new[]\n {\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"VIRTUAL_HOST\",\n Uri = \"/example\",\n },\n new Aws.Lambda.Inputs.EventSourceMappingSourceAccessConfigurationArgs\n {\n Type = \"BASIC_AUTH\",\n Uri = exampleAwsSecretsmanagerSecretVersion.Arn,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewEventSourceMapping(ctx, \"example\", \u0026lambda.EventSourceMappingArgs{\n\t\t\tBatchSize: pulumi.Int(1),\n\t\t\tEventSourceArn: pulumi.Any(exampleAwsMqBroker.Arn),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tFunctionName: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\tQueues: pulumi.String(\"example\"),\n\t\t\tSourceAccessConfigurations: lambda.EventSourceMappingSourceAccessConfigurationArray{\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"VIRTUAL_HOST\"),\n\t\t\t\t\tUri: pulumi.String(\"/example\"),\n\t\t\t\t},\n\t\t\t\t\u0026lambda.EventSourceMappingSourceAccessConfigurationArgs{\n\t\t\t\t\tType: pulumi.String(\"BASIC_AUTH\"),\n\t\t\t\t\tUri: pulumi.Any(exampleAwsSecretsmanagerSecretVersion.Arn),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.EventSourceMapping;\nimport com.pulumi.aws.lambda.EventSourceMappingArgs;\nimport com.pulumi.aws.lambda.inputs.EventSourceMappingSourceAccessConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new EventSourceMapping(\"example\", EventSourceMappingArgs.builder() \n .batchSize(1)\n .eventSourceArn(exampleAwsMqBroker.arn())\n .enabled(true)\n .functionName(exampleAwsLambdaFunction.arn())\n .queues(\"example\")\n .sourceAccessConfigurations( \n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"VIRTUAL_HOST\")\n .uri(\"/example\")\n .build(),\n EventSourceMappingSourceAccessConfigurationArgs.builder()\n .type(\"BASIC_AUTH\")\n .uri(exampleAwsSecretsmanagerSecretVersion.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:EventSourceMapping\n properties:\n batchSize: 1\n eventSourceArn: ${exampleAwsMqBroker.arn}\n enabled: true\n functionName: ${exampleAwsLambdaFunction.arn}\n queues: example\n sourceAccessConfigurations:\n - type: VIRTUAL_HOST\n uri: /example\n - type: BASIC_AUTH\n uri: ${exampleAwsSecretsmanagerSecretVersion.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lambda event source mappings using the `UUID` (event source mapping identifier). For example:\n\n```sh\n$ pulumi import aws:lambda/eventSourceMapping:EventSourceMapping event_source_mapping 12345kxodurf3443\n```\n", "properties": { "amazonManagedKafkaEventSourceConfig": { "$ref": "#/types/aws:lambda/EventSourceMappingAmazonManagedKafkaEventSourceConfig:EventSourceMappingAmazonManagedKafkaEventSourceConfig", @@ -267559,7 +267559,7 @@ } }, "aws:lambda/function:Function": { - "description": "Provides a Lambda Function resource. Lambda allows you to trigger execution of code in response to events in AWS, enabling serverless backend solutions. The Lambda Function itself includes source code and runtime configuration.\n\nFor information about Lambda and how to use it, see [What is AWS Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html)\n\n\n\u003e **NOTE:** Due to [AWS Lambda improved VPC networking changes that began deploying in September 2019](https://aws.amazon.com/blogs/compute/announcing-improved-vpc-networking-for-aws-lambda-functions/), EC2 subnets and security groups associated with Lambda Functions can take up to 45 minutes to successfully delete.\n\n\u003e **NOTE:** If you get a `KMSAccessDeniedException: Lambda was unable to decrypt the environment variables because KMS access was denied` error when invoking an `aws.lambda.Function` with environment variables, the IAM role associated with the function may have been deleted and recreated _after_ the function was created. You can fix the problem two ways: 1) updating the function's role to another role and then updating it back again to the recreated role, or 2) by using Pulumi to `taint` the function and `apply` your configuration again to recreate the function. (When you create a function, Lambda grants permissions on the KMS key to the function's IAM role. If the IAM role is recreated, the grant is no longer valid. Changing the function's role or recreating the function causes Lambda to update the grant.)\n\n\u003e To give an external source (like an EventBridge Rule, SNS, or S3) permission to access the Lambda function, use the `aws.lambda.Permission` resource. See [Lambda Permission Model](https://docs.aws.amazon.com/lambda/latest/dg/intro-permission-model.html) for more details. On the other hand, the `role` argument of this resource is the function's execution role for identity and access to AWS services and resources.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as archive from \"@pulumi/archive\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst lambda = archive.getFile({\n type: \"zip\",\n sourceFile: \"lambda.js\",\n outputPath: \"lambda_function_payload.zip\",\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n code: new pulumi.asset.FileArchive(\"lambda_function_payload.zip\"),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"index.test\",\n sourceCodeHash: lambda.then(lambda =\u003e lambda.outputBase64sha256),\n runtime: aws.lambda.Runtime.NodeJS18dX,\n environment: {\n variables: {\n foo: \"bar\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_archive as archive\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\nlambda_ = archive.get_file(type=\"zip\",\n source_file=\"lambda.js\",\n output_path=\"lambda_function_payload.zip\")\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n code=pulumi.FileArchive(\"lambda_function_payload.zip\"),\n name=\"lambda_function_name\",\n role=iam_for_lambda.arn,\n handler=\"index.test\",\n source_code_hash=lambda_.output_base64sha256,\n runtime=aws.lambda_.Runtime.NODE_JS18D_X,\n environment=aws.lambda_.FunctionEnvironmentArgs(\n variables={\n \"foo\": \"bar\",\n },\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Archive = Pulumi.Archive;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambda = Archive.GetFile.Invoke(new()\n {\n Type = \"zip\",\n SourceFile = \"lambda.js\",\n OutputPath = \"lambda_function_payload.zip\",\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Code = new FileArchive(\"lambda_function_payload.zip\"),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"index.test\",\n SourceCodeHash = lambda.Apply(getFileResult =\u003e getFileResult.OutputBase64sha256),\n Runtime = Aws.Lambda.Runtime.NodeJS18dX,\n Environment = new Aws.Lambda.Inputs.FunctionEnvironmentArgs\n {\n Variables = \n {\n { \"foo\", \"bar\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-archive/sdk/go/archive\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambda, err := archive.LookupFile(ctx, \u0026archive.LookupFileArgs{\n\t\t\tType: \"zip\",\n\t\t\tSourceFile: pulumi.StringRef(\"lambda.js\"),\n\t\t\tOutputPath: \"lambda_function_payload.zip\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda_function_payload.zip\"),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"index.test\"),\n\t\t\tSourceCodeHash: pulumi.String(lambda.OutputBase64sha256),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS18dX),\n\t\t\tEnvironment: \u0026lambda.FunctionEnvironmentArgs{\n\t\t\t\tVariables: pulumi.StringMap{\n\t\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.archive.ArchiveFunctions;\nimport com.pulumi.archive.inputs.GetFileArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionEnvironmentArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder() \n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var lambda = ArchiveFunctions.getFile(GetFileArgs.builder()\n .type(\"zip\")\n .sourceFile(\"lambda.js\")\n .outputPath(\"lambda_function_payload.zip\")\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder() \n .code(new FileArchive(\"lambda_function_payload.zip\"))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"index.test\")\n .sourceCodeHash(lambda.applyValue(getFileResult -\u003e getFileResult.outputBase64sha256()))\n .runtime(\"nodejs18.x\")\n .environment(FunctionEnvironmentArgs.builder()\n .variables(Map.of(\"foo\", \"bar\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n code:\n fn::FileArchive: lambda_function_payload.zip\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: index.test\n sourceCodeHash: ${lambda.outputBase64sha256}\n runtime: nodejs18.x\n environment:\n variables:\n foo: bar\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n lambda:\n fn::invoke:\n Function: archive:getFile\n Arguments:\n type: zip\n sourceFile: lambda.js\n outputPath: lambda_function_payload.zip\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Layers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.LayerVersion(\"example\", {});\nconst exampleFunction = new aws.lambda.Function(\"example\", {layers: [example.arn]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.LayerVersion(\"example\")\nexample_function = aws.lambda_.Function(\"example\", layers=[example.arn])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.LayerVersion(\"example\");\n\n var exampleFunction = new Aws.Lambda.Function(\"example\", new()\n {\n Layers = new[]\n {\n example.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lambda.NewLayerVersion(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"example\", \u0026lambda.FunctionArgs{\n\t\t\tLayers: pulumi.StringArray{\n\t\t\t\texample.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LayerVersion;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LayerVersion(\"example\");\n\n var exampleFunction = new Function(\"exampleFunction\", FunctionArgs.builder() \n .layers(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:LayerVersion\n exampleFunction:\n type: aws:lambda:Function\n name: example\n properties:\n layers:\n - ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Ephemeral Storage\n\nLambda Function Ephemeral Storage(`/tmp`) allows you to configure the storage upto `10` GB. The default value set to `512` MB.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n code: new pulumi.asset.FileArchive(\"lambda_function_payload.zip\"),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"index.test\",\n runtime: aws.lambda.Runtime.NodeJS18dX,\n ephemeralStorage: {\n size: 10240,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n code=pulumi.FileArchive(\"lambda_function_payload.zip\"),\n name=\"lambda_function_name\",\n role=iam_for_lambda.arn,\n handler=\"index.test\",\n runtime=aws.lambda_.Runtime.NODE_JS18D_X,\n ephemeral_storage=aws.lambda_.FunctionEphemeralStorageArgs(\n size=10240,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Code = new FileArchive(\"lambda_function_payload.zip\"),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"index.test\",\n Runtime = Aws.Lambda.Runtime.NodeJS18dX,\n EphemeralStorage = new Aws.Lambda.Inputs.FunctionEphemeralStorageArgs\n {\n Size = 10240,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda_function_payload.zip\"),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"index.test\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS18dX),\n\t\t\tEphemeralStorage: \u0026lambda.FunctionEphemeralStorageArgs{\n\t\t\t\tSize: pulumi.Int(10240),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionEphemeralStorageArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder() \n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder() \n .code(new FileArchive(\"lambda_function_payload.zip\"))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"index.test\")\n .runtime(\"nodejs18.x\")\n .ephemeralStorage(FunctionEphemeralStorageArgs.builder()\n .size(10240)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n code:\n fn::FileArchive: lambda_function_payload.zip\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: index.test\n runtime: nodejs18.x\n ephemeralStorage:\n size: 10240\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda File Systems\n\nLambda File Systems allow you to connect an Amazon Elastic File System (EFS) file system to a Lambda function to share data across function invocations, access existing data including large files, and save function state.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// EFS file system\nconst efsForLambda = new aws.efs.FileSystem(\"efs_for_lambda\", {tags: {\n Name: \"efs_for_lambda\",\n}});\n// EFS access point used by lambda file system\nconst accessPointForLambda = new aws.efs.AccessPoint(\"access_point_for_lambda\", {\n fileSystemId: efsForLambda.id,\n rootDirectory: {\n path: \"/lambda\",\n creationInfo: {\n ownerGid: 1000,\n ownerUid: 1000,\n permissions: \"777\",\n },\n },\n posixUser: {\n gid: 1000,\n uid: 1000,\n },\n});\n// A lambda function connected to an EFS file system\nconst example = new aws.lambda.Function(\"example\", {\n fileSystemConfig: {\n arn: accessPointForLambda.arn,\n localMountPath: \"/mnt/efs\",\n },\n vpcConfig: {\n subnetIds: [subnetForLambda.id],\n securityGroupIds: [sgForLambda.id],\n },\n});\n// Mount target connects the file system to the subnet\nconst alpha = new aws.efs.MountTarget(\"alpha\", {\n fileSystemId: efsForLambda.id,\n subnetId: subnetForLambda.id,\n securityGroups: [sgForLambda.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# EFS file system\nefs_for_lambda = aws.efs.FileSystem(\"efs_for_lambda\", tags={\n \"Name\": \"efs_for_lambda\",\n})\n# EFS access point used by lambda file system\naccess_point_for_lambda = aws.efs.AccessPoint(\"access_point_for_lambda\",\n file_system_id=efs_for_lambda.id,\n root_directory=aws.efs.AccessPointRootDirectoryArgs(\n path=\"/lambda\",\n creation_info=aws.efs.AccessPointRootDirectoryCreationInfoArgs(\n owner_gid=1000,\n owner_uid=1000,\n permissions=\"777\",\n ),\n ),\n posix_user=aws.efs.AccessPointPosixUserArgs(\n gid=1000,\n uid=1000,\n ))\n# A lambda function connected to an EFS file system\nexample = aws.lambda_.Function(\"example\",\n file_system_config=aws.lambda_.FunctionFileSystemConfigArgs(\n arn=access_point_for_lambda.arn,\n local_mount_path=\"/mnt/efs\",\n ),\n vpc_config=aws.lambda_.FunctionVpcConfigArgs(\n subnet_ids=[subnet_for_lambda[\"id\"]],\n security_group_ids=[sg_for_lambda[\"id\"]],\n ))\n# Mount target connects the file system to the subnet\nalpha = aws.efs.MountTarget(\"alpha\",\n file_system_id=efs_for_lambda.id,\n subnet_id=subnet_for_lambda[\"id\"],\n security_groups=[sg_for_lambda[\"id\"]])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // EFS file system\n var efsForLambda = new Aws.Efs.FileSystem(\"efs_for_lambda\", new()\n {\n Tags = \n {\n { \"Name\", \"efs_for_lambda\" },\n },\n });\n\n // EFS access point used by lambda file system\n var accessPointForLambda = new Aws.Efs.AccessPoint(\"access_point_for_lambda\", new()\n {\n FileSystemId = efsForLambda.Id,\n RootDirectory = new Aws.Efs.Inputs.AccessPointRootDirectoryArgs\n {\n Path = \"/lambda\",\n CreationInfo = new Aws.Efs.Inputs.AccessPointRootDirectoryCreationInfoArgs\n {\n OwnerGid = 1000,\n OwnerUid = 1000,\n Permissions = \"777\",\n },\n },\n PosixUser = new Aws.Efs.Inputs.AccessPointPosixUserArgs\n {\n Gid = 1000,\n Uid = 1000,\n },\n });\n\n // A lambda function connected to an EFS file system\n var example = new Aws.Lambda.Function(\"example\", new()\n {\n FileSystemConfig = new Aws.Lambda.Inputs.FunctionFileSystemConfigArgs\n {\n Arn = accessPointForLambda.Arn,\n LocalMountPath = \"/mnt/efs\",\n },\n VpcConfig = new Aws.Lambda.Inputs.FunctionVpcConfigArgs\n {\n SubnetIds = new[]\n {\n subnetForLambda.Id,\n },\n SecurityGroupIds = new[]\n {\n sgForLambda.Id,\n },\n },\n });\n\n // Mount target connects the file system to the subnet\n var alpha = new Aws.Efs.MountTarget(\"alpha\", new()\n {\n FileSystemId = efsForLambda.Id,\n SubnetId = subnetForLambda.Id,\n SecurityGroups = new[]\n {\n sgForLambda.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// EFS file system\n\t\tefsForLambda, err := efs.NewFileSystem(ctx, \"efs_for_lambda\", \u0026efs.FileSystemArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"efs_for_lambda\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// EFS access point used by lambda file system\n\t\taccessPointForLambda, err := efs.NewAccessPoint(ctx, \"access_point_for_lambda\", \u0026efs.AccessPointArgs{\n\t\t\tFileSystemId: efsForLambda.ID(),\n\t\t\tRootDirectory: \u0026efs.AccessPointRootDirectoryArgs{\n\t\t\t\tPath: pulumi.String(\"/lambda\"),\n\t\t\t\tCreationInfo: \u0026efs.AccessPointRootDirectoryCreationInfoArgs{\n\t\t\t\t\tOwnerGid: pulumi.Int(1000),\n\t\t\t\t\tOwnerUid: pulumi.Int(1000),\n\t\t\t\t\tPermissions: pulumi.String(\"777\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPosixUser: \u0026efs.AccessPointPosixUserArgs{\n\t\t\t\tGid: pulumi.Int(1000),\n\t\t\t\tUid: pulumi.Int(1000),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// A lambda function connected to an EFS file system\n\t\t_, err = lambda.NewFunction(ctx, \"example\", \u0026lambda.FunctionArgs{\n\t\t\tFileSystemConfig: \u0026lambda.FunctionFileSystemConfigArgs{\n\t\t\t\tArn: accessPointForLambda.Arn,\n\t\t\t\tLocalMountPath: pulumi.String(\"/mnt/efs\"),\n\t\t\t},\n\t\t\tVpcConfig: \u0026lambda.FunctionVpcConfigArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tsubnetForLambda.Id,\n\t\t\t\t},\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsgForLambda.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Mount target connects the file system to the subnet\n\t\t_, err = efs.NewMountTarget(ctx, \"alpha\", \u0026efs.MountTargetArgs{\n\t\t\tFileSystemId: efsForLambda.ID(),\n\t\t\tSubnetId: pulumi.Any(subnetForLambda.Id),\n\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\tsgForLambda.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.FileSystem;\nimport com.pulumi.aws.efs.FileSystemArgs;\nimport com.pulumi.aws.efs.AccessPoint;\nimport com.pulumi.aws.efs.AccessPointArgs;\nimport com.pulumi.aws.efs.inputs.AccessPointRootDirectoryArgs;\nimport com.pulumi.aws.efs.inputs.AccessPointRootDirectoryCreationInfoArgs;\nimport com.pulumi.aws.efs.inputs.AccessPointPosixUserArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionFileSystemConfigArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionVpcConfigArgs;\nimport com.pulumi.aws.efs.MountTarget;\nimport com.pulumi.aws.efs.MountTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // EFS file system\n var efsForLambda = new FileSystem(\"efsForLambda\", FileSystemArgs.builder() \n .tags(Map.of(\"Name\", \"efs_for_lambda\"))\n .build());\n\n // EFS access point used by lambda file system\n var accessPointForLambda = new AccessPoint(\"accessPointForLambda\", AccessPointArgs.builder() \n .fileSystemId(efsForLambda.id())\n .rootDirectory(AccessPointRootDirectoryArgs.builder()\n .path(\"/lambda\")\n .creationInfo(AccessPointRootDirectoryCreationInfoArgs.builder()\n .ownerGid(1000)\n .ownerUid(1000)\n .permissions(\"777\")\n .build())\n .build())\n .posixUser(AccessPointPosixUserArgs.builder()\n .gid(1000)\n .uid(1000)\n .build())\n .build());\n\n // A lambda function connected to an EFS file system\n var example = new Function(\"example\", FunctionArgs.builder() \n .fileSystemConfig(FunctionFileSystemConfigArgs.builder()\n .arn(accessPointForLambda.arn())\n .localMountPath(\"/mnt/efs\")\n .build())\n .vpcConfig(FunctionVpcConfigArgs.builder()\n .subnetIds(subnetForLambda.id())\n .securityGroupIds(sgForLambda.id())\n .build())\n .build());\n\n // Mount target connects the file system to the subnet\n var alpha = new MountTarget(\"alpha\", MountTargetArgs.builder() \n .fileSystemId(efsForLambda.id())\n .subnetId(subnetForLambda.id())\n .securityGroups(sgForLambda.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # A lambda function connected to an EFS file system\n example:\n type: aws:lambda:Function\n properties:\n fileSystemConfig:\n arn: ${accessPointForLambda.arn}\n localMountPath: /mnt/efs\n vpcConfig:\n subnetIds:\n - ${subnetForLambda.id}\n securityGroupIds:\n - ${sgForLambda.id}\n # EFS file system\n efsForLambda:\n type: aws:efs:FileSystem\n name: efs_for_lambda\n properties:\n tags:\n Name: efs_for_lambda\n # Mount target connects the file system to the subnet\n alpha:\n type: aws:efs:MountTarget\n properties:\n fileSystemId: ${efsForLambda.id}\n subnetId: ${subnetForLambda.id}\n securityGroups:\n - ${sgForLambda.id}\n # EFS access point used by lambda file system\n accessPointForLambda:\n type: aws:efs:AccessPoint\n name: access_point_for_lambda\n properties:\n fileSystemId: ${efsForLambda.id}\n rootDirectory:\n path: /lambda\n creationInfo:\n ownerGid: 1000\n ownerUid: 1000\n permissions: '777'\n posixUser:\n gid: 1000\n uid: 1000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda retries\n\nLambda Functions allow you to configure error handling for asynchronous invocation. The settings that it supports are `Maximum age of event` and `Retry attempts` as stated in [Lambda documentation for Configuring error handling for asynchronous invocation](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-errors). To configure these settings, refer to the aws.lambda.FunctionEventInvokeConfig resource.\n\n## CloudWatch Logging and Permissions\n\nFor more information about CloudWatch Logs for Lambda, see the [Lambda User Guide](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-functions-logs.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lambdaFunctionName = config.get(\"lambdaFunctionName\") || \"lambda_function_name\";\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n name: lambdaFunctionName,\n loggingConfig: {\n logFormat: \"Text\",\n },\n});\n// This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n// If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\nconst example = new aws.cloudwatch.LogGroup(\"example\", {\n name: `/aws/lambda/${lambdaFunctionName}`,\n retentionInDays: 14,\n});\n// See also the following AWS managed policy: AWSLambdaBasicExecutionRole\nconst lambdaLogging = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources: [\"arn:aws:logs:*:*:*\"],\n }],\n});\nconst lambdaLoggingPolicy = new aws.iam.Policy(\"lambda_logging\", {\n name: \"lambda_logging\",\n path: \"/\",\n description: \"IAM policy for logging from a lambda\",\n policy: lambdaLogging.then(lambdaLogging =\u003e lambdaLogging.json),\n});\nconst lambdaLogs = new aws.iam.RolePolicyAttachment(\"lambda_logs\", {\n role: iamForLambda.name,\n policyArn: lambdaLoggingPolicy.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlambda_function_name = config.get(\"lambdaFunctionName\")\nif lambda_function_name is None:\n lambda_function_name = \"lambda_function_name\"\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n name=lambda_function_name,\n logging_config=aws.lambda_.FunctionLoggingConfigArgs(\n log_format=\"Text\",\n ))\n# This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n# If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\nexample = aws.cloudwatch.LogGroup(\"example\",\n name=f\"/aws/lambda/{lambda_function_name}\",\n retention_in_days=14)\n# See also the following AWS managed policy: AWSLambdaBasicExecutionRole\nlambda_logging = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources=[\"arn:aws:logs:*:*:*\"],\n)])\nlambda_logging_policy = aws.iam.Policy(\"lambda_logging\",\n name=\"lambda_logging\",\n path=\"/\",\n description=\"IAM policy for logging from a lambda\",\n policy=lambda_logging.json)\nlambda_logs = aws.iam.RolePolicyAttachment(\"lambda_logs\",\n role=iam_for_lambda[\"name\"],\n policy_arn=lambda_logging_policy.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var lambdaFunctionName = config.Get(\"lambdaFunctionName\") ?? \"lambda_function_name\";\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Name = lambdaFunctionName,\n LoggingConfig = new Aws.Lambda.Inputs.FunctionLoggingConfigArgs\n {\n LogFormat = \"Text\",\n },\n });\n\n // This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n // If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = $\"/aws/lambda/{lambdaFunctionName}\",\n RetentionInDays = 14,\n });\n\n // See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n var lambdaLogging = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*:*:*\",\n },\n },\n },\n });\n\n var lambdaLoggingPolicy = new Aws.Iam.Policy(\"lambda_logging\", new()\n {\n Name = \"lambda_logging\",\n Path = \"/\",\n Description = \"IAM policy for logging from a lambda\",\n PolicyDocument = lambdaLogging.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambdaLogs = new Aws.Iam.RolePolicyAttachment(\"lambda_logs\", new()\n {\n Role = iamForLambda.Name,\n PolicyArn = lambdaLoggingPolicy.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlambdaFunctionName := \"lambda_function_name\"\n\t\tif param := cfg.Get(\"lambdaFunctionName\"); param != \"\" {\n\t\t\tlambdaFunctionName = param\n\t\t}\n\t\t_, err := lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tName: pulumi.String(lambdaFunctionName),\n\t\t\tLoggingConfig: \u0026lambda.FunctionLoggingConfigArgs{\n\t\t\t\tLogFormat: pulumi.String(\"Text\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n\t\t// If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n\t\t_, err = cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"/aws/lambda/%v\", lambdaFunctionName)),\n\t\t\tRetentionInDays: pulumi.Int(14),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n\t\tlambdaLogging, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:CreateLogGroup\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*:*:*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaLoggingPolicy, err := iam.NewPolicy(ctx, \"lambda_logging\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"lambda_logging\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tDescription: pulumi.String(\"IAM policy for logging from a lambda\"),\n\t\t\tPolicy: pulumi.String(lambdaLogging.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"lambda_logs\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: pulumi.Any(iamForLambda.Name),\n\t\t\tPolicyArn: lambdaLoggingPolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionLoggingConfigArgs;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var lambdaFunctionName = config.get(\"lambdaFunctionName\").orElse(\"lambda_function_name\");\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder() \n .name(lambdaFunctionName)\n .loggingConfig(FunctionLoggingConfigArgs.builder()\n .logFormat(\"Text\")\n .build())\n .build());\n\n // This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n // If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n var example = new LogGroup(\"example\", LogGroupArgs.builder() \n .name(String.format(\"/aws/lambda/%s\", lambdaFunctionName))\n .retentionInDays(14)\n .build());\n\n // See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n final var lambdaLogging = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\")\n .resources(\"arn:aws:logs:*:*:*\")\n .build())\n .build());\n\n var lambdaLoggingPolicy = new Policy(\"lambdaLoggingPolicy\", PolicyArgs.builder() \n .name(\"lambda_logging\")\n .path(\"/\")\n .description(\"IAM policy for logging from a lambda\")\n .policy(lambdaLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var lambdaLogs = new RolePolicyAttachment(\"lambdaLogs\", RolePolicyAttachmentArgs.builder() \n .role(iamForLambda.name())\n .policyArn(lambdaLoggingPolicy.arn())\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n lambdaFunctionName:\n type: string\n default: lambda_function_name\nresources:\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n name: ${lambdaFunctionName}\n loggingConfig:\n logFormat: Text\n # This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n # If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: /aws/lambda/${lambdaFunctionName}\n retentionInDays: 14\n lambdaLoggingPolicy:\n type: aws:iam:Policy\n name: lambda_logging\n properties:\n name: lambda_logging\n path: /\n description: IAM policy for logging from a lambda\n policy: ${lambdaLogging.json}\n lambdaLogs:\n type: aws:iam:RolePolicyAttachment\n name: lambda_logs\n properties:\n role: ${iamForLambda.name}\n policyArn: ${lambdaLoggingPolicy.arn}\nvariables:\n # See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n lambdaLogging:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - logs:CreateLogGroup\n - logs:CreateLogStream\n - logs:PutLogEvents\n resources:\n - arn:aws:logs:*:*:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Specifying the Deployment Package\n\nAWS Lambda expects source code to be provided as a deployment package whose structure varies depending on which `runtime` is in use. See [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for the valid values of `runtime`. The expected structure of the deployment package can be found in [the AWS Lambda documentation for each runtime](https://docs.aws.amazon.com/lambda/latest/dg/deployment-package-v2.html).\n\nOnce you have created your deployment package you can specify it either directly as a local file (using the `filename` argument) or indirectly via Amazon S3 (using the `s3_bucket`, `s3_key` and `s3_object_version` arguments). When providing the deployment package via S3 it may be useful to use the `aws.s3.BucketObjectv2` resource to upload it.\n\nFor larger deployment packages it is recommended by Amazon to upload via S3, since the S3 API has better support for uploading large files efficiently.\n\n## Import\n\nUsing `pulumi import`, import Lambda Functions using the `function_name`. For example:\n\n```sh\n$ pulumi import aws:lambda/function:Function test_lambda my_test_lambda_function\n```\n", + "description": "Provides a Lambda Function resource. Lambda allows you to trigger execution of code in response to events in AWS, enabling serverless backend solutions. The Lambda Function itself includes source code and runtime configuration.\n\nFor information about Lambda and how to use it, see [What is AWS Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html)\n\n\n\u003e **NOTE:** Due to [AWS Lambda improved VPC networking changes that began deploying in September 2019](https://aws.amazon.com/blogs/compute/announcing-improved-vpc-networking-for-aws-lambda-functions/), EC2 subnets and security groups associated with Lambda Functions can take up to 45 minutes to successfully delete.\n\n\u003e **NOTE:** If you get a `KMSAccessDeniedException: Lambda was unable to decrypt the environment variables because KMS access was denied` error when invoking an `aws.lambda.Function` with environment variables, the IAM role associated with the function may have been deleted and recreated _after_ the function was created. You can fix the problem two ways: 1) updating the function's role to another role and then updating it back again to the recreated role, or 2) by using Pulumi to `taint` the function and `apply` your configuration again to recreate the function. (When you create a function, Lambda grants permissions on the KMS key to the function's IAM role. If the IAM role is recreated, the grant is no longer valid. Changing the function's role or recreating the function causes Lambda to update the grant.)\n\n\u003e To give an external source (like an EventBridge Rule, SNS, or S3) permission to access the Lambda function, use the `aws.lambda.Permission` resource. See [Lambda Permission Model](https://docs.aws.amazon.com/lambda/latest/dg/intro-permission-model.html) for more details. On the other hand, the `role` argument of this resource is the function's execution role for identity and access to AWS services and resources.\n\n## Example Usage\n\n### Basic Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as archive from \"@pulumi/archive\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst lambda = archive.getFile({\n type: \"zip\",\n sourceFile: \"lambda.js\",\n outputPath: \"lambda_function_payload.zip\",\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n code: new pulumi.asset.FileArchive(\"lambda_function_payload.zip\"),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"index.test\",\n sourceCodeHash: lambda.then(lambda =\u003e lambda.outputBase64sha256),\n runtime: aws.lambda.Runtime.NodeJS18dX,\n environment: {\n variables: {\n foo: \"bar\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_archive as archive\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\nlambda_ = archive.get_file(type=\"zip\",\n source_file=\"lambda.js\",\n output_path=\"lambda_function_payload.zip\")\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n code=pulumi.FileArchive(\"lambda_function_payload.zip\"),\n name=\"lambda_function_name\",\n role=iam_for_lambda.arn,\n handler=\"index.test\",\n source_code_hash=lambda_.output_base64sha256,\n runtime=aws.lambda_.Runtime.NODE_JS18D_X,\n environment=aws.lambda_.FunctionEnvironmentArgs(\n variables={\n \"foo\": \"bar\",\n },\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Archive = Pulumi.Archive;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambda = Archive.GetFile.Invoke(new()\n {\n Type = \"zip\",\n SourceFile = \"lambda.js\",\n OutputPath = \"lambda_function_payload.zip\",\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Code = new FileArchive(\"lambda_function_payload.zip\"),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"index.test\",\n SourceCodeHash = lambda.Apply(getFileResult =\u003e getFileResult.OutputBase64sha256),\n Runtime = Aws.Lambda.Runtime.NodeJS18dX,\n Environment = new Aws.Lambda.Inputs.FunctionEnvironmentArgs\n {\n Variables = \n {\n { \"foo\", \"bar\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-archive/sdk/go/archive\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambda, err := archive.LookupFile(ctx, \u0026archive.LookupFileArgs{\n\t\t\tType: \"zip\",\n\t\t\tSourceFile: pulumi.StringRef(\"lambda.js\"),\n\t\t\tOutputPath: \"lambda_function_payload.zip\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda_function_payload.zip\"),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"index.test\"),\n\t\t\tSourceCodeHash: pulumi.String(lambda.OutputBase64sha256),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS18dX),\n\t\t\tEnvironment: \u0026lambda.FunctionEnvironmentArgs{\n\t\t\t\tVariables: pulumi.StringMap{\n\t\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.archive.ArchiveFunctions;\nimport com.pulumi.archive.inputs.GetFileArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionEnvironmentArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder() \n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n final var lambda = ArchiveFunctions.getFile(GetFileArgs.builder()\n .type(\"zip\")\n .sourceFile(\"lambda.js\")\n .outputPath(\"lambda_function_payload.zip\")\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder() \n .code(new FileArchive(\"lambda_function_payload.zip\"))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"index.test\")\n .sourceCodeHash(lambda.applyValue(getFileResult -\u003e getFileResult.outputBase64sha256()))\n .runtime(\"nodejs18.x\")\n .environment(FunctionEnvironmentArgs.builder()\n .variables(Map.of(\"foo\", \"bar\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n code:\n fn::FileArchive: lambda_function_payload.zip\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: index.test\n sourceCodeHash: ${lambda.outputBase64sha256}\n runtime: nodejs18.x\n environment:\n variables:\n foo: bar\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n lambda:\n fn::invoke:\n Function: archive:getFile\n Arguments:\n type: zip\n sourceFile: lambda.js\n outputPath: lambda_function_payload.zip\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Layers\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.lambda.LayerVersion(\"example\", {});\nconst exampleFunction = new aws.lambda.Function(\"example\", {layers: [example.arn]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.lambda_.LayerVersion(\"example\")\nexample_function = aws.lambda_.Function(\"example\", layers=[example.arn])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Lambda.LayerVersion(\"example\");\n\n var exampleFunction = new Aws.Lambda.Function(\"example\", new()\n {\n Layers = new[]\n {\n example.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := lambda.NewLayerVersion(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"example\", \u0026lambda.FunctionArgs{\n\t\t\tLayers: pulumi.StringArray{\n\t\t\t\texample.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.LayerVersion;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new LayerVersion(\"example\");\n\n var exampleFunction = new Function(\"exampleFunction\", FunctionArgs.builder() \n .layers(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:lambda:LayerVersion\n exampleFunction:\n type: aws:lambda:Function\n name: example\n properties:\n layers:\n - ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Ephemeral Storage\n\nLambda Function Ephemeral Storage(`/tmp`) allows you to configure the storage upto `10` GB. The default value set to `512` MB.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n code: new pulumi.asset.FileArchive(\"lambda_function_payload.zip\"),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"index.test\",\n runtime: aws.lambda.Runtime.NodeJS18dX,\n ephemeralStorage: {\n size: 10240,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n code=pulumi.FileArchive(\"lambda_function_payload.zip\"),\n name=\"lambda_function_name\",\n role=iam_for_lambda.arn,\n handler=\"index.test\",\n runtime=aws.lambda_.Runtime.NODE_JS18D_X,\n ephemeral_storage=aws.lambda_.FunctionEphemeralStorageArgs(\n size=10240,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Code = new FileArchive(\"lambda_function_payload.zip\"),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"index.test\",\n Runtime = Aws.Lambda.Runtime.NodeJS18dX,\n EphemeralStorage = new Aws.Lambda.Inputs.FunctionEphemeralStorageArgs\n {\n Size = 10240,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambda_function_payload.zip\"),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"index.test\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS18dX),\n\t\t\tEphemeralStorage: \u0026lambda.FunctionEphemeralStorageArgs{\n\t\t\t\tSize: pulumi.Int(10240),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionEphemeralStorageArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder() \n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder() \n .code(new FileArchive(\"lambda_function_payload.zip\"))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"index.test\")\n .runtime(\"nodejs18.x\")\n .ephemeralStorage(FunctionEphemeralStorageArgs.builder()\n .size(10240)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n code:\n fn::FileArchive: lambda_function_payload.zip\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: index.test\n runtime: nodejs18.x\n ephemeralStorage:\n size: 10240\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda File Systems\n\nLambda File Systems allow you to connect an Amazon Elastic File System (EFS) file system to a Lambda function to share data across function invocations, access existing data including large files, and save function state.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// EFS file system\nconst efsForLambda = new aws.efs.FileSystem(\"efs_for_lambda\", {tags: {\n Name: \"efs_for_lambda\",\n}});\n// Mount target connects the file system to the subnet\nconst alpha = new aws.efs.MountTarget(\"alpha\", {\n fileSystemId: efsForLambda.id,\n subnetId: subnetForLambda.id,\n securityGroups: [sgForLambda.id],\n});\n// EFS access point used by lambda file system\nconst accessPointForLambda = new aws.efs.AccessPoint(\"access_point_for_lambda\", {\n fileSystemId: efsForLambda.id,\n rootDirectory: {\n path: \"/lambda\",\n creationInfo: {\n ownerGid: 1000,\n ownerUid: 1000,\n permissions: \"777\",\n },\n },\n posixUser: {\n gid: 1000,\n uid: 1000,\n },\n});\n// A lambda function connected to an EFS file system\nconst example = new aws.lambda.Function(\"example\", {\n fileSystemConfig: {\n arn: accessPointForLambda.arn,\n localMountPath: \"/mnt/efs\",\n },\n vpcConfig: {\n subnetIds: [subnetForLambda.id],\n securityGroupIds: [sgForLambda.id],\n },\n}, {\n dependsOn: [alpha],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# EFS file system\nefs_for_lambda = aws.efs.FileSystem(\"efs_for_lambda\", tags={\n \"Name\": \"efs_for_lambda\",\n})\n# Mount target connects the file system to the subnet\nalpha = aws.efs.MountTarget(\"alpha\",\n file_system_id=efs_for_lambda.id,\n subnet_id=subnet_for_lambda[\"id\"],\n security_groups=[sg_for_lambda[\"id\"]])\n# EFS access point used by lambda file system\naccess_point_for_lambda = aws.efs.AccessPoint(\"access_point_for_lambda\",\n file_system_id=efs_for_lambda.id,\n root_directory=aws.efs.AccessPointRootDirectoryArgs(\n path=\"/lambda\",\n creation_info=aws.efs.AccessPointRootDirectoryCreationInfoArgs(\n owner_gid=1000,\n owner_uid=1000,\n permissions=\"777\",\n ),\n ),\n posix_user=aws.efs.AccessPointPosixUserArgs(\n gid=1000,\n uid=1000,\n ))\n# A lambda function connected to an EFS file system\nexample = aws.lambda_.Function(\"example\",\n file_system_config=aws.lambda_.FunctionFileSystemConfigArgs(\n arn=access_point_for_lambda.arn,\n local_mount_path=\"/mnt/efs\",\n ),\n vpc_config=aws.lambda_.FunctionVpcConfigArgs(\n subnet_ids=[subnet_for_lambda[\"id\"]],\n security_group_ids=[sg_for_lambda[\"id\"]],\n ),\n opts=pulumi.ResourceOptions(depends_on=[alpha]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // EFS file system\n var efsForLambda = new Aws.Efs.FileSystem(\"efs_for_lambda\", new()\n {\n Tags = \n {\n { \"Name\", \"efs_for_lambda\" },\n },\n });\n\n // Mount target connects the file system to the subnet\n var alpha = new Aws.Efs.MountTarget(\"alpha\", new()\n {\n FileSystemId = efsForLambda.Id,\n SubnetId = subnetForLambda.Id,\n SecurityGroups = new[]\n {\n sgForLambda.Id,\n },\n });\n\n // EFS access point used by lambda file system\n var accessPointForLambda = new Aws.Efs.AccessPoint(\"access_point_for_lambda\", new()\n {\n FileSystemId = efsForLambda.Id,\n RootDirectory = new Aws.Efs.Inputs.AccessPointRootDirectoryArgs\n {\n Path = \"/lambda\",\n CreationInfo = new Aws.Efs.Inputs.AccessPointRootDirectoryCreationInfoArgs\n {\n OwnerGid = 1000,\n OwnerUid = 1000,\n Permissions = \"777\",\n },\n },\n PosixUser = new Aws.Efs.Inputs.AccessPointPosixUserArgs\n {\n Gid = 1000,\n Uid = 1000,\n },\n });\n\n // A lambda function connected to an EFS file system\n var example = new Aws.Lambda.Function(\"example\", new()\n {\n FileSystemConfig = new Aws.Lambda.Inputs.FunctionFileSystemConfigArgs\n {\n Arn = accessPointForLambda.Arn,\n LocalMountPath = \"/mnt/efs\",\n },\n VpcConfig = new Aws.Lambda.Inputs.FunctionVpcConfigArgs\n {\n SubnetIds = new[]\n {\n subnetForLambda.Id,\n },\n SecurityGroupIds = new[]\n {\n sgForLambda.Id,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n alpha, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// EFS file system\n\t\tefsForLambda, err := efs.NewFileSystem(ctx, \"efs_for_lambda\", \u0026efs.FileSystemArgs{\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Name\": pulumi.String(\"efs_for_lambda\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Mount target connects the file system to the subnet\n\t\talpha, err := efs.NewMountTarget(ctx, \"alpha\", \u0026efs.MountTargetArgs{\n\t\t\tFileSystemId: efsForLambda.ID(),\n\t\t\tSubnetId: pulumi.Any(subnetForLambda.Id),\n\t\t\tSecurityGroups: pulumi.StringArray{\n\t\t\t\tsgForLambda.Id,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// EFS access point used by lambda file system\n\t\taccessPointForLambda, err := efs.NewAccessPoint(ctx, \"access_point_for_lambda\", \u0026efs.AccessPointArgs{\n\t\t\tFileSystemId: efsForLambda.ID(),\n\t\t\tRootDirectory: \u0026efs.AccessPointRootDirectoryArgs{\n\t\t\t\tPath: pulumi.String(\"/lambda\"),\n\t\t\t\tCreationInfo: \u0026efs.AccessPointRootDirectoryCreationInfoArgs{\n\t\t\t\t\tOwnerGid: pulumi.Int(1000),\n\t\t\t\t\tOwnerUid: pulumi.Int(1000),\n\t\t\t\t\tPermissions: pulumi.String(\"777\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tPosixUser: \u0026efs.AccessPointPosixUserArgs{\n\t\t\t\tGid: pulumi.Int(1000),\n\t\t\t\tUid: pulumi.Int(1000),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// A lambda function connected to an EFS file system\n\t\t_, err = lambda.NewFunction(ctx, \"example\", \u0026lambda.FunctionArgs{\n\t\t\tFileSystemConfig: \u0026lambda.FunctionFileSystemConfigArgs{\n\t\t\t\tArn: accessPointForLambda.Arn,\n\t\t\t\tLocalMountPath: pulumi.String(\"/mnt/efs\"),\n\t\t\t},\n\t\t\tVpcConfig: \u0026lambda.FunctionVpcConfigArgs{\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\tsubnetForLambda.Id,\n\t\t\t\t},\n\t\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\t\tsgForLambda.Id,\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\talpha,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.efs.FileSystem;\nimport com.pulumi.aws.efs.FileSystemArgs;\nimport com.pulumi.aws.efs.MountTarget;\nimport com.pulumi.aws.efs.MountTargetArgs;\nimport com.pulumi.aws.efs.AccessPoint;\nimport com.pulumi.aws.efs.AccessPointArgs;\nimport com.pulumi.aws.efs.inputs.AccessPointRootDirectoryArgs;\nimport com.pulumi.aws.efs.inputs.AccessPointRootDirectoryCreationInfoArgs;\nimport com.pulumi.aws.efs.inputs.AccessPointPosixUserArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionFileSystemConfigArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionVpcConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // EFS file system\n var efsForLambda = new FileSystem(\"efsForLambda\", FileSystemArgs.builder() \n .tags(Map.of(\"Name\", \"efs_for_lambda\"))\n .build());\n\n // Mount target connects the file system to the subnet\n var alpha = new MountTarget(\"alpha\", MountTargetArgs.builder() \n .fileSystemId(efsForLambda.id())\n .subnetId(subnetForLambda.id())\n .securityGroups(sgForLambda.id())\n .build());\n\n // EFS access point used by lambda file system\n var accessPointForLambda = new AccessPoint(\"accessPointForLambda\", AccessPointArgs.builder() \n .fileSystemId(efsForLambda.id())\n .rootDirectory(AccessPointRootDirectoryArgs.builder()\n .path(\"/lambda\")\n .creationInfo(AccessPointRootDirectoryCreationInfoArgs.builder()\n .ownerGid(1000)\n .ownerUid(1000)\n .permissions(\"777\")\n .build())\n .build())\n .posixUser(AccessPointPosixUserArgs.builder()\n .gid(1000)\n .uid(1000)\n .build())\n .build());\n\n // A lambda function connected to an EFS file system\n var example = new Function(\"example\", FunctionArgs.builder() \n .fileSystemConfig(FunctionFileSystemConfigArgs.builder()\n .arn(accessPointForLambda.arn())\n .localMountPath(\"/mnt/efs\")\n .build())\n .vpcConfig(FunctionVpcConfigArgs.builder()\n .subnetIds(subnetForLambda.id())\n .securityGroupIds(sgForLambda.id())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(alpha)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # A lambda function connected to an EFS file system\n example:\n type: aws:lambda:Function\n properties:\n fileSystemConfig:\n arn: ${accessPointForLambda.arn}\n localMountPath: /mnt/efs\n vpcConfig:\n subnetIds:\n - ${subnetForLambda.id}\n securityGroupIds:\n - ${sgForLambda.id}\n options:\n dependson:\n - ${alpha}\n # EFS file system\n efsForLambda:\n type: aws:efs:FileSystem\n name: efs_for_lambda\n properties:\n tags:\n Name: efs_for_lambda\n # Mount target connects the file system to the subnet\n alpha:\n type: aws:efs:MountTarget\n properties:\n fileSystemId: ${efsForLambda.id}\n subnetId: ${subnetForLambda.id}\n securityGroups:\n - ${sgForLambda.id}\n # EFS access point used by lambda file system\n accessPointForLambda:\n type: aws:efs:AccessPoint\n name: access_point_for_lambda\n properties:\n fileSystemId: ${efsForLambda.id}\n rootDirectory:\n path: /lambda\n creationInfo:\n ownerGid: 1000\n ownerUid: 1000\n permissions: '777'\n posixUser:\n gid: 1000\n uid: 1000\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda retries\n\nLambda Functions allow you to configure error handling for asynchronous invocation. The settings that it supports are `Maximum age of event` and `Retry attempts` as stated in [Lambda documentation for Configuring error handling for asynchronous invocation](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-errors). To configure these settings, refer to the aws.lambda.FunctionEventInvokeConfig resource.\n\n## CloudWatch Logging and Permissions\n\nFor more information about CloudWatch Logs for Lambda, see the [Lambda User Guide](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-functions-logs.html).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst lambdaFunctionName = config.get(\"lambdaFunctionName\") || \"lambda_function_name\";\n// This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n// If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\nconst example = new aws.cloudwatch.LogGroup(\"example\", {\n name: `/aws/lambda/${lambdaFunctionName}`,\n retentionInDays: 14,\n});\n// See also the following AWS managed policy: AWSLambdaBasicExecutionRole\nconst lambdaLogging = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n actions: [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources: [\"arn:aws:logs:*:*:*\"],\n }],\n});\nconst lambdaLoggingPolicy = new aws.iam.Policy(\"lambda_logging\", {\n name: \"lambda_logging\",\n path: \"/\",\n description: \"IAM policy for logging from a lambda\",\n policy: lambdaLogging.then(lambdaLogging =\u003e lambdaLogging.json),\n});\nconst lambdaLogs = new aws.iam.RolePolicyAttachment(\"lambda_logs\", {\n role: iamForLambda.name,\n policyArn: lambdaLoggingPolicy.arn,\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n name: lambdaFunctionName,\n loggingConfig: {\n logFormat: \"Text\",\n },\n}, {\n dependsOn: [\n lambdaLogs,\n example,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nlambda_function_name = config.get(\"lambdaFunctionName\")\nif lambda_function_name is None:\n lambda_function_name = \"lambda_function_name\"\n# This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n# If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\nexample = aws.cloudwatch.LogGroup(\"example\",\n name=f\"/aws/lambda/{lambda_function_name}\",\n retention_in_days=14)\n# See also the following AWS managed policy: AWSLambdaBasicExecutionRole\nlambda_logging = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources=[\"arn:aws:logs:*:*:*\"],\n)])\nlambda_logging_policy = aws.iam.Policy(\"lambda_logging\",\n name=\"lambda_logging\",\n path=\"/\",\n description=\"IAM policy for logging from a lambda\",\n policy=lambda_logging.json)\nlambda_logs = aws.iam.RolePolicyAttachment(\"lambda_logs\",\n role=iam_for_lambda[\"name\"],\n policy_arn=lambda_logging_policy.arn)\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n name=lambda_function_name,\n logging_config=aws.lambda_.FunctionLoggingConfigArgs(\n log_format=\"Text\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n lambda_logs,\n example,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var lambdaFunctionName = config.Get(\"lambdaFunctionName\") ?? \"lambda_function_name\";\n // This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n // If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n var example = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = $\"/aws/lambda/{lambdaFunctionName}\",\n RetentionInDays = 14,\n });\n\n // See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n var lambdaLogging = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*:*:*\",\n },\n },\n },\n });\n\n var lambdaLoggingPolicy = new Aws.Iam.Policy(\"lambda_logging\", new()\n {\n Name = \"lambda_logging\",\n Path = \"/\",\n Description = \"IAM policy for logging from a lambda\",\n PolicyDocument = lambdaLogging.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var lambdaLogs = new Aws.Iam.RolePolicyAttachment(\"lambda_logs\", new()\n {\n Role = iamForLambda.Name,\n PolicyArn = lambdaLoggingPolicy.Arn,\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Name = lambdaFunctionName,\n LoggingConfig = new Aws.Lambda.Inputs.FunctionLoggingConfigArgs\n {\n LogFormat = \"Text\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n lambdaLogs, \n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tlambdaFunctionName := \"lambda_function_name\"\n\t\tif param := cfg.Get(\"lambdaFunctionName\"); param != \"\" {\n\t\t\tlambdaFunctionName = param\n\t\t}\n\t\t// This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n\t\t// If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n\t\texample, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"/aws/lambda/%v\", lambdaFunctionName)),\n\t\t\tRetentionInDays: pulumi.Int(14),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n\t\tlambdaLogging, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:CreateLogGroup\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*:*:*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaLoggingPolicy, err := iam.NewPolicy(ctx, \"lambda_logging\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"lambda_logging\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tDescription: pulumi.String(\"IAM policy for logging from a lambda\"),\n\t\t\tPolicy: pulumi.String(lambdaLogging.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlambdaLogs, err := iam.NewRolePolicyAttachment(ctx, \"lambda_logs\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: pulumi.Any(iamForLambda.Name),\n\t\t\tPolicyArn: lambdaLoggingPolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tName: pulumi.String(lambdaFunctionName),\n\t\t\tLoggingConfig: \u0026lambda.FunctionLoggingConfigArgs{\n\t\t\t\tLogFormat: pulumi.String(\"Text\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tlambdaLogs,\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.inputs.FunctionLoggingConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var lambdaFunctionName = config.get(\"lambdaFunctionName\").orElse(\"lambda_function_name\");\n // This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n // If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n var example = new LogGroup(\"example\", LogGroupArgs.builder() \n .name(String.format(\"/aws/lambda/%s\", lambdaFunctionName))\n .retentionInDays(14)\n .build());\n\n // See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n final var lambdaLogging = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\")\n .resources(\"arn:aws:logs:*:*:*\")\n .build())\n .build());\n\n var lambdaLoggingPolicy = new Policy(\"lambdaLoggingPolicy\", PolicyArgs.builder() \n .name(\"lambda_logging\")\n .path(\"/\")\n .description(\"IAM policy for logging from a lambda\")\n .policy(lambdaLogging.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var lambdaLogs = new RolePolicyAttachment(\"lambdaLogs\", RolePolicyAttachmentArgs.builder() \n .role(iamForLambda.name())\n .policyArn(lambdaLoggingPolicy.arn())\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder() \n .name(lambdaFunctionName)\n .loggingConfig(FunctionLoggingConfigArgs.builder()\n .logFormat(\"Text\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n lambdaLogs,\n example)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n lambdaFunctionName:\n type: string\n default: lambda_function_name\nresources:\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n name: ${lambdaFunctionName}\n loggingConfig:\n logFormat: Text\n options:\n dependson:\n - ${lambdaLogs}\n - ${example}\n # This is to optionally manage the CloudWatch Log Group for the Lambda Function.\n # If skipping this resource configuration, also add \"logs:CreateLogGroup\" to the IAM policy below.\n example:\n type: aws:cloudwatch:LogGroup\n properties:\n name: /aws/lambda/${lambdaFunctionName}\n retentionInDays: 14\n lambdaLoggingPolicy:\n type: aws:iam:Policy\n name: lambda_logging\n properties:\n name: lambda_logging\n path: /\n description: IAM policy for logging from a lambda\n policy: ${lambdaLogging.json}\n lambdaLogs:\n type: aws:iam:RolePolicyAttachment\n name: lambda_logs\n properties:\n role: ${iamForLambda.name}\n policyArn: ${lambdaLoggingPolicy.arn}\nvariables:\n # See also the following AWS managed policy: AWSLambdaBasicExecutionRole\n lambdaLogging:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - logs:CreateLogGroup\n - logs:CreateLogStream\n - logs:PutLogEvents\n resources:\n - arn:aws:logs:*:*:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Specifying the Deployment Package\n\nAWS Lambda expects source code to be provided as a deployment package whose structure varies depending on which `runtime` is in use. See [Runtimes](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime) for the valid values of `runtime`. The expected structure of the deployment package can be found in [the AWS Lambda documentation for each runtime](https://docs.aws.amazon.com/lambda/latest/dg/deployment-package-v2.html).\n\nOnce you have created your deployment package you can specify it either directly as a local file (using the `filename` argument) or indirectly via Amazon S3 (using the `s3_bucket`, `s3_key` and `s3_object_version` arguments). When providing the deployment package via S3 it may be useful to use the `aws.s3.BucketObjectv2` resource to upload it.\n\nFor larger deployment packages it is recommended by Amazon to upload via S3, since the S3 API has better support for uploading large files efficiently.\n\n## Import\n\nUsing `pulumi import`, import Lambda Functions using the `function_name`. For example:\n\n```sh\n$ pulumi import aws:lambda/function:Function test_lambda my_test_lambda_function\n```\n", "properties": { "architectures": { "type": "array", @@ -268862,7 +268862,7 @@ } }, "aws:lambda/permission:Permission": { - "description": "Gives an external source (like an EventBridge Rule, SNS, or S3) permission to access the Lambda function.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"lambda.amazonaws.com\",\n },\n }],\n }),\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n code: new pulumi.asset.FileArchive(\"lambdatest.zip\"),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"exports.handler\",\n runtime: aws.lambda.Runtime.NodeJS16dX,\n});\nconst testAlias = new aws.lambda.Alias(\"test_alias\", {\n name: \"testalias\",\n description: \"a sample description\",\n functionName: testLambda.name,\n functionVersion: \"$LATEST\",\n});\nconst allowCloudwatch = new aws.lambda.Permission(\"allow_cloudwatch\", {\n statementId: \"AllowExecutionFromCloudWatch\",\n action: \"lambda:InvokeFunction\",\n \"function\": testLambda.name,\n principal: \"events.amazonaws.com\",\n sourceArn: \"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n qualifier: testAlias.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"lambda.amazonaws.com\",\n },\n }],\n }))\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n code=pulumi.FileArchive(\"lambdatest.zip\"),\n name=\"lambda_function_name\",\n role=iam_for_lambda.arn,\n handler=\"exports.handler\",\n runtime=aws.lambda_.Runtime.NODE_JS16D_X)\ntest_alias = aws.lambda_.Alias(\"test_alias\",\n name=\"testalias\",\n description=\"a sample description\",\n function_name=test_lambda.name,\n function_version=\"$LATEST\")\nallow_cloudwatch = aws.lambda_.Permission(\"allow_cloudwatch\",\n statement_id=\"AllowExecutionFromCloudWatch\",\n action=\"lambda:InvokeFunction\",\n function=test_lambda.name,\n principal=\"events.amazonaws.com\",\n source_arn=\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n qualifier=test_alias.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"lambda.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Code = new FileArchive(\"lambdatest.zip\"),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"exports.handler\",\n Runtime = Aws.Lambda.Runtime.NodeJS16dX,\n });\n\n var testAlias = new Aws.Lambda.Alias(\"test_alias\", new()\n {\n Name = \"testalias\",\n Description = \"a sample description\",\n FunctionName = testLambda.Name,\n FunctionVersion = \"$LATEST\",\n });\n\n var allowCloudwatch = new Aws.Lambda.Permission(\"allow_cloudwatch\", new()\n {\n StatementId = \"AllowExecutionFromCloudWatch\",\n Action = \"lambda:InvokeFunction\",\n Function = testLambda.Name,\n Principal = \"events.amazonaws.com\",\n SourceArn = \"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n Qualifier = testAlias.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"lambda.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestLambda, err := lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambdatest.zip\"),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS16dX),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAlias, err := lambda.NewAlias(ctx, \"test_alias\", \u0026lambda.AliasArgs{\n\t\t\tName: pulumi.String(\"testalias\"),\n\t\t\tDescription: pulumi.String(\"a sample description\"),\n\t\t\tFunctionName: testLambda.Name,\n\t\t\tFunctionVersion: pulumi.String(\"$LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"allow_cloudwatch\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromCloudWatch\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testLambda.Name,\n\t\t\tPrincipal: pulumi.String(\"events.amazonaws.com\"),\n\t\t\tSourceArn: pulumi.String(\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\"),\n\t\t\tQualifier: testAlias.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Alias;\nimport com.pulumi.aws.lambda.AliasArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder() \n .name(\"iam_for_lambda\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"lambda.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder() \n .code(new FileArchive(\"lambdatest.zip\"))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"exports.handler\")\n .runtime(\"nodejs16.x\")\n .build());\n\n var testAlias = new Alias(\"testAlias\", AliasArgs.builder() \n .name(\"testalias\")\n .description(\"a sample description\")\n .functionName(testLambda.name())\n .functionVersion(\"$LATEST\")\n .build());\n\n var allowCloudwatch = new Permission(\"allowCloudwatch\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromCloudWatch\")\n .action(\"lambda:InvokeFunction\")\n .function(testLambda.name())\n .principal(\"events.amazonaws.com\")\n .sourceArn(\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\")\n .qualifier(testAlias.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allowCloudwatch:\n type: aws:lambda:Permission\n name: allow_cloudwatch\n properties:\n statementId: AllowExecutionFromCloudWatch\n action: lambda:InvokeFunction\n function: ${testLambda.name}\n principal: events.amazonaws.com\n sourceArn: arn:aws:events:eu-west-1:111122223333:rule/RunDaily\n qualifier: ${testAlias.name}\n testAlias:\n type: aws:lambda:Alias\n name: test_alias\n properties:\n name: testalias\n description: a sample description\n functionName: ${testLambda.name}\n functionVersion: $LATEST\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n code:\n fn::FileArchive: lambdatest.zip\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: exports.handler\n runtime: nodejs16.x\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: lambda.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With SNS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.sns.Topic(\"default\", {name: \"call-lambda-maybe\"});\nconst defaultRole = new aws.iam.Role(\"default\", {\n name: \"iam_for_lambda_with_sns\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"lambda.amazonaws.com\",\n },\n }],\n }),\n});\nconst func = new aws.lambda.Function(\"func\", {\n code: new pulumi.asset.FileArchive(\"lambdatest.zip\"),\n name: \"lambda_called_from_sns\",\n role: defaultRole.arn,\n handler: \"exports.handler\",\n runtime: aws.lambda.Runtime.Python3d7,\n});\nconst withSns = new aws.lambda.Permission(\"with_sns\", {\n statementId: \"AllowExecutionFromSNS\",\n action: \"lambda:InvokeFunction\",\n \"function\": func.name,\n principal: \"sns.amazonaws.com\",\n sourceArn: _default.arn,\n});\nconst lambda = new aws.sns.TopicSubscription(\"lambda\", {\n topic: _default.arn,\n protocol: \"lambda\",\n endpoint: func.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ndefault = aws.sns.Topic(\"default\", name=\"call-lambda-maybe\")\ndefault_role = aws.iam.Role(\"default\",\n name=\"iam_for_lambda_with_sns\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"lambda.amazonaws.com\",\n },\n }],\n }))\nfunc = aws.lambda_.Function(\"func\",\n code=pulumi.FileArchive(\"lambdatest.zip\"),\n name=\"lambda_called_from_sns\",\n role=default_role.arn,\n handler=\"exports.handler\",\n runtime=aws.lambda_.Runtime.PYTHON3D7)\nwith_sns = aws.lambda_.Permission(\"with_sns\",\n statement_id=\"AllowExecutionFromSNS\",\n action=\"lambda:InvokeFunction\",\n function=func.name,\n principal=\"sns.amazonaws.com\",\n source_arn=default.arn)\nlambda_ = aws.sns.TopicSubscription(\"lambda\",\n topic=default.arn,\n protocol=\"lambda\",\n endpoint=func.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Sns.Topic(\"default\", new()\n {\n Name = \"call-lambda-maybe\",\n });\n\n var defaultRole = new Aws.Iam.Role(\"default\", new()\n {\n Name = \"iam_for_lambda_with_sns\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"lambda.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var func = new Aws.Lambda.Function(\"func\", new()\n {\n Code = new FileArchive(\"lambdatest.zip\"),\n Name = \"lambda_called_from_sns\",\n Role = defaultRole.Arn,\n Handler = \"exports.handler\",\n Runtime = Aws.Lambda.Runtime.Python3d7,\n });\n\n var withSns = new Aws.Lambda.Permission(\"with_sns\", new()\n {\n StatementId = \"AllowExecutionFromSNS\",\n Action = \"lambda:InvokeFunction\",\n Function = func.Name,\n Principal = \"sns.amazonaws.com\",\n SourceArn = @default.Arn,\n });\n\n var lambda = new Aws.Sns.TopicSubscription(\"lambda\", new()\n {\n Topic = @default.Arn,\n Protocol = \"lambda\",\n Endpoint = func.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewTopic(ctx, \"default\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"call-lambda-maybe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"lambda.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tdefaultRole, err := iam.NewRole(ctx, \"default\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda_with_sns\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"func\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambdatest.zip\"),\n\t\t\tName: pulumi.String(\"lambda_called_from_sns\"),\n\t\t\tRole: defaultRole.Arn,\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimePython3d7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"with_sns\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromSNS\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: _func.Name,\n\t\t\tPrincipal: pulumi.String(\"sns.amazonaws.com\"),\n\t\t\tSourceArn: _default.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sns.NewTopicSubscription(ctx, \"lambda\", \u0026sns.TopicSubscriptionArgs{\n\t\t\tTopic: _default.Arn,\n\t\t\tProtocol: pulumi.String(\"lambda\"),\n\t\t\tEndpoint: _func.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.sns.TopicSubscription;\nimport com.pulumi.aws.sns.TopicSubscriptionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Topic(\"default\", TopicArgs.builder() \n .name(\"call-lambda-maybe\")\n .build());\n\n var defaultRole = new Role(\"defaultRole\", RoleArgs.builder() \n .name(\"iam_for_lambda_with_sns\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"lambda.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var func = new Function(\"func\", FunctionArgs.builder() \n .code(new FileArchive(\"lambdatest.zip\"))\n .name(\"lambda_called_from_sns\")\n .role(defaultRole.arn())\n .handler(\"exports.handler\")\n .runtime(\"python3.7\")\n .build());\n\n var withSns = new Permission(\"withSns\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromSNS\")\n .action(\"lambda:InvokeFunction\")\n .function(func.name())\n .principal(\"sns.amazonaws.com\")\n .sourceArn(default_.arn())\n .build());\n\n var lambda = new TopicSubscription(\"lambda\", TopicSubscriptionArgs.builder() \n .topic(default_.arn())\n .protocol(\"lambda\")\n .endpoint(func.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n withSns:\n type: aws:lambda:Permission\n name: with_sns\n properties:\n statementId: AllowExecutionFromSNS\n action: lambda:InvokeFunction\n function: ${func.name}\n principal: sns.amazonaws.com\n sourceArn: ${default.arn}\n default:\n type: aws:sns:Topic\n properties:\n name: call-lambda-maybe\n lambda:\n type: aws:sns:TopicSubscription\n properties:\n topic: ${default.arn}\n protocol: lambda\n endpoint: ${func.arn}\n func:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: lambdatest.zip\n name: lambda_called_from_sns\n role: ${defaultRole.arn}\n handler: exports.handler\n runtime: python3.7\n defaultRole:\n type: aws:iam:Role\n name: default\n properties:\n name: iam_for_lambda_with_sns\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: lambda.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With API Gateway REST API\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst lambdaPermission = new aws.lambda.Permission(\"lambda_permission\", {\n statementId: \"AllowMyDemoAPIInvoke\",\n action: \"lambda:InvokeFunction\",\n \"function\": \"MyDemoFunction\",\n principal: \"apigateway.amazonaws.com\",\n sourceArn: pulumi.interpolate`${myDemoAPI.executionArn}/*`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nlambda_permission = aws.lambda_.Permission(\"lambda_permission\",\n statement_id=\"AllowMyDemoAPIInvoke\",\n action=\"lambda:InvokeFunction\",\n function=\"MyDemoFunction\",\n principal=\"apigateway.amazonaws.com\",\n source_arn=my_demo_api.execution_arn.apply(lambda execution_arn: f\"{execution_arn}/*\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var lambdaPermission = new Aws.Lambda.Permission(\"lambda_permission\", new()\n {\n StatementId = \"AllowMyDemoAPIInvoke\",\n Action = \"lambda:InvokeFunction\",\n Function = \"MyDemoFunction\",\n Principal = \"apigateway.amazonaws.com\",\n SourceArn = myDemoAPI.ExecutionArn.Apply(executionArn =\u003e $\"{executionArn}/*\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"lambda_permission\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowMyDemoAPIInvoke\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: pulumi.Any(\"MyDemoFunction\"),\n\t\t\tPrincipal: pulumi.String(\"apigateway.amazonaws.com\"),\n\t\t\tSourceArn: myDemoAPI.ExecutionArn.ApplyT(func(executionArn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/*\", executionArn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder() \n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var lambdaPermission = new Permission(\"lambdaPermission\", PermissionArgs.builder() \n .statementId(\"AllowMyDemoAPIInvoke\")\n .action(\"lambda:InvokeFunction\")\n .function(\"MyDemoFunction\")\n .principal(\"apigateway.amazonaws.com\")\n .sourceArn(myDemoAPI.executionArn().applyValue(executionArn -\u003e String.format(\"%s/*\", executionArn)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n lambdaPermission:\n type: aws:lambda:Permission\n name: lambda_permission\n properties:\n statementId: AllowMyDemoAPIInvoke\n action: lambda:InvokeFunction\n function: MyDemoFunction\n principal: apigateway.amazonaws.com\n sourceArn: ${myDemoAPI.executionArn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With CloudWatch Log Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.cloudwatch.LogGroup(\"default\", {name: \"/default\"});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst defaultRole = new aws.iam.Role(\"default\", {\n name: \"iam_for_lambda_called_from_cloudwatch_logs\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst loggingFunction = new aws.lambda.Function(\"logging\", {\n code: new pulumi.asset.FileArchive(\"lamba_logging.zip\"),\n name: \"lambda_called_from_cloudwatch_logs\",\n handler: \"exports.handler\",\n role: defaultRole.arn,\n runtime: aws.lambda.Runtime.Python3d7,\n});\nconst logging = new aws.lambda.Permission(\"logging\", {\n action: \"lambda:InvokeFunction\",\n \"function\": loggingFunction.name,\n principal: \"logs.eu-west-1.amazonaws.com\",\n sourceArn: pulumi.interpolate`${_default.arn}:*`,\n});\nconst loggingLogSubscriptionFilter = new aws.cloudwatch.LogSubscriptionFilter(\"logging\", {\n destinationArn: loggingFunction.arn,\n filterPattern: \"\",\n logGroup: _default.name,\n name: \"logging_default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.cloudwatch.LogGroup(\"default\", name=\"/default\")\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\ndefault_role = aws.iam.Role(\"default\",\n name=\"iam_for_lambda_called_from_cloudwatch_logs\",\n assume_role_policy=assume_role.json)\nlogging_function = aws.lambda_.Function(\"logging\",\n code=pulumi.FileArchive(\"lamba_logging.zip\"),\n name=\"lambda_called_from_cloudwatch_logs\",\n handler=\"exports.handler\",\n role=default_role.arn,\n runtime=aws.lambda_.Runtime.PYTHON3D7)\nlogging = aws.lambda_.Permission(\"logging\",\n action=\"lambda:InvokeFunction\",\n function=logging_function.name,\n principal=\"logs.eu-west-1.amazonaws.com\",\n source_arn=default.arn.apply(lambda arn: f\"{arn}:*\"))\nlogging_log_subscription_filter = aws.cloudwatch.LogSubscriptionFilter(\"logging\",\n destination_arn=logging_function.arn,\n filter_pattern=\"\",\n log_group=default.name,\n name=\"logging_default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.CloudWatch.LogGroup(\"default\", new()\n {\n Name = \"/default\",\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var defaultRole = new Aws.Iam.Role(\"default\", new()\n {\n Name = \"iam_for_lambda_called_from_cloudwatch_logs\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var loggingFunction = new Aws.Lambda.Function(\"logging\", new()\n {\n Code = new FileArchive(\"lamba_logging.zip\"),\n Name = \"lambda_called_from_cloudwatch_logs\",\n Handler = \"exports.handler\",\n Role = defaultRole.Arn,\n Runtime = Aws.Lambda.Runtime.Python3d7,\n });\n\n var logging = new Aws.Lambda.Permission(\"logging\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = loggingFunction.Name,\n Principal = \"logs.eu-west-1.amazonaws.com\",\n SourceArn = @default.Arn.Apply(arn =\u003e $\"{arn}:*\"),\n });\n\n var loggingLogSubscriptionFilter = new Aws.CloudWatch.LogSubscriptionFilter(\"logging\", new()\n {\n DestinationArn = loggingFunction.Arn,\n FilterPattern = \"\",\n LogGroup = @default.Name,\n Name = \"logging_default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewLogGroup(ctx, \"default\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"/default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultRole, err := iam.NewRole(ctx, \"default\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda_called_from_cloudwatch_logs\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tloggingFunction, err := lambda.NewFunction(ctx, \"logging\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lamba_logging.zip\"),\n\t\t\tName: pulumi.String(\"lambda_called_from_cloudwatch_logs\"),\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRole: defaultRole.Arn,\n\t\t\tRuntime: pulumi.String(lambda.RuntimePython3d7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"logging\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: loggingFunction.Name,\n\t\t\tPrincipal: pulumi.String(\"logs.eu-west-1.amazonaws.com\"),\n\t\t\tSourceArn: _default.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v:*\", arn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogSubscriptionFilter(ctx, \"logging\", \u0026cloudwatch.LogSubscriptionFilterArgs{\n\t\t\tDestinationArn: loggingFunction.Arn,\n\t\t\tFilterPattern: pulumi.String(\"\"),\n\t\t\tLogGroup: _default.Name,\n\t\t\tName: pulumi.String(\"logging_default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.cloudwatch.LogSubscriptionFilter;\nimport com.pulumi.aws.cloudwatch.LogSubscriptionFilterArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new LogGroup(\"default\", LogGroupArgs.builder() \n .name(\"/default\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var defaultRole = new Role(\"defaultRole\", RoleArgs.builder() \n .name(\"iam_for_lambda_called_from_cloudwatch_logs\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var loggingFunction = new Function(\"loggingFunction\", FunctionArgs.builder() \n .code(new FileArchive(\"lamba_logging.zip\"))\n .name(\"lambda_called_from_cloudwatch_logs\")\n .handler(\"exports.handler\")\n .role(defaultRole.arn())\n .runtime(\"python3.7\")\n .build());\n\n var logging = new Permission(\"logging\", PermissionArgs.builder() \n .action(\"lambda:InvokeFunction\")\n .function(loggingFunction.name())\n .principal(\"logs.eu-west-1.amazonaws.com\")\n .sourceArn(default_.arn().applyValue(arn -\u003e String.format(\"%s:*\", arn)))\n .build());\n\n var loggingLogSubscriptionFilter = new LogSubscriptionFilter(\"loggingLogSubscriptionFilter\", LogSubscriptionFilterArgs.builder() \n .destinationArn(loggingFunction.arn())\n .filterPattern(\"\")\n .logGroup(default_.name())\n .name(\"logging_default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n logging:\n type: aws:lambda:Permission\n properties:\n action: lambda:InvokeFunction\n function: ${loggingFunction.name}\n principal: logs.eu-west-1.amazonaws.com\n sourceArn: ${default.arn}:*\n default:\n type: aws:cloudwatch:LogGroup\n properties:\n name: /default\n loggingLogSubscriptionFilter:\n type: aws:cloudwatch:LogSubscriptionFilter\n name: logging\n properties:\n destinationArn: ${loggingFunction.arn}\n filterPattern:\n logGroup: ${default.name}\n name: logging_default\n loggingFunction:\n type: aws:lambda:Function\n name: logging\n properties:\n code:\n fn::FileArchive: lamba_logging.zip\n name: lambda_called_from_cloudwatch_logs\n handler: exports.handler\n role: ${defaultRole.arn}\n runtime: python3.7\n defaultRole:\n type: aws:iam:Role\n name: default\n properties:\n name: iam_for_lambda_called_from_cloudwatch_logs\n assumeRolePolicy: ${assumeRole.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Cross-Account Invocation Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst url = new aws.lambda.FunctionUrl(\"url\", {\n functionName: example.functionName,\n authorizationType: \"AWS_IAM\",\n});\nconst urlPermission = new aws.lambda.Permission(\"url\", {\n action: \"lambda:InvokeFunctionUrl\",\n \"function\": example.functionName,\n principal: \"arn:aws:iam::444455556666:role/example\",\n sourceAccount: \"444455556666\",\n functionUrlAuthType: \"AWS_IAM\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nurl = aws.lambda_.FunctionUrl(\"url\",\n function_name=example[\"functionName\"],\n authorization_type=\"AWS_IAM\")\nurl_permission = aws.lambda_.Permission(\"url\",\n action=\"lambda:InvokeFunctionUrl\",\n function=example[\"functionName\"],\n principal=\"arn:aws:iam::444455556666:role/example\",\n source_account=\"444455556666\",\n function_url_auth_type=\"AWS_IAM\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var url = new Aws.Lambda.FunctionUrl(\"url\", new()\n {\n FunctionName = example.FunctionName,\n AuthorizationType = \"AWS_IAM\",\n });\n\n var urlPermission = new Aws.Lambda.Permission(\"url\", new()\n {\n Action = \"lambda:InvokeFunctionUrl\",\n Function = example.FunctionName,\n Principal = \"arn:aws:iam::444455556666:role/example\",\n SourceAccount = \"444455556666\",\n FunctionUrlAuthType = \"AWS_IAM\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewFunctionUrl(ctx, \"url\", \u0026lambda.FunctionUrlArgs{\n\t\t\tFunctionName: pulumi.Any(example.FunctionName),\n\t\t\tAuthorizationType: pulumi.String(\"AWS_IAM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"url\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunctionUrl\"),\n\t\t\tFunction: pulumi.Any(example.FunctionName),\n\t\t\tPrincipal: pulumi.String(\"arn:aws:iam::444455556666:role/example\"),\n\t\t\tSourceAccount: pulumi.String(\"444455556666\"),\n\t\t\tFunctionUrlAuthType: pulumi.String(\"AWS_IAM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.FunctionUrl;\nimport com.pulumi.aws.lambda.FunctionUrlArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var url = new FunctionUrl(\"url\", FunctionUrlArgs.builder() \n .functionName(example.functionName())\n .authorizationType(\"AWS_IAM\")\n .build());\n\n var urlPermission = new Permission(\"urlPermission\", PermissionArgs.builder() \n .action(\"lambda:InvokeFunctionUrl\")\n .function(example.functionName())\n .principal(\"arn:aws:iam::444455556666:role/example\")\n .sourceAccount(\"444455556666\")\n .functionUrlAuthType(\"AWS_IAM\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n url:\n type: aws:lambda:FunctionUrl\n properties:\n functionName: ${example.functionName}\n authorizationType: AWS_IAM\n urlPermission:\n type: aws:lambda:Permission\n name: url\n properties:\n action: lambda:InvokeFunctionUrl\n function: ${example.functionName}\n principal: arn:aws:iam::444455556666:role/example\n sourceAccount: '444455556666'\n functionUrlAuthType: AWS_IAM\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With `replace_triggered_by` Lifecycle Configuration\n\nIf omitting the `qualifier` argument (which forces re-creation each time a function version is published), a `lifecycle` block can be used to ensure permissions are re-applied on any change to the underlying function.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst logging = new aws.lambda.Permission(\"logging\", {\n action: \"lambda:InvokeFunction\",\n \"function\": example.functionName,\n principal: \"events.amazonaws.com\",\n sourceArn: \"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlogging = aws.lambda_.Permission(\"logging\",\n action=\"lambda:InvokeFunction\",\n function=example[\"functionName\"],\n principal=\"events.amazonaws.com\",\n source_arn=\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var logging = new Aws.Lambda.Permission(\"logging\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = example.FunctionName,\n Principal = \"events.amazonaws.com\",\n SourceArn = \"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewPermission(ctx, \"logging\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: pulumi.Any(example.FunctionName),\n\t\t\tPrincipal: pulumi.String(\"events.amazonaws.com\"),\n\t\t\tSourceArn: pulumi.String(\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var logging = new Permission(\"logging\", PermissionArgs.builder() \n .action(\"lambda:InvokeFunction\")\n .function(example.functionName())\n .principal(\"events.amazonaws.com\")\n .sourceArn(\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n logging:\n type: aws:lambda:Permission\n properties:\n action: lambda:InvokeFunction\n function: ${example.functionName}\n principal: events.amazonaws.com\n sourceArn: arn:aws:events:eu-west-1:111122223333:rule/RunDaily\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lambda permission statements using function_name/statement_id with an optional qualifier. For example:\n\n```sh\n$ pulumi import aws:lambda/permission:Permission test_lambda_permission my_test_lambda_function/AllowExecutionFromCloudWatch\n```\n```sh\n$ pulumi import aws:lambda/permission:Permission test_lambda_permission my_test_lambda_function:qualifier_name/AllowExecutionFromCloudWatch\n```\n", + "description": "Gives an external source (like an EventBridge Rule, SNS, or S3) permission to access the Lambda function.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"lambda.amazonaws.com\",\n },\n }],\n }),\n});\nconst testLambda = new aws.lambda.Function(\"test_lambda\", {\n code: new pulumi.asset.FileArchive(\"lambdatest.zip\"),\n name: \"lambda_function_name\",\n role: iamForLambda.arn,\n handler: \"exports.handler\",\n runtime: aws.lambda.Runtime.NodeJS16dX,\n});\nconst testAlias = new aws.lambda.Alias(\"test_alias\", {\n name: \"testalias\",\n description: \"a sample description\",\n functionName: testLambda.name,\n functionVersion: \"$LATEST\",\n});\nconst allowCloudwatch = new aws.lambda.Permission(\"allow_cloudwatch\", {\n statementId: \"AllowExecutionFromCloudWatch\",\n action: \"lambda:InvokeFunction\",\n \"function\": testLambda.name,\n principal: \"events.amazonaws.com\",\n sourceArn: \"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n qualifier: testAlias.name,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\",\n },\n }],\n }))\ntest_lambda = aws.lambda_.Function(\"test_lambda\",\n code=pulumi.FileArchive(\"lambdatest.zip\"),\n name=\"lambda_function_name\",\n role=iam_for_lambda.arn,\n handler=\"exports.handler\",\n runtime=aws.lambda_.Runtime.NODE_JS16D_X)\ntest_alias = aws.lambda_.Alias(\"test_alias\",\n name=\"testalias\",\n description=\"a sample description\",\n function_name=test_lambda.name,\n function_version=\"$LATEST\")\nallow_cloudwatch = aws.lambda_.Permission(\"allow_cloudwatch\",\n statement_id=\"AllowExecutionFromCloudWatch\",\n action=\"lambda:InvokeFunction\",\n function=test_lambda.name,\n principal=\"events.amazonaws.com\",\n source_arn=\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n qualifier=test_alias.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"lambda.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var testLambda = new Aws.Lambda.Function(\"test_lambda\", new()\n {\n Code = new FileArchive(\"lambdatest.zip\"),\n Name = \"lambda_function_name\",\n Role = iamForLambda.Arn,\n Handler = \"exports.handler\",\n Runtime = Aws.Lambda.Runtime.NodeJS16dX,\n });\n\n var testAlias = new Aws.Lambda.Alias(\"test_alias\", new()\n {\n Name = \"testalias\",\n Description = \"a sample description\",\n FunctionName = testLambda.Name,\n FunctionVersion = \"$LATEST\",\n });\n\n var allowCloudwatch = new Aws.Lambda.Permission(\"allow_cloudwatch\", new()\n {\n StatementId = \"AllowExecutionFromCloudWatch\",\n Action = \"lambda:InvokeFunction\",\n Function = testLambda.Name,\n Principal = \"events.amazonaws.com\",\n SourceArn = \"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n Qualifier = testAlias.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"lambda.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestLambda, err := lambda.NewFunction(ctx, \"test_lambda\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambdatest.zip\"),\n\t\t\tName: pulumi.String(\"lambda_function_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeNodeJS16dX),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAlias, err := lambda.NewAlias(ctx, \"test_alias\", \u0026lambda.AliasArgs{\n\t\t\tName: pulumi.String(\"testalias\"),\n\t\t\tDescription: pulumi.String(\"a sample description\"),\n\t\t\tFunctionName: testLambda.Name,\n\t\t\tFunctionVersion: pulumi.String(\"$LATEST\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"allow_cloudwatch\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromCloudWatch\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testLambda.Name,\n\t\t\tPrincipal: pulumi.String(\"events.amazonaws.com\"),\n\t\t\tSourceArn: pulumi.String(\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\"),\n\t\t\tQualifier: testAlias.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Alias;\nimport com.pulumi.aws.lambda.AliasArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder() \n .name(\"iam_for_lambda\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"lambda.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var testLambda = new Function(\"testLambda\", FunctionArgs.builder() \n .code(new FileArchive(\"lambdatest.zip\"))\n .name(\"lambda_function_name\")\n .role(iamForLambda.arn())\n .handler(\"exports.handler\")\n .runtime(\"nodejs16.x\")\n .build());\n\n var testAlias = new Alias(\"testAlias\", AliasArgs.builder() \n .name(\"testalias\")\n .description(\"a sample description\")\n .functionName(testLambda.name())\n .functionVersion(\"$LATEST\")\n .build());\n\n var allowCloudwatch = new Permission(\"allowCloudwatch\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromCloudWatch\")\n .action(\"lambda:InvokeFunction\")\n .function(testLambda.name())\n .principal(\"events.amazonaws.com\")\n .sourceArn(\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\")\n .qualifier(testAlias.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n allowCloudwatch:\n type: aws:lambda:Permission\n name: allow_cloudwatch\n properties:\n statementId: AllowExecutionFromCloudWatch\n action: lambda:InvokeFunction\n function: ${testLambda.name}\n principal: events.amazonaws.com\n sourceArn: arn:aws:events:eu-west-1:111122223333:rule/RunDaily\n qualifier: ${testAlias.name}\n testAlias:\n type: aws:lambda:Alias\n name: test_alias\n properties:\n name: testalias\n description: a sample description\n functionName: ${testLambda.name}\n functionVersion: $LATEST\n testLambda:\n type: aws:lambda:Function\n name: test_lambda\n properties:\n code:\n fn::FileArchive: lambdatest.zip\n name: lambda_function_name\n role: ${iamForLambda.arn}\n handler: exports.handler\n runtime: nodejs16.x\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: lambda.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With SNS\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.sns.Topic(\"default\", {name: \"call-lambda-maybe\"});\nconst defaultRole = new aws.iam.Role(\"default\", {\n name: \"iam_for_lambda_with_sns\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"lambda.amazonaws.com\",\n },\n }],\n }),\n});\nconst func = new aws.lambda.Function(\"func\", {\n code: new pulumi.asset.FileArchive(\"lambdatest.zip\"),\n name: \"lambda_called_from_sns\",\n role: defaultRole.arn,\n handler: \"exports.handler\",\n runtime: aws.lambda.Runtime.Python3d7,\n});\nconst withSns = new aws.lambda.Permission(\"with_sns\", {\n statementId: \"AllowExecutionFromSNS\",\n action: \"lambda:InvokeFunction\",\n \"function\": func.name,\n principal: \"sns.amazonaws.com\",\n sourceArn: _default.arn,\n});\nconst lambda = new aws.sns.TopicSubscription(\"lambda\", {\n topic: _default.arn,\n protocol: \"lambda\",\n endpoint: func.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ndefault = aws.sns.Topic(\"default\", name=\"call-lambda-maybe\")\ndefault_role = aws.iam.Role(\"default\",\n name=\"iam_for_lambda_with_sns\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\",\n },\n }],\n }))\nfunc = aws.lambda_.Function(\"func\",\n code=pulumi.FileArchive(\"lambdatest.zip\"),\n name=\"lambda_called_from_sns\",\n role=default_role.arn,\n handler=\"exports.handler\",\n runtime=aws.lambda_.Runtime.PYTHON3D7)\nwith_sns = aws.lambda_.Permission(\"with_sns\",\n statement_id=\"AllowExecutionFromSNS\",\n action=\"lambda:InvokeFunction\",\n function=func.name,\n principal=\"sns.amazonaws.com\",\n source_arn=default.arn)\nlambda_ = aws.sns.TopicSubscription(\"lambda\",\n topic=default.arn,\n protocol=\"lambda\",\n endpoint=func.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Sns.Topic(\"default\", new()\n {\n Name = \"call-lambda-maybe\",\n });\n\n var defaultRole = new Aws.Iam.Role(\"default\", new()\n {\n Name = \"iam_for_lambda_with_sns\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"lambda.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var func = new Aws.Lambda.Function(\"func\", new()\n {\n Code = new FileArchive(\"lambdatest.zip\"),\n Name = \"lambda_called_from_sns\",\n Role = defaultRole.Arn,\n Handler = \"exports.handler\",\n Runtime = Aws.Lambda.Runtime.Python3d7,\n });\n\n var withSns = new Aws.Lambda.Permission(\"with_sns\", new()\n {\n StatementId = \"AllowExecutionFromSNS\",\n Action = \"lambda:InvokeFunction\",\n Function = func.Name,\n Principal = \"sns.amazonaws.com\",\n SourceArn = @default.Arn,\n });\n\n var lambda = new Aws.Sns.TopicSubscription(\"lambda\", new()\n {\n Topic = @default.Arn,\n Protocol = \"lambda\",\n Endpoint = func.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sns.NewTopic(ctx, \"default\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"call-lambda-maybe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"lambda.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\tdefaultRole, err := iam.NewRole(ctx, \"default\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda_with_sns\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"func\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lambdatest.zip\"),\n\t\t\tName: pulumi.String(\"lambda_called_from_sns\"),\n\t\t\tRole: defaultRole.Arn,\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimePython3d7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"with_sns\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromSNS\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: _func.Name,\n\t\t\tPrincipal: pulumi.String(\"sns.amazonaws.com\"),\n\t\t\tSourceArn: _default.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sns.NewTopicSubscription(ctx, \"lambda\", \u0026sns.TopicSubscriptionArgs{\n\t\t\tTopic: _default.Arn,\n\t\t\tProtocol: pulumi.String(\"lambda\"),\n\t\t\tEndpoint: _func.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.sns.TopicSubscription;\nimport com.pulumi.aws.sns.TopicSubscriptionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Topic(\"default\", TopicArgs.builder() \n .name(\"call-lambda-maybe\")\n .build());\n\n var defaultRole = new Role(\"defaultRole\", RoleArgs.builder() \n .name(\"iam_for_lambda_with_sns\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"lambda.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var func = new Function(\"func\", FunctionArgs.builder() \n .code(new FileArchive(\"lambdatest.zip\"))\n .name(\"lambda_called_from_sns\")\n .role(defaultRole.arn())\n .handler(\"exports.handler\")\n .runtime(\"python3.7\")\n .build());\n\n var withSns = new Permission(\"withSns\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromSNS\")\n .action(\"lambda:InvokeFunction\")\n .function(func.name())\n .principal(\"sns.amazonaws.com\")\n .sourceArn(default_.arn())\n .build());\n\n var lambda = new TopicSubscription(\"lambda\", TopicSubscriptionArgs.builder() \n .topic(default_.arn())\n .protocol(\"lambda\")\n .endpoint(func.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n withSns:\n type: aws:lambda:Permission\n name: with_sns\n properties:\n statementId: AllowExecutionFromSNS\n action: lambda:InvokeFunction\n function: ${func.name}\n principal: sns.amazonaws.com\n sourceArn: ${default.arn}\n default:\n type: aws:sns:Topic\n properties:\n name: call-lambda-maybe\n lambda:\n type: aws:sns:TopicSubscription\n properties:\n topic: ${default.arn}\n protocol: lambda\n endpoint: ${func.arn}\n func:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: lambdatest.zip\n name: lambda_called_from_sns\n role: ${defaultRole.arn}\n handler: exports.handler\n runtime: python3.7\n defaultRole:\n type: aws:iam:Role\n name: default\n properties:\n name: iam_for_lambda_with_sns\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: lambda.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With API Gateway REST API\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst myDemoAPI = new aws.apigateway.RestApi(\"MyDemoAPI\", {\n name: \"MyDemoAPI\",\n description: \"This is my API for demonstration purposes\",\n});\nconst lambdaPermission = new aws.lambda.Permission(\"lambda_permission\", {\n statementId: \"AllowMyDemoAPIInvoke\",\n action: \"lambda:InvokeFunction\",\n \"function\": \"MyDemoFunction\",\n principal: \"apigateway.amazonaws.com\",\n sourceArn: pulumi.interpolate`${myDemoAPI.executionArn}/*`,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nmy_demo_api = aws.apigateway.RestApi(\"MyDemoAPI\",\n name=\"MyDemoAPI\",\n description=\"This is my API for demonstration purposes\")\nlambda_permission = aws.lambda_.Permission(\"lambda_permission\",\n statement_id=\"AllowMyDemoAPIInvoke\",\n action=\"lambda:InvokeFunction\",\n function=\"MyDemoFunction\",\n principal=\"apigateway.amazonaws.com\",\n source_arn=my_demo_api.execution_arn.apply(lambda execution_arn: f\"{execution_arn}/*\"))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myDemoAPI = new Aws.ApiGateway.RestApi(\"MyDemoAPI\", new()\n {\n Name = \"MyDemoAPI\",\n Description = \"This is my API for demonstration purposes\",\n });\n\n var lambdaPermission = new Aws.Lambda.Permission(\"lambda_permission\", new()\n {\n StatementId = \"AllowMyDemoAPIInvoke\",\n Action = \"lambda:InvokeFunction\",\n Function = \"MyDemoFunction\",\n Principal = \"apigateway.amazonaws.com\",\n SourceArn = myDemoAPI.ExecutionArn.Apply(executionArn =\u003e $\"{executionArn}/*\"),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyDemoAPI, err := apigateway.NewRestApi(ctx, \"MyDemoAPI\", \u0026apigateway.RestApiArgs{\n\t\t\tName: pulumi.String(\"MyDemoAPI\"),\n\t\t\tDescription: pulumi.String(\"This is my API for demonstration purposes\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"lambda_permission\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowMyDemoAPIInvoke\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: pulumi.Any(\"MyDemoFunction\"),\n\t\t\tPrincipal: pulumi.String(\"apigateway.amazonaws.com\"),\n\t\t\tSourceArn: myDemoAPI.ExecutionArn.ApplyT(func(executionArn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/*\", executionArn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.apigateway.RestApi;\nimport com.pulumi.aws.apigateway.RestApiArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var myDemoAPI = new RestApi(\"myDemoAPI\", RestApiArgs.builder() \n .name(\"MyDemoAPI\")\n .description(\"This is my API for demonstration purposes\")\n .build());\n\n var lambdaPermission = new Permission(\"lambdaPermission\", PermissionArgs.builder() \n .statementId(\"AllowMyDemoAPIInvoke\")\n .action(\"lambda:InvokeFunction\")\n .function(\"MyDemoFunction\")\n .principal(\"apigateway.amazonaws.com\")\n .sourceArn(myDemoAPI.executionArn().applyValue(executionArn -\u003e String.format(\"%s/*\", executionArn)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n myDemoAPI:\n type: aws:apigateway:RestApi\n name: MyDemoAPI\n properties:\n name: MyDemoAPI\n description: This is my API for demonstration purposes\n lambdaPermission:\n type: aws:lambda:Permission\n name: lambda_permission\n properties:\n statementId: AllowMyDemoAPIInvoke\n action: lambda:InvokeFunction\n function: MyDemoFunction\n principal: apigateway.amazonaws.com\n sourceArn: ${myDemoAPI.executionArn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With CloudWatch Log Group\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.cloudwatch.LogGroup(\"default\", {name: \"/default\"});\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst defaultRole = new aws.iam.Role(\"default\", {\n name: \"iam_for_lambda_called_from_cloudwatch_logs\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst loggingFunction = new aws.lambda.Function(\"logging\", {\n code: new pulumi.asset.FileArchive(\"lamba_logging.zip\"),\n name: \"lambda_called_from_cloudwatch_logs\",\n handler: \"exports.handler\",\n role: defaultRole.arn,\n runtime: aws.lambda.Runtime.Python3d7,\n});\nconst logging = new aws.lambda.Permission(\"logging\", {\n action: \"lambda:InvokeFunction\",\n \"function\": loggingFunction.name,\n principal: \"logs.eu-west-1.amazonaws.com\",\n sourceArn: pulumi.interpolate`${_default.arn}:*`,\n});\nconst loggingLogSubscriptionFilter = new aws.cloudwatch.LogSubscriptionFilter(\"logging\", {\n destinationArn: loggingFunction.arn,\n filterPattern: \"\",\n logGroup: _default.name,\n name: \"logging_default\",\n}, {\n dependsOn: [logging],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.cloudwatch.LogGroup(\"default\", name=\"/default\")\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\ndefault_role = aws.iam.Role(\"default\",\n name=\"iam_for_lambda_called_from_cloudwatch_logs\",\n assume_role_policy=assume_role.json)\nlogging_function = aws.lambda_.Function(\"logging\",\n code=pulumi.FileArchive(\"lamba_logging.zip\"),\n name=\"lambda_called_from_cloudwatch_logs\",\n handler=\"exports.handler\",\n role=default_role.arn,\n runtime=aws.lambda_.Runtime.PYTHON3D7)\nlogging = aws.lambda_.Permission(\"logging\",\n action=\"lambda:InvokeFunction\",\n function=logging_function.name,\n principal=\"logs.eu-west-1.amazonaws.com\",\n source_arn=default.arn.apply(lambda arn: f\"{arn}:*\"))\nlogging_log_subscription_filter = aws.cloudwatch.LogSubscriptionFilter(\"logging\",\n destination_arn=logging_function.arn,\n filter_pattern=\"\",\n log_group=default.name,\n name=\"logging_default\",\n opts=pulumi.ResourceOptions(depends_on=[logging]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.CloudWatch.LogGroup(\"default\", new()\n {\n Name = \"/default\",\n });\n\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var defaultRole = new Aws.Iam.Role(\"default\", new()\n {\n Name = \"iam_for_lambda_called_from_cloudwatch_logs\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var loggingFunction = new Aws.Lambda.Function(\"logging\", new()\n {\n Code = new FileArchive(\"lamba_logging.zip\"),\n Name = \"lambda_called_from_cloudwatch_logs\",\n Handler = \"exports.handler\",\n Role = defaultRole.Arn,\n Runtime = Aws.Lambda.Runtime.Python3d7,\n });\n\n var logging = new Aws.Lambda.Permission(\"logging\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = loggingFunction.Name,\n Principal = \"logs.eu-west-1.amazonaws.com\",\n SourceArn = @default.Arn.Apply(arn =\u003e $\"{arn}:*\"),\n });\n\n var loggingLogSubscriptionFilter = new Aws.CloudWatch.LogSubscriptionFilter(\"logging\", new()\n {\n DestinationArn = loggingFunction.Arn,\n FilterPattern = \"\",\n LogGroup = @default.Name,\n Name = \"logging_default\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n logging, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := cloudwatch.NewLogGroup(ctx, \"default\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"/default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultRole, err := iam.NewRole(ctx, \"default\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda_called_from_cloudwatch_logs\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tloggingFunction, err := lambda.NewFunction(ctx, \"logging\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"lamba_logging.zip\"),\n\t\t\tName: pulumi.String(\"lambda_called_from_cloudwatch_logs\"),\n\t\t\tHandler: pulumi.String(\"exports.handler\"),\n\t\t\tRole: defaultRole.Arn,\n\t\t\tRuntime: pulumi.String(lambda.RuntimePython3d7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlogging, err := lambda.NewPermission(ctx, \"logging\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: loggingFunction.Name,\n\t\t\tPrincipal: pulumi.String(\"logs.eu-west-1.amazonaws.com\"),\n\t\t\tSourceArn: _default.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v:*\", arn), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogSubscriptionFilter(ctx, \"logging\", \u0026cloudwatch.LogSubscriptionFilterArgs{\n\t\t\tDestinationArn: loggingFunction.Arn,\n\t\t\tFilterPattern: pulumi.String(\"\"),\n\t\t\tLogGroup: _default.Name,\n\t\t\tName: pulumi.String(\"logging_default\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tlogging,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.cloudwatch.LogSubscriptionFilter;\nimport com.pulumi.aws.cloudwatch.LogSubscriptionFilterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new LogGroup(\"default\", LogGroupArgs.builder() \n .name(\"/default\")\n .build());\n\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var defaultRole = new Role(\"defaultRole\", RoleArgs.builder() \n .name(\"iam_for_lambda_called_from_cloudwatch_logs\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var loggingFunction = new Function(\"loggingFunction\", FunctionArgs.builder() \n .code(new FileArchive(\"lamba_logging.zip\"))\n .name(\"lambda_called_from_cloudwatch_logs\")\n .handler(\"exports.handler\")\n .role(defaultRole.arn())\n .runtime(\"python3.7\")\n .build());\n\n var logging = new Permission(\"logging\", PermissionArgs.builder() \n .action(\"lambda:InvokeFunction\")\n .function(loggingFunction.name())\n .principal(\"logs.eu-west-1.amazonaws.com\")\n .sourceArn(default_.arn().applyValue(arn -\u003e String.format(\"%s:*\", arn)))\n .build());\n\n var loggingLogSubscriptionFilter = new LogSubscriptionFilter(\"loggingLogSubscriptionFilter\", LogSubscriptionFilterArgs.builder() \n .destinationArn(loggingFunction.arn())\n .filterPattern(\"\")\n .logGroup(default_.name())\n .name(\"logging_default\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(logging)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n logging:\n type: aws:lambda:Permission\n properties:\n action: lambda:InvokeFunction\n function: ${loggingFunction.name}\n principal: logs.eu-west-1.amazonaws.com\n sourceArn: ${default.arn}:*\n default:\n type: aws:cloudwatch:LogGroup\n properties:\n name: /default\n loggingLogSubscriptionFilter:\n type: aws:cloudwatch:LogSubscriptionFilter\n name: logging\n properties:\n destinationArn: ${loggingFunction.arn}\n filterPattern:\n logGroup: ${default.name}\n name: logging_default\n options:\n dependson:\n - ${logging}\n loggingFunction:\n type: aws:lambda:Function\n name: logging\n properties:\n code:\n fn::FileArchive: lamba_logging.zip\n name: lambda_called_from_cloudwatch_logs\n handler: exports.handler\n role: ${defaultRole.arn}\n runtime: python3.7\n defaultRole:\n type: aws:iam:Role\n name: default\n properties:\n name: iam_for_lambda_called_from_cloudwatch_logs\n assumeRolePolicy: ${assumeRole.json}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Cross-Account Invocation Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst url = new aws.lambda.FunctionUrl(\"url\", {\n functionName: example.functionName,\n authorizationType: \"AWS_IAM\",\n});\nconst urlPermission = new aws.lambda.Permission(\"url\", {\n action: \"lambda:InvokeFunctionUrl\",\n \"function\": example.functionName,\n principal: \"arn:aws:iam::444455556666:role/example\",\n sourceAccount: \"444455556666\",\n functionUrlAuthType: \"AWS_IAM\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nurl = aws.lambda_.FunctionUrl(\"url\",\n function_name=example[\"functionName\"],\n authorization_type=\"AWS_IAM\")\nurl_permission = aws.lambda_.Permission(\"url\",\n action=\"lambda:InvokeFunctionUrl\",\n function=example[\"functionName\"],\n principal=\"arn:aws:iam::444455556666:role/example\",\n source_account=\"444455556666\",\n function_url_auth_type=\"AWS_IAM\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var url = new Aws.Lambda.FunctionUrl(\"url\", new()\n {\n FunctionName = example.FunctionName,\n AuthorizationType = \"AWS_IAM\",\n });\n\n var urlPermission = new Aws.Lambda.Permission(\"url\", new()\n {\n Action = \"lambda:InvokeFunctionUrl\",\n Function = example.FunctionName,\n Principal = \"arn:aws:iam::444455556666:role/example\",\n SourceAccount = \"444455556666\",\n FunctionUrlAuthType = \"AWS_IAM\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewFunctionUrl(ctx, \"url\", \u0026lambda.FunctionUrlArgs{\n\t\t\tFunctionName: pulumi.Any(example.FunctionName),\n\t\t\tAuthorizationType: pulumi.String(\"AWS_IAM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"url\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunctionUrl\"),\n\t\t\tFunction: pulumi.Any(example.FunctionName),\n\t\t\tPrincipal: pulumi.String(\"arn:aws:iam::444455556666:role/example\"),\n\t\t\tSourceAccount: pulumi.String(\"444455556666\"),\n\t\t\tFunctionUrlAuthType: pulumi.String(\"AWS_IAM\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.FunctionUrl;\nimport com.pulumi.aws.lambda.FunctionUrlArgs;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var url = new FunctionUrl(\"url\", FunctionUrlArgs.builder() \n .functionName(example.functionName())\n .authorizationType(\"AWS_IAM\")\n .build());\n\n var urlPermission = new Permission(\"urlPermission\", PermissionArgs.builder() \n .action(\"lambda:InvokeFunctionUrl\")\n .function(example.functionName())\n .principal(\"arn:aws:iam::444455556666:role/example\")\n .sourceAccount(\"444455556666\")\n .functionUrlAuthType(\"AWS_IAM\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n url:\n type: aws:lambda:FunctionUrl\n properties:\n functionName: ${example.functionName}\n authorizationType: AWS_IAM\n urlPermission:\n type: aws:lambda:Permission\n name: url\n properties:\n action: lambda:InvokeFunctionUrl\n function: ${example.functionName}\n principal: arn:aws:iam::444455556666:role/example\n sourceAccount: '444455556666'\n functionUrlAuthType: AWS_IAM\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With `replace_triggered_by` Lifecycle Configuration\n\nIf omitting the `qualifier` argument (which forces re-creation each time a function version is published), a `lifecycle` block can be used to ensure permissions are re-applied on any change to the underlying function.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst logging = new aws.lambda.Permission(\"logging\", {\n action: \"lambda:InvokeFunction\",\n \"function\": example.functionName,\n principal: \"events.amazonaws.com\",\n sourceArn: \"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nlogging = aws.lambda_.Permission(\"logging\",\n action=\"lambda:InvokeFunction\",\n function=example[\"functionName\"],\n principal=\"events.amazonaws.com\",\n source_arn=\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var logging = new Aws.Lambda.Permission(\"logging\", new()\n {\n Action = \"lambda:InvokeFunction\",\n Function = example.FunctionName,\n Principal = \"events.amazonaws.com\",\n SourceArn = \"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := lambda.NewPermission(ctx, \"logging\", \u0026lambda.PermissionArgs{\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: pulumi.Any(example.FunctionName),\n\t\t\tPrincipal: pulumi.String(\"events.amazonaws.com\"),\n\t\t\tSourceArn: pulumi.String(\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var logging = new Permission(\"logging\", PermissionArgs.builder() \n .action(\"lambda:InvokeFunction\")\n .function(example.functionName())\n .principal(\"events.amazonaws.com\")\n .sourceArn(\"arn:aws:events:eu-west-1:111122223333:rule/RunDaily\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n logging:\n type: aws:lambda:Permission\n properties:\n action: lambda:InvokeFunction\n function: ${example.functionName}\n principal: events.amazonaws.com\n sourceArn: arn:aws:events:eu-west-1:111122223333:rule/RunDaily\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lambda permission statements using function_name/statement_id with an optional qualifier. For example:\n\n```sh\n$ pulumi import aws:lambda/permission:Permission test_lambda_permission my_test_lambda_function/AllowExecutionFromCloudWatch\n```\n```sh\n$ pulumi import aws:lambda/permission:Permission test_lambda_permission my_test_lambda_function:qualifier_name/AllowExecutionFromCloudWatch\n```\n", "properties": { "action": { "type": "string", @@ -270339,7 +270339,7 @@ ] }, "aws:lb/targetGroupAttachment:TargetGroupAttachment": { - "description": "Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the `aws.elb.Attachment` resource.\n\n\u003e **Note:** `aws.alb.TargetGroupAttachment` is known as `aws.lb.TargetGroupAttachment`. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {});\nconst testInstance = new aws.ec2.Instance(\"test\", {});\nconst test = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: testTargetGroup.arn,\n targetId: testInstance.id,\n port: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"test\")\ntest_instance = aws.ec2.Instance(\"test\")\ntest = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test_target_group.arn,\n target_id=test_instance.id,\n port=80)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testTargetGroup = new Aws.LB.TargetGroup(\"test\");\n\n var testInstance = new Aws.Ec2.Instance(\"test\");\n\n var test = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testInstance.Id,\n Port = 80,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := ec2.NewInstance(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testInstance.ID(),\n\t\t\tPort: pulumi.Int(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testTargetGroup = new TargetGroup(\"testTargetGroup\");\n\n var testInstance = new Instance(\"testInstance\");\n\n var test = new TargetGroupAttachment(\"test\", TargetGroupAttachmentArgs.builder() \n .targetGroupArn(testTargetGroup.arn())\n .targetId(testInstance.id())\n .port(80)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:TargetGroupAttachment\n properties:\n targetGroupArn: ${testTargetGroup.arn}\n targetId: ${testInstance.id}\n port: 80\n testTargetGroup:\n type: aws:lb:TargetGroup\n name: test\n testInstance:\n type: aws:ec2:Instance\n name: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.TargetGroup(\"test\", {\n name: \"test\",\n targetType: \"lambda\",\n});\nconst testFunction = new aws.lambda.Function(\"test\", {});\nconst withLb = new aws.lambda.Permission(\"with_lb\", {\n statementId: \"AllowExecutionFromlb\",\n action: \"lambda:InvokeFunction\",\n \"function\": testFunction.name,\n principal: \"elasticloadbalancing.amazonaws.com\",\n sourceArn: test.arn,\n});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: test.arn,\n targetId: testFunction.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.TargetGroup(\"test\",\n name=\"test\",\n target_type=\"lambda\")\ntest_function = aws.lambda_.Function(\"test\")\nwith_lb = aws.lambda_.Permission(\"with_lb\",\n statement_id=\"AllowExecutionFromlb\",\n action=\"lambda:InvokeFunction\",\n function=test_function.name,\n principal=\"elasticloadbalancing.amazonaws.com\",\n source_arn=test.arn)\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test.arn,\n target_id=test_function.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.TargetGroup(\"test\", new()\n {\n Name = \"test\",\n TargetType = \"lambda\",\n });\n\n var testFunction = new Aws.Lambda.Function(\"test\");\n\n var withLb = new Aws.Lambda.Permission(\"with_lb\", new()\n {\n StatementId = \"AllowExecutionFromlb\",\n Action = \"lambda:InvokeFunction\",\n Function = testFunction.Name,\n Principal = \"elasticloadbalancing.amazonaws.com\",\n SourceArn = test.Arn,\n });\n\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = test.Arn,\n TargetId = testFunction.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestFunction, err := lambda.NewFunction(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"with_lb\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromlb\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testFunction.Name,\n\t\t\tPrincipal: pulumi.String(\"elasticloadbalancing.amazonaws.com\"),\n\t\t\tSourceArn: test.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: test.Arn,\n\t\t\tTargetId: testFunction.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new TargetGroup(\"test\", TargetGroupArgs.builder() \n .name(\"test\")\n .targetType(\"lambda\")\n .build());\n\n var testFunction = new Function(\"testFunction\");\n\n var withLb = new Permission(\"withLb\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromlb\")\n .action(\"lambda:InvokeFunction\")\n .function(testFunction.name())\n .principal(\"elasticloadbalancing.amazonaws.com\")\n .sourceArn(test.arn())\n .build());\n\n var testTargetGroupAttachment = new TargetGroupAttachment(\"testTargetGroupAttachment\", TargetGroupAttachmentArgs.builder() \n .targetGroupArn(test.arn())\n .targetId(testFunction.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n withLb:\n type: aws:lambda:Permission\n name: with_lb\n properties:\n statementId: AllowExecutionFromlb\n action: lambda:InvokeFunction\n function: ${testFunction.name}\n principal: elasticloadbalancing.amazonaws.com\n sourceArn: ${test.arn}\n test:\n type: aws:lb:TargetGroup\n properties:\n name: test\n targetType: lambda\n testFunction:\n type: aws:lambda:Function\n name: test\n testTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: test\n properties:\n targetGroupArn: ${test.arn}\n targetId: ${testFunction.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Registering Multiple Targets\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example: aws.ec2.Instance[] = [];\nfor (const range = {value: 0}; range.value \u003c 3; range.value++) {\n example.push(new aws.ec2.Instance(`example-${range.value}`, {}));\n}\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleTargetGroupAttachment: aws.lb.TargetGroupAttachment[] = [];\npulumi.all(example.map((v, k) =\u003e [k, v]).reduce((__obj, [, ]) =\u003e ({ ...__obj, [k]: v }))).apply(rangeBody =\u003e {\n for (const range of Object.entries(rangeBody).map(([k, v]) =\u003e ({key: k, value: v}))) {\n exampleTargetGroupAttachment.push(new aws.lb.TargetGroupAttachment(`example-${range.key}`, {\n targetGroupArn: exampleTargetGroup.arn,\n targetId: range.value.id,\n port: 80,\n }));\n }\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = []\nfor range in [{\"value\": i} for i in range(0, 3)]:\n example.append(aws.ec2.Instance(f\"example-{range['value']}\"))\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_target_group_attachment = []\ndef create_example(range_body):\n for range in [{\"key\": k, \"value\": v} for [k, v] in enumerate(range_body)]:\n example_target_group_attachment.append(aws.lb.TargetGroupAttachment(f\"example-{range['key']}\",\n target_group_arn=example_target_group.arn,\n target_id=range[\"value\"],\n port=80))\n\npulumi.Output.all({k: v for k, v in example}).apply(lambda resolved_outputs: create_example(resolved_outputs[0]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new List\u003cAws.Ec2.Instance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 3; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Ec2.Instance($\"example-{range.Value}\", new()\n {\n }));\n }\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleTargetGroupAttachment = new List\u003cAws.LB.TargetGroupAttachment\u003e();\n foreach (var range in example.Select((value, i) =\u003e new { Key = i.ToString(), Value = pair.Value }).Select(pair =\u003e new { pair.Key, pair.Value }))\n {\n exampleTargetGroupAttachment.Add(new Aws.LB.TargetGroupAttachment($\"example-{range.Key}\", new()\n {\n TargetGroupArn = exampleTargetGroup.Arn,\n TargetId = range.Value.Id,\n Port = 80,\n }));\n }\n});\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Instance\n options: {}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: example\n properties:\n targetGroupArn: ${exampleTargetGroup.arn}\n targetId: ${range.value.id}\n port: 80\n options: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import Target Group Attachments.\n\n", + "description": "Provides the ability to register instances and containers with an Application Load Balancer (ALB) or Network Load Balancer (NLB) target group. For attaching resources with Elastic Load Balancer (ELB), see the `aws.elb.Attachment` resource.\n\n\u003e **Note:** `aws.alb.TargetGroupAttachment` is known as `aws.lb.TargetGroupAttachment`. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst testTargetGroup = new aws.lb.TargetGroup(\"test\", {});\nconst testInstance = new aws.ec2.Instance(\"test\", {});\nconst test = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: testTargetGroup.arn,\n targetId: testInstance.id,\n port: 80,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest_target_group = aws.lb.TargetGroup(\"test\")\ntest_instance = aws.ec2.Instance(\"test\")\ntest = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test_target_group.arn,\n target_id=test_instance.id,\n port=80)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testTargetGroup = new Aws.LB.TargetGroup(\"test\");\n\n var testInstance = new Aws.Ec2.Instance(\"test\");\n\n var test = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = testTargetGroup.Arn,\n TargetId = testInstance.Id,\n Port = 80,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttestTargetGroup, err := lb.NewTargetGroup(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := ec2.NewInstance(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: testTargetGroup.Arn,\n\t\t\tTargetId: testInstance.ID(),\n\t\t\tPort: pulumi.Int(80),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testTargetGroup = new TargetGroup(\"testTargetGroup\");\n\n var testInstance = new Instance(\"testInstance\");\n\n var test = new TargetGroupAttachment(\"test\", TargetGroupAttachmentArgs.builder() \n .targetGroupArn(testTargetGroup.arn())\n .targetId(testInstance.id())\n .port(80)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lb:TargetGroupAttachment\n properties:\n targetGroupArn: ${testTargetGroup.arn}\n targetId: ${testInstance.id}\n port: 80\n testTargetGroup:\n type: aws:lb:TargetGroup\n name: test\n testInstance:\n type: aws:ec2:Instance\n name: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Lambda Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lb.TargetGroup(\"test\", {\n name: \"test\",\n targetType: \"lambda\",\n});\nconst testFunction = new aws.lambda.Function(\"test\", {});\nconst withLb = new aws.lambda.Permission(\"with_lb\", {\n statementId: \"AllowExecutionFromlb\",\n action: \"lambda:InvokeFunction\",\n \"function\": testFunction.name,\n principal: \"elasticloadbalancing.amazonaws.com\",\n sourceArn: test.arn,\n});\nconst testTargetGroupAttachment = new aws.lb.TargetGroupAttachment(\"test\", {\n targetGroupArn: test.arn,\n targetId: testFunction.arn,\n}, {\n dependsOn: [withLb],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lb.TargetGroup(\"test\",\n name=\"test\",\n target_type=\"lambda\")\ntest_function = aws.lambda_.Function(\"test\")\nwith_lb = aws.lambda_.Permission(\"with_lb\",\n statement_id=\"AllowExecutionFromlb\",\n action=\"lambda:InvokeFunction\",\n function=test_function.name,\n principal=\"elasticloadbalancing.amazonaws.com\",\n source_arn=test.arn)\ntest_target_group_attachment = aws.lb.TargetGroupAttachment(\"test\",\n target_group_arn=test.arn,\n target_id=test_function.arn,\n opts=pulumi.ResourceOptions(depends_on=[with_lb]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LB.TargetGroup(\"test\", new()\n {\n Name = \"test\",\n TargetType = \"lambda\",\n });\n\n var testFunction = new Aws.Lambda.Function(\"test\");\n\n var withLb = new Aws.Lambda.Permission(\"with_lb\", new()\n {\n StatementId = \"AllowExecutionFromlb\",\n Action = \"lambda:InvokeFunction\",\n Function = testFunction.Name,\n Principal = \"elasticloadbalancing.amazonaws.com\",\n SourceArn = test.Arn,\n });\n\n var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment(\"test\", new()\n {\n TargetGroupArn = test.Arn,\n TargetId = testFunction.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n withLb, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lb\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lb.NewTargetGroup(ctx, \"test\", \u0026lb.TargetGroupArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tTargetType: pulumi.String(\"lambda\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestFunction, err := lambda.NewFunction(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twithLb, err := lambda.NewPermission(ctx, \"with_lb\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromlb\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: testFunction.Name,\n\t\t\tPrincipal: pulumi.String(\"elasticloadbalancing.amazonaws.com\"),\n\t\t\tSourceArn: test.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lb.NewTargetGroupAttachment(ctx, \"test\", \u0026lb.TargetGroupAttachmentArgs{\n\t\t\tTargetGroupArn: test.Arn,\n\t\t\tTargetId: testFunction.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twithLb,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lb.TargetGroup;\nimport com.pulumi.aws.lb.TargetGroupArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.lb.TargetGroupAttachment;\nimport com.pulumi.aws.lb.TargetGroupAttachmentArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new TargetGroup(\"test\", TargetGroupArgs.builder() \n .name(\"test\")\n .targetType(\"lambda\")\n .build());\n\n var testFunction = new Function(\"testFunction\");\n\n var withLb = new Permission(\"withLb\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromlb\")\n .action(\"lambda:InvokeFunction\")\n .function(testFunction.name())\n .principal(\"elasticloadbalancing.amazonaws.com\")\n .sourceArn(test.arn())\n .build());\n\n var testTargetGroupAttachment = new TargetGroupAttachment(\"testTargetGroupAttachment\", TargetGroupAttachmentArgs.builder() \n .targetGroupArn(test.arn())\n .targetId(testFunction.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(withLb)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n withLb:\n type: aws:lambda:Permission\n name: with_lb\n properties:\n statementId: AllowExecutionFromlb\n action: lambda:InvokeFunction\n function: ${testFunction.name}\n principal: elasticloadbalancing.amazonaws.com\n sourceArn: ${test.arn}\n test:\n type: aws:lb:TargetGroup\n properties:\n name: test\n targetType: lambda\n testFunction:\n type: aws:lambda:Function\n name: test\n testTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: test\n properties:\n targetGroupArn: ${test.arn}\n targetId: ${testFunction.arn}\n options:\n dependson:\n - ${withLb}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Registering Multiple Targets\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example: aws.ec2.Instance[] = [];\nfor (const range = {value: 0}; range.value \u003c 3; range.value++) {\n example.push(new aws.ec2.Instance(`example-${range.value}`, {}));\n}\nconst exampleTargetGroup = new aws.lb.TargetGroup(\"example\", {});\nconst exampleTargetGroupAttachment: aws.lb.TargetGroupAttachment[] = [];\npulumi.all(example.map((v, k) =\u003e [k, v]).reduce((__obj, [, ]) =\u003e ({ ...__obj, [k]: v }))).apply(rangeBody =\u003e {\n for (const range of Object.entries(rangeBody).map(([k, v]) =\u003e ({key: k, value: v}))) {\n exampleTargetGroupAttachment.push(new aws.lb.TargetGroupAttachment(`example-${range.key}`, {\n targetGroupArn: exampleTargetGroup.arn,\n targetId: range.value.id,\n port: 80,\n }));\n }\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = []\nfor range in [{\"value\": i} for i in range(0, 3)]:\n example.append(aws.ec2.Instance(f\"example-{range['value']}\"))\nexample_target_group = aws.lb.TargetGroup(\"example\")\nexample_target_group_attachment = []\ndef create_example(range_body):\n for range in [{\"key\": k, \"value\": v} for [k, v] in enumerate(range_body)]:\n example_target_group_attachment.append(aws.lb.TargetGroupAttachment(f\"example-{range['key']}\",\n target_group_arn=example_target_group.arn,\n target_id=range[\"value\"],\n port=80))\n\npulumi.Output.all({k: v for k, v in example}).apply(lambda resolved_outputs: create_example(resolved_outputs[0]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new List\u003cAws.Ec2.Instance\u003e();\n for (var rangeIndex = 0; rangeIndex \u003c 3; rangeIndex++)\n {\n var range = new { Value = rangeIndex };\n example.Add(new Aws.Ec2.Instance($\"example-{range.Value}\", new()\n {\n }));\n }\n var exampleTargetGroup = new Aws.LB.TargetGroup(\"example\");\n\n var exampleTargetGroupAttachment = new List\u003cAws.LB.TargetGroupAttachment\u003e();\n foreach (var range in example.Select((value, i) =\u003e new { Key = i.ToString(), Value = pair.Value }).Select(pair =\u003e new { pair.Key, pair.Value }))\n {\n exampleTargetGroupAttachment.Add(new Aws.LB.TargetGroupAttachment($\"example-{range.Key}\", new()\n {\n TargetGroupArn = exampleTargetGroup.Arn,\n TargetId = range.Value.Id,\n Port = 80,\n }));\n }\n});\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Instance\n options: {}\n exampleTargetGroup:\n type: aws:lb:TargetGroup\n name: example\n exampleTargetGroupAttachment:\n type: aws:lb:TargetGroupAttachment\n name: example\n properties:\n targetGroupArn: ${exampleTargetGroup.arn}\n targetId: ${range.value.id}\n port: 80\n options: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nYou cannot import Target Group Attachments.\n\n", "properties": { "availabilityZone": { "type": "string", @@ -274157,7 +274157,7 @@ } }, "aws:lightsail/distribution:Distribution": { - "description": "Resource for managing an AWS Lightsail Distribution.\n\n## Example Usage\n\n### Basic Usage\n\nBelow is a basic example with a bucket as an origin.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Bucket(\"test\", {\n name: \"test-bucket\",\n bundleId: \"small_1_0\",\n});\nconst testDistribution = new aws.lightsail.Distribution(\"test\", {\n name: \"test-distribution\",\n bundleId: \"small_1_0\",\n origin: {\n name: test.name,\n regionName: test.region,\n },\n defaultCacheBehavior: {\n behavior: \"cache\",\n },\n cacheBehaviorSettings: {\n allowedHttpMethods: \"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\",\n cachedHttpMethods: \"GET,HEAD\",\n defaultTtl: 86400,\n maximumTtl: 31536000,\n minimumTtl: 0,\n forwardedCookies: {\n option: \"none\",\n },\n forwardedHeaders: {\n option: \"default\",\n },\n forwardedQueryStrings: {\n option: false,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Bucket(\"test\",\n name=\"test-bucket\",\n bundle_id=\"small_1_0\")\ntest_distribution = aws.lightsail.Distribution(\"test\",\n name=\"test-distribution\",\n bundle_id=\"small_1_0\",\n origin=aws.lightsail.DistributionOriginArgs(\n name=test.name,\n region_name=test.region,\n ),\n default_cache_behavior=aws.lightsail.DistributionDefaultCacheBehaviorArgs(\n behavior=\"cache\",\n ),\n cache_behavior_settings=aws.lightsail.DistributionCacheBehaviorSettingsArgs(\n allowed_http_methods=\"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\",\n cached_http_methods=\"GET,HEAD\",\n default_ttl=86400,\n maximum_ttl=31536000,\n minimum_ttl=0,\n forwarded_cookies=aws.lightsail.DistributionCacheBehaviorSettingsForwardedCookiesArgs(\n option=\"none\",\n ),\n forwarded_headers=aws.lightsail.DistributionCacheBehaviorSettingsForwardedHeadersArgs(\n option=\"default\",\n ),\n forwarded_query_strings=aws.lightsail.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs(\n option=False,\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Bucket(\"test\", new()\n {\n Name = \"test-bucket\",\n BundleId = \"small_1_0\",\n });\n\n var testDistribution = new Aws.LightSail.Distribution(\"test\", new()\n {\n Name = \"test-distribution\",\n BundleId = \"small_1_0\",\n Origin = new Aws.LightSail.Inputs.DistributionOriginArgs\n {\n Name = test.Name,\n RegionName = test.Region,\n },\n DefaultCacheBehavior = new Aws.LightSail.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n Behavior = \"cache\",\n },\n CacheBehaviorSettings = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsArgs\n {\n AllowedHttpMethods = \"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\",\n CachedHttpMethods = \"GET,HEAD\",\n DefaultTtl = 86400,\n MaximumTtl = 31536000,\n MinimumTtl = 0,\n ForwardedCookies = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsForwardedCookiesArgs\n {\n Option = \"none\",\n },\n ForwardedHeaders = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsForwardedHeadersArgs\n {\n Option = \"default\",\n },\n ForwardedQueryStrings = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs\n {\n Option = false,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lightsail.NewBucket(ctx, \"test\", \u0026lightsail.BucketArgs{\n\t\t\tName: pulumi.String(\"test-bucket\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDistribution(ctx, \"test\", \u0026lightsail.DistributionArgs{\n\t\t\tName: pulumi.String(\"test-distribution\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t\tOrigin: \u0026lightsail.DistributionOriginArgs{\n\t\t\t\tName: test.Name,\n\t\t\t\tRegionName: test.Region,\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026lightsail.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tBehavior: pulumi.String(\"cache\"),\n\t\t\t},\n\t\t\tCacheBehaviorSettings: \u0026lightsail.DistributionCacheBehaviorSettingsArgs{\n\t\t\t\tAllowedHttpMethods: pulumi.String(\"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\"),\n\t\t\t\tCachedHttpMethods: pulumi.String(\"GET,HEAD\"),\n\t\t\t\tDefaultTtl: pulumi.Int(86400),\n\t\t\t\tMaximumTtl: pulumi.Int(31536000),\n\t\t\t\tMinimumTtl: pulumi.Int(0),\n\t\t\t\tForwardedCookies: \u0026lightsail.DistributionCacheBehaviorSettingsForwardedCookiesArgs{\n\t\t\t\t\tOption: pulumi.String(\"none\"),\n\t\t\t\t},\n\t\t\t\tForwardedHeaders: \u0026lightsail.DistributionCacheBehaviorSettingsForwardedHeadersArgs{\n\t\t\t\t\tOption: pulumi.String(\"default\"),\n\t\t\t\t},\n\t\t\t\tForwardedQueryStrings: \u0026lightsail.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs{\n\t\t\t\t\tOption: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Bucket;\nimport com.pulumi.aws.lightsail.BucketArgs;\nimport com.pulumi.aws.lightsail.Distribution;\nimport com.pulumi.aws.lightsail.DistributionArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsForwardedCookiesArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsForwardedHeadersArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Bucket(\"test\", BucketArgs.builder() \n .name(\"test-bucket\")\n .bundleId(\"small_1_0\")\n .build());\n\n var testDistribution = new Distribution(\"testDistribution\", DistributionArgs.builder() \n .name(\"test-distribution\")\n .bundleId(\"small_1_0\")\n .origin(DistributionOriginArgs.builder()\n .name(test.name())\n .regionName(test.region())\n .build())\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .behavior(\"cache\")\n .build())\n .cacheBehaviorSettings(DistributionCacheBehaviorSettingsArgs.builder()\n .allowedHttpMethods(\"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\")\n .cachedHttpMethods(\"GET,HEAD\")\n .defaultTtl(86400)\n .maximumTtl(31536000)\n .minimumTtl(0)\n .forwardedCookies(DistributionCacheBehaviorSettingsForwardedCookiesArgs.builder()\n .option(\"none\")\n .build())\n .forwardedHeaders(DistributionCacheBehaviorSettingsForwardedHeadersArgs.builder()\n .option(\"default\")\n .build())\n .forwardedQueryStrings(DistributionCacheBehaviorSettingsForwardedQueryStringsArgs.builder()\n .option(false)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Bucket\n properties:\n name: test-bucket\n bundleId: small_1_0\n testDistribution:\n type: aws:lightsail:Distribution\n name: test\n properties:\n name: test-distribution\n bundleId: small_1_0\n origin:\n name: ${test.name}\n regionName: ${test.region}\n defaultCacheBehavior:\n behavior: cache\n cacheBehaviorSettings:\n allowedHttpMethods: GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\n cachedHttpMethods: GET,HEAD\n defaultTtl: 86400\n maximumTtl: 3.1536e+07\n minimumTtl: 0\n forwardedCookies:\n option: none\n forwardedHeaders:\n option: default\n forwardedQueryStrings:\n option: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### instance origin example\n\nBelow is an example of an instance as the origin.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst testStaticIp = new aws.lightsail.StaticIp(\"test\", {name: \"test-static-ip\"});\nconst testInstance = new aws.lightsail.Instance(\"test\", {\n name: \"test-instance\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n blueprintId: \"amazon_linux_2\",\n bundleId: \"micro_1_0\",\n});\nconst test = new aws.lightsail.StaticIpAttachment(\"test\", {\n staticIpName: testStaticIp.name,\n instanceName: testInstance.name,\n});\nconst testDistribution = new aws.lightsail.Distribution(\"test\", {\n name: \"test-distribution\",\n bundleId: \"small_1_0\",\n origin: {\n name: testInstance.name,\n regionName: available.then(available =\u003e available.id),\n },\n defaultCacheBehavior: {\n behavior: \"cache\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\",\n filters=[aws.GetAvailabilityZonesFilterArgs(\n name=\"opt-in-status\",\n values=[\"opt-in-not-required\"],\n )])\ntest_static_ip = aws.lightsail.StaticIp(\"test\", name=\"test-static-ip\")\ntest_instance = aws.lightsail.Instance(\"test\",\n name=\"test-instance\",\n availability_zone=available.names[0],\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"micro_1_0\")\ntest = aws.lightsail.StaticIpAttachment(\"test\",\n static_ip_name=test_static_ip.name,\n instance_name=test_instance.name)\ntest_distribution = aws.lightsail.Distribution(\"test\",\n name=\"test-distribution\",\n bundle_id=\"small_1_0\",\n origin=aws.lightsail.DistributionOriginArgs(\n name=test_instance.name,\n region_name=available.id,\n ),\n default_cache_behavior=aws.lightsail.DistributionDefaultCacheBehaviorArgs(\n behavior=\"cache\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var testStaticIp = new Aws.LightSail.StaticIp(\"test\", new()\n {\n Name = \"test-static-ip\",\n });\n\n var testInstance = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"test-instance\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"micro_1_0\",\n });\n\n var test = new Aws.LightSail.StaticIpAttachment(\"test\", new()\n {\n StaticIpName = testStaticIp.Name,\n InstanceName = testInstance.Name,\n });\n\n var testDistribution = new Aws.LightSail.Distribution(\"test\", new()\n {\n Name = \"test-distribution\",\n BundleId = \"small_1_0\",\n Origin = new Aws.LightSail.Inputs.DistributionOriginArgs\n {\n Name = testInstance.Name,\n RegionName = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Id),\n },\n DefaultCacheBehavior = new Aws.LightSail.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n Behavior = \"cache\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStaticIp, err := lightsail.NewStaticIp(ctx, \"test\", \u0026lightsail.StaticIpArgs{\n\t\t\tName: pulumi.String(\"test-static-ip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"test-instance\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"micro_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewStaticIpAttachment(ctx, \"test\", \u0026lightsail.StaticIpAttachmentArgs{\n\t\t\tStaticIpName: testStaticIp.Name,\n\t\t\tInstanceName: testInstance.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDistribution(ctx, \"test\", \u0026lightsail.DistributionArgs{\n\t\t\tName: pulumi.String(\"test-distribution\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t\tOrigin: \u0026lightsail.DistributionOriginArgs{\n\t\t\t\tName: testInstance.Name,\n\t\t\t\tRegionName: pulumi.String(available.Id),\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026lightsail.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tBehavior: pulumi.String(\"cache\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.lightsail.StaticIp;\nimport com.pulumi.aws.lightsail.StaticIpArgs;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.StaticIpAttachment;\nimport com.pulumi.aws.lightsail.StaticIpAttachmentArgs;\nimport com.pulumi.aws.lightsail.Distribution;\nimport com.pulumi.aws.lightsail.DistributionArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var testStaticIp = new StaticIp(\"testStaticIp\", StaticIpArgs.builder() \n .name(\"test-static-ip\")\n .build());\n\n var testInstance = new Instance(\"testInstance\", InstanceArgs.builder() \n .name(\"test-instance\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"micro_1_0\")\n .build());\n\n var test = new StaticIpAttachment(\"test\", StaticIpAttachmentArgs.builder() \n .staticIpName(testStaticIp.name())\n .instanceName(testInstance.name())\n .build());\n\n var testDistribution = new Distribution(\"testDistribution\", DistributionArgs.builder() \n .name(\"test-distribution\")\n .bundleId(\"small_1_0\")\n .origin(DistributionOriginArgs.builder()\n .name(testInstance.name())\n .regionName(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.id()))\n .build())\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .behavior(\"cache\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:StaticIpAttachment\n properties:\n staticIpName: ${testStaticIp.name}\n instanceName: ${testInstance.name}\n testStaticIp:\n type: aws:lightsail:StaticIp\n name: test\n properties:\n name: test-static-ip\n testInstance:\n type: aws:lightsail:Instance\n name: test\n properties:\n name: test-instance\n availabilityZone: ${available.names[0]}\n blueprintId: amazon_linux_2\n bundleId: micro_1_0\n testDistribution:\n type: aws:lightsail:Distribution\n name: test\n properties:\n name: test-distribution\n bundleId: small_1_0\n origin:\n name: ${testInstance.name}\n regionName: ${available.id}\n defaultCacheBehavior:\n behavior: cache\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n filters:\n - name: opt-in-status\n values:\n - opt-in-not-required\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### lb origin example\n\nBelow is an example with a load balancer as an origin\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst test = new aws.lightsail.Lb(\"test\", {\n name: \"test-load-balancer\",\n healthCheckPath: \"/\",\n instancePort: 80,\n tags: {\n foo: \"bar\",\n },\n});\nconst testInstance = new aws.lightsail.Instance(\"test\", {\n name: \"test-instance\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n blueprintId: \"amazon_linux_2\",\n bundleId: \"nano_1_0\",\n});\nconst testLbAttachment = new aws.lightsail.LbAttachment(\"test\", {\n lbName: test.name,\n instanceName: testInstance.name,\n});\nconst testDistribution = new aws.lightsail.Distribution(\"test\", {\n name: \"test-distribution\",\n bundleId: \"small_1_0\",\n origin: {\n name: test.name,\n regionName: available.then(available =\u003e available.id),\n },\n defaultCacheBehavior: {\n behavior: \"cache\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\",\n filters=[aws.GetAvailabilityZonesFilterArgs(\n name=\"opt-in-status\",\n values=[\"opt-in-not-required\"],\n )])\ntest = aws.lightsail.Lb(\"test\",\n name=\"test-load-balancer\",\n health_check_path=\"/\",\n instance_port=80,\n tags={\n \"foo\": \"bar\",\n })\ntest_instance = aws.lightsail.Instance(\"test\",\n name=\"test-instance\",\n availability_zone=available.names[0],\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"nano_1_0\")\ntest_lb_attachment = aws.lightsail.LbAttachment(\"test\",\n lb_name=test.name,\n instance_name=test_instance.name)\ntest_distribution = aws.lightsail.Distribution(\"test\",\n name=\"test-distribution\",\n bundle_id=\"small_1_0\",\n origin=aws.lightsail.DistributionOriginArgs(\n name=test.name,\n region_name=available.id,\n ),\n default_cache_behavior=aws.lightsail.DistributionDefaultCacheBehaviorArgs(\n behavior=\"cache\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var test = new Aws.LightSail.Lb(\"test\", new()\n {\n Name = \"test-load-balancer\",\n HealthCheckPath = \"/\",\n InstancePort = 80,\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n var testInstance = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"test-instance\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"nano_1_0\",\n });\n\n var testLbAttachment = new Aws.LightSail.LbAttachment(\"test\", new()\n {\n LbName = test.Name,\n InstanceName = testInstance.Name,\n });\n\n var testDistribution = new Aws.LightSail.Distribution(\"test\", new()\n {\n Name = \"test-distribution\",\n BundleId = \"small_1_0\",\n Origin = new Aws.LightSail.Inputs.DistributionOriginArgs\n {\n Name = test.Name,\n RegionName = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Id),\n },\n DefaultCacheBehavior = new Aws.LightSail.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n Behavior = \"cache\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := lightsail.NewLb(ctx, \"test\", \u0026lightsail.LbArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer\"),\n\t\t\tHealthCheckPath: pulumi.String(\"/\"),\n\t\t\tInstancePort: pulumi.Int(80),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"test-instance\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"nano_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewLbAttachment(ctx, \"test\", \u0026lightsail.LbAttachmentArgs{\n\t\t\tLbName: test.Name,\n\t\t\tInstanceName: testInstance.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDistribution(ctx, \"test\", \u0026lightsail.DistributionArgs{\n\t\t\tName: pulumi.String(\"test-distribution\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t\tOrigin: \u0026lightsail.DistributionOriginArgs{\n\t\t\t\tName: test.Name,\n\t\t\t\tRegionName: pulumi.String(available.Id),\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026lightsail.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tBehavior: pulumi.String(\"cache\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.lightsail.Lb;\nimport com.pulumi.aws.lightsail.LbArgs;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.LbAttachment;\nimport com.pulumi.aws.lightsail.LbAttachmentArgs;\nimport com.pulumi.aws.lightsail.Distribution;\nimport com.pulumi.aws.lightsail.DistributionArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var test = new Lb(\"test\", LbArgs.builder() \n .name(\"test-load-balancer\")\n .healthCheckPath(\"/\")\n .instancePort(\"80\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n var testInstance = new Instance(\"testInstance\", InstanceArgs.builder() \n .name(\"test-instance\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"nano_1_0\")\n .build());\n\n var testLbAttachment = new LbAttachment(\"testLbAttachment\", LbAttachmentArgs.builder() \n .lbName(test.name())\n .instanceName(testInstance.name())\n .build());\n\n var testDistribution = new Distribution(\"testDistribution\", DistributionArgs.builder() \n .name(\"test-distribution\")\n .bundleId(\"small_1_0\")\n .origin(DistributionOriginArgs.builder()\n .name(test.name())\n .regionName(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.id()))\n .build())\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .behavior(\"cache\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Lb\n properties:\n name: test-load-balancer\n healthCheckPath: /\n instancePort: '80'\n tags:\n foo: bar\n testInstance:\n type: aws:lightsail:Instance\n name: test\n properties:\n name: test-instance\n availabilityZone: ${available.names[0]}\n blueprintId: amazon_linux_2\n bundleId: nano_1_0\n testLbAttachment:\n type: aws:lightsail:LbAttachment\n name: test\n properties:\n lbName: ${test.name}\n instanceName: ${testInstance.name}\n testDistribution:\n type: aws:lightsail:Distribution\n name: test\n properties:\n name: test-distribution\n bundleId: small_1_0\n origin:\n name: ${test.name}\n regionName: ${available.id}\n defaultCacheBehavior:\n behavior: cache\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n filters:\n - name: opt-in-status\n values:\n - opt-in-not-required\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lightsail Distribution using the `id`. For example:\n\n```sh\n$ pulumi import aws:lightsail/distribution:Distribution example rft-8012925589\n```\n", + "description": "Resource for managing an AWS Lightsail Distribution.\n\n## Example Usage\n\n### Basic Usage\n\nBelow is a basic example with a bucket as an origin.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.lightsail.Bucket(\"test\", {\n name: \"test-bucket\",\n bundleId: \"small_1_0\",\n});\nconst testDistribution = new aws.lightsail.Distribution(\"test\", {\n name: \"test-distribution\",\n bundleId: \"small_1_0\",\n origin: {\n name: test.name,\n regionName: test.region,\n },\n defaultCacheBehavior: {\n behavior: \"cache\",\n },\n cacheBehaviorSettings: {\n allowedHttpMethods: \"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\",\n cachedHttpMethods: \"GET,HEAD\",\n defaultTtl: 86400,\n maximumTtl: 31536000,\n minimumTtl: 0,\n forwardedCookies: {\n option: \"none\",\n },\n forwardedHeaders: {\n option: \"default\",\n },\n forwardedQueryStrings: {\n option: false,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.lightsail.Bucket(\"test\",\n name=\"test-bucket\",\n bundle_id=\"small_1_0\")\ntest_distribution = aws.lightsail.Distribution(\"test\",\n name=\"test-distribution\",\n bundle_id=\"small_1_0\",\n origin=aws.lightsail.DistributionOriginArgs(\n name=test.name,\n region_name=test.region,\n ),\n default_cache_behavior=aws.lightsail.DistributionDefaultCacheBehaviorArgs(\n behavior=\"cache\",\n ),\n cache_behavior_settings=aws.lightsail.DistributionCacheBehaviorSettingsArgs(\n allowed_http_methods=\"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\",\n cached_http_methods=\"GET,HEAD\",\n default_ttl=86400,\n maximum_ttl=31536000,\n minimum_ttl=0,\n forwarded_cookies=aws.lightsail.DistributionCacheBehaviorSettingsForwardedCookiesArgs(\n option=\"none\",\n ),\n forwarded_headers=aws.lightsail.DistributionCacheBehaviorSettingsForwardedHeadersArgs(\n option=\"default\",\n ),\n forwarded_query_strings=aws.lightsail.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs(\n option=False,\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.LightSail.Bucket(\"test\", new()\n {\n Name = \"test-bucket\",\n BundleId = \"small_1_0\",\n });\n\n var testDistribution = new Aws.LightSail.Distribution(\"test\", new()\n {\n Name = \"test-distribution\",\n BundleId = \"small_1_0\",\n Origin = new Aws.LightSail.Inputs.DistributionOriginArgs\n {\n Name = test.Name,\n RegionName = test.Region,\n },\n DefaultCacheBehavior = new Aws.LightSail.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n Behavior = \"cache\",\n },\n CacheBehaviorSettings = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsArgs\n {\n AllowedHttpMethods = \"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\",\n CachedHttpMethods = \"GET,HEAD\",\n DefaultTtl = 86400,\n MaximumTtl = 31536000,\n MinimumTtl = 0,\n ForwardedCookies = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsForwardedCookiesArgs\n {\n Option = \"none\",\n },\n ForwardedHeaders = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsForwardedHeadersArgs\n {\n Option = \"default\",\n },\n ForwardedQueryStrings = new Aws.LightSail.Inputs.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs\n {\n Option = false,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := lightsail.NewBucket(ctx, \"test\", \u0026lightsail.BucketArgs{\n\t\t\tName: pulumi.String(\"test-bucket\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDistribution(ctx, \"test\", \u0026lightsail.DistributionArgs{\n\t\t\tName: pulumi.String(\"test-distribution\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t\tOrigin: \u0026lightsail.DistributionOriginArgs{\n\t\t\t\tName: test.Name,\n\t\t\t\tRegionName: test.Region,\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026lightsail.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tBehavior: pulumi.String(\"cache\"),\n\t\t\t},\n\t\t\tCacheBehaviorSettings: \u0026lightsail.DistributionCacheBehaviorSettingsArgs{\n\t\t\t\tAllowedHttpMethods: pulumi.String(\"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\"),\n\t\t\t\tCachedHttpMethods: pulumi.String(\"GET,HEAD\"),\n\t\t\t\tDefaultTtl: pulumi.Int(86400),\n\t\t\t\tMaximumTtl: pulumi.Int(31536000),\n\t\t\t\tMinimumTtl: pulumi.Int(0),\n\t\t\t\tForwardedCookies: \u0026lightsail.DistributionCacheBehaviorSettingsForwardedCookiesArgs{\n\t\t\t\t\tOption: pulumi.String(\"none\"),\n\t\t\t\t},\n\t\t\t\tForwardedHeaders: \u0026lightsail.DistributionCacheBehaviorSettingsForwardedHeadersArgs{\n\t\t\t\t\tOption: pulumi.String(\"default\"),\n\t\t\t\t},\n\t\t\t\tForwardedQueryStrings: \u0026lightsail.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs{\n\t\t\t\t\tOption: pulumi.Bool(false),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.lightsail.Bucket;\nimport com.pulumi.aws.lightsail.BucketArgs;\nimport com.pulumi.aws.lightsail.Distribution;\nimport com.pulumi.aws.lightsail.DistributionArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsForwardedCookiesArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsForwardedHeadersArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionCacheBehaviorSettingsForwardedQueryStringsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Bucket(\"test\", BucketArgs.builder() \n .name(\"test-bucket\")\n .bundleId(\"small_1_0\")\n .build());\n\n var testDistribution = new Distribution(\"testDistribution\", DistributionArgs.builder() \n .name(\"test-distribution\")\n .bundleId(\"small_1_0\")\n .origin(DistributionOriginArgs.builder()\n .name(test.name())\n .regionName(test.region())\n .build())\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .behavior(\"cache\")\n .build())\n .cacheBehaviorSettings(DistributionCacheBehaviorSettingsArgs.builder()\n .allowedHttpMethods(\"GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\")\n .cachedHttpMethods(\"GET,HEAD\")\n .defaultTtl(86400)\n .maximumTtl(31536000)\n .minimumTtl(0)\n .forwardedCookies(DistributionCacheBehaviorSettingsForwardedCookiesArgs.builder()\n .option(\"none\")\n .build())\n .forwardedHeaders(DistributionCacheBehaviorSettingsForwardedHeadersArgs.builder()\n .option(\"default\")\n .build())\n .forwardedQueryStrings(DistributionCacheBehaviorSettingsForwardedQueryStringsArgs.builder()\n .option(false)\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Bucket\n properties:\n name: test-bucket\n bundleId: small_1_0\n testDistribution:\n type: aws:lightsail:Distribution\n name: test\n properties:\n name: test-distribution\n bundleId: small_1_0\n origin:\n name: ${test.name}\n regionName: ${test.region}\n defaultCacheBehavior:\n behavior: cache\n cacheBehaviorSettings:\n allowedHttpMethods: GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE\n cachedHttpMethods: GET,HEAD\n defaultTtl: 86400\n maximumTtl: 3.1536e+07\n minimumTtl: 0\n forwardedCookies:\n option: none\n forwardedHeaders:\n option: default\n forwardedQueryStrings:\n option: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### instance origin example\n\nBelow is an example of an instance as the origin.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst testStaticIp = new aws.lightsail.StaticIp(\"test\", {name: \"test-static-ip\"});\nconst testInstance = new aws.lightsail.Instance(\"test\", {\n name: \"test-instance\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n blueprintId: \"amazon_linux_2\",\n bundleId: \"micro_1_0\",\n});\nconst test = new aws.lightsail.StaticIpAttachment(\"test\", {\n staticIpName: testStaticIp.name,\n instanceName: testInstance.name,\n});\nconst testDistribution = new aws.lightsail.Distribution(\"test\", {\n name: \"test-distribution\",\n bundleId: \"small_1_0\",\n origin: {\n name: testInstance.name,\n regionName: available.then(available =\u003e available.id),\n },\n defaultCacheBehavior: {\n behavior: \"cache\",\n },\n}, {\n dependsOn: [test],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\",\n filters=[aws.GetAvailabilityZonesFilterArgs(\n name=\"opt-in-status\",\n values=[\"opt-in-not-required\"],\n )])\ntest_static_ip = aws.lightsail.StaticIp(\"test\", name=\"test-static-ip\")\ntest_instance = aws.lightsail.Instance(\"test\",\n name=\"test-instance\",\n availability_zone=available.names[0],\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"micro_1_0\")\ntest = aws.lightsail.StaticIpAttachment(\"test\",\n static_ip_name=test_static_ip.name,\n instance_name=test_instance.name)\ntest_distribution = aws.lightsail.Distribution(\"test\",\n name=\"test-distribution\",\n bundle_id=\"small_1_0\",\n origin=aws.lightsail.DistributionOriginArgs(\n name=test_instance.name,\n region_name=available.id,\n ),\n default_cache_behavior=aws.lightsail.DistributionDefaultCacheBehaviorArgs(\n behavior=\"cache\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[test]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var testStaticIp = new Aws.LightSail.StaticIp(\"test\", new()\n {\n Name = \"test-static-ip\",\n });\n\n var testInstance = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"test-instance\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"micro_1_0\",\n });\n\n var test = new Aws.LightSail.StaticIpAttachment(\"test\", new()\n {\n StaticIpName = testStaticIp.Name,\n InstanceName = testInstance.Name,\n });\n\n var testDistribution = new Aws.LightSail.Distribution(\"test\", new()\n {\n Name = \"test-distribution\",\n BundleId = \"small_1_0\",\n Origin = new Aws.LightSail.Inputs.DistributionOriginArgs\n {\n Name = testInstance.Name,\n RegionName = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Id),\n },\n DefaultCacheBehavior = new Aws.LightSail.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n Behavior = \"cache\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestStaticIp, err := lightsail.NewStaticIp(ctx, \"test\", \u0026lightsail.StaticIpArgs{\n\t\t\tName: pulumi.String(\"test-static-ip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"test-instance\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"micro_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := lightsail.NewStaticIpAttachment(ctx, \"test\", \u0026lightsail.StaticIpAttachmentArgs{\n\t\t\tStaticIpName: testStaticIp.Name,\n\t\t\tInstanceName: testInstance.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDistribution(ctx, \"test\", \u0026lightsail.DistributionArgs{\n\t\t\tName: pulumi.String(\"test-distribution\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t\tOrigin: \u0026lightsail.DistributionOriginArgs{\n\t\t\t\tName: testInstance.Name,\n\t\t\t\tRegionName: pulumi.String(available.Id),\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026lightsail.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tBehavior: pulumi.String(\"cache\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttest,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.lightsail.StaticIp;\nimport com.pulumi.aws.lightsail.StaticIpArgs;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.StaticIpAttachment;\nimport com.pulumi.aws.lightsail.StaticIpAttachmentArgs;\nimport com.pulumi.aws.lightsail.Distribution;\nimport com.pulumi.aws.lightsail.DistributionArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var testStaticIp = new StaticIp(\"testStaticIp\", StaticIpArgs.builder() \n .name(\"test-static-ip\")\n .build());\n\n var testInstance = new Instance(\"testInstance\", InstanceArgs.builder() \n .name(\"test-instance\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"micro_1_0\")\n .build());\n\n var test = new StaticIpAttachment(\"test\", StaticIpAttachmentArgs.builder() \n .staticIpName(testStaticIp.name())\n .instanceName(testInstance.name())\n .build());\n\n var testDistribution = new Distribution(\"testDistribution\", DistributionArgs.builder() \n .name(\"test-distribution\")\n .bundleId(\"small_1_0\")\n .origin(DistributionOriginArgs.builder()\n .name(testInstance.name())\n .regionName(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.id()))\n .build())\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .behavior(\"cache\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:StaticIpAttachment\n properties:\n staticIpName: ${testStaticIp.name}\n instanceName: ${testInstance.name}\n testStaticIp:\n type: aws:lightsail:StaticIp\n name: test\n properties:\n name: test-static-ip\n testInstance:\n type: aws:lightsail:Instance\n name: test\n properties:\n name: test-instance\n availabilityZone: ${available.names[0]}\n blueprintId: amazon_linux_2\n bundleId: micro_1_0\n testDistribution:\n type: aws:lightsail:Distribution\n name: test\n properties:\n name: test-distribution\n bundleId: small_1_0\n origin:\n name: ${testInstance.name}\n regionName: ${available.id}\n defaultCacheBehavior:\n behavior: cache\n options:\n dependson:\n - ${test}\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n filters:\n - name: opt-in-status\n values:\n - opt-in-not-required\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### lb origin example\n\nBelow is an example with a load balancer as an origin\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst available = aws.getAvailabilityZones({\n state: \"available\",\n filters: [{\n name: \"opt-in-status\",\n values: [\"opt-in-not-required\"],\n }],\n});\nconst test = new aws.lightsail.Lb(\"test\", {\n name: \"test-load-balancer\",\n healthCheckPath: \"/\",\n instancePort: 80,\n tags: {\n foo: \"bar\",\n },\n});\nconst testInstance = new aws.lightsail.Instance(\"test\", {\n name: \"test-instance\",\n availabilityZone: available.then(available =\u003e available.names?.[0]),\n blueprintId: \"amazon_linux_2\",\n bundleId: \"nano_1_0\",\n});\nconst testLbAttachment = new aws.lightsail.LbAttachment(\"test\", {\n lbName: test.name,\n instanceName: testInstance.name,\n});\nconst testDistribution = new aws.lightsail.Distribution(\"test\", {\n name: \"test-distribution\",\n bundleId: \"small_1_0\",\n origin: {\n name: test.name,\n regionName: available.then(available =\u003e available.id),\n },\n defaultCacheBehavior: {\n behavior: \"cache\",\n },\n}, {\n dependsOn: [testLbAttachment],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\navailable = aws.get_availability_zones(state=\"available\",\n filters=[aws.GetAvailabilityZonesFilterArgs(\n name=\"opt-in-status\",\n values=[\"opt-in-not-required\"],\n )])\ntest = aws.lightsail.Lb(\"test\",\n name=\"test-load-balancer\",\n health_check_path=\"/\",\n instance_port=80,\n tags={\n \"foo\": \"bar\",\n })\ntest_instance = aws.lightsail.Instance(\"test\",\n name=\"test-instance\",\n availability_zone=available.names[0],\n blueprint_id=\"amazon_linux_2\",\n bundle_id=\"nano_1_0\")\ntest_lb_attachment = aws.lightsail.LbAttachment(\"test\",\n lb_name=test.name,\n instance_name=test_instance.name)\ntest_distribution = aws.lightsail.Distribution(\"test\",\n name=\"test-distribution\",\n bundle_id=\"small_1_0\",\n origin=aws.lightsail.DistributionOriginArgs(\n name=test.name,\n region_name=available.id,\n ),\n default_cache_behavior=aws.lightsail.DistributionDefaultCacheBehaviorArgs(\n behavior=\"cache\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[test_lb_attachment]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var available = Aws.GetAvailabilityZones.Invoke(new()\n {\n State = \"available\",\n Filters = new[]\n {\n new Aws.Inputs.GetAvailabilityZonesFilterInputArgs\n {\n Name = \"opt-in-status\",\n Values = new[]\n {\n \"opt-in-not-required\",\n },\n },\n },\n });\n\n var test = new Aws.LightSail.Lb(\"test\", new()\n {\n Name = \"test-load-balancer\",\n HealthCheckPath = \"/\",\n InstancePort = 80,\n Tags = \n {\n { \"foo\", \"bar\" },\n },\n });\n\n var testInstance = new Aws.LightSail.Instance(\"test\", new()\n {\n Name = \"test-instance\",\n AvailabilityZone = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Names[0]),\n BlueprintId = \"amazon_linux_2\",\n BundleId = \"nano_1_0\",\n });\n\n var testLbAttachment = new Aws.LightSail.LbAttachment(\"test\", new()\n {\n LbName = test.Name,\n InstanceName = testInstance.Name,\n });\n\n var testDistribution = new Aws.LightSail.Distribution(\"test\", new()\n {\n Name = \"test-distribution\",\n BundleId = \"small_1_0\",\n Origin = new Aws.LightSail.Inputs.DistributionOriginArgs\n {\n Name = test.Name,\n RegionName = available.Apply(getAvailabilityZonesResult =\u003e getAvailabilityZonesResult.Id),\n },\n DefaultCacheBehavior = new Aws.LightSail.Inputs.DistributionDefaultCacheBehaviorArgs\n {\n Behavior = \"cache\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testLbAttachment, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lightsail\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tavailable, err := aws.GetAvailabilityZones(ctx, \u0026aws.GetAvailabilityZonesArgs{\n\t\t\tState: pulumi.StringRef(\"available\"),\n\t\t\tFilters: []aws.GetAvailabilityZonesFilter{\n\t\t\t\t{\n\t\t\t\t\tName: \"opt-in-status\",\n\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\"opt-in-not-required\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := lightsail.NewLb(ctx, \"test\", \u0026lightsail.LbArgs{\n\t\t\tName: pulumi.String(\"test-load-balancer\"),\n\t\t\tHealthCheckPath: pulumi.String(\"/\"),\n\t\t\tInstancePort: pulumi.Int(80),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestInstance, err := lightsail.NewInstance(ctx, \"test\", \u0026lightsail.InstanceArgs{\n\t\t\tName: pulumi.String(\"test-instance\"),\n\t\t\tAvailabilityZone: pulumi.String(available.Names[0]),\n\t\t\tBlueprintId: pulumi.String(\"amazon_linux_2\"),\n\t\t\tBundleId: pulumi.String(\"nano_1_0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestLbAttachment, err := lightsail.NewLbAttachment(ctx, \"test\", \u0026lightsail.LbAttachmentArgs{\n\t\t\tLbName: test.Name,\n\t\t\tInstanceName: testInstance.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lightsail.NewDistribution(ctx, \"test\", \u0026lightsail.DistributionArgs{\n\t\t\tName: pulumi.String(\"test-distribution\"),\n\t\t\tBundleId: pulumi.String(\"small_1_0\"),\n\t\t\tOrigin: \u0026lightsail.DistributionOriginArgs{\n\t\t\t\tName: test.Name,\n\t\t\t\tRegionName: pulumi.String(available.Id),\n\t\t\t},\n\t\t\tDefaultCacheBehavior: \u0026lightsail.DistributionDefaultCacheBehaviorArgs{\n\t\t\t\tBehavior: pulumi.String(\"cache\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestLbAttachment,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetAvailabilityZonesArgs;\nimport com.pulumi.aws.lightsail.Lb;\nimport com.pulumi.aws.lightsail.LbArgs;\nimport com.pulumi.aws.lightsail.Instance;\nimport com.pulumi.aws.lightsail.InstanceArgs;\nimport com.pulumi.aws.lightsail.LbAttachment;\nimport com.pulumi.aws.lightsail.LbAttachmentArgs;\nimport com.pulumi.aws.lightsail.Distribution;\nimport com.pulumi.aws.lightsail.DistributionArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionOriginArgs;\nimport com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()\n .state(\"available\")\n .filters(GetAvailabilityZonesFilterArgs.builder()\n .name(\"opt-in-status\")\n .values(\"opt-in-not-required\")\n .build())\n .build());\n\n var test = new Lb(\"test\", LbArgs.builder() \n .name(\"test-load-balancer\")\n .healthCheckPath(\"/\")\n .instancePort(\"80\")\n .tags(Map.of(\"foo\", \"bar\"))\n .build());\n\n var testInstance = new Instance(\"testInstance\", InstanceArgs.builder() \n .name(\"test-instance\")\n .availabilityZone(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.names()[0]))\n .blueprintId(\"amazon_linux_2\")\n .bundleId(\"nano_1_0\")\n .build());\n\n var testLbAttachment = new LbAttachment(\"testLbAttachment\", LbAttachmentArgs.builder() \n .lbName(test.name())\n .instanceName(testInstance.name())\n .build());\n\n var testDistribution = new Distribution(\"testDistribution\", DistributionArgs.builder() \n .name(\"test-distribution\")\n .bundleId(\"small_1_0\")\n .origin(DistributionOriginArgs.builder()\n .name(test.name())\n .regionName(available.applyValue(getAvailabilityZonesResult -\u003e getAvailabilityZonesResult.id()))\n .build())\n .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()\n .behavior(\"cache\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(testLbAttachment)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:lightsail:Lb\n properties:\n name: test-load-balancer\n healthCheckPath: /\n instancePort: '80'\n tags:\n foo: bar\n testInstance:\n type: aws:lightsail:Instance\n name: test\n properties:\n name: test-instance\n availabilityZone: ${available.names[0]}\n blueprintId: amazon_linux_2\n bundleId: nano_1_0\n testLbAttachment:\n type: aws:lightsail:LbAttachment\n name: test\n properties:\n lbName: ${test.name}\n instanceName: ${testInstance.name}\n testDistribution:\n type: aws:lightsail:Distribution\n name: test\n properties:\n name: test-distribution\n bundleId: small_1_0\n origin:\n name: ${test.name}\n regionName: ${available.id}\n defaultCacheBehavior:\n behavior: cache\n options:\n dependson:\n - ${testLbAttachment}\nvariables:\n available:\n fn::invoke:\n Function: aws:getAvailabilityZones\n Arguments:\n state: available\n filters:\n - name: opt-in-status\n values:\n - opt-in-not-required\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Lightsail Distribution using the `id`. For example:\n\n```sh\n$ pulumi import aws:lightsail/distribution:Distribution example rft-8012925589\n```\n", "properties": { "alternativeDomainNames": { "type": "array", @@ -276878,7 +276878,7 @@ } }, "aws:macie/customDataIdentifier:CustomDataIdentifier": { - "description": "Provides a resource to manage an [AWS Macie Custom Data Identifier](https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleCustomDataIdentifier = new aws.macie.CustomDataIdentifier(\"example\", {\n name: \"NAME OF CUSTOM DATA IDENTIFIER\",\n regex: \"[0-9]{3}-[0-9]{2}-[0-9]{4}\",\n description: \"DESCRIPTION\",\n maximumMatchDistance: 10,\n keywords: [\"keyword\"],\n ignoreWords: [\"ignore\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_custom_data_identifier = aws.macie.CustomDataIdentifier(\"example\",\n name=\"NAME OF CUSTOM DATA IDENTIFIER\",\n regex=\"[0-9]{3}-[0-9]{2}-[0-9]{4}\",\n description=\"DESCRIPTION\",\n maximum_match_distance=10,\n keywords=[\"keyword\"],\n ignore_words=[\"ignore\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleCustomDataIdentifier = new Aws.Macie.CustomDataIdentifier(\"example\", new()\n {\n Name = \"NAME OF CUSTOM DATA IDENTIFIER\",\n Regex = \"[0-9]{3}-[0-9]{2}-[0-9]{4}\",\n Description = \"DESCRIPTION\",\n MaximumMatchDistance = 10,\n Keywords = new[]\n {\n \"keyword\",\n },\n IgnoreWords = new[]\n {\n \"ignore\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie.NewCustomDataIdentifier(ctx, \"example\", \u0026macie.CustomDataIdentifierArgs{\n\t\t\tName: pulumi.String(\"NAME OF CUSTOM DATA IDENTIFIER\"),\n\t\t\tRegex: pulumi.String(\"[0-9]{3}-[0-9]{2}-[0-9]{4}\"),\n\t\t\tDescription: pulumi.String(\"DESCRIPTION\"),\n\t\t\tMaximumMatchDistance: pulumi.Int(10),\n\t\t\tKeywords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"keyword\"),\n\t\t\t},\n\t\t\tIgnoreWords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ignore\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie.CustomDataIdentifier;\nimport com.pulumi.aws.macie.CustomDataIdentifierArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleCustomDataIdentifier = new CustomDataIdentifier(\"exampleCustomDataIdentifier\", CustomDataIdentifierArgs.builder() \n .name(\"NAME OF CUSTOM DATA IDENTIFIER\")\n .regex(\"[0-9]{3}-[0-9]{2}-[0-9]{4}\")\n .description(\"DESCRIPTION\")\n .maximumMatchDistance(10)\n .keywords(\"keyword\")\n .ignoreWords(\"ignore\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleCustomDataIdentifier:\n type: aws:macie:CustomDataIdentifier\n name: example\n properties:\n name: NAME OF CUSTOM DATA IDENTIFIER\n regex: '[0-9]{3}-[0-9]{2}-[0-9]{4}'\n description: DESCRIPTION\n maximumMatchDistance: 10\n keywords:\n - keyword\n ignoreWords:\n - ignore\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_custom_data_identifier` using the id. For example:\n\n```sh\n$ pulumi import aws:macie/customDataIdentifier:CustomDataIdentifier example abcd1\n```\n", + "description": "Provides a resource to manage an [AWS Macie Custom Data Identifier](https://docs.aws.amazon.com/macie/latest/APIReference/custom-data-identifiers-id.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleCustomDataIdentifier = new aws.macie.CustomDataIdentifier(\"example\", {\n name: \"NAME OF CUSTOM DATA IDENTIFIER\",\n regex: \"[0-9]{3}-[0-9]{2}-[0-9]{4}\",\n description: \"DESCRIPTION\",\n maximumMatchDistance: 10,\n keywords: [\"keyword\"],\n ignoreWords: [\"ignore\"],\n}, {\n dependsOn: [test],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_custom_data_identifier = aws.macie.CustomDataIdentifier(\"example\",\n name=\"NAME OF CUSTOM DATA IDENTIFIER\",\n regex=\"[0-9]{3}-[0-9]{2}-[0-9]{4}\",\n description=\"DESCRIPTION\",\n maximum_match_distance=10,\n keywords=[\"keyword\"],\n ignore_words=[\"ignore\"],\n opts=pulumi.ResourceOptions(depends_on=[test]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleCustomDataIdentifier = new Aws.Macie.CustomDataIdentifier(\"example\", new()\n {\n Name = \"NAME OF CUSTOM DATA IDENTIFIER\",\n Regex = \"[0-9]{3}-[0-9]{2}-[0-9]{4}\",\n Description = \"DESCRIPTION\",\n MaximumMatchDistance = 10,\n Keywords = new[]\n {\n \"keyword\",\n },\n IgnoreWords = new[]\n {\n \"ignore\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie.NewCustomDataIdentifier(ctx, \"example\", \u0026macie.CustomDataIdentifierArgs{\n\t\t\tName: pulumi.String(\"NAME OF CUSTOM DATA IDENTIFIER\"),\n\t\t\tRegex: pulumi.String(\"[0-9]{3}-[0-9]{2}-[0-9]{4}\"),\n\t\t\tDescription: pulumi.String(\"DESCRIPTION\"),\n\t\t\tMaximumMatchDistance: pulumi.Int(10),\n\t\t\tKeywords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"keyword\"),\n\t\t\t},\n\t\t\tIgnoreWords: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"ignore\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttest,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie.CustomDataIdentifier;\nimport com.pulumi.aws.macie.CustomDataIdentifierArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleCustomDataIdentifier = new CustomDataIdentifier(\"exampleCustomDataIdentifier\", CustomDataIdentifierArgs.builder() \n .name(\"NAME OF CUSTOM DATA IDENTIFIER\")\n .regex(\"[0-9]{3}-[0-9]{2}-[0-9]{4}\")\n .description(\"DESCRIPTION\")\n .maximumMatchDistance(10)\n .keywords(\"keyword\")\n .ignoreWords(\"ignore\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(test)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleCustomDataIdentifier:\n type: aws:macie:CustomDataIdentifier\n name: example\n properties:\n name: NAME OF CUSTOM DATA IDENTIFIER\n regex: '[0-9]{3}-[0-9]{2}-[0-9]{4}'\n description: DESCRIPTION\n maximumMatchDistance: 10\n keywords:\n - keyword\n ignoreWords:\n - ignore\n options:\n dependson:\n - ${test}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_custom_data_identifier` using the id. For example:\n\n```sh\n$ pulumi import aws:macie/customDataIdentifier:CustomDataIdentifier example abcd1\n```\n", "properties": { "arn": { "type": "string", @@ -277069,7 +277069,7 @@ } }, "aws:macie/findingsFilter:FindingsFilter": { - "description": "Provides a resource to manage an [Amazon Macie Findings Filter](https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst test = new aws.macie.FindingsFilter(\"test\", {\n name: \"NAME OF THE FINDINGS FILTER\",\n description: \"DESCRIPTION\",\n position: 1,\n action: \"ARCHIVE\",\n findingCriteria: {\n criterions: [{\n field: \"region\",\n eqs: [current.name],\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\ntest = aws.macie.FindingsFilter(\"test\",\n name=\"NAME OF THE FINDINGS FILTER\",\n description=\"DESCRIPTION\",\n position=1,\n action=\"ARCHIVE\",\n finding_criteria=aws.macie.FindingsFilterFindingCriteriaArgs(\n criterions=[aws.macie.FindingsFilterFindingCriteriaCriterionArgs(\n field=\"region\",\n eqs=[current[\"name\"]],\n )],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var test = new Aws.Macie.FindingsFilter(\"test\", new()\n {\n Name = \"NAME OF THE FINDINGS FILTER\",\n Description = \"DESCRIPTION\",\n Position = 1,\n Action = \"ARCHIVE\",\n FindingCriteria = new Aws.Macie.Inputs.FindingsFilterFindingCriteriaArgs\n {\n Criterions = new[]\n {\n new Aws.Macie.Inputs.FindingsFilterFindingCriteriaCriterionArgs\n {\n Field = \"region\",\n Eqs = new[]\n {\n current.Name,\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie.NewFindingsFilter(ctx, \"test\", \u0026macie.FindingsFilterArgs{\n\t\t\tName: pulumi.String(\"NAME OF THE FINDINGS FILTER\"),\n\t\t\tDescription: pulumi.String(\"DESCRIPTION\"),\n\t\t\tPosition: pulumi.Int(1),\n\t\t\tAction: pulumi.String(\"ARCHIVE\"),\n\t\t\tFindingCriteria: \u0026macie.FindingsFilterFindingCriteriaArgs{\n\t\t\t\tCriterions: macie.FindingsFilterFindingCriteriaCriterionArray{\n\t\t\t\t\t\u0026macie.FindingsFilterFindingCriteriaCriterionArgs{\n\t\t\t\t\t\tField: pulumi.String(\"region\"),\n\t\t\t\t\t\tEqs: pulumi.StringArray{\n\t\t\t\t\t\t\tcurrent.Name,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie.FindingsFilter;\nimport com.pulumi.aws.macie.FindingsFilterArgs;\nimport com.pulumi.aws.macie.inputs.FindingsFilterFindingCriteriaArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var test = new FindingsFilter(\"test\", FindingsFilterArgs.builder() \n .name(\"NAME OF THE FINDINGS FILTER\")\n .description(\"DESCRIPTION\")\n .position(1)\n .action(\"ARCHIVE\")\n .findingCriteria(FindingsFilterFindingCriteriaArgs.builder()\n .criterions(FindingsFilterFindingCriteriaCriterionArgs.builder()\n .field(\"region\")\n .eqs(current.name())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n test:\n type: aws:macie:FindingsFilter\n properties:\n name: NAME OF THE FINDINGS FILTER\n description: DESCRIPTION\n position: 1\n action: ARCHIVE\n findingCriteria:\n criterions:\n - field: region\n eqs:\n - ${current.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_findings_filter` using the id. For example:\n\n```sh\n$ pulumi import aws:macie/findingsFilter:FindingsFilter example abcd1\n```\n", + "description": "Provides a resource to manage an [Amazon Macie Findings Filter](https://docs.aws.amazon.com/macie/latest/APIReference/findingsfilters-id.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst test = new aws.macie.FindingsFilter(\"test\", {\n name: \"NAME OF THE FINDINGS FILTER\",\n description: \"DESCRIPTION\",\n position: 1,\n action: \"ARCHIVE\",\n findingCriteria: {\n criterions: [{\n field: \"region\",\n eqs: [current.name],\n }],\n },\n}, {\n dependsOn: [testAwsMacie2Account],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\ntest = aws.macie.FindingsFilter(\"test\",\n name=\"NAME OF THE FINDINGS FILTER\",\n description=\"DESCRIPTION\",\n position=1,\n action=\"ARCHIVE\",\n finding_criteria=aws.macie.FindingsFilterFindingCriteriaArgs(\n criterions=[aws.macie.FindingsFilterFindingCriteriaCriterionArgs(\n field=\"region\",\n eqs=[current[\"name\"]],\n )],\n ),\n opts=pulumi.ResourceOptions(depends_on=[test_aws_macie2_account]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var test = new Aws.Macie.FindingsFilter(\"test\", new()\n {\n Name = \"NAME OF THE FINDINGS FILTER\",\n Description = \"DESCRIPTION\",\n Position = 1,\n Action = \"ARCHIVE\",\n FindingCriteria = new Aws.Macie.Inputs.FindingsFilterFindingCriteriaArgs\n {\n Criterions = new[]\n {\n new Aws.Macie.Inputs.FindingsFilterFindingCriteriaCriterionArgs\n {\n Field = \"region\",\n Eqs = new[]\n {\n current.Name,\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testAwsMacie2Account, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie.NewFindingsFilter(ctx, \"test\", \u0026macie.FindingsFilterArgs{\n\t\t\tName: pulumi.String(\"NAME OF THE FINDINGS FILTER\"),\n\t\t\tDescription: pulumi.String(\"DESCRIPTION\"),\n\t\t\tPosition: pulumi.Int(1),\n\t\t\tAction: pulumi.String(\"ARCHIVE\"),\n\t\t\tFindingCriteria: \u0026macie.FindingsFilterFindingCriteriaArgs{\n\t\t\t\tCriterions: macie.FindingsFilterFindingCriteriaCriterionArray{\n\t\t\t\t\t\u0026macie.FindingsFilterFindingCriteriaCriterionArgs{\n\t\t\t\t\t\tField: pulumi.String(\"region\"),\n\t\t\t\t\t\tEqs: pulumi.StringArray{\n\t\t\t\t\t\t\tcurrent.Name,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestAwsMacie2Account,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie.FindingsFilter;\nimport com.pulumi.aws.macie.FindingsFilterArgs;\nimport com.pulumi.aws.macie.inputs.FindingsFilterFindingCriteriaArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var test = new FindingsFilter(\"test\", FindingsFilterArgs.builder() \n .name(\"NAME OF THE FINDINGS FILTER\")\n .description(\"DESCRIPTION\")\n .position(1)\n .action(\"ARCHIVE\")\n .findingCriteria(FindingsFilterFindingCriteriaArgs.builder()\n .criterions(FindingsFilterFindingCriteriaCriterionArgs.builder()\n .field(\"region\")\n .eqs(current.name())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(testAwsMacie2Account)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n test:\n type: aws:macie:FindingsFilter\n properties:\n name: NAME OF THE FINDINGS FILTER\n description: DESCRIPTION\n position: 1\n action: ARCHIVE\n findingCriteria:\n criterions:\n - field: region\n eqs:\n - ${current.name}\n options:\n dependson:\n - ${testAwsMacie2Account}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_findings_filter` using the id. For example:\n\n```sh\n$ pulumi import aws:macie/findingsFilter:FindingsFilter example abcd1\n```\n", "properties": { "action": { "type": "string", @@ -277281,7 +277281,7 @@ } }, "aws:macie2/classificationExportConfiguration:ClassificationExportConfiguration": { - "description": "Provides a resource to manage an [Amazon Macie Classification Export Configuration](https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleClassificationExportConfiguration = new aws.macie2.ClassificationExportConfiguration(\"example\", {s3Destination: {\n bucketName: exampleAwsS3Bucket.bucket,\n keyPrefix: \"exampleprefix/\",\n kmsKeyArn: exampleAwsKmsKey.arn,\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_classification_export_configuration = aws.macie2.ClassificationExportConfiguration(\"example\", s3_destination=aws.macie2.ClassificationExportConfigurationS3DestinationArgs(\n bucket_name=example_aws_s3_bucket[\"bucket\"],\n key_prefix=\"exampleprefix/\",\n kms_key_arn=example_aws_kms_key[\"arn\"],\n))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleClassificationExportConfiguration = new Aws.Macie2.ClassificationExportConfiguration(\"example\", new()\n {\n S3Destination = new Aws.Macie2.Inputs.ClassificationExportConfigurationS3DestinationArgs\n {\n BucketName = exampleAwsS3Bucket.Bucket,\n KeyPrefix = \"exampleprefix/\",\n KmsKeyArn = exampleAwsKmsKey.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewClassificationExportConfiguration(ctx, \"example\", \u0026macie2.ClassificationExportConfigurationArgs{\n\t\t\tS3Destination: \u0026macie2.ClassificationExportConfigurationS3DestinationArgs{\n\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Bucket),\n\t\t\t\tKeyPrefix: pulumi.String(\"exampleprefix/\"),\n\t\t\t\tKmsKeyArn: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.ClassificationExportConfiguration;\nimport com.pulumi.aws.macie2.ClassificationExportConfigurationArgs;\nimport com.pulumi.aws.macie2.inputs.ClassificationExportConfigurationS3DestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleClassificationExportConfiguration = new ClassificationExportConfiguration(\"exampleClassificationExportConfiguration\", ClassificationExportConfigurationArgs.builder() \n .s3Destination(ClassificationExportConfigurationS3DestinationArgs.builder()\n .bucketName(exampleAwsS3Bucket.bucket())\n .keyPrefix(\"exampleprefix/\")\n .kmsKeyArn(exampleAwsKmsKey.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleClassificationExportConfiguration:\n type: aws:macie2:ClassificationExportConfiguration\n name: example\n properties:\n s3Destination:\n bucketName: ${exampleAwsS3Bucket.bucket}\n keyPrefix: exampleprefix/\n kmsKeyArn: ${exampleAwsKmsKey.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_classification_export_configuration` using the account ID and region. For example:\n\n```sh\n$ pulumi import aws:macie2/classificationExportConfiguration:ClassificationExportConfiguration example 123456789012:us-west-2\n```\n", + "description": "Provides a resource to manage an [Amazon Macie Classification Export Configuration](https://docs.aws.amazon.com/macie/latest/APIReference/classification-export-configuration.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleClassificationExportConfiguration = new aws.macie2.ClassificationExportConfiguration(\"example\", {s3Destination: {\n bucketName: exampleAwsS3Bucket.bucket,\n keyPrefix: \"exampleprefix/\",\n kmsKeyArn: exampleAwsKmsKey.arn,\n}}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_classification_export_configuration = aws.macie2.ClassificationExportConfiguration(\"example\", s3_destination=aws.macie2.ClassificationExportConfigurationS3DestinationArgs(\n bucket_name=example_aws_s3_bucket[\"bucket\"],\n key_prefix=\"exampleprefix/\",\n kms_key_arn=example_aws_kms_key[\"arn\"],\n),\nopts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleClassificationExportConfiguration = new Aws.Macie2.ClassificationExportConfiguration(\"example\", new()\n {\n S3Destination = new Aws.Macie2.Inputs.ClassificationExportConfigurationS3DestinationArgs\n {\n BucketName = exampleAwsS3Bucket.Bucket,\n KeyPrefix = \"exampleprefix/\",\n KmsKeyArn = exampleAwsKmsKey.Arn,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewClassificationExportConfiguration(ctx, \"example\", \u0026macie2.ClassificationExportConfigurationArgs{\n\t\t\tS3Destination: \u0026macie2.ClassificationExportConfigurationS3DestinationArgs{\n\t\t\t\tBucketName: pulumi.Any(exampleAwsS3Bucket.Bucket),\n\t\t\t\tKeyPrefix: pulumi.String(\"exampleprefix/\"),\n\t\t\t\tKmsKeyArn: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.ClassificationExportConfiguration;\nimport com.pulumi.aws.macie2.ClassificationExportConfigurationArgs;\nimport com.pulumi.aws.macie2.inputs.ClassificationExportConfigurationS3DestinationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleClassificationExportConfiguration = new ClassificationExportConfiguration(\"exampleClassificationExportConfiguration\", ClassificationExportConfigurationArgs.builder() \n .s3Destination(ClassificationExportConfigurationS3DestinationArgs.builder()\n .bucketName(exampleAwsS3Bucket.bucket())\n .keyPrefix(\"exampleprefix/\")\n .kmsKeyArn(exampleAwsKmsKey.arn())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleClassificationExportConfiguration:\n type: aws:macie2:ClassificationExportConfiguration\n name: example\n properties:\n s3Destination:\n bucketName: ${exampleAwsS3Bucket.bucket}\n keyPrefix: exampleprefix/\n kmsKeyArn: ${exampleAwsKmsKey.arn}\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_classification_export_configuration` using the account ID and region. For example:\n\n```sh\n$ pulumi import aws:macie2/classificationExportConfiguration:ClassificationExportConfiguration example 123456789012:us-west-2\n```\n", "properties": { "s3Destination": { "$ref": "#/types/aws:macie2/ClassificationExportConfigurationS3Destination:ClassificationExportConfigurationS3Destination", @@ -277306,7 +277306,7 @@ } }, "aws:macie2/classificationJob:ClassificationJob": { - "description": "Provides a resource to manage an [AWS Macie Classification Job](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.macie2.Account(\"test\", {});\nconst testClassificationJob = new aws.macie2.ClassificationJob(\"test\", {\n jobType: \"ONE_TIME\",\n name: \"NAME OF THE CLASSIFICATION JOB\",\n s3JobDefinition: {\n bucketDefinitions: [{\n accountId: \"ACCOUNT ID\",\n buckets: [\"S3 BUCKET NAME\"],\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.macie2.Account(\"test\")\ntest_classification_job = aws.macie2.ClassificationJob(\"test\",\n job_type=\"ONE_TIME\",\n name=\"NAME OF THE CLASSIFICATION JOB\",\n s3_job_definition=aws.macie2.ClassificationJobS3JobDefinitionArgs(\n bucket_definitions=[aws.macie2.ClassificationJobS3JobDefinitionBucketDefinitionArgs(\n account_id=\"ACCOUNT ID\",\n buckets=[\"S3 BUCKET NAME\"],\n )],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Macie2.Account(\"test\");\n\n var testClassificationJob = new Aws.Macie2.ClassificationJob(\"test\", new()\n {\n JobType = \"ONE_TIME\",\n Name = \"NAME OF THE CLASSIFICATION JOB\",\n S3JobDefinition = new Aws.Macie2.Inputs.ClassificationJobS3JobDefinitionArgs\n {\n BucketDefinitions = new[]\n {\n new Aws.Macie2.Inputs.ClassificationJobS3JobDefinitionBucketDefinitionArgs\n {\n AccountId = \"ACCOUNT ID\",\n Buckets = new[]\n {\n \"S3 BUCKET NAME\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewClassificationJob(ctx, \"test\", \u0026macie2.ClassificationJobArgs{\n\t\t\tJobType: pulumi.String(\"ONE_TIME\"),\n\t\t\tName: pulumi.String(\"NAME OF THE CLASSIFICATION JOB\"),\n\t\t\tS3JobDefinition: \u0026macie2.ClassificationJobS3JobDefinitionArgs{\n\t\t\t\tBucketDefinitions: macie2.ClassificationJobS3JobDefinitionBucketDefinitionArray{\n\t\t\t\t\t\u0026macie2.ClassificationJobS3JobDefinitionBucketDefinitionArgs{\n\t\t\t\t\t\tAccountId: pulumi.String(\"ACCOUNT ID\"),\n\t\t\t\t\t\tBuckets: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"S3 BUCKET NAME\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.ClassificationJob;\nimport com.pulumi.aws.macie2.ClassificationJobArgs;\nimport com.pulumi.aws.macie2.inputs.ClassificationJobS3JobDefinitionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Account(\"test\");\n\n var testClassificationJob = new ClassificationJob(\"testClassificationJob\", ClassificationJobArgs.builder() \n .jobType(\"ONE_TIME\")\n .name(\"NAME OF THE CLASSIFICATION JOB\")\n .s3JobDefinition(ClassificationJobS3JobDefinitionArgs.builder()\n .bucketDefinitions(ClassificationJobS3JobDefinitionBucketDefinitionArgs.builder()\n .accountId(\"ACCOUNT ID\")\n .buckets(\"S3 BUCKET NAME\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:macie2:Account\n testClassificationJob:\n type: aws:macie2:ClassificationJob\n name: test\n properties:\n jobType: ONE_TIME\n name: NAME OF THE CLASSIFICATION JOB\n s3JobDefinition:\n bucketDefinitions:\n - accountId: ACCOUNT ID\n buckets:\n - S3 BUCKET NAME\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_classification_job` using the id. For example:\n\n```sh\n$ pulumi import aws:macie2/classificationJob:ClassificationJob example abcd1\n```\n", + "description": "Provides a resource to manage an [AWS Macie Classification Job](https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.macie2.Account(\"test\", {});\nconst testClassificationJob = new aws.macie2.ClassificationJob(\"test\", {\n jobType: \"ONE_TIME\",\n name: \"NAME OF THE CLASSIFICATION JOB\",\n s3JobDefinition: {\n bucketDefinitions: [{\n accountId: \"ACCOUNT ID\",\n buckets: [\"S3 BUCKET NAME\"],\n }],\n },\n}, {\n dependsOn: [test],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ntest = aws.macie2.Account(\"test\")\ntest_classification_job = aws.macie2.ClassificationJob(\"test\",\n job_type=\"ONE_TIME\",\n name=\"NAME OF THE CLASSIFICATION JOB\",\n s3_job_definition=aws.macie2.ClassificationJobS3JobDefinitionArgs(\n bucket_definitions=[aws.macie2.ClassificationJobS3JobDefinitionBucketDefinitionArgs(\n account_id=\"ACCOUNT ID\",\n buckets=[\"S3 BUCKET NAME\"],\n )],\n ),\n opts=pulumi.ResourceOptions(depends_on=[test]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Macie2.Account(\"test\");\n\n var testClassificationJob = new Aws.Macie2.ClassificationJob(\"test\", new()\n {\n JobType = \"ONE_TIME\",\n Name = \"NAME OF THE CLASSIFICATION JOB\",\n S3JobDefinition = new Aws.Macie2.Inputs.ClassificationJobS3JobDefinitionArgs\n {\n BucketDefinitions = new[]\n {\n new Aws.Macie2.Inputs.ClassificationJobS3JobDefinitionBucketDefinitionArgs\n {\n AccountId = \"ACCOUNT ID\",\n Buckets = new[]\n {\n \"S3 BUCKET NAME\",\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttest, err := macie2.NewAccount(ctx, \"test\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewClassificationJob(ctx, \"test\", \u0026macie2.ClassificationJobArgs{\n\t\t\tJobType: pulumi.String(\"ONE_TIME\"),\n\t\t\tName: pulumi.String(\"NAME OF THE CLASSIFICATION JOB\"),\n\t\t\tS3JobDefinition: \u0026macie2.ClassificationJobS3JobDefinitionArgs{\n\t\t\t\tBucketDefinitions: macie2.ClassificationJobS3JobDefinitionBucketDefinitionArray{\n\t\t\t\t\t\u0026macie2.ClassificationJobS3JobDefinitionBucketDefinitionArgs{\n\t\t\t\t\t\tAccountId: pulumi.String(\"ACCOUNT ID\"),\n\t\t\t\t\t\tBuckets: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"S3 BUCKET NAME\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttest,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.ClassificationJob;\nimport com.pulumi.aws.macie2.ClassificationJobArgs;\nimport com.pulumi.aws.macie2.inputs.ClassificationJobS3JobDefinitionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Account(\"test\");\n\n var testClassificationJob = new ClassificationJob(\"testClassificationJob\", ClassificationJobArgs.builder() \n .jobType(\"ONE_TIME\")\n .name(\"NAME OF THE CLASSIFICATION JOB\")\n .s3JobDefinition(ClassificationJobS3JobDefinitionArgs.builder()\n .bucketDefinitions(ClassificationJobS3JobDefinitionBucketDefinitionArgs.builder()\n .accountId(\"ACCOUNT ID\")\n .buckets(\"S3 BUCKET NAME\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:macie2:Account\n testClassificationJob:\n type: aws:macie2:ClassificationJob\n name: test\n properties:\n jobType: ONE_TIME\n name: NAME OF THE CLASSIFICATION JOB\n s3JobDefinition:\n bucketDefinitions:\n - accountId: ACCOUNT ID\n buckets:\n - S3 BUCKET NAME\n options:\n dependson:\n - ${test}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_classification_job` using the id. For example:\n\n```sh\n$ pulumi import aws:macie2/classificationJob:ClassificationJob example abcd1\n```\n", "properties": { "createdAt": { "type": "string", @@ -277558,7 +277558,7 @@ } }, "aws:macie2/invitationAccepter:InvitationAccepter": { - "description": "Provides a resource to manage an [Amazon Macie Invitation Accepter](https://docs.aws.amazon.com/macie/latest/APIReference/invitations-accept.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.macie2.Account(\"primary\", {});\nconst member = new aws.macie2.Account(\"member\", {});\nconst primaryMember = new aws.macie2.Member(\"primary\", {\n accountId: \"ACCOUNT ID\",\n email: \"EMAIL\",\n invite: true,\n invitationMessage: \"Message of the invite\",\n});\nconst memberInvitationAccepter = new aws.macie2.InvitationAccepter(\"member\", {administratorAccountId: \"ADMINISTRATOR ACCOUNT ID\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.macie2.Account(\"primary\")\nmember = aws.macie2.Account(\"member\")\nprimary_member = aws.macie2.Member(\"primary\",\n account_id=\"ACCOUNT ID\",\n email=\"EMAIL\",\n invite=True,\n invitation_message=\"Message of the invite\")\nmember_invitation_accepter = aws.macie2.InvitationAccepter(\"member\", administrator_account_id=\"ADMINISTRATOR ACCOUNT ID\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.Macie2.Account(\"primary\");\n\n var member = new Aws.Macie2.Account(\"member\");\n\n var primaryMember = new Aws.Macie2.Member(\"primary\", new()\n {\n AccountId = \"ACCOUNT ID\",\n Email = \"EMAIL\",\n Invite = true,\n InvitationMessage = \"Message of the invite\",\n });\n\n var memberInvitationAccepter = new Aws.Macie2.InvitationAccepter(\"member\", new()\n {\n AdministratorAccountId = \"ADMINISTRATOR ACCOUNT ID\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"primary\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewAccount(ctx, \"member\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewMember(ctx, \"primary\", \u0026macie2.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"ACCOUNT ID\"),\n\t\t\tEmail: pulumi.String(\"EMAIL\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t\tInvitationMessage: pulumi.String(\"Message of the invite\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewInvitationAccepter(ctx, \"member\", \u0026macie2.InvitationAccepterArgs{\n\t\t\tAdministratorAccountId: pulumi.String(\"ADMINISTRATOR ACCOUNT ID\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.Member;\nimport com.pulumi.aws.macie2.MemberArgs;\nimport com.pulumi.aws.macie2.InvitationAccepter;\nimport com.pulumi.aws.macie2.InvitationAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Account(\"primary\");\n\n var member = new Account(\"member\");\n\n var primaryMember = new Member(\"primaryMember\", MemberArgs.builder() \n .accountId(\"ACCOUNT ID\")\n .email(\"EMAIL\")\n .invite(true)\n .invitationMessage(\"Message of the invite\")\n .build());\n\n var memberInvitationAccepter = new InvitationAccepter(\"memberInvitationAccepter\", InvitationAccepterArgs.builder() \n .administratorAccountId(\"ADMINISTRATOR ACCOUNT ID\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:macie2:Account\n member:\n type: aws:macie2:Account\n primaryMember:\n type: aws:macie2:Member\n name: primary\n properties:\n accountId: ACCOUNT ID\n email: EMAIL\n invite: true\n invitationMessage: Message of the invite\n memberInvitationAccepter:\n type: aws:macie2:InvitationAccepter\n name: member\n properties:\n administratorAccountId: ADMINISTRATOR ACCOUNT ID\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_invitation_accepter` using the admin account ID. For example:\n\n```sh\n$ pulumi import aws:macie2/invitationAccepter:InvitationAccepter example 123456789012\n```\n", + "description": "Provides a resource to manage an [Amazon Macie Invitation Accepter](https://docs.aws.amazon.com/macie/latest/APIReference/invitations-accept.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst primary = new aws.macie2.Account(\"primary\", {});\nconst member = new aws.macie2.Account(\"member\", {});\nconst primaryMember = new aws.macie2.Member(\"primary\", {\n accountId: \"ACCOUNT ID\",\n email: \"EMAIL\",\n invite: true,\n invitationMessage: \"Message of the invite\",\n}, {\n dependsOn: [primary],\n});\nconst memberInvitationAccepter = new aws.macie2.InvitationAccepter(\"member\", {administratorAccountId: \"ADMINISTRATOR ACCOUNT ID\"}, {\n dependsOn: [primaryMember],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nprimary = aws.macie2.Account(\"primary\")\nmember = aws.macie2.Account(\"member\")\nprimary_member = aws.macie2.Member(\"primary\",\n account_id=\"ACCOUNT ID\",\n email=\"EMAIL\",\n invite=True,\n invitation_message=\"Message of the invite\",\n opts=pulumi.ResourceOptions(depends_on=[primary]))\nmember_invitation_accepter = aws.macie2.InvitationAccepter(\"member\", administrator_account_id=\"ADMINISTRATOR ACCOUNT ID\",\nopts=pulumi.ResourceOptions(depends_on=[primary_member]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Aws.Macie2.Account(\"primary\");\n\n var member = new Aws.Macie2.Account(\"member\");\n\n var primaryMember = new Aws.Macie2.Member(\"primary\", new()\n {\n AccountId = \"ACCOUNT ID\",\n Email = \"EMAIL\",\n Invite = true,\n InvitationMessage = \"Message of the invite\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primary, \n },\n });\n\n var memberInvitationAccepter = new Aws.Macie2.InvitationAccepter(\"member\", new()\n {\n AdministratorAccountId = \"ADMINISTRATOR ACCOUNT ID\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryMember, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tprimary, err := macie2.NewAccount(ctx, \"primary\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewAccount(ctx, \"member\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryMember, err := macie2.NewMember(ctx, \"primary\", \u0026macie2.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"ACCOUNT ID\"),\n\t\t\tEmail: pulumi.String(\"EMAIL\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t\tInvitationMessage: pulumi.String(\"Message of the invite\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimary,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewInvitationAccepter(ctx, \"member\", \u0026macie2.InvitationAccepterArgs{\n\t\t\tAdministratorAccountId: pulumi.String(\"ADMINISTRATOR ACCOUNT ID\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryMember,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.Member;\nimport com.pulumi.aws.macie2.MemberArgs;\nimport com.pulumi.aws.macie2.InvitationAccepter;\nimport com.pulumi.aws.macie2.InvitationAccepterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Account(\"primary\");\n\n var member = new Account(\"member\");\n\n var primaryMember = new Member(\"primaryMember\", MemberArgs.builder() \n .accountId(\"ACCOUNT ID\")\n .email(\"EMAIL\")\n .invite(true)\n .invitationMessage(\"Message of the invite\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primary)\n .build());\n\n var memberInvitationAccepter = new InvitationAccepter(\"memberInvitationAccepter\", InvitationAccepterArgs.builder() \n .administratorAccountId(\"ADMINISTRATOR ACCOUNT ID\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryMember)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: aws:macie2:Account\n member:\n type: aws:macie2:Account\n primaryMember:\n type: aws:macie2:Member\n name: primary\n properties:\n accountId: ACCOUNT ID\n email: EMAIL\n invite: true\n invitationMessage: Message of the invite\n options:\n dependson:\n - ${primary}\n memberInvitationAccepter:\n type: aws:macie2:InvitationAccepter\n name: member\n properties:\n administratorAccountId: ADMINISTRATOR ACCOUNT ID\n options:\n dependson:\n - ${primaryMember}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_invitation_accepter` using the admin account ID. For example:\n\n```sh\n$ pulumi import aws:macie2/invitationAccepter:InvitationAccepter example 123456789012\n```\n", "properties": { "administratorAccountId": { "type": "string", @@ -277600,7 +277600,7 @@ } }, "aws:macie2/member:Member": { - "description": "Provides a resource to manage an [Amazon Macie Member](https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleMember = new aws.macie2.Member(\"example\", {\n accountId: \"AWS ACCOUNT ID\",\n email: \"EMAIL\",\n invite: true,\n invitationMessage: \"Message of the invitation\",\n invitationDisableEmailNotification: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_member = aws.macie2.Member(\"example\",\n account_id=\"AWS ACCOUNT ID\",\n email=\"EMAIL\",\n invite=True,\n invitation_message=\"Message of the invitation\",\n invitation_disable_email_notification=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleMember = new Aws.Macie2.Member(\"example\", new()\n {\n AccountId = \"AWS ACCOUNT ID\",\n Email = \"EMAIL\",\n Invite = true,\n InvitationMessage = \"Message of the invitation\",\n InvitationDisableEmailNotification = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewMember(ctx, \"example\", \u0026macie2.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"AWS ACCOUNT ID\"),\n\t\t\tEmail: pulumi.String(\"EMAIL\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t\tInvitationMessage: pulumi.String(\"Message of the invitation\"),\n\t\t\tInvitationDisableEmailNotification: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.Member;\nimport com.pulumi.aws.macie2.MemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleMember = new Member(\"exampleMember\", MemberArgs.builder() \n .accountId(\"AWS ACCOUNT ID\")\n .email(\"EMAIL\")\n .invite(true)\n .invitationMessage(\"Message of the invitation\")\n .invitationDisableEmailNotification(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleMember:\n type: aws:macie2:Member\n name: example\n properties:\n accountId: AWS ACCOUNT ID\n email: EMAIL\n invite: true\n invitationMessage: Message of the invitation\n invitationDisableEmailNotification: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_member` using the account ID of the member account. For example:\n\n```sh\n$ pulumi import aws:macie2/member:Member example 123456789012\n```\n", + "description": "Provides a resource to manage an [Amazon Macie Member](https://docs.aws.amazon.com/macie/latest/APIReference/members-id.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleMember = new aws.macie2.Member(\"example\", {\n accountId: \"AWS ACCOUNT ID\",\n email: \"EMAIL\",\n invite: true,\n invitationMessage: \"Message of the invitation\",\n invitationDisableEmailNotification: true,\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_member = aws.macie2.Member(\"example\",\n account_id=\"AWS ACCOUNT ID\",\n email=\"EMAIL\",\n invite=True,\n invitation_message=\"Message of the invitation\",\n invitation_disable_email_notification=True,\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleMember = new Aws.Macie2.Member(\"example\", new()\n {\n AccountId = \"AWS ACCOUNT ID\",\n Email = \"EMAIL\",\n Invite = true,\n InvitationMessage = \"Message of the invitation\",\n InvitationDisableEmailNotification = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewMember(ctx, \"example\", \u0026macie2.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"AWS ACCOUNT ID\"),\n\t\t\tEmail: pulumi.String(\"EMAIL\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t\tInvitationMessage: pulumi.String(\"Message of the invitation\"),\n\t\t\tInvitationDisableEmailNotification: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.Member;\nimport com.pulumi.aws.macie2.MemberArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleMember = new Member(\"exampleMember\", MemberArgs.builder() \n .accountId(\"AWS ACCOUNT ID\")\n .email(\"EMAIL\")\n .invite(true)\n .invitationMessage(\"Message of the invitation\")\n .invitationDisableEmailNotification(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleMember:\n type: aws:macie2:Member\n name: example\n properties:\n accountId: AWS ACCOUNT ID\n email: EMAIL\n invite: true\n invitationMessage: Message of the invitation\n invitationDisableEmailNotification: true\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_member` using the account ID of the member account. For example:\n\n```sh\n$ pulumi import aws:macie2/member:Member example 123456789012\n```\n", "properties": { "accountId": { "type": "string", @@ -277790,7 +277790,7 @@ } }, "aws:macie2/organizationAdminAccount:OrganizationAdminAccount": { - "description": "Provides a resource to manage an [Amazon Macie Organization Admin Account](https://docs.aws.amazon.com/macie/latest/APIReference/admin.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleOrganizationAdminAccount = new aws.macie2.OrganizationAdminAccount(\"example\", {adminAccountId: \"ID OF THE ADMIN ACCOUNT\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_organization_admin_account = aws.macie2.OrganizationAdminAccount(\"example\", admin_account_id=\"ID OF THE ADMIN ACCOUNT\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleOrganizationAdminAccount = new Aws.Macie2.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"ID OF THE ADMIN ACCOUNT\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewOrganizationAdminAccount(ctx, \"example\", \u0026macie2.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"ID OF THE ADMIN ACCOUNT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.OrganizationAdminAccount;\nimport com.pulumi.aws.macie2.OrganizationAdminAccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder() \n .adminAccountId(\"ID OF THE ADMIN ACCOUNT\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleOrganizationAdminAccount:\n type: aws:macie2:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: ID OF THE ADMIN ACCOUNT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_organization_admin_account` using the id. For example:\n\n```sh\n$ pulumi import aws:macie2/organizationAdminAccount:OrganizationAdminAccount example abcd1\n```\n", + "description": "Provides a resource to manage an [Amazon Macie Organization Admin Account](https://docs.aws.amazon.com/macie/latest/APIReference/admin.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.macie2.Account(\"example\", {});\nconst exampleOrganizationAdminAccount = new aws.macie2.OrganizationAdminAccount(\"example\", {adminAccountId: \"ID OF THE ADMIN ACCOUNT\"}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.macie2.Account(\"example\")\nexample_organization_admin_account = aws.macie2.OrganizationAdminAccount(\"example\", admin_account_id=\"ID OF THE ADMIN ACCOUNT\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Macie2.Account(\"example\");\n\n var exampleOrganizationAdminAccount = new Aws.Macie2.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"ID OF THE ADMIN ACCOUNT\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/macie2\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := macie2.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = macie2.NewOrganizationAdminAccount(ctx, \"example\", \u0026macie2.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"ID OF THE ADMIN ACCOUNT\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.macie2.Account;\nimport com.pulumi.aws.macie2.OrganizationAdminAccount;\nimport com.pulumi.aws.macie2.OrganizationAdminAccountArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder() \n .adminAccountId(\"ID OF THE ADMIN ACCOUNT\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:macie2:Account\n exampleOrganizationAdminAccount:\n type: aws:macie2:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: ID OF THE ADMIN ACCOUNT\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_macie2_organization_admin_account` using the id. For example:\n\n```sh\n$ pulumi import aws:macie2/organizationAdminAccount:OrganizationAdminAccount example abcd1\n```\n", "properties": { "adminAccountId": { "type": "string", @@ -280977,7 +280977,7 @@ } }, "aws:msk/clusterPolicy:ClusterPolicy": { - "description": "Resource for managing an AWS Managed Streaming for Kafka Cluster Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst example = new aws.msk.ClusterPolicy(\"example\", {\n clusterArn: exampleAwsMskCluster.arn,\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n sid: \"ExampleMskClusterPolicy\",\n effect: \"Allow\",\n principal: {\n AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) =\u003e `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`),\n },\n action: [\n \"kafka:Describe*\",\n \"kafka:Get*\",\n \"kafka:CreateVpcConnection\",\n \"kafka:GetBootstrapBrokers\",\n ],\n resource: exampleAwsMskCluster.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\nexample = aws.msk.ClusterPolicy(\"example\",\n cluster_arn=example_aws_msk_cluster[\"arn\"],\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"sid\": \"ExampleMskClusterPolicy\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": f\"arn:{current_get_partition.partition}:iam::{current.account_id}:root\",\n },\n \"action\": [\n \"kafka:Describe*\",\n \"kafka:Get*\",\n \"kafka:CreateVpcConnection\",\n \"kafka:GetBootstrapBrokers\",\n ],\n \"resource\": example_aws_msk_cluster[\"arn\"],\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var example = new Aws.Msk.ClusterPolicy(\"example\", new()\n {\n ClusterArn = exampleAwsMskCluster.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"sid\"] = \"ExampleMskClusterPolicy\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(currentGetPartition, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var current = values.Item2;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"action\"] = new[]\n {\n \"kafka:Describe*\",\n \"kafka:Get*\",\n \"kafka:CreateVpcConnection\",\n \"kafka:GetBootstrapBrokers\",\n },\n [\"resource\"] = exampleAwsMskCluster.Arn,\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"sid\": \"ExampleMskClusterPolicy\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", currentGetPartition.Partition, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"kafka:Describe*\",\n\t\t\t\t\t\t\"kafka:Get*\",\n\t\t\t\t\t\t\"kafka:CreateVpcConnection\",\n\t\t\t\t\t\t\"kafka:GetBootstrapBrokers\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resource\": exampleAwsMskCluster.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = msk.NewClusterPolicy(ctx, \"example\", \u0026msk.ClusterPolicyArgs{\n\t\t\tClusterArn: pulumi.Any(exampleAwsMskCluster.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.msk.ClusterPolicy;\nimport com.pulumi.aws.msk.ClusterPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n var example = new ClusterPolicy(\"example\", ClusterPolicyArgs.builder() \n .clusterArn(exampleAwsMskCluster.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"sid\", \"ExampleMskClusterPolicy\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"action\", jsonArray(\n \"kafka:Describe*\", \n \"kafka:Get*\", \n \"kafka:CreateVpcConnection\", \n \"kafka:GetBootstrapBrokers\"\n )),\n jsonProperty(\"resource\", exampleAwsMskCluster.arn())\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:msk:ClusterPolicy\n properties:\n clusterArn: ${exampleAwsMskCluster.arn}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - sid: ExampleMskClusterPolicy\n effect: Allow\n principal:\n AWS: arn:${currentGetPartition.partition}:iam::${current.accountId}:root\n action:\n - kafka:Describe*\n - kafka:Get*\n - kafka:CreateVpcConnection\n - kafka:GetBootstrapBrokers\n resource: ${exampleAwsMskCluster.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Managed Streaming for Kafka Cluster Policy using the `cluster_arn`. For example:\n\n```sh\n$ pulumi import aws:msk/clusterPolicy:ClusterPolicy example arn:aws:kafka:us-west-2:123456789012:cluster/example/279c0212-d057-4dba-9aa9-1c4e5a25bfc7-3\n```\n", + "description": "Resource for managing an AWS Managed Streaming for Kafka Cluster Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst example = new aws.msk.ClusterPolicy(\"example\", {\n clusterArn: exampleAwsMskCluster.arn,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"ExampleMskClusterPolicy\",\n Effect: \"Allow\",\n Principal: {\n AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) =\u003e `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`),\n },\n Action: [\n \"kafka:Describe*\",\n \"kafka:Get*\",\n \"kafka:CreateVpcConnection\",\n \"kafka:GetBootstrapBrokers\",\n ],\n Resource: exampleAwsMskCluster.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\nexample = aws.msk.ClusterPolicy(\"example\",\n cluster_arn=example_aws_msk_cluster[\"arn\"],\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"ExampleMskClusterPolicy\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:{current_get_partition.partition}:iam::{current.account_id}:root\",\n },\n \"Action\": [\n \"kafka:Describe*\",\n \"kafka:Get*\",\n \"kafka:CreateVpcConnection\",\n \"kafka:GetBootstrapBrokers\",\n ],\n \"Resource\": example_aws_msk_cluster[\"arn\"],\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var example = new Aws.Msk.ClusterPolicy(\"example\", new()\n {\n ClusterArn = exampleAwsMskCluster.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"ExampleMskClusterPolicy\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(currentGetPartition, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var current = values.Item2;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"Action\"] = new[]\n {\n \"kafka:Describe*\",\n \"kafka:Get*\",\n \"kafka:CreateVpcConnection\",\n \"kafka:GetBootstrapBrokers\",\n },\n [\"Resource\"] = exampleAwsMskCluster.Arn,\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"ExampleMskClusterPolicy\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", currentGetPartition.Partition, current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kafka:Describe*\",\n\t\t\t\t\t\t\"kafka:Get*\",\n\t\t\t\t\t\t\"kafka:CreateVpcConnection\",\n\t\t\t\t\t\t\"kafka:GetBootstrapBrokers\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": exampleAwsMskCluster.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = msk.NewClusterPolicy(ctx, \"example\", \u0026msk.ClusterPolicyArgs{\n\t\t\tClusterArn: pulumi.Any(exampleAwsMskCluster.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.msk.ClusterPolicy;\nimport com.pulumi.aws.msk.ClusterPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n var example = new ClusterPolicy(\"example\", ClusterPolicyArgs.builder() \n .clusterArn(exampleAwsMskCluster.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"ExampleMskClusterPolicy\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"kafka:Describe*\", \n \"kafka:Get*\", \n \"kafka:CreateVpcConnection\", \n \"kafka:GetBootstrapBrokers\"\n )),\n jsonProperty(\"Resource\", exampleAwsMskCluster.arn())\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:msk:ClusterPolicy\n properties:\n clusterArn: ${exampleAwsMskCluster.arn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: ExampleMskClusterPolicy\n Effect: Allow\n Principal:\n AWS: arn:${currentGetPartition.partition}:iam::${current.accountId}:root\n Action:\n - kafka:Describe*\n - kafka:Get*\n - kafka:CreateVpcConnection\n - kafka:GetBootstrapBrokers\n Resource: ${exampleAwsMskCluster.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Managed Streaming for Kafka Cluster Policy using the `cluster_arn`. For example:\n\n```sh\n$ pulumi import aws:msk/clusterPolicy:ClusterPolicy example arn:aws:kafka:us-west-2:123456789012:cluster/example/279c0212-d057-4dba-9aa9-1c4e5a25bfc7-3\n```\n", "properties": { "clusterArn": { "type": "string", @@ -281275,7 +281275,7 @@ } }, "aws:msk/scramSecretAssociation:ScramSecretAssociation": { - "description": "Associates SCRAM secrets stored in the Secrets Manager service with a Managed Streaming for Kafka (MSK) cluster.\n\n\u003e **Note:** The following assumes the MSK cluster has SASL/SCRAM authentication enabled. See below for example usage or refer to the [Username/Password Authentication](https://docs.aws.amazon.com/msk/latest/developerguide/msk-password.html) section of the MSK Developer Guide for more details.\n\nTo set up username and password authentication for a cluster, create an `aws.secretsmanager.Secret` resource and associate\na username and password with the secret with an `aws.secretsmanager.SecretVersion` resource. When creating a secret for the cluster,\nthe `name` must have the prefix `AmazonMSK_` and you must either use an existing custom AWS KMS key or create a new\ncustom AWS KMS key for your secret with the `aws.kms.Key` resource. It is important to note that a policy is required for the `aws.secretsmanager.Secret`\nresource in order for Kafka to be able to read it. This policy is attached automatically when the `aws.msk.ScramSecretAssociation` is used,\nhowever, this policy will not be in the state and as such, will present a diff on plan/apply. For that reason, you must use the `aws.secretsmanager.SecretPolicy`\nresource](/docs/providers/aws/r/secretsmanager_secret_policy.html) as shown below in order to ensure that the state is in a clean state after the creation of secret and the association to the cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCluster = new aws.msk.Cluster(\"example\", {\n clusterName: \"example\",\n clientAuthentication: {\n sasl: {\n scram: true,\n },\n },\n});\nconst exampleKey = new aws.kms.Key(\"example\", {description: \"Example Key for MSK Cluster Scram Secret Association\"});\nconst exampleSecret = new aws.secretsmanager.Secret(\"example\", {\n name: \"AmazonMSK_example\",\n kmsKeyId: exampleKey.keyId,\n});\nconst exampleScramSecretAssociation = new aws.msk.ScramSecretAssociation(\"example\", {\n clusterArn: exampleCluster.arn,\n secretArnLists: [exampleSecret.arn],\n});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: exampleSecret.id,\n secretString: JSON.stringify({\n username: \"user\",\n password: \"pass\",\n }),\n});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n sid: \"AWSKafkaResourcePolicy\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"kafka.amazonaws.com\"],\n }],\n actions: [\"secretsmanager:getSecretValue\"],\n resources: [exampleSecret.arn],\n }],\n});\nconst exampleSecretPolicy = new aws.secretsmanager.SecretPolicy(\"example\", {\n secretArn: exampleSecret.arn,\n policy: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample_cluster = aws.msk.Cluster(\"example\",\n cluster_name=\"example\",\n client_authentication=aws.msk.ClusterClientAuthenticationArgs(\n sasl=aws.msk.ClusterClientAuthenticationSaslArgs(\n scram=True,\n ),\n ))\nexample_key = aws.kms.Key(\"example\", description=\"Example Key for MSK Cluster Scram Secret Association\")\nexample_secret = aws.secretsmanager.Secret(\"example\",\n name=\"AmazonMSK_example\",\n kms_key_id=example_key.key_id)\nexample_scram_secret_association = aws.msk.ScramSecretAssociation(\"example\",\n cluster_arn=example_cluster.arn,\n secret_arn_lists=[example_secret.arn])\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example_secret.id,\n secret_string=json.dumps({\n \"username\": \"user\",\n \"password\": \"pass\",\n }))\nexample = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"AWSKafkaResourcePolicy\",\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"kafka.amazonaws.com\"],\n )],\n actions=[\"secretsmanager:getSecretValue\"],\n resources=[example_secret.arn],\n)])\nexample_secret_policy = aws.secretsmanager.SecretPolicy(\"example\",\n secret_arn=example_secret.arn,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCluster = new Aws.Msk.Cluster(\"example\", new()\n {\n ClusterName = \"example\",\n ClientAuthentication = new Aws.Msk.Inputs.ClusterClientAuthenticationArgs\n {\n Sasl = new Aws.Msk.Inputs.ClusterClientAuthenticationSaslArgs\n {\n Scram = true,\n },\n },\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Example Key for MSK Cluster Scram Secret Association\",\n });\n\n var exampleSecret = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"AmazonMSK_example\",\n KmsKeyId = exampleKey.KeyId,\n });\n\n var exampleScramSecretAssociation = new Aws.Msk.ScramSecretAssociation(\"example\", new()\n {\n ClusterArn = exampleCluster.Arn,\n SecretArnLists = new[]\n {\n exampleSecret.Arn,\n },\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = exampleSecret.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = \"user\",\n [\"password\"] = \"pass\",\n }),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSKafkaResourcePolicy\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"kafka.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"secretsmanager:getSecretValue\",\n },\n Resources = new[]\n {\n exampleSecret.Arn,\n },\n },\n },\n });\n\n var exampleSecretPolicy = new Aws.SecretsManager.SecretPolicy(\"example\", new()\n {\n SecretArn = exampleSecret.Arn,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCluster, err := msk.NewCluster(ctx, \"example\", \u0026msk.ClusterArgs{\n\t\t\tClusterName: pulumi.String(\"example\"),\n\t\t\tClientAuthentication: \u0026msk.ClusterClientAuthenticationArgs{\n\t\t\t\tSasl: \u0026msk.ClusterClientAuthenticationSaslArgs{\n\t\t\t\t\tScram: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Example Key for MSK Cluster Scram Secret Association\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecret, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"AmazonMSK_example\"),\n\t\t\tKmsKeyId: exampleKey.KeyId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = msk.NewScramSecretAssociation(ctx, \"example\", \u0026msk.ScramSecretAssociationArgs{\n\t\t\tClusterArn: exampleCluster.Arn,\n\t\t\tSecretArnLists: pulumi.StringArray{\n\t\t\t\texampleSecret.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"username\": \"user\",\n\t\t\t\"password\": \"pass\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: exampleSecret.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"AWSKafkaResourcePolicy\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"kafka.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"secretsmanager:getSecretValue\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleSecret.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = secretsmanager.NewSecretPolicy(ctx, \"example\", \u0026secretsmanager.SecretPolicyArgs{\n\t\t\tSecretArn: exampleSecret.Arn,\n\t\t\tPolicy: example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.Cluster;\nimport com.pulumi.aws.msk.ClusterArgs;\nimport com.pulumi.aws.msk.inputs.ClusterClientAuthenticationArgs;\nimport com.pulumi.aws.msk.inputs.ClusterClientAuthenticationSaslArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.msk.ScramSecretAssociation;\nimport com.pulumi.aws.msk.ScramSecretAssociationArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.secretsmanager.SecretPolicy;\nimport com.pulumi.aws.secretsmanager.SecretPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder() \n .clusterName(\"example\")\n .clientAuthentication(ClusterClientAuthenticationArgs.builder()\n .sasl(ClusterClientAuthenticationSaslArgs.builder()\n .scram(true)\n .build())\n .build())\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder() \n .description(\"Example Key for MSK Cluster Scram Secret Association\")\n .build());\n\n var exampleSecret = new Secret(\"exampleSecret\", SecretArgs.builder() \n .name(\"AmazonMSK_example\")\n .kmsKeyId(exampleKey.keyId())\n .build());\n\n var exampleScramSecretAssociation = new ScramSecretAssociation(\"exampleScramSecretAssociation\", ScramSecretAssociationArgs.builder() \n .clusterArn(exampleCluster.arn())\n .secretArnLists(exampleSecret.arn())\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder() \n .secretId(exampleSecret.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"username\", \"user\"),\n jsonProperty(\"password\", \"pass\")\n )))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSKafkaResourcePolicy\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"kafka.amazonaws.com\")\n .build())\n .actions(\"secretsmanager:getSecretValue\")\n .resources(exampleSecret.arn())\n .build())\n .build());\n\n var exampleSecretPolicy = new SecretPolicy(\"exampleSecretPolicy\", SecretPolicyArgs.builder() \n .secretArn(exampleSecret.arn())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleScramSecretAssociation:\n type: aws:msk:ScramSecretAssociation\n name: example\n properties:\n clusterArn: ${exampleCluster.arn}\n secretArnLists:\n - ${exampleSecret.arn}\n exampleCluster:\n type: aws:msk:Cluster\n name: example\n properties:\n clusterName: example\n clientAuthentication:\n sasl:\n scram: true\n exampleSecret:\n type: aws:secretsmanager:Secret\n name: example\n properties:\n name: AmazonMSK_example\n kmsKeyId: ${exampleKey.keyId}\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n description: Example Key for MSK Cluster Scram Secret Association\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${exampleSecret.id}\n secretString:\n fn::toJSON:\n username: user\n password: pass\n exampleSecretPolicy:\n type: aws:secretsmanager:SecretPolicy\n name: example\n properties:\n secretArn: ${exampleSecret.arn}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: AWSKafkaResourcePolicy\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - kafka.amazonaws.com\n actions:\n - secretsmanager:getSecretValue\n resources:\n - ${exampleSecret.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK SCRAM Secret Associations using the `id`. For example:\n\n```sh\n$ pulumi import aws:msk/scramSecretAssociation:ScramSecretAssociation example arn:aws:kafka:us-west-2:123456789012:cluster/example/279c0212-d057-4dba-9aa9-1c4e5a25bfc7-3\n```\n", + "description": "Associates SCRAM secrets stored in the Secrets Manager service with a Managed Streaming for Kafka (MSK) cluster.\n\n\u003e **Note:** The following assumes the MSK cluster has SASL/SCRAM authentication enabled. See below for example usage or refer to the [Username/Password Authentication](https://docs.aws.amazon.com/msk/latest/developerguide/msk-password.html) section of the MSK Developer Guide for more details.\n\nTo set up username and password authentication for a cluster, create an `aws.secretsmanager.Secret` resource and associate\na username and password with the secret with an `aws.secretsmanager.SecretVersion` resource. When creating a secret for the cluster,\nthe `name` must have the prefix `AmazonMSK_` and you must either use an existing custom AWS KMS key or create a new\ncustom AWS KMS key for your secret with the `aws.kms.Key` resource. It is important to note that a policy is required for the `aws.secretsmanager.Secret`\nresource in order for Kafka to be able to read it. This policy is attached automatically when the `aws.msk.ScramSecretAssociation` is used,\nhowever, this policy will not be in the state and as such, will present a diff on plan/apply. For that reason, you must use the `aws.secretsmanager.SecretPolicy`\nresource](/docs/providers/aws/r/secretsmanager_secret_policy.html) as shown below in order to ensure that the state is in a clean state after the creation of secret and the association to the cluster.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleCluster = new aws.msk.Cluster(\"example\", {\n clusterName: \"example\",\n clientAuthentication: {\n sasl: {\n scram: true,\n },\n },\n});\nconst exampleKey = new aws.kms.Key(\"example\", {description: \"Example Key for MSK Cluster Scram Secret Association\"});\nconst exampleSecret = new aws.secretsmanager.Secret(\"example\", {\n name: \"AmazonMSK_example\",\n kmsKeyId: exampleKey.keyId,\n});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: exampleSecret.id,\n secretString: JSON.stringify({\n username: \"user\",\n password: \"pass\",\n }),\n});\nconst exampleScramSecretAssociation = new aws.msk.ScramSecretAssociation(\"example\", {\n clusterArn: exampleCluster.arn,\n secretArnLists: [exampleSecret.arn],\n}, {\n dependsOn: [exampleSecretVersion],\n});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [{\n sid: \"AWSKafkaResourcePolicy\",\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"kafka.amazonaws.com\"],\n }],\n actions: [\"secretsmanager:getSecretValue\"],\n resources: [exampleSecret.arn],\n }],\n});\nconst exampleSecretPolicy = new aws.secretsmanager.SecretPolicy(\"example\", {\n secretArn: exampleSecret.arn,\n policy: example.apply(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample_cluster = aws.msk.Cluster(\"example\",\n cluster_name=\"example\",\n client_authentication=aws.msk.ClusterClientAuthenticationArgs(\n sasl=aws.msk.ClusterClientAuthenticationSaslArgs(\n scram=True,\n ),\n ))\nexample_key = aws.kms.Key(\"example\", description=\"Example Key for MSK Cluster Scram Secret Association\")\nexample_secret = aws.secretsmanager.Secret(\"example\",\n name=\"AmazonMSK_example\",\n kms_key_id=example_key.key_id)\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example_secret.id,\n secret_string=json.dumps({\n \"username\": \"user\",\n \"password\": \"pass\",\n }))\nexample_scram_secret_association = aws.msk.ScramSecretAssociation(\"example\",\n cluster_arn=example_cluster.arn,\n secret_arn_lists=[example_secret.arn],\n opts=pulumi.ResourceOptions(depends_on=[example_secret_version]))\nexample = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n sid=\"AWSKafkaResourcePolicy\",\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"kafka.amazonaws.com\"],\n )],\n actions=[\"secretsmanager:getSecretValue\"],\n resources=[example_secret.arn],\n)])\nexample_secret_policy = aws.secretsmanager.SecretPolicy(\"example\",\n secret_arn=example_secret.arn,\n policy=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleCluster = new Aws.Msk.Cluster(\"example\", new()\n {\n ClusterName = \"example\",\n ClientAuthentication = new Aws.Msk.Inputs.ClusterClientAuthenticationArgs\n {\n Sasl = new Aws.Msk.Inputs.ClusterClientAuthenticationSaslArgs\n {\n Scram = true,\n },\n },\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n Description = \"Example Key for MSK Cluster Scram Secret Association\",\n });\n\n var exampleSecret = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"AmazonMSK_example\",\n KmsKeyId = exampleKey.KeyId,\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = exampleSecret.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = \"user\",\n [\"password\"] = \"pass\",\n }),\n });\n\n var exampleScramSecretAssociation = new Aws.Msk.ScramSecretAssociation(\"example\", new()\n {\n ClusterArn = exampleCluster.Arn,\n SecretArnLists = new[]\n {\n exampleSecret.Arn,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleSecretVersion, \n },\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Sid = \"AWSKafkaResourcePolicy\",\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"kafka.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"secretsmanager:getSecretValue\",\n },\n Resources = new[]\n {\n exampleSecret.Arn,\n },\n },\n },\n });\n\n var exampleSecretPolicy = new Aws.SecretsManager.SecretPolicy(\"example\", new()\n {\n SecretArn = exampleSecret.Arn,\n Policy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/msk\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleCluster, err := msk.NewCluster(ctx, \"example\", \u0026msk.ClusterArgs{\n\t\t\tClusterName: pulumi.String(\"example\"),\n\t\t\tClientAuthentication: \u0026msk.ClusterClientAuthenticationArgs{\n\t\t\t\tSasl: \u0026msk.ClusterClientAuthenticationSaslArgs{\n\t\t\t\t\tScram: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"Example Key for MSK Cluster Scram Secret Association\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSecret, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"AmazonMSK_example\"),\n\t\t\tKmsKeyId: exampleKey.KeyId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"username\": \"user\",\n\t\t\t\"password\": \"pass\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleSecretVersion, err := secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: exampleSecret.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = msk.NewScramSecretAssociation(ctx, \"example\", \u0026msk.ScramSecretAssociationArgs{\n\t\t\tClusterArn: exampleCluster.Arn,\n\t\t\tSecretArnLists: pulumi.StringArray{\n\t\t\t\texampleSecret.Arn,\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tSid: pulumi.String(\"AWSKafkaResourcePolicy\"),\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"kafka.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"secretsmanager:getSecretValue\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleSecret.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\t_, err = secretsmanager.NewSecretPolicy(ctx, \"example\", \u0026secretsmanager.SecretPolicyArgs{\n\t\t\tSecretArn: exampleSecret.Arn,\n\t\t\tPolicy: example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.msk.Cluster;\nimport com.pulumi.aws.msk.ClusterArgs;\nimport com.pulumi.aws.msk.inputs.ClusterClientAuthenticationArgs;\nimport com.pulumi.aws.msk.inputs.ClusterClientAuthenticationSaslArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.msk.ScramSecretAssociation;\nimport com.pulumi.aws.msk.ScramSecretAssociationArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.secretsmanager.SecretPolicy;\nimport com.pulumi.aws.secretsmanager.SecretPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder() \n .clusterName(\"example\")\n .clientAuthentication(ClusterClientAuthenticationArgs.builder()\n .sasl(ClusterClientAuthenticationSaslArgs.builder()\n .scram(true)\n .build())\n .build())\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder() \n .description(\"Example Key for MSK Cluster Scram Secret Association\")\n .build());\n\n var exampleSecret = new Secret(\"exampleSecret\", SecretArgs.builder() \n .name(\"AmazonMSK_example\")\n .kmsKeyId(exampleKey.keyId())\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder() \n .secretId(exampleSecret.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"username\", \"user\"),\n jsonProperty(\"password\", \"pass\")\n )))\n .build());\n\n var exampleScramSecretAssociation = new ScramSecretAssociation(\"exampleScramSecretAssociation\", ScramSecretAssociationArgs.builder() \n .clusterArn(exampleCluster.arn())\n .secretArnLists(exampleSecret.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleSecretVersion)\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .sid(\"AWSKafkaResourcePolicy\")\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"kafka.amazonaws.com\")\n .build())\n .actions(\"secretsmanager:getSecretValue\")\n .resources(exampleSecret.arn())\n .build())\n .build());\n\n var exampleSecretPolicy = new SecretPolicy(\"exampleSecretPolicy\", SecretPolicyArgs.builder() \n .secretArn(exampleSecret.arn())\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleScramSecretAssociation:\n type: aws:msk:ScramSecretAssociation\n name: example\n properties:\n clusterArn: ${exampleCluster.arn}\n secretArnLists:\n - ${exampleSecret.arn}\n options:\n dependson:\n - ${exampleSecretVersion}\n exampleCluster:\n type: aws:msk:Cluster\n name: example\n properties:\n clusterName: example\n clientAuthentication:\n sasl:\n scram: true\n exampleSecret:\n type: aws:secretsmanager:Secret\n name: example\n properties:\n name: AmazonMSK_example\n kmsKeyId: ${exampleKey.keyId}\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n description: Example Key for MSK Cluster Scram Secret Association\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${exampleSecret.id}\n secretString:\n fn::toJSON:\n username: user\n password: pass\n exampleSecretPolicy:\n type: aws:secretsmanager:SecretPolicy\n name: example\n properties:\n secretArn: ${exampleSecret.arn}\n policy: ${example.json}\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - sid: AWSKafkaResourcePolicy\n effect: Allow\n principals:\n - type: Service\n identifiers:\n - kafka.amazonaws.com\n actions:\n - secretsmanager:getSecretValue\n resources:\n - ${exampleSecret.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import MSK SCRAM Secret Associations using the `id`. For example:\n\n```sh\n$ pulumi import aws:msk/scramSecretAssociation:ScramSecretAssociation example arn:aws:kafka:us-west-2:123456789012:cluster/example/279c0212-d057-4dba-9aa9-1c4e5a25bfc7-3\n```\n", "properties": { "clusterArn": { "type": "string", @@ -284001,7 +284001,7 @@ } }, "aws:neptune/globalCluster:GlobalCluster": { - "description": "Manages a Neptune Global Cluster. A global cluster consists of one primary region and up to five read-only secondary regions. You issue write operations directly to the primary cluster in the primary region and Amazon Neptune automatically replicates the data to the secondary regions using dedicated infrastructure.\n\nMore information about Neptune Global Clusters can be found in the [Neptune User Guide](https://docs.aws.amazon.com/neptune/latest/userguide/neptune-global-database.html).\n\n## Example Usage\n\n### New Neptune Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"neptune\",\n engineVersion: \"1.2.0.0\",\n});\nconst primary = new aws.neptune.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n globalClusterIdentifier: example.id,\n neptuneSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.neptune.ClusterInstance(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: \"db.r5.large\",\n neptuneSubnetGroupName: \"default\",\n});\nconst secondary = new aws.neptune.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n neptuneSubnetGroupName: \"default\",\n});\nconst secondaryClusterInstance = new aws.neptune.ClusterInstance(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: \"db.r5.large\",\n neptuneSubnetGroupName: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"neptune\",\n engine_version=\"1.2.0.0\")\nprimary = aws.neptune.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n global_cluster_identifier=example.id,\n neptune_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.neptune.ClusterInstance(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=\"db.r5.large\",\n neptune_subnet_group_name=\"default\")\nsecondary = aws.neptune.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n neptune_subnet_group_name=\"default\")\nsecondary_cluster_instance = aws.neptune.ClusterInstance(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=\"db.r5.large\",\n neptune_subnet_group_name=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Neptune.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"neptune\",\n EngineVersion = \"1.2.0.0\",\n });\n\n var primary = new Aws.Neptune.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n GlobalClusterIdentifier = example.Id,\n NeptuneSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.Neptune.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = \"db.r5.large\",\n NeptuneSubnetGroupName = \"default\",\n });\n\n var secondary = new Aws.Neptune.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n NeptuneSubnetGroupName = \"default\",\n });\n\n var secondaryClusterInstance = new Aws.Neptune.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = \"db.r5.large\",\n NeptuneSubnetGroupName = \"default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := neptune.NewGlobalCluster(ctx, \"example\", \u0026neptune.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\tEngineVersion: pulumi.String(\"1.2.0.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := neptune.NewCluster(ctx, \"primary\", \u0026neptune.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = neptune.NewClusterInstance(ctx, \"primary\", \u0026neptune.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := neptune.NewCluster(ctx, \"secondary\", \u0026neptune.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = neptune.NewClusterInstance(ctx, \"secondary\", \u0026neptune.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.GlobalCluster;\nimport com.pulumi.aws.neptune.GlobalClusterArgs;\nimport com.pulumi.aws.neptune.Cluster;\nimport com.pulumi.aws.neptune.ClusterArgs;\nimport com.pulumi.aws.neptune.ClusterInstance;\nimport com.pulumi.aws.neptune.ClusterInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"global-test\")\n .engine(\"neptune\")\n .engineVersion(\"1.2.0.0\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .globalClusterIdentifier(example.id())\n .neptuneSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r5.large\")\n .neptuneSubnetGroupName(\"default\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .neptuneSubnetGroupName(\"default\")\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r5.large\")\n .neptuneSubnetGroupName(\"default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:neptune:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: neptune\n engineVersion: 1.2.0.0\n primary:\n type: aws:neptune:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n globalClusterIdentifier: ${example.id}\n neptuneSubnetGroupName: default\n primaryClusterInstance:\n type: aws:neptune:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r5.large\n neptuneSubnetGroupName: default\n secondary:\n type: aws:neptune:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n neptuneSubnetGroupName: default\n secondaryClusterInstance:\n type: aws:neptune:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r5.large\n neptuneSubnetGroupName: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New Global Cluster From Existing DB Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.Cluster(\"example\", {});\nconst exampleGlobalCluster = new aws.neptune.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"example\",\n sourceDbClusterIdentifier: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.Cluster(\"example\")\nexample_global_cluster = aws.neptune.GlobalCluster(\"example\",\n global_cluster_identifier=\"example\",\n source_db_cluster_identifier=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Neptune.Cluster(\"example\");\n\n var exampleGlobalCluster = new Aws.Neptune.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"example\",\n SourceDbClusterIdentifier = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := neptune.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = neptune.NewGlobalCluster(ctx, \"example\", \u0026neptune.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceDbClusterIdentifier: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.Cluster;\nimport com.pulumi.aws.neptune.GlobalCluster;\nimport com.pulumi.aws.neptune.GlobalClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\");\n\n var exampleGlobalCluster = new GlobalCluster(\"exampleGlobalCluster\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"example\")\n .sourceDbClusterIdentifier(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:neptune:Cluster\n exampleGlobalCluster:\n type: aws:neptune:GlobalCluster\n name: example\n properties:\n globalClusterIdentifier: example\n sourceDbClusterIdentifier: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_neptune_global_cluster` using the Global Cluster identifier. For example:\n\n```sh\n$ pulumi import aws:neptune/globalCluster:GlobalCluster example example\n```\nCertain resource arguments, like `source_db_cluster_identifier`, do not have an API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", + "description": "Manages a Neptune Global Cluster. A global cluster consists of one primary region and up to five read-only secondary regions. You issue write operations directly to the primary cluster in the primary region and Amazon Neptune automatically replicates the data to the secondary regions using dedicated infrastructure.\n\nMore information about Neptune Global Clusters can be found in the [Neptune User Guide](https://docs.aws.amazon.com/neptune/latest/userguide/neptune-global-database.html).\n\n## Example Usage\n\n### New Neptune Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"neptune\",\n engineVersion: \"1.2.0.0\",\n});\nconst primary = new aws.neptune.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n globalClusterIdentifier: example.id,\n neptuneSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.neptune.ClusterInstance(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: \"db.r5.large\",\n neptuneSubnetGroupName: \"default\",\n});\nconst secondary = new aws.neptune.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n neptuneSubnetGroupName: \"default\",\n});\nconst secondaryClusterInstance = new aws.neptune.ClusterInstance(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: \"db.r5.large\",\n neptuneSubnetGroupName: \"default\",\n}, {\n dependsOn: [primaryClusterInstance],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"neptune\",\n engine_version=\"1.2.0.0\")\nprimary = aws.neptune.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n global_cluster_identifier=example.id,\n neptune_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.neptune.ClusterInstance(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=\"db.r5.large\",\n neptune_subnet_group_name=\"default\")\nsecondary = aws.neptune.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n neptune_subnet_group_name=\"default\")\nsecondary_cluster_instance = aws.neptune.ClusterInstance(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=\"db.r5.large\",\n neptune_subnet_group_name=\"default\",\n opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Neptune.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"neptune\",\n EngineVersion = \"1.2.0.0\",\n });\n\n var primary = new Aws.Neptune.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n GlobalClusterIdentifier = example.Id,\n NeptuneSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.Neptune.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = \"db.r5.large\",\n NeptuneSubnetGroupName = \"default\",\n });\n\n var secondary = new Aws.Neptune.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n NeptuneSubnetGroupName = \"default\",\n });\n\n var secondaryClusterInstance = new Aws.Neptune.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = \"db.r5.large\",\n NeptuneSubnetGroupName = \"default\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryClusterInstance, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := neptune.NewGlobalCluster(ctx, \"example\", \u0026neptune.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"neptune\"),\n\t\t\tEngineVersion: pulumi.String(\"1.2.0.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := neptune.NewCluster(ctx, \"primary\", \u0026neptune.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryClusterInstance, err := neptune.NewClusterInstance(ctx, \"primary\", \u0026neptune.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := neptune.NewCluster(ctx, \"secondary\", \u0026neptune.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = neptune.NewClusterInstance(ctx, \"secondary\", \u0026neptune.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(\"db.r5.large\"),\n\t\t\tNeptuneSubnetGroupName: pulumi.String(\"default\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryClusterInstance,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.GlobalCluster;\nimport com.pulumi.aws.neptune.GlobalClusterArgs;\nimport com.pulumi.aws.neptune.Cluster;\nimport com.pulumi.aws.neptune.ClusterArgs;\nimport com.pulumi.aws.neptune.ClusterInstance;\nimport com.pulumi.aws.neptune.ClusterInstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"global-test\")\n .engine(\"neptune\")\n .engineVersion(\"1.2.0.0\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .globalClusterIdentifier(example.id())\n .neptuneSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r5.large\")\n .neptuneSubnetGroupName(\"default\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .neptuneSubnetGroupName(\"default\")\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r5.large\")\n .neptuneSubnetGroupName(\"default\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryClusterInstance)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:neptune:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: neptune\n engineVersion: 1.2.0.0\n primary:\n type: aws:neptune:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n globalClusterIdentifier: ${example.id}\n neptuneSubnetGroupName: default\n primaryClusterInstance:\n type: aws:neptune:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r5.large\n neptuneSubnetGroupName: default\n secondary:\n type: aws:neptune:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n neptuneSubnetGroupName: default\n secondaryClusterInstance:\n type: aws:neptune:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r5.large\n neptuneSubnetGroupName: default\n options:\n dependson:\n - ${primaryClusterInstance}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New Global Cluster From Existing DB Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.neptune.Cluster(\"example\", {});\nconst exampleGlobalCluster = new aws.neptune.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"example\",\n sourceDbClusterIdentifier: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.neptune.Cluster(\"example\")\nexample_global_cluster = aws.neptune.GlobalCluster(\"example\",\n global_cluster_identifier=\"example\",\n source_db_cluster_identifier=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Neptune.Cluster(\"example\");\n\n var exampleGlobalCluster = new Aws.Neptune.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"example\",\n SourceDbClusterIdentifier = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/neptune\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := neptune.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = neptune.NewGlobalCluster(ctx, \"example\", \u0026neptune.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceDbClusterIdentifier: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.neptune.Cluster;\nimport com.pulumi.aws.neptune.GlobalCluster;\nimport com.pulumi.aws.neptune.GlobalClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\");\n\n var exampleGlobalCluster = new GlobalCluster(\"exampleGlobalCluster\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"example\")\n .sourceDbClusterIdentifier(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:neptune:Cluster\n exampleGlobalCluster:\n type: aws:neptune:GlobalCluster\n name: example\n properties:\n globalClusterIdentifier: example\n sourceDbClusterIdentifier: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_neptune_global_cluster` using the Global Cluster identifier. For example:\n\n```sh\n$ pulumi import aws:neptune/globalCluster:GlobalCluster example example\n```\nCertain resource arguments, like `source_db_cluster_identifier`, do not have an API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", @@ -284841,7 +284841,7 @@ } }, "aws:networkfirewall/resourcePolicy:ResourcePolicy": { - "description": "Provides an AWS Network Firewall Resource Policy Resource for a rule group or firewall policy.\n\n## Example Usage\n\n### For a Firewall Policy resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsNetworkfirewallFirewallPolicy.arn,\n policy: JSON.stringify({\n statement: [{\n action: [\n \"network-firewall:ListFirewallPolicies\",\n \"network-firewall:CreateFirewall\",\n \"network-firewall:UpdateFirewall\",\n \"network-firewall:AssociateFirewallPolicy\",\n ],\n effect: \"Allow\",\n resource: exampleAwsNetworkfirewallFirewallPolicy.arn,\n principal: {\n AWS: \"arn:aws:iam::123456789012:root\",\n },\n }],\n version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.ResourcePolicy(\"example\",\n resource_arn=example_aws_networkfirewall_firewall_policy[\"arn\"],\n policy=json.dumps({\n \"statement\": [{\n \"action\": [\n \"network-firewall:ListFirewallPolicies\",\n \"network-firewall:CreateFirewall\",\n \"network-firewall:UpdateFirewall\",\n \"network-firewall:AssociateFirewallPolicy\",\n ],\n \"effect\": \"Allow\",\n \"resource\": example_aws_networkfirewall_firewall_policy[\"arn\"],\n \"principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\",\n },\n }],\n \"version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsNetworkfirewallFirewallPolicy.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"network-firewall:ListFirewallPolicies\",\n \"network-firewall:CreateFirewall\",\n \"network-firewall:UpdateFirewall\",\n \"network-firewall:AssociateFirewallPolicy\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = exampleAwsNetworkfirewallFirewallPolicy.Arn,\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"arn:aws:iam::123456789012:root\",\n },\n },\n },\n [\"version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"network-firewall:ListFirewallPolicies\",\n\t\t\t\t\t\t\"network-firewall:CreateFirewall\",\n\t\t\t\t\t\t\"network-firewall:UpdateFirewall\",\n\t\t\t\t\t\t\"network-firewall:AssociateFirewallPolicy\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": exampleAwsNetworkfirewallFirewallPolicy.Arn,\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"arn:aws:iam::123456789012:root\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = networkfirewall.NewResourcePolicy(ctx, \"example\", \u0026networkfirewall.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsNetworkfirewallFirewallPolicy.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.ResourcePolicy;\nimport com.pulumi.aws.networkfirewall.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder() \n .resourceArn(exampleAwsNetworkfirewallFirewallPolicy.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\n \"network-firewall:ListFirewallPolicies\", \n \"network-firewall:CreateFirewall\", \n \"network-firewall:UpdateFirewall\", \n \"network-firewall:AssociateFirewallPolicy\"\n )),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", exampleAwsNetworkfirewallFirewallPolicy.arn()),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", \"arn:aws:iam::123456789012:root\")\n ))\n ))),\n jsonProperty(\"version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsNetworkfirewallFirewallPolicy.arn}\n policy:\n fn::toJSON:\n statement:\n - action:\n - network-firewall:ListFirewallPolicies\n - network-firewall:CreateFirewall\n - network-firewall:UpdateFirewall\n - network-firewall:AssociateFirewallPolicy\n effect: Allow\n resource: ${exampleAwsNetworkfirewallFirewallPolicy.arn}\n principal:\n AWS: arn:aws:iam::123456789012:root\n version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### For a Rule Group resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsNetworkfirewallRuleGroup.arn,\n policy: JSON.stringify({\n statement: [{\n action: [\n \"network-firewall:ListRuleGroups\",\n \"network-firewall:CreateFirewallPolicy\",\n \"network-firewall:UpdateFirewallPolicy\",\n ],\n effect: \"Allow\",\n resource: exampleAwsNetworkfirewallRuleGroup.arn,\n principal: {\n AWS: \"arn:aws:iam::123456789012:root\",\n },\n }],\n version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.ResourcePolicy(\"example\",\n resource_arn=example_aws_networkfirewall_rule_group[\"arn\"],\n policy=json.dumps({\n \"statement\": [{\n \"action\": [\n \"network-firewall:ListRuleGroups\",\n \"network-firewall:CreateFirewallPolicy\",\n \"network-firewall:UpdateFirewallPolicy\",\n ],\n \"effect\": \"Allow\",\n \"resource\": example_aws_networkfirewall_rule_group[\"arn\"],\n \"principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\",\n },\n }],\n \"version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsNetworkfirewallRuleGroup.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"network-firewall:ListRuleGroups\",\n \"network-firewall:CreateFirewallPolicy\",\n \"network-firewall:UpdateFirewallPolicy\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = exampleAwsNetworkfirewallRuleGroup.Arn,\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"arn:aws:iam::123456789012:root\",\n },\n },\n },\n [\"version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"network-firewall:ListRuleGroups\",\n\t\t\t\t\t\t\"network-firewall:CreateFirewallPolicy\",\n\t\t\t\t\t\t\"network-firewall:UpdateFirewallPolicy\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": exampleAwsNetworkfirewallRuleGroup.Arn,\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"arn:aws:iam::123456789012:root\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = networkfirewall.NewResourcePolicy(ctx, \"example\", \u0026networkfirewall.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsNetworkfirewallRuleGroup.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.ResourcePolicy;\nimport com.pulumi.aws.networkfirewall.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder() \n .resourceArn(exampleAwsNetworkfirewallRuleGroup.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\n \"network-firewall:ListRuleGroups\", \n \"network-firewall:CreateFirewallPolicy\", \n \"network-firewall:UpdateFirewallPolicy\"\n )),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", exampleAwsNetworkfirewallRuleGroup.arn()),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", \"arn:aws:iam::123456789012:root\")\n ))\n ))),\n jsonProperty(\"version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsNetworkfirewallRuleGroup.arn}\n policy:\n fn::toJSON:\n statement:\n - action:\n - network-firewall:ListRuleGroups\n - network-firewall:CreateFirewallPolicy\n - network-firewall:UpdateFirewallPolicy\n effect: Allow\n resource: ${exampleAwsNetworkfirewallRuleGroup.arn}\n principal:\n AWS: arn:aws:iam::123456789012:root\n version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Firewall Resource Policies using the `resource arn`. For example: \n```sh\n$ pulumi import aws:networkfirewall/resourcePolicy:ResourcePolicy example arn:aws:network-firewall:us-west-1:123456789012:stateful-rulegroup/example\n```\n", + "description": "Provides an AWS Network Firewall Resource Policy Resource for a rule group or firewall policy.\n\n## Example Usage\n\n### For a Firewall Policy resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsNetworkfirewallFirewallPolicy.arn,\n policy: JSON.stringify({\n Statement: [{\n Action: [\n \"network-firewall:ListFirewallPolicies\",\n \"network-firewall:CreateFirewall\",\n \"network-firewall:UpdateFirewall\",\n \"network-firewall:AssociateFirewallPolicy\",\n ],\n Effect: \"Allow\",\n Resource: exampleAwsNetworkfirewallFirewallPolicy.arn,\n Principal: {\n AWS: \"arn:aws:iam::123456789012:root\",\n },\n }],\n Version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.ResourcePolicy(\"example\",\n resource_arn=example_aws_networkfirewall_firewall_policy[\"arn\"],\n policy=json.dumps({\n \"Statement\": [{\n \"Action\": [\n \"network-firewall:ListFirewallPolicies\",\n \"network-firewall:CreateFirewall\",\n \"network-firewall:UpdateFirewall\",\n \"network-firewall:AssociateFirewallPolicy\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": example_aws_networkfirewall_firewall_policy[\"arn\"],\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\",\n },\n }],\n \"Version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsNetworkfirewallFirewallPolicy.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"network-firewall:ListFirewallPolicies\",\n \"network-firewall:CreateFirewall\",\n \"network-firewall:UpdateFirewall\",\n \"network-firewall:AssociateFirewallPolicy\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = exampleAwsNetworkfirewallFirewallPolicy.Arn,\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"arn:aws:iam::123456789012:root\",\n },\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"network-firewall:ListFirewallPolicies\",\n\t\t\t\t\t\t\"network-firewall:CreateFirewall\",\n\t\t\t\t\t\t\"network-firewall:UpdateFirewall\",\n\t\t\t\t\t\t\"network-firewall:AssociateFirewallPolicy\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": exampleAwsNetworkfirewallFirewallPolicy.Arn,\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"arn:aws:iam::123456789012:root\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = networkfirewall.NewResourcePolicy(ctx, \"example\", \u0026networkfirewall.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsNetworkfirewallFirewallPolicy.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.ResourcePolicy;\nimport com.pulumi.aws.networkfirewall.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder() \n .resourceArn(exampleAwsNetworkfirewallFirewallPolicy.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"network-firewall:ListFirewallPolicies\", \n \"network-firewall:CreateFirewall\", \n \"network-firewall:UpdateFirewall\", \n \"network-firewall:AssociateFirewallPolicy\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", exampleAwsNetworkfirewallFirewallPolicy.arn()),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"arn:aws:iam::123456789012:root\")\n ))\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsNetworkfirewallFirewallPolicy.arn}\n policy:\n fn::toJSON:\n Statement:\n - Action:\n - network-firewall:ListFirewallPolicies\n - network-firewall:CreateFirewall\n - network-firewall:UpdateFirewall\n - network-firewall:AssociateFirewallPolicy\n Effect: Allow\n Resource: ${exampleAwsNetworkfirewallFirewallPolicy.arn}\n Principal:\n AWS: arn:aws:iam::123456789012:root\n Version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### For a Rule Group resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkfirewall.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsNetworkfirewallRuleGroup.arn,\n policy: JSON.stringify({\n Statement: [{\n Action: [\n \"network-firewall:ListRuleGroups\",\n \"network-firewall:CreateFirewallPolicy\",\n \"network-firewall:UpdateFirewallPolicy\",\n ],\n Effect: \"Allow\",\n Resource: exampleAwsNetworkfirewallRuleGroup.arn,\n Principal: {\n AWS: \"arn:aws:iam::123456789012:root\",\n },\n }],\n Version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.networkfirewall.ResourcePolicy(\"example\",\n resource_arn=example_aws_networkfirewall_rule_group[\"arn\"],\n policy=json.dumps({\n \"Statement\": [{\n \"Action\": [\n \"network-firewall:ListRuleGroups\",\n \"network-firewall:CreateFirewallPolicy\",\n \"network-firewall:UpdateFirewallPolicy\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": example_aws_networkfirewall_rule_group[\"arn\"],\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::123456789012:root\",\n },\n }],\n \"Version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkFirewall.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsNetworkfirewallRuleGroup.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"network-firewall:ListRuleGroups\",\n \"network-firewall:CreateFirewallPolicy\",\n \"network-firewall:UpdateFirewallPolicy\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = exampleAwsNetworkfirewallRuleGroup.Arn,\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"arn:aws:iam::123456789012:root\",\n },\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"network-firewall:ListRuleGroups\",\n\t\t\t\t\t\t\"network-firewall:CreateFirewallPolicy\",\n\t\t\t\t\t\t\"network-firewall:UpdateFirewallPolicy\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": exampleAwsNetworkfirewallRuleGroup.Arn,\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"arn:aws:iam::123456789012:root\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = networkfirewall.NewResourcePolicy(ctx, \"example\", \u0026networkfirewall.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsNetworkfirewallRuleGroup.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkfirewall.ResourcePolicy;\nimport com.pulumi.aws.networkfirewall.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder() \n .resourceArn(exampleAwsNetworkfirewallRuleGroup.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"network-firewall:ListRuleGroups\", \n \"network-firewall:CreateFirewallPolicy\", \n \"network-firewall:UpdateFirewallPolicy\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", exampleAwsNetworkfirewallRuleGroup.arn()),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"arn:aws:iam::123456789012:root\")\n ))\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkfirewall:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsNetworkfirewallRuleGroup.arn}\n policy:\n fn::toJSON:\n Statement:\n - Action:\n - network-firewall:ListRuleGroups\n - network-firewall:CreateFirewallPolicy\n - network-firewall:UpdateFirewallPolicy\n Effect: Allow\n Resource: ${exampleAwsNetworkfirewallRuleGroup.arn}\n Principal:\n AWS: arn:aws:iam::123456789012:root\n Version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Network Firewall Resource Policies using the `resource arn`. For example: \n```sh\n$ pulumi import aws:networkfirewall/resourcePolicy:ResourcePolicy example arn:aws:network-firewall:us-west-1:123456789012:stateful-rulegroup/example\n```\n", "properties": { "policy": { "type": "string", @@ -285191,7 +285191,7 @@ } }, "aws:networkmanager/connectAttachment:ConnectAttachment": { - "description": "Resource for managing an AWS Network Manager ConnectAttachment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options=aws.networkmanager.ConnectAttachmentOptionsArgs(\n protocol=\"GRE\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder() \n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder() \n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with attachment accepter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleAttachmentAccepter = new aws.networkmanager.AttachmentAccepter(\"example\", {\n attachmentId: example.id,\n attachmentType: example.attachmentType,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n});\nconst example2 = new aws.networkmanager.AttachmentAccepter(\"example2\", {\n attachmentId: exampleConnectAttachment.id,\n attachmentType: exampleConnectAttachment.attachmentType,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_attachment_accepter = aws.networkmanager.AttachmentAccepter(\"example\",\n attachment_id=example.id,\n attachment_type=example.attachment_type)\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options=aws.networkmanager.ConnectAttachmentOptionsArgs(\n protocol=\"GRE\",\n ))\nexample2 = aws.networkmanager.AttachmentAccepter(\"example2\",\n attachment_id=example_connect_attachment.id,\n attachment_type=example_connect_attachment.attachment_type)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleAttachmentAccepter = new Aws.NetworkManager.AttachmentAccepter(\"example\", new()\n {\n AttachmentId = example.Id,\n AttachmentType = example.AttachmentType,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n });\n\n var example2 = new Aws.NetworkManager.AttachmentAccepter(\"example2\", new()\n {\n AttachmentId = exampleConnectAttachment.Id,\n AttachmentType = exampleConnectAttachment.AttachmentType,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewAttachmentAccepter(ctx, \"example\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: example.ID(),\nAttachmentType: example.AttachmentType,\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewAttachmentAccepter(ctx, \"example2\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: exampleConnectAttachment.ID(),\nAttachmentType: exampleConnectAttachment.AttachmentType,\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.AttachmentAccepter;\nimport com.pulumi.aws.networkmanager.AttachmentAccepterArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder() \n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleAttachmentAccepter = new AttachmentAccepter(\"exampleAttachmentAccepter\", AttachmentAccepterArgs.builder() \n .attachmentId(example.id())\n .attachmentType(example.attachmentType())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder() \n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build());\n\n var example2 = new AttachmentAccepter(\"example2\", AttachmentAccepterArgs.builder() \n .attachmentId(exampleConnectAttachment.id())\n .attachmentType(exampleConnectAttachment.attachmentType())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_connect_attachment` using the attachment ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/connectAttachment:ConnectAttachment example attachment-0f8fa60d2238d1bd8\n```\n", + "description": "Resource for managing an AWS Network Manager ConnectAttachment.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options=aws.networkmanager.ConnectAttachmentOptionsArgs(\n protocol=\"GRE\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder() \n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder() \n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with attachment accepter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleAttachmentAccepter = new aws.networkmanager.AttachmentAccepter(\"example\", {\n attachmentId: example.id,\n attachmentType: example.attachmentType,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n}, {\n dependsOn: [test],\n});\nconst example2 = new aws.networkmanager.AttachmentAccepter(\"example2\", {\n attachmentId: exampleConnectAttachment.id,\n attachmentType: exampleConnectAttachment.attachmentType,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_attachment_accepter = aws.networkmanager.AttachmentAccepter(\"example\",\n attachment_id=example.id,\n attachment_type=example.attachment_type)\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options=aws.networkmanager.ConnectAttachmentOptionsArgs(\n protocol=\"GRE\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[test]))\nexample2 = aws.networkmanager.AttachmentAccepter(\"example2\",\n attachment_id=example_connect_attachment.id,\n attachment_type=example_connect_attachment.attachment_type)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleAttachmentAccepter = new Aws.NetworkManager.AttachmentAccepter(\"example\", new()\n {\n AttachmentId = example.Id,\n AttachmentType = example.AttachmentType,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test, \n },\n });\n\n var example2 = new Aws.NetworkManager.AttachmentAccepter(\"example2\", new()\n {\n AttachmentId = exampleConnectAttachment.Id,\n AttachmentType = exampleConnectAttachment.AttachmentType,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewAttachmentAccepter(ctx, \"example\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: example.ID(),\nAttachmentType: example.AttachmentType,\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\ntest,\n}))\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewAttachmentAccepter(ctx, \"example2\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: exampleConnectAttachment.ID(),\nAttachmentType: exampleConnectAttachment.AttachmentType,\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.AttachmentAccepter;\nimport com.pulumi.aws.networkmanager.AttachmentAccepterArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder() \n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleAttachmentAccepter = new AttachmentAccepter(\"exampleAttachmentAccepter\", AttachmentAccepterArgs.builder() \n .attachmentId(example.id())\n .attachmentType(example.attachmentType())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder() \n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test)\n .build());\n\n var example2 = new AttachmentAccepter(\"example2\", AttachmentAccepterArgs.builder() \n .attachmentId(exampleConnectAttachment.id())\n .attachmentType(exampleConnectAttachment.attachmentType())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_connect_attachment` using the attachment ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/connectAttachment:ConnectAttachment example attachment-0f8fa60d2238d1bd8\n```\n", "properties": { "arn": { "type": "string", @@ -285387,7 +285387,7 @@ } }, "aws:networkmanager/connectPeer:ConnectPeer": { - "description": "Resource for managing an AWS Network Manager Connect Peer.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n});\nconst exampleConnectPeer = new aws.networkmanager.ConnectPeer(\"example\", {\n connectAttachmentId: exampleConnectAttachment.id,\n peerAddress: \"127.0.0.1\",\n bgpOptions: {\n peerAsn: 65000,\n },\n insideCidrBlocks: [\"172.16.0.0/16\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options=aws.networkmanager.ConnectAttachmentOptionsArgs(\n protocol=\"GRE\",\n ))\nexample_connect_peer = aws.networkmanager.ConnectPeer(\"example\",\n connect_attachment_id=example_connect_attachment.id,\n peer_address=\"127.0.0.1\",\n bgp_options=aws.networkmanager.ConnectPeerBgpOptionsArgs(\n peer_asn=65000,\n ),\n inside_cidr_blocks=[\"172.16.0.0/16\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n });\n\n var exampleConnectPeer = new Aws.NetworkManager.ConnectPeer(\"example\", new()\n {\n ConnectAttachmentId = exampleConnectAttachment.Id,\n PeerAddress = \"127.0.0.1\",\n BgpOptions = new Aws.NetworkManager.Inputs.ConnectPeerBgpOptionsArgs\n {\n PeerAsn = 65000,\n },\n InsideCidrBlocks = new[]\n {\n \"172.16.0.0/16\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectPeer(ctx, \"example\", \u0026networkmanager.ConnectPeerArgs{\nConnectAttachmentId: exampleConnectAttachment.ID(),\nPeerAddress: pulumi.String(\"127.0.0.1\"),\nBgpOptions: \u0026networkmanager.ConnectPeerBgpOptionsArgs{\nPeerAsn: pulumi.Int(65000),\n},\nInsideCidrBlocks: pulumi.StringArray{\npulumi.String(\"172.16.0.0/16\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.aws.networkmanager.ConnectPeer;\nimport com.pulumi.aws.networkmanager.ConnectPeerArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectPeerBgpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder() \n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder() \n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build());\n\n var exampleConnectPeer = new ConnectPeer(\"exampleConnectPeer\", ConnectPeerArgs.builder() \n .connectAttachmentId(exampleConnectAttachment.id())\n .peerAddress(\"127.0.0.1\")\n .bgpOptions(ConnectPeerBgpOptionsArgs.builder()\n .peerAsn(65000)\n .build())\n .insideCidrBlocks(\"172.16.0.0/16\")\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with attachment accepter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleAttachmentAccepter = new aws.networkmanager.AttachmentAccepter(\"example\", {\n attachmentId: example.id,\n attachmentType: example.attachmentType,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n});\nconst example2 = new aws.networkmanager.AttachmentAccepter(\"example2\", {\n attachmentId: exampleConnectAttachment.id,\n attachmentType: exampleConnectAttachment.attachmentType,\n});\nconst exampleConnectPeer = new aws.networkmanager.ConnectPeer(\"example\", {\n connectAttachmentId: exampleConnectAttachment.id,\n peerAddress: \"127.0.0.1\",\n bgpOptions: {\n peerAsn: 65500,\n },\n insideCidrBlocks: [\"172.16.0.0/16\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_attachment_accepter = aws.networkmanager.AttachmentAccepter(\"example\",\n attachment_id=example.id,\n attachment_type=example.attachment_type)\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options=aws.networkmanager.ConnectAttachmentOptionsArgs(\n protocol=\"GRE\",\n ))\nexample2 = aws.networkmanager.AttachmentAccepter(\"example2\",\n attachment_id=example_connect_attachment.id,\n attachment_type=example_connect_attachment.attachment_type)\nexample_connect_peer = aws.networkmanager.ConnectPeer(\"example\",\n connect_attachment_id=example_connect_attachment.id,\n peer_address=\"127.0.0.1\",\n bgp_options=aws.networkmanager.ConnectPeerBgpOptionsArgs(\n peer_asn=65500,\n ),\n inside_cidr_blocks=[\"172.16.0.0/16\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleAttachmentAccepter = new Aws.NetworkManager.AttachmentAccepter(\"example\", new()\n {\n AttachmentId = example.Id,\n AttachmentType = example.AttachmentType,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n });\n\n var example2 = new Aws.NetworkManager.AttachmentAccepter(\"example2\", new()\n {\n AttachmentId = exampleConnectAttachment.Id,\n AttachmentType = exampleConnectAttachment.AttachmentType,\n });\n\n var exampleConnectPeer = new Aws.NetworkManager.ConnectPeer(\"example\", new()\n {\n ConnectAttachmentId = exampleConnectAttachment.Id,\n PeerAddress = \"127.0.0.1\",\n BgpOptions = new Aws.NetworkManager.Inputs.ConnectPeerBgpOptionsArgs\n {\n PeerAsn = 65500,\n },\n InsideCidrBlocks = new[]\n {\n \"172.16.0.0/16\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewAttachmentAccepter(ctx, \"example\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: example.ID(),\nAttachmentType: example.AttachmentType,\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewAttachmentAccepter(ctx, \"example2\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: exampleConnectAttachment.ID(),\nAttachmentType: exampleConnectAttachment.AttachmentType,\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectPeer(ctx, \"example\", \u0026networkmanager.ConnectPeerArgs{\nConnectAttachmentId: exampleConnectAttachment.ID(),\nPeerAddress: pulumi.String(\"127.0.0.1\"),\nBgpOptions: \u0026networkmanager.ConnectPeerBgpOptionsArgs{\nPeerAsn: pulumi.Int(65500),\n},\nInsideCidrBlocks: pulumi.StringArray{\npulumi.String(\"172.16.0.0/16\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.AttachmentAccepter;\nimport com.pulumi.aws.networkmanager.AttachmentAccepterArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.aws.networkmanager.ConnectPeer;\nimport com.pulumi.aws.networkmanager.ConnectPeerArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectPeerBgpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder() \n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleAttachmentAccepter = new AttachmentAccepter(\"exampleAttachmentAccepter\", AttachmentAccepterArgs.builder() \n .attachmentId(example.id())\n .attachmentType(example.attachmentType())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder() \n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build());\n\n var example2 = new AttachmentAccepter(\"example2\", AttachmentAccepterArgs.builder() \n .attachmentId(exampleConnectAttachment.id())\n .attachmentType(exampleConnectAttachment.attachmentType())\n .build());\n\n var exampleConnectPeer = new ConnectPeer(\"exampleConnectPeer\", ConnectPeerArgs.builder() \n .connectAttachmentId(exampleConnectAttachment.id())\n .peerAddress(\"127.0.0.1\")\n .bgpOptions(ConnectPeerBgpOptionsArgs.builder()\n .peerAsn(65500)\n .build())\n .insideCidrBlocks(\"172.16.0.0/16\")\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with a Tunnel-less Connect attachment\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"NO_ENCAP\",\n },\n});\nconst exampleConnectPeer = new aws.networkmanager.ConnectPeer(\"example\", {\n connectAttachmentId: exampleConnectAttachment.id,\n peerAddress: \"127.0.0.1\",\n bgpOptions: {\n peerAsn: 65000,\n },\n subnetArn: test2.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options=aws.networkmanager.ConnectAttachmentOptionsArgs(\n protocol=\"NO_ENCAP\",\n ))\nexample_connect_peer = aws.networkmanager.ConnectPeer(\"example\",\n connect_attachment_id=example_connect_attachment.id,\n peer_address=\"127.0.0.1\",\n bgp_options=aws.networkmanager.ConnectPeerBgpOptionsArgs(\n peer_asn=65000,\n ),\n subnet_arn=test2[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"NO_ENCAP\",\n },\n });\n\n var exampleConnectPeer = new Aws.NetworkManager.ConnectPeer(\"example\", new()\n {\n ConnectAttachmentId = exampleConnectAttachment.Id,\n PeerAddress = \"127.0.0.1\",\n BgpOptions = new Aws.NetworkManager.Inputs.ConnectPeerBgpOptionsArgs\n {\n PeerAsn = 65000,\n },\n SubnetArn = test2.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"NO_ENCAP\"),\n},\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectPeer(ctx, \"example\", \u0026networkmanager.ConnectPeerArgs{\nConnectAttachmentId: exampleConnectAttachment.ID(),\nPeerAddress: pulumi.String(\"127.0.0.1\"),\nBgpOptions: \u0026networkmanager.ConnectPeerBgpOptionsArgs{\nPeerAsn: pulumi.Int(65000),\n},\nSubnetArn: pulumi.Any(test2.Arn),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.aws.networkmanager.ConnectPeer;\nimport com.pulumi.aws.networkmanager.ConnectPeerArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectPeerBgpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder() \n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder() \n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"NO_ENCAP\")\n .build())\n .build());\n\n var exampleConnectPeer = new ConnectPeer(\"exampleConnectPeer\", ConnectPeerArgs.builder() \n .connectAttachmentId(exampleConnectAttachment.id())\n .peerAddress(\"127.0.0.1\")\n .bgpOptions(ConnectPeerBgpOptionsArgs.builder()\n .peerAsn(65000)\n .build())\n .subnetArn(test2.arn())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_connect_peer` using the connect peer ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/connectPeer:ConnectPeer example connect-peer-061f3e96275db1acc\n```\n", + "description": "Resource for managing an AWS Network Manager Connect Peer.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n});\nconst exampleConnectPeer = new aws.networkmanager.ConnectPeer(\"example\", {\n connectAttachmentId: exampleConnectAttachment.id,\n peerAddress: \"127.0.0.1\",\n bgpOptions: {\n peerAsn: 65000,\n },\n insideCidrBlocks: [\"172.16.0.0/16\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options=aws.networkmanager.ConnectAttachmentOptionsArgs(\n protocol=\"GRE\",\n ))\nexample_connect_peer = aws.networkmanager.ConnectPeer(\"example\",\n connect_attachment_id=example_connect_attachment.id,\n peer_address=\"127.0.0.1\",\n bgp_options=aws.networkmanager.ConnectPeerBgpOptionsArgs(\n peer_asn=65000,\n ),\n inside_cidr_blocks=[\"172.16.0.0/16\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n });\n\n var exampleConnectPeer = new Aws.NetworkManager.ConnectPeer(\"example\", new()\n {\n ConnectAttachmentId = exampleConnectAttachment.Id,\n PeerAddress = \"127.0.0.1\",\n BgpOptions = new Aws.NetworkManager.Inputs.ConnectPeerBgpOptionsArgs\n {\n PeerAsn = 65000,\n },\n InsideCidrBlocks = new[]\n {\n \"172.16.0.0/16\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectPeer(ctx, \"example\", \u0026networkmanager.ConnectPeerArgs{\nConnectAttachmentId: exampleConnectAttachment.ID(),\nPeerAddress: pulumi.String(\"127.0.0.1\"),\nBgpOptions: \u0026networkmanager.ConnectPeerBgpOptionsArgs{\nPeerAsn: pulumi.Int(65000),\n},\nInsideCidrBlocks: pulumi.StringArray{\npulumi.String(\"172.16.0.0/16\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.aws.networkmanager.ConnectPeer;\nimport com.pulumi.aws.networkmanager.ConnectPeerArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectPeerBgpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder() \n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder() \n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build());\n\n var exampleConnectPeer = new ConnectPeer(\"exampleConnectPeer\", ConnectPeerArgs.builder() \n .connectAttachmentId(exampleConnectAttachment.id())\n .peerAddress(\"127.0.0.1\")\n .bgpOptions(ConnectPeerBgpOptionsArgs.builder()\n .peerAsn(65000)\n .build())\n .insideCidrBlocks(\"172.16.0.0/16\")\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with attachment accepter\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleAttachmentAccepter = new aws.networkmanager.AttachmentAccepter(\"example\", {\n attachmentId: example.id,\n attachmentType: example.attachmentType,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"GRE\",\n },\n}, {\n dependsOn: [test],\n});\nconst example2 = new aws.networkmanager.AttachmentAccepter(\"example2\", {\n attachmentId: exampleConnectAttachment.id,\n attachmentType: exampleConnectAttachment.attachmentType,\n});\nconst exampleConnectPeer = new aws.networkmanager.ConnectPeer(\"example\", {\n connectAttachmentId: exampleConnectAttachment.id,\n peerAddress: \"127.0.0.1\",\n bgpOptions: {\n peerAsn: 65500,\n },\n insideCidrBlocks: [\"172.16.0.0/16\"],\n}, {\n dependsOn: [example2],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_attachment_accepter = aws.networkmanager.AttachmentAccepter(\"example\",\n attachment_id=example.id,\n attachment_type=example.attachment_type)\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options=aws.networkmanager.ConnectAttachmentOptionsArgs(\n protocol=\"GRE\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[test]))\nexample2 = aws.networkmanager.AttachmentAccepter(\"example2\",\n attachment_id=example_connect_attachment.id,\n attachment_type=example_connect_attachment.attachment_type)\nexample_connect_peer = aws.networkmanager.ConnectPeer(\"example\",\n connect_attachment_id=example_connect_attachment.id,\n peer_address=\"127.0.0.1\",\n bgp_options=aws.networkmanager.ConnectPeerBgpOptionsArgs(\n peer_asn=65500,\n ),\n inside_cidr_blocks=[\"172.16.0.0/16\"],\n opts=pulumi.ResourceOptions(depends_on=[example2]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleAttachmentAccepter = new Aws.NetworkManager.AttachmentAccepter(\"example\", new()\n {\n AttachmentId = example.Id,\n AttachmentType = example.AttachmentType,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"GRE\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n test, \n },\n });\n\n var example2 = new Aws.NetworkManager.AttachmentAccepter(\"example2\", new()\n {\n AttachmentId = exampleConnectAttachment.Id,\n AttachmentType = exampleConnectAttachment.AttachmentType,\n });\n\n var exampleConnectPeer = new Aws.NetworkManager.ConnectPeer(\"example\", new()\n {\n ConnectAttachmentId = exampleConnectAttachment.Id,\n PeerAddress = \"127.0.0.1\",\n BgpOptions = new Aws.NetworkManager.Inputs.ConnectPeerBgpOptionsArgs\n {\n PeerAsn = 65500,\n },\n InsideCidrBlocks = new[]\n {\n \"172.16.0.0/16\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example2, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewAttachmentAccepter(ctx, \"example\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: example.ID(),\nAttachmentType: example.AttachmentType,\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"GRE\"),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\ntest,\n}))\nif err != nil {\nreturn err\n}\nexample2, err := networkmanager.NewAttachmentAccepter(ctx, \"example2\", \u0026networkmanager.AttachmentAccepterArgs{\nAttachmentId: exampleConnectAttachment.ID(),\nAttachmentType: exampleConnectAttachment.AttachmentType,\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectPeer(ctx, \"example\", \u0026networkmanager.ConnectPeerArgs{\nConnectAttachmentId: exampleConnectAttachment.ID(),\nPeerAddress: pulumi.String(\"127.0.0.1\"),\nBgpOptions: \u0026networkmanager.ConnectPeerBgpOptionsArgs{\nPeerAsn: pulumi.Int(65500),\n},\nInsideCidrBlocks: pulumi.StringArray{\npulumi.String(\"172.16.0.0/16\"),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\nexample2,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.AttachmentAccepter;\nimport com.pulumi.aws.networkmanager.AttachmentAccepterArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.aws.networkmanager.ConnectPeer;\nimport com.pulumi.aws.networkmanager.ConnectPeerArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectPeerBgpOptionsArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder() \n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleAttachmentAccepter = new AttachmentAccepter(\"exampleAttachmentAccepter\", AttachmentAccepterArgs.builder() \n .attachmentId(example.id())\n .attachmentType(example.attachmentType())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder() \n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"GRE\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(test)\n .build());\n\n var example2 = new AttachmentAccepter(\"example2\", AttachmentAccepterArgs.builder() \n .attachmentId(exampleConnectAttachment.id())\n .attachmentType(exampleConnectAttachment.attachmentType())\n .build());\n\n var exampleConnectPeer = new ConnectPeer(\"exampleConnectPeer\", ConnectPeerArgs.builder() \n .connectAttachmentId(exampleConnectAttachment.id())\n .peerAddress(\"127.0.0.1\")\n .bgpOptions(ConnectPeerBgpOptionsArgs.builder()\n .peerAsn(65500)\n .build())\n .insideCidrBlocks(\"172.16.0.0/16\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example2)\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with a Tunnel-less Connect attachment\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.VpcAttachment(\"example\", {\n subnetArns: exampleAwsSubnet.map(__item =\u003e __item.arn),\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n vpcArn: exampleAwsVpc.arn,\n});\nconst exampleConnectAttachment = new aws.networkmanager.ConnectAttachment(\"example\", {\n coreNetworkId: exampleAwsccNetworkmanagerCoreNetwork.id,\n transportAttachmentId: example.id,\n edgeLocation: example.edgeLocation,\n options: {\n protocol: \"NO_ENCAP\",\n },\n});\nconst exampleConnectPeer = new aws.networkmanager.ConnectPeer(\"example\", {\n connectAttachmentId: exampleConnectAttachment.id,\n peerAddress: \"127.0.0.1\",\n bgpOptions: {\n peerAsn: 65000,\n },\n subnetArn: test2.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.VpcAttachment(\"example\",\n subnet_arns=[__item[\"arn\"] for __item in example_aws_subnet],\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n vpc_arn=example_aws_vpc[\"arn\"])\nexample_connect_attachment = aws.networkmanager.ConnectAttachment(\"example\",\n core_network_id=example_awscc_networkmanager_core_network[\"id\"],\n transport_attachment_id=example.id,\n edge_location=example.edge_location,\n options=aws.networkmanager.ConnectAttachmentOptionsArgs(\n protocol=\"NO_ENCAP\",\n ))\nexample_connect_peer = aws.networkmanager.ConnectPeer(\"example\",\n connect_attachment_id=example_connect_attachment.id,\n peer_address=\"127.0.0.1\",\n bgp_options=aws.networkmanager.ConnectPeerBgpOptionsArgs(\n peer_asn=65000,\n ),\n subnet_arn=test2[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.VpcAttachment(\"example\", new()\n {\n SubnetArns = exampleAwsSubnet.Select(__item =\u003e __item.Arn).ToList(),\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n VpcArn = exampleAwsVpc.Arn,\n });\n\n var exampleConnectAttachment = new Aws.NetworkManager.ConnectAttachment(\"example\", new()\n {\n CoreNetworkId = exampleAwsccNetworkmanagerCoreNetwork.Id,\n TransportAttachmentId = example.Id,\n EdgeLocation = example.EdgeLocation,\n Options = new Aws.NetworkManager.Inputs.ConnectAttachmentOptionsArgs\n {\n Protocol = \"NO_ENCAP\",\n },\n });\n\n var exampleConnectPeer = new Aws.NetworkManager.ConnectPeer(\"example\", new()\n {\n ConnectAttachmentId = exampleConnectAttachment.Id,\n PeerAddress = \"127.0.0.1\",\n BgpOptions = new Aws.NetworkManager.Inputs.ConnectPeerBgpOptionsArgs\n {\n PeerAsn = 65000,\n },\n SubnetArn = test2.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\nvar splat0 []interface{}\nfor _, val0 := range exampleAwsSubnet {\nsplat0 = append(splat0, val0.Arn)\n}\nexample, err := networkmanager.NewVpcAttachment(ctx, \"example\", \u0026networkmanager.VpcAttachmentArgs{\nSubnetArns: toPulumiArray(splat0),\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nVpcArn: pulumi.Any(exampleAwsVpc.Arn),\n})\nif err != nil {\nreturn err\n}\nexampleConnectAttachment, err := networkmanager.NewConnectAttachment(ctx, \"example\", \u0026networkmanager.ConnectAttachmentArgs{\nCoreNetworkId: pulumi.Any(exampleAwsccNetworkmanagerCoreNetwork.Id),\nTransportAttachmentId: example.ID(),\nEdgeLocation: example.EdgeLocation,\nOptions: \u0026networkmanager.ConnectAttachmentOptionsArgs{\nProtocol: pulumi.String(\"NO_ENCAP\"),\n},\n})\nif err != nil {\nreturn err\n}\n_, err = networkmanager.NewConnectPeer(ctx, \"example\", \u0026networkmanager.ConnectPeerArgs{\nConnectAttachmentId: exampleConnectAttachment.ID(),\nPeerAddress: pulumi.String(\"127.0.0.1\"),\nBgpOptions: \u0026networkmanager.ConnectPeerBgpOptionsArgs{\nPeerAsn: pulumi.Int(65000),\n},\nSubnetArn: pulumi.Any(test2.Arn),\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\nfunc toPulumiArray(arr []) pulumi.Array {\nvar pulumiArr pulumi.Array\nfor _, v := range arr {\npulumiArr = append(pulumiArr, pulumi.(v))\n}\nreturn pulumiArr\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.VpcAttachment;\nimport com.pulumi.aws.networkmanager.VpcAttachmentArgs;\nimport com.pulumi.aws.networkmanager.ConnectAttachment;\nimport com.pulumi.aws.networkmanager.ConnectAttachmentArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs;\nimport com.pulumi.aws.networkmanager.ConnectPeer;\nimport com.pulumi.aws.networkmanager.ConnectPeerArgs;\nimport com.pulumi.aws.networkmanager.inputs.ConnectPeerBgpOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new VpcAttachment(\"example\", VpcAttachmentArgs.builder() \n .subnetArns(exampleAwsSubnet.stream().map(element -\u003e element.arn()).collect(toList()))\n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .vpcArn(exampleAwsVpc.arn())\n .build());\n\n var exampleConnectAttachment = new ConnectAttachment(\"exampleConnectAttachment\", ConnectAttachmentArgs.builder() \n .coreNetworkId(exampleAwsccNetworkmanagerCoreNetwork.id())\n .transportAttachmentId(example.id())\n .edgeLocation(example.edgeLocation())\n .options(ConnectAttachmentOptionsArgs.builder()\n .protocol(\"NO_ENCAP\")\n .build())\n .build());\n\n var exampleConnectPeer = new ConnectPeer(\"exampleConnectPeer\", ConnectPeerArgs.builder() \n .connectAttachmentId(exampleConnectAttachment.id())\n .peerAddress(\"127.0.0.1\")\n .bgpOptions(ConnectPeerBgpOptionsArgs.builder()\n .peerAsn(65000)\n .build())\n .subnetArn(test2.arn())\n .build());\n\n }\n}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_connect_peer` using the connect peer ID. For example:\n\n```sh\n$ pulumi import aws:networkmanager/connectPeer:ConnectPeer example connect-peer-061f3e96275db1acc\n```\n", "properties": { "arn": { "type": "string", @@ -286006,7 +286006,7 @@ } }, "aws:networkmanager/customerGatewayAssociation:CustomerGatewayAssociation": { - "description": "Associates a customer gateway with a device and optionally, with a link.\nIf you specify a link, it must be associated with the specified device.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.GlobalNetwork(\"example\", {description: \"example\"});\nconst exampleSite = new aws.networkmanager.Site(\"example\", {globalNetworkId: example.id});\nconst exampleDevice = new aws.networkmanager.Device(\"example\", {\n globalNetworkId: example.id,\n siteId: exampleSite.id,\n});\nconst exampleCustomerGateway = new aws.ec2.CustomerGateway(\"example\", {\n bgpAsn: \"65000\",\n ipAddress: \"172.83.124.10\",\n type: \"ipsec.1\",\n});\nconst exampleTransitGateway = new aws.ec2transitgateway.TransitGateway(\"example\", {});\nconst exampleVpnConnection = new aws.ec2.VpnConnection(\"example\", {\n customerGatewayId: exampleCustomerGateway.id,\n transitGatewayId: exampleTransitGateway.id,\n type: exampleCustomerGateway.type,\n staticRoutesOnly: true,\n});\nconst exampleTransitGatewayRegistration = new aws.networkmanager.TransitGatewayRegistration(\"example\", {\n globalNetworkId: example.id,\n transitGatewayArn: exampleTransitGateway.arn,\n});\nconst exampleCustomerGatewayAssociation = new aws.networkmanager.CustomerGatewayAssociation(\"example\", {\n globalNetworkId: example.id,\n customerGatewayArn: exampleCustomerGateway.arn,\n deviceId: exampleDevice.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.GlobalNetwork(\"example\", description=\"example\")\nexample_site = aws.networkmanager.Site(\"example\", global_network_id=example.id)\nexample_device = aws.networkmanager.Device(\"example\",\n global_network_id=example.id,\n site_id=example_site.id)\nexample_customer_gateway = aws.ec2.CustomerGateway(\"example\",\n bgp_asn=\"65000\",\n ip_address=\"172.83.124.10\",\n type=\"ipsec.1\")\nexample_transit_gateway = aws.ec2transitgateway.TransitGateway(\"example\")\nexample_vpn_connection = aws.ec2.VpnConnection(\"example\",\n customer_gateway_id=example_customer_gateway.id,\n transit_gateway_id=example_transit_gateway.id,\n type=example_customer_gateway.type,\n static_routes_only=True)\nexample_transit_gateway_registration = aws.networkmanager.TransitGatewayRegistration(\"example\",\n global_network_id=example.id,\n transit_gateway_arn=example_transit_gateway.arn)\nexample_customer_gateway_association = aws.networkmanager.CustomerGatewayAssociation(\"example\",\n global_network_id=example.id,\n customer_gateway_arn=example_customer_gateway.arn,\n device_id=example_device.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.GlobalNetwork(\"example\", new()\n {\n Description = \"example\",\n });\n\n var exampleSite = new Aws.NetworkManager.Site(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n });\n\n var exampleDevice = new Aws.NetworkManager.Device(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n SiteId = exampleSite.Id,\n });\n\n var exampleCustomerGateway = new Aws.Ec2.CustomerGateway(\"example\", new()\n {\n BgpAsn = \"65000\",\n IpAddress = \"172.83.124.10\",\n Type = \"ipsec.1\",\n });\n\n var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"example\");\n\n var exampleVpnConnection = new Aws.Ec2.VpnConnection(\"example\", new()\n {\n CustomerGatewayId = exampleCustomerGateway.Id,\n TransitGatewayId = exampleTransitGateway.Id,\n Type = exampleCustomerGateway.Type,\n StaticRoutesOnly = true,\n });\n\n var exampleTransitGatewayRegistration = new Aws.NetworkManager.TransitGatewayRegistration(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n TransitGatewayArn = exampleTransitGateway.Arn,\n });\n\n var exampleCustomerGatewayAssociation = new Aws.NetworkManager.CustomerGatewayAssociation(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n CustomerGatewayArn = exampleCustomerGateway.Arn,\n DeviceId = exampleDevice.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := networkmanager.NewGlobalNetwork(ctx, \"example\", \u0026networkmanager.GlobalNetworkArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSite, err := networkmanager.NewSite(ctx, \"example\", \u0026networkmanager.SiteArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDevice, err := networkmanager.NewDevice(ctx, \"example\", \u0026networkmanager.DeviceArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t\tSiteId: exampleSite.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCustomerGateway, err := ec2.NewCustomerGateway(ctx, \"example\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.String(\"65000\"),\n\t\t\tIpAddress: pulumi.String(\"172.83.124.10\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ec2.NewVpnConnection(ctx, \"example\", \u0026ec2.VpnConnectionArgs{\n\t\t\tCustomerGatewayId: exampleCustomerGateway.ID(),\n\t\t\tTransitGatewayId: exampleTransitGateway.ID(),\n\t\t\tType: exampleCustomerGateway.Type,\n\t\t\tStaticRoutesOnly: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkmanager.NewTransitGatewayRegistration(ctx, \"example\", \u0026networkmanager.TransitGatewayRegistrationArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t\tTransitGatewayArn: exampleTransitGateway.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkmanager.NewCustomerGatewayAssociation(ctx, \"example\", \u0026networkmanager.CustomerGatewayAssociationArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t\tCustomerGatewayArn: exampleCustomerGateway.Arn,\n\t\t\tDeviceId: exampleDevice.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.GlobalNetworkArgs;\nimport com.pulumi.aws.networkmanager.Site;\nimport com.pulumi.aws.networkmanager.SiteArgs;\nimport com.pulumi.aws.networkmanager.Device;\nimport com.pulumi.aws.networkmanager.DeviceArgs;\nimport com.pulumi.aws.ec2.CustomerGateway;\nimport com.pulumi.aws.ec2.CustomerGatewayArgs;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2.VpnConnection;\nimport com.pulumi.aws.ec2.VpnConnectionArgs;\nimport com.pulumi.aws.networkmanager.TransitGatewayRegistration;\nimport com.pulumi.aws.networkmanager.TransitGatewayRegistrationArgs;\nimport com.pulumi.aws.networkmanager.CustomerGatewayAssociation;\nimport com.pulumi.aws.networkmanager.CustomerGatewayAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalNetwork(\"example\", GlobalNetworkArgs.builder() \n .description(\"example\")\n .build());\n\n var exampleSite = new Site(\"exampleSite\", SiteArgs.builder() \n .globalNetworkId(example.id())\n .build());\n\n var exampleDevice = new Device(\"exampleDevice\", DeviceArgs.builder() \n .globalNetworkId(example.id())\n .siteId(exampleSite.id())\n .build());\n\n var exampleCustomerGateway = new CustomerGateway(\"exampleCustomerGateway\", CustomerGatewayArgs.builder() \n .bgpAsn(65000)\n .ipAddress(\"172.83.124.10\")\n .type(\"ipsec.1\")\n .build());\n\n var exampleTransitGateway = new TransitGateway(\"exampleTransitGateway\");\n\n var exampleVpnConnection = new VpnConnection(\"exampleVpnConnection\", VpnConnectionArgs.builder() \n .customerGatewayId(exampleCustomerGateway.id())\n .transitGatewayId(exampleTransitGateway.id())\n .type(exampleCustomerGateway.type())\n .staticRoutesOnly(true)\n .build());\n\n var exampleTransitGatewayRegistration = new TransitGatewayRegistration(\"exampleTransitGatewayRegistration\", TransitGatewayRegistrationArgs.builder() \n .globalNetworkId(example.id())\n .transitGatewayArn(exampleTransitGateway.arn())\n .build());\n\n var exampleCustomerGatewayAssociation = new CustomerGatewayAssociation(\"exampleCustomerGatewayAssociation\", CustomerGatewayAssociationArgs.builder() \n .globalNetworkId(example.id())\n .customerGatewayArn(exampleCustomerGateway.arn())\n .deviceId(exampleDevice.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:GlobalNetwork\n properties:\n description: example\n exampleSite:\n type: aws:networkmanager:Site\n name: example\n properties:\n globalNetworkId: ${example.id}\n exampleDevice:\n type: aws:networkmanager:Device\n name: example\n properties:\n globalNetworkId: ${example.id}\n siteId: ${exampleSite.id}\n exampleCustomerGateway:\n type: aws:ec2:CustomerGateway\n name: example\n properties:\n bgpAsn: 65000\n ipAddress: 172.83.124.10\n type: ipsec.1\n exampleTransitGateway:\n type: aws:ec2transitgateway:TransitGateway\n name: example\n exampleVpnConnection:\n type: aws:ec2:VpnConnection\n name: example\n properties:\n customerGatewayId: ${exampleCustomerGateway.id}\n transitGatewayId: ${exampleTransitGateway.id}\n type: ${exampleCustomerGateway.type}\n staticRoutesOnly: true\n exampleTransitGatewayRegistration:\n type: aws:networkmanager:TransitGatewayRegistration\n name: example\n properties:\n globalNetworkId: ${example.id}\n transitGatewayArn: ${exampleTransitGateway.arn}\n exampleCustomerGatewayAssociation:\n type: aws:networkmanager:CustomerGatewayAssociation\n name: example\n properties:\n globalNetworkId: ${example.id}\n customerGatewayArn: ${exampleCustomerGateway.arn}\n deviceId: ${exampleDevice.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_customer_gateway_association` using the global network ID and customer gateway ARN. For example:\n\n```sh\n$ pulumi import aws:networkmanager/customerGatewayAssociation:CustomerGatewayAssociation example global-network-0d47f6t230mz46dy4,arn:aws:ec2:us-west-2:123456789012:customer-gateway/cgw-123abc05e04123abc\n```\n", + "description": "Associates a customer gateway with a device and optionally, with a link.\nIf you specify a link, it must be associated with the specified device.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.networkmanager.GlobalNetwork(\"example\", {description: \"example\"});\nconst exampleSite = new aws.networkmanager.Site(\"example\", {globalNetworkId: example.id});\nconst exampleDevice = new aws.networkmanager.Device(\"example\", {\n globalNetworkId: example.id,\n siteId: exampleSite.id,\n});\nconst exampleCustomerGateway = new aws.ec2.CustomerGateway(\"example\", {\n bgpAsn: \"65000\",\n ipAddress: \"172.83.124.10\",\n type: \"ipsec.1\",\n});\nconst exampleTransitGateway = new aws.ec2transitgateway.TransitGateway(\"example\", {});\nconst exampleVpnConnection = new aws.ec2.VpnConnection(\"example\", {\n customerGatewayId: exampleCustomerGateway.id,\n transitGatewayId: exampleTransitGateway.id,\n type: exampleCustomerGateway.type,\n staticRoutesOnly: true,\n});\nconst exampleTransitGatewayRegistration = new aws.networkmanager.TransitGatewayRegistration(\"example\", {\n globalNetworkId: example.id,\n transitGatewayArn: exampleTransitGateway.arn,\n}, {\n dependsOn: [exampleVpnConnection],\n});\nconst exampleCustomerGatewayAssociation = new aws.networkmanager.CustomerGatewayAssociation(\"example\", {\n globalNetworkId: example.id,\n customerGatewayArn: exampleCustomerGateway.arn,\n deviceId: exampleDevice.id,\n}, {\n dependsOn: [exampleTransitGatewayRegistration],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.networkmanager.GlobalNetwork(\"example\", description=\"example\")\nexample_site = aws.networkmanager.Site(\"example\", global_network_id=example.id)\nexample_device = aws.networkmanager.Device(\"example\",\n global_network_id=example.id,\n site_id=example_site.id)\nexample_customer_gateway = aws.ec2.CustomerGateway(\"example\",\n bgp_asn=\"65000\",\n ip_address=\"172.83.124.10\",\n type=\"ipsec.1\")\nexample_transit_gateway = aws.ec2transitgateway.TransitGateway(\"example\")\nexample_vpn_connection = aws.ec2.VpnConnection(\"example\",\n customer_gateway_id=example_customer_gateway.id,\n transit_gateway_id=example_transit_gateway.id,\n type=example_customer_gateway.type,\n static_routes_only=True)\nexample_transit_gateway_registration = aws.networkmanager.TransitGatewayRegistration(\"example\",\n global_network_id=example.id,\n transit_gateway_arn=example_transit_gateway.arn,\n opts=pulumi.ResourceOptions(depends_on=[example_vpn_connection]))\nexample_customer_gateway_association = aws.networkmanager.CustomerGatewayAssociation(\"example\",\n global_network_id=example.id,\n customer_gateway_arn=example_customer_gateway.arn,\n device_id=example_device.id,\n opts=pulumi.ResourceOptions(depends_on=[example_transit_gateway_registration]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.NetworkManager.GlobalNetwork(\"example\", new()\n {\n Description = \"example\",\n });\n\n var exampleSite = new Aws.NetworkManager.Site(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n });\n\n var exampleDevice = new Aws.NetworkManager.Device(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n SiteId = exampleSite.Id,\n });\n\n var exampleCustomerGateway = new Aws.Ec2.CustomerGateway(\"example\", new()\n {\n BgpAsn = \"65000\",\n IpAddress = \"172.83.124.10\",\n Type = \"ipsec.1\",\n });\n\n var exampleTransitGateway = new Aws.Ec2TransitGateway.TransitGateway(\"example\");\n\n var exampleVpnConnection = new Aws.Ec2.VpnConnection(\"example\", new()\n {\n CustomerGatewayId = exampleCustomerGateway.Id,\n TransitGatewayId = exampleTransitGateway.Id,\n Type = exampleCustomerGateway.Type,\n StaticRoutesOnly = true,\n });\n\n var exampleTransitGatewayRegistration = new Aws.NetworkManager.TransitGatewayRegistration(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n TransitGatewayArn = exampleTransitGateway.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleVpnConnection, \n },\n });\n\n var exampleCustomerGatewayAssociation = new Aws.NetworkManager.CustomerGatewayAssociation(\"example\", new()\n {\n GlobalNetworkId = example.Id,\n CustomerGatewayArn = exampleCustomerGateway.Arn,\n DeviceId = exampleDevice.Id,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleTransitGatewayRegistration, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2transitgateway\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := networkmanager.NewGlobalNetwork(ctx, \"example\", \u0026networkmanager.GlobalNetworkArgs{\n\t\t\tDescription: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSite, err := networkmanager.NewSite(ctx, \"example\", \u0026networkmanager.SiteArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDevice, err := networkmanager.NewDevice(ctx, \"example\", \u0026networkmanager.DeviceArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t\tSiteId: exampleSite.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCustomerGateway, err := ec2.NewCustomerGateway(ctx, \"example\", \u0026ec2.CustomerGatewayArgs{\n\t\t\tBgpAsn: pulumi.String(\"65000\"),\n\t\t\tIpAddress: pulumi.String(\"172.83.124.10\"),\n\t\t\tType: pulumi.String(\"ipsec.1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGateway, err := ec2transitgateway.NewTransitGateway(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVpnConnection, err := ec2.NewVpnConnection(ctx, \"example\", \u0026ec2.VpnConnectionArgs{\n\t\t\tCustomerGatewayId: exampleCustomerGateway.ID(),\n\t\t\tTransitGatewayId: exampleTransitGateway.ID(),\n\t\t\tType: exampleCustomerGateway.Type,\n\t\t\tStaticRoutesOnly: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTransitGatewayRegistration, err := networkmanager.NewTransitGatewayRegistration(ctx, \"example\", \u0026networkmanager.TransitGatewayRegistrationArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t\tTransitGatewayArn: exampleTransitGateway.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleVpnConnection,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = networkmanager.NewCustomerGatewayAssociation(ctx, \"example\", \u0026networkmanager.CustomerGatewayAssociationArgs{\n\t\t\tGlobalNetworkId: example.ID(),\n\t\t\tCustomerGatewayArn: exampleCustomerGateway.Arn,\n\t\t\tDeviceId: exampleDevice.ID(),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleTransitGatewayRegistration,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.networkmanager.GlobalNetwork;\nimport com.pulumi.aws.networkmanager.GlobalNetworkArgs;\nimport com.pulumi.aws.networkmanager.Site;\nimport com.pulumi.aws.networkmanager.SiteArgs;\nimport com.pulumi.aws.networkmanager.Device;\nimport com.pulumi.aws.networkmanager.DeviceArgs;\nimport com.pulumi.aws.ec2.CustomerGateway;\nimport com.pulumi.aws.ec2.CustomerGatewayArgs;\nimport com.pulumi.aws.ec2transitgateway.TransitGateway;\nimport com.pulumi.aws.ec2.VpnConnection;\nimport com.pulumi.aws.ec2.VpnConnectionArgs;\nimport com.pulumi.aws.networkmanager.TransitGatewayRegistration;\nimport com.pulumi.aws.networkmanager.TransitGatewayRegistrationArgs;\nimport com.pulumi.aws.networkmanager.CustomerGatewayAssociation;\nimport com.pulumi.aws.networkmanager.CustomerGatewayAssociationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalNetwork(\"example\", GlobalNetworkArgs.builder() \n .description(\"example\")\n .build());\n\n var exampleSite = new Site(\"exampleSite\", SiteArgs.builder() \n .globalNetworkId(example.id())\n .build());\n\n var exampleDevice = new Device(\"exampleDevice\", DeviceArgs.builder() \n .globalNetworkId(example.id())\n .siteId(exampleSite.id())\n .build());\n\n var exampleCustomerGateway = new CustomerGateway(\"exampleCustomerGateway\", CustomerGatewayArgs.builder() \n .bgpAsn(65000)\n .ipAddress(\"172.83.124.10\")\n .type(\"ipsec.1\")\n .build());\n\n var exampleTransitGateway = new TransitGateway(\"exampleTransitGateway\");\n\n var exampleVpnConnection = new VpnConnection(\"exampleVpnConnection\", VpnConnectionArgs.builder() \n .customerGatewayId(exampleCustomerGateway.id())\n .transitGatewayId(exampleTransitGateway.id())\n .type(exampleCustomerGateway.type())\n .staticRoutesOnly(true)\n .build());\n\n var exampleTransitGatewayRegistration = new TransitGatewayRegistration(\"exampleTransitGatewayRegistration\", TransitGatewayRegistrationArgs.builder() \n .globalNetworkId(example.id())\n .transitGatewayArn(exampleTransitGateway.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleVpnConnection)\n .build());\n\n var exampleCustomerGatewayAssociation = new CustomerGatewayAssociation(\"exampleCustomerGatewayAssociation\", CustomerGatewayAssociationArgs.builder() \n .globalNetworkId(example.id())\n .customerGatewayArn(exampleCustomerGateway.arn())\n .deviceId(exampleDevice.id())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleTransitGatewayRegistration)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:networkmanager:GlobalNetwork\n properties:\n description: example\n exampleSite:\n type: aws:networkmanager:Site\n name: example\n properties:\n globalNetworkId: ${example.id}\n exampleDevice:\n type: aws:networkmanager:Device\n name: example\n properties:\n globalNetworkId: ${example.id}\n siteId: ${exampleSite.id}\n exampleCustomerGateway:\n type: aws:ec2:CustomerGateway\n name: example\n properties:\n bgpAsn: 65000\n ipAddress: 172.83.124.10\n type: ipsec.1\n exampleTransitGateway:\n type: aws:ec2transitgateway:TransitGateway\n name: example\n exampleVpnConnection:\n type: aws:ec2:VpnConnection\n name: example\n properties:\n customerGatewayId: ${exampleCustomerGateway.id}\n transitGatewayId: ${exampleTransitGateway.id}\n type: ${exampleCustomerGateway.type}\n staticRoutesOnly: true\n exampleTransitGatewayRegistration:\n type: aws:networkmanager:TransitGatewayRegistration\n name: example\n properties:\n globalNetworkId: ${example.id}\n transitGatewayArn: ${exampleTransitGateway.arn}\n options:\n dependson:\n - ${exampleVpnConnection}\n exampleCustomerGatewayAssociation:\n type: aws:networkmanager:CustomerGatewayAssociation\n name: example\n properties:\n globalNetworkId: ${example.id}\n customerGatewayArn: ${exampleCustomerGateway.arn}\n deviceId: ${exampleDevice.id}\n options:\n dependson:\n - ${exampleTransitGatewayRegistration}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_networkmanager_customer_gateway_association` using the global network ID and customer gateway ARN. For example:\n\n```sh\n$ pulumi import aws:networkmanager/customerGatewayAssociation:CustomerGatewayAssociation example global-network-0d47f6t230mz46dy4,arn:aws:ec2:us-west-2:123456789012:customer-gateway/cgw-123abc05e04123abc\n```\n", "properties": { "customerGatewayArn": { "type": "string", @@ -287704,7 +287704,7 @@ } }, "aws:oam/sinkPolicy:SinkPolicy": { - "description": "Resource for managing an AWS CloudWatch Observability Access Manager Sink Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.oam.Sink(\"example\", {name: \"ExampleSink\"});\nconst exampleSinkPolicy = new aws.oam.SinkPolicy(\"example\", {\n sinkIdentifier: example.id,\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\n \"oam:CreateLink\",\n \"oam:UpdateLink\",\n ],\n effect: \"Allow\",\n resource: \"*\",\n principal: {\n AWS: [\n \"1111111111111\",\n \"222222222222\",\n ],\n },\n condition: {\n \"ForAllValues:StringEquals\": {\n \"oam:ResourceTypes\": [\n \"AWS::CloudWatch::Metric\",\n \"AWS::Logs::LogGroup\",\n ],\n },\n },\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.oam.Sink(\"example\", name=\"ExampleSink\")\nexample_sink_policy = aws.oam.SinkPolicy(\"example\",\n sink_identifier=example.id,\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\n \"oam:CreateLink\",\n \"oam:UpdateLink\",\n ],\n \"effect\": \"Allow\",\n \"resource\": \"*\",\n \"principal\": {\n \"AWS\": [\n \"1111111111111\",\n \"222222222222\",\n ],\n },\n \"condition\": {\n \"ForAllValues:StringEquals\": {\n \"oam:ResourceTypes\": [\n \"AWS::CloudWatch::Metric\",\n \"AWS::Logs::LogGroup\",\n ],\n },\n },\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Oam.Sink(\"example\", new()\n {\n Name = \"ExampleSink\",\n });\n\n var exampleSinkPolicy = new Aws.Oam.SinkPolicy(\"example\", new()\n {\n SinkIdentifier = example.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"oam:CreateLink\",\n \"oam:UpdateLink\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = \"*\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = new[]\n {\n \"1111111111111\",\n \"222222222222\",\n },\n },\n [\"condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ForAllValues:StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"oam:ResourceTypes\"] = new[]\n {\n \"AWS::CloudWatch::Metric\",\n \"AWS::Logs::LogGroup\",\n },\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := oam.NewSink(ctx, \"example\", \u0026oam.SinkArgs{\n\t\t\tName: pulumi.String(\"ExampleSink\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"oam:CreateLink\",\n\t\t\t\t\t\t\"oam:UpdateLink\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": []string{\n\t\t\t\t\t\t\t\"1111111111111\",\n\t\t\t\t\t\t\t\"222222222222\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"condition\": map[string]interface{}{\n\t\t\t\t\t\t\"ForAllValues:StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"oam:ResourceTypes\": []string{\n\t\t\t\t\t\t\t\t\"AWS::CloudWatch::Metric\",\n\t\t\t\t\t\t\t\t\"AWS::Logs::LogGroup\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = oam.NewSinkPolicy(ctx, \"example\", \u0026oam.SinkPolicyArgs{\n\t\t\tSinkIdentifier: example.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.Sink;\nimport com.pulumi.aws.oam.SinkArgs;\nimport com.pulumi.aws.oam.SinkPolicy;\nimport com.pulumi.aws.oam.SinkPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Sink(\"example\", SinkArgs.builder() \n .name(\"ExampleSink\")\n .build());\n\n var exampleSinkPolicy = new SinkPolicy(\"exampleSinkPolicy\", SinkPolicyArgs.builder() \n .sinkIdentifier(example.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\n \"oam:CreateLink\", \n \"oam:UpdateLink\"\n )),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", jsonArray(\n \"1111111111111\", \n \"222222222222\"\n ))\n )),\n jsonProperty(\"condition\", jsonObject(\n jsonProperty(\"ForAllValues:StringEquals\", jsonObject(\n jsonProperty(\"oam:ResourceTypes\", jsonArray(\n \"AWS::CloudWatch::Metric\", \n \"AWS::Logs::LogGroup\"\n ))\n ))\n ))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:oam:Sink\n properties:\n name: ExampleSink\n exampleSinkPolicy:\n type: aws:oam:SinkPolicy\n name: example\n properties:\n sinkIdentifier: ${example.id}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - oam:CreateLink\n - oam:UpdateLink\n effect: Allow\n resource: '*'\n principal:\n AWS:\n - '1111111111111'\n - '222222222222'\n condition:\n ForAllValues:StringEquals:\n oam:ResourceTypes:\n - AWS::CloudWatch::Metric\n - AWS::Logs::LogGroup\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Observability Access Manager Sink Policy using the `sink_identifier`. For example:\n\n```sh\n$ pulumi import aws:oam/sinkPolicy:SinkPolicy example arn:aws:oam:us-west-2:123456789012:sink/sink-id\n```\n", + "description": "Resource for managing an AWS CloudWatch Observability Access Manager Sink Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.oam.Sink(\"example\", {name: \"ExampleSink\"});\nconst exampleSinkPolicy = new aws.oam.SinkPolicy(\"example\", {\n sinkIdentifier: example.id,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\n \"oam:CreateLink\",\n \"oam:UpdateLink\",\n ],\n Effect: \"Allow\",\n Resource: \"*\",\n Principal: {\n AWS: [\n \"1111111111111\",\n \"222222222222\",\n ],\n },\n Condition: {\n \"ForAllValues:StringEquals\": {\n \"oam:ResourceTypes\": [\n \"AWS::CloudWatch::Metric\",\n \"AWS::Logs::LogGroup\",\n ],\n },\n },\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.oam.Sink(\"example\", name=\"ExampleSink\")\nexample_sink_policy = aws.oam.SinkPolicy(\"example\",\n sink_identifier=example.id,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\n \"oam:CreateLink\",\n \"oam:UpdateLink\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": \"*\",\n \"Principal\": {\n \"AWS\": [\n \"1111111111111\",\n \"222222222222\",\n ],\n },\n \"Condition\": {\n \"ForAllValues:StringEquals\": {\n \"oam:ResourceTypes\": [\n \"AWS::CloudWatch::Metric\",\n \"AWS::Logs::LogGroup\",\n ],\n },\n },\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Oam.Sink(\"example\", new()\n {\n Name = \"ExampleSink\",\n });\n\n var exampleSinkPolicy = new Aws.Oam.SinkPolicy(\"example\", new()\n {\n SinkIdentifier = example.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"oam:CreateLink\",\n \"oam:UpdateLink\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = \"*\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = new[]\n {\n \"1111111111111\",\n \"222222222222\",\n },\n },\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ForAllValues:StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"oam:ResourceTypes\"] = new[]\n {\n \"AWS::CloudWatch::Metric\",\n \"AWS::Logs::LogGroup\",\n },\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/oam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := oam.NewSink(ctx, \"example\", \u0026oam.SinkArgs{\n\t\t\tName: pulumi.String(\"ExampleSink\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"oam:CreateLink\",\n\t\t\t\t\t\t\"oam:UpdateLink\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": []string{\n\t\t\t\t\t\t\t\"1111111111111\",\n\t\t\t\t\t\t\t\"222222222222\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"ForAllValues:StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"oam:ResourceTypes\": []string{\n\t\t\t\t\t\t\t\t\"AWS::CloudWatch::Metric\",\n\t\t\t\t\t\t\t\t\"AWS::Logs::LogGroup\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = oam.NewSinkPolicy(ctx, \"example\", \u0026oam.SinkPolicyArgs{\n\t\t\tSinkIdentifier: example.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.oam.Sink;\nimport com.pulumi.aws.oam.SinkArgs;\nimport com.pulumi.aws.oam.SinkPolicy;\nimport com.pulumi.aws.oam.SinkPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Sink(\"example\", SinkArgs.builder() \n .name(\"ExampleSink\")\n .build());\n\n var exampleSinkPolicy = new SinkPolicy(\"exampleSinkPolicy\", SinkPolicyArgs.builder() \n .sinkIdentifier(example.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"oam:CreateLink\", \n \"oam:UpdateLink\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", jsonArray(\n \"1111111111111\", \n \"222222222222\"\n ))\n )),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"ForAllValues:StringEquals\", jsonObject(\n jsonProperty(\"oam:ResourceTypes\", jsonArray(\n \"AWS::CloudWatch::Metric\", \n \"AWS::Logs::LogGroup\"\n ))\n ))\n ))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:oam:Sink\n properties:\n name: ExampleSink\n exampleSinkPolicy:\n type: aws:oam:SinkPolicy\n name: example\n properties:\n sinkIdentifier: ${example.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - oam:CreateLink\n - oam:UpdateLink\n Effect: Allow\n Resource: '*'\n Principal:\n AWS:\n - '1111111111111'\n - '222222222222'\n Condition:\n ForAllValues:StringEquals:\n oam:ResourceTypes:\n - AWS::CloudWatch::Metric\n - AWS::Logs::LogGroup\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CloudWatch Observability Access Manager Sink Policy using the `sink_identifier`. For example:\n\n```sh\n$ pulumi import aws:oam/sinkPolicy:SinkPolicy example arn:aws:oam:us-west-2:123456789012:sink/sink-id\n```\n", "properties": { "arn": { "type": "string", @@ -287769,7 +287769,7 @@ } }, "aws:opensearch/domain:Domain": { - "description": "Manages an Amazon OpenSearch Domain.\n\n## Elasticsearch vs. OpenSearch\n\nAmazon OpenSearch Service is the successor to Amazon Elasticsearch Service and supports OpenSearch and legacy Elasticsearch OSS (up to 7.10, the final open source version of the software).\n\nOpenSearch Domain configurations are similar in many ways to Elasticsearch Domain configurations. However, there are important differences including these:\n\n* OpenSearch has `engine_version` while Elasticsearch has `elasticsearch_version`\n* Versions are specified differently - _e.g._, `Elasticsearch_7.10` with OpenSearch vs. `7.10` for Elasticsearch.\n* `instance_type` argument values end in `search` for OpenSearch vs. `elasticsearch` for Elasticsearch (_e.g._, `t2.micro.search` vs. `t2.micro.elasticsearch`).\n* The AWS-managed service-linked role for OpenSearch is called `AWSServiceRoleForAmazonOpenSearchService` instead of `AWSServiceRoleForAmazonElasticsearchService` for Elasticsearch.\n\nThere are also some potentially unexpected similarities in configurations:\n\n* ARNs for both are prefaced with `arn:aws:es:`.\n* Both OpenSearch and Elasticsearch use assume role policies that refer to the `Principal` `Service` as `es.amazonaws.com`.\n* IAM policy actions, such as those you will find in `access_policies`, are prefaced with `es:` for both.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"example\",\n engineVersion: \"Elasticsearch_7.10\",\n clusterConfig: {\n instanceType: \"r4.large.search\",\n },\n tags: {\n Domain: \"TestDomain\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"example\",\n engine_version=\"Elasticsearch_7.10\",\n cluster_config=aws.opensearch.DomainClusterConfigArgs(\n instance_type=\"r4.large.search\",\n ),\n tags={\n \"Domain\": \"TestDomain\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n EngineVersion = \"Elasticsearch_7.10\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r4.large.search\",\n },\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tEngineVersion: pulumi.String(\"Elasticsearch_7.10\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r4.large.search\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Domain\": pulumi.String(\"TestDomain\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(\"example\")\n .engineVersion(\"Elasticsearch_7.10\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r4.large.search\")\n .build())\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: example\n engineVersion: Elasticsearch_7.10\n clusterConfig:\n instanceType: r4.large.search\n tags:\n Domain: TestDomain\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Access Policy\n\n\u003e See also: `aws.opensearch.DomainPolicy` resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst example = Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"es:*\"],\n resources: [`arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*`],\n conditions: [{\n test: \"IpAddress\",\n variable: \"aws:SourceIp\",\n values: [\"66.193.100.22/32\"],\n }],\n }],\n}));\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {\n domainName: domain,\n accessPolicies: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"*\",\n identifiers=[\"*\"],\n )],\n actions=[\"es:*\"],\n resources=[f\"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\"],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"IpAddress\",\n variable=\"aws:SourceIp\",\n values=[\"66.193.100.22/32\"],\n )],\n)])\nexample_domain = aws.opensearch.Domain(\"example\",\n domain_name=domain,\n access_policies=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"es:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"IpAddress\",\n Variable = \"aws:SourceIp\",\n Values = new[]\n {\n \"66.193.100.22/32\",\n },\n },\n },\n },\n },\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = domain,\n AccessPolicies = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tdomain := \"tf-test\"\n\t\tif param := cfg.Get(\"domain\"); param != \"\" {\n\t\t\tdomain = param\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"*\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"es:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:es:%v:%v:domain/%v/*\", current.Name, currentGetCallerIdentity.AccountId, domain),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: []iam.GetPolicyDocumentStatementCondition{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"IpAddress\",\n\t\t\t\t\t\t\tVariable: \"aws:SourceIp\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"66.193.100.22/32\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(domain),\n\t\t\tAccessPolicies: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"es:*\")\n .resources(String.format(\"arn:aws:es:%s:%s:domain/%s/*\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"IpAddress\")\n .variable(\"aws:SourceIp\")\n .values(\"66.193.100.22/32\")\n .build())\n .build())\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder() \n .domainName(domain)\n .accessPolicies(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n domain:\n type: string\n default: tf-test\nresources:\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n domainName: ${domain}\n accessPolicies: ${example.json}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - es:*\n resources:\n - arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\n conditions:\n - test: IpAddress\n variable: aws:SourceIp\n values:\n - 66.193.100.22/32\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Log publishing to CloudWatch Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"es.amazonaws.com\"],\n }],\n actions: [\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n resources: [\"arn:aws:logs:*\"],\n }],\n});\nconst exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"example\", {\n policyName: \"example\",\n policyDocument: example.then(example =\u003e example.json),\n});\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {logPublishingOptions: [{\n cloudwatchLogGroupArn: exampleLogGroup.arn,\n logType: \"INDEX_SLOW_LOGS\",\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"es.amazonaws.com\"],\n )],\n actions=[\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n resources=[\"arn:aws:logs:*\"],\n)])\nexample_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"example\",\n policy_name=\"example\",\n policy_document=example.json)\nexample_domain = aws.opensearch.Domain(\"example\", log_publishing_options=[aws.opensearch.DomainLogPublishingOptionArgs(\n cloudwatch_log_group_arn=example_log_group.arn,\n log_type=\"INDEX_SLOW_LOGS\",\n)])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"es.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*\",\n },\n },\n },\n });\n\n var exampleLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"example\", new()\n {\n PolicyName = \"example\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n LogPublishingOptions = new[]\n {\n new Aws.OpenSearch.Inputs.DomainLogPublishingOptionArgs\n {\n CloudwatchLogGroupArn = exampleLogGroup.Arn,\n LogType = \"INDEX_SLOW_LOGS\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"es.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t\t\"logs:PutLogEventsBatch\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"example\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyName: pulumi.String(\"example\"),\n\t\t\tPolicyDocument: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tLogPublishingOptions: opensearch.DomainLogPublishingOptionArray{\n\t\t\t\t\u0026opensearch.DomainLogPublishingOptionArgs{\n\t\t\t\t\tCloudwatchLogGroupArn: exampleLogGroup.Arn,\n\t\t\t\t\tLogType: pulumi.String(\"INDEX_SLOW_LOGS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainLogPublishingOptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder() \n .name(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"es.amazonaws.com\")\n .build())\n .actions( \n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\")\n .resources(\"arn:aws:logs:*\")\n .build())\n .build());\n\n var exampleLogResourcePolicy = new LogResourcePolicy(\"exampleLogResourcePolicy\", LogResourcePolicyArgs.builder() \n .policyName(\"example\")\n .policyDocument(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder() \n .logPublishingOptions(DomainLogPublishingOptionArgs.builder()\n .cloudwatchLogGroupArn(exampleLogGroup.arn())\n .logType(\"INDEX_SLOW_LOGS\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: example\n exampleLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: example\n properties:\n policyName: example\n policyDocument: ${example.json}\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n logPublishingOptions:\n - cloudwatchLogGroupArn: ${exampleLogGroup.arn}\n logType: INDEX_SLOW_LOGS\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - es.amazonaws.com\n actions:\n - logs:PutLogEvents\n - logs:PutLogEventsBatch\n - logs:CreateLogStream\n resources:\n - arn:aws:logs:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### VPC based OpenSearch\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst vpc = config.requireObject(\"vpc\");\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst example = aws.ec2.getVpc({\n tags: {\n Name: vpc,\n },\n});\nconst exampleGetSubnets = example.then(example =\u003e aws.ec2.getSubnets({\n filters: [{\n name: \"vpc-id\",\n values: [example.id],\n }],\n tags: {\n Tier: \"private\",\n },\n}));\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst exampleSecurityGroup = new aws.ec2.SecurityGroup(\"example\", {\n name: `${vpc}-opensearch-${domain}`,\n description: \"Managed by Pulumi\",\n vpcId: example.then(example =\u003e example.id),\n ingress: [{\n fromPort: 443,\n toPort: 443,\n protocol: \"tcp\",\n cidrBlocks: [example.then(example =\u003e example.cidrBlock)],\n }],\n});\nconst exampleServiceLinkedRole = new aws.iam.ServiceLinkedRole(\"example\", {awsServiceName: \"opensearchservice.amazonaws.com\"});\nconst exampleGetPolicyDocument = Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"es:*\"],\n resources: [`arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*`],\n }],\n}));\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {\n domainName: domain,\n engineVersion: \"OpenSearch_1.0\",\n clusterConfig: {\n instanceType: \"m4.large.search\",\n zoneAwarenessEnabled: true,\n },\n vpcOptions: {\n subnetIds: [\n exampleGetSubnets.then(exampleGetSubnets =\u003e exampleGetSubnets.ids?.[0]),\n exampleGetSubnets.then(exampleGetSubnets =\u003e exampleGetSubnets.ids?.[1]),\n ],\n securityGroupIds: [exampleSecurityGroup.id],\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n accessPolicies: exampleGetPolicyDocument.then(exampleGetPolicyDocument =\u003e exampleGetPolicyDocument.json),\n tags: {\n Domain: \"TestDomain\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nvpc = config.require_object(\"vpc\")\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\nexample = aws.ec2.get_vpc(tags={\n \"Name\": vpc,\n})\nexample_get_subnets = aws.ec2.get_subnets(filters=[aws.ec2.GetSubnetsFilterArgs(\n name=\"vpc-id\",\n values=[example.id],\n )],\n tags={\n \"Tier\": \"private\",\n })\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample_security_group = aws.ec2.SecurityGroup(\"example\",\n name=f\"{vpc}-opensearch-{domain}\",\n description=\"Managed by Pulumi\",\n vpc_id=example.id,\n ingress=[aws.ec2.SecurityGroupIngressArgs(\n from_port=443,\n to_port=443,\n protocol=\"tcp\",\n cidr_blocks=[example.cidr_block],\n )])\nexample_service_linked_role = aws.iam.ServiceLinkedRole(\"example\", aws_service_name=\"opensearchservice.amazonaws.com\")\nexample_get_policy_document = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"*\",\n identifiers=[\"*\"],\n )],\n actions=[\"es:*\"],\n resources=[f\"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\"],\n)])\nexample_domain = aws.opensearch.Domain(\"example\",\n domain_name=domain,\n engine_version=\"OpenSearch_1.0\",\n cluster_config=aws.opensearch.DomainClusterConfigArgs(\n instance_type=\"m4.large.search\",\n zone_awareness_enabled=True,\n ),\n vpc_options=aws.opensearch.DomainVpcOptionsArgs(\n subnet_ids=[\n example_get_subnets.ids[0],\n example_get_subnets.ids[1],\n ],\n security_group_ids=[example_security_group.id],\n ),\n advanced_options={\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n access_policies=example_get_policy_document.json,\n tags={\n \"Domain\": \"TestDomain\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var vpc = config.RequireObject\u003cdynamic\u003e(\"vpc\");\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var example = Aws.Ec2.GetVpc.Invoke(new()\n {\n Tags = \n {\n { \"Name\", vpc },\n },\n });\n\n var exampleGetSubnets = Aws.Ec2.GetSubnets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetsFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n example.Apply(getVpcResult =\u003e getVpcResult.Id),\n },\n },\n },\n Tags = \n {\n { \"Tier\", \"private\" },\n },\n });\n\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var exampleSecurityGroup = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Name = $\"{vpc}-opensearch-{domain}\",\n Description = \"Managed by Pulumi\",\n VpcId = example.Apply(getVpcResult =\u003e getVpcResult.Id),\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n FromPort = 443,\n ToPort = 443,\n Protocol = \"tcp\",\n CidrBlocks = new[]\n {\n example.Apply(getVpcResult =\u003e getVpcResult.CidrBlock),\n },\n },\n },\n });\n\n var exampleServiceLinkedRole = new Aws.Iam.ServiceLinkedRole(\"example\", new()\n {\n AwsServiceName = \"opensearchservice.amazonaws.com\",\n });\n\n var exampleGetPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"es:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\",\n },\n },\n },\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = domain,\n EngineVersion = \"OpenSearch_1.0\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"m4.large.search\",\n ZoneAwarenessEnabled = true,\n },\n VpcOptions = new Aws.OpenSearch.Inputs.DomainVpcOptionsArgs\n {\n SubnetIds = new[]\n {\n exampleGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[0]),\n exampleGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[1]),\n },\n SecurityGroupIds = new[]\n {\n exampleSecurityGroup.Id,\n },\n },\n AdvancedOptions = \n {\n { \"rest.action.multi.allow_explicit_index\", \"true\" },\n },\n AccessPolicies = exampleGetPolicyDocument.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncfg := config.New(ctx, \"\")\nvpc := cfg.RequireObject(\"vpc\")\ndomain := \"tf-test\";\nif param := cfg.Get(\"domain\"); param != \"\"{\ndomain = param\n}\nexample, err := ec2.LookupVpc(ctx, \u0026ec2.LookupVpcArgs{\nTags: interface{}{\nName: vpc,\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleGetSubnets, err := ec2.GetSubnets(ctx, \u0026ec2.GetSubnetsArgs{\nFilters: []ec2.GetSubnetsFilter{\n{\nName: \"vpc-id\",\nValues: interface{}{\nexample.Id,\n},\n},\n},\nTags: map[string]interface{}{\n\"Tier\": \"private\",\n},\n}, nil);\nif err != nil {\nreturn err\n}\ncurrent, err := aws.GetRegion(ctx, nil, nil);\nif err != nil {\nreturn err\n}\ncurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nexampleSecurityGroup, err := ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\nName: pulumi.String(fmt.Sprintf(\"%v-opensearch-%v\", vpc, domain)),\nDescription: pulumi.String(\"Managed by Pulumi\"),\nVpcId: pulumi.String(example.Id),\nIngress: ec2.SecurityGroupIngressArray{\n\u0026ec2.SecurityGroupIngressArgs{\nFromPort: pulumi.Int(443),\nToPort: pulumi.Int(443),\nProtocol: pulumi.String(\"tcp\"),\nCidrBlocks: pulumi.StringArray{\npulumi.String(example.CidrBlock),\n},\n},\n},\n})\nif err != nil {\nreturn err\n}\n_, err = iam.NewServiceLinkedRole(ctx, \"example\", \u0026iam.ServiceLinkedRoleArgs{\nAwsServiceName: pulumi.String(\"opensearchservice.amazonaws.com\"),\n})\nif err != nil {\nreturn err\n}\nexampleGetPolicyDocument, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"*\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nActions: []string{\n\"es:*\",\n},\nResources: []string{\nfmt.Sprintf(\"arn:aws:es:%v:%v:domain/%v/*\", current.Name, currentGetCallerIdentity.AccountId, domain),\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\nDomainName: pulumi.String(domain),\nEngineVersion: pulumi.String(\"OpenSearch_1.0\"),\nClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\nInstanceType: pulumi.String(\"m4.large.search\"),\nZoneAwarenessEnabled: pulumi.Bool(true),\n},\nVpcOptions: \u0026opensearch.DomainVpcOptionsArgs{\nSubnetIds: pulumi.StringArray{\npulumi.String(exampleGetSubnets.Ids[0]),\npulumi.String(exampleGetSubnets.Ids[1]),\n},\nSecurityGroupIds: pulumi.StringArray{\nexampleSecurityGroup.ID(),\n},\n},\nAdvancedOptions: pulumi.StringMap{\n\"rest.action.multi.allow_explicit_index\": pulumi.String(\"true\"),\n},\nAccessPolicies: pulumi.String(exampleGetPolicyDocument.Json),\nTags: pulumi.StringMap{\n\"Domain\": pulumi.String(\"TestDomain\"),\n},\n})\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcArgs;\nimport com.pulumi.aws.ec2.inputs.GetSubnetsArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;\nimport com.pulumi.aws.iam.ServiceLinkedRole;\nimport com.pulumi.aws.iam.ServiceLinkedRoleArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainVpcOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var vpc = config.get(\"vpc\");\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var example = Ec2Functions.getVpc(GetVpcArgs.builder()\n .tags(Map.of(\"Name\", vpc))\n .build());\n\n final var exampleGetSubnets = Ec2Functions.getSubnets(GetSubnetsArgs.builder()\n .filters(GetSubnetsFilterArgs.builder()\n .name(\"vpc-id\")\n .values(example.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .build())\n .tags(Map.of(\"Tier\", \"private\"))\n .build());\n\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var exampleSecurityGroup = new SecurityGroup(\"exampleSecurityGroup\", SecurityGroupArgs.builder() \n .name(String.format(\"%s-opensearch-%s\", vpc,domain))\n .description(\"Managed by Pulumi\")\n .vpcId(example.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .ingress(SecurityGroupIngressArgs.builder()\n .fromPort(443)\n .toPort(443)\n .protocol(\"tcp\")\n .cidrBlocks(example.applyValue(getVpcResult -\u003e getVpcResult.cidrBlock()))\n .build())\n .build());\n\n var exampleServiceLinkedRole = new ServiceLinkedRole(\"exampleServiceLinkedRole\", ServiceLinkedRoleArgs.builder() \n .awsServiceName(\"opensearchservice.amazonaws.com\")\n .build());\n\n final var exampleGetPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"es:*\")\n .resources(String.format(\"arn:aws:es:%s:%s:domain/%s/*\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .build())\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder() \n .domainName(domain)\n .engineVersion(\"OpenSearch_1.0\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"m4.large.search\")\n .zoneAwarenessEnabled(true)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .subnetIds( \n exampleGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[0]),\n exampleGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[1]))\n .securityGroupIds(exampleSecurityGroup.id())\n .build())\n .advancedOptions(Map.of(\"rest.action.multi.allow_explicit_index\", \"true\"))\n .accessPolicies(exampleGetPolicyDocument.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n vpc:\n type: dynamic\n domain:\n type: string\n default: tf-test\nresources:\n exampleSecurityGroup:\n type: aws:ec2:SecurityGroup\n name: example\n properties:\n name: ${vpc}-opensearch-${domain}\n description: Managed by Pulumi\n vpcId: ${example.id}\n ingress:\n - fromPort: 443\n toPort: 443\n protocol: tcp\n cidrBlocks:\n - ${example.cidrBlock}\n exampleServiceLinkedRole:\n type: aws:iam:ServiceLinkedRole\n name: example\n properties:\n awsServiceName: opensearchservice.amazonaws.com\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n domainName: ${domain}\n engineVersion: OpenSearch_1.0\n clusterConfig:\n instanceType: m4.large.search\n zoneAwarenessEnabled: true\n vpcOptions:\n subnetIds:\n - ${exampleGetSubnets.ids[0]}\n - ${exampleGetSubnets.ids[1]}\n securityGroupIds:\n - ${exampleSecurityGroup.id}\n advancedOptions:\n rest.action.multi.allow_explicit_index: 'true'\n accessPolicies: ${exampleGetPolicyDocument.json}\n tags:\n Domain: TestDomain\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getVpc\n Arguments:\n tags:\n Name: ${vpc}\n exampleGetSubnets:\n fn::invoke:\n Function: aws:ec2:getSubnets\n Arguments:\n filters:\n - name: vpc-id\n values:\n - ${example.id}\n tags:\n Tier: private\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n exampleGetPolicyDocument:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - es:*\n resources:\n - arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling fine-grained access control on an existing domain\n\nThis example shows two configurations: one to create a domain without fine-grained access control and the second to modify the domain to enable fine-grained access control. For more information, see [Enabling fine-grained access control](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html).\n\n### First apply\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"ggkitty\",\n engineVersion: \"Elasticsearch_7.1\",\n clusterConfig: {\n instanceType: \"r5.large.search\",\n },\n advancedSecurityOptions: {\n enabled: false,\n anonymousAuthEnabled: true,\n internalUserDatabaseEnabled: true,\n masterUserOptions: {\n masterUserName: \"example\",\n masterUserPassword: \"Barbarbarbar1!\",\n },\n },\n encryptAtRest: {\n enabled: true,\n },\n domainEndpointOptions: {\n enforceHttps: true,\n tlsSecurityPolicy: \"Policy-Min-TLS-1-2-2019-07\",\n },\n nodeToNodeEncryption: {\n enabled: true,\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"ggkitty\",\n engine_version=\"Elasticsearch_7.1\",\n cluster_config=aws.opensearch.DomainClusterConfigArgs(\n instance_type=\"r5.large.search\",\n ),\n advanced_security_options=aws.opensearch.DomainAdvancedSecurityOptionsArgs(\n enabled=False,\n anonymous_auth_enabled=True,\n internal_user_database_enabled=True,\n master_user_options=aws.opensearch.DomainAdvancedSecurityOptionsMasterUserOptionsArgs(\n master_user_name=\"example\",\n master_user_password=\"Barbarbarbar1!\",\n ),\n ),\n encrypt_at_rest=aws.opensearch.DomainEncryptAtRestArgs(\n enabled=True,\n ),\n domain_endpoint_options=aws.opensearch.DomainDomainEndpointOptionsArgs(\n enforce_https=True,\n tls_security_policy=\"Policy-Min-TLS-1-2-2019-07\",\n ),\n node_to_node_encryption=aws.opensearch.DomainNodeToNodeEncryptionArgs(\n enabled=True,\n ),\n ebs_options=aws.opensearch.DomainEbsOptionsArgs(\n ebs_enabled=True,\n volume_size=10,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"ggkitty\",\n EngineVersion = \"Elasticsearch_7.1\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r5.large.search\",\n },\n AdvancedSecurityOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsArgs\n {\n Enabled = false,\n AnonymousAuthEnabled = true,\n InternalUserDatabaseEnabled = true,\n MasterUserOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs\n {\n MasterUserName = \"example\",\n MasterUserPassword = \"Barbarbarbar1!\",\n },\n },\n EncryptAtRest = new Aws.OpenSearch.Inputs.DomainEncryptAtRestArgs\n {\n Enabled = true,\n },\n DomainEndpointOptions = new Aws.OpenSearch.Inputs.DomainDomainEndpointOptionsArgs\n {\n EnforceHttps = true,\n TlsSecurityPolicy = \"Policy-Min-TLS-1-2-2019-07\",\n },\n NodeToNodeEncryption = new Aws.OpenSearch.Inputs.DomainNodeToNodeEncryptionArgs\n {\n Enabled = true,\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"ggkitty\"),\n\t\t\tEngineVersion: pulumi.String(\"Elasticsearch_7.1\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r5.large.search\"),\n\t\t\t},\n\t\t\tAdvancedSecurityOptions: \u0026opensearch.DomainAdvancedSecurityOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(false),\n\t\t\t\tAnonymousAuthEnabled: pulumi.Bool(true),\n\t\t\t\tInternalUserDatabaseEnabled: pulumi.Bool(true),\n\t\t\t\tMasterUserOptions: \u0026opensearch.DomainAdvancedSecurityOptionsMasterUserOptionsArgs{\n\t\t\t\t\tMasterUserName: pulumi.String(\"example\"),\n\t\t\t\t\tMasterUserPassword: pulumi.String(\"Barbarbarbar1!\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEncryptAtRest: \u0026opensearch.DomainEncryptAtRestArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tDomainEndpointOptions: \u0026opensearch.DomainDomainEndpointOptionsArgs{\n\t\t\t\tEnforceHttps: pulumi.Bool(true),\n\t\t\t\tTlsSecurityPolicy: pulumi.String(\"Policy-Min-TLS-1-2-2019-07\"),\n\t\t\t},\n\t\t\tNodeToNodeEncryption: \u0026opensearch.DomainNodeToNodeEncryptionArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEncryptAtRestArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainDomainEndpointOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainNodeToNodeEncryptionArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(\"ggkitty\")\n .engineVersion(\"Elasticsearch_7.1\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r5.large.search\")\n .build())\n .advancedSecurityOptions(DomainAdvancedSecurityOptionsArgs.builder()\n .enabled(false)\n .anonymousAuthEnabled(true)\n .internalUserDatabaseEnabled(true)\n .masterUserOptions(DomainAdvancedSecurityOptionsMasterUserOptionsArgs.builder()\n .masterUserName(\"example\")\n .masterUserPassword(\"Barbarbarbar1!\")\n .build())\n .build())\n .encryptAtRest(DomainEncryptAtRestArgs.builder()\n .enabled(true)\n .build())\n .domainEndpointOptions(DomainDomainEndpointOptionsArgs.builder()\n .enforceHttps(true)\n .tlsSecurityPolicy(\"Policy-Min-TLS-1-2-2019-07\")\n .build())\n .nodeToNodeEncryption(DomainNodeToNodeEncryptionArgs.builder()\n .enabled(true)\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: ggkitty\n engineVersion: Elasticsearch_7.1\n clusterConfig:\n instanceType: r5.large.search\n advancedSecurityOptions:\n enabled: false\n anonymousAuthEnabled: true\n internalUserDatabaseEnabled: true\n masterUserOptions:\n masterUserName: example\n masterUserPassword: Barbarbarbar1!\n encryptAtRest:\n enabled: true\n domainEndpointOptions:\n enforceHttps: true\n tlsSecurityPolicy: Policy-Min-TLS-1-2-2019-07\n nodeToNodeEncryption:\n enabled: true\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Second apply\n\nNotice that the only change is `advanced_security_options.0.enabled` is now set to `true`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"ggkitty\",\n engineVersion: \"Elasticsearch_7.1\",\n clusterConfig: {\n instanceType: \"r5.large.search\",\n },\n advancedSecurityOptions: {\n enabled: true,\n anonymousAuthEnabled: true,\n internalUserDatabaseEnabled: true,\n masterUserOptions: {\n masterUserName: \"example\",\n masterUserPassword: \"Barbarbarbar1!\",\n },\n },\n encryptAtRest: {\n enabled: true,\n },\n domainEndpointOptions: {\n enforceHttps: true,\n tlsSecurityPolicy: \"Policy-Min-TLS-1-2-2019-07\",\n },\n nodeToNodeEncryption: {\n enabled: true,\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"ggkitty\",\n engine_version=\"Elasticsearch_7.1\",\n cluster_config=aws.opensearch.DomainClusterConfigArgs(\n instance_type=\"r5.large.search\",\n ),\n advanced_security_options=aws.opensearch.DomainAdvancedSecurityOptionsArgs(\n enabled=True,\n anonymous_auth_enabled=True,\n internal_user_database_enabled=True,\n master_user_options=aws.opensearch.DomainAdvancedSecurityOptionsMasterUserOptionsArgs(\n master_user_name=\"example\",\n master_user_password=\"Barbarbarbar1!\",\n ),\n ),\n encrypt_at_rest=aws.opensearch.DomainEncryptAtRestArgs(\n enabled=True,\n ),\n domain_endpoint_options=aws.opensearch.DomainDomainEndpointOptionsArgs(\n enforce_https=True,\n tls_security_policy=\"Policy-Min-TLS-1-2-2019-07\",\n ),\n node_to_node_encryption=aws.opensearch.DomainNodeToNodeEncryptionArgs(\n enabled=True,\n ),\n ebs_options=aws.opensearch.DomainEbsOptionsArgs(\n ebs_enabled=True,\n volume_size=10,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"ggkitty\",\n EngineVersion = \"Elasticsearch_7.1\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r5.large.search\",\n },\n AdvancedSecurityOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsArgs\n {\n Enabled = true,\n AnonymousAuthEnabled = true,\n InternalUserDatabaseEnabled = true,\n MasterUserOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs\n {\n MasterUserName = \"example\",\n MasterUserPassword = \"Barbarbarbar1!\",\n },\n },\n EncryptAtRest = new Aws.OpenSearch.Inputs.DomainEncryptAtRestArgs\n {\n Enabled = true,\n },\n DomainEndpointOptions = new Aws.OpenSearch.Inputs.DomainDomainEndpointOptionsArgs\n {\n EnforceHttps = true,\n TlsSecurityPolicy = \"Policy-Min-TLS-1-2-2019-07\",\n },\n NodeToNodeEncryption = new Aws.OpenSearch.Inputs.DomainNodeToNodeEncryptionArgs\n {\n Enabled = true,\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"ggkitty\"),\n\t\t\tEngineVersion: pulumi.String(\"Elasticsearch_7.1\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r5.large.search\"),\n\t\t\t},\n\t\t\tAdvancedSecurityOptions: \u0026opensearch.DomainAdvancedSecurityOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tAnonymousAuthEnabled: pulumi.Bool(true),\n\t\t\t\tInternalUserDatabaseEnabled: pulumi.Bool(true),\n\t\t\t\tMasterUserOptions: \u0026opensearch.DomainAdvancedSecurityOptionsMasterUserOptionsArgs{\n\t\t\t\t\tMasterUserName: pulumi.String(\"example\"),\n\t\t\t\t\tMasterUserPassword: pulumi.String(\"Barbarbarbar1!\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEncryptAtRest: \u0026opensearch.DomainEncryptAtRestArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tDomainEndpointOptions: \u0026opensearch.DomainDomainEndpointOptionsArgs{\n\t\t\t\tEnforceHttps: pulumi.Bool(true),\n\t\t\t\tTlsSecurityPolicy: pulumi.String(\"Policy-Min-TLS-1-2-2019-07\"),\n\t\t\t},\n\t\t\tNodeToNodeEncryption: \u0026opensearch.DomainNodeToNodeEncryptionArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEncryptAtRestArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainDomainEndpointOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainNodeToNodeEncryptionArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(\"ggkitty\")\n .engineVersion(\"Elasticsearch_7.1\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r5.large.search\")\n .build())\n .advancedSecurityOptions(DomainAdvancedSecurityOptionsArgs.builder()\n .enabled(true)\n .anonymousAuthEnabled(true)\n .internalUserDatabaseEnabled(true)\n .masterUserOptions(DomainAdvancedSecurityOptionsMasterUserOptionsArgs.builder()\n .masterUserName(\"example\")\n .masterUserPassword(\"Barbarbarbar1!\")\n .build())\n .build())\n .encryptAtRest(DomainEncryptAtRestArgs.builder()\n .enabled(true)\n .build())\n .domainEndpointOptions(DomainDomainEndpointOptionsArgs.builder()\n .enforceHttps(true)\n .tlsSecurityPolicy(\"Policy-Min-TLS-1-2-2019-07\")\n .build())\n .nodeToNodeEncryption(DomainNodeToNodeEncryptionArgs.builder()\n .enabled(true)\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: ggkitty\n engineVersion: Elasticsearch_7.1\n clusterConfig:\n instanceType: r5.large.search\n advancedSecurityOptions:\n enabled: true\n anonymousAuthEnabled: true\n internalUserDatabaseEnabled: true\n masterUserOptions:\n masterUserName: example\n masterUserPassword: Barbarbarbar1!\n encryptAtRest:\n enabled: true\n domainEndpointOptions:\n enforceHttps: true\n tlsSecurityPolicy: Policy-Min-TLS-1-2-2019-07\n nodeToNodeEncryption:\n enabled: true\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearch domains using the `domain_name`. For example:\n\n```sh\n$ pulumi import aws:opensearch/domain:Domain example domain_name\n```\n", + "description": "Manages an Amazon OpenSearch Domain.\n\n## Elasticsearch vs. OpenSearch\n\nAmazon OpenSearch Service is the successor to Amazon Elasticsearch Service and supports OpenSearch and legacy Elasticsearch OSS (up to 7.10, the final open source version of the software).\n\nOpenSearch Domain configurations are similar in many ways to Elasticsearch Domain configurations. However, there are important differences including these:\n\n* OpenSearch has `engine_version` while Elasticsearch has `elasticsearch_version`\n* Versions are specified differently - _e.g._, `Elasticsearch_7.10` with OpenSearch vs. `7.10` for Elasticsearch.\n* `instance_type` argument values end in `search` for OpenSearch vs. `elasticsearch` for Elasticsearch (_e.g._, `t2.micro.search` vs. `t2.micro.elasticsearch`).\n* The AWS-managed service-linked role for OpenSearch is called `AWSServiceRoleForAmazonOpenSearchService` instead of `AWSServiceRoleForAmazonElasticsearchService` for Elasticsearch.\n\nThere are also some potentially unexpected similarities in configurations:\n\n* ARNs for both are prefaced with `arn:aws:es:`.\n* Both OpenSearch and Elasticsearch use assume role policies that refer to the `Principal` `Service` as `es.amazonaws.com`.\n* IAM policy actions, such as those you will find in `access_policies`, are prefaced with `es:` for both.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"example\",\n engineVersion: \"Elasticsearch_7.10\",\n clusterConfig: {\n instanceType: \"r4.large.search\",\n },\n tags: {\n Domain: \"TestDomain\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"example\",\n engine_version=\"Elasticsearch_7.10\",\n cluster_config=aws.opensearch.DomainClusterConfigArgs(\n instance_type=\"r4.large.search\",\n ),\n tags={\n \"Domain\": \"TestDomain\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"example\",\n EngineVersion = \"Elasticsearch_7.10\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r4.large.search\",\n },\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"example\"),\n\t\t\tEngineVersion: pulumi.String(\"Elasticsearch_7.10\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r4.large.search\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Domain\": pulumi.String(\"TestDomain\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(\"example\")\n .engineVersion(\"Elasticsearch_7.10\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r4.large.search\")\n .build())\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: example\n engineVersion: Elasticsearch_7.10\n clusterConfig:\n instanceType: r4.large.search\n tags:\n Domain: TestDomain\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Access Policy\n\n\u003e See also: `aws.opensearch.DomainPolicy` resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst example = Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"es:*\"],\n resources: [`arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*`],\n conditions: [{\n test: \"IpAddress\",\n variable: \"aws:SourceIp\",\n values: [\"66.193.100.22/32\"],\n }],\n }],\n}));\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {\n domainName: domain,\n accessPolicies: example.then(example =\u003e example.json),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"*\",\n identifiers=[\"*\"],\n )],\n actions=[\"es:*\"],\n resources=[f\"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\"],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"IpAddress\",\n variable=\"aws:SourceIp\",\n values=[\"66.193.100.22/32\"],\n )],\n)])\nexample_domain = aws.opensearch.Domain(\"example\",\n domain_name=domain,\n access_policies=example.json)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"es:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"IpAddress\",\n Variable = \"aws:SourceIp\",\n Values = new[]\n {\n \"66.193.100.22/32\",\n },\n },\n },\n },\n },\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = domain,\n AccessPolicies = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcfg := config.New(ctx, \"\")\n\t\tdomain := \"tf-test\"\n\t\tif param := cfg.Get(\"domain\"); param != \"\" {\n\t\t\tdomain = param\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"*\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"es:*\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\tfmt.Sprintf(\"arn:aws:es:%v:%v:domain/%v/*\", current.Name, currentGetCallerIdentity.AccountId, domain),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: []iam.GetPolicyDocumentStatementCondition{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tTest: \"IpAddress\",\n\t\t\t\t\t\t\tVariable: \"aws:SourceIp\",\n\t\t\t\t\t\t\tValues: []string{\n\t\t\t\t\t\t\t\t\"66.193.100.22/32\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(domain),\n\t\t\tAccessPolicies: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"es:*\")\n .resources(String.format(\"arn:aws:es:%s:%s:domain/%s/*\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"IpAddress\")\n .variable(\"aws:SourceIp\")\n .values(\"66.193.100.22/32\")\n .build())\n .build())\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder() \n .domainName(domain)\n .accessPolicies(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n domain:\n type: string\n default: tf-test\nresources:\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n domainName: ${domain}\n accessPolicies: ${example.json}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - es:*\n resources:\n - arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\n conditions:\n - test: IpAddress\n variable: aws:SourceIp\n values:\n - 66.193.100.22/32\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Log publishing to CloudWatch Logs\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleLogGroup = new aws.cloudwatch.LogGroup(\"example\", {name: \"example\"});\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"es.amazonaws.com\"],\n }],\n actions: [\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n resources: [\"arn:aws:logs:*\"],\n }],\n});\nconst exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"example\", {\n policyName: \"example\",\n policyDocument: example.then(example =\u003e example.json),\n});\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {logPublishingOptions: [{\n cloudwatchLogGroupArn: exampleLogGroup.arn,\n logType: \"INDEX_SLOW_LOGS\",\n}]});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_log_group = aws.cloudwatch.LogGroup(\"example\", name=\"example\")\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"es.amazonaws.com\"],\n )],\n actions=[\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n ],\n resources=[\"arn:aws:logs:*\"],\n)])\nexample_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"example\",\n policy_name=\"example\",\n policy_document=example.json)\nexample_domain = aws.opensearch.Domain(\"example\", log_publishing_options=[aws.opensearch.DomainLogPublishingOptionArgs(\n cloudwatch_log_group_arn=example_log_group.arn,\n log_type=\"INDEX_SLOW_LOGS\",\n)])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleLogGroup = new Aws.CloudWatch.LogGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"es.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*\",\n },\n },\n },\n });\n\n var exampleLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"example\", new()\n {\n PolicyName = \"example\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n LogPublishingOptions = new[]\n {\n new Aws.OpenSearch.Inputs.DomainLogPublishingOptionArgs\n {\n CloudwatchLogGroupArn = exampleLogGroup.Arn,\n LogType = \"INDEX_SLOW_LOGS\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleLogGroup, err := cloudwatch.NewLogGroup(ctx, \"example\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"es.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t\t\"logs:PutLogEventsBatch\",\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"example\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyName: pulumi.String(\"example\"),\n\t\t\tPolicyDocument: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tLogPublishingOptions: opensearch.DomainLogPublishingOptionArray{\n\t\t\t\t\u0026opensearch.DomainLogPublishingOptionArgs{\n\t\t\t\t\tCloudwatchLogGroupArn: exampleLogGroup.Arn,\n\t\t\t\t\tLogType: pulumi.String(\"INDEX_SLOW_LOGS\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainLogPublishingOptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleLogGroup = new LogGroup(\"exampleLogGroup\", LogGroupArgs.builder() \n .name(\"example\")\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"es.amazonaws.com\")\n .build())\n .actions( \n \"logs:PutLogEvents\",\n \"logs:PutLogEventsBatch\",\n \"logs:CreateLogStream\")\n .resources(\"arn:aws:logs:*\")\n .build())\n .build());\n\n var exampleLogResourcePolicy = new LogResourcePolicy(\"exampleLogResourcePolicy\", LogResourcePolicyArgs.builder() \n .policyName(\"example\")\n .policyDocument(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder() \n .logPublishingOptions(DomainLogPublishingOptionArgs.builder()\n .cloudwatchLogGroupArn(exampleLogGroup.arn())\n .logType(\"INDEX_SLOW_LOGS\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleLogGroup:\n type: aws:cloudwatch:LogGroup\n name: example\n properties:\n name: example\n exampleLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: example\n properties:\n policyName: example\n policyDocument: ${example.json}\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n logPublishingOptions:\n - cloudwatchLogGroupArn: ${exampleLogGroup.arn}\n logType: INDEX_SLOW_LOGS\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - es.amazonaws.com\n actions:\n - logs:PutLogEvents\n - logs:PutLogEventsBatch\n - logs:CreateLogStream\n resources:\n - arn:aws:logs:*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### VPC based OpenSearch\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst config = new pulumi.Config();\nconst vpc = config.requireObject(\"vpc\");\nconst domain = config.get(\"domain\") || \"tf-test\";\nconst example = aws.ec2.getVpc({\n tags: {\n Name: vpc,\n },\n});\nconst exampleGetSubnets = example.then(example =\u003e aws.ec2.getSubnets({\n filters: [{\n name: \"vpc-id\",\n values: [example.id],\n }],\n tags: {\n Tier: \"private\",\n },\n}));\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst exampleSecurityGroup = new aws.ec2.SecurityGroup(\"example\", {\n name: `${vpc}-opensearch-${domain}`,\n description: \"Managed by Pulumi\",\n vpcId: example.then(example =\u003e example.id),\n ingress: [{\n fromPort: 443,\n toPort: 443,\n protocol: \"tcp\",\n cidrBlocks: [example.then(example =\u003e example.cidrBlock)],\n }],\n});\nconst exampleServiceLinkedRole = new aws.iam.ServiceLinkedRole(\"example\", {awsServiceName: \"opensearchservice.amazonaws.com\"});\nconst exampleGetPolicyDocument = Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) =\u003e aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"es:*\"],\n resources: [`arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*`],\n }],\n}));\nconst exampleDomain = new aws.opensearch.Domain(\"example\", {\n domainName: domain,\n engineVersion: \"OpenSearch_1.0\",\n clusterConfig: {\n instanceType: \"m4.large.search\",\n zoneAwarenessEnabled: true,\n },\n vpcOptions: {\n subnetIds: [\n exampleGetSubnets.then(exampleGetSubnets =\u003e exampleGetSubnets.ids?.[0]),\n exampleGetSubnets.then(exampleGetSubnets =\u003e exampleGetSubnets.ids?.[1]),\n ],\n securityGroupIds: [exampleSecurityGroup.id],\n },\n advancedOptions: {\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n accessPolicies: exampleGetPolicyDocument.then(exampleGetPolicyDocument =\u003e exampleGetPolicyDocument.json),\n tags: {\n Domain: \"TestDomain\",\n },\n}, {\n dependsOn: [exampleServiceLinkedRole],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nconfig = pulumi.Config()\nvpc = config.require_object(\"vpc\")\ndomain = config.get(\"domain\")\nif domain is None:\n domain = \"tf-test\"\nexample = aws.ec2.get_vpc(tags={\n \"Name\": vpc,\n})\nexample_get_subnets = aws.ec2.get_subnets(filters=[aws.ec2.GetSubnetsFilterArgs(\n name=\"vpc-id\",\n values=[example.id],\n )],\n tags={\n \"Tier\": \"private\",\n })\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample_security_group = aws.ec2.SecurityGroup(\"example\",\n name=f\"{vpc}-opensearch-{domain}\",\n description=\"Managed by Pulumi\",\n vpc_id=example.id,\n ingress=[aws.ec2.SecurityGroupIngressArgs(\n from_port=443,\n to_port=443,\n protocol=\"tcp\",\n cidr_blocks=[example.cidr_block],\n )])\nexample_service_linked_role = aws.iam.ServiceLinkedRole(\"example\", aws_service_name=\"opensearchservice.amazonaws.com\")\nexample_get_policy_document = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"*\",\n identifiers=[\"*\"],\n )],\n actions=[\"es:*\"],\n resources=[f\"arn:aws:es:{current.name}:{current_get_caller_identity.account_id}:domain/{domain}/*\"],\n)])\nexample_domain = aws.opensearch.Domain(\"example\",\n domain_name=domain,\n engine_version=\"OpenSearch_1.0\",\n cluster_config=aws.opensearch.DomainClusterConfigArgs(\n instance_type=\"m4.large.search\",\n zone_awareness_enabled=True,\n ),\n vpc_options=aws.opensearch.DomainVpcOptionsArgs(\n subnet_ids=[\n example_get_subnets.ids[0],\n example_get_subnets.ids[1],\n ],\n security_group_ids=[example_security_group.id],\n ),\n advanced_options={\n \"rest.action.multi.allow_explicit_index\": \"true\",\n },\n access_policies=example_get_policy_document.json,\n tags={\n \"Domain\": \"TestDomain\",\n },\n opts=pulumi.ResourceOptions(depends_on=[example_service_linked_role]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var config = new Config();\n var vpc = config.RequireObject\u003cdynamic\u003e(\"vpc\");\n var domain = config.Get(\"domain\") ?? \"tf-test\";\n var example = Aws.Ec2.GetVpc.Invoke(new()\n {\n Tags = \n {\n { \"Name\", vpc },\n },\n });\n\n var exampleGetSubnets = Aws.Ec2.GetSubnets.Invoke(new()\n {\n Filters = new[]\n {\n new Aws.Ec2.Inputs.GetSubnetsFilterInputArgs\n {\n Name = \"vpc-id\",\n Values = new[]\n {\n example.Apply(getVpcResult =\u003e getVpcResult.Id),\n },\n },\n },\n Tags = \n {\n { \"Tier\", \"private\" },\n },\n });\n\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var exampleSecurityGroup = new Aws.Ec2.SecurityGroup(\"example\", new()\n {\n Name = $\"{vpc}-opensearch-{domain}\",\n Description = \"Managed by Pulumi\",\n VpcId = example.Apply(getVpcResult =\u003e getVpcResult.Id),\n Ingress = new[]\n {\n new Aws.Ec2.Inputs.SecurityGroupIngressArgs\n {\n FromPort = 443,\n ToPort = 443,\n Protocol = \"tcp\",\n CidrBlocks = new[]\n {\n example.Apply(getVpcResult =\u003e getVpcResult.CidrBlock),\n },\n },\n },\n });\n\n var exampleServiceLinkedRole = new Aws.Iam.ServiceLinkedRole(\"example\", new()\n {\n AwsServiceName = \"opensearchservice.amazonaws.com\",\n });\n\n var exampleGetPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"es:*\",\n },\n Resources = new[]\n {\n $\"arn:aws:es:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:domain/{domain}/*\",\n },\n },\n },\n });\n\n var exampleDomain = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = domain,\n EngineVersion = \"OpenSearch_1.0\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"m4.large.search\",\n ZoneAwarenessEnabled = true,\n },\n VpcOptions = new Aws.OpenSearch.Inputs.DomainVpcOptionsArgs\n {\n SubnetIds = new[]\n {\n exampleGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[0]),\n exampleGetSubnets.Apply(getSubnetsResult =\u003e getSubnetsResult.Ids[1]),\n },\n SecurityGroupIds = new[]\n {\n exampleSecurityGroup.Id,\n },\n },\n AdvancedOptions = \n {\n { \"rest.action.multi.allow_explicit_index\", \"true\" },\n },\n AccessPolicies = exampleGetPolicyDocument.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n Tags = \n {\n { \"Domain\", \"TestDomain\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleServiceLinkedRole, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config\"\n)\nfunc main() {\npulumi.Run(func(ctx *pulumi.Context) error {\ncfg := config.New(ctx, \"\")\nvpc := cfg.RequireObject(\"vpc\")\ndomain := \"tf-test\";\nif param := cfg.Get(\"domain\"); param != \"\"{\ndomain = param\n}\nexample, err := ec2.LookupVpc(ctx, \u0026ec2.LookupVpcArgs{\nTags: interface{}{\nName: vpc,\n},\n}, nil);\nif err != nil {\nreturn err\n}\nexampleGetSubnets, err := ec2.GetSubnets(ctx, \u0026ec2.GetSubnetsArgs{\nFilters: []ec2.GetSubnetsFilter{\n{\nName: \"vpc-id\",\nValues: interface{}{\nexample.Id,\n},\n},\n},\nTags: map[string]interface{}{\n\"Tier\": \"private\",\n},\n}, nil);\nif err != nil {\nreturn err\n}\ncurrent, err := aws.GetRegion(ctx, nil, nil);\nif err != nil {\nreturn err\n}\ncurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil);\nif err != nil {\nreturn err\n}\nexampleSecurityGroup, err := ec2.NewSecurityGroup(ctx, \"example\", \u0026ec2.SecurityGroupArgs{\nName: pulumi.String(fmt.Sprintf(\"%v-opensearch-%v\", vpc, domain)),\nDescription: pulumi.String(\"Managed by Pulumi\"),\nVpcId: pulumi.String(example.Id),\nIngress: ec2.SecurityGroupIngressArray{\n\u0026ec2.SecurityGroupIngressArgs{\nFromPort: pulumi.Int(443),\nToPort: pulumi.Int(443),\nProtocol: pulumi.String(\"tcp\"),\nCidrBlocks: pulumi.StringArray{\npulumi.String(example.CidrBlock),\n},\n},\n},\n})\nif err != nil {\nreturn err\n}\nexampleServiceLinkedRole, err := iam.NewServiceLinkedRole(ctx, \"example\", \u0026iam.ServiceLinkedRoleArgs{\nAwsServiceName: pulumi.String(\"opensearchservice.amazonaws.com\"),\n})\nif err != nil {\nreturn err\n}\nexampleGetPolicyDocument, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\nStatements: []iam.GetPolicyDocumentStatement{\n{\nEffect: pulumi.StringRef(\"Allow\"),\nPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n{\nType: \"*\",\nIdentifiers: []string{\n\"*\",\n},\n},\n},\nActions: []string{\n\"es:*\",\n},\nResources: []string{\nfmt.Sprintf(\"arn:aws:es:%v:%v:domain/%v/*\", current.Name, currentGetCallerIdentity.AccountId, domain),\n},\n},\n},\n}, nil);\nif err != nil {\nreturn err\n}\n_, err = opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\nDomainName: pulumi.String(domain),\nEngineVersion: pulumi.String(\"OpenSearch_1.0\"),\nClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\nInstanceType: pulumi.String(\"m4.large.search\"),\nZoneAwarenessEnabled: pulumi.Bool(true),\n},\nVpcOptions: \u0026opensearch.DomainVpcOptionsArgs{\nSubnetIds: pulumi.StringArray{\npulumi.String(exampleGetSubnets.Ids[0]),\npulumi.String(exampleGetSubnets.Ids[1]),\n},\nSecurityGroupIds: pulumi.StringArray{\nexampleSecurityGroup.ID(),\n},\n},\nAdvancedOptions: pulumi.StringMap{\n\"rest.action.multi.allow_explicit_index\": pulumi.String(\"true\"),\n},\nAccessPolicies: pulumi.String(exampleGetPolicyDocument.Json),\nTags: pulumi.StringMap{\n\"Domain\": pulumi.String(\"TestDomain\"),\n},\n}, pulumi.DependsOn([]pulumi.Resource{\nexampleServiceLinkedRole,\n}))\nif err != nil {\nreturn err\n}\nreturn nil\n})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Ec2Functions;\nimport com.pulumi.aws.ec2.inputs.GetVpcArgs;\nimport com.pulumi.aws.ec2.inputs.GetSubnetsArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.SecurityGroup;\nimport com.pulumi.aws.ec2.SecurityGroupArgs;\nimport com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;\nimport com.pulumi.aws.iam.ServiceLinkedRole;\nimport com.pulumi.aws.iam.ServiceLinkedRoleArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainVpcOptionsArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var config = ctx.config();\n final var vpc = config.get(\"vpc\");\n final var domain = config.get(\"domain\").orElse(\"tf-test\");\n final var example = Ec2Functions.getVpc(GetVpcArgs.builder()\n .tags(Map.of(\"Name\", vpc))\n .build());\n\n final var exampleGetSubnets = Ec2Functions.getSubnets(GetSubnetsArgs.builder()\n .filters(GetSubnetsFilterArgs.builder()\n .name(\"vpc-id\")\n .values(example.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .build())\n .tags(Map.of(\"Tier\", \"private\"))\n .build());\n\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var exampleSecurityGroup = new SecurityGroup(\"exampleSecurityGroup\", SecurityGroupArgs.builder() \n .name(String.format(\"%s-opensearch-%s\", vpc,domain))\n .description(\"Managed by Pulumi\")\n .vpcId(example.applyValue(getVpcResult -\u003e getVpcResult.id()))\n .ingress(SecurityGroupIngressArgs.builder()\n .fromPort(443)\n .toPort(443)\n .protocol(\"tcp\")\n .cidrBlocks(example.applyValue(getVpcResult -\u003e getVpcResult.cidrBlock()))\n .build())\n .build());\n\n var exampleServiceLinkedRole = new ServiceLinkedRole(\"exampleServiceLinkedRole\", ServiceLinkedRoleArgs.builder() \n .awsServiceName(\"opensearchservice.amazonaws.com\")\n .build());\n\n final var exampleGetPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"es:*\")\n .resources(String.format(\"arn:aws:es:%s:%s:domain/%s/*\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),domain))\n .build())\n .build());\n\n var exampleDomain = new Domain(\"exampleDomain\", DomainArgs.builder() \n .domainName(domain)\n .engineVersion(\"OpenSearch_1.0\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"m4.large.search\")\n .zoneAwarenessEnabled(true)\n .build())\n .vpcOptions(DomainVpcOptionsArgs.builder()\n .subnetIds( \n exampleGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[0]),\n exampleGetSubnets.applyValue(getSubnetsResult -\u003e getSubnetsResult.ids()[1]))\n .securityGroupIds(exampleSecurityGroup.id())\n .build())\n .advancedOptions(Map.of(\"rest.action.multi.allow_explicit_index\", \"true\"))\n .accessPolicies(exampleGetPolicyDocument.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .tags(Map.of(\"Domain\", \"TestDomain\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleServiceLinkedRole)\n .build());\n\n }\n}\n```\n```yaml\nconfiguration:\n vpc:\n type: dynamic\n domain:\n type: string\n default: tf-test\nresources:\n exampleSecurityGroup:\n type: aws:ec2:SecurityGroup\n name: example\n properties:\n name: ${vpc}-opensearch-${domain}\n description: Managed by Pulumi\n vpcId: ${example.id}\n ingress:\n - fromPort: 443\n toPort: 443\n protocol: tcp\n cidrBlocks:\n - ${example.cidrBlock}\n exampleServiceLinkedRole:\n type: aws:iam:ServiceLinkedRole\n name: example\n properties:\n awsServiceName: opensearchservice.amazonaws.com\n exampleDomain:\n type: aws:opensearch:Domain\n name: example\n properties:\n domainName: ${domain}\n engineVersion: OpenSearch_1.0\n clusterConfig:\n instanceType: m4.large.search\n zoneAwarenessEnabled: true\n vpcOptions:\n subnetIds:\n - ${exampleGetSubnets.ids[0]}\n - ${exampleGetSubnets.ids[1]}\n securityGroupIds:\n - ${exampleSecurityGroup.id}\n advancedOptions:\n rest.action.multi.allow_explicit_index: 'true'\n accessPolicies: ${exampleGetPolicyDocument.json}\n tags:\n Domain: TestDomain\n options:\n dependson:\n - ${exampleServiceLinkedRole}\nvariables:\n example:\n fn::invoke:\n Function: aws:ec2:getVpc\n Arguments:\n tags:\n Name: ${vpc}\n exampleGetSubnets:\n fn::invoke:\n Function: aws:ec2:getSubnets\n Arguments:\n filters:\n - name: vpc-id\n values:\n - ${example.id}\n tags:\n Tier: private\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n exampleGetPolicyDocument:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - es:*\n resources:\n - arn:aws:es:${current.name}:${currentGetCallerIdentity.accountId}:domain/${domain}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enabling fine-grained access control on an existing domain\n\nThis example shows two configurations: one to create a domain without fine-grained access control and the second to modify the domain to enable fine-grained access control. For more information, see [Enabling fine-grained access control](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html).\n\n### First apply\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"ggkitty\",\n engineVersion: \"Elasticsearch_7.1\",\n clusterConfig: {\n instanceType: \"r5.large.search\",\n },\n advancedSecurityOptions: {\n enabled: false,\n anonymousAuthEnabled: true,\n internalUserDatabaseEnabled: true,\n masterUserOptions: {\n masterUserName: \"example\",\n masterUserPassword: \"Barbarbarbar1!\",\n },\n },\n encryptAtRest: {\n enabled: true,\n },\n domainEndpointOptions: {\n enforceHttps: true,\n tlsSecurityPolicy: \"Policy-Min-TLS-1-2-2019-07\",\n },\n nodeToNodeEncryption: {\n enabled: true,\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"ggkitty\",\n engine_version=\"Elasticsearch_7.1\",\n cluster_config=aws.opensearch.DomainClusterConfigArgs(\n instance_type=\"r5.large.search\",\n ),\n advanced_security_options=aws.opensearch.DomainAdvancedSecurityOptionsArgs(\n enabled=False,\n anonymous_auth_enabled=True,\n internal_user_database_enabled=True,\n master_user_options=aws.opensearch.DomainAdvancedSecurityOptionsMasterUserOptionsArgs(\n master_user_name=\"example\",\n master_user_password=\"Barbarbarbar1!\",\n ),\n ),\n encrypt_at_rest=aws.opensearch.DomainEncryptAtRestArgs(\n enabled=True,\n ),\n domain_endpoint_options=aws.opensearch.DomainDomainEndpointOptionsArgs(\n enforce_https=True,\n tls_security_policy=\"Policy-Min-TLS-1-2-2019-07\",\n ),\n node_to_node_encryption=aws.opensearch.DomainNodeToNodeEncryptionArgs(\n enabled=True,\n ),\n ebs_options=aws.opensearch.DomainEbsOptionsArgs(\n ebs_enabled=True,\n volume_size=10,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"ggkitty\",\n EngineVersion = \"Elasticsearch_7.1\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r5.large.search\",\n },\n AdvancedSecurityOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsArgs\n {\n Enabled = false,\n AnonymousAuthEnabled = true,\n InternalUserDatabaseEnabled = true,\n MasterUserOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs\n {\n MasterUserName = \"example\",\n MasterUserPassword = \"Barbarbarbar1!\",\n },\n },\n EncryptAtRest = new Aws.OpenSearch.Inputs.DomainEncryptAtRestArgs\n {\n Enabled = true,\n },\n DomainEndpointOptions = new Aws.OpenSearch.Inputs.DomainDomainEndpointOptionsArgs\n {\n EnforceHttps = true,\n TlsSecurityPolicy = \"Policy-Min-TLS-1-2-2019-07\",\n },\n NodeToNodeEncryption = new Aws.OpenSearch.Inputs.DomainNodeToNodeEncryptionArgs\n {\n Enabled = true,\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"ggkitty\"),\n\t\t\tEngineVersion: pulumi.String(\"Elasticsearch_7.1\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r5.large.search\"),\n\t\t\t},\n\t\t\tAdvancedSecurityOptions: \u0026opensearch.DomainAdvancedSecurityOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(false),\n\t\t\t\tAnonymousAuthEnabled: pulumi.Bool(true),\n\t\t\t\tInternalUserDatabaseEnabled: pulumi.Bool(true),\n\t\t\t\tMasterUserOptions: \u0026opensearch.DomainAdvancedSecurityOptionsMasterUserOptionsArgs{\n\t\t\t\t\tMasterUserName: pulumi.String(\"example\"),\n\t\t\t\t\tMasterUserPassword: pulumi.String(\"Barbarbarbar1!\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEncryptAtRest: \u0026opensearch.DomainEncryptAtRestArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tDomainEndpointOptions: \u0026opensearch.DomainDomainEndpointOptionsArgs{\n\t\t\t\tEnforceHttps: pulumi.Bool(true),\n\t\t\t\tTlsSecurityPolicy: pulumi.String(\"Policy-Min-TLS-1-2-2019-07\"),\n\t\t\t},\n\t\t\tNodeToNodeEncryption: \u0026opensearch.DomainNodeToNodeEncryptionArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEncryptAtRestArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainDomainEndpointOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainNodeToNodeEncryptionArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(\"ggkitty\")\n .engineVersion(\"Elasticsearch_7.1\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r5.large.search\")\n .build())\n .advancedSecurityOptions(DomainAdvancedSecurityOptionsArgs.builder()\n .enabled(false)\n .anonymousAuthEnabled(true)\n .internalUserDatabaseEnabled(true)\n .masterUserOptions(DomainAdvancedSecurityOptionsMasterUserOptionsArgs.builder()\n .masterUserName(\"example\")\n .masterUserPassword(\"Barbarbarbar1!\")\n .build())\n .build())\n .encryptAtRest(DomainEncryptAtRestArgs.builder()\n .enabled(true)\n .build())\n .domainEndpointOptions(DomainDomainEndpointOptionsArgs.builder()\n .enforceHttps(true)\n .tlsSecurityPolicy(\"Policy-Min-TLS-1-2-2019-07\")\n .build())\n .nodeToNodeEncryption(DomainNodeToNodeEncryptionArgs.builder()\n .enabled(true)\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: ggkitty\n engineVersion: Elasticsearch_7.1\n clusterConfig:\n instanceType: r5.large.search\n advancedSecurityOptions:\n enabled: false\n anonymousAuthEnabled: true\n internalUserDatabaseEnabled: true\n masterUserOptions:\n masterUserName: example\n masterUserPassword: Barbarbarbar1!\n encryptAtRest:\n enabled: true\n domainEndpointOptions:\n enforceHttps: true\n tlsSecurityPolicy: Policy-Min-TLS-1-2-2019-07\n nodeToNodeEncryption:\n enabled: true\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Second apply\n\nNotice that the only change is `advanced_security_options.0.enabled` is now set to `true`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.Domain(\"example\", {\n domainName: \"ggkitty\",\n engineVersion: \"Elasticsearch_7.1\",\n clusterConfig: {\n instanceType: \"r5.large.search\",\n },\n advancedSecurityOptions: {\n enabled: true,\n anonymousAuthEnabled: true,\n internalUserDatabaseEnabled: true,\n masterUserOptions: {\n masterUserName: \"example\",\n masterUserPassword: \"Barbarbarbar1!\",\n },\n },\n encryptAtRest: {\n enabled: true,\n },\n domainEndpointOptions: {\n enforceHttps: true,\n tlsSecurityPolicy: \"Policy-Min-TLS-1-2-2019-07\",\n },\n nodeToNodeEncryption: {\n enabled: true,\n },\n ebsOptions: {\n ebsEnabled: true,\n volumeSize: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.opensearch.Domain(\"example\",\n domain_name=\"ggkitty\",\n engine_version=\"Elasticsearch_7.1\",\n cluster_config=aws.opensearch.DomainClusterConfigArgs(\n instance_type=\"r5.large.search\",\n ),\n advanced_security_options=aws.opensearch.DomainAdvancedSecurityOptionsArgs(\n enabled=True,\n anonymous_auth_enabled=True,\n internal_user_database_enabled=True,\n master_user_options=aws.opensearch.DomainAdvancedSecurityOptionsMasterUserOptionsArgs(\n master_user_name=\"example\",\n master_user_password=\"Barbarbarbar1!\",\n ),\n ),\n encrypt_at_rest=aws.opensearch.DomainEncryptAtRestArgs(\n enabled=True,\n ),\n domain_endpoint_options=aws.opensearch.DomainDomainEndpointOptionsArgs(\n enforce_https=True,\n tls_security_policy=\"Policy-Min-TLS-1-2-2019-07\",\n ),\n node_to_node_encryption=aws.opensearch.DomainNodeToNodeEncryptionArgs(\n enabled=True,\n ),\n ebs_options=aws.opensearch.DomainEbsOptionsArgs(\n ebs_enabled=True,\n volume_size=10,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.Domain(\"example\", new()\n {\n DomainName = \"ggkitty\",\n EngineVersion = \"Elasticsearch_7.1\",\n ClusterConfig = new Aws.OpenSearch.Inputs.DomainClusterConfigArgs\n {\n InstanceType = \"r5.large.search\",\n },\n AdvancedSecurityOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsArgs\n {\n Enabled = true,\n AnonymousAuthEnabled = true,\n InternalUserDatabaseEnabled = true,\n MasterUserOptions = new Aws.OpenSearch.Inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs\n {\n MasterUserName = \"example\",\n MasterUserPassword = \"Barbarbarbar1!\",\n },\n },\n EncryptAtRest = new Aws.OpenSearch.Inputs.DomainEncryptAtRestArgs\n {\n Enabled = true,\n },\n DomainEndpointOptions = new Aws.OpenSearch.Inputs.DomainDomainEndpointOptionsArgs\n {\n EnforceHttps = true,\n TlsSecurityPolicy = \"Policy-Min-TLS-1-2-2019-07\",\n },\n NodeToNodeEncryption = new Aws.OpenSearch.Inputs.DomainNodeToNodeEncryptionArgs\n {\n Enabled = true,\n },\n EbsOptions = new Aws.OpenSearch.Inputs.DomainEbsOptionsArgs\n {\n EbsEnabled = true,\n VolumeSize = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := opensearch.NewDomain(ctx, \"example\", \u0026opensearch.DomainArgs{\n\t\t\tDomainName: pulumi.String(\"ggkitty\"),\n\t\t\tEngineVersion: pulumi.String(\"Elasticsearch_7.1\"),\n\t\t\tClusterConfig: \u0026opensearch.DomainClusterConfigArgs{\n\t\t\t\tInstanceType: pulumi.String(\"r5.large.search\"),\n\t\t\t},\n\t\t\tAdvancedSecurityOptions: \u0026opensearch.DomainAdvancedSecurityOptionsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tAnonymousAuthEnabled: pulumi.Bool(true),\n\t\t\t\tInternalUserDatabaseEnabled: pulumi.Bool(true),\n\t\t\t\tMasterUserOptions: \u0026opensearch.DomainAdvancedSecurityOptionsMasterUserOptionsArgs{\n\t\t\t\t\tMasterUserName: pulumi.String(\"example\"),\n\t\t\t\t\tMasterUserPassword: pulumi.String(\"Barbarbarbar1!\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tEncryptAtRest: \u0026opensearch.DomainEncryptAtRestArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tDomainEndpointOptions: \u0026opensearch.DomainDomainEndpointOptionsArgs{\n\t\t\t\tEnforceHttps: pulumi.Bool(true),\n\t\t\t\tTlsSecurityPolicy: pulumi.String(\"Policy-Min-TLS-1-2-2019-07\"),\n\t\t\t},\n\t\t\tNodeToNodeEncryption: \u0026opensearch.DomainNodeToNodeEncryptionArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t},\n\t\t\tEbsOptions: \u0026opensearch.DomainEbsOptionsArgs{\n\t\t\t\tEbsEnabled: pulumi.Bool(true),\n\t\t\t\tVolumeSize: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.Domain;\nimport com.pulumi.aws.opensearch.DomainArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainAdvancedSecurityOptionsMasterUserOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEncryptAtRestArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainDomainEndpointOptionsArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainNodeToNodeEncryptionArgs;\nimport com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Domain(\"example\", DomainArgs.builder() \n .domainName(\"ggkitty\")\n .engineVersion(\"Elasticsearch_7.1\")\n .clusterConfig(DomainClusterConfigArgs.builder()\n .instanceType(\"r5.large.search\")\n .build())\n .advancedSecurityOptions(DomainAdvancedSecurityOptionsArgs.builder()\n .enabled(true)\n .anonymousAuthEnabled(true)\n .internalUserDatabaseEnabled(true)\n .masterUserOptions(DomainAdvancedSecurityOptionsMasterUserOptionsArgs.builder()\n .masterUserName(\"example\")\n .masterUserPassword(\"Barbarbarbar1!\")\n .build())\n .build())\n .encryptAtRest(DomainEncryptAtRestArgs.builder()\n .enabled(true)\n .build())\n .domainEndpointOptions(DomainDomainEndpointOptionsArgs.builder()\n .enforceHttps(true)\n .tlsSecurityPolicy(\"Policy-Min-TLS-1-2-2019-07\")\n .build())\n .nodeToNodeEncryption(DomainNodeToNodeEncryptionArgs.builder()\n .enabled(true)\n .build())\n .ebsOptions(DomainEbsOptionsArgs.builder()\n .ebsEnabled(true)\n .volumeSize(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:Domain\n properties:\n domainName: ggkitty\n engineVersion: Elasticsearch_7.1\n clusterConfig:\n instanceType: r5.large.search\n advancedSecurityOptions:\n enabled: true\n anonymousAuthEnabled: true\n internalUserDatabaseEnabled: true\n masterUserOptions:\n masterUserName: example\n masterUserPassword: Barbarbarbar1!\n encryptAtRest:\n enabled: true\n domainEndpointOptions:\n enforceHttps: true\n tlsSecurityPolicy: Policy-Min-TLS-1-2-2019-07\n nodeToNodeEncryption:\n enabled: true\n ebsOptions:\n ebsEnabled: true\n volumeSize: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearch domains using the `domain_name`. For example:\n\n```sh\n$ pulumi import aws:opensearch/domain:Domain example domain_name\n```\n", "properties": { "accessPolicies": { "type": "string", @@ -288504,7 +288504,7 @@ } }, "aws:opensearch/serverlessAccessPolicy:ServerlessAccessPolicy": { - "description": "Resource for managing an AWS OpenSearch Serverless Access Policy. See AWS documentation for [data access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-data-access.html) and [supported data access policy permissions](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-data-access.html#serverless-data-supported-permissions).\n\n## Example Usage\n\n### Grant all collection and index permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.opensearch.ServerlessAccessPolicy(\"example\", {\n name: \"example\",\n type: \"data\",\n description: \"read and write permissions\",\n policy: JSON.stringify([{\n rules: [\n {\n resourceType: \"index\",\n resource: [\"index/example-collection/*\"],\n permission: [\"aoss:*\"],\n },\n {\n resourceType: \"collection\",\n resource: [\"collection/example-collection\"],\n permission: [\"aoss:*\"],\n },\n ],\n principal: [current.then(current =\u003e current.arn)],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.opensearch.ServerlessAccessPolicy(\"example\",\n name=\"example\",\n type=\"data\",\n description=\"read and write permissions\",\n policy=json.dumps([{\n \"rules\": [\n {\n \"resourceType\": \"index\",\n \"resource\": [\"index/example-collection/*\"],\n \"permission\": [\"aoss:*\"],\n },\n {\n \"resourceType\": \"collection\",\n \"resource\": [\"collection/example-collection\"],\n \"permission\": [\"aoss:*\"],\n },\n ],\n \"principal\": [current.arn],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.OpenSearch.ServerlessAccessPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"data\",\n Description = \"read and write permissions\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceType\"] = \"index\",\n [\"resource\"] = new[]\n {\n \"index/example-collection/*\",\n },\n [\"permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceType\"] = \"collection\",\n [\"resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n },\n [\"principal\"] = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"resourceType\": \"index\",\n\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\"index/example-collection/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"resourceType\": \"collection\",\n\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"principal\": []*string{\n\t\t\t\t\tcurrent.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessAccessPolicy(ctx, \"example\", \u0026opensearch.ServerlessAccessPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"data\"),\n\t\t\tDescription: pulumi.String(\"read and write permissions\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicy;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new ServerlessAccessPolicy(\"example\", ServerlessAccessPolicyArgs.builder() \n .name(\"example\")\n .type(\"data\")\n .description(\"read and write permissions\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"rules\", jsonArray(\n jsonObject(\n jsonProperty(\"resourceType\", \"index\"),\n jsonProperty(\"resource\", jsonArray(\"index/example-collection/*\")),\n jsonProperty(\"permission\", jsonArray(\"aoss:*\"))\n ), \n jsonObject(\n jsonProperty(\"resourceType\", \"collection\"),\n jsonProperty(\"resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"permission\", jsonArray(\"aoss:*\"))\n )\n )),\n jsonProperty(\"principal\", jsonArray(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn())))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessAccessPolicy\n properties:\n name: example\n type: data\n description: read and write permissions\n policy:\n fn::toJSON:\n - rules:\n - resourceType: index\n resource:\n - index/example-collection/*\n permission:\n - aoss:*\n - resourceType: collection\n resource:\n - collection/example-collection\n permission:\n - aoss:*\n principal:\n - ${current.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Grant read-only collection and index permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.opensearch.ServerlessAccessPolicy(\"example\", {\n name: \"example\",\n type: \"data\",\n description: \"read-only permissions\",\n policy: JSON.stringify([{\n rules: [\n {\n resourceType: \"index\",\n resource: [\"index/example-collection/*\"],\n permission: [\n \"aoss:DescribeIndex\",\n \"aoss:ReadDocument\",\n ],\n },\n {\n resourceType: \"collection\",\n resource: [\"collection/example-collection\"],\n permission: [\"aoss:DescribeCollectionItems\"],\n },\n ],\n principal: [current.then(current =\u003e current.arn)],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.opensearch.ServerlessAccessPolicy(\"example\",\n name=\"example\",\n type=\"data\",\n description=\"read-only permissions\",\n policy=json.dumps([{\n \"rules\": [\n {\n \"resourceType\": \"index\",\n \"resource\": [\"index/example-collection/*\"],\n \"permission\": [\n \"aoss:DescribeIndex\",\n \"aoss:ReadDocument\",\n ],\n },\n {\n \"resourceType\": \"collection\",\n \"resource\": [\"collection/example-collection\"],\n \"permission\": [\"aoss:DescribeCollectionItems\"],\n },\n ],\n \"principal\": [current.arn],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.OpenSearch.ServerlessAccessPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"data\",\n Description = \"read-only permissions\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceType\"] = \"index\",\n [\"resource\"] = new[]\n {\n \"index/example-collection/*\",\n },\n [\"permission\"] = new[]\n {\n \"aoss:DescribeIndex\",\n \"aoss:ReadDocument\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceType\"] = \"collection\",\n [\"resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"permission\"] = new[]\n {\n \"aoss:DescribeCollectionItems\",\n },\n },\n },\n [\"principal\"] = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"rules\": []interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"resourceType\": \"index\",\n\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\"index/example-collection/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"permission\": []string{\n\t\t\t\t\t\t\t\"aoss:DescribeIndex\",\n\t\t\t\t\t\t\t\"aoss:ReadDocument\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"resourceType\": \"collection\",\n\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"permission\": []string{\n\t\t\t\t\t\t\t\"aoss:DescribeCollectionItems\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"principal\": []*string{\n\t\t\t\t\tcurrent.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessAccessPolicy(ctx, \"example\", \u0026opensearch.ServerlessAccessPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"data\"),\n\t\t\tDescription: pulumi.String(\"read-only permissions\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicy;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new ServerlessAccessPolicy(\"example\", ServerlessAccessPolicyArgs.builder() \n .name(\"example\")\n .type(\"data\")\n .description(\"read-only permissions\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"rules\", jsonArray(\n jsonObject(\n jsonProperty(\"resourceType\", \"index\"),\n jsonProperty(\"resource\", jsonArray(\"index/example-collection/*\")),\n jsonProperty(\"permission\", jsonArray(\n \"aoss:DescribeIndex\", \n \"aoss:ReadDocument\"\n ))\n ), \n jsonObject(\n jsonProperty(\"resourceType\", \"collection\"),\n jsonProperty(\"resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"permission\", jsonArray(\"aoss:DescribeCollectionItems\"))\n )\n )),\n jsonProperty(\"principal\", jsonArray(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn())))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessAccessPolicy\n properties:\n name: example\n type: data\n description: read-only permissions\n policy:\n fn::toJSON:\n - rules:\n - resourceType: index\n resource:\n - index/example-collection/*\n permission:\n - aoss:DescribeIndex\n - aoss:ReadDocument\n - resourceType: collection\n resource:\n - collection/example-collection\n permission:\n - aoss:DescribeCollectionItems\n principal:\n - ${current.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Grant SAML identity permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessAccessPolicy(\"example\", {\n name: \"example\",\n type: \"data\",\n description: \"saml permissions\",\n policy: JSON.stringify([{\n rules: [\n {\n resourceType: \"index\",\n resource: [\"index/example-collection/*\"],\n permission: [\"aoss:*\"],\n },\n {\n resourceType: \"collection\",\n resource: [\"collection/example-collection\"],\n permission: [\"aoss:*\"],\n },\n ],\n principal: [\n \"saml/123456789012/myprovider/user/Annie\",\n \"saml/123456789012/anotherprovider/group/Accounting\",\n ],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessAccessPolicy(\"example\",\n name=\"example\",\n type=\"data\",\n description=\"saml permissions\",\n policy=json.dumps([{\n \"rules\": [\n {\n \"resourceType\": \"index\",\n \"resource\": [\"index/example-collection/*\"],\n \"permission\": [\"aoss:*\"],\n },\n {\n \"resourceType\": \"collection\",\n \"resource\": [\"collection/example-collection\"],\n \"permission\": [\"aoss:*\"],\n },\n ],\n \"principal\": [\n \"saml/123456789012/myprovider/user/Annie\",\n \"saml/123456789012/anotherprovider/group/Accounting\",\n ],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessAccessPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"data\",\n Description = \"saml permissions\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceType\"] = \"index\",\n [\"resource\"] = new[]\n {\n \"index/example-collection/*\",\n },\n [\"permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceType\"] = \"collection\",\n [\"resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n },\n [\"principal\"] = new[]\n {\n \"saml/123456789012/myprovider/user/Annie\",\n \"saml/123456789012/anotherprovider/group/Accounting\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"resourceType\": \"index\",\n\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\"index/example-collection/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"resourceType\": \"collection\",\n\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"principal\": []string{\n\t\t\t\t\t\"saml/123456789012/myprovider/user/Annie\",\n\t\t\t\t\t\"saml/123456789012/anotherprovider/group/Accounting\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessAccessPolicy(ctx, \"example\", \u0026opensearch.ServerlessAccessPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"data\"),\n\t\t\tDescription: pulumi.String(\"saml permissions\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicy;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessAccessPolicy(\"example\", ServerlessAccessPolicyArgs.builder() \n .name(\"example\")\n .type(\"data\")\n .description(\"saml permissions\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"rules\", jsonArray(\n jsonObject(\n jsonProperty(\"resourceType\", \"index\"),\n jsonProperty(\"resource\", jsonArray(\"index/example-collection/*\")),\n jsonProperty(\"permission\", jsonArray(\"aoss:*\"))\n ), \n jsonObject(\n jsonProperty(\"resourceType\", \"collection\"),\n jsonProperty(\"resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"permission\", jsonArray(\"aoss:*\"))\n )\n )),\n jsonProperty(\"principal\", jsonArray(\n \"saml/123456789012/myprovider/user/Annie\", \n \"saml/123456789012/anotherprovider/group/Accounting\"\n ))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessAccessPolicy\n properties:\n name: example\n type: data\n description: saml permissions\n policy:\n fn::toJSON:\n - rules:\n - resourceType: index\n resource:\n - index/example-collection/*\n permission:\n - aoss:*\n - resourceType: collection\n resource:\n - collection/example-collection\n permission:\n - aoss:*\n principal:\n - saml/123456789012/myprovider/user/Annie\n - saml/123456789012/anotherprovider/group/Accounting\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Access Policy using the `name` and `type` arguments separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessAccessPolicy:ServerlessAccessPolicy example example/data\n```\n", + "description": "Resource for managing an AWS OpenSearch Serverless Access Policy. See AWS documentation for [data access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-data-access.html) and [supported data access policy permissions](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-data-access.html#serverless-data-supported-permissions).\n\n## Example Usage\n\n### Grant all collection and index permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.opensearch.ServerlessAccessPolicy(\"example\", {\n name: \"example\",\n type: \"data\",\n description: \"read and write permissions\",\n policy: JSON.stringify([{\n Rules: [\n {\n ResourceType: \"index\",\n Resource: [\"index/example-collection/*\"],\n Permission: [\"aoss:*\"],\n },\n {\n ResourceType: \"collection\",\n Resource: [\"collection/example-collection\"],\n Permission: [\"aoss:*\"],\n },\n ],\n Principal: [current.then(current =\u003e current.arn)],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.opensearch.ServerlessAccessPolicy(\"example\",\n name=\"example\",\n type=\"data\",\n description=\"read and write permissions\",\n policy=json.dumps([{\n \"Rules\": [\n {\n \"ResourceType\": \"index\",\n \"Resource\": [\"index/example-collection/*\"],\n \"Permission\": [\"aoss:*\"],\n },\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/example-collection\"],\n \"Permission\": [\"aoss:*\"],\n },\n ],\n \"Principal\": [current.arn],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.OpenSearch.ServerlessAccessPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"data\",\n Description = \"read and write permissions\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"index\",\n [\"Resource\"] = new[]\n {\n \"index/example-collection/*\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n },\n [\"Principal\"] = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"index\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"index/example-collection/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"Principal\": []*string{\n\t\t\t\t\tcurrent.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessAccessPolicy(ctx, \"example\", \u0026opensearch.ServerlessAccessPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"data\"),\n\t\t\tDescription: pulumi.String(\"read and write permissions\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicy;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new ServerlessAccessPolicy(\"example\", ServerlessAccessPolicyArgs.builder() \n .name(\"example\")\n .type(\"data\")\n .description(\"read and write permissions\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"index\"),\n jsonProperty(\"Resource\", jsonArray(\"index/example-collection/*\")),\n jsonProperty(\"Permission\", jsonArray(\"aoss:*\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"Permission\", jsonArray(\"aoss:*\"))\n )\n )),\n jsonProperty(\"Principal\", jsonArray(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn())))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessAccessPolicy\n properties:\n name: example\n type: data\n description: read and write permissions\n policy:\n fn::toJSON:\n - Rules:\n - ResourceType: index\n Resource:\n - index/example-collection/*\n Permission:\n - aoss:*\n - ResourceType: collection\n Resource:\n - collection/example-collection\n Permission:\n - aoss:*\n Principal:\n - ${current.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Grant read-only collection and index permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.opensearch.ServerlessAccessPolicy(\"example\", {\n name: \"example\",\n type: \"data\",\n description: \"read-only permissions\",\n policy: JSON.stringify([{\n Rules: [\n {\n ResourceType: \"index\",\n Resource: [\"index/example-collection/*\"],\n Permission: [\n \"aoss:DescribeIndex\",\n \"aoss:ReadDocument\",\n ],\n },\n {\n ResourceType: \"collection\",\n Resource: [\"collection/example-collection\"],\n Permission: [\"aoss:DescribeCollectionItems\"],\n },\n ],\n Principal: [current.then(current =\u003e current.arn)],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.opensearch.ServerlessAccessPolicy(\"example\",\n name=\"example\",\n type=\"data\",\n description=\"read-only permissions\",\n policy=json.dumps([{\n \"Rules\": [\n {\n \"ResourceType\": \"index\",\n \"Resource\": [\"index/example-collection/*\"],\n \"Permission\": [\n \"aoss:DescribeIndex\",\n \"aoss:ReadDocument\",\n ],\n },\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/example-collection\"],\n \"Permission\": [\"aoss:DescribeCollectionItems\"],\n },\n ],\n \"Principal\": [current.arn],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.OpenSearch.ServerlessAccessPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"data\",\n Description = \"read-only permissions\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"index\",\n [\"Resource\"] = new[]\n {\n \"index/example-collection/*\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:DescribeIndex\",\n \"aoss:ReadDocument\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:DescribeCollectionItems\",\n },\n },\n },\n [\"Principal\"] = new[]\n {\n current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Rules\": []interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"index\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"index/example-collection/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:DescribeIndex\",\n\t\t\t\t\t\t\t\"aoss:ReadDocument\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:DescribeCollectionItems\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"Principal\": []*string{\n\t\t\t\t\tcurrent.Arn,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessAccessPolicy(ctx, \"example\", \u0026opensearch.ServerlessAccessPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"data\"),\n\t\t\tDescription: pulumi.String(\"read-only permissions\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicy;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new ServerlessAccessPolicy(\"example\", ServerlessAccessPolicyArgs.builder() \n .name(\"example\")\n .type(\"data\")\n .description(\"read-only permissions\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"index\"),\n jsonProperty(\"Resource\", jsonArray(\"index/example-collection/*\")),\n jsonProperty(\"Permission\", jsonArray(\n \"aoss:DescribeIndex\", \n \"aoss:ReadDocument\"\n ))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"Permission\", jsonArray(\"aoss:DescribeCollectionItems\"))\n )\n )),\n jsonProperty(\"Principal\", jsonArray(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn())))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessAccessPolicy\n properties:\n name: example\n type: data\n description: read-only permissions\n policy:\n fn::toJSON:\n - Rules:\n - ResourceType: index\n Resource:\n - index/example-collection/*\n Permission:\n - aoss:DescribeIndex\n - aoss:ReadDocument\n - ResourceType: collection\n Resource:\n - collection/example-collection\n Permission:\n - aoss:DescribeCollectionItems\n Principal:\n - ${current.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Grant SAML identity permissions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessAccessPolicy(\"example\", {\n name: \"example\",\n type: \"data\",\n description: \"saml permissions\",\n policy: JSON.stringify([{\n Rules: [\n {\n ResourceType: \"index\",\n Resource: [\"index/example-collection/*\"],\n Permission: [\"aoss:*\"],\n },\n {\n ResourceType: \"collection\",\n Resource: [\"collection/example-collection\"],\n Permission: [\"aoss:*\"],\n },\n ],\n Principal: [\n \"saml/123456789012/myprovider/user/Annie\",\n \"saml/123456789012/anotherprovider/group/Accounting\",\n ],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessAccessPolicy(\"example\",\n name=\"example\",\n type=\"data\",\n description=\"saml permissions\",\n policy=json.dumps([{\n \"Rules\": [\n {\n \"ResourceType\": \"index\",\n \"Resource\": [\"index/example-collection/*\"],\n \"Permission\": [\"aoss:*\"],\n },\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/example-collection\"],\n \"Permission\": [\"aoss:*\"],\n },\n ],\n \"Principal\": [\n \"saml/123456789012/myprovider/user/Annie\",\n \"saml/123456789012/anotherprovider/group/Accounting\",\n ],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessAccessPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"data\",\n Description = \"saml permissions\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"index\",\n [\"Resource\"] = new[]\n {\n \"index/example-collection/*\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"Permission\"] = new[]\n {\n \"aoss:*\",\n },\n },\n },\n [\"Principal\"] = new[]\n {\n \"saml/123456789012/myprovider/user/Annie\",\n \"saml/123456789012/anotherprovider/group/Accounting\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"index\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"index/example-collection/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"Permission\": []string{\n\t\t\t\t\t\t\t\"aoss:*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"Principal\": []string{\n\t\t\t\t\t\"saml/123456789012/myprovider/user/Annie\",\n\t\t\t\t\t\"saml/123456789012/anotherprovider/group/Accounting\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessAccessPolicy(ctx, \"example\", \u0026opensearch.ServerlessAccessPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"data\"),\n\t\t\tDescription: pulumi.String(\"saml permissions\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicy;\nimport com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessAccessPolicy(\"example\", ServerlessAccessPolicyArgs.builder() \n .name(\"example\")\n .type(\"data\")\n .description(\"saml permissions\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"index\"),\n jsonProperty(\"Resource\", jsonArray(\"index/example-collection/*\")),\n jsonProperty(\"Permission\", jsonArray(\"aoss:*\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"Permission\", jsonArray(\"aoss:*\"))\n )\n )),\n jsonProperty(\"Principal\", jsonArray(\n \"saml/123456789012/myprovider/user/Annie\", \n \"saml/123456789012/anotherprovider/group/Accounting\"\n ))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessAccessPolicy\n properties:\n name: example\n type: data\n description: saml permissions\n policy:\n fn::toJSON:\n - Rules:\n - ResourceType: index\n Resource:\n - index/example-collection/*\n Permission:\n - aoss:*\n - ResourceType: collection\n Resource:\n - collection/example-collection\n Permission:\n - aoss:*\n Principal:\n - saml/123456789012/myprovider/user/Annie\n - saml/123456789012/anotherprovider/group/Accounting\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Access Policy using the `name` and `type` arguments separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessAccessPolicy:ServerlessAccessPolicy example example/data\n```\n", "properties": { "description": { "type": "string", @@ -288583,7 +288583,7 @@ } }, "aws:opensearch/serverlessCollection:ServerlessCollection": { - "description": "Resource for managing an AWS OpenSearch Serverless Collection.\n\n\u003e **NOTE:** An `aws.opensearch.ServerlessCollection` cannot be created without having an applicable encryption security policy. Use the `depends_on` meta-argument to define this dependency.\n\n\u003e **NOTE:** An `aws.opensearch.ServerlessCollection` is not accessible without configuring an applicable network security policy. Data cannot be accessed without configuring an applicable data access policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n policy: JSON.stringify({\n Rules: [{\n Resource: [\"collection/example\"],\n ResourceType: \"collection\",\n }],\n AWSOwnedKey: true,\n }),\n});\nconst exampleServerlessCollection = new aws.opensearch.ServerlessCollection(\"example\", {name: \"example\"});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n policy=json.dumps({\n \"Rules\": [{\n \"Resource\": [\"collection/example\"],\n \"ResourceType\": \"collection\",\n }],\n \"AWSOwnedKey\": True,\n }))\nexample_serverless_collection = aws.opensearch.ServerlessCollection(\"example\", name=\"example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Resource\"] = new[]\n {\n \"collection/example\",\n },\n [\"ResourceType\"] = \"collection\",\n },\n },\n [\"AWSOwnedKey\"] = true,\n }),\n });\n\n var exampleServerlessCollection = new Aws.OpenSearch.ServerlessCollection(\"example\", new()\n {\n Name = \"example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"collection/example\",\n\t\t\t\t\t},\n\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"AWSOwnedKey\": true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewServerlessCollection(ctx, \"example\", \u0026opensearch.ServerlessCollectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport com.pulumi.aws.opensearch.ServerlessCollection;\nimport com.pulumi.aws.opensearch.ServerlessCollectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"encryption\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"Resource\", jsonArray(\"collection/example\")),\n jsonProperty(\"ResourceType\", \"collection\")\n ))),\n jsonProperty(\"AWSOwnedKey\", true)\n )))\n .build());\n\n var exampleServerlessCollection = new ServerlessCollection(\"exampleServerlessCollection\", ServerlessCollectionArgs.builder() \n .name(\"example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n policy:\n fn::toJSON:\n Rules:\n - Resource:\n - collection/example\n ResourceType: collection\n AWSOwnedKey: true\n exampleServerlessCollection:\n type: aws:opensearch:ServerlessCollection\n name: example\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Collection using the `id`. For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessCollection:ServerlessCollection example example\n```\n", + "description": "Resource for managing an AWS OpenSearch Serverless Collection.\n\n\u003e **NOTE:** An `aws.opensearch.ServerlessCollection` cannot be created without having an applicable encryption security policy. Use the `depends_on` meta-argument to define this dependency.\n\n\u003e **NOTE:** An `aws.opensearch.ServerlessCollection` is not accessible without configuring an applicable network security policy. Data cannot be accessed without configuring an applicable data access policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n policy: JSON.stringify({\n Rules: [{\n Resource: [\"collection/example\"],\n ResourceType: \"collection\",\n }],\n AWSOwnedKey: true,\n }),\n});\nconst exampleServerlessCollection = new aws.opensearch.ServerlessCollection(\"example\", {name: \"example\"}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n policy=json.dumps({\n \"Rules\": [{\n \"Resource\": [\"collection/example\"],\n \"ResourceType\": \"collection\",\n }],\n \"AWSOwnedKey\": True,\n }))\nexample_serverless_collection = aws.opensearch.ServerlessCollection(\"example\", name=\"example\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Resource\"] = new[]\n {\n \"collection/example\",\n },\n [\"ResourceType\"] = \"collection\",\n },\n },\n [\"AWSOwnedKey\"] = true,\n }),\n });\n\n var exampleServerlessCollection = new Aws.OpenSearch.ServerlessCollection(\"example\", new()\n {\n Name = \"example\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"collection/example\",\n\t\t\t\t\t},\n\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"AWSOwnedKey\": true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearch.NewServerlessCollection(ctx, \"example\", \u0026opensearch.ServerlessCollectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport com.pulumi.aws.opensearch.ServerlessCollection;\nimport com.pulumi.aws.opensearch.ServerlessCollectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"encryption\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"Resource\", jsonArray(\"collection/example\")),\n jsonProperty(\"ResourceType\", \"collection\")\n ))),\n jsonProperty(\"AWSOwnedKey\", true)\n )))\n .build());\n\n var exampleServerlessCollection = new ServerlessCollection(\"exampleServerlessCollection\", ServerlessCollectionArgs.builder() \n .name(\"example\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n policy:\n fn::toJSON:\n Rules:\n - Resource:\n - collection/example\n ResourceType: collection\n AWSOwnedKey: true\n exampleServerlessCollection:\n type: aws:opensearch:ServerlessCollection\n name: example\n properties:\n name: example\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Collection using the `id`. For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessCollection:ServerlessCollection example example\n```\n", "properties": { "arn": { "type": "string", @@ -288886,7 +288886,7 @@ } }, "aws:opensearch/serverlessSecurityPolicy:ServerlessSecurityPolicy": { - "description": "Resource for managing an AWS OpenSearch Serverless Security Policy. See AWS documentation for [encryption policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-encryption.html#serverless-encryption-policies) and [network policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-network.html#serverless-network-policies).\n\n## Example Usage\n\n### Encryption Security Policy\n\n### Applies to a single collection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n description: \"encryption security policy for example-collection\",\n policy: JSON.stringify({\n rules: [{\n resource: [\"collection/example-collection\"],\n resourceType: \"collection\",\n }],\n aWSOwnedKey: true,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n description=\"encryption security policy for example-collection\",\n policy=json.dumps({\n \"rules\": [{\n \"resource\": [\"collection/example-collection\"],\n \"resourceType\": \"collection\",\n }],\n \"aWSOwnedKey\": True,\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Description = \"encryption security policy for example-collection\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"resourceType\"] = \"collection\",\n },\n },\n [\"aWSOwnedKey\"] = true,\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"aWSOwnedKey\": true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tDescription: pulumi.String(\"encryption security policy for example-collection\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"encryption\")\n .description(\"encryption security policy for example-collection\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"rules\", jsonArray(jsonObject(\n jsonProperty(\"resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"resourceType\", \"collection\")\n ))),\n jsonProperty(\"aWSOwnedKey\", true)\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n description: encryption security policy for example-collection\n policy:\n fn::toJSON:\n rules:\n - resource:\n - collection/example-collection\n resourceType: collection\n aWSOwnedKey: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Applies to multiple collections\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n description: \"encryption security policy for collections that begin with \\\"example\\\"\",\n policy: JSON.stringify({\n rules: [{\n resource: [\"collection/example*\"],\n resourceType: \"collection\",\n }],\n aWSOwnedKey: true,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n description=\"encryption security policy for collections that begin with \\\"example\\\"\",\n policy=json.dumps({\n \"rules\": [{\n \"resource\": [\"collection/example*\"],\n \"resourceType\": \"collection\",\n }],\n \"aWSOwnedKey\": True,\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Description = \"encryption security policy for collections that begin with \\\"example\\\"\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resource\"] = new[]\n {\n \"collection/example*\",\n },\n [\"resourceType\"] = \"collection\",\n },\n },\n [\"aWSOwnedKey\"] = true,\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\"collection/example*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"aWSOwnedKey\": true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tDescription: pulumi.String(\"encryption security policy for collections that begin with \\\"example\\\"\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"encryption\")\n .description(\"encryption security policy for collections that begin with \\\"example\\\"\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"rules\", jsonArray(jsonObject(\n jsonProperty(\"resource\", jsonArray(\"collection/example*\")),\n jsonProperty(\"resourceType\", \"collection\")\n ))),\n jsonProperty(\"aWSOwnedKey\", true)\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n description: encryption security policy for collections that begin with \"example\"\n policy:\n fn::toJSON:\n rules:\n - resource:\n - collection/example*\n resourceType: collection\n aWSOwnedKey: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using a customer managed key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n description: \"encryption security policy using customer KMS key\",\n policy: JSON.stringify({\n rules: [{\n resource: [\"collection/customer-managed-key-collection\"],\n resourceType: \"collection\",\n }],\n aWSOwnedKey: false,\n kmsARN: \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n description=\"encryption security policy using customer KMS key\",\n policy=json.dumps({\n \"rules\": [{\n \"resource\": [\"collection/customer-managed-key-collection\"],\n \"resourceType\": \"collection\",\n }],\n \"aWSOwnedKey\": False,\n \"kmsARN\": \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Description = \"encryption security policy using customer KMS key\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resource\"] = new[]\n {\n \"collection/customer-managed-key-collection\",\n },\n [\"resourceType\"] = \"collection\",\n },\n },\n [\"aWSOwnedKey\"] = false,\n [\"kmsARN\"] = \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\"collection/customer-managed-key-collection\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"aWSOwnedKey\": false,\n\t\t\t\"kmsARN\": \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tDescription: pulumi.String(\"encryption security policy using customer KMS key\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"encryption\")\n .description(\"encryption security policy using customer KMS key\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"rules\", jsonArray(jsonObject(\n jsonProperty(\"resource\", jsonArray(\"collection/customer-managed-key-collection\")),\n jsonProperty(\"resourceType\", \"collection\")\n ))),\n jsonProperty(\"aWSOwnedKey\", false),\n jsonProperty(\"kmsARN\", \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n description: encryption security policy using customer KMS key\n policy:\n fn::toJSON:\n rules:\n - resource:\n - collection/customer-managed-key-collection\n resourceType: collection\n aWSOwnedKey: false\n kmsARN: arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Network Security Policy\n\n### Allow public access to the collection endpoint and the Dashboards endpoint\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"network\",\n description: \"Public access\",\n policy: JSON.stringify([{\n description: \"Public access to collection and Dashboards endpoint for example collection\",\n rules: [\n {\n resourceType: \"collection\",\n resource: [\"collection/example-collection\"],\n },\n {\n resourceType: \"dashboard\",\n resource: [\"collection/example-collection\"],\n },\n ],\n allowFromPublic: true,\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"network\",\n description=\"Public access\",\n policy=json.dumps([{\n \"description\": \"Public access to collection and Dashboards endpoint for example collection\",\n \"rules\": [\n {\n \"resourceType\": \"collection\",\n \"resource\": [\"collection/example-collection\"],\n },\n {\n \"resourceType\": \"dashboard\",\n \"resource\": [\"collection/example-collection\"],\n },\n ],\n \"allowFromPublic\": True,\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"network\",\n Description = \"Public access\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"description\"] = \"Public access to collection and Dashboards endpoint for example collection\",\n [\"rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceType\"] = \"collection\",\n [\"resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceType\"] = \"dashboard\",\n [\"resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n },\n [\"allowFromPublic\"] = true,\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"description\": \"Public access to collection and Dashboards endpoint for example collection\",\n\t\t\t\t\"rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"resourceType\": \"collection\",\n\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"resourceType\": \"dashboard\",\n\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"allowFromPublic\": true,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"network\"),\n\t\t\tDescription: pulumi.String(\"Public access\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"network\")\n .description(\"Public access\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"description\", \"Public access to collection and Dashboards endpoint for example collection\"),\n jsonProperty(\"rules\", jsonArray(\n jsonObject(\n jsonProperty(\"resourceType\", \"collection\"),\n jsonProperty(\"resource\", jsonArray(\"collection/example-collection\"))\n ), \n jsonObject(\n jsonProperty(\"resourceType\", \"dashboard\"),\n jsonProperty(\"resource\", jsonArray(\"collection/example-collection\"))\n )\n )),\n jsonProperty(\"allowFromPublic\", true)\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: network\n description: Public access\n policy:\n fn::toJSON:\n - description: Public access to collection and Dashboards endpoint for example collection\n rules:\n - resourceType: collection\n resource:\n - collection/example-collection\n - resourceType: dashboard\n resource:\n - collection/example-collection\n allowFromPublic: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Allow VPC access to the collection endpoint and the Dashboards endpoint\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"network\",\n description: \"VPC access\",\n policy: JSON.stringify([{\n description: \"VPC access to collection and Dashboards endpoint for example collection\",\n rules: [\n {\n resourceType: \"collection\",\n resource: [\"collection/example-collection\"],\n },\n {\n resourceType: \"dashboard\",\n resource: [\"collection/example-collection\"],\n },\n ],\n allowFromPublic: false,\n sourceVPCEs: [\"vpce-050f79086ee71ac05\"],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"network\",\n description=\"VPC access\",\n policy=json.dumps([{\n \"description\": \"VPC access to collection and Dashboards endpoint for example collection\",\n \"rules\": [\n {\n \"resourceType\": \"collection\",\n \"resource\": [\"collection/example-collection\"],\n },\n {\n \"resourceType\": \"dashboard\",\n \"resource\": [\"collection/example-collection\"],\n },\n ],\n \"allowFromPublic\": False,\n \"sourceVPCEs\": [\"vpce-050f79086ee71ac05\"],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"network\",\n Description = \"VPC access\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"description\"] = \"VPC access to collection and Dashboards endpoint for example collection\",\n [\"rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceType\"] = \"collection\",\n [\"resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"resourceType\"] = \"dashboard\",\n [\"resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n },\n [\"allowFromPublic\"] = false,\n [\"sourceVPCEs\"] = new[]\n {\n \"vpce-050f79086ee71ac05\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"description\": \"VPC access to collection and Dashboards endpoint for example collection\",\n\t\t\t\t\"rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"resourceType\": \"collection\",\n\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"resourceType\": \"dashboard\",\n\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"allowFromPublic\": false,\n\t\t\t\t\"sourceVPCEs\": []string{\n\t\t\t\t\t\"vpce-050f79086ee71ac05\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"network\"),\n\t\t\tDescription: pulumi.String(\"VPC access\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"network\")\n .description(\"VPC access\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"description\", \"VPC access to collection and Dashboards endpoint for example collection\"),\n jsonProperty(\"rules\", jsonArray(\n jsonObject(\n jsonProperty(\"resourceType\", \"collection\"),\n jsonProperty(\"resource\", jsonArray(\"collection/example-collection\"))\n ), \n jsonObject(\n jsonProperty(\"resourceType\", \"dashboard\"),\n jsonProperty(\"resource\", jsonArray(\"collection/example-collection\"))\n )\n )),\n jsonProperty(\"allowFromPublic\", false),\n jsonProperty(\"sourceVPCEs\", jsonArray(\"vpce-050f79086ee71ac05\"))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: network\n description: VPC access\n policy:\n fn::toJSON:\n - description: VPC access to collection and Dashboards endpoint for example collection\n rules:\n - resourceType: collection\n resource:\n - collection/example-collection\n - resourceType: dashboard\n resource:\n - collection/example-collection\n allowFromPublic: false\n sourceVPCEs:\n - vpce-050f79086ee71ac05\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mixed access for different collections\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"network\",\n description: \"Mixed access for marketing and sales\",\n policy: JSON.stringify([\n {\n Description: \"Marketing access\",\n Rules: [\n {\n ResourceType: \"collection\",\n Resource: [\"collection/marketing*\"],\n },\n {\n ResourceType: \"dashboard\",\n Resource: [\"collection/marketing*\"],\n },\n ],\n AllowFromPublic: false,\n SourceVPCEs: [\"vpce-050f79086ee71ac05\"],\n },\n {\n Description: \"Sales access\",\n Rules: [{\n ResourceType: \"collection\",\n Resource: [\"collection/finance\"],\n }],\n AllowFromPublic: true,\n },\n ]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"network\",\n description=\"Mixed access for marketing and sales\",\n policy=json.dumps([\n {\n \"Description\": \"Marketing access\",\n \"Rules\": [\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/marketing*\"],\n },\n {\n \"ResourceType\": \"dashboard\",\n \"Resource\": [\"collection/marketing*\"],\n },\n ],\n \"AllowFromPublic\": False,\n \"SourceVPCEs\": [\"vpce-050f79086ee71ac05\"],\n },\n {\n \"Description\": \"Sales access\",\n \"Rules\": [{\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/finance\"],\n }],\n \"AllowFromPublic\": True,\n },\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"network\",\n Description = \"Mixed access for marketing and sales\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"Marketing access\",\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/marketing*\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"dashboard\",\n [\"Resource\"] = new[]\n {\n \"collection/marketing*\",\n },\n },\n },\n [\"AllowFromPublic\"] = false,\n [\"SourceVPCEs\"] = new[]\n {\n \"vpce-050f79086ee71ac05\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"Sales access\",\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/finance\",\n },\n },\n },\n [\"AllowFromPublic\"] = true,\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Description\": \"Marketing access\",\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/marketing*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"dashboard\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/marketing*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"AllowFromPublic\": false,\n\t\t\t\t\"SourceVPCEs\": []string{\n\t\t\t\t\t\"vpce-050f79086ee71ac05\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Description\": \"Sales access\",\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/finance\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"AllowFromPublic\": true,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"network\"),\n\t\t\tDescription: pulumi.String(\"Mixed access for marketing and sales\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"network\")\n .description(\"Mixed access for marketing and sales\")\n .policy(serializeJson(\n jsonArray(\n jsonObject(\n jsonProperty(\"Description\", \"Marketing access\"),\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/marketing*\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"dashboard\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/marketing*\"))\n )\n )),\n jsonProperty(\"AllowFromPublic\", false),\n jsonProperty(\"SourceVPCEs\", jsonArray(\"vpce-050f79086ee71ac05\"))\n ), \n jsonObject(\n jsonProperty(\"Description\", \"Sales access\"),\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/finance\"))\n ))),\n jsonProperty(\"AllowFromPublic\", true)\n )\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: network\n description: Mixed access for marketing and sales\n policy:\n fn::toJSON:\n - Description: Marketing access\n Rules:\n - ResourceType: collection\n Resource:\n - collection/marketing*\n - ResourceType: dashboard\n Resource:\n - collection/marketing*\n AllowFromPublic: false\n SourceVPCEs:\n - vpce-050f79086ee71ac05\n - Description: Sales access\n Rules:\n - ResourceType: collection\n Resource:\n - collection/finance\n AllowFromPublic: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Security Policy using the `name` and `type` arguments separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessSecurityPolicy:ServerlessSecurityPolicy example example/encryption\n```\n", + "description": "Resource for managing an AWS OpenSearch Serverless Security Policy. See AWS documentation for [encryption policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-encryption.html#serverless-encryption-policies) and [network policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-network.html#serverless-network-policies).\n\n## Example Usage\n\n### Encryption Security Policy\n\n### Applies to a single collection\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n description: \"encryption security policy for example-collection\",\n policy: JSON.stringify({\n Rules: [{\n Resource: [\"collection/example-collection\"],\n ResourceType: \"collection\",\n }],\n AWSOwnedKey: true,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n description=\"encryption security policy for example-collection\",\n policy=json.dumps({\n \"Rules\": [{\n \"Resource\": [\"collection/example-collection\"],\n \"ResourceType\": \"collection\",\n }],\n \"AWSOwnedKey\": True,\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Description = \"encryption security policy for example-collection\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n [\"ResourceType\"] = \"collection\",\n },\n },\n [\"AWSOwnedKey\"] = true,\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t},\n\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"AWSOwnedKey\": true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tDescription: pulumi.String(\"encryption security policy for example-collection\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"encryption\")\n .description(\"encryption security policy for example-collection\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\")),\n jsonProperty(\"ResourceType\", \"collection\")\n ))),\n jsonProperty(\"AWSOwnedKey\", true)\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n description: encryption security policy for example-collection\n policy:\n fn::toJSON:\n Rules:\n - Resource:\n - collection/example-collection\n ResourceType: collection\n AWSOwnedKey: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Applies to multiple collections\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n description: \"encryption security policy for collections that begin with \\\"example\\\"\",\n policy: JSON.stringify({\n Rules: [{\n Resource: [\"collection/example*\"],\n ResourceType: \"collection\",\n }],\n AWSOwnedKey: true,\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n description=\"encryption security policy for collections that begin with \\\"example\\\"\",\n policy=json.dumps({\n \"Rules\": [{\n \"Resource\": [\"collection/example*\"],\n \"ResourceType\": \"collection\",\n }],\n \"AWSOwnedKey\": True,\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Description = \"encryption security policy for collections that begin with \\\"example\\\"\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Resource\"] = new[]\n {\n \"collection/example*\",\n },\n [\"ResourceType\"] = \"collection\",\n },\n },\n [\"AWSOwnedKey\"] = true,\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"collection/example*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"AWSOwnedKey\": true,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tDescription: pulumi.String(\"encryption security policy for collections that begin with \\\"example\\\"\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"encryption\")\n .description(\"encryption security policy for collections that begin with \\\"example\\\"\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"Resource\", jsonArray(\"collection/example*\")),\n jsonProperty(\"ResourceType\", \"collection\")\n ))),\n jsonProperty(\"AWSOwnedKey\", true)\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n description: encryption security policy for collections that begin with \"example\"\n policy:\n fn::toJSON:\n Rules:\n - Resource:\n - collection/example*\n ResourceType: collection\n AWSOwnedKey: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using a customer managed key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"encryption\",\n description: \"encryption security policy using customer KMS key\",\n policy: JSON.stringify({\n Rules: [{\n Resource: [\"collection/customer-managed-key-collection\"],\n ResourceType: \"collection\",\n }],\n AWSOwnedKey: false,\n KmsARN: \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"encryption\",\n description=\"encryption security policy using customer KMS key\",\n policy=json.dumps({\n \"Rules\": [{\n \"Resource\": [\"collection/customer-managed-key-collection\"],\n \"ResourceType\": \"collection\",\n }],\n \"AWSOwnedKey\": False,\n \"KmsARN\": \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"encryption\",\n Description = \"encryption security policy using customer KMS key\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Resource\"] = new[]\n {\n \"collection/customer-managed-key-collection\",\n },\n [\"ResourceType\"] = \"collection\",\n },\n },\n [\"AWSOwnedKey\"] = false,\n [\"KmsARN\"] = \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"collection/customer-managed-key-collection\",\n\t\t\t\t\t},\n\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"AWSOwnedKey\": false,\n\t\t\t\"KmsARN\": \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"encryption\"),\n\t\t\tDescription: pulumi.String(\"encryption security policy using customer KMS key\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"encryption\")\n .description(\"encryption security policy using customer KMS key\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"Resource\", jsonArray(\"collection/customer-managed-key-collection\")),\n jsonProperty(\"ResourceType\", \"collection\")\n ))),\n jsonProperty(\"AWSOwnedKey\", false),\n jsonProperty(\"KmsARN\", \"arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: encryption\n description: encryption security policy using customer KMS key\n policy:\n fn::toJSON:\n Rules:\n - Resource:\n - collection/customer-managed-key-collection\n ResourceType: collection\n AWSOwnedKey: false\n KmsARN: arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Network Security Policy\n\n### Allow public access to the collection endpoint and the Dashboards endpoint\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"network\",\n description: \"Public access\",\n policy: JSON.stringify([{\n Description: \"Public access to collection and Dashboards endpoint for example collection\",\n Rules: [\n {\n ResourceType: \"collection\",\n Resource: [\"collection/example-collection\"],\n },\n {\n ResourceType: \"dashboard\",\n Resource: [\"collection/example-collection\"],\n },\n ],\n AllowFromPublic: true,\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"network\",\n description=\"Public access\",\n policy=json.dumps([{\n \"Description\": \"Public access to collection and Dashboards endpoint for example collection\",\n \"Rules\": [\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/example-collection\"],\n },\n {\n \"ResourceType\": \"dashboard\",\n \"Resource\": [\"collection/example-collection\"],\n },\n ],\n \"AllowFromPublic\": True,\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"network\",\n Description = \"Public access\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"Public access to collection and Dashboards endpoint for example collection\",\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"dashboard\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n },\n [\"AllowFromPublic\"] = true,\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Description\": \"Public access to collection and Dashboards endpoint for example collection\",\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"dashboard\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"AllowFromPublic\": true,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"network\"),\n\t\t\tDescription: pulumi.String(\"Public access\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"network\")\n .description(\"Public access\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Description\", \"Public access to collection and Dashboards endpoint for example collection\"),\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"dashboard\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\"))\n )\n )),\n jsonProperty(\"AllowFromPublic\", true)\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: network\n description: Public access\n policy:\n fn::toJSON:\n - Description: Public access to collection and Dashboards endpoint for example collection\n Rules:\n - ResourceType: collection\n Resource:\n - collection/example-collection\n - ResourceType: dashboard\n Resource:\n - collection/example-collection\n AllowFromPublic: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Allow VPC access to the collection endpoint and the Dashboards endpoint\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"network\",\n description: \"VPC access\",\n policy: JSON.stringify([{\n Description: \"VPC access to collection and Dashboards endpoint for example collection\",\n Rules: [\n {\n ResourceType: \"collection\",\n Resource: [\"collection/example-collection\"],\n },\n {\n ResourceType: \"dashboard\",\n Resource: [\"collection/example-collection\"],\n },\n ],\n AllowFromPublic: false,\n SourceVPCEs: [\"vpce-050f79086ee71ac05\"],\n }]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"network\",\n description=\"VPC access\",\n policy=json.dumps([{\n \"Description\": \"VPC access to collection and Dashboards endpoint for example collection\",\n \"Rules\": [\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/example-collection\"],\n },\n {\n \"ResourceType\": \"dashboard\",\n \"Resource\": [\"collection/example-collection\"],\n },\n ],\n \"AllowFromPublic\": False,\n \"SourceVPCEs\": [\"vpce-050f79086ee71ac05\"],\n }]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"network\",\n Description = \"VPC access\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"VPC access to collection and Dashboards endpoint for example collection\",\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"dashboard\",\n [\"Resource\"] = new[]\n {\n \"collection/example-collection\",\n },\n },\n },\n [\"AllowFromPublic\"] = false,\n [\"SourceVPCEs\"] = new[]\n {\n \"vpce-050f79086ee71ac05\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]map[string]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Description\": \"VPC access to collection and Dashboards endpoint for example collection\",\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"dashboard\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/example-collection\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"AllowFromPublic\": false,\n\t\t\t\t\"SourceVPCEs\": []string{\n\t\t\t\t\t\"vpce-050f79086ee71ac05\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"network\"),\n\t\t\tDescription: pulumi.String(\"VPC access\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"network\")\n .description(\"VPC access\")\n .policy(serializeJson(\n jsonArray(jsonObject(\n jsonProperty(\"Description\", \"VPC access to collection and Dashboards endpoint for example collection\"),\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"dashboard\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/example-collection\"))\n )\n )),\n jsonProperty(\"AllowFromPublic\", false),\n jsonProperty(\"SourceVPCEs\", jsonArray(\"vpce-050f79086ee71ac05\"))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: network\n description: VPC access\n policy:\n fn::toJSON:\n - Description: VPC access to collection and Dashboards endpoint for example collection\n Rules:\n - ResourceType: collection\n Resource:\n - collection/example-collection\n - ResourceType: dashboard\n Resource:\n - collection/example-collection\n AllowFromPublic: false\n SourceVPCEs:\n - vpce-050f79086ee71ac05\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Mixed access for different collections\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.opensearch.ServerlessSecurityPolicy(\"example\", {\n name: \"example\",\n type: \"network\",\n description: \"Mixed access for marketing and sales\",\n policy: JSON.stringify([\n {\n Description: \"Marketing access\",\n Rules: [\n {\n ResourceType: \"collection\",\n Resource: [\"collection/marketing*\"],\n },\n {\n ResourceType: \"dashboard\",\n Resource: [\"collection/marketing*\"],\n },\n ],\n AllowFromPublic: false,\n SourceVPCEs: [\"vpce-050f79086ee71ac05\"],\n },\n {\n Description: \"Sales access\",\n Rules: [{\n ResourceType: \"collection\",\n Resource: [\"collection/finance\"],\n }],\n AllowFromPublic: true,\n },\n ]),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.opensearch.ServerlessSecurityPolicy(\"example\",\n name=\"example\",\n type=\"network\",\n description=\"Mixed access for marketing and sales\",\n policy=json.dumps([\n {\n \"Description\": \"Marketing access\",\n \"Rules\": [\n {\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/marketing*\"],\n },\n {\n \"ResourceType\": \"dashboard\",\n \"Resource\": [\"collection/marketing*\"],\n },\n ],\n \"AllowFromPublic\": False,\n \"SourceVPCEs\": [\"vpce-050f79086ee71ac05\"],\n },\n {\n \"Description\": \"Sales access\",\n \"Rules\": [{\n \"ResourceType\": \"collection\",\n \"Resource\": [\"collection/finance\"],\n }],\n \"AllowFromPublic\": True,\n },\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearch.ServerlessSecurityPolicy(\"example\", new()\n {\n Name = \"example\",\n Type = \"network\",\n Description = \"Mixed access for marketing and sales\",\n Policy = JsonSerializer.Serialize(new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"Marketing access\",\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/marketing*\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"dashboard\",\n [\"Resource\"] = new[]\n {\n \"collection/marketing*\",\n },\n },\n },\n [\"AllowFromPublic\"] = false,\n [\"SourceVPCEs\"] = new[]\n {\n \"vpce-050f79086ee71ac05\",\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Description\"] = \"Sales access\",\n [\"Rules\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"ResourceType\"] = \"collection\",\n [\"Resource\"] = new[]\n {\n \"collection/finance\",\n },\n },\n },\n [\"AllowFromPublic\"] = true,\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal([]interface{}{\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Description\": \"Marketing access\",\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/marketing*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"dashboard\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/marketing*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"AllowFromPublic\": false,\n\t\t\t\t\"SourceVPCEs\": []string{\n\t\t\t\t\t\"vpce-050f79086ee71ac05\",\n\t\t\t\t},\n\t\t\t},\n\t\t\tmap[string]interface{}{\n\t\t\t\t\"Description\": \"Sales access\",\n\t\t\t\t\"Rules\": []map[string]interface{}{\n\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\"ResourceType\": \"collection\",\n\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\"collection/finance\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\"AllowFromPublic\": true,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = opensearch.NewServerlessSecurityPolicy(ctx, \"example\", \u0026opensearch.ServerlessSecurityPolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tType: pulumi.String(\"network\"),\n\t\t\tDescription: pulumi.String(\"Mixed access for marketing and sales\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicy;\nimport com.pulumi.aws.opensearch.ServerlessSecurityPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ServerlessSecurityPolicy(\"example\", ServerlessSecurityPolicyArgs.builder() \n .name(\"example\")\n .type(\"network\")\n .description(\"Mixed access for marketing and sales\")\n .policy(serializeJson(\n jsonArray(\n jsonObject(\n jsonProperty(\"Description\", \"Marketing access\"),\n jsonProperty(\"Rules\", jsonArray(\n jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/marketing*\"))\n ), \n jsonObject(\n jsonProperty(\"ResourceType\", \"dashboard\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/marketing*\"))\n )\n )),\n jsonProperty(\"AllowFromPublic\", false),\n jsonProperty(\"SourceVPCEs\", jsonArray(\"vpce-050f79086ee71ac05\"))\n ), \n jsonObject(\n jsonProperty(\"Description\", \"Sales access\"),\n jsonProperty(\"Rules\", jsonArray(jsonObject(\n jsonProperty(\"ResourceType\", \"collection\"),\n jsonProperty(\"Resource\", jsonArray(\"collection/finance\"))\n ))),\n jsonProperty(\"AllowFromPublic\", true)\n )\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearch:ServerlessSecurityPolicy\n properties:\n name: example\n type: network\n description: Mixed access for marketing and sales\n policy:\n fn::toJSON:\n - Description: Marketing access\n Rules:\n - ResourceType: collection\n Resource:\n - collection/marketing*\n - ResourceType: dashboard\n Resource:\n - collection/marketing*\n AllowFromPublic: false\n SourceVPCEs:\n - vpce-050f79086ee71ac05\n - Description: Sales access\n Rules:\n - ResourceType: collection\n Resource:\n - collection/finance\n AllowFromPublic: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearchServerless Security Policy using the `name` and `type` arguments separated by a slash (`/`). For example:\n\n```sh\n$ pulumi import aws:opensearch/serverlessSecurityPolicy:ServerlessSecurityPolicy example example/encryption\n```\n", "properties": { "description": { "type": "string", @@ -289119,7 +289119,7 @@ } }, "aws:opensearchingest/pipeline:Pipeline": { - "description": "Resource for managing an AWS OpenSearch Ingestion Pipeline.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = new aws.iam.Role(\"example\", {assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"osis-pipelines.amazonaws.com\",\n },\n }],\n})});\nconst examplePipeline = new aws.opensearchingest.Pipeline(\"example\", {\n pipelineName: \"example\",\n pipelineConfigurationBody: pulumi.all([example.arn, current]).apply(([arn, current]) =\u003e `version: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"${arn}\"\n region: \"${current.name}\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n`),\n maxUnits: 1,\n minUnits: 1,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.iam.Role(\"example\", assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"osis-pipelines.amazonaws.com\",\n },\n }],\n}))\nexample_pipeline = aws.opensearchingest.Pipeline(\"example\",\n pipeline_name=\"example\",\n pipeline_configuration_body=example.arn.apply(lambda arn: f\"\"\"version: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"{arn}\"\n region: \"{current.name}\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n\"\"\"),\n max_units=1,\n min_units=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"osis-pipelines.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var examplePipeline = new Aws.OpenSearchIngest.Pipeline(\"example\", new()\n {\n PipelineName = \"example\",\n PipelineConfigurationBody = Output.Tuple(example.Arn, current).Apply(values =\u003e\n {\n var arn = values.Item1;\n var current = values.Item2;\n return @$\"version: \"\"2\"\"\nexample-pipeline:\n source:\n http:\n path: \"\"/example\"\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"\"{arn}\"\"\n region: \"\"{current.Apply(getRegionResult =\u003e getRegionResult.Name)}\"\"\n bucket: \"\"example\"\"\n threshold:\n event_collect_timeout: \"\"60s\"\"\n codec:\n ndjson:\n\";\n }),\n MaxUnits = 1,\n MinUnits = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearchingest\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"osis-pipelines.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearchingest.NewPipeline(ctx, \"example\", \u0026opensearchingest.PipelineArgs{\n\t\t\tPipelineName: pulumi.String(\"example\"),\n\t\t\tPipelineConfigurationBody: example.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(`version: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"%v\"\n region: \"%v\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n`, arn, current.Name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tMaxUnits: pulumi.Int(1),\n\t\t\tMinUnits: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.opensearchingest.Pipeline;\nimport com.pulumi.aws.opensearchingest.PipelineArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var example = new Role(\"example\", RoleArgs.builder() \n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"osis-pipelines.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var examplePipeline = new Pipeline(\"examplePipeline\", PipelineArgs.builder() \n .pipelineName(\"example\")\n .pipelineConfigurationBody(example.arn().applyValue(arn -\u003e \"\"\"\nversion: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"%s\"\n region: \"%s\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n\", arn,current.applyValue(getRegionResult -\u003e getRegionResult.name()))))\n .maxUnits(1)\n .minUnits(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: osis-pipelines.amazonaws.com\n examplePipeline:\n type: aws:opensearchingest:Pipeline\n name: example\n properties:\n pipelineName: example\n pipelineConfigurationBody: |\n version: \"2\"\n example-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"${example.arn}\"\n region: \"${current.name}\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n maxUnits: 1\n minUnits: 1\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using file function\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.opensearchingest.Pipeline(\"example\", {\n pipelineName: \"example\",\n pipelineConfigurationBody: std.file({\n input: \"example.yaml\",\n }).then(invoke =\u003e invoke.result),\n maxUnits: 1,\n minUnits: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.opensearchingest.Pipeline(\"example\",\n pipeline_name=\"example\",\n pipeline_configuration_body=std.file(input=\"example.yaml\").result,\n max_units=1,\n min_units=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearchIngest.Pipeline(\"example\", new()\n {\n PipelineName = \"example\",\n PipelineConfigurationBody = Std.File.Invoke(new()\n {\n Input = \"example.yaml\",\n }).Apply(invoke =\u003e invoke.Result),\n MaxUnits = 1,\n MinUnits = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearchingest\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"example.yaml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearchingest.NewPipeline(ctx, \"example\", \u0026opensearchingest.PipelineArgs{\n\t\t\tPipelineName: pulumi.String(\"example\"),\n\t\t\tPipelineConfigurationBody: invokeFile.Result,\n\t\t\tMaxUnits: pulumi.Int(1),\n\t\t\tMinUnits: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearchingest.Pipeline;\nimport com.pulumi.aws.opensearchingest.PipelineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipeline(\"example\", PipelineArgs.builder() \n .pipelineName(\"example\")\n .pipelineConfigurationBody(StdFunctions.file(FileArgs.builder()\n .input(\"example.yaml\")\n .build()).result())\n .maxUnits(1)\n .minUnits(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearchingest:Pipeline\n properties:\n pipelineName: example\n pipelineConfigurationBody:\n fn::invoke:\n Function: std:file\n Arguments:\n input: example.yaml\n Return: result\n maxUnits: 1\n minUnits: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearch Ingestion Pipeline using the `id`. For example:\n\n```sh\n$ pulumi import aws:opensearchingest/pipeline:Pipeline example example\n```\n", + "description": "Resource for managing an AWS OpenSearch Ingestion Pipeline.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst example = new aws.iam.Role(\"example\", {assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"osis-pipelines.amazonaws.com\",\n },\n }],\n})});\nconst examplePipeline = new aws.opensearchingest.Pipeline(\"example\", {\n pipelineName: \"example\",\n pipelineConfigurationBody: pulumi.all([example.arn, current]).apply(([arn, current]) =\u003e `version: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"${arn}\"\n region: \"${current.name}\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n`),\n maxUnits: 1,\n minUnits: 1,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\nexample = aws.iam.Role(\"example\", assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"osis-pipelines.amazonaws.com\",\n },\n }],\n}))\nexample_pipeline = aws.opensearchingest.Pipeline(\"example\",\n pipeline_name=\"example\",\n pipeline_configuration_body=example.arn.apply(lambda arn: f\"\"\"version: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"{arn}\"\n region: \"{current.name}\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n\"\"\"),\n max_units=1,\n min_units=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"osis-pipelines.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var examplePipeline = new Aws.OpenSearchIngest.Pipeline(\"example\", new()\n {\n PipelineName = \"example\",\n PipelineConfigurationBody = Output.Tuple(example.Arn, current).Apply(values =\u003e\n {\n var arn = values.Item1;\n var current = values.Item2;\n return @$\"version: \"\"2\"\"\nexample-pipeline:\n source:\n http:\n path: \"\"/example\"\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"\"{arn}\"\"\n region: \"\"{current.Apply(getRegionResult =\u003e getRegionResult.Name)}\"\"\n bucket: \"\"example\"\"\n threshold:\n event_collect_timeout: \"\"60s\"\"\n codec:\n ndjson:\n\";\n }),\n MaxUnits = 1,\n MinUnits = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearchingest\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"osis-pipelines.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearchingest.NewPipeline(ctx, \"example\", \u0026opensearchingest.PipelineArgs{\n\t\t\tPipelineName: pulumi.String(\"example\"),\n\t\t\tPipelineConfigurationBody: example.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(`version: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"%v\"\n region: \"%v\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n`, arn, current.Name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tMaxUnits: pulumi.Int(1),\n\t\t\tMinUnits: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.opensearchingest.Pipeline;\nimport com.pulumi.aws.opensearchingest.PipelineArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n var example = new Role(\"example\", RoleArgs.builder() \n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"osis-pipelines.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n var examplePipeline = new Pipeline(\"examplePipeline\", PipelineArgs.builder() \n .pipelineName(\"example\")\n .pipelineConfigurationBody(example.arn().applyValue(arn -\u003e \"\"\"\nversion: \"2\"\nexample-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"%s\"\n region: \"%s\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n\", arn,current.applyValue(getRegionResult -\u003e getRegionResult.name()))))\n .maxUnits(1)\n .minUnits(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: osis-pipelines.amazonaws.com\n examplePipeline:\n type: aws:opensearchingest:Pipeline\n name: example\n properties:\n pipelineName: example\n pipelineConfigurationBody: |\n version: \"2\"\n example-pipeline:\n source:\n http:\n path: \"/example\"\n sink:\n - s3:\n aws:\n sts_role_arn: \"${example.arn}\"\n region: \"${current.name}\"\n bucket: \"example\"\n threshold:\n event_collect_timeout: \"60s\"\n codec:\n ndjson:\n maxUnits: 1\n minUnits: 1\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Using file function\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new aws.opensearchingest.Pipeline(\"example\", {\n pipelineName: \"example\",\n pipelineConfigurationBody: std.file({\n input: \"example.yaml\",\n }).then(invoke =\u003e invoke.result),\n maxUnits: 1,\n minUnits: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nexample = aws.opensearchingest.Pipeline(\"example\",\n pipeline_name=\"example\",\n pipeline_configuration_body=std.file(input=\"example.yaml\").result,\n max_units=1,\n min_units=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.OpenSearchIngest.Pipeline(\"example\", new()\n {\n PipelineName = \"example\",\n PipelineConfigurationBody = Std.File.Invoke(new()\n {\n Input = \"example.yaml\",\n }).Apply(invoke =\u003e invoke.Result),\n MaxUnits = 1,\n MinUnits = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearchingest\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFile, err := std.File(ctx, \u0026std.FileArgs{\n\t\t\tInput: \"example.yaml\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = opensearchingest.NewPipeline(ctx, \"example\", \u0026opensearchingest.PipelineArgs{\n\t\t\tPipelineName: pulumi.String(\"example\"),\n\t\t\tPipelineConfigurationBody: invokeFile.Result,\n\t\t\tMaxUnits: pulumi.Int(1),\n\t\t\tMinUnits: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.opensearchingest.Pipeline;\nimport com.pulumi.aws.opensearchingest.PipelineArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipeline(\"example\", PipelineArgs.builder() \n .pipelineName(\"example\")\n .pipelineConfigurationBody(StdFunctions.file(FileArgs.builder()\n .input(\"example.yaml\")\n .build()).result())\n .maxUnits(1)\n .minUnits(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:opensearchingest:Pipeline\n properties:\n pipelineName: example\n pipelineConfigurationBody:\n fn::invoke:\n Function: std:file\n Arguments:\n input: example.yaml\n Return: result\n maxUnits: 1\n minUnits: 1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import OpenSearch Ingestion Pipeline using the `id`. For example:\n\n```sh\n$ pulumi import aws:opensearchingest/pipeline:Pipeline example example\n```\n", "properties": { "bufferOptions": { "$ref": "#/types/aws:opensearchingest/PipelineBufferOptions:PipelineBufferOptions", @@ -297364,7 +297364,7 @@ } }, "aws:pipes/pipe:Pipe": { - "description": "Resource for managing an AWS EventBridge Pipes Pipe.\n\nYou can find out more about EventBridge Pipes in the [User Guide](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html).\n\nEventBridge Pipes are very configurable, and may require IAM permissions to work correctly. More information on the configuration options and IAM permissions can be found in the [User Guide](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html).\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.getCallerIdentity({});\nconst example = new aws.iam.Role(\"example\", {assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: {\n effect: \"Allow\",\n action: \"sts:AssumeRole\",\n principal: {\n service: \"pipes.amazonaws.com\",\n },\n condition: {\n stringEquals: {\n \"aws:SourceAccount\": main.then(main =\u003e main.accountId),\n },\n },\n },\n})});\nconst sourceQueue = new aws.sqs.Queue(\"source\", {});\nconst source = new aws.iam.RolePolicy(\"source\", {\n role: example.id,\n policy: pulumi.jsonStringify({\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: [\n \"sqs:DeleteMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:ReceiveMessage\",\n ],\n resource: [sourceQueue.arn],\n }],\n }),\n});\nconst targetQueue = new aws.sqs.Queue(\"target\", {});\nconst target = new aws.iam.RolePolicy(\"target\", {\n role: example.id,\n policy: pulumi.jsonStringify({\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: [\"sqs:SendMessage\"],\n resource: [targetQueue.arn],\n }],\n }),\n});\nconst examplePipe = new aws.pipes.Pipe(\"example\", {\n name: \"example-pipe\",\n roleArn: example.arn,\n source: sourceQueue.arn,\n target: targetQueue.arn,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmain = aws.get_caller_identity()\nexample = aws.iam.Role(\"example\", assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": {\n \"effect\": \"Allow\",\n \"action\": \"sts:AssumeRole\",\n \"principal\": {\n \"service\": \"pipes.amazonaws.com\",\n },\n \"condition\": {\n \"stringEquals\": {\n \"aws:SourceAccount\": main.account_id,\n },\n },\n },\n}))\nsource_queue = aws.sqs.Queue(\"source\")\nsource = aws.iam.RolePolicy(\"source\",\n role=example.id,\n policy=pulumi.Output.json_dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": [\n \"sqs:DeleteMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:ReceiveMessage\",\n ],\n \"resource\": [source_queue.arn],\n }],\n }))\ntarget_queue = aws.sqs.Queue(\"target\")\ntarget = aws.iam.RolePolicy(\"target\",\n role=example.id,\n policy=pulumi.Output.json_dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": [\"sqs:SendMessage\"],\n \"resource\": [target_queue.arn],\n }],\n }))\nexample_pipe = aws.pipes.Pipe(\"example\",\n name=\"example-pipe\",\n role_arn=example.arn,\n source=source_queue.arn,\n target=target_queue.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"sts:AssumeRole\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"pipes.amazonaws.com\",\n },\n [\"condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"stringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceAccount\"] = main.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n },\n },\n }),\n });\n\n var sourceQueue = new Aws.Sqs.Queue(\"source\");\n\n var source = new Aws.Iam.RolePolicy(\"source\", new()\n {\n Role = example.Id,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = new[]\n {\n \"sqs:DeleteMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:ReceiveMessage\",\n },\n [\"resource\"] = new[]\n {\n sourceQueue.Arn,\n },\n },\n },\n })),\n });\n\n var targetQueue = new Aws.Sqs.Queue(\"target\");\n\n var target = new Aws.Iam.RolePolicy(\"target\", new()\n {\n Role = example.Id,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = new[]\n {\n \"sqs:SendMessage\",\n },\n [\"resource\"] = new[]\n {\n targetQueue.Arn,\n },\n },\n },\n })),\n });\n\n var examplePipe = new Aws.Pipes.Pipe(\"example\", new()\n {\n Name = \"example-pipe\",\n RoleArn = example.Arn,\n Source = sourceQueue.Arn,\n Target = targetQueue.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pipes\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": map[string]interface{}{\n\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\"service\": \"pipes.amazonaws.com\",\n\t\t\t\t},\n\t\t\t\t\"condition\": map[string]interface{}{\n\t\t\t\t\t\"stringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\"aws:SourceAccount\": main.AccountId,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsourceQueue, err := sqs.NewQueue(ctx, \"source\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"source\", \u0026iam.RolePolicyArgs{\n\t\t\tRole: example.ID(),\n\t\t\tPolicy: sourceQueue.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\t\"sqs:DeleteMessage\",\n\t\t\t\t\t\t\t\t\"sqs:GetQueueAttributes\",\n\t\t\t\t\t\t\t\t\"sqs:ReceiveMessage\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\tarn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttargetQueue, err := sqs.NewQueue(ctx, \"target\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicy(ctx, \"target\", \u0026iam.RolePolicyArgs{\n\t\t\tRole: example.ID(),\n\t\t\tPolicy: targetQueue.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON2, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\t\"sqs:SendMessage\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\tarn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson2 := string(tmpJSON2)\n\t\t\t\treturn pulumi.String(json2), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pipes.NewPipe(ctx, \"example\", \u0026pipes.PipeArgs{\n\t\t\tName: pulumi.String(\"example-pipe\"),\n\t\t\tRoleArn: example.Arn,\n\t\t\tSource: sourceQueue.Arn,\n\t\t\tTarget: targetQueue.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = AwsFunctions.getCallerIdentity();\n\n var example = new Role(\"example\", RoleArgs.builder() \n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonObject(\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"pipes.amazonaws.com\")\n )),\n jsonProperty(\"condition\", jsonObject(\n jsonProperty(\"stringEquals\", jsonObject(\n jsonProperty(\"aws:SourceAccount\", main.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n ))\n ))\n ))\n )))\n .build());\n\n var sourceQueue = new Queue(\"sourceQueue\");\n\n var source = new RolePolicy(\"source\", RolePolicyArgs.builder() \n .role(example.id())\n .policy(sourceQueue.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"action\", jsonArray(\n \"sqs:DeleteMessage\", \n \"sqs:GetQueueAttributes\", \n \"sqs:ReceiveMessage\"\n )),\n jsonProperty(\"resource\", jsonArray(arn))\n )))\n ))))\n .build());\n\n var targetQueue = new Queue(\"targetQueue\");\n\n var target = new RolePolicy(\"target\", RolePolicyArgs.builder() \n .role(example.id())\n .policy(targetQueue.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"action\", jsonArray(\"sqs:SendMessage\")),\n jsonProperty(\"resource\", jsonArray(arn))\n )))\n ))))\n .build());\n\n var examplePipe = new Pipe(\"examplePipe\", PipeArgs.builder() \n .name(\"example-pipe\")\n .roleArn(example.arn())\n .source(sourceQueue.arn())\n .target(targetQueue.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n effect: Allow\n action: sts:AssumeRole\n principal:\n service: pipes.amazonaws.com\n condition:\n stringEquals:\n aws:SourceAccount: ${main.accountId}\n source:\n type: aws:iam:RolePolicy\n properties:\n role: ${example.id}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - effect: Allow\n action:\n - sqs:DeleteMessage\n - sqs:GetQueueAttributes\n - sqs:ReceiveMessage\n resource:\n - ${sourceQueue.arn}\n sourceQueue:\n type: aws:sqs:Queue\n name: source\n target:\n type: aws:iam:RolePolicy\n properties:\n role: ${example.id}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - effect: Allow\n action:\n - sqs:SendMessage\n resource:\n - ${targetQueue.arn}\n targetQueue:\n type: aws:sqs:Queue\n name: target\n examplePipe:\n type: aws:pipes:Pipe\n name: example\n properties:\n name: example-pipe\n roleArn: ${example.arn}\n source: ${sourceQueue.arn}\n target: ${targetQueue.arn}\nvariables:\n main:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enrichment Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.pipes.Pipe(\"example\", {\n name: \"example-pipe\",\n roleArn: exampleAwsIamRole.arn,\n source: source.arn,\n target: target.arn,\n enrichment: exampleAwsCloudwatchEventApiDestination.arn,\n enrichmentParameters: {\n httpParameters: {\n pathParameterValues: \"example-path-param\",\n headerParameters: {\n \"example-header\": \"example-value\",\n \"second-example-header\": \"second-example-value\",\n },\n queryStringParameters: {\n \"example-query-string\": \"example-value\",\n \"second-example-query-string\": \"second-example-value\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.pipes.Pipe(\"example\",\n name=\"example-pipe\",\n role_arn=example_aws_iam_role[\"arn\"],\n source=source[\"arn\"],\n target=target[\"arn\"],\n enrichment=example_aws_cloudwatch_event_api_destination[\"arn\"],\n enrichment_parameters=aws.pipes.PipeEnrichmentParametersArgs(\n http_parameters=aws.pipes.PipeEnrichmentParametersHttpParametersArgs(\n path_parameter_values=\"example-path-param\",\n header_parameters={\n \"example-header\": \"example-value\",\n \"second-example-header\": \"second-example-value\",\n },\n query_string_parameters={\n \"example-query-string\": \"example-value\",\n \"second-example-query-string\": \"second-example-value\",\n },\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Pipes.Pipe(\"example\", new()\n {\n Name = \"example-pipe\",\n RoleArn = exampleAwsIamRole.Arn,\n Source = source.Arn,\n Target = target.Arn,\n Enrichment = exampleAwsCloudwatchEventApiDestination.Arn,\n EnrichmentParameters = new Aws.Pipes.Inputs.PipeEnrichmentParametersArgs\n {\n HttpParameters = new Aws.Pipes.Inputs.PipeEnrichmentParametersHttpParametersArgs\n {\n PathParameterValues = \"example-path-param\",\n HeaderParameters = \n {\n { \"example-header\", \"example-value\" },\n { \"second-example-header\", \"second-example-value\" },\n },\n QueryStringParameters = \n {\n { \"example-query-string\", \"example-value\" },\n { \"second-example-query-string\", \"second-example-value\" },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pipes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pipes.NewPipe(ctx, \"example\", \u0026pipes.PipeArgs{\n\t\t\tName: pulumi.String(\"example-pipe\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSource: pulumi.Any(source.Arn),\n\t\t\tTarget: pulumi.Any(target.Arn),\n\t\t\tEnrichment: pulumi.Any(exampleAwsCloudwatchEventApiDestination.Arn),\n\t\t\tEnrichmentParameters: \u0026pipes.PipeEnrichmentParametersArgs{\n\t\t\t\tHttpParameters: \u0026pipes.PipeEnrichmentParametersHttpParametersArgs{\n\t\t\t\t\tPathParameterValues: pulumi.String(\"example-path-param\"),\n\t\t\t\t\tHeaderParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"example-header\": pulumi.String(\"example-value\"),\n\t\t\t\t\t\t\"second-example-header\": pulumi.String(\"second-example-value\"),\n\t\t\t\t\t},\n\t\t\t\t\tQueryStringParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"example-query-string\": pulumi.String(\"example-value\"),\n\t\t\t\t\t\t\"second-example-query-string\": pulumi.String(\"second-example-value\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport com.pulumi.aws.pipes.inputs.PipeEnrichmentParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeEnrichmentParametersHttpParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipe(\"example\", PipeArgs.builder() \n .name(\"example-pipe\")\n .roleArn(exampleAwsIamRole.arn())\n .source(source.arn())\n .target(target.arn())\n .enrichment(exampleAwsCloudwatchEventApiDestination.arn())\n .enrichmentParameters(PipeEnrichmentParametersArgs.builder()\n .httpParameters(PipeEnrichmentParametersHttpParametersArgs.builder()\n .pathParameterValues(\"example-path-param\")\n .headerParameters(Map.ofEntries(\n Map.entry(\"example-header\", \"example-value\"),\n Map.entry(\"second-example-header\", \"second-example-value\")\n ))\n .queryStringParameters(Map.ofEntries(\n Map.entry(\"example-query-string\", \"example-value\"),\n Map.entry(\"second-example-query-string\", \"second-example-value\")\n ))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:pipes:Pipe\n properties:\n name: example-pipe\n roleArn: ${exampleAwsIamRole.arn}\n source: ${source.arn}\n target: ${target.arn}\n enrichment: ${exampleAwsCloudwatchEventApiDestination.arn}\n enrichmentParameters:\n httpParameters:\n pathParameterValues: example-path-param\n headerParameters:\n example-header: example-value\n second-example-header: second-example-value\n queryStringParameters:\n example-query-string: example-value\n second-example-query-string: second-example-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.pipes.Pipe(\"example\", {\n name: \"example-pipe\",\n roleArn: exampleAwsIamRole.arn,\n source: source.arn,\n target: target.arn,\n sourceParameters: {\n filterCriteria: {\n filters: [{\n pattern: JSON.stringify({\n source: [\"event-source\"],\n }),\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.pipes.Pipe(\"example\",\n name=\"example-pipe\",\n role_arn=example_aws_iam_role[\"arn\"],\n source=source[\"arn\"],\n target=target[\"arn\"],\n source_parameters=aws.pipes.PipeSourceParametersArgs(\n filter_criteria=aws.pipes.PipeSourceParametersFilterCriteriaArgs(\n filters=[aws.pipes.PipeSourceParametersFilterCriteriaFilterArgs(\n pattern=json.dumps({\n \"source\": [\"event-source\"],\n }),\n )],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Pipes.Pipe(\"example\", new()\n {\n Name = \"example-pipe\",\n RoleArn = exampleAwsIamRole.Arn,\n Source = source.Arn,\n Target = target.Arn,\n SourceParameters = new Aws.Pipes.Inputs.PipeSourceParametersArgs\n {\n FilterCriteria = new Aws.Pipes.Inputs.PipeSourceParametersFilterCriteriaArgs\n {\n Filters = new[]\n {\n new Aws.Pipes.Inputs.PipeSourceParametersFilterCriteriaFilterArgs\n {\n Pattern = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"source\"] = new[]\n {\n \"event-source\",\n },\n }),\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pipes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"source\": []string{\n\t\t\t\t\"event-source\",\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = pipes.NewPipe(ctx, \"example\", \u0026pipes.PipeArgs{\n\t\t\tName: pulumi.String(\"example-pipe\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSource: pulumi.Any(source.Arn),\n\t\t\tTarget: pulumi.Any(target.Arn),\n\t\t\tSourceParameters: \u0026pipes.PipeSourceParametersArgs{\n\t\t\t\tFilterCriteria: \u0026pipes.PipeSourceParametersFilterCriteriaArgs{\n\t\t\t\t\tFilters: pipes.PipeSourceParametersFilterCriteriaFilterArray{\n\t\t\t\t\t\t\u0026pipes.PipeSourceParametersFilterCriteriaFilterArgs{\n\t\t\t\t\t\t\tPattern: pulumi.String(json0),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersFilterCriteriaArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipe(\"example\", PipeArgs.builder() \n .name(\"example-pipe\")\n .roleArn(exampleAwsIamRole.arn())\n .source(source.arn())\n .target(target.arn())\n .sourceParameters(PipeSourceParametersArgs.builder()\n .filterCriteria(PipeSourceParametersFilterCriteriaArgs.builder()\n .filters(PipeSourceParametersFilterCriteriaFilterArgs.builder()\n .pattern(serializeJson(\n jsonObject(\n jsonProperty(\"source\", jsonArray(\"event-source\"))\n )))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:pipes:Pipe\n properties:\n name: example-pipe\n roleArn: ${exampleAwsIamRole.arn}\n source: ${source.arn}\n target: ${target.arn}\n sourceParameters:\n filterCriteria:\n filters:\n - pattern:\n fn::toJSON:\n source:\n - event-source\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SQS Source and Target Configuration Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersSqsQueueParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeTargetParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipe(\"example\", PipeArgs.builder() \n .name(\"example-pipe\")\n .roleArn(exampleAwsIamRole.arn())\n .source(source.arn())\n .target(target.arn())\n .sourceParameters(PipeSourceParametersArgs.builder()\n .sqsQueueParameters(PipeSourceParametersSqsQueueParametersArgs.builder()\n .batchSize(1)\n .maximumBatchingWindowInSeconds(2)\n .build())\n .build())\n .targetParameters(PipeTargetParametersArgs.builder()\n .sqsQueue(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:pipes:Pipe\n properties:\n name: example-pipe\n roleArn: ${exampleAwsIamRole.arn}\n source: ${source.arn}\n target: ${target.arn}\n sourceParameters:\n sqsQueueParameters:\n batchSize: 1\n maximumBatchingWindowInSeconds: 2\n targetParameters:\n sqsQueue:\n - messageDeduplicationId: example-dedupe\n messageGroupId: example-group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import pipes using the `name`. For example:\n\n```sh\n$ pulumi import aws:pipes/pipe:Pipe example my-pipe\n```\n", + "description": "Resource for managing an AWS EventBridge Pipes Pipe.\n\nYou can find out more about EventBridge Pipes in the [User Guide](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html).\n\nEventBridge Pipes are very configurable, and may require IAM permissions to work correctly. More information on the configuration options and IAM permissions can be found in the [User Guide](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html).\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst main = aws.getCallerIdentity({});\nconst example = new aws.iam.Role(\"example\", {assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: {\n Effect: \"Allow\",\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"pipes.amazonaws.com\",\n },\n Condition: {\n StringEquals: {\n \"aws:SourceAccount\": main.then(main =\u003e main.accountId),\n },\n },\n },\n})});\nconst sourceQueue = new aws.sqs.Queue(\"source\", {});\nconst source = new aws.iam.RolePolicy(\"source\", {\n role: example.id,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: [\n \"sqs:DeleteMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:ReceiveMessage\",\n ],\n Resource: [sourceQueue.arn],\n }],\n }),\n});\nconst targetQueue = new aws.sqs.Queue(\"target\", {});\nconst target = new aws.iam.RolePolicy(\"target\", {\n role: example.id,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: [\"sqs:SendMessage\"],\n Resource: [targetQueue.arn],\n }],\n }),\n});\nconst examplePipe = new aws.pipes.Pipe(\"example\", {\n name: \"example-pipe\",\n roleArn: example.arn,\n source: sourceQueue.arn,\n target: targetQueue.arn,\n}, {\n dependsOn: [\n source,\n target,\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nmain = aws.get_caller_identity()\nexample = aws.iam.Role(\"example\", assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": {\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"pipes.amazonaws.com\",\n },\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": main.account_id,\n },\n },\n },\n}))\nsource_queue = aws.sqs.Queue(\"source\")\nsource = aws.iam.RolePolicy(\"source\",\n role=example.id,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"sqs:DeleteMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:ReceiveMessage\",\n ],\n \"Resource\": [source_queue.arn],\n }],\n }))\ntarget_queue = aws.sqs.Queue(\"target\")\ntarget = aws.iam.RolePolicy(\"target\",\n role=example.id,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": [\"sqs:SendMessage\"],\n \"Resource\": [target_queue.arn],\n }],\n }))\nexample_pipe = aws.pipes.Pipe(\"example\",\n name=\"example-pipe\",\n role_arn=example.arn,\n source=source_queue.arn,\n target=target_queue.arn,\n opts=pulumi.ResourceOptions(depends_on=[\n source,\n target,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var main = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Iam.Role(\"example\", new()\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"pipes.amazonaws.com\",\n },\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceAccount\"] = main.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n },\n },\n }),\n });\n\n var sourceQueue = new Aws.Sqs.Queue(\"source\");\n\n var source = new Aws.Iam.RolePolicy(\"source\", new()\n {\n Role = example.Id,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = new[]\n {\n \"sqs:DeleteMessage\",\n \"sqs:GetQueueAttributes\",\n \"sqs:ReceiveMessage\",\n },\n [\"Resource\"] = new[]\n {\n sourceQueue.Arn,\n },\n },\n },\n })),\n });\n\n var targetQueue = new Aws.Sqs.Queue(\"target\");\n\n var target = new Aws.Iam.RolePolicy(\"target\", new()\n {\n Role = example.Id,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = new[]\n {\n \"sqs:SendMessage\",\n },\n [\"Resource\"] = new[]\n {\n targetQueue.Arn,\n },\n },\n },\n })),\n });\n\n var examplePipe = new Aws.Pipes.Pipe(\"example\", new()\n {\n Name = \"example-pipe\",\n RoleArn = example.Arn,\n Source = sourceQueue.Arn,\n Target = targetQueue.Arn,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n source, \n target, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pipes\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmain, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": map[string]interface{}{\n\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\"Service\": \"pipes.amazonaws.com\",\n\t\t\t\t},\n\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\"StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\"aws:SourceAccount\": main.AccountId,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsourceQueue, err := sqs.NewQueue(ctx, \"source\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsource, err := iam.NewRolePolicy(ctx, \"source\", \u0026iam.RolePolicyArgs{\n\t\t\tRole: example.ID(),\n\t\t\tPolicy: sourceQueue.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\"sqs:DeleteMessage\",\n\t\t\t\t\t\t\t\t\"sqs:GetQueueAttributes\",\n\t\t\t\t\t\t\t\t\"sqs:ReceiveMessage\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\tarn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn pulumi.String(json1), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttargetQueue, err := sqs.NewQueue(ctx, \"target\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttarget, err := iam.NewRolePolicy(ctx, \"target\", \u0026iam.RolePolicyArgs{\n\t\t\tRole: example.ID(),\n\t\t\tPolicy: targetQueue.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON2, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\"sqs:SendMessage\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\tarn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson2 := string(tmpJSON2)\n\t\t\t\treturn pulumi.String(json2), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pipes.NewPipe(ctx, \"example\", \u0026pipes.PipeArgs{\n\t\t\tName: pulumi.String(\"example-pipe\"),\n\t\t\tRoleArn: example.Arn,\n\t\t\tSource: sourceQueue.Arn,\n\t\t\tTarget: targetQueue.Arn,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsource,\n\t\t\ttarget,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var main = AwsFunctions.getCallerIdentity();\n\n var example = new Role(\"example\", RoleArgs.builder() \n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"pipes.amazonaws.com\")\n )),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"StringEquals\", jsonObject(\n jsonProperty(\"aws:SourceAccount\", main.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n ))\n ))\n ))\n )))\n .build());\n\n var sourceQueue = new Queue(\"sourceQueue\");\n\n var source = new RolePolicy(\"source\", RolePolicyArgs.builder() \n .role(example.id())\n .policy(sourceQueue.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", jsonArray(\n \"sqs:DeleteMessage\", \n \"sqs:GetQueueAttributes\", \n \"sqs:ReceiveMessage\"\n )),\n jsonProperty(\"Resource\", jsonArray(arn))\n )))\n ))))\n .build());\n\n var targetQueue = new Queue(\"targetQueue\");\n\n var target = new RolePolicy(\"target\", RolePolicyArgs.builder() \n .role(example.id())\n .policy(targetQueue.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", jsonArray(\"sqs:SendMessage\")),\n jsonProperty(\"Resource\", jsonArray(arn))\n )))\n ))))\n .build());\n\n var examplePipe = new Pipe(\"examplePipe\", PipeArgs.builder() \n .name(\"example-pipe\")\n .roleArn(example.arn())\n .source(sourceQueue.arn())\n .target(targetQueue.arn())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n source,\n target)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n Effect: Allow\n Action: sts:AssumeRole\n Principal:\n Service: pipes.amazonaws.com\n Condition:\n StringEquals:\n aws:SourceAccount: ${main.accountId}\n source:\n type: aws:iam:RolePolicy\n properties:\n role: ${example.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action:\n - sqs:DeleteMessage\n - sqs:GetQueueAttributes\n - sqs:ReceiveMessage\n Resource:\n - ${sourceQueue.arn}\n sourceQueue:\n type: aws:sqs:Queue\n name: source\n target:\n type: aws:iam:RolePolicy\n properties:\n role: ${example.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action:\n - sqs:SendMessage\n Resource:\n - ${targetQueue.arn}\n targetQueue:\n type: aws:sqs:Queue\n name: target\n examplePipe:\n type: aws:pipes:Pipe\n name: example\n properties:\n name: example-pipe\n roleArn: ${example.arn}\n source: ${sourceQueue.arn}\n target: ${targetQueue.arn}\n options:\n dependson:\n - ${source}\n - ${target}\nvariables:\n main:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Enrichment Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.pipes.Pipe(\"example\", {\n name: \"example-pipe\",\n roleArn: exampleAwsIamRole.arn,\n source: source.arn,\n target: target.arn,\n enrichment: exampleAwsCloudwatchEventApiDestination.arn,\n enrichmentParameters: {\n httpParameters: {\n pathParameterValues: \"example-path-param\",\n headerParameters: {\n \"example-header\": \"example-value\",\n \"second-example-header\": \"second-example-value\",\n },\n queryStringParameters: {\n \"example-query-string\": \"example-value\",\n \"second-example-query-string\": \"second-example-value\",\n },\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.pipes.Pipe(\"example\",\n name=\"example-pipe\",\n role_arn=example_aws_iam_role[\"arn\"],\n source=source[\"arn\"],\n target=target[\"arn\"],\n enrichment=example_aws_cloudwatch_event_api_destination[\"arn\"],\n enrichment_parameters=aws.pipes.PipeEnrichmentParametersArgs(\n http_parameters=aws.pipes.PipeEnrichmentParametersHttpParametersArgs(\n path_parameter_values=\"example-path-param\",\n header_parameters={\n \"example-header\": \"example-value\",\n \"second-example-header\": \"second-example-value\",\n },\n query_string_parameters={\n \"example-query-string\": \"example-value\",\n \"second-example-query-string\": \"second-example-value\",\n },\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Pipes.Pipe(\"example\", new()\n {\n Name = \"example-pipe\",\n RoleArn = exampleAwsIamRole.Arn,\n Source = source.Arn,\n Target = target.Arn,\n Enrichment = exampleAwsCloudwatchEventApiDestination.Arn,\n EnrichmentParameters = new Aws.Pipes.Inputs.PipeEnrichmentParametersArgs\n {\n HttpParameters = new Aws.Pipes.Inputs.PipeEnrichmentParametersHttpParametersArgs\n {\n PathParameterValues = \"example-path-param\",\n HeaderParameters = \n {\n { \"example-header\", \"example-value\" },\n { \"second-example-header\", \"second-example-value\" },\n },\n QueryStringParameters = \n {\n { \"example-query-string\", \"example-value\" },\n { \"second-example-query-string\", \"second-example-value\" },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pipes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := pipes.NewPipe(ctx, \"example\", \u0026pipes.PipeArgs{\n\t\t\tName: pulumi.String(\"example-pipe\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSource: pulumi.Any(source.Arn),\n\t\t\tTarget: pulumi.Any(target.Arn),\n\t\t\tEnrichment: pulumi.Any(exampleAwsCloudwatchEventApiDestination.Arn),\n\t\t\tEnrichmentParameters: \u0026pipes.PipeEnrichmentParametersArgs{\n\t\t\t\tHttpParameters: \u0026pipes.PipeEnrichmentParametersHttpParametersArgs{\n\t\t\t\t\tPathParameterValues: pulumi.String(\"example-path-param\"),\n\t\t\t\t\tHeaderParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"example-header\": pulumi.String(\"example-value\"),\n\t\t\t\t\t\t\"second-example-header\": pulumi.String(\"second-example-value\"),\n\t\t\t\t\t},\n\t\t\t\t\tQueryStringParameters: pulumi.StringMap{\n\t\t\t\t\t\t\"example-query-string\": pulumi.String(\"example-value\"),\n\t\t\t\t\t\t\"second-example-query-string\": pulumi.String(\"second-example-value\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport com.pulumi.aws.pipes.inputs.PipeEnrichmentParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeEnrichmentParametersHttpParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipe(\"example\", PipeArgs.builder() \n .name(\"example-pipe\")\n .roleArn(exampleAwsIamRole.arn())\n .source(source.arn())\n .target(target.arn())\n .enrichment(exampleAwsCloudwatchEventApiDestination.arn())\n .enrichmentParameters(PipeEnrichmentParametersArgs.builder()\n .httpParameters(PipeEnrichmentParametersHttpParametersArgs.builder()\n .pathParameterValues(\"example-path-param\")\n .headerParameters(Map.ofEntries(\n Map.entry(\"example-header\", \"example-value\"),\n Map.entry(\"second-example-header\", \"second-example-value\")\n ))\n .queryStringParameters(Map.ofEntries(\n Map.entry(\"example-query-string\", \"example-value\"),\n Map.entry(\"second-example-query-string\", \"second-example-value\")\n ))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:pipes:Pipe\n properties:\n name: example-pipe\n roleArn: ${exampleAwsIamRole.arn}\n source: ${source.arn}\n target: ${target.arn}\n enrichment: ${exampleAwsCloudwatchEventApiDestination.arn}\n enrichmentParameters:\n httpParameters:\n pathParameterValues: example-path-param\n headerParameters:\n example-header: example-value\n second-example-header: second-example-value\n queryStringParameters:\n example-query-string: example-value\n second-example-query-string: second-example-value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.pipes.Pipe(\"example\", {\n name: \"example-pipe\",\n roleArn: exampleAwsIamRole.arn,\n source: source.arn,\n target: target.arn,\n sourceParameters: {\n filterCriteria: {\n filters: [{\n pattern: JSON.stringify({\n source: [\"event-source\"],\n }),\n }],\n },\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.pipes.Pipe(\"example\",\n name=\"example-pipe\",\n role_arn=example_aws_iam_role[\"arn\"],\n source=source[\"arn\"],\n target=target[\"arn\"],\n source_parameters=aws.pipes.PipeSourceParametersArgs(\n filter_criteria=aws.pipes.PipeSourceParametersFilterCriteriaArgs(\n filters=[aws.pipes.PipeSourceParametersFilterCriteriaFilterArgs(\n pattern=json.dumps({\n \"source\": [\"event-source\"],\n }),\n )],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Pipes.Pipe(\"example\", new()\n {\n Name = \"example-pipe\",\n RoleArn = exampleAwsIamRole.Arn,\n Source = source.Arn,\n Target = target.Arn,\n SourceParameters = new Aws.Pipes.Inputs.PipeSourceParametersArgs\n {\n FilterCriteria = new Aws.Pipes.Inputs.PipeSourceParametersFilterCriteriaArgs\n {\n Filters = new[]\n {\n new Aws.Pipes.Inputs.PipeSourceParametersFilterCriteriaFilterArgs\n {\n Pattern = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"source\"] = new[]\n {\n \"event-source\",\n },\n }),\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/pipes\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"source\": []string{\n\t\t\t\t\"event-source\",\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = pipes.NewPipe(ctx, \"example\", \u0026pipes.PipeArgs{\n\t\t\tName: pulumi.String(\"example-pipe\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tSource: pulumi.Any(source.Arn),\n\t\t\tTarget: pulumi.Any(target.Arn),\n\t\t\tSourceParameters: \u0026pipes.PipeSourceParametersArgs{\n\t\t\t\tFilterCriteria: \u0026pipes.PipeSourceParametersFilterCriteriaArgs{\n\t\t\t\t\tFilters: pipes.PipeSourceParametersFilterCriteriaFilterArray{\n\t\t\t\t\t\t\u0026pipes.PipeSourceParametersFilterCriteriaFilterArgs{\n\t\t\t\t\t\t\tPattern: pulumi.String(json0),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersFilterCriteriaArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipe(\"example\", PipeArgs.builder() \n .name(\"example-pipe\")\n .roleArn(exampleAwsIamRole.arn())\n .source(source.arn())\n .target(target.arn())\n .sourceParameters(PipeSourceParametersArgs.builder()\n .filterCriteria(PipeSourceParametersFilterCriteriaArgs.builder()\n .filters(PipeSourceParametersFilterCriteriaFilterArgs.builder()\n .pattern(serializeJson(\n jsonObject(\n jsonProperty(\"source\", jsonArray(\"event-source\"))\n )))\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:pipes:Pipe\n properties:\n name: example-pipe\n roleArn: ${exampleAwsIamRole.arn}\n source: ${source.arn}\n target: ${target.arn}\n sourceParameters:\n filterCriteria:\n filters:\n - pattern:\n fn::toJSON:\n source:\n - event-source\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### SQS Source and Target Configuration Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.pipes.Pipe;\nimport com.pulumi.aws.pipes.PipeArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeSourceParametersSqsQueueParametersArgs;\nimport com.pulumi.aws.pipes.inputs.PipeTargetParametersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipe(\"example\", PipeArgs.builder() \n .name(\"example-pipe\")\n .roleArn(exampleAwsIamRole.arn())\n .source(source.arn())\n .target(target.arn())\n .sourceParameters(PipeSourceParametersArgs.builder()\n .sqsQueueParameters(PipeSourceParametersSqsQueueParametersArgs.builder()\n .batchSize(1)\n .maximumBatchingWindowInSeconds(2)\n .build())\n .build())\n .targetParameters(PipeTargetParametersArgs.builder()\n .sqsQueue(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:pipes:Pipe\n properties:\n name: example-pipe\n roleArn: ${exampleAwsIamRole.arn}\n source: ${source.arn}\n target: ${target.arn}\n sourceParameters:\n sqsQueueParameters:\n batchSize: 1\n maximumBatchingWindowInSeconds: 2\n targetParameters:\n sqsQueue:\n - messageDeduplicationId: example-dedupe\n messageGroupId: example-group\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import pipes using the `name`. For example:\n\n```sh\n$ pulumi import aws:pipes/pipe:Pipe example my-pipe\n```\n", "properties": { "arn": { "type": "string", @@ -300560,7 +300560,7 @@ } }, "aws:quicksight/vpcConnection:VpcConnection": { - "description": "Resource for managing an AWS QuickSight VPC Connection.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpcConnectionRole = new aws.iam.Role(\"vpc_connection_role\", {\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"sts:AssumeRole\",\n principal: {\n service: \"quicksight.amazonaws.com\",\n },\n }],\n }),\n inlinePolicies: [{\n name: \"QuickSightVPCConnectionRolePolicy\",\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n action: [\n \"ec2:CreateNetworkInterface\",\n \"ec2:ModifyNetworkInterfaceAttribute\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n ],\n resource: [\"*\"],\n }],\n }),\n }],\n});\nconst example = new aws.quicksight.VpcConnection(\"example\", {\n vpcConnectionId: \"example-connection-id\",\n name: \"Example Connection\",\n roleArn: vpcConnectionRole.arn,\n securityGroupIds: [\"sg-00000000000000000\"],\n subnetIds: [\n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\",\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nvpc_connection_role = aws.iam.Role(\"vpc_connection_role\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"sts:AssumeRole\",\n \"principal\": {\n \"service\": \"quicksight.amazonaws.com\",\n },\n }],\n }),\n inline_policies=[aws.iam.RoleInlinePolicyArgs(\n name=\"QuickSightVPCConnectionRolePolicy\",\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": [\n \"ec2:CreateNetworkInterface\",\n \"ec2:ModifyNetworkInterfaceAttribute\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n ],\n \"resource\": [\"*\"],\n }],\n }),\n )])\nexample = aws.quicksight.VpcConnection(\"example\",\n vpc_connection_id=\"example-connection-id\",\n name=\"Example Connection\",\n role_arn=vpc_connection_role.arn,\n security_group_ids=[\"sg-00000000000000000\"],\n subnet_ids=[\n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var vpcConnectionRole = new Aws.Iam.Role(\"vpc_connection_role\", new()\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"sts:AssumeRole\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"quicksight.amazonaws.com\",\n },\n },\n },\n }),\n InlinePolicies = new[]\n {\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"QuickSightVPCConnectionRolePolicy\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = new[]\n {\n \"ec2:CreateNetworkInterface\",\n \"ec2:ModifyNetworkInterfaceAttribute\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n },\n [\"resource\"] = new[]\n {\n \"*\",\n },\n },\n },\n }),\n },\n },\n });\n\n var example = new Aws.Quicksight.VpcConnection(\"example\", new()\n {\n VpcConnectionId = \"example-connection-id\",\n Name = \"Example Connection\",\n RoleArn = vpcConnectionRole.Arn,\n SecurityGroupIds = new[]\n {\n \"sg-00000000000000000\",\n },\n SubnetIds = new[]\n {\n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"quicksight.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"ec2:CreateNetworkInterface\",\n\t\t\t\t\t\t\"ec2:ModifyNetworkInterfaceAttribute\",\n\t\t\t\t\t\t\"ec2:DeleteNetworkInterface\",\n\t\t\t\t\t\t\"ec2:DescribeSubnets\",\n\t\t\t\t\t\t\"ec2:DescribeSecurityGroups\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\tvpcConnectionRole, err := iam.NewRole(ctx, \"vpc_connection_role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"QuickSightVPCConnectionRolePolicy\"),\n\t\t\t\t\tPolicy: pulumi.String(json1),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = quicksight.NewVpcConnection(ctx, \"example\", \u0026quicksight.VpcConnectionArgs{\n\t\t\tVpcConnectionId: pulumi.String(\"example-connection-id\"),\n\t\t\tName: pulumi.String(\"Example Connection\"),\n\t\t\tRoleArn: vpcConnectionRole.Arn,\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sg-00000000000000000\"),\n\t\t\t},\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-00000000000000000\"),\n\t\t\t\tpulumi.String(\"subnet-00000000000000001\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport com.pulumi.aws.quicksight.VpcConnection;\nimport com.pulumi.aws.quicksight.VpcConnectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var vpcConnectionRole = new Role(\"vpcConnectionRole\", RoleArgs.builder() \n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"quicksight.amazonaws.com\")\n ))\n )))\n )))\n .inlinePolicies(RoleInlinePolicyArgs.builder()\n .name(\"QuickSightVPCConnectionRolePolicy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"action\", jsonArray(\n \"ec2:CreateNetworkInterface\", \n \"ec2:ModifyNetworkInterfaceAttribute\", \n \"ec2:DeleteNetworkInterface\", \n \"ec2:DescribeSubnets\", \n \"ec2:DescribeSecurityGroups\"\n )),\n jsonProperty(\"resource\", jsonArray(\"*\"))\n )))\n )))\n .build())\n .build());\n\n var example = new VpcConnection(\"example\", VpcConnectionArgs.builder() \n .vpcConnectionId(\"example-connection-id\")\n .name(\"Example Connection\")\n .roleArn(vpcConnectionRole.arn())\n .securityGroupIds(\"sg-00000000000000000\")\n .subnetIds( \n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n vpcConnectionRole:\n type: aws:iam:Role\n name: vpc_connection_role\n properties:\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - effect: Allow\n action: sts:AssumeRole\n principal:\n service: quicksight.amazonaws.com\n inlinePolicies:\n - name: QuickSightVPCConnectionRolePolicy\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - effect: Allow\n action:\n - ec2:CreateNetworkInterface\n - ec2:ModifyNetworkInterfaceAttribute\n - ec2:DeleteNetworkInterface\n - ec2:DescribeSubnets\n - ec2:DescribeSecurityGroups\n resource:\n - '*'\n example:\n type: aws:quicksight:VpcConnection\n properties:\n vpcConnectionId: example-connection-id\n name: Example Connection\n roleArn: ${vpcConnectionRole.arn}\n securityGroupIds:\n - sg-00000000000000000\n subnetIds:\n - subnet-00000000000000000\n - subnet-00000000000000001\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QuickSight VPC connection using the AWS account ID and VPC connection ID separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/vpcConnection:VpcConnection example 123456789012,example\n```\n", + "description": "Resource for managing an AWS QuickSight VPC Connection.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst vpcConnectionRole = new aws.iam.Role(\"vpc_connection_role\", {\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: \"sts:AssumeRole\",\n Principal: {\n Service: \"quicksight.amazonaws.com\",\n },\n }],\n }),\n inlinePolicies: [{\n name: \"QuickSightVPCConnectionRolePolicy\",\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: [\n \"ec2:CreateNetworkInterface\",\n \"ec2:ModifyNetworkInterfaceAttribute\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n ],\n Resource: [\"*\"],\n }],\n }),\n }],\n});\nconst example = new aws.quicksight.VpcConnection(\"example\", {\n vpcConnectionId: \"example-connection-id\",\n name: \"Example Connection\",\n roleArn: vpcConnectionRole.arn,\n securityGroupIds: [\"sg-00000000000000000\"],\n subnetIds: [\n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\",\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nvpc_connection_role = aws.iam.Role(\"vpc_connection_role\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"quicksight.amazonaws.com\",\n },\n }],\n }),\n inline_policies=[aws.iam.RoleInlinePolicyArgs(\n name=\"QuickSightVPCConnectionRolePolicy\",\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:CreateNetworkInterface\",\n \"ec2:ModifyNetworkInterfaceAttribute\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n ],\n \"Resource\": [\"*\"],\n }],\n }),\n )])\nexample = aws.quicksight.VpcConnection(\"example\",\n vpc_connection_id=\"example-connection-id\",\n name=\"Example Connection\",\n role_arn=vpc_connection_role.arn,\n security_group_ids=[\"sg-00000000000000000\"],\n subnet_ids=[\n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var vpcConnectionRole = new Aws.Iam.Role(\"vpc_connection_role\", new()\n {\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"quicksight.amazonaws.com\",\n },\n },\n },\n }),\n InlinePolicies = new[]\n {\n new Aws.Iam.Inputs.RoleInlinePolicyArgs\n {\n Name = \"QuickSightVPCConnectionRolePolicy\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = new[]\n {\n \"ec2:CreateNetworkInterface\",\n \"ec2:ModifyNetworkInterfaceAttribute\",\n \"ec2:DeleteNetworkInterface\",\n \"ec2:DescribeSubnets\",\n \"ec2:DescribeSecurityGroups\",\n },\n [\"Resource\"] = new[]\n {\n \"*\",\n },\n },\n },\n }),\n },\n },\n });\n\n var example = new Aws.Quicksight.VpcConnection(\"example\", new()\n {\n VpcConnectionId = \"example-connection-id\",\n Name = \"Example Connection\",\n RoleArn = vpcConnectionRole.Arn,\n SecurityGroupIds = new[]\n {\n \"sg-00000000000000000\",\n },\n SubnetIds = new[]\n {\n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/quicksight\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"quicksight.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"ec2:CreateNetworkInterface\",\n\t\t\t\t\t\t\"ec2:ModifyNetworkInterfaceAttribute\",\n\t\t\t\t\t\t\"ec2:DeleteNetworkInterface\",\n\t\t\t\t\t\t\"ec2:DescribeSubnets\",\n\t\t\t\t\t\t\"ec2:DescribeSecurityGroups\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson1 := string(tmpJSON1)\n\t\tvpcConnectionRole, err := iam.NewRole(ctx, \"vpc_connection_role\", \u0026iam.RoleArgs{\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t\tInlinePolicies: iam.RoleInlinePolicyArray{\n\t\t\t\t\u0026iam.RoleInlinePolicyArgs{\n\t\t\t\t\tName: pulumi.String(\"QuickSightVPCConnectionRolePolicy\"),\n\t\t\t\t\tPolicy: pulumi.String(json1),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = quicksight.NewVpcConnection(ctx, \"example\", \u0026quicksight.VpcConnectionArgs{\n\t\t\tVpcConnectionId: pulumi.String(\"example-connection-id\"),\n\t\t\tName: pulumi.String(\"Example Connection\"),\n\t\t\tRoleArn: vpcConnectionRole.Arn,\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"sg-00000000000000000\"),\n\t\t\t},\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"subnet-00000000000000000\"),\n\t\t\t\tpulumi.String(\"subnet-00000000000000001\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.inputs.RoleInlinePolicyArgs;\nimport com.pulumi.aws.quicksight.VpcConnection;\nimport com.pulumi.aws.quicksight.VpcConnectionArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var vpcConnectionRole = new Role(\"vpcConnectionRole\", RoleArgs.builder() \n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"quicksight.amazonaws.com\")\n ))\n )))\n )))\n .inlinePolicies(RoleInlinePolicyArgs.builder()\n .name(\"QuickSightVPCConnectionRolePolicy\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", jsonArray(\n \"ec2:CreateNetworkInterface\", \n \"ec2:ModifyNetworkInterfaceAttribute\", \n \"ec2:DeleteNetworkInterface\", \n \"ec2:DescribeSubnets\", \n \"ec2:DescribeSecurityGroups\"\n )),\n jsonProperty(\"Resource\", jsonArray(\"*\"))\n )))\n )))\n .build())\n .build());\n\n var example = new VpcConnection(\"example\", VpcConnectionArgs.builder() \n .vpcConnectionId(\"example-connection-id\")\n .name(\"Example Connection\")\n .roleArn(vpcConnectionRole.arn())\n .securityGroupIds(\"sg-00000000000000000\")\n .subnetIds( \n \"subnet-00000000000000000\",\n \"subnet-00000000000000001\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n vpcConnectionRole:\n type: aws:iam:Role\n name: vpc_connection_role\n properties:\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action: sts:AssumeRole\n Principal:\n Service: quicksight.amazonaws.com\n inlinePolicies:\n - name: QuickSightVPCConnectionRolePolicy\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action:\n - ec2:CreateNetworkInterface\n - ec2:ModifyNetworkInterfaceAttribute\n - ec2:DeleteNetworkInterface\n - ec2:DescribeSubnets\n - ec2:DescribeSecurityGroups\n Resource:\n - '*'\n example:\n type: aws:quicksight:VpcConnection\n properties:\n vpcConnectionId: example-connection-id\n name: Example Connection\n roleArn: ${vpcConnectionRole.arn}\n securityGroupIds:\n - sg-00000000000000000\n subnetIds:\n - subnet-00000000000000000\n - subnet-00000000000000001\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import QuickSight VPC connection using the AWS account ID and VPC connection ID separated by commas (`,`). For example:\n\n```sh\n$ pulumi import aws:quicksight/vpcConnection:VpcConnection example 123456789012,example\n```\n", "properties": { "arn": { "type": "string", @@ -302124,7 +302124,7 @@ } }, "aws:rds/clusterActivityStream:ClusterActivityStream": { - "description": "Manages RDS Aurora Cluster Database Activity Streams.\n\nDatabase Activity Streams have some limits and requirements, refer to the [Monitoring Amazon Aurora using Database Activity Streams](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/DBActivityStreams.html) documentation for detailed limitations and requirements.\n\n\u003e **Note:** This resource always calls the RDS [`StartActivityStream`][2] API with the `ApplyImmediately` parameter set to `true`. This is because the provider needs the activity stream to be started in order for it to get the associated attributes.\n\n\u003e **Note:** This resource depends on having at least one `aws.rds.ClusterInstance` created. To avoid race conditions when all resources are being created together, add an explicit resource reference using the resource `depends_on` meta-argument.\n\n\u003e **Note:** This resource is available in all regions except the following: `cn-north-1`, `cn-northwest-1`, `us-gov-east-1`, `us-gov-west-1`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Cluster(\"default\", {\n clusterIdentifier: \"aurora-cluster-demo\",\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n databaseName: \"mydb\",\n masterUsername: \"foo\",\n masterPassword: \"mustbeeightcharaters\",\n engine: aws.rds.EngineType.AuroraPostgresql,\n engineVersion: \"13.4\",\n});\nconst defaultClusterInstance = new aws.rds.ClusterInstance(\"default\", {\n identifier: \"aurora-instance-demo\",\n clusterIdentifier: _default.clusterIdentifier,\n engine: _default.engine,\n instanceClass: aws.rds.InstanceType.R6G_Large,\n});\nconst defaultKey = new aws.kms.Key(\"default\", {description: \"AWS KMS Key to encrypt Database Activity Stream\"});\nconst defaultClusterActivityStream = new aws.rds.ClusterActivityStream(\"default\", {\n resourceArn: _default.arn,\n mode: \"async\",\n kmsKeyId: defaultKey.keyId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n cluster_identifier=\"aurora-cluster-demo\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n database_name=\"mydb\",\n master_username=\"foo\",\n master_password=\"mustbeeightcharaters\",\n engine=aws.rds.EngineType.AURORA_POSTGRESQL,\n engine_version=\"13.4\")\ndefault_cluster_instance = aws.rds.ClusterInstance(\"default\",\n identifier=\"aurora-instance-demo\",\n cluster_identifier=default.cluster_identifier,\n engine=default.engine,\n instance_class=aws.rds.InstanceType.R6_G_LARGE)\ndefault_key = aws.kms.Key(\"default\", description=\"AWS KMS Key to encrypt Database Activity Stream\")\ndefault_cluster_activity_stream = aws.rds.ClusterActivityStream(\"default\",\n resource_arn=default.arn,\n mode=\"async\",\n kms_key_id=default_key.key_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"aurora-cluster-demo\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n DatabaseName = \"mydb\",\n MasterUsername = \"foo\",\n MasterPassword = \"mustbeeightcharaters\",\n Engine = Aws.Rds.EngineType.AuroraPostgresql,\n EngineVersion = \"13.4\",\n });\n\n var defaultClusterInstance = new Aws.Rds.ClusterInstance(\"default\", new()\n {\n Identifier = \"aurora-instance-demo\",\n ClusterIdentifier = @default.ClusterIdentifier,\n Engine = @default.Engine,\n InstanceClass = Aws.Rds.InstanceType.R6G_Large,\n });\n\n var defaultKey = new Aws.Kms.Key(\"default\", new()\n {\n Description = \"AWS KMS Key to encrypt Database Activity Stream\",\n });\n\n var defaultClusterActivityStream = new Aws.Rds.ClusterActivityStream(\"default\", new()\n {\n ResourceArn = @default.Arn,\n Mode = \"async\",\n KmsKeyId = defaultKey.KeyId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCluster(ctx, \"default\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"mustbeeightcharaters\"),\n\t\t\tEngine: pulumi.String(rds.EngineTypeAuroraPostgresql),\n\t\t\tEngineVersion: pulumi.String(\"13.4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"default\", \u0026rds.ClusterInstanceArgs{\n\t\t\tIdentifier: pulumi.String(\"aurora-instance-demo\"),\n\t\t\tClusterIdentifier: _default.ClusterIdentifier,\n\t\t\tEngine: _default.Engine,\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R6G_Large),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultKey, err := kms.NewKey(ctx, \"default\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"AWS KMS Key to encrypt Database Activity Stream\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterActivityStream(ctx, \"default\", \u0026rds.ClusterActivityStreamArgs{\n\t\t\tResourceArn: _default.Arn,\n\t\t\tMode: pulumi.String(\"async\"),\n\t\t\tKmsKeyId: defaultKey.KeyId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.ClusterActivityStream;\nimport com.pulumi.aws.rds.ClusterActivityStreamArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder() \n .clusterIdentifier(\"aurora-cluster-demo\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .databaseName(\"mydb\")\n .masterUsername(\"foo\")\n .masterPassword(\"mustbeeightcharaters\")\n .engine(\"aurora-postgresql\")\n .engineVersion(\"13.4\")\n .build());\n\n var defaultClusterInstance = new ClusterInstance(\"defaultClusterInstance\", ClusterInstanceArgs.builder() \n .identifier(\"aurora-instance-demo\")\n .clusterIdentifier(default_.clusterIdentifier())\n .engine(default_.engine())\n .instanceClass(\"db.r6g.large\")\n .build());\n\n var defaultKey = new Key(\"defaultKey\", KeyArgs.builder() \n .description(\"AWS KMS Key to encrypt Database Activity Stream\")\n .build());\n\n var defaultClusterActivityStream = new ClusterActivityStream(\"defaultClusterActivityStream\", ClusterActivityStreamArgs.builder() \n .resourceArn(default_.arn())\n .mode(\"async\")\n .kmsKeyId(defaultKey.keyId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: aurora-cluster-demo\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n databaseName: mydb\n masterUsername: foo\n masterPassword: mustbeeightcharaters\n engine: aurora-postgresql\n engineVersion: '13.4'\n defaultClusterInstance:\n type: aws:rds:ClusterInstance\n name: default\n properties:\n identifier: aurora-instance-demo\n clusterIdentifier: ${default.clusterIdentifier}\n engine: ${default.engine}\n instanceClass: db.r6g.large\n defaultKey:\n type: aws:kms:Key\n name: default\n properties:\n description: AWS KMS Key to encrypt Database Activity Stream\n defaultClusterActivityStream:\n type: aws:rds:ClusterActivityStream\n name: default\n properties:\n resourceArn: ${default.arn}\n mode: async\n kmsKeyId: ${defaultKey.keyId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RDS Aurora Cluster Database Activity Streams using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:rds/clusterActivityStream:ClusterActivityStream default arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster-demo\n```\n", + "description": "Manages RDS Aurora Cluster Database Activity Streams.\n\nDatabase Activity Streams have some limits and requirements, refer to the [Monitoring Amazon Aurora using Database Activity Streams](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/DBActivityStreams.html) documentation for detailed limitations and requirements.\n\n\u003e **Note:** This resource always calls the RDS [`StartActivityStream`][2] API with the `ApplyImmediately` parameter set to `true`. This is because the provider needs the activity stream to be started in order for it to get the associated attributes.\n\n\u003e **Note:** This resource depends on having at least one `aws.rds.ClusterInstance` created. To avoid race conditions when all resources are being created together, add an explicit resource reference using the resource `depends_on` meta-argument.\n\n\u003e **Note:** This resource is available in all regions except the following: `cn-north-1`, `cn-northwest-1`, `us-gov-east-1`, `us-gov-west-1`\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst _default = new aws.rds.Cluster(\"default\", {\n clusterIdentifier: \"aurora-cluster-demo\",\n availabilityZones: [\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n databaseName: \"mydb\",\n masterUsername: \"foo\",\n masterPassword: \"mustbeeightcharaters\",\n engine: aws.rds.EngineType.AuroraPostgresql,\n engineVersion: \"13.4\",\n});\nconst defaultClusterInstance = new aws.rds.ClusterInstance(\"default\", {\n identifier: \"aurora-instance-demo\",\n clusterIdentifier: _default.clusterIdentifier,\n engine: _default.engine,\n instanceClass: aws.rds.InstanceType.R6G_Large,\n});\nconst defaultKey = new aws.kms.Key(\"default\", {description: \"AWS KMS Key to encrypt Database Activity Stream\"});\nconst defaultClusterActivityStream = new aws.rds.ClusterActivityStream(\"default\", {\n resourceArn: _default.arn,\n mode: \"async\",\n kmsKeyId: defaultKey.keyId,\n}, {\n dependsOn: [defaultClusterInstance],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndefault = aws.rds.Cluster(\"default\",\n cluster_identifier=\"aurora-cluster-demo\",\n availability_zones=[\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n ],\n database_name=\"mydb\",\n master_username=\"foo\",\n master_password=\"mustbeeightcharaters\",\n engine=aws.rds.EngineType.AURORA_POSTGRESQL,\n engine_version=\"13.4\")\ndefault_cluster_instance = aws.rds.ClusterInstance(\"default\",\n identifier=\"aurora-instance-demo\",\n cluster_identifier=default.cluster_identifier,\n engine=default.engine,\n instance_class=aws.rds.InstanceType.R6_G_LARGE)\ndefault_key = aws.kms.Key(\"default\", description=\"AWS KMS Key to encrypt Database Activity Stream\")\ndefault_cluster_activity_stream = aws.rds.ClusterActivityStream(\"default\",\n resource_arn=default.arn,\n mode=\"async\",\n kms_key_id=default_key.key_id,\n opts=pulumi.ResourceOptions(depends_on=[default_cluster_instance]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @default = new Aws.Rds.Cluster(\"default\", new()\n {\n ClusterIdentifier = \"aurora-cluster-demo\",\n AvailabilityZones = new[]\n {\n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\",\n },\n DatabaseName = \"mydb\",\n MasterUsername = \"foo\",\n MasterPassword = \"mustbeeightcharaters\",\n Engine = Aws.Rds.EngineType.AuroraPostgresql,\n EngineVersion = \"13.4\",\n });\n\n var defaultClusterInstance = new Aws.Rds.ClusterInstance(\"default\", new()\n {\n Identifier = \"aurora-instance-demo\",\n ClusterIdentifier = @default.ClusterIdentifier,\n Engine = @default.Engine,\n InstanceClass = Aws.Rds.InstanceType.R6G_Large,\n });\n\n var defaultKey = new Aws.Kms.Key(\"default\", new()\n {\n Description = \"AWS KMS Key to encrypt Database Activity Stream\",\n });\n\n var defaultClusterActivityStream = new Aws.Rds.ClusterActivityStream(\"default\", new()\n {\n ResourceArn = @default.Arn,\n Mode = \"async\",\n KmsKeyId = defaultKey.KeyId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n defaultClusterInstance, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewCluster(ctx, \"default\", \u0026rds.ClusterArgs{\n\t\t\tClusterIdentifier: pulumi.String(\"aurora-cluster-demo\"),\n\t\t\tAvailabilityZones: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"us-west-2a\"),\n\t\t\t\tpulumi.String(\"us-west-2b\"),\n\t\t\t\tpulumi.String(\"us-west-2c\"),\n\t\t\t},\n\t\t\tDatabaseName: pulumi.String(\"mydb\"),\n\t\t\tMasterUsername: pulumi.String(\"foo\"),\n\t\t\tMasterPassword: pulumi.String(\"mustbeeightcharaters\"),\n\t\t\tEngine: pulumi.String(rds.EngineTypeAuroraPostgresql),\n\t\t\tEngineVersion: pulumi.String(\"13.4\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultClusterInstance, err := rds.NewClusterInstance(ctx, \"default\", \u0026rds.ClusterInstanceArgs{\n\t\t\tIdentifier: pulumi.String(\"aurora-instance-demo\"),\n\t\t\tClusterIdentifier: _default.ClusterIdentifier,\n\t\t\tEngine: _default.Engine,\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R6G_Large),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultKey, err := kms.NewKey(ctx, \"default\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"AWS KMS Key to encrypt Database Activity Stream\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterActivityStream(ctx, \"default\", \u0026rds.ClusterActivityStreamArgs{\n\t\t\tResourceArn: _default.Arn,\n\t\t\tMode: pulumi.String(\"async\"),\n\t\t\tKmsKeyId: defaultKey.KeyId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tdefaultClusterInstance,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.ClusterActivityStream;\nimport com.pulumi.aws.rds.ClusterActivityStreamArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_ = new Cluster(\"default\", ClusterArgs.builder() \n .clusterIdentifier(\"aurora-cluster-demo\")\n .availabilityZones( \n \"us-west-2a\",\n \"us-west-2b\",\n \"us-west-2c\")\n .databaseName(\"mydb\")\n .masterUsername(\"foo\")\n .masterPassword(\"mustbeeightcharaters\")\n .engine(\"aurora-postgresql\")\n .engineVersion(\"13.4\")\n .build());\n\n var defaultClusterInstance = new ClusterInstance(\"defaultClusterInstance\", ClusterInstanceArgs.builder() \n .identifier(\"aurora-instance-demo\")\n .clusterIdentifier(default_.clusterIdentifier())\n .engine(default_.engine())\n .instanceClass(\"db.r6g.large\")\n .build());\n\n var defaultKey = new Key(\"defaultKey\", KeyArgs.builder() \n .description(\"AWS KMS Key to encrypt Database Activity Stream\")\n .build());\n\n var defaultClusterActivityStream = new ClusterActivityStream(\"defaultClusterActivityStream\", ClusterActivityStreamArgs.builder() \n .resourceArn(default_.arn())\n .mode(\"async\")\n .kmsKeyId(defaultKey.keyId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(defaultClusterInstance)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: aws:rds:Cluster\n properties:\n clusterIdentifier: aurora-cluster-demo\n availabilityZones:\n - us-west-2a\n - us-west-2b\n - us-west-2c\n databaseName: mydb\n masterUsername: foo\n masterPassword: mustbeeightcharaters\n engine: aurora-postgresql\n engineVersion: '13.4'\n defaultClusterInstance:\n type: aws:rds:ClusterInstance\n name: default\n properties:\n identifier: aurora-instance-demo\n clusterIdentifier: ${default.clusterIdentifier}\n engine: ${default.engine}\n instanceClass: db.r6g.large\n defaultKey:\n type: aws:kms:Key\n name: default\n properties:\n description: AWS KMS Key to encrypt Database Activity Stream\n defaultClusterActivityStream:\n type: aws:rds:ClusterActivityStream\n name: default\n properties:\n resourceArn: ${default.arn}\n mode: async\n kmsKeyId: ${defaultKey.keyId}\n options:\n dependson:\n - ${defaultClusterInstance}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import RDS Aurora Cluster Database Activity Streams using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:rds/clusterActivityStream:ClusterActivityStream default arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster-demo\n```\n", "properties": { "engineNativeAuditFieldsIncluded": { "type": "boolean", @@ -303707,7 +303707,7 @@ } }, "aws:rds/exportTask:ExportTask": { - "description": "Resource for managing an AWS RDS (Relational Database) Export Task.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.ExportTask(\"example\", {\n exportTaskIdentifier: \"example\",\n sourceArn: exampleAwsDbSnapshot.dbSnapshotArn,\n s3BucketName: exampleAwsS3Bucket.id,\n iamRoleArn: exampleAwsIamRole.arn,\n kmsKeyId: exampleAwsKmsKey.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.ExportTask(\"example\",\n export_task_identifier=\"example\",\n source_arn=example_aws_db_snapshot[\"dbSnapshotArn\"],\n s3_bucket_name=example_aws_s3_bucket[\"id\"],\n iam_role_arn=example_aws_iam_role[\"arn\"],\n kms_key_id=example_aws_kms_key[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.ExportTask(\"example\", new()\n {\n ExportTaskIdentifier = \"example\",\n SourceArn = exampleAwsDbSnapshot.DbSnapshotArn,\n S3BucketName = exampleAwsS3Bucket.Id,\n IamRoleArn = exampleAwsIamRole.Arn,\n KmsKeyId = exampleAwsKmsKey.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewExportTask(ctx, \"example\", \u0026rds.ExportTaskArgs{\n\t\t\tExportTaskIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceArn: pulumi.Any(exampleAwsDbSnapshot.DbSnapshotArn),\n\t\t\tS3BucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tKmsKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.ExportTask;\nimport com.pulumi.aws.rds.ExportTaskArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ExportTask(\"example\", ExportTaskArgs.builder() \n .exportTaskIdentifier(\"example\")\n .sourceArn(exampleAwsDbSnapshot.dbSnapshotArn())\n .s3BucketName(exampleAwsS3Bucket.id())\n .iamRoleArn(exampleAwsIamRole.arn())\n .kmsKeyId(exampleAwsKmsKey.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:ExportTask\n properties:\n exportTaskIdentifier: example\n sourceArn: ${exampleAwsDbSnapshot.dbSnapshotArn}\n s3BucketName: ${exampleAwsS3Bucket.id}\n iamRoleArn: ${exampleAwsIamRole.arn}\n kmsKeyId: ${exampleAwsKmsKey.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Complete Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: exampleBucketV2.id,\n acl: \"private\",\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"sts:AssumeRole\",\n effect: \"Allow\",\n sid: \"\",\n principal: {\n service: \"export.rds.amazonaws.com\",\n },\n }],\n }),\n});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n actions: [\"s3:ListAllMyBuckets\"],\n resources: [\"*\"],\n },\n {\n actions: [\n \"s3:GetBucketLocation\",\n \"s3:ListBucket\",\n ],\n resources: [exampleBucketV2.arn],\n },\n {\n actions: [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n resources: [pulumi.interpolate`${exampleBucketV2.arn}/*`],\n },\n ],\n});\nconst examplePolicy = new aws.iam.Policy(\"example\", {\n name: \"example\",\n policy: example.apply(example =\u003e example.json),\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n role: exampleRole.name,\n policyArn: examplePolicy.arn,\n});\nconst exampleKey = new aws.kms.Key(\"example\", {deletionWindowInDays: 10});\nconst exampleInstance = new aws.rds.Instance(\"example\", {\n identifier: \"example\",\n allocatedStorage: 10,\n dbName: \"test\",\n engine: \"mysql\",\n engineVersion: \"5.7\",\n instanceClass: aws.rds.InstanceType.T3_Micro,\n username: \"foo\",\n password: \"foobarbaz\",\n parameterGroupName: \"default.mysql5.7\",\n skipFinalSnapshot: true,\n});\nconst exampleSnapshot = new aws.rds.Snapshot(\"example\", {\n dbInstanceIdentifier: exampleInstance.identifier,\n dbSnapshotIdentifier: \"example\",\n});\nconst exampleExportTask = new aws.rds.ExportTask(\"example\", {\n exportTaskIdentifier: \"example\",\n sourceArn: exampleSnapshot.dbSnapshotArn,\n s3BucketName: exampleBucketV2.id,\n iamRoleArn: exampleRole.arn,\n kmsKeyId: exampleKey.arn,\n exportOnlies: [\"database\"],\n s3Prefix: \"my_prefix/example\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"example\",\n force_destroy=True)\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example_bucket_v2.id,\n acl=\"private\")\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"sts:AssumeRole\",\n \"effect\": \"Allow\",\n \"sid\": \"\",\n \"principal\": {\n \"service\": \"export.rds.amazonaws.com\",\n },\n }],\n }))\nexample = aws.iam.get_policy_document_output(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"s3:ListAllMyBuckets\"],\n resources=[\"*\"],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\n \"s3:GetBucketLocation\",\n \"s3:ListBucket\",\n ],\n resources=[example_bucket_v2.arn],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n resources=[example_bucket_v2.arn.apply(lambda arn: f\"{arn}/*\")],\n ),\n])\nexample_policy = aws.iam.Policy(\"example\",\n name=\"example\",\n policy=example.json)\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n role=example_role.name,\n policy_arn=example_policy.arn)\nexample_key = aws.kms.Key(\"example\", deletion_window_in_days=10)\nexample_instance = aws.rds.Instance(\"example\",\n identifier=\"example\",\n allocated_storage=10,\n db_name=\"test\",\n engine=\"mysql\",\n engine_version=\"5.7\",\n instance_class=aws.rds.InstanceType.T3_MICRO,\n username=\"foo\",\n password=\"foobarbaz\",\n parameter_group_name=\"default.mysql5.7\",\n skip_final_snapshot=True)\nexample_snapshot = aws.rds.Snapshot(\"example\",\n db_instance_identifier=example_instance.identifier,\n db_snapshot_identifier=\"example\")\nexample_export_task = aws.rds.ExportTask(\"example\",\n export_task_identifier=\"example\",\n source_arn=example_snapshot.db_snapshot_arn,\n s3_bucket_name=example_bucket_v2.id,\n iam_role_arn=example_role.arn,\n kms_key_id=example_key.arn,\n export_onlies=[\"database\"],\n s3_prefix=\"my_prefix/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Acl = \"private\",\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"sts:AssumeRole\",\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"export.rds.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:ListAllMyBuckets\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:GetBucketLocation\",\n \"s3:ListBucket\",\n },\n Resources = new[]\n {\n exampleBucketV2.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n },\n Resources = new[]\n {\n $\"{exampleBucketV2.Arn}/*\",\n },\n },\n },\n });\n\n var examplePolicy = new Aws.Iam.Policy(\"example\", new()\n {\n Name = \"example\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = exampleRole.Name,\n PolicyArn = examplePolicy.Arn,\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n DeletionWindowInDays = 10,\n });\n\n var exampleInstance = new Aws.Rds.Instance(\"example\", new()\n {\n Identifier = \"example\",\n AllocatedStorage = 10,\n DbName = \"test\",\n Engine = \"mysql\",\n EngineVersion = \"5.7\",\n InstanceClass = Aws.Rds.InstanceType.T3_Micro,\n Username = \"foo\",\n Password = \"foobarbaz\",\n ParameterGroupName = \"default.mysql5.7\",\n SkipFinalSnapshot = true,\n });\n\n var exampleSnapshot = new Aws.Rds.Snapshot(\"example\", new()\n {\n DbInstanceIdentifier = exampleInstance.Identifier,\n DbSnapshotIdentifier = \"example\",\n });\n\n var exampleExportTask = new Aws.Rds.ExportTask(\"example\", new()\n {\n ExportTaskIdentifier = \"example\",\n SourceArn = exampleSnapshot.DbSnapshotArn,\n S3BucketName = exampleBucketV2.Id,\n IamRoleArn = exampleRole.Arn,\n KmsKeyId = exampleKey.Arn,\n ExportOnlies = new[]\n {\n \"database\",\n },\n S3Prefix = \"my_prefix/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"export.rds.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ListAllMyBuckets\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketLocation\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ListBucket\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:DeleteObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\texamplePolicy, err := iam.NewPolicy(ctx, \"example\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPolicy: example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: exampleRole.Name,\n\t\t\tPolicyArn: examplePolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleInstance, err := rds.NewInstance(ctx, \"example\", \u0026rds.InstanceArgs{\n\t\t\tIdentifier: pulumi.String(\"example\"),\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tDbName: pulumi.String(\"test\"),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.7\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T3_Micro),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tPassword: pulumi.String(\"foobarbaz\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.7\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSnapshot, err := rds.NewSnapshot(ctx, \"example\", \u0026rds.SnapshotArgs{\n\t\t\tDbInstanceIdentifier: exampleInstance.Identifier,\n\t\t\tDbSnapshotIdentifier: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewExportTask(ctx, \"example\", \u0026rds.ExportTaskArgs{\n\t\t\tExportTaskIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceArn: exampleSnapshot.DbSnapshotArn,\n\t\t\tS3BucketName: exampleBucketV2.ID(),\n\t\t\tIamRoleArn: exampleRole.Arn,\n\t\t\tKmsKeyId: exampleKey.Arn,\n\t\t\tExportOnlies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"database\"),\n\t\t\t},\n\t\t\tS3Prefix: pulumi.String(\"my_prefix/example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport com.pulumi.aws.rds.Snapshot;\nimport com.pulumi.aws.rds.SnapshotArgs;\nimport com.pulumi.aws.rds.ExportTask;\nimport com.pulumi.aws.rds.ExportTaskArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder() \n .bucket(exampleBucketV2.id())\n .acl(\"private\")\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"example\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"sts:AssumeRole\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"export.rds.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .actions(\"s3:ListAllMyBuckets\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"s3:GetBucketLocation\",\n \"s3:ListBucket\")\n .resources(exampleBucketV2.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\")\n .resources(exampleBucketV2.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder() \n .name(\"example\")\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(exampleRole.name())\n .policyArn(examplePolicy.arn())\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder() \n .deletionWindowInDays(10)\n .build());\n\n var exampleInstance = new Instance(\"exampleInstance\", InstanceArgs.builder() \n .identifier(\"example\")\n .allocatedStorage(10)\n .dbName(\"test\")\n .engine(\"mysql\")\n .engineVersion(\"5.7\")\n .instanceClass(\"db.t3.micro\")\n .username(\"foo\")\n .password(\"foobarbaz\")\n .parameterGroupName(\"default.mysql5.7\")\n .skipFinalSnapshot(true)\n .build());\n\n var exampleSnapshot = new Snapshot(\"exampleSnapshot\", SnapshotArgs.builder() \n .dbInstanceIdentifier(exampleInstance.identifier())\n .dbSnapshotIdentifier(\"example\")\n .build());\n\n var exampleExportTask = new ExportTask(\"exampleExportTask\", ExportTaskArgs.builder() \n .exportTaskIdentifier(\"example\")\n .sourceArn(exampleSnapshot.dbSnapshotArn())\n .s3BucketName(exampleBucketV2.id())\n .iamRoleArn(exampleRole.arn())\n .kmsKeyId(exampleKey.arn())\n .exportOnlies(\"database\")\n .s3Prefix(\"my_prefix/example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n acl: private\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: sts:AssumeRole\n effect: Allow\n sid:\n principal:\n service: export.rds.amazonaws.com\n examplePolicy:\n type: aws:iam:Policy\n name: example\n properties:\n name: example\n policy: ${example.json}\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n role: ${exampleRole.name}\n policyArn: ${examplePolicy.arn}\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n deletionWindowInDays: 10\n exampleInstance:\n type: aws:rds:Instance\n name: example\n properties:\n identifier: example\n allocatedStorage: 10\n dbName: test\n engine: mysql\n engineVersion: '5.7'\n instanceClass: db.t3.micro\n username: foo\n password: foobarbaz\n parameterGroupName: default.mysql5.7\n skipFinalSnapshot: true\n exampleSnapshot:\n type: aws:rds:Snapshot\n name: example\n properties:\n dbInstanceIdentifier: ${exampleInstance.identifier}\n dbSnapshotIdentifier: example\n exampleExportTask:\n type: aws:rds:ExportTask\n name: example\n properties:\n exportTaskIdentifier: example\n sourceArn: ${exampleSnapshot.dbSnapshotArn}\n s3BucketName: ${exampleBucketV2.id}\n iamRoleArn: ${exampleRole.arn}\n kmsKeyId: ${exampleKey.arn}\n exportOnlies:\n - database\n s3Prefix: my_prefix/example\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - s3:ListAllMyBuckets\n resources:\n - '*'\n - actions:\n - s3:GetBucketLocation\n - s3:ListBucket\n resources:\n - ${exampleBucketV2.arn}\n - actions:\n - s3:GetObject\n - s3:PutObject\n - s3:DeleteObject\n resources:\n - ${exampleBucketV2.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a RDS (Relational Database) Export Task using the `export_task_identifier`. For example:\n\n```sh\n$ pulumi import aws:rds/exportTask:ExportTask example example\n```\n", + "description": "Resource for managing an AWS RDS (Relational Database) Export Task.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.ExportTask(\"example\", {\n exportTaskIdentifier: \"example\",\n sourceArn: exampleAwsDbSnapshot.dbSnapshotArn,\n s3BucketName: exampleAwsS3Bucket.id,\n iamRoleArn: exampleAwsIamRole.arn,\n kmsKeyId: exampleAwsKmsKey.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.ExportTask(\"example\",\n export_task_identifier=\"example\",\n source_arn=example_aws_db_snapshot[\"dbSnapshotArn\"],\n s3_bucket_name=example_aws_s3_bucket[\"id\"],\n iam_role_arn=example_aws_iam_role[\"arn\"],\n kms_key_id=example_aws_kms_key[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.ExportTask(\"example\", new()\n {\n ExportTaskIdentifier = \"example\",\n SourceArn = exampleAwsDbSnapshot.DbSnapshotArn,\n S3BucketName = exampleAwsS3Bucket.Id,\n IamRoleArn = exampleAwsIamRole.Arn,\n KmsKeyId = exampleAwsKmsKey.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := rds.NewExportTask(ctx, \"example\", \u0026rds.ExportTaskArgs{\n\t\t\tExportTaskIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceArn: pulumi.Any(exampleAwsDbSnapshot.DbSnapshotArn),\n\t\t\tS3BucketName: pulumi.Any(exampleAwsS3Bucket.Id),\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tKmsKeyId: pulumi.Any(exampleAwsKmsKey.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.ExportTask;\nimport com.pulumi.aws.rds.ExportTaskArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ExportTask(\"example\", ExportTaskArgs.builder() \n .exportTaskIdentifier(\"example\")\n .sourceArn(exampleAwsDbSnapshot.dbSnapshotArn())\n .s3BucketName(exampleAwsS3Bucket.id())\n .iamRoleArn(exampleAwsIamRole.arn())\n .kmsKeyId(exampleAwsKmsKey.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:ExportTask\n properties:\n exportTaskIdentifier: example\n sourceArn: ${exampleAwsDbSnapshot.dbSnapshotArn}\n s3BucketName: ${exampleAwsS3Bucket.id}\n iamRoleArn: ${exampleAwsIamRole.arn}\n kmsKeyId: ${exampleAwsKmsKey.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Complete Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"example\",\n forceDestroy: true,\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: exampleBucketV2.id,\n acl: \"private\",\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"sts:AssumeRole\",\n Effect: \"Allow\",\n Sid: \"\",\n Principal: {\n Service: \"export.rds.amazonaws.com\",\n },\n }],\n }),\n});\nconst example = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n actions: [\"s3:ListAllMyBuckets\"],\n resources: [\"*\"],\n },\n {\n actions: [\n \"s3:GetBucketLocation\",\n \"s3:ListBucket\",\n ],\n resources: [exampleBucketV2.arn],\n },\n {\n actions: [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n resources: [pulumi.interpolate`${exampleBucketV2.arn}/*`],\n },\n ],\n});\nconst examplePolicy = new aws.iam.Policy(\"example\", {\n name: \"example\",\n policy: example.apply(example =\u003e example.json),\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n role: exampleRole.name,\n policyArn: examplePolicy.arn,\n});\nconst exampleKey = new aws.kms.Key(\"example\", {deletionWindowInDays: 10});\nconst exampleInstance = new aws.rds.Instance(\"example\", {\n identifier: \"example\",\n allocatedStorage: 10,\n dbName: \"test\",\n engine: \"mysql\",\n engineVersion: \"5.7\",\n instanceClass: aws.rds.InstanceType.T3_Micro,\n username: \"foo\",\n password: \"foobarbaz\",\n parameterGroupName: \"default.mysql5.7\",\n skipFinalSnapshot: true,\n});\nconst exampleSnapshot = new aws.rds.Snapshot(\"example\", {\n dbInstanceIdentifier: exampleInstance.identifier,\n dbSnapshotIdentifier: \"example\",\n});\nconst exampleExportTask = new aws.rds.ExportTask(\"example\", {\n exportTaskIdentifier: \"example\",\n sourceArn: exampleSnapshot.dbSnapshotArn,\n s3BucketName: exampleBucketV2.id,\n iamRoleArn: exampleRole.arn,\n kmsKeyId: exampleKey.arn,\n exportOnlies: [\"database\"],\n s3Prefix: \"my_prefix/example\",\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"example\",\n force_destroy=True)\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example_bucket_v2.id,\n acl=\"private\")\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"sts:AssumeRole\",\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n \"Principal\": {\n \"Service\": \"export.rds.amazonaws.com\",\n },\n }],\n }))\nexample = aws.iam.get_policy_document_output(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"s3:ListAllMyBuckets\"],\n resources=[\"*\"],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\n \"s3:GetBucketLocation\",\n \"s3:ListBucket\",\n ],\n resources=[example_bucket_v2.arn],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n resources=[example_bucket_v2.arn.apply(lambda arn: f\"{arn}/*\")],\n ),\n])\nexample_policy = aws.iam.Policy(\"example\",\n name=\"example\",\n policy=example.json)\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n role=example_role.name,\n policy_arn=example_policy.arn)\nexample_key = aws.kms.Key(\"example\", deletion_window_in_days=10)\nexample_instance = aws.rds.Instance(\"example\",\n identifier=\"example\",\n allocated_storage=10,\n db_name=\"test\",\n engine=\"mysql\",\n engine_version=\"5.7\",\n instance_class=aws.rds.InstanceType.T3_MICRO,\n username=\"foo\",\n password=\"foobarbaz\",\n parameter_group_name=\"default.mysql5.7\",\n skip_final_snapshot=True)\nexample_snapshot = aws.rds.Snapshot(\"example\",\n db_instance_identifier=example_instance.identifier,\n db_snapshot_identifier=\"example\")\nexample_export_task = aws.rds.ExportTask(\"example\",\n export_task_identifier=\"example\",\n source_arn=example_snapshot.db_snapshot_arn,\n s3_bucket_name=example_bucket_v2.id,\n iam_role_arn=example_role.arn,\n kms_key_id=example_key.arn,\n export_onlies=[\"database\"],\n s3_prefix=\"my_prefix/example\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n ForceDestroy = true,\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = exampleBucketV2.Id,\n Acl = \"private\",\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"sts:AssumeRole\",\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"export.rds.amazonaws.com\",\n },\n },\n },\n }),\n });\n\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:ListAllMyBuckets\",\n },\n Resources = new[]\n {\n \"*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:GetBucketLocation\",\n \"s3:ListBucket\",\n },\n Resources = new[]\n {\n exampleBucketV2.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n },\n Resources = new[]\n {\n $\"{exampleBucketV2.Arn}/*\",\n },\n },\n },\n });\n\n var examplePolicy = new Aws.Iam.Policy(\"example\", new()\n {\n Name = \"example\",\n PolicyDocument = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = exampleRole.Name,\n PolicyArn = examplePolicy.Arn,\n });\n\n var exampleKey = new Aws.Kms.Key(\"example\", new()\n {\n DeletionWindowInDays = 10,\n });\n\n var exampleInstance = new Aws.Rds.Instance(\"example\", new()\n {\n Identifier = \"example\",\n AllocatedStorage = 10,\n DbName = \"test\",\n Engine = \"mysql\",\n EngineVersion = \"5.7\",\n InstanceClass = Aws.Rds.InstanceType.T3_Micro,\n Username = \"foo\",\n Password = \"foobarbaz\",\n ParameterGroupName = \"default.mysql5.7\",\n SkipFinalSnapshot = true,\n });\n\n var exampleSnapshot = new Aws.Rds.Snapshot(\"example\", new()\n {\n DbInstanceIdentifier = exampleInstance.Identifier,\n DbSnapshotIdentifier = \"example\",\n });\n\n var exampleExportTask = new Aws.Rds.ExportTask(\"example\", new()\n {\n ExportTaskIdentifier = \"example\",\n SourceArn = exampleSnapshot.DbSnapshotArn,\n S3BucketName = exampleBucketV2.Id,\n IamRoleArn = exampleRole.Arn,\n KmsKeyId = exampleKey.Arn,\n ExportOnlies = new[]\n {\n \"database\",\n },\n S3Prefix = \"my_prefix/example\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"export.rds.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ListAllMyBuckets\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetBucketLocation\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ListBucket\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:PutObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:DeleteObject\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\texampleBucketV2.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\texamplePolicy, err := iam.NewPolicy(ctx, \"example\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPolicy: example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026example.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: exampleRole.Name,\n\t\t\tPolicyArn: examplePolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tDeletionWindowInDays: pulumi.Int(10),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleInstance, err := rds.NewInstance(ctx, \"example\", \u0026rds.InstanceArgs{\n\t\t\tIdentifier: pulumi.String(\"example\"),\n\t\t\tAllocatedStorage: pulumi.Int(10),\n\t\t\tDbName: pulumi.String(\"test\"),\n\t\t\tEngine: pulumi.String(\"mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.7\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_T3_Micro),\n\t\t\tUsername: pulumi.String(\"foo\"),\n\t\t\tPassword: pulumi.String(\"foobarbaz\"),\n\t\t\tParameterGroupName: pulumi.String(\"default.mysql5.7\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSnapshot, err := rds.NewSnapshot(ctx, \"example\", \u0026rds.SnapshotArgs{\n\t\t\tDbInstanceIdentifier: exampleInstance.Identifier,\n\t\t\tDbSnapshotIdentifier: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewExportTask(ctx, \"example\", \u0026rds.ExportTaskArgs{\n\t\t\tExportTaskIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceArn: exampleSnapshot.DbSnapshotArn,\n\t\t\tS3BucketName: exampleBucketV2.ID(),\n\t\t\tIamRoleArn: exampleRole.Arn,\n\t\t\tKmsKeyId: exampleKey.Arn,\n\t\t\tExportOnlies: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"database\"),\n\t\t\t},\n\t\t\tS3Prefix: pulumi.String(\"my_prefix/example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.rds.Instance;\nimport com.pulumi.aws.rds.InstanceArgs;\nimport com.pulumi.aws.rds.Snapshot;\nimport com.pulumi.aws.rds.SnapshotArgs;\nimport com.pulumi.aws.rds.ExportTask;\nimport com.pulumi.aws.rds.ExportTaskArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example\")\n .forceDestroy(true)\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder() \n .bucket(exampleBucketV2.id())\n .acl(\"private\")\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"example\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"sts:AssumeRole\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"export.rds.amazonaws.com\")\n ))\n )))\n )))\n .build());\n\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .actions(\"s3:ListAllMyBuckets\")\n .resources(\"*\")\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"s3:GetBucketLocation\",\n \"s3:ListBucket\")\n .resources(exampleBucketV2.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\")\n .resources(exampleBucketV2.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var examplePolicy = new Policy(\"examplePolicy\", PolicyArgs.builder() \n .name(\"example\")\n .policy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(example -\u003e example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(exampleRole.name())\n .policyArn(examplePolicy.arn())\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder() \n .deletionWindowInDays(10)\n .build());\n\n var exampleInstance = new Instance(\"exampleInstance\", InstanceArgs.builder() \n .identifier(\"example\")\n .allocatedStorage(10)\n .dbName(\"test\")\n .engine(\"mysql\")\n .engineVersion(\"5.7\")\n .instanceClass(\"db.t3.micro\")\n .username(\"foo\")\n .password(\"foobarbaz\")\n .parameterGroupName(\"default.mysql5.7\")\n .skipFinalSnapshot(true)\n .build());\n\n var exampleSnapshot = new Snapshot(\"exampleSnapshot\", SnapshotArgs.builder() \n .dbInstanceIdentifier(exampleInstance.identifier())\n .dbSnapshotIdentifier(\"example\")\n .build());\n\n var exampleExportTask = new ExportTask(\"exampleExportTask\", ExportTaskArgs.builder() \n .exportTaskIdentifier(\"example\")\n .sourceArn(exampleSnapshot.dbSnapshotArn())\n .s3BucketName(exampleBucketV2.id())\n .iamRoleArn(exampleRole.arn())\n .kmsKeyId(exampleKey.arn())\n .exportOnlies(\"database\")\n .s3Prefix(\"my_prefix/example\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example\n forceDestroy: true\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${exampleBucketV2.id}\n acl: private\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: sts:AssumeRole\n Effect: Allow\n Sid:\n Principal:\n Service: export.rds.amazonaws.com\n examplePolicy:\n type: aws:iam:Policy\n name: example\n properties:\n name: example\n policy: ${example.json}\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n role: ${exampleRole.name}\n policyArn: ${examplePolicy.arn}\n exampleKey:\n type: aws:kms:Key\n name: example\n properties:\n deletionWindowInDays: 10\n exampleInstance:\n type: aws:rds:Instance\n name: example\n properties:\n identifier: example\n allocatedStorage: 10\n dbName: test\n engine: mysql\n engineVersion: '5.7'\n instanceClass: db.t3.micro\n username: foo\n password: foobarbaz\n parameterGroupName: default.mysql5.7\n skipFinalSnapshot: true\n exampleSnapshot:\n type: aws:rds:Snapshot\n name: example\n properties:\n dbInstanceIdentifier: ${exampleInstance.identifier}\n dbSnapshotIdentifier: example\n exampleExportTask:\n type: aws:rds:ExportTask\n name: example\n properties:\n exportTaskIdentifier: example\n sourceArn: ${exampleSnapshot.dbSnapshotArn}\n s3BucketName: ${exampleBucketV2.id}\n iamRoleArn: ${exampleRole.arn}\n kmsKeyId: ${exampleKey.arn}\n exportOnlies:\n - database\n s3Prefix: my_prefix/example\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - s3:ListAllMyBuckets\n resources:\n - '*'\n - actions:\n - s3:GetBucketLocation\n - s3:ListBucket\n resources:\n - ${exampleBucketV2.arn}\n - actions:\n - s3:GetObject\n - s3:PutObject\n - s3:DeleteObject\n resources:\n - ${exampleBucketV2.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import a RDS (Relational Database) Export Task using the `export_task_identifier`. For example:\n\n```sh\n$ pulumi import aws:rds/exportTask:ExportTask example example\n```\n", "properties": { "exportOnlies": { "type": "array", @@ -303909,7 +303909,7 @@ } }, "aws:rds/globalCluster:GlobalCluster": { - "description": "Manages an RDS Global Cluster, which is an Aurora global database spread across multiple regions. The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem.\n\nMore information about Aurora global databases can be found in the [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database-creating).\n\n## Example Usage\n\n### New MySQL Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"aurora\",\n engineVersion: \"5.6.mysql_aurora.1.22.2\",\n databaseName: \"example_db\",\n});\nconst primary = new aws.rds.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n masterUsername: \"username\",\n masterPassword: \"somepass123\",\n databaseName: \"example_db\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.rds.ClusterInstance(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\nconst secondary = new aws.rds.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst secondaryClusterInstance = new aws.rds.ClusterInstance(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"aurora\",\n engine_version=\"5.6.mysql_aurora.1.22.2\",\n database_name=\"example_db\")\nprimary = aws.rds.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n master_username=\"username\",\n master_password=\"somepass123\",\n database_name=\"example_db\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.rds.ClusterInstance(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\nsecondary = aws.rds.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nsecondary_cluster_instance = aws.rds.ClusterInstance(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"aurora\",\n EngineVersion = \"5.6.mysql_aurora.1.22.2\",\n DatabaseName = \"example_db\",\n });\n\n var primary = new Aws.Rds.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n MasterUsername = \"username\",\n MasterPassword = \"somepass123\",\n DatabaseName = \"example_db\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.Rds.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n var secondary = new Aws.Rds.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var secondaryClusterInstance = new Aws.Rds.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"aurora\"),\n\t\t\tEngineVersion: pulumi.String(\"5.6.mysql_aurora.1.22.2\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := rds.NewCluster(ctx, \"primary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tMasterUsername: pulumi.String(\"username\"),\n\t\t\tMasterPassword: pulumi.String(\"somepass123\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"primary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := rds.NewCluster(ctx, \"secondary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"secondary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"global-test\")\n .engine(\"aurora\")\n .engineVersion(\"5.6.mysql_aurora.1.22.2\")\n .databaseName(\"example_db\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .masterUsername(\"username\")\n .masterPassword(\"somepass123\")\n .databaseName(\"example_db\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: aurora\n engineVersion: 5.6.mysql_aurora.1.22.2\n databaseName: example_db\n primary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n masterUsername: username\n masterPassword: somepass123\n databaseName: example_db\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n primaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n secondary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n secondaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New PostgreSQL Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"aurora-postgresql\",\n engineVersion: \"11.9\",\n databaseName: \"example_db\",\n});\nconst primary = new aws.rds.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n masterUsername: \"username\",\n masterPassword: \"somepass123\",\n databaseName: \"example_db\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.rds.ClusterInstance(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\nconst secondary = new aws.rds.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n skipFinalSnapshot: true,\n dbSubnetGroupName: \"default\",\n});\nconst secondaryClusterInstance = new aws.rds.ClusterInstance(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"aurora-postgresql\",\n engine_version=\"11.9\",\n database_name=\"example_db\")\nprimary = aws.rds.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n master_username=\"username\",\n master_password=\"somepass123\",\n database_name=\"example_db\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.rds.ClusterInstance(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\nsecondary = aws.rds.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n skip_final_snapshot=True,\n db_subnet_group_name=\"default\")\nsecondary_cluster_instance = aws.rds.ClusterInstance(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"aurora-postgresql\",\n EngineVersion = \"11.9\",\n DatabaseName = \"example_db\",\n });\n\n var primary = new Aws.Rds.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n MasterUsername = \"username\",\n MasterPassword = \"somepass123\",\n DatabaseName = \"example_db\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.Rds.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n var secondary = new Aws.Rds.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n SkipFinalSnapshot = true,\n DbSubnetGroupName = \"default\",\n });\n\n var secondaryClusterInstance = new Aws.Rds.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"aurora-postgresql\"),\n\t\t\tEngineVersion: pulumi.String(\"11.9\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := rds.NewCluster(ctx, \"primary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tMasterUsername: pulumi.String(\"username\"),\n\t\t\tMasterPassword: pulumi.String(\"somepass123\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"primary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := rds.NewCluster(ctx, \"secondary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"secondary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"global-test\")\n .engine(\"aurora-postgresql\")\n .engineVersion(\"11.9\")\n .databaseName(\"example_db\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .masterUsername(\"username\")\n .masterPassword(\"somepass123\")\n .databaseName(\"example_db\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .skipFinalSnapshot(true)\n .dbSubnetGroupName(\"default\")\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: aurora-postgresql\n engineVersion: '11.9'\n databaseName: example_db\n primary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n masterUsername: username\n masterPassword: somepass123\n databaseName: example_db\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n primaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n secondary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n skipFinalSnapshot: true\n dbSubnetGroupName: default\n secondaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New Global Cluster From Existing DB Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Cluster(\"example\", {});\nconst exampleGlobalCluster = new aws.rds.GlobalCluster(\"example\", {\n forceDestroy: true,\n globalClusterIdentifier: \"example\",\n sourceDbClusterIdentifier: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Cluster(\"example\")\nexample_global_cluster = aws.rds.GlobalCluster(\"example\",\n force_destroy=True,\n global_cluster_identifier=\"example\",\n source_db_cluster_identifier=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Cluster(\"example\");\n\n var exampleGlobalCluster = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n ForceDestroy = true,\n GlobalClusterIdentifier = \"example\",\n SourceDbClusterIdentifier = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceDbClusterIdentifier: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\");\n\n var exampleGlobalCluster = new GlobalCluster(\"exampleGlobalCluster\", GlobalClusterArgs.builder() \n .forceDestroy(true)\n .globalClusterIdentifier(\"example\")\n .sourceDbClusterIdentifier(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Cluster\n exampleGlobalCluster:\n type: aws:rds:GlobalCluster\n name: example\n properties:\n forceDestroy: true\n globalClusterIdentifier: example\n sourceDbClusterIdentifier: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Upgrading Engine Versions\n\nWhen you upgrade the version of an `aws.rds.GlobalCluster`, the provider will attempt to in-place upgrade the engine versions of all associated clusters. Since the `aws.rds.Cluster` resource is being updated through the `aws.rds.GlobalCluster`, you are likely to get an error (`Provider produced inconsistent final plan`). To avoid this, use the `lifecycle` `ignore_changes` meta argument as shown below on the `aws.rds.Cluster`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"kyivkharkiv\",\n engine: \"aurora-mysql\",\n engineVersion: \"5.7.mysql_aurora.2.07.5\",\n});\nconst primary = new aws.rds.Cluster(\"primary\", {\n allowMajorVersionUpgrade: true,\n applyImmediately: true,\n clusterIdentifier: \"odessadnipro\",\n databaseName: \"totoro\",\n engine: example.engine,\n engineVersion: example.engineVersion,\n globalClusterIdentifier: example.id,\n masterPassword: \"satsukimae\",\n masterUsername: \"maesatsuki\",\n skipFinalSnapshot: true,\n});\nconst primaryClusterInstance = new aws.rds.ClusterInstance(\"primary\", {\n applyImmediately: true,\n clusterIdentifier: primary.id,\n engine: primary.engine,\n engineVersion: primary.engineVersion,\n identifier: \"donetsklviv\",\n instanceClass: aws.rds.InstanceType.R4_Large,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.GlobalCluster(\"example\",\n global_cluster_identifier=\"kyivkharkiv\",\n engine=\"aurora-mysql\",\n engine_version=\"5.7.mysql_aurora.2.07.5\")\nprimary = aws.rds.Cluster(\"primary\",\n allow_major_version_upgrade=True,\n apply_immediately=True,\n cluster_identifier=\"odessadnipro\",\n database_name=\"totoro\",\n engine=example.engine,\n engine_version=example.engine_version,\n global_cluster_identifier=example.id,\n master_password=\"satsukimae\",\n master_username=\"maesatsuki\",\n skip_final_snapshot=True)\nprimary_cluster_instance = aws.rds.ClusterInstance(\"primary\",\n apply_immediately=True,\n cluster_identifier=primary.id,\n engine=primary.engine,\n engine_version=primary.engine_version,\n identifier=\"donetsklviv\",\n instance_class=aws.rds.InstanceType.R4_LARGE)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"kyivkharkiv\",\n Engine = \"aurora-mysql\",\n EngineVersion = \"5.7.mysql_aurora.2.07.5\",\n });\n\n var primary = new Aws.Rds.Cluster(\"primary\", new()\n {\n AllowMajorVersionUpgrade = true,\n ApplyImmediately = true,\n ClusterIdentifier = \"odessadnipro\",\n DatabaseName = \"totoro\",\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n GlobalClusterIdentifier = example.Id,\n MasterPassword = \"satsukimae\",\n MasterUsername = \"maesatsuki\",\n SkipFinalSnapshot = true,\n });\n\n var primaryClusterInstance = new Aws.Rds.ClusterInstance(\"primary\", new()\n {\n ApplyImmediately = true,\n ClusterIdentifier = primary.Id,\n Engine = primary.Engine,\n EngineVersion = primary.EngineVersion,\n Identifier = \"donetsklviv\",\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"kyivkharkiv\"),\n\t\t\tEngine: pulumi.String(\"aurora-mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.7.mysql_aurora.2.07.5\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := rds.NewCluster(ctx, \"primary\", \u0026rds.ClusterArgs{\n\t\t\tAllowMajorVersionUpgrade: pulumi.Bool(true),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tClusterIdentifier: pulumi.String(\"odessadnipro\"),\n\t\t\tDatabaseName: pulumi.String(\"totoro\"),\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tMasterPassword: pulumi.String(\"satsukimae\"),\n\t\t\tMasterUsername: pulumi.String(\"maesatsuki\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"primary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tEngine: primary.Engine,\n\t\t\tEngineVersion: primary.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"donetsklviv\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"kyivkharkiv\")\n .engine(\"aurora-mysql\")\n .engineVersion(\"5.7.mysql_aurora.2.07.5\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder() \n .allowMajorVersionUpgrade(true)\n .applyImmediately(true)\n .clusterIdentifier(\"odessadnipro\")\n .databaseName(\"totoro\")\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .globalClusterIdentifier(example.id())\n .masterPassword(\"satsukimae\")\n .masterUsername(\"maesatsuki\")\n .skipFinalSnapshot(true)\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder() \n .applyImmediately(true)\n .clusterIdentifier(primary.id())\n .engine(primary.engine())\n .engineVersion(primary.engineVersion())\n .identifier(\"donetsklviv\")\n .instanceClass(\"db.r4.large\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:GlobalCluster\n properties:\n globalClusterIdentifier: kyivkharkiv\n engine: aurora-mysql\n engineVersion: 5.7.mysql_aurora.2.07.5\n primary:\n type: aws:rds:Cluster\n properties:\n allowMajorVersionUpgrade: true\n applyImmediately: true\n clusterIdentifier: odessadnipro\n databaseName: totoro\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n globalClusterIdentifier: ${example.id}\n masterPassword: satsukimae\n masterUsername: maesatsuki\n skipFinalSnapshot: true\n primaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: primary\n properties:\n applyImmediately: true\n clusterIdentifier: ${primary.id}\n engine: ${primary.engine}\n engineVersion: ${primary.engineVersion}\n identifier: donetsklviv\n instanceClass: db.r4.large\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_rds_global_cluster` using the RDS Global Cluster identifier. For example:\n\n```sh\n$ pulumi import aws:rds/globalCluster:GlobalCluster example example\n```\nCertain resource arguments, like `force_destroy`, only exist within this provider. If the argument is set in the the provider configuration on an imported resource, This provider will show a difference on the first plan after import to update the state value. This change is safe to apply immediately so the state matches the desired configuration.\n\nCertain resource arguments, like `source_db_cluster_identifier`, do not have an API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", + "description": "Manages an RDS Global Cluster, which is an Aurora global database spread across multiple regions. The global database contains a single primary cluster with read-write capability, and a read-only secondary cluster that receives data from the primary cluster through high-speed replication performed by the Aurora storage subsystem.\n\nMore information about Aurora global databases can be found in the [Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database-creating).\n\n## Example Usage\n\n### New MySQL Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"aurora\",\n engineVersion: \"5.6.mysql_aurora.1.22.2\",\n databaseName: \"example_db\",\n});\nconst primary = new aws.rds.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n masterUsername: \"username\",\n masterPassword: \"somepass123\",\n databaseName: \"example_db\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.rds.ClusterInstance(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\nconst secondary = new aws.rds.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n}, {\n dependsOn: [primaryClusterInstance],\n});\nconst secondaryClusterInstance = new aws.rds.ClusterInstance(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"aurora\",\n engine_version=\"5.6.mysql_aurora.1.22.2\",\n database_name=\"example_db\")\nprimary = aws.rds.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n master_username=\"username\",\n master_password=\"somepass123\",\n database_name=\"example_db\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.rds.ClusterInstance(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\nsecondary = aws.rds.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\",\n opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance]))\nsecondary_cluster_instance = aws.rds.ClusterInstance(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"aurora\",\n EngineVersion = \"5.6.mysql_aurora.1.22.2\",\n DatabaseName = \"example_db\",\n });\n\n var primary = new Aws.Rds.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n MasterUsername = \"username\",\n MasterPassword = \"somepass123\",\n DatabaseName = \"example_db\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.Rds.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n var secondary = new Aws.Rds.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryClusterInstance, \n },\n });\n\n var secondaryClusterInstance = new Aws.Rds.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"aurora\"),\n\t\t\tEngineVersion: pulumi.String(\"5.6.mysql_aurora.1.22.2\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := rds.NewCluster(ctx, \"primary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tMasterUsername: pulumi.String(\"username\"),\n\t\t\tMasterPassword: pulumi.String(\"somepass123\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryClusterInstance, err := rds.NewClusterInstance(ctx, \"primary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := rds.NewCluster(ctx, \"secondary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryClusterInstance,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"secondary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"global-test\")\n .engine(\"aurora\")\n .engineVersion(\"5.6.mysql_aurora.1.22.2\")\n .databaseName(\"example_db\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .masterUsername(\"username\")\n .masterPassword(\"somepass123\")\n .databaseName(\"example_db\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryClusterInstance)\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: aurora\n engineVersion: 5.6.mysql_aurora.1.22.2\n databaseName: example_db\n primary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n masterUsername: username\n masterPassword: somepass123\n databaseName: example_db\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n primaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n secondary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n options:\n dependson:\n - ${primaryClusterInstance}\n secondaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New PostgreSQL Global Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"global-test\",\n engine: \"aurora-postgresql\",\n engineVersion: \"11.9\",\n databaseName: \"example_db\",\n});\nconst primary = new aws.rds.Cluster(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-primary-cluster\",\n masterUsername: \"username\",\n masterPassword: \"somepass123\",\n databaseName: \"example_db\",\n globalClusterIdentifier: example.id,\n dbSubnetGroupName: \"default\",\n});\nconst primaryClusterInstance = new aws.rds.ClusterInstance(\"primary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-primary-cluster-instance\",\n clusterIdentifier: primary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\nconst secondary = new aws.rds.Cluster(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n clusterIdentifier: \"test-secondary-cluster\",\n globalClusterIdentifier: example.id,\n skipFinalSnapshot: true,\n dbSubnetGroupName: \"default\",\n}, {\n dependsOn: [primaryClusterInstance],\n});\nconst secondaryClusterInstance = new aws.rds.ClusterInstance(\"secondary\", {\n engine: example.engine,\n engineVersion: example.engineVersion,\n identifier: \"test-secondary-cluster-instance\",\n clusterIdentifier: secondary.id,\n instanceClass: aws.rds.InstanceType.R4_Large,\n dbSubnetGroupName: \"default\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.GlobalCluster(\"example\",\n global_cluster_identifier=\"global-test\",\n engine=\"aurora-postgresql\",\n engine_version=\"11.9\",\n database_name=\"example_db\")\nprimary = aws.rds.Cluster(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-primary-cluster\",\n master_username=\"username\",\n master_password=\"somepass123\",\n database_name=\"example_db\",\n global_cluster_identifier=example.id,\n db_subnet_group_name=\"default\")\nprimary_cluster_instance = aws.rds.ClusterInstance(\"primary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-primary-cluster-instance\",\n cluster_identifier=primary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\nsecondary = aws.rds.Cluster(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n cluster_identifier=\"test-secondary-cluster\",\n global_cluster_identifier=example.id,\n skip_final_snapshot=True,\n db_subnet_group_name=\"default\",\n opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance]))\nsecondary_cluster_instance = aws.rds.ClusterInstance(\"secondary\",\n engine=example.engine,\n engine_version=example.engine_version,\n identifier=\"test-secondary-cluster-instance\",\n cluster_identifier=secondary.id,\n instance_class=aws.rds.InstanceType.R4_LARGE,\n db_subnet_group_name=\"default\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"global-test\",\n Engine = \"aurora-postgresql\",\n EngineVersion = \"11.9\",\n DatabaseName = \"example_db\",\n });\n\n var primary = new Aws.Rds.Cluster(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-primary-cluster\",\n MasterUsername = \"username\",\n MasterPassword = \"somepass123\",\n DatabaseName = \"example_db\",\n GlobalClusterIdentifier = example.Id,\n DbSubnetGroupName = \"default\",\n });\n\n var primaryClusterInstance = new Aws.Rds.ClusterInstance(\"primary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-primary-cluster-instance\",\n ClusterIdentifier = primary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n var secondary = new Aws.Rds.Cluster(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n ClusterIdentifier = \"test-secondary-cluster\",\n GlobalClusterIdentifier = example.Id,\n SkipFinalSnapshot = true,\n DbSubnetGroupName = \"default\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n primaryClusterInstance, \n },\n });\n\n var secondaryClusterInstance = new Aws.Rds.ClusterInstance(\"secondary\", new()\n {\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n Identifier = \"test-secondary-cluster-instance\",\n ClusterIdentifier = secondary.Id,\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n DbSubnetGroupName = \"default\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"global-test\"),\n\t\t\tEngine: pulumi.String(\"aurora-postgresql\"),\n\t\t\tEngineVersion: pulumi.String(\"11.9\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := rds.NewCluster(ctx, \"primary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-primary-cluster\"),\n\t\t\tMasterUsername: pulumi.String(\"username\"),\n\t\t\tMasterPassword: pulumi.String(\"somepass123\"),\n\t\t\tDatabaseName: pulumi.String(\"example_db\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimaryClusterInstance, err := rds.NewClusterInstance(ctx, \"primary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-primary-cluster-instance\"),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := rds.NewCluster(ctx, \"secondary\", \u0026rds.ClusterArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tClusterIdentifier: pulumi.String(\"test-secondary-cluster\"),\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tprimaryClusterInstance,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"secondary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"test-secondary-cluster-instance\"),\n\t\t\tClusterIdentifier: secondary.ID(),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t\tDbSubnetGroupName: pulumi.String(\"default\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"global-test\")\n .engine(\"aurora-postgresql\")\n .engineVersion(\"11.9\")\n .databaseName(\"example_db\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-primary-cluster\")\n .masterUsername(\"username\")\n .masterPassword(\"somepass123\")\n .databaseName(\"example_db\")\n .globalClusterIdentifier(example.id())\n .dbSubnetGroupName(\"default\")\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-primary-cluster-instance\")\n .clusterIdentifier(primary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n var secondary = new Cluster(\"secondary\", ClusterArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .clusterIdentifier(\"test-secondary-cluster\")\n .globalClusterIdentifier(example.id())\n .skipFinalSnapshot(true)\n .dbSubnetGroupName(\"default\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(primaryClusterInstance)\n .build());\n\n var secondaryClusterInstance = new ClusterInstance(\"secondaryClusterInstance\", ClusterInstanceArgs.builder() \n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .identifier(\"test-secondary-cluster-instance\")\n .clusterIdentifier(secondary.id())\n .instanceClass(\"db.r4.large\")\n .dbSubnetGroupName(\"default\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:GlobalCluster\n properties:\n globalClusterIdentifier: global-test\n engine: aurora-postgresql\n engineVersion: '11.9'\n databaseName: example_db\n primary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-primary-cluster\n masterUsername: username\n masterPassword: somepass123\n databaseName: example_db\n globalClusterIdentifier: ${example.id}\n dbSubnetGroupName: default\n primaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: primary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-primary-cluster-instance\n clusterIdentifier: ${primary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n secondary:\n type: aws:rds:Cluster\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n clusterIdentifier: test-secondary-cluster\n globalClusterIdentifier: ${example.id}\n skipFinalSnapshot: true\n dbSubnetGroupName: default\n options:\n dependson:\n - ${primaryClusterInstance}\n secondaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: secondary\n properties:\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n identifier: test-secondary-cluster-instance\n clusterIdentifier: ${secondary.id}\n instanceClass: db.r4.large\n dbSubnetGroupName: default\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### New Global Cluster From Existing DB Cluster\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.Cluster(\"example\", {});\nconst exampleGlobalCluster = new aws.rds.GlobalCluster(\"example\", {\n forceDestroy: true,\n globalClusterIdentifier: \"example\",\n sourceDbClusterIdentifier: example.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.Cluster(\"example\")\nexample_global_cluster = aws.rds.GlobalCluster(\"example\",\n force_destroy=True,\n global_cluster_identifier=\"example\",\n source_db_cluster_identifier=example.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.Cluster(\"example\");\n\n var exampleGlobalCluster = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n ForceDestroy = true,\n GlobalClusterIdentifier = \"example\",\n SourceDbClusterIdentifier = example.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewCluster(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"example\"),\n\t\t\tSourceDbClusterIdentifier: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Cluster(\"example\");\n\n var exampleGlobalCluster = new GlobalCluster(\"exampleGlobalCluster\", GlobalClusterArgs.builder() \n .forceDestroy(true)\n .globalClusterIdentifier(\"example\")\n .sourceDbClusterIdentifier(example.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:Cluster\n exampleGlobalCluster:\n type: aws:rds:GlobalCluster\n name: example\n properties:\n forceDestroy: true\n globalClusterIdentifier: example\n sourceDbClusterIdentifier: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Upgrading Engine Versions\n\nWhen you upgrade the version of an `aws.rds.GlobalCluster`, the provider will attempt to in-place upgrade the engine versions of all associated clusters. Since the `aws.rds.Cluster` resource is being updated through the `aws.rds.GlobalCluster`, you are likely to get an error (`Provider produced inconsistent final plan`). To avoid this, use the `lifecycle` `ignore_changes` meta argument as shown below on the `aws.rds.Cluster`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.rds.GlobalCluster(\"example\", {\n globalClusterIdentifier: \"kyivkharkiv\",\n engine: \"aurora-mysql\",\n engineVersion: \"5.7.mysql_aurora.2.07.5\",\n});\nconst primary = new aws.rds.Cluster(\"primary\", {\n allowMajorVersionUpgrade: true,\n applyImmediately: true,\n clusterIdentifier: \"odessadnipro\",\n databaseName: \"totoro\",\n engine: example.engine,\n engineVersion: example.engineVersion,\n globalClusterIdentifier: example.id,\n masterPassword: \"satsukimae\",\n masterUsername: \"maesatsuki\",\n skipFinalSnapshot: true,\n});\nconst primaryClusterInstance = new aws.rds.ClusterInstance(\"primary\", {\n applyImmediately: true,\n clusterIdentifier: primary.id,\n engine: primary.engine,\n engineVersion: primary.engineVersion,\n identifier: \"donetsklviv\",\n instanceClass: aws.rds.InstanceType.R4_Large,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.rds.GlobalCluster(\"example\",\n global_cluster_identifier=\"kyivkharkiv\",\n engine=\"aurora-mysql\",\n engine_version=\"5.7.mysql_aurora.2.07.5\")\nprimary = aws.rds.Cluster(\"primary\",\n allow_major_version_upgrade=True,\n apply_immediately=True,\n cluster_identifier=\"odessadnipro\",\n database_name=\"totoro\",\n engine=example.engine,\n engine_version=example.engine_version,\n global_cluster_identifier=example.id,\n master_password=\"satsukimae\",\n master_username=\"maesatsuki\",\n skip_final_snapshot=True)\nprimary_cluster_instance = aws.rds.ClusterInstance(\"primary\",\n apply_immediately=True,\n cluster_identifier=primary.id,\n engine=primary.engine,\n engine_version=primary.engine_version,\n identifier=\"donetsklviv\",\n instance_class=aws.rds.InstanceType.R4_LARGE)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Rds.GlobalCluster(\"example\", new()\n {\n GlobalClusterIdentifier = \"kyivkharkiv\",\n Engine = \"aurora-mysql\",\n EngineVersion = \"5.7.mysql_aurora.2.07.5\",\n });\n\n var primary = new Aws.Rds.Cluster(\"primary\", new()\n {\n AllowMajorVersionUpgrade = true,\n ApplyImmediately = true,\n ClusterIdentifier = \"odessadnipro\",\n DatabaseName = \"totoro\",\n Engine = example.Engine,\n EngineVersion = example.EngineVersion,\n GlobalClusterIdentifier = example.Id,\n MasterPassword = \"satsukimae\",\n MasterUsername = \"maesatsuki\",\n SkipFinalSnapshot = true,\n });\n\n var primaryClusterInstance = new Aws.Rds.ClusterInstance(\"primary\", new()\n {\n ApplyImmediately = true,\n ClusterIdentifier = primary.Id,\n Engine = primary.Engine,\n EngineVersion = primary.EngineVersion,\n Identifier = \"donetsklviv\",\n InstanceClass = Aws.Rds.InstanceType.R4_Large,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rds\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := rds.NewGlobalCluster(ctx, \"example\", \u0026rds.GlobalClusterArgs{\n\t\t\tGlobalClusterIdentifier: pulumi.String(\"kyivkharkiv\"),\n\t\t\tEngine: pulumi.String(\"aurora-mysql\"),\n\t\t\tEngineVersion: pulumi.String(\"5.7.mysql_aurora.2.07.5\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := rds.NewCluster(ctx, \"primary\", \u0026rds.ClusterArgs{\n\t\t\tAllowMajorVersionUpgrade: pulumi.Bool(true),\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tClusterIdentifier: pulumi.String(\"odessadnipro\"),\n\t\t\tDatabaseName: pulumi.String(\"totoro\"),\n\t\t\tEngine: example.Engine,\n\t\t\tEngineVersion: example.EngineVersion,\n\t\t\tGlobalClusterIdentifier: example.ID(),\n\t\t\tMasterPassword: pulumi.String(\"satsukimae\"),\n\t\t\tMasterUsername: pulumi.String(\"maesatsuki\"),\n\t\t\tSkipFinalSnapshot: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rds.NewClusterInstance(ctx, \"primary\", \u0026rds.ClusterInstanceArgs{\n\t\t\tApplyImmediately: pulumi.Bool(true),\n\t\t\tClusterIdentifier: primary.ID(),\n\t\t\tEngine: primary.Engine,\n\t\t\tEngineVersion: primary.EngineVersion,\n\t\t\tIdentifier: pulumi.String(\"donetsklviv\"),\n\t\t\tInstanceClass: pulumi.String(rds.InstanceType_R4_Large),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.rds.GlobalCluster;\nimport com.pulumi.aws.rds.GlobalClusterArgs;\nimport com.pulumi.aws.rds.Cluster;\nimport com.pulumi.aws.rds.ClusterArgs;\nimport com.pulumi.aws.rds.ClusterInstance;\nimport com.pulumi.aws.rds.ClusterInstanceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new GlobalCluster(\"example\", GlobalClusterArgs.builder() \n .globalClusterIdentifier(\"kyivkharkiv\")\n .engine(\"aurora-mysql\")\n .engineVersion(\"5.7.mysql_aurora.2.07.5\")\n .build());\n\n var primary = new Cluster(\"primary\", ClusterArgs.builder() \n .allowMajorVersionUpgrade(true)\n .applyImmediately(true)\n .clusterIdentifier(\"odessadnipro\")\n .databaseName(\"totoro\")\n .engine(example.engine())\n .engineVersion(example.engineVersion())\n .globalClusterIdentifier(example.id())\n .masterPassword(\"satsukimae\")\n .masterUsername(\"maesatsuki\")\n .skipFinalSnapshot(true)\n .build());\n\n var primaryClusterInstance = new ClusterInstance(\"primaryClusterInstance\", ClusterInstanceArgs.builder() \n .applyImmediately(true)\n .clusterIdentifier(primary.id())\n .engine(primary.engine())\n .engineVersion(primary.engineVersion())\n .identifier(\"donetsklviv\")\n .instanceClass(\"db.r4.large\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:rds:GlobalCluster\n properties:\n globalClusterIdentifier: kyivkharkiv\n engine: aurora-mysql\n engineVersion: 5.7.mysql_aurora.2.07.5\n primary:\n type: aws:rds:Cluster\n properties:\n allowMajorVersionUpgrade: true\n applyImmediately: true\n clusterIdentifier: odessadnipro\n databaseName: totoro\n engine: ${example.engine}\n engineVersion: ${example.engineVersion}\n globalClusterIdentifier: ${example.id}\n masterPassword: satsukimae\n masterUsername: maesatsuki\n skipFinalSnapshot: true\n primaryClusterInstance:\n type: aws:rds:ClusterInstance\n name: primary\n properties:\n applyImmediately: true\n clusterIdentifier: ${primary.id}\n engine: ${primary.engine}\n engineVersion: ${primary.engineVersion}\n identifier: donetsklviv\n instanceClass: db.r4.large\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_rds_global_cluster` using the RDS Global Cluster identifier. For example:\n\n```sh\n$ pulumi import aws:rds/globalCluster:GlobalCluster example example\n```\nCertain resource arguments, like `force_destroy`, only exist within this provider. If the argument is set in the the provider configuration on an imported resource, This provider will show a difference on the first plan after import to update the state value. This change is safe to apply immediately so the state matches the desired configuration.\n\nCertain resource arguments, like `source_db_cluster_identifier`, do not have an API method for reading the information after creation. If the argument is set in the Pulumi program on an imported resource, Pulumi will always show a difference. To workaround this behavior, either omit the argument from the Pulumi program or use `ignore_changes` to hide the difference. For example:\n\n", "properties": { "arn": { "type": "string", @@ -307135,7 +307135,7 @@ } }, "aws:redshift/authenticationProfile:AuthenticationProfile": { - "description": "Creates a Redshift authentication profile\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.AuthenticationProfile(\"example\", {\n authenticationProfileName: \"example\",\n authenticationProfileContent: JSON.stringify({\n allowDBUserOverride: \"1\",\n clientID: \"ExampleClientID\",\n appID: \"example\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.redshift.AuthenticationProfile(\"example\",\n authentication_profile_name=\"example\",\n authentication_profile_content=json.dumps({\n \"allowDBUserOverride\": \"1\",\n \"clientID\": \"ExampleClientID\",\n \"appID\": \"example\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.AuthenticationProfile(\"example\", new()\n {\n AuthenticationProfileName = \"example\",\n AuthenticationProfileContent = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"allowDBUserOverride\"] = \"1\",\n [\"clientID\"] = \"ExampleClientID\",\n [\"appID\"] = \"example\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"allowDBUserOverride\": \"1\",\n\t\t\t\"clientID\": \"ExampleClientID\",\n\t\t\t\"appID\": \"example\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = redshift.NewAuthenticationProfile(ctx, \"example\", \u0026redshift.AuthenticationProfileArgs{\n\t\t\tAuthenticationProfileName: pulumi.String(\"example\"),\n\t\t\tAuthenticationProfileContent: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.AuthenticationProfile;\nimport com.pulumi.aws.redshift.AuthenticationProfileArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthenticationProfile(\"example\", AuthenticationProfileArgs.builder() \n .authenticationProfileName(\"example\")\n .authenticationProfileContent(serializeJson(\n jsonObject(\n jsonProperty(\"allowDBUserOverride\", \"1\"),\n jsonProperty(\"clientID\", \"ExampleClientID\"),\n jsonProperty(\"appID\", \"example\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:AuthenticationProfile\n properties:\n authenticationProfileName: example\n authenticationProfileContent:\n fn::toJSON:\n allowDBUserOverride: '1'\n clientID: ExampleClientID\n appID: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Authentication by `authentication_profile_name`. For example:\n\n```sh\n$ pulumi import aws:redshift/authenticationProfile:AuthenticationProfile test example\n```\n", + "description": "Creates a Redshift authentication profile\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.AuthenticationProfile(\"example\", {\n authenticationProfileName: \"example\",\n authenticationProfileContent: JSON.stringify({\n AllowDBUserOverride: \"1\",\n Client_ID: \"ExampleClientID\",\n App_ID: \"example\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.redshift.AuthenticationProfile(\"example\",\n authentication_profile_name=\"example\",\n authentication_profile_content=json.dumps({\n \"AllowDBUserOverride\": \"1\",\n \"Client_ID\": \"ExampleClientID\",\n \"App_ID\": \"example\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.AuthenticationProfile(\"example\", new()\n {\n AuthenticationProfileName = \"example\",\n AuthenticationProfileContent = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"AllowDBUserOverride\"] = \"1\",\n [\"Client_ID\"] = \"ExampleClientID\",\n [\"App_ID\"] = \"example\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"AllowDBUserOverride\": \"1\",\n\t\t\t\"Client_ID\": \"ExampleClientID\",\n\t\t\t\"App_ID\": \"example\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = redshift.NewAuthenticationProfile(ctx, \"example\", \u0026redshift.AuthenticationProfileArgs{\n\t\t\tAuthenticationProfileName: pulumi.String(\"example\"),\n\t\t\tAuthenticationProfileContent: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.AuthenticationProfile;\nimport com.pulumi.aws.redshift.AuthenticationProfileArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AuthenticationProfile(\"example\", AuthenticationProfileArgs.builder() \n .authenticationProfileName(\"example\")\n .authenticationProfileContent(serializeJson(\n jsonObject(\n jsonProperty(\"AllowDBUserOverride\", \"1\"),\n jsonProperty(\"Client_ID\", \"ExampleClientID\"),\n jsonProperty(\"App_ID\", \"example\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:AuthenticationProfile\n properties:\n authenticationProfileName: example\n authenticationProfileContent:\n fn::toJSON:\n AllowDBUserOverride: '1'\n Client_ID: ExampleClientID\n App_ID: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Authentication by `authentication_profile_name`. For example:\n\n```sh\n$ pulumi import aws:redshift/authenticationProfile:AuthenticationProfile test example\n```\n", "properties": { "authenticationProfileContent": { "type": "string", @@ -307916,7 +307916,7 @@ } }, "aws:redshift/clusterSnapshot:ClusterSnapshot": { - "description": "Creates a Redshift cluster snapshot\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.ClusterSnapshot;\nimport com.pulumi.aws.redshift.ClusterSnapshotArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ClusterSnapshot(\"example\", ClusterSnapshotArgs.builder() \n .clusterSnapshotName(\"example\")\n .clusterSnapshotContent(serializeJson(\n jsonObject(\n jsonProperty(\"allowDBUserOverride\", \"1\"),\n jsonProperty(\"clientID\", \"ExampleClientID\"),\n jsonProperty(\"appID\", \"example\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:ClusterSnapshot\n properties:\n clusterSnapshotName: example\n clusterSnapshotContent:\n fn::toJSON:\n allowDBUserOverride: '1'\n clientID: ExampleClientID\n appID: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Cluster Snapshots using `snapshot_identifier`. For example:\n\n```sh\n$ pulumi import aws:redshift/clusterSnapshot:ClusterSnapshot test example\n```\n", + "description": "Creates a Redshift cluster snapshot\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.ClusterSnapshot;\nimport com.pulumi.aws.redshift.ClusterSnapshotArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ClusterSnapshot(\"example\", ClusterSnapshotArgs.builder() \n .clusterSnapshotName(\"example\")\n .clusterSnapshotContent(serializeJson(\n jsonObject(\n jsonProperty(\"AllowDBUserOverride\", \"1\"),\n jsonProperty(\"Client_ID\", \"ExampleClientID\"),\n jsonProperty(\"App_ID\", \"example\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:ClusterSnapshot\n properties:\n clusterSnapshotName: example\n clusterSnapshotContent:\n fn::toJSON:\n AllowDBUserOverride: '1'\n Client_ID: ExampleClientID\n App_ID: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Cluster Snapshots using `snapshot_identifier`. For example:\n\n```sh\n$ pulumi import aws:redshift/clusterSnapshot:ClusterSnapshot test example\n```\n", "properties": { "arn": { "type": "string", @@ -309139,7 +309139,7 @@ } }, "aws:redshift/resourcePolicy:ResourcePolicy": { - "description": "Creates a new Amazon Redshift Resource Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsRedshiftCluster.clusterNamespaceArn,\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n AWS: \"arn:aws:iam::12345678901:root\",\n },\n action: \"redshift:CreateInboundIntegration\",\n resource: exampleAwsRedshiftCluster.clusterNamespaceArn,\n sid: \"\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.redshift.ResourcePolicy(\"example\",\n resource_arn=example_aws_redshift_cluster[\"clusterNamespaceArn\"],\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": \"arn:aws:iam::12345678901:root\",\n },\n \"action\": \"redshift:CreateInboundIntegration\",\n \"resource\": example_aws_redshift_cluster[\"clusterNamespaceArn\"],\n \"sid\": \"\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsRedshiftCluster.ClusterNamespaceArn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"arn:aws:iam::12345678901:root\",\n },\n [\"action\"] = \"redshift:CreateInboundIntegration\",\n [\"resource\"] = exampleAwsRedshiftCluster.ClusterNamespaceArn,\n [\"sid\"] = \"\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"arn:aws:iam::12345678901:root\",\n\t\t\t\t\t},\n\t\t\t\t\t\"action\": \"redshift:CreateInboundIntegration\",\n\t\t\t\t\t\"resource\": exampleAwsRedshiftCluster.ClusterNamespaceArn,\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = redshift.NewResourcePolicy(ctx, \"example\", \u0026redshift.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsRedshiftCluster.ClusterNamespaceArn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.ResourcePolicy;\nimport com.pulumi.aws.redshift.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder() \n .resourceArn(exampleAwsRedshiftCluster.clusterNamespaceArn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", \"arn:aws:iam::12345678901:root\")\n )),\n jsonProperty(\"action\", \"redshift:CreateInboundIntegration\"),\n jsonProperty(\"resource\", exampleAwsRedshiftCluster.clusterNamespaceArn()),\n jsonProperty(\"sid\", \"\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsRedshiftCluster.clusterNamespaceArn}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - effect: Allow\n principal:\n AWS: arn:aws:iam::12345678901:root\n action: redshift:CreateInboundIntegration\n resource: ${exampleAwsRedshiftCluster.clusterNamespaceArn}\n sid:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Resource Policies using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:redshift/resourcePolicy:ResourcePolicy example example\n```\n", + "description": "Creates a new Amazon Redshift Resource Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshift.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsRedshiftCluster.clusterNamespaceArn,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Principal: {\n AWS: \"arn:aws:iam::12345678901:root\",\n },\n Action: \"redshift:CreateInboundIntegration\",\n Resource: exampleAwsRedshiftCluster.clusterNamespaceArn,\n Sid: \"\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.redshift.ResourcePolicy(\"example\",\n resource_arn=example_aws_redshift_cluster[\"clusterNamespaceArn\"],\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::12345678901:root\",\n },\n \"Action\": \"redshift:CreateInboundIntegration\",\n \"Resource\": example_aws_redshift_cluster[\"clusterNamespaceArn\"],\n \"Sid\": \"\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedShift.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsRedshiftCluster.ClusterNamespaceArn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"arn:aws:iam::12345678901:root\",\n },\n [\"Action\"] = \"redshift:CreateInboundIntegration\",\n [\"Resource\"] = exampleAwsRedshiftCluster.ClusterNamespaceArn,\n [\"Sid\"] = \"\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshift\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"arn:aws:iam::12345678901:root\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"redshift:CreateInboundIntegration\",\n\t\t\t\t\t\"Resource\": exampleAwsRedshiftCluster.ClusterNamespaceArn,\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = redshift.NewResourcePolicy(ctx, \"example\", \u0026redshift.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsRedshiftCluster.ClusterNamespaceArn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshift.ResourcePolicy;\nimport com.pulumi.aws.redshift.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder() \n .resourceArn(exampleAwsRedshiftCluster.clusterNamespaceArn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"arn:aws:iam::12345678901:root\")\n )),\n jsonProperty(\"Action\", \"redshift:CreateInboundIntegration\"),\n jsonProperty(\"Resource\", exampleAwsRedshiftCluster.clusterNamespaceArn()),\n jsonProperty(\"Sid\", \"\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshift:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsRedshiftCluster.clusterNamespaceArn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Principal:\n AWS: arn:aws:iam::12345678901:root\n Action: redshift:CreateInboundIntegration\n Resource: ${exampleAwsRedshiftCluster.clusterNamespaceArn}\n Sid:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Resource Policies using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:redshift/resourcePolicy:ResourcePolicy example example\n```\n", "properties": { "policy": { "type": "string", @@ -310473,7 +310473,7 @@ } }, "aws:redshiftserverless/resourcePolicy:ResourcePolicy": { - "description": "Creates a new Amazon Redshift Serverless Resource Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshiftserverless.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsRedshiftserverlessSnapshot.arn,\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n effect: \"Allow\",\n principal: {\n AWS: [\"12345678901\"],\n },\n action: [\"redshift-serverless:RestoreFromSnapshot\"],\n sid: \"\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.ResourcePolicy(\"example\",\n resource_arn=example_aws_redshiftserverless_snapshot[\"arn\"],\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": [\"12345678901\"],\n },\n \"action\": [\"redshift-serverless:RestoreFromSnapshot\"],\n \"sid\": \"\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedshiftServerless.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsRedshiftserverlessSnapshot.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = new[]\n {\n \"12345678901\",\n },\n },\n [\"action\"] = new[]\n {\n \"redshift-serverless:RestoreFromSnapshot\",\n },\n [\"sid\"] = \"\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": []string{\n\t\t\t\t\t\t\t\"12345678901\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"redshift-serverless:RestoreFromSnapshot\",\n\t\t\t\t\t},\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = redshiftserverless.NewResourcePolicy(ctx, \"example\", \u0026redshiftserverless.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsRedshiftserverlessSnapshot.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.ResourcePolicy;\nimport com.pulumi.aws.redshiftserverless.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder() \n .resourceArn(exampleAwsRedshiftserverlessSnapshot.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", jsonArray(\"12345678901\"))\n )),\n jsonProperty(\"action\", jsonArray(\"redshift-serverless:RestoreFromSnapshot\")),\n jsonProperty(\"sid\", \"\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshiftserverless:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsRedshiftserverlessSnapshot.arn}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - effect: Allow\n principal:\n AWS:\n - '12345678901'\n action:\n - redshift-serverless:RestoreFromSnapshot\n sid:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Serverless Resource Policies using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:redshiftserverless/resourcePolicy:ResourcePolicy example example\n```\n", + "description": "Creates a new Amazon Redshift Serverless Resource Policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.redshiftserverless.ResourcePolicy(\"example\", {\n resourceArn: exampleAwsRedshiftserverlessSnapshot.arn,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Principal: {\n AWS: [\"12345678901\"],\n },\n Action: [\"redshift-serverless:RestoreFromSnapshot\"],\n Sid: \"\",\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.redshiftserverless.ResourcePolicy(\"example\",\n resource_arn=example_aws_redshiftserverless_snapshot[\"arn\"],\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": [\"12345678901\"],\n },\n \"Action\": [\"redshift-serverless:RestoreFromSnapshot\"],\n \"Sid\": \"\",\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.RedshiftServerless.ResourcePolicy(\"example\", new()\n {\n ResourceArn = exampleAwsRedshiftserverlessSnapshot.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = new[]\n {\n \"12345678901\",\n },\n },\n [\"Action\"] = new[]\n {\n \"redshift-serverless:RestoreFromSnapshot\",\n },\n [\"Sid\"] = \"\",\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/redshiftserverless\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": []string{\n\t\t\t\t\t\t\t\"12345678901\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"redshift-serverless:RestoreFromSnapshot\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = redshiftserverless.NewResourcePolicy(ctx, \"example\", \u0026redshiftserverless.ResourcePolicyArgs{\n\t\t\tResourceArn: pulumi.Any(exampleAwsRedshiftserverlessSnapshot.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.redshiftserverless.ResourcePolicy;\nimport com.pulumi.aws.redshiftserverless.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourcePolicy(\"example\", ResourcePolicyArgs.builder() \n .resourceArn(exampleAwsRedshiftserverlessSnapshot.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", jsonArray(\"12345678901\"))\n )),\n jsonProperty(\"Action\", jsonArray(\"redshift-serverless:RestoreFromSnapshot\")),\n jsonProperty(\"Sid\", \"\")\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:redshiftserverless:ResourcePolicy\n properties:\n resourceArn: ${exampleAwsRedshiftserverlessSnapshot.arn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Principal:\n AWS:\n - '12345678901'\n Action:\n - redshift-serverless:RestoreFromSnapshot\n Sid:\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Redshift Serverless Resource Policies using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:redshiftserverless/resourcePolicy:ResourcePolicy example example\n```\n", "properties": { "policy": { "type": "string", @@ -311254,7 +311254,7 @@ } }, "aws:resourceexplorer/view:View": { - "description": "Provides a resource to manage a Resource Explorer view.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.resourceexplorer.Index(\"example\", {type: \"LOCAL\"});\nconst exampleView = new aws.resourceexplorer.View(\"example\", {\n name: \"exampleview\",\n filters: {\n filterString: \"resourcetype:ec2:instance\",\n },\n includedProperties: [{\n name: \"tags\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.resourceexplorer.Index(\"example\", type=\"LOCAL\")\nexample_view = aws.resourceexplorer.View(\"example\",\n name=\"exampleview\",\n filters=aws.resourceexplorer.ViewFiltersArgs(\n filter_string=\"resourcetype:ec2:instance\",\n ),\n included_properties=[aws.resourceexplorer.ViewIncludedPropertyArgs(\n name=\"tags\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ResourceExplorer.Index(\"example\", new()\n {\n Type = \"LOCAL\",\n });\n\n var exampleView = new Aws.ResourceExplorer.View(\"example\", new()\n {\n Name = \"exampleview\",\n Filters = new Aws.ResourceExplorer.Inputs.ViewFiltersArgs\n {\n FilterString = \"resourcetype:ec2:instance\",\n },\n IncludedProperties = new[]\n {\n new Aws.ResourceExplorer.Inputs.ViewIncludedPropertyArgs\n {\n Name = \"tags\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourceexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := resourceexplorer.NewIndex(ctx, \"example\", \u0026resourceexplorer.IndexArgs{\n\t\t\tType: pulumi.String(\"LOCAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = resourceexplorer.NewView(ctx, \"example\", \u0026resourceexplorer.ViewArgs{\n\t\t\tName: pulumi.String(\"exampleview\"),\n\t\t\tFilters: \u0026resourceexplorer.ViewFiltersArgs{\n\t\t\t\tFilterString: pulumi.String(\"resourcetype:ec2:instance\"),\n\t\t\t},\n\t\t\tIncludedProperties: resourceexplorer.ViewIncludedPropertyArray{\n\t\t\t\t\u0026resourceexplorer.ViewIncludedPropertyArgs{\n\t\t\t\t\tName: pulumi.String(\"tags\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourceexplorer.Index;\nimport com.pulumi.aws.resourceexplorer.IndexArgs;\nimport com.pulumi.aws.resourceexplorer.View;\nimport com.pulumi.aws.resourceexplorer.ViewArgs;\nimport com.pulumi.aws.resourceexplorer.inputs.ViewFiltersArgs;\nimport com.pulumi.aws.resourceexplorer.inputs.ViewIncludedPropertyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder() \n .type(\"LOCAL\")\n .build());\n\n var exampleView = new View(\"exampleView\", ViewArgs.builder() \n .name(\"exampleview\")\n .filters(ViewFiltersArgs.builder()\n .filterString(\"resourcetype:ec2:instance\")\n .build())\n .includedProperties(ViewIncludedPropertyArgs.builder()\n .name(\"tags\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:resourceexplorer:Index\n properties:\n type: LOCAL\n exampleView:\n type: aws:resourceexplorer:View\n name: example\n properties:\n name: exampleview\n filters:\n filterString: resourcetype:ec2:instance\n includedProperties:\n - name: tags\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Resource Explorer views using the `arn`. For example:\n\n```sh\n$ pulumi import aws:resourceexplorer/view:View example arn:aws:resource-explorer-2:us-west-2:123456789012:view/exampleview/e0914f6c-6c27-4b47-b5d4-6b28381a2421\n```\n", + "description": "Provides a resource to manage a Resource Explorer view.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.resourceexplorer.Index(\"example\", {type: \"LOCAL\"});\nconst exampleView = new aws.resourceexplorer.View(\"example\", {\n name: \"exampleview\",\n filters: {\n filterString: \"resourcetype:ec2:instance\",\n },\n includedProperties: [{\n name: \"tags\",\n }],\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.resourceexplorer.Index(\"example\", type=\"LOCAL\")\nexample_view = aws.resourceexplorer.View(\"example\",\n name=\"exampleview\",\n filters=aws.resourceexplorer.ViewFiltersArgs(\n filter_string=\"resourcetype:ec2:instance\",\n ),\n included_properties=[aws.resourceexplorer.ViewIncludedPropertyArgs(\n name=\"tags\",\n )],\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.ResourceExplorer.Index(\"example\", new()\n {\n Type = \"LOCAL\",\n });\n\n var exampleView = new Aws.ResourceExplorer.View(\"example\", new()\n {\n Name = \"exampleview\",\n Filters = new Aws.ResourceExplorer.Inputs.ViewFiltersArgs\n {\n FilterString = \"resourcetype:ec2:instance\",\n },\n IncludedProperties = new[]\n {\n new Aws.ResourceExplorer.Inputs.ViewIncludedPropertyArgs\n {\n Name = \"tags\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/resourceexplorer\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := resourceexplorer.NewIndex(ctx, \"example\", \u0026resourceexplorer.IndexArgs{\n\t\t\tType: pulumi.String(\"LOCAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = resourceexplorer.NewView(ctx, \"example\", \u0026resourceexplorer.ViewArgs{\n\t\t\tName: pulumi.String(\"exampleview\"),\n\t\t\tFilters: \u0026resourceexplorer.ViewFiltersArgs{\n\t\t\t\tFilterString: pulumi.String(\"resourcetype:ec2:instance\"),\n\t\t\t},\n\t\t\tIncludedProperties: resourceexplorer.ViewIncludedPropertyArray{\n\t\t\t\t\u0026resourceexplorer.ViewIncludedPropertyArgs{\n\t\t\t\t\tName: pulumi.String(\"tags\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.resourceexplorer.Index;\nimport com.pulumi.aws.resourceexplorer.IndexArgs;\nimport com.pulumi.aws.resourceexplorer.View;\nimport com.pulumi.aws.resourceexplorer.ViewArgs;\nimport com.pulumi.aws.resourceexplorer.inputs.ViewFiltersArgs;\nimport com.pulumi.aws.resourceexplorer.inputs.ViewIncludedPropertyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Index(\"example\", IndexArgs.builder() \n .type(\"LOCAL\")\n .build());\n\n var exampleView = new View(\"exampleView\", ViewArgs.builder() \n .name(\"exampleview\")\n .filters(ViewFiltersArgs.builder()\n .filterString(\"resourcetype:ec2:instance\")\n .build())\n .includedProperties(ViewIncludedPropertyArgs.builder()\n .name(\"tags\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:resourceexplorer:Index\n properties:\n type: LOCAL\n exampleView:\n type: aws:resourceexplorer:View\n name: example\n properties:\n name: exampleview\n filters:\n filterString: resourcetype:ec2:instance\n includedProperties:\n - name: tags\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Resource Explorer views using the `arn`. For example:\n\n```sh\n$ pulumi import aws:resourceexplorer/view:View example arn:aws:resource-explorer-2:us-west-2:123456789012:view/exampleview/e0914f6c-6c27-4b47-b5d4-6b28381a2421\n```\n", "properties": { "arn": { "type": "string", @@ -311555,7 +311555,7 @@ } }, "aws:rolesanywhere/profile:Profile": { - "description": "Resource for managing a Roles Anywhere Profile.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.iam.Role(\"test\", {\n name: \"test\",\n path: \"/\",\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n \"sts:SetSourceIdentity\",\n ],\n principal: {\n service: \"rolesanywhere.amazonaws.com\",\n },\n effect: \"Allow\",\n sid: \"\",\n }],\n }),\n});\nconst testProfile = new aws.rolesanywhere.Profile(\"test\", {\n name: \"example\",\n roleArns: [test.arn],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.iam.Role(\"test\",\n name=\"test\",\n path=\"/\",\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n \"sts:SetSourceIdentity\",\n ],\n \"principal\": {\n \"service\": \"rolesanywhere.amazonaws.com\",\n },\n \"effect\": \"Allow\",\n \"sid\": \"\",\n }],\n }))\ntest_profile = aws.rolesanywhere.Profile(\"test\",\n name=\"example\",\n role_arns=[test.arn])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Iam.Role(\"test\", new()\n {\n Name = \"test\",\n Path = \"/\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n \"sts:SetSourceIdentity\",\n },\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"rolesanywhere.amazonaws.com\",\n },\n [\"effect\"] = \"Allow\",\n [\"sid\"] = \"\",\n },\n },\n }),\n });\n\n var testProfile = new Aws.RolesAnywhere.Profile(\"test\", new()\n {\n Name = \"example\",\n RoleArns = new[]\n {\n test.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rolesanywhere\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t\"sts:TagSession\",\n\t\t\t\t\t\t\"sts:SetSourceIdentity\",\n\t\t\t\t\t},\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"rolesanywhere.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"sid\": \"\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttest, err := iam.NewRole(ctx, \"test\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rolesanywhere.NewProfile(ctx, \"test\", \u0026rolesanywhere.ProfileArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArns: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.rolesanywhere.Profile;\nimport com.pulumi.aws.rolesanywhere.ProfileArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Role(\"test\", RoleArgs.builder() \n .name(\"test\")\n .path(\"/\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\n \"sts:AssumeRole\", \n \"sts:TagSession\", \n \"sts:SetSourceIdentity\"\n )),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"rolesanywhere.amazonaws.com\")\n )),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"sid\", \"\")\n )))\n )))\n .build());\n\n var testProfile = new Profile(\"testProfile\", ProfileArgs.builder() \n .name(\"example\")\n .roleArns(test.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:iam:Role\n properties:\n name: test\n path: /\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - sts:AssumeRole\n - sts:TagSession\n - sts:SetSourceIdentity\n principal:\n service: rolesanywhere.amazonaws.com\n effect: Allow\n sid:\n testProfile:\n type: aws:rolesanywhere:Profile\n name: test\n properties:\n name: example\n roleArns:\n - ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_rolesanywhere_profile` using its `id`. For example:\n\n```sh\n$ pulumi import aws:rolesanywhere/profile:Profile example db138a85-8925-4f9f-a409-08231233cacf\n```\n", + "description": "Resource for managing a Roles Anywhere Profile.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.iam.Role(\"test\", {\n name: \"test\",\n path: \"/\",\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n \"sts:SetSourceIdentity\",\n ],\n Principal: {\n Service: \"rolesanywhere.amazonaws.com\",\n },\n Effect: \"Allow\",\n Sid: \"\",\n }],\n }),\n});\nconst testProfile = new aws.rolesanywhere.Profile(\"test\", {\n name: \"example\",\n roleArns: [test.arn],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.iam.Role(\"test\",\n name=\"test\",\n path=\"/\",\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n \"sts:SetSourceIdentity\",\n ],\n \"Principal\": {\n \"Service\": \"rolesanywhere.amazonaws.com\",\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\",\n }],\n }))\ntest_profile = aws.rolesanywhere.Profile(\"test\",\n name=\"example\",\n role_arns=[test.arn])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Iam.Role(\"test\", new()\n {\n Name = \"test\",\n Path = \"/\",\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"sts:AssumeRole\",\n \"sts:TagSession\",\n \"sts:SetSourceIdentity\",\n },\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"rolesanywhere.amazonaws.com\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Sid\"] = \"\",\n },\n },\n }),\n });\n\n var testProfile = new Aws.RolesAnywhere.Profile(\"test\", new()\n {\n Name = \"example\",\n RoleArns = new[]\n {\n test.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rolesanywhere\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t\t\"sts:TagSession\",\n\t\t\t\t\t\t\"sts:SetSourceIdentity\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"rolesanywhere.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttest, err := iam.NewRole(ctx, \"test\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test\"),\n\t\t\tPath: pulumi.String(\"/\"),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rolesanywhere.NewProfile(ctx, \"test\", \u0026rolesanywhere.ProfileArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRoleArns: pulumi.StringArray{\n\t\t\t\ttest.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.rolesanywhere.Profile;\nimport com.pulumi.aws.rolesanywhere.ProfileArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Role(\"test\", RoleArgs.builder() \n .name(\"test\")\n .path(\"/\")\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"sts:AssumeRole\", \n \"sts:TagSession\", \n \"sts:SetSourceIdentity\"\n )),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"rolesanywhere.amazonaws.com\")\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Sid\", \"\")\n )))\n )))\n .build());\n\n var testProfile = new Profile(\"testProfile\", ProfileArgs.builder() \n .name(\"example\")\n .roleArns(test.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:iam:Role\n properties:\n name: test\n path: /\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - sts:AssumeRole\n - sts:TagSession\n - sts:SetSourceIdentity\n Principal:\n Service: rolesanywhere.amazonaws.com\n Effect: Allow\n Sid:\n testProfile:\n type: aws:rolesanywhere:Profile\n name: test\n properties:\n name: example\n roleArns:\n - ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_rolesanywhere_profile` using its `id`. For example:\n\n```sh\n$ pulumi import aws:rolesanywhere/profile:Profile example db138a85-8925-4f9f-a409-08231233cacf\n```\n", "properties": { "arn": { "type": "string", @@ -311725,7 +311725,7 @@ } }, "aws:rolesanywhere/trustAnchor:TrustAnchor": { - "description": "Resource for managing a Roles Anywhere Trust Anchor.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acmpca.CertificateAuthority(\"example\", {\n permanentDeletionTimeInDays: 7,\n type: \"ROOT\",\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n});\nconst current = aws.getPartition({});\nconst test = new aws.acmpca.Certificate(\"test\", {\n certificateAuthorityArn: example.arn,\n certificateSigningRequest: example.certificateSigningRequest,\n signingAlgorithm: \"SHA512WITHRSA\",\n templateArn: current.then(current =\u003e `arn:${current.partition}:acm-pca:::template/RootCACertificate/V1`),\n validity: {\n type: \"YEARS\",\n value: \"1\",\n },\n});\nconst exampleCertificateAuthorityCertificate = new aws.acmpca.CertificateAuthorityCertificate(\"example\", {\n certificateAuthorityArn: example.arn,\n certificate: exampleAwsAcmpcaCertificate.certificate,\n certificateChain: exampleAwsAcmpcaCertificate.certificateChain,\n});\nconst testTrustAnchor = new aws.rolesanywhere.TrustAnchor(\"test\", {\n name: \"example\",\n source: {\n sourceData: {\n acmPcaArn: example.arn,\n },\n sourceType: \"AWS_ACM_PCA\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.CertificateAuthority(\"example\",\n permanent_deletion_time_in_days=7,\n type=\"ROOT\",\n certificate_authority_configuration=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs(\n key_algorithm=\"RSA_4096\",\n signing_algorithm=\"SHA512WITHRSA\",\n subject=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs(\n common_name=\"example.com\",\n ),\n ))\ncurrent = aws.get_partition()\ntest = aws.acmpca.Certificate(\"test\",\n certificate_authority_arn=example.arn,\n certificate_signing_request=example.certificate_signing_request,\n signing_algorithm=\"SHA512WITHRSA\",\n template_arn=f\"arn:{current.partition}:acm-pca:::template/RootCACertificate/V1\",\n validity=aws.acmpca.CertificateValidityArgs(\n type=\"YEARS\",\n value=\"1\",\n ))\nexample_certificate_authority_certificate = aws.acmpca.CertificateAuthorityCertificate(\"example\",\n certificate_authority_arn=example.arn,\n certificate=example_aws_acmpca_certificate[\"certificate\"],\n certificate_chain=example_aws_acmpca_certificate[\"certificateChain\"])\ntest_trust_anchor = aws.rolesanywhere.TrustAnchor(\"test\",\n name=\"example\",\n source=aws.rolesanywhere.TrustAnchorSourceArgs(\n source_data=aws.rolesanywhere.TrustAnchorSourceSourceDataArgs(\n acm_pca_arn=example.arn,\n ),\n source_type=\"AWS_ACM_PCA\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n PermanentDeletionTimeInDays = 7,\n Type = \"ROOT\",\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var test = new Aws.Acmpca.Certificate(\"test\", new()\n {\n CertificateAuthorityArn = example.Arn,\n CertificateSigningRequest = example.CertificateSigningRequest,\n SigningAlgorithm = \"SHA512WITHRSA\",\n TemplateArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:acm-pca:::template/RootCACertificate/V1\",\n Validity = new Aws.Acmpca.Inputs.CertificateValidityArgs\n {\n Type = \"YEARS\",\n Value = \"1\",\n },\n });\n\n var exampleCertificateAuthorityCertificate = new Aws.Acmpca.CertificateAuthorityCertificate(\"example\", new()\n {\n CertificateAuthorityArn = example.Arn,\n Certificate = exampleAwsAcmpcaCertificate.Certificate,\n CertificateChain = exampleAwsAcmpcaCertificate.CertificateChain,\n });\n\n var testTrustAnchor = new Aws.RolesAnywhere.TrustAnchor(\"test\", new()\n {\n Name = \"example\",\n Source = new Aws.RolesAnywhere.Inputs.TrustAnchorSourceArgs\n {\n SourceData = new Aws.RolesAnywhere.Inputs.TrustAnchorSourceSourceDataArgs\n {\n AcmPcaArn = example.Arn,\n },\n SourceType = \"AWS_ACM_PCA\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rolesanywhere\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tPermanentDeletionTimeInDays: pulumi.Int(7),\n\t\t\tType: pulumi.String(\"ROOT\"),\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificate(ctx, \"test\", \u0026acmpca.CertificateArgs{\n\t\t\tCertificateAuthorityArn: example.Arn,\n\t\t\tCertificateSigningRequest: example.CertificateSigningRequest,\n\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\tTemplateArn: pulumi.String(fmt.Sprintf(\"arn:%v:acm-pca:::template/RootCACertificate/V1\", current.Partition)),\n\t\t\tValidity: \u0026acmpca.CertificateValidityArgs{\n\t\t\t\tType: pulumi.String(\"YEARS\"),\n\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificateAuthorityCertificate(ctx, \"example\", \u0026acmpca.CertificateAuthorityCertificateArgs{\n\t\t\tCertificateAuthorityArn: example.Arn,\n\t\t\tCertificate: pulumi.Any(exampleAwsAcmpcaCertificate.Certificate),\n\t\t\tCertificateChain: pulumi.Any(exampleAwsAcmpcaCertificate.CertificateChain),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rolesanywhere.NewTrustAnchor(ctx, \"test\", \u0026rolesanywhere.TrustAnchorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSource: \u0026rolesanywhere.TrustAnchorSourceArgs{\n\t\t\t\tSourceData: \u0026rolesanywhere.TrustAnchorSourceSourceDataArgs{\n\t\t\t\t\tAcmPcaArn: example.Arn,\n\t\t\t\t},\n\t\t\t\tSourceType: pulumi.String(\"AWS_ACM_PCA\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.acmpca.Certificate;\nimport com.pulumi.aws.acmpca.CertificateArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateValidityArgs;\nimport com.pulumi.aws.acmpca.CertificateAuthorityCertificate;\nimport com.pulumi.aws.acmpca.CertificateAuthorityCertificateArgs;\nimport com.pulumi.aws.rolesanywhere.TrustAnchor;\nimport com.pulumi.aws.rolesanywhere.TrustAnchorArgs;\nimport com.pulumi.aws.rolesanywhere.inputs.TrustAnchorSourceArgs;\nimport com.pulumi.aws.rolesanywhere.inputs.TrustAnchorSourceSourceDataArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CertificateAuthority(\"example\", CertificateAuthorityArgs.builder() \n .permanentDeletionTimeInDays(7)\n .type(\"ROOT\")\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n var test = new Certificate(\"test\", CertificateArgs.builder() \n .certificateAuthorityArn(example.arn())\n .certificateSigningRequest(example.certificateSigningRequest())\n .signingAlgorithm(\"SHA512WITHRSA\")\n .templateArn(String.format(\"arn:%s:acm-pca:::template/RootCACertificate/V1\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .validity(CertificateValidityArgs.builder()\n .type(\"YEARS\")\n .value(1)\n .build())\n .build());\n\n var exampleCertificateAuthorityCertificate = new CertificateAuthorityCertificate(\"exampleCertificateAuthorityCertificate\", CertificateAuthorityCertificateArgs.builder() \n .certificateAuthorityArn(example.arn())\n .certificate(exampleAwsAcmpcaCertificate.certificate())\n .certificateChain(exampleAwsAcmpcaCertificate.certificateChain())\n .build());\n\n var testTrustAnchor = new TrustAnchor(\"testTrustAnchor\", TrustAnchorArgs.builder() \n .name(\"example\")\n .source(TrustAnchorSourceArgs.builder()\n .sourceData(TrustAnchorSourceSourceDataArgs.builder()\n .acmPcaArn(example.arn())\n .build())\n .sourceType(\"AWS_ACM_PCA\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:CertificateAuthority\n properties:\n permanentDeletionTimeInDays: 7\n type: ROOT\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n test:\n type: aws:acmpca:Certificate\n properties:\n certificateAuthorityArn: ${example.arn}\n certificateSigningRequest: ${example.certificateSigningRequest}\n signingAlgorithm: SHA512WITHRSA\n templateArn: arn:${current.partition}:acm-pca:::template/RootCACertificate/V1\n validity:\n type: YEARS\n value: 1\n exampleCertificateAuthorityCertificate:\n type: aws:acmpca:CertificateAuthorityCertificate\n name: example\n properties:\n certificateAuthorityArn: ${example.arn}\n certificate: ${exampleAwsAcmpcaCertificate.certificate}\n certificateChain: ${exampleAwsAcmpcaCertificate.certificateChain}\n testTrustAnchor:\n type: aws:rolesanywhere:TrustAnchor\n name: test\n properties:\n name: example\n source:\n sourceData:\n acmPcaArn: ${example.arn}\n sourceType: AWS_ACM_PCA\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_rolesanywhere_trust_anchor` using its `id`. For example:\n\n```sh\n$ pulumi import aws:rolesanywhere/trustAnchor:TrustAnchor example 92b2fbbb-984d-41a3-a765-e3cbdb69ebb1\n```\n", + "description": "Resource for managing a Roles Anywhere Trust Anchor.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.acmpca.CertificateAuthority(\"example\", {\n permanentDeletionTimeInDays: 7,\n type: \"ROOT\",\n certificateAuthorityConfiguration: {\n keyAlgorithm: \"RSA_4096\",\n signingAlgorithm: \"SHA512WITHRSA\",\n subject: {\n commonName: \"example.com\",\n },\n },\n});\nconst current = aws.getPartition({});\nconst test = new aws.acmpca.Certificate(\"test\", {\n certificateAuthorityArn: example.arn,\n certificateSigningRequest: example.certificateSigningRequest,\n signingAlgorithm: \"SHA512WITHRSA\",\n templateArn: current.then(current =\u003e `arn:${current.partition}:acm-pca:::template/RootCACertificate/V1`),\n validity: {\n type: \"YEARS\",\n value: \"1\",\n },\n});\nconst exampleCertificateAuthorityCertificate = new aws.acmpca.CertificateAuthorityCertificate(\"example\", {\n certificateAuthorityArn: example.arn,\n certificate: exampleAwsAcmpcaCertificate.certificate,\n certificateChain: exampleAwsAcmpcaCertificate.certificateChain,\n});\nconst testTrustAnchor = new aws.rolesanywhere.TrustAnchor(\"test\", {\n name: \"example\",\n source: {\n sourceData: {\n acmPcaArn: example.arn,\n },\n sourceType: \"AWS_ACM_PCA\",\n },\n}, {\n dependsOn: [exampleCertificateAuthorityCertificate],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.acmpca.CertificateAuthority(\"example\",\n permanent_deletion_time_in_days=7,\n type=\"ROOT\",\n certificate_authority_configuration=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs(\n key_algorithm=\"RSA_4096\",\n signing_algorithm=\"SHA512WITHRSA\",\n subject=aws.acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs(\n common_name=\"example.com\",\n ),\n ))\ncurrent = aws.get_partition()\ntest = aws.acmpca.Certificate(\"test\",\n certificate_authority_arn=example.arn,\n certificate_signing_request=example.certificate_signing_request,\n signing_algorithm=\"SHA512WITHRSA\",\n template_arn=f\"arn:{current.partition}:acm-pca:::template/RootCACertificate/V1\",\n validity=aws.acmpca.CertificateValidityArgs(\n type=\"YEARS\",\n value=\"1\",\n ))\nexample_certificate_authority_certificate = aws.acmpca.CertificateAuthorityCertificate(\"example\",\n certificate_authority_arn=example.arn,\n certificate=example_aws_acmpca_certificate[\"certificate\"],\n certificate_chain=example_aws_acmpca_certificate[\"certificateChain\"])\ntest_trust_anchor = aws.rolesanywhere.TrustAnchor(\"test\",\n name=\"example\",\n source=aws.rolesanywhere.TrustAnchorSourceArgs(\n source_data=aws.rolesanywhere.TrustAnchorSourceSourceDataArgs(\n acm_pca_arn=example.arn,\n ),\n source_type=\"AWS_ACM_PCA\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_certificate_authority_certificate]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Acmpca.CertificateAuthority(\"example\", new()\n {\n PermanentDeletionTimeInDays = 7,\n Type = \"ROOT\",\n CertificateAuthorityConfiguration = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs\n {\n KeyAlgorithm = \"RSA_4096\",\n SigningAlgorithm = \"SHA512WITHRSA\",\n Subject = new Aws.Acmpca.Inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs\n {\n CommonName = \"example.com\",\n },\n },\n });\n\n var current = Aws.GetPartition.Invoke();\n\n var test = new Aws.Acmpca.Certificate(\"test\", new()\n {\n CertificateAuthorityArn = example.Arn,\n CertificateSigningRequest = example.CertificateSigningRequest,\n SigningAlgorithm = \"SHA512WITHRSA\",\n TemplateArn = $\"arn:{current.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:acm-pca:::template/RootCACertificate/V1\",\n Validity = new Aws.Acmpca.Inputs.CertificateValidityArgs\n {\n Type = \"YEARS\",\n Value = \"1\",\n },\n });\n\n var exampleCertificateAuthorityCertificate = new Aws.Acmpca.CertificateAuthorityCertificate(\"example\", new()\n {\n CertificateAuthorityArn = example.Arn,\n Certificate = exampleAwsAcmpcaCertificate.Certificate,\n CertificateChain = exampleAwsAcmpcaCertificate.CertificateChain,\n });\n\n var testTrustAnchor = new Aws.RolesAnywhere.TrustAnchor(\"test\", new()\n {\n Name = \"example\",\n Source = new Aws.RolesAnywhere.Inputs.TrustAnchorSourceArgs\n {\n SourceData = new Aws.RolesAnywhere.Inputs.TrustAnchorSourceSourceDataArgs\n {\n AcmPcaArn = example.Arn,\n },\n SourceType = \"AWS_ACM_PCA\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleCertificateAuthorityCertificate, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/acmpca\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/rolesanywhere\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := acmpca.NewCertificateAuthority(ctx, \"example\", \u0026acmpca.CertificateAuthorityArgs{\n\t\t\tPermanentDeletionTimeInDays: pulumi.Int(7),\n\t\t\tType: pulumi.String(\"ROOT\"),\n\t\t\tCertificateAuthorityConfiguration: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationArgs{\n\t\t\t\tKeyAlgorithm: pulumi.String(\"RSA_4096\"),\n\t\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\t\tSubject: \u0026acmpca.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs{\n\t\t\t\t\tCommonName: pulumi.String(\"example.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = acmpca.NewCertificate(ctx, \"test\", \u0026acmpca.CertificateArgs{\n\t\t\tCertificateAuthorityArn: example.Arn,\n\t\t\tCertificateSigningRequest: example.CertificateSigningRequest,\n\t\t\tSigningAlgorithm: pulumi.String(\"SHA512WITHRSA\"),\n\t\t\tTemplateArn: pulumi.String(fmt.Sprintf(\"arn:%v:acm-pca:::template/RootCACertificate/V1\", current.Partition)),\n\t\t\tValidity: \u0026acmpca.CertificateValidityArgs{\n\t\t\t\tType: pulumi.String(\"YEARS\"),\n\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleCertificateAuthorityCertificate, err := acmpca.NewCertificateAuthorityCertificate(ctx, \"example\", \u0026acmpca.CertificateAuthorityCertificateArgs{\n\t\t\tCertificateAuthorityArn: example.Arn,\n\t\t\tCertificate: pulumi.Any(exampleAwsAcmpcaCertificate.Certificate),\n\t\t\tCertificateChain: pulumi.Any(exampleAwsAcmpcaCertificate.CertificateChain),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = rolesanywhere.NewTrustAnchor(ctx, \"test\", \u0026rolesanywhere.TrustAnchorArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tSource: \u0026rolesanywhere.TrustAnchorSourceArgs{\n\t\t\t\tSourceData: \u0026rolesanywhere.TrustAnchorSourceSourceDataArgs{\n\t\t\t\t\tAcmPcaArn: example.Arn,\n\t\t\t\t},\n\t\t\t\tSourceType: pulumi.String(\"AWS_ACM_PCA\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleCertificateAuthorityCertificate,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.acmpca.CertificateAuthority;\nimport com.pulumi.aws.acmpca.CertificateAuthorityArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.acmpca.Certificate;\nimport com.pulumi.aws.acmpca.CertificateArgs;\nimport com.pulumi.aws.acmpca.inputs.CertificateValidityArgs;\nimport com.pulumi.aws.acmpca.CertificateAuthorityCertificate;\nimport com.pulumi.aws.acmpca.CertificateAuthorityCertificateArgs;\nimport com.pulumi.aws.rolesanywhere.TrustAnchor;\nimport com.pulumi.aws.rolesanywhere.TrustAnchorArgs;\nimport com.pulumi.aws.rolesanywhere.inputs.TrustAnchorSourceArgs;\nimport com.pulumi.aws.rolesanywhere.inputs.TrustAnchorSourceSourceDataArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CertificateAuthority(\"example\", CertificateAuthorityArgs.builder() \n .permanentDeletionTimeInDays(7)\n .type(\"ROOT\")\n .certificateAuthorityConfiguration(CertificateAuthorityCertificateAuthorityConfigurationArgs.builder()\n .keyAlgorithm(\"RSA_4096\")\n .signingAlgorithm(\"SHA512WITHRSA\")\n .subject(CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs.builder()\n .commonName(\"example.com\")\n .build())\n .build())\n .build());\n\n final var current = AwsFunctions.getPartition();\n\n var test = new Certificate(\"test\", CertificateArgs.builder() \n .certificateAuthorityArn(example.arn())\n .certificateSigningRequest(example.certificateSigningRequest())\n .signingAlgorithm(\"SHA512WITHRSA\")\n .templateArn(String.format(\"arn:%s:acm-pca:::template/RootCACertificate/V1\", current.applyValue(getPartitionResult -\u003e getPartitionResult.partition())))\n .validity(CertificateValidityArgs.builder()\n .type(\"YEARS\")\n .value(1)\n .build())\n .build());\n\n var exampleCertificateAuthorityCertificate = new CertificateAuthorityCertificate(\"exampleCertificateAuthorityCertificate\", CertificateAuthorityCertificateArgs.builder() \n .certificateAuthorityArn(example.arn())\n .certificate(exampleAwsAcmpcaCertificate.certificate())\n .certificateChain(exampleAwsAcmpcaCertificate.certificateChain())\n .build());\n\n var testTrustAnchor = new TrustAnchor(\"testTrustAnchor\", TrustAnchorArgs.builder() \n .name(\"example\")\n .source(TrustAnchorSourceArgs.builder()\n .sourceData(TrustAnchorSourceSourceDataArgs.builder()\n .acmPcaArn(example.arn())\n .build())\n .sourceType(\"AWS_ACM_PCA\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleCertificateAuthorityCertificate)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:acmpca:CertificateAuthority\n properties:\n permanentDeletionTimeInDays: 7\n type: ROOT\n certificateAuthorityConfiguration:\n keyAlgorithm: RSA_4096\n signingAlgorithm: SHA512WITHRSA\n subject:\n commonName: example.com\n test:\n type: aws:acmpca:Certificate\n properties:\n certificateAuthorityArn: ${example.arn}\n certificateSigningRequest: ${example.certificateSigningRequest}\n signingAlgorithm: SHA512WITHRSA\n templateArn: arn:${current.partition}:acm-pca:::template/RootCACertificate/V1\n validity:\n type: YEARS\n value: 1\n exampleCertificateAuthorityCertificate:\n type: aws:acmpca:CertificateAuthorityCertificate\n name: example\n properties:\n certificateAuthorityArn: ${example.arn}\n certificate: ${exampleAwsAcmpcaCertificate.certificate}\n certificateChain: ${exampleAwsAcmpcaCertificate.certificateChain}\n testTrustAnchor:\n type: aws:rolesanywhere:TrustAnchor\n name: test\n properties:\n name: example\n source:\n sourceData:\n acmPcaArn: ${example.arn}\n sourceType: AWS_ACM_PCA\n options:\n dependson:\n - ${exampleCertificateAuthorityCertificate}\nvariables:\n current:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_rolesanywhere_trust_anchor` using its `id`. For example:\n\n```sh\n$ pulumi import aws:rolesanywhere/trustAnchor:TrustAnchor example 92b2fbbb-984d-41a3-a765-e3cbdb69ebb1\n```\n", "properties": { "arn": { "type": "string", @@ -312331,7 +312331,7 @@ } }, "aws:route53/hostedZoneDnsSec:HostedZoneDnsSec": { - "description": "Manages Route 53 Hosted Zone Domain Name System Security Extensions (DNSSEC). For more information about managing DNSSEC in Route 53, see the [Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec.html).\n\n!\u003e **WARNING:** If you disable DNSSEC signing for your hosted zone before the DNS changes have propagated, your domain could become unavailable on the internet. When you remove the DS records, you must wait until the longest TTL for the DS records that you remove has expired before you complete the step to disable DNSSEC signing. Please refer to the [Route 53 Developer Guide - Disable DNSSEC](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-disable.html) for a detailed breakdown on the steps required to disable DNSSEC safely for a hosted zone.\n\n\u003e **Note:** Route53 hosted zones are global resources, and as such any `aws.kms.Key` that you use as part of a signing key needs to be located in the `us-east-1` region. In the example below, the main AWS provider declaration is for `us-east-1`, however if you are provisioning your AWS resources in a different region, you will need to specify a provider alias and use that attached to the `aws.kms.Key` resource as described in the provider alias documentation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n customerMasterKeySpec: \"ECC_NIST_P256\",\n deletionWindowInDays: 7,\n keyUsage: \"SIGN_VERIFY\",\n policy: JSON.stringify({\n statement: [\n {\n action: [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n \"kms:Verify\",\n ],\n effect: \"Allow\",\n principal: {\n service: \"dnssec-route53.amazonaws.com\",\n },\n resource: \"*\",\n sid: \"Allow Route 53 DNSSEC Service\",\n },\n {\n action: \"kms:*\",\n effect: \"Allow\",\n principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n resource: \"*\",\n sid: \"Enable IAM User Permissions\",\n },\n ],\n version: \"2012-10-17\",\n }),\n});\nconst exampleZone = new aws.route53.Zone(\"example\", {name: \"example.com\"});\nconst exampleKeySigningKey = new aws.route53.KeySigningKey(\"example\", {\n hostedZoneId: exampleZone.id,\n keyManagementServiceArn: example.arn,\n name: \"example\",\n});\nconst exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec(\"example\", {hostedZoneId: exampleKeySigningKey.hostedZoneId});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n customer_master_key_spec=\"ECC_NIST_P256\",\n deletion_window_in_days=7,\n key_usage=\"SIGN_VERIFY\",\n policy=json.dumps({\n \"statement\": [\n {\n \"action\": [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n \"kms:Verify\",\n ],\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": \"dnssec-route53.amazonaws.com\",\n },\n \"resource\": \"*\",\n \"sid\": \"Allow Route 53 DNSSEC Service\",\n },\n {\n \"action\": \"kms:*\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"resource\": \"*\",\n \"sid\": \"Enable IAM User Permissions\",\n },\n ],\n \"version\": \"2012-10-17\",\n }))\nexample_zone = aws.route53.Zone(\"example\", name=\"example.com\")\nexample_key_signing_key = aws.route53.KeySigningKey(\"example\",\n hosted_zone_id=example_zone.id,\n key_management_service_arn=example.arn,\n name=\"example\")\nexample_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec(\"example\", hosted_zone_id=example_key_signing_key.hosted_zone_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n CustomerMasterKeySpec = \"ECC_NIST_P256\",\n DeletionWindowInDays = 7,\n KeyUsage = \"SIGN_VERIFY\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n \"kms:Verify\",\n },\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"resource\"] = \"*\",\n [\"sid\"] = \"Allow Route 53 DNSSEC Service\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"kms:*\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"resource\"] = \"*\",\n [\"sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"version\"] = \"2012-10-17\",\n }),\n });\n\n var exampleZone = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n });\n\n var exampleKeySigningKey = new Aws.Route53.KeySigningKey(\"example\", new()\n {\n HostedZoneId = exampleZone.Id,\n KeyManagementServiceArn = example.Arn,\n Name = \"example\",\n });\n\n var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec(\"example\", new()\n {\n HostedZoneId = exampleKeySigningKey.HostedZoneId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:GetPublicKey\",\n\t\t\t\t\t\t\"kms:Sign\",\n\t\t\t\t\t\t\"kms:Verify\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"sid\": \"Allow Route 53 DNSSEC Service\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"kms:*\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"ECC_NIST_P256\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tKeyUsage: pulumi.String(\"SIGN_VERIFY\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleZone, err := route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeySigningKey, err := route53.NewKeySigningKey(ctx, \"example\", \u0026route53.KeySigningKeyArgs{\n\t\t\tHostedZoneId: exampleZone.ID(),\n\t\t\tKeyManagementServiceArn: example.Arn,\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHostedZoneDnsSec(ctx, \"example\", \u0026route53.HostedZoneDnsSecArgs{\n\t\t\tHostedZoneId: exampleKeySigningKey.HostedZoneId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.KeySigningKey;\nimport com.pulumi.aws.route53.KeySigningKeyArgs;\nimport com.pulumi.aws.route53.HostedZoneDnsSec;\nimport com.pulumi.aws.route53.HostedZoneDnsSecArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder() \n .customerMasterKeySpec(\"ECC_NIST_P256\")\n .deletionWindowInDays(7)\n .keyUsage(\"SIGN_VERIFY\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"statement\", jsonArray(\n jsonObject(\n jsonProperty(\"action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:GetPublicKey\", \n \"kms:Sign\", \n \"kms:Verify\"\n )),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"sid\", \"Allow Route 53 DNSSEC Service\")\n ), \n jsonObject(\n jsonProperty(\"action\", \"kms:*\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"sid\", \"Enable IAM User Permissions\")\n )\n )),\n jsonProperty(\"version\", \"2012-10-17\")\n )))\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder() \n .name(\"example.com\")\n .build());\n\n var exampleKeySigningKey = new KeySigningKey(\"exampleKeySigningKey\", KeySigningKeyArgs.builder() \n .hostedZoneId(exampleZone.id())\n .keyManagementServiceArn(example.arn())\n .name(\"example\")\n .build());\n\n var exampleHostedZoneDnsSec = new HostedZoneDnsSec(\"exampleHostedZoneDnsSec\", HostedZoneDnsSecArgs.builder() \n .hostedZoneId(exampleKeySigningKey.hostedZoneId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n customerMasterKeySpec: ECC_NIST_P256\n deletionWindowInDays: 7\n keyUsage: SIGN_VERIFY\n policy:\n fn::toJSON:\n statement:\n - action:\n - kms:DescribeKey\n - kms:GetPublicKey\n - kms:Sign\n - kms:Verify\n effect: Allow\n principal:\n service: dnssec-route53.amazonaws.com\n resource: '*'\n sid: Allow Route 53 DNSSEC Service\n - action: kms:*\n effect: Allow\n principal:\n AWS: arn:aws:iam::${current.accountId}:root\n resource: '*'\n sid: Enable IAM User Permissions\n version: 2012-10-17\n exampleZone:\n type: aws:route53:Zone\n name: example\n properties:\n name: example.com\n exampleKeySigningKey:\n type: aws:route53:KeySigningKey\n name: example\n properties:\n hostedZoneId: ${exampleZone.id}\n keyManagementServiceArn: ${example.arn}\n name: example\n exampleHostedZoneDnsSec:\n type: aws:route53:HostedZoneDnsSec\n name: example\n properties:\n hostedZoneId: ${exampleKeySigningKey.hostedZoneId}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_route53_hosted_zone_dnssec` resources using the Route 53 Hosted Zone identifier. For example:\n\n```sh\n$ pulumi import aws:route53/hostedZoneDnsSec:HostedZoneDnsSec example Z1D633PJN98FT9\n```\n", + "description": "Manages Route 53 Hosted Zone Domain Name System Security Extensions (DNSSEC). For more information about managing DNSSEC in Route 53, see the [Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec.html).\n\n!\u003e **WARNING:** If you disable DNSSEC signing for your hosted zone before the DNS changes have propagated, your domain could become unavailable on the internet. When you remove the DS records, you must wait until the longest TTL for the DS records that you remove has expired before you complete the step to disable DNSSEC signing. Please refer to the [Route 53 Developer Guide - Disable DNSSEC](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-disable.html) for a detailed breakdown on the steps required to disable DNSSEC safely for a hosted zone.\n\n\u003e **Note:** Route53 hosted zones are global resources, and as such any `aws.kms.Key` that you use as part of a signing key needs to be located in the `us-east-1` region. In the example below, the main AWS provider declaration is for `us-east-1`, however if you are provisioning your AWS resources in a different region, you will need to specify a provider alias and use that attached to the `aws.kms.Key` resource as described in the provider alias documentation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n customerMasterKeySpec: \"ECC_NIST_P256\",\n deletionWindowInDays: 7,\n keyUsage: \"SIGN_VERIFY\",\n policy: JSON.stringify({\n Statement: [\n {\n Action: [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n \"kms:Verify\",\n ],\n Effect: \"Allow\",\n Principal: {\n Service: \"dnssec-route53.amazonaws.com\",\n },\n Resource: \"*\",\n Sid: \"Allow Route 53 DNSSEC Service\",\n },\n {\n Action: \"kms:*\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Resource: \"*\",\n Sid: \"Enable IAM User Permissions\",\n },\n ],\n Version: \"2012-10-17\",\n }),\n});\nconst exampleZone = new aws.route53.Zone(\"example\", {name: \"example.com\"});\nconst exampleKeySigningKey = new aws.route53.KeySigningKey(\"example\", {\n hostedZoneId: exampleZone.id,\n keyManagementServiceArn: example.arn,\n name: \"example\",\n});\nconst exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec(\"example\", {hostedZoneId: exampleKeySigningKey.hostedZoneId}, {\n dependsOn: [exampleKeySigningKey],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n customer_master_key_spec=\"ECC_NIST_P256\",\n deletion_window_in_days=7,\n key_usage=\"SIGN_VERIFY\",\n policy=json.dumps({\n \"Statement\": [\n {\n \"Action\": [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n \"kms:Verify\",\n ],\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dnssec-route53.amazonaws.com\",\n },\n \"Resource\": \"*\",\n \"Sid\": \"Allow Route 53 DNSSEC Service\",\n },\n {\n \"Action\": \"kms:*\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Resource\": \"*\",\n \"Sid\": \"Enable IAM User Permissions\",\n },\n ],\n \"Version\": \"2012-10-17\",\n }))\nexample_zone = aws.route53.Zone(\"example\", name=\"example.com\")\nexample_key_signing_key = aws.route53.KeySigningKey(\"example\",\n hosted_zone_id=example_zone.id,\n key_management_service_arn=example.arn,\n name=\"example\")\nexample_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec(\"example\", hosted_zone_id=example_key_signing_key.hosted_zone_id,\nopts=pulumi.ResourceOptions(depends_on=[example_key_signing_key]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n CustomerMasterKeySpec = \"ECC_NIST_P256\",\n DeletionWindowInDays = 7,\n KeyUsage = \"SIGN_VERIFY\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n \"kms:Verify\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"Resource\"] = \"*\",\n [\"Sid\"] = \"Allow Route 53 DNSSEC Service\",\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Resource\"] = \"*\",\n [\"Sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var exampleZone = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n });\n\n var exampleKeySigningKey = new Aws.Route53.KeySigningKey(\"example\", new()\n {\n HostedZoneId = exampleZone.Id,\n KeyManagementServiceArn = example.Arn,\n Name = \"example\",\n });\n\n var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec(\"example\", new()\n {\n HostedZoneId = exampleKeySigningKey.HostedZoneId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleKeySigningKey, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:GetPublicKey\",\n\t\t\t\t\t\t\"kms:Sign\",\n\t\t\t\t\t\t\"kms:Verify\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Sid\": \"Allow Route 53 DNSSEC Service\",\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"ECC_NIST_P256\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tKeyUsage: pulumi.String(\"SIGN_VERIFY\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleZone, err := route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeySigningKey, err := route53.NewKeySigningKey(ctx, \"example\", \u0026route53.KeySigningKeyArgs{\n\t\t\tHostedZoneId: exampleZone.ID(),\n\t\t\tKeyManagementServiceArn: example.Arn,\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHostedZoneDnsSec(ctx, \"example\", \u0026route53.HostedZoneDnsSecArgs{\n\t\t\tHostedZoneId: exampleKeySigningKey.HostedZoneId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleKeySigningKey,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.KeySigningKey;\nimport com.pulumi.aws.route53.KeySigningKeyArgs;\nimport com.pulumi.aws.route53.HostedZoneDnsSec;\nimport com.pulumi.aws.route53.HostedZoneDnsSecArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder() \n .customerMasterKeySpec(\"ECC_NIST_P256\")\n .deletionWindowInDays(7)\n .keyUsage(\"SIGN_VERIFY\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:GetPublicKey\", \n \"kms:Sign\", \n \"kms:Verify\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Sid\", \"Allow Route 53 DNSSEC Service\")\n ), \n jsonObject(\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\")\n )\n )),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder() \n .name(\"example.com\")\n .build());\n\n var exampleKeySigningKey = new KeySigningKey(\"exampleKeySigningKey\", KeySigningKeyArgs.builder() \n .hostedZoneId(exampleZone.id())\n .keyManagementServiceArn(example.arn())\n .name(\"example\")\n .build());\n\n var exampleHostedZoneDnsSec = new HostedZoneDnsSec(\"exampleHostedZoneDnsSec\", HostedZoneDnsSecArgs.builder() \n .hostedZoneId(exampleKeySigningKey.hostedZoneId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleKeySigningKey)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n customerMasterKeySpec: ECC_NIST_P256\n deletionWindowInDays: 7\n keyUsage: SIGN_VERIFY\n policy:\n fn::toJSON:\n Statement:\n - Action:\n - kms:DescribeKey\n - kms:GetPublicKey\n - kms:Sign\n - kms:Verify\n Effect: Allow\n Principal:\n Service: dnssec-route53.amazonaws.com\n Resource: '*'\n Sid: Allow Route 53 DNSSEC Service\n - Action: kms:*\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Resource: '*'\n Sid: Enable IAM User Permissions\n Version: 2012-10-17\n exampleZone:\n type: aws:route53:Zone\n name: example\n properties:\n name: example.com\n exampleKeySigningKey:\n type: aws:route53:KeySigningKey\n name: example\n properties:\n hostedZoneId: ${exampleZone.id}\n keyManagementServiceArn: ${example.arn}\n name: example\n exampleHostedZoneDnsSec:\n type: aws:route53:HostedZoneDnsSec\n name: example\n properties:\n hostedZoneId: ${exampleKeySigningKey.hostedZoneId}\n options:\n dependson:\n - ${exampleKeySigningKey}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_route53_hosted_zone_dnssec` resources using the Route 53 Hosted Zone identifier. For example:\n\n```sh\n$ pulumi import aws:route53/hostedZoneDnsSec:HostedZoneDnsSec example Z1D633PJN98FT9\n```\n", "properties": { "hostedZoneId": { "type": "string", @@ -312376,7 +312376,7 @@ } }, "aws:route53/keySigningKey:KeySigningKey": { - "description": "Manages a Route 53 Key Signing Key. To manage Domain Name System Security Extensions (DNSSEC) for a Hosted Zone, see the `aws.route53.HostedZoneDnsSec` resource. For more information about managing DNSSEC in Route 53, see the [Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n customerMasterKeySpec: \"ECC_NIST_P256\",\n deletionWindowInDays: 7,\n keyUsage: \"SIGN_VERIFY\",\n policy: JSON.stringify({\n statement: [\n {\n action: [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n effect: \"Allow\",\n principal: {\n service: \"dnssec-route53.amazonaws.com\",\n },\n sid: \"Allow Route 53 DNSSEC Service\",\n resource: \"*\",\n condition: {\n stringEquals: {\n \"aws:SourceAccount\": current.then(current =\u003e current.accountId),\n },\n arnLike: {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n action: \"kms:CreateGrant\",\n effect: \"Allow\",\n principal: {\n service: \"dnssec-route53.amazonaws.com\",\n },\n sid: \"Allow Route 53 DNSSEC Service to CreateGrant\",\n resource: \"*\",\n condition: {\n bool: {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n action: \"kms:*\",\n effect: \"Allow\",\n principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n resource: \"*\",\n sid: \"Enable IAM User Permissions\",\n },\n ],\n version: \"2012-10-17\",\n }),\n});\nconst exampleZone = new aws.route53.Zone(\"example\", {name: \"example.com\"});\nconst exampleKeySigningKey = new aws.route53.KeySigningKey(\"example\", {\n hostedZoneId: test.id,\n keyManagementServiceArn: testAwsKmsKey.arn,\n name: \"example\",\n});\nconst exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec(\"example\", {hostedZoneId: exampleKeySigningKey.hostedZoneId});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n customer_master_key_spec=\"ECC_NIST_P256\",\n deletion_window_in_days=7,\n key_usage=\"SIGN_VERIFY\",\n policy=json.dumps({\n \"statement\": [\n {\n \"action\": [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": \"dnssec-route53.amazonaws.com\",\n },\n \"sid\": \"Allow Route 53 DNSSEC Service\",\n \"resource\": \"*\",\n \"condition\": {\n \"stringEquals\": {\n \"aws:SourceAccount\": current.account_id,\n },\n \"arnLike\": {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n \"action\": \"kms:CreateGrant\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": \"dnssec-route53.amazonaws.com\",\n },\n \"sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n \"resource\": \"*\",\n \"condition\": {\n \"bool\": {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n \"action\": \"kms:*\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"resource\": \"*\",\n \"sid\": \"Enable IAM User Permissions\",\n },\n ],\n \"version\": \"2012-10-17\",\n }))\nexample_zone = aws.route53.Zone(\"example\", name=\"example.com\")\nexample_key_signing_key = aws.route53.KeySigningKey(\"example\",\n hosted_zone_id=test[\"id\"],\n key_management_service_arn=test_aws_kms_key[\"arn\"],\n name=\"example\")\nexample_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec(\"example\", hosted_zone_id=example_key_signing_key.hosted_zone_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n CustomerMasterKeySpec = \"ECC_NIST_P256\",\n DeletionWindowInDays = 7,\n KeyUsage = \"SIGN_VERIFY\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n },\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"sid\"] = \"Allow Route 53 DNSSEC Service\",\n [\"resource\"] = \"*\",\n [\"condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"stringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceAccount\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"arnLike\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceArn\"] = \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"kms:CreateGrant\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"sid\"] = \"Allow Route 53 DNSSEC Service to CreateGrant\",\n [\"resource\"] = \"*\",\n [\"condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"bool\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"kms:GrantIsForAWSResource\"] = \"true\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"kms:*\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"resource\"] = \"*\",\n [\"sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"version\"] = \"2012-10-17\",\n }),\n });\n\n var exampleZone = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n });\n\n var exampleKeySigningKey = new Aws.Route53.KeySigningKey(\"example\", new()\n {\n HostedZoneId = test.Id,\n KeyManagementServiceArn = testAwsKmsKey.Arn,\n Name = \"example\",\n });\n\n var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec(\"example\", new()\n {\n HostedZoneId = exampleKeySigningKey.HostedZoneId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:GetPublicKey\",\n\t\t\t\t\t\t\"kms:Sign\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"sid\": \"Allow Route 53 DNSSEC Service\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"condition\": map[string]interface{}{\n\t\t\t\t\t\t\"stringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceAccount\": current.AccountId,\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"arnLike\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"kms:CreateGrant\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"condition\": map[string]interface{}{\n\t\t\t\t\t\t\"bool\": map[string]interface{}{\n\t\t\t\t\t\t\t\"kms:GrantIsForAWSResource\": \"true\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"kms:*\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"ECC_NIST_P256\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tKeyUsage: pulumi.String(\"SIGN_VERIFY\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeySigningKey, err := route53.NewKeySigningKey(ctx, \"example\", \u0026route53.KeySigningKeyArgs{\n\t\t\tHostedZoneId: pulumi.Any(test.Id),\n\t\t\tKeyManagementServiceArn: pulumi.Any(testAwsKmsKey.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHostedZoneDnsSec(ctx, \"example\", \u0026route53.HostedZoneDnsSecArgs{\n\t\t\tHostedZoneId: exampleKeySigningKey.HostedZoneId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.KeySigningKey;\nimport com.pulumi.aws.route53.KeySigningKeyArgs;\nimport com.pulumi.aws.route53.HostedZoneDnsSec;\nimport com.pulumi.aws.route53.HostedZoneDnsSecArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder() \n .customerMasterKeySpec(\"ECC_NIST_P256\")\n .deletionWindowInDays(7)\n .keyUsage(\"SIGN_VERIFY\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"statement\", jsonArray(\n jsonObject(\n jsonProperty(\"action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:GetPublicKey\", \n \"kms:Sign\"\n )),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"sid\", \"Allow Route 53 DNSSEC Service\"),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"condition\", jsonObject(\n jsonProperty(\"stringEquals\", jsonObject(\n jsonProperty(\"aws:SourceAccount\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n )),\n jsonProperty(\"arnLike\", jsonObject(\n jsonProperty(\"aws:SourceArn\", \"arn:aws:route53:::hostedzone/*\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"action\", \"kms:CreateGrant\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"sid\", \"Allow Route 53 DNSSEC Service to CreateGrant\"),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"condition\", jsonObject(\n jsonProperty(\"bool\", jsonObject(\n jsonProperty(\"kms:GrantIsForAWSResource\", \"true\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"action\", \"kms:*\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"sid\", \"Enable IAM User Permissions\")\n )\n )),\n jsonProperty(\"version\", \"2012-10-17\")\n )))\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder() \n .name(\"example.com\")\n .build());\n\n var exampleKeySigningKey = new KeySigningKey(\"exampleKeySigningKey\", KeySigningKeyArgs.builder() \n .hostedZoneId(test.id())\n .keyManagementServiceArn(testAwsKmsKey.arn())\n .name(\"example\")\n .build());\n\n var exampleHostedZoneDnsSec = new HostedZoneDnsSec(\"exampleHostedZoneDnsSec\", HostedZoneDnsSecArgs.builder() \n .hostedZoneId(exampleKeySigningKey.hostedZoneId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n customerMasterKeySpec: ECC_NIST_P256\n deletionWindowInDays: 7\n keyUsage: SIGN_VERIFY\n policy:\n fn::toJSON:\n statement:\n - action:\n - kms:DescribeKey\n - kms:GetPublicKey\n - kms:Sign\n effect: Allow\n principal:\n service: dnssec-route53.amazonaws.com\n sid: Allow Route 53 DNSSEC Service\n resource: '*'\n condition:\n stringEquals:\n aws:SourceAccount: ${current.accountId}\n arnLike:\n aws:SourceArn: arn:aws:route53:::hostedzone/*\n - action: kms:CreateGrant\n effect: Allow\n principal:\n service: dnssec-route53.amazonaws.com\n sid: Allow Route 53 DNSSEC Service to CreateGrant\n resource: '*'\n condition:\n bool:\n kms:GrantIsForAWSResource: 'true'\n - action: kms:*\n effect: Allow\n principal:\n AWS: arn:aws:iam::${current.accountId}:root\n resource: '*'\n sid: Enable IAM User Permissions\n version: 2012-10-17\n exampleZone:\n type: aws:route53:Zone\n name: example\n properties:\n name: example.com\n exampleKeySigningKey:\n type: aws:route53:KeySigningKey\n name: example\n properties:\n hostedZoneId: ${test.id}\n keyManagementServiceArn: ${testAwsKmsKey.arn}\n name: example\n exampleHostedZoneDnsSec:\n type: aws:route53:HostedZoneDnsSec\n name: example\n properties:\n hostedZoneId: ${exampleKeySigningKey.hostedZoneId}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_route53_key_signing_key` resources using the Route 53 Hosted Zone identifier and KMS Key identifier, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:route53/keySigningKey:KeySigningKey example Z1D633PJN98FT9,example\n```\n", + "description": "Manages a Route 53 Key Signing Key. To manage Domain Name System Security Extensions (DNSSEC) for a Hosted Zone, see the `aws.route53.HostedZoneDnsSec` resource. For more information about managing DNSSEC in Route 53, see the [Route 53 Developer Guide](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n customerMasterKeySpec: \"ECC_NIST_P256\",\n deletionWindowInDays: 7,\n keyUsage: \"SIGN_VERIFY\",\n policy: JSON.stringify({\n Statement: [\n {\n Action: [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n Effect: \"Allow\",\n Principal: {\n Service: \"dnssec-route53.amazonaws.com\",\n },\n Sid: \"Allow Route 53 DNSSEC Service\",\n Resource: \"*\",\n Condition: {\n StringEquals: {\n \"aws:SourceAccount\": current.then(current =\u003e current.accountId),\n },\n ArnLike: {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n Action: \"kms:CreateGrant\",\n Effect: \"Allow\",\n Principal: {\n Service: \"dnssec-route53.amazonaws.com\",\n },\n Sid: \"Allow Route 53 DNSSEC Service to CreateGrant\",\n Resource: \"*\",\n Condition: {\n Bool: {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n Action: \"kms:*\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Resource: \"*\",\n Sid: \"Enable IAM User Permissions\",\n },\n ],\n Version: \"2012-10-17\",\n }),\n});\nconst exampleZone = new aws.route53.Zone(\"example\", {name: \"example.com\"});\nconst exampleKeySigningKey = new aws.route53.KeySigningKey(\"example\", {\n hostedZoneId: test.id,\n keyManagementServiceArn: testAwsKmsKey.arn,\n name: \"example\",\n});\nconst exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec(\"example\", {hostedZoneId: exampleKeySigningKey.hostedZoneId}, {\n dependsOn: [exampleKeySigningKey],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n customer_master_key_spec=\"ECC_NIST_P256\",\n deletion_window_in_days=7,\n key_usage=\"SIGN_VERIFY\",\n policy=json.dumps({\n \"Statement\": [\n {\n \"Action\": [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dnssec-route53.amazonaws.com\",\n },\n \"Sid\": \"Allow Route 53 DNSSEC Service\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": current.account_id,\n },\n \"ArnLike\": {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n \"Action\": \"kms:CreateGrant\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dnssec-route53.amazonaws.com\",\n },\n \"Sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n \"Action\": \"kms:*\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Resource\": \"*\",\n \"Sid\": \"Enable IAM User Permissions\",\n },\n ],\n \"Version\": \"2012-10-17\",\n }))\nexample_zone = aws.route53.Zone(\"example\", name=\"example.com\")\nexample_key_signing_key = aws.route53.KeySigningKey(\"example\",\n hosted_zone_id=test[\"id\"],\n key_management_service_arn=test_aws_kms_key[\"arn\"],\n name=\"example\")\nexample_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec(\"example\", hosted_zone_id=example_key_signing_key.hosted_zone_id,\nopts=pulumi.ResourceOptions(depends_on=[example_key_signing_key]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n CustomerMasterKeySpec = \"ECC_NIST_P256\",\n DeletionWindowInDays = 7,\n KeyUsage = \"SIGN_VERIFY\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"Sid\"] = \"Allow Route 53 DNSSEC Service\",\n [\"Resource\"] = \"*\",\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceAccount\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"ArnLike\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceArn\"] = \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:CreateGrant\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"Sid\"] = \"Allow Route 53 DNSSEC Service to CreateGrant\",\n [\"Resource\"] = \"*\",\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Bool\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"kms:GrantIsForAWSResource\"] = \"true\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Resource\"] = \"*\",\n [\"Sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var exampleZone = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n });\n\n var exampleKeySigningKey = new Aws.Route53.KeySigningKey(\"example\", new()\n {\n HostedZoneId = test.Id,\n KeyManagementServiceArn = testAwsKmsKey.Arn,\n Name = \"example\",\n });\n\n var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec(\"example\", new()\n {\n HostedZoneId = exampleKeySigningKey.HostedZoneId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleKeySigningKey, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:GetPublicKey\",\n\t\t\t\t\t\t\"kms:Sign\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"Allow Route 53 DNSSEC Service\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceAccount\": current.AccountId,\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"ArnLike\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:CreateGrant\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"Bool\": map[string]interface{}{\n\t\t\t\t\t\t\t\"kms:GrantIsForAWSResource\": \"true\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"ECC_NIST_P256\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tKeyUsage: pulumi.String(\"SIGN_VERIFY\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeySigningKey, err := route53.NewKeySigningKey(ctx, \"example\", \u0026route53.KeySigningKeyArgs{\n\t\t\tHostedZoneId: pulumi.Any(test.Id),\n\t\t\tKeyManagementServiceArn: pulumi.Any(testAwsKmsKey.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHostedZoneDnsSec(ctx, \"example\", \u0026route53.HostedZoneDnsSecArgs{\n\t\t\tHostedZoneId: exampleKeySigningKey.HostedZoneId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleKeySigningKey,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.KeySigningKey;\nimport com.pulumi.aws.route53.KeySigningKeyArgs;\nimport com.pulumi.aws.route53.HostedZoneDnsSec;\nimport com.pulumi.aws.route53.HostedZoneDnsSecArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder() \n .customerMasterKeySpec(\"ECC_NIST_P256\")\n .deletionWindowInDays(7)\n .keyUsage(\"SIGN_VERIFY\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:GetPublicKey\", \n \"kms:Sign\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"Sid\", \"Allow Route 53 DNSSEC Service\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"StringEquals\", jsonObject(\n jsonProperty(\"aws:SourceAccount\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n )),\n jsonProperty(\"ArnLike\", jsonObject(\n jsonProperty(\"aws:SourceArn\", \"arn:aws:route53:::hostedzone/*\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Action\", \"kms:CreateGrant\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"Sid\", \"Allow Route 53 DNSSEC Service to CreateGrant\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"Bool\", jsonObject(\n jsonProperty(\"kms:GrantIsForAWSResource\", \"true\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\")\n )\n )),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder() \n .name(\"example.com\")\n .build());\n\n var exampleKeySigningKey = new KeySigningKey(\"exampleKeySigningKey\", KeySigningKeyArgs.builder() \n .hostedZoneId(test.id())\n .keyManagementServiceArn(testAwsKmsKey.arn())\n .name(\"example\")\n .build());\n\n var exampleHostedZoneDnsSec = new HostedZoneDnsSec(\"exampleHostedZoneDnsSec\", HostedZoneDnsSecArgs.builder() \n .hostedZoneId(exampleKeySigningKey.hostedZoneId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleKeySigningKey)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n customerMasterKeySpec: ECC_NIST_P256\n deletionWindowInDays: 7\n keyUsage: SIGN_VERIFY\n policy:\n fn::toJSON:\n Statement:\n - Action:\n - kms:DescribeKey\n - kms:GetPublicKey\n - kms:Sign\n Effect: Allow\n Principal:\n Service: dnssec-route53.amazonaws.com\n Sid: Allow Route 53 DNSSEC Service\n Resource: '*'\n Condition:\n StringEquals:\n aws:SourceAccount: ${current.accountId}\n ArnLike:\n aws:SourceArn: arn:aws:route53:::hostedzone/*\n - Action: kms:CreateGrant\n Effect: Allow\n Principal:\n Service: dnssec-route53.amazonaws.com\n Sid: Allow Route 53 DNSSEC Service to CreateGrant\n Resource: '*'\n Condition:\n Bool:\n kms:GrantIsForAWSResource: 'true'\n - Action: kms:*\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Resource: '*'\n Sid: Enable IAM User Permissions\n Version: 2012-10-17\n exampleZone:\n type: aws:route53:Zone\n name: example\n properties:\n name: example.com\n exampleKeySigningKey:\n type: aws:route53:KeySigningKey\n name: example\n properties:\n hostedZoneId: ${test.id}\n keyManagementServiceArn: ${testAwsKmsKey.arn}\n name: example\n exampleHostedZoneDnsSec:\n type: aws:route53:HostedZoneDnsSec\n name: example\n properties:\n hostedZoneId: ${exampleKeySigningKey.hostedZoneId}\n options:\n dependson:\n - ${exampleKeySigningKey}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_route53_key_signing_key` resources using the Route 53 Hosted Zone identifier and KMS Key identifier, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:route53/keySigningKey:KeySigningKey example Z1D633PJN98FT9,example\n```\n", "properties": { "digestAlgorithmMnemonic": { "type": "string", @@ -312540,7 +312540,7 @@ } }, "aws:route53/queryLog:QueryLog": { - "description": "Provides a Route53 query logging configuration resource.\n\n\u003e **NOTE:** There are restrictions on the configuration of query logging. Notably,\nthe CloudWatch log group must be in the `us-east-1` region,\na permissive CloudWatch log resource policy must be in place, and\nthe Route53 hosted zone must be public.\nSee [Configuring Logging for DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html?console_help=true#query-logs-configuring) for additional details.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Example Route53 zone with query logging\nconst exampleCom = new aws.route53.Zone(\"example_com\", {name: \"example.com\"});\nconst awsRoute53ExampleCom = new aws.cloudwatch.LogGroup(\"aws_route53_example_com\", {\n name: pulumi.interpolate`/aws/route53/${exampleCom.name}`,\n retentionInDays: 30,\n});\n// Example CloudWatch log resource policy to allow Route53 to write logs\n// to any log group under /aws/route53/*\nconst route53-query-logging-policy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources: [\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n principals: [{\n identifiers: [\"route53.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst route53_query_logging_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policy\", {\n policyDocument: route53_query_logging_policy.then(route53_query_logging_policy =\u003e route53_query_logging_policy.json),\n policyName: \"route53-query-logging-policy\",\n});\nconst exampleComQueryLog = new aws.route53.QueryLog(\"example_com\", {\n cloudwatchLogGroupArn: awsRoute53ExampleCom.arn,\n zoneId: exampleCom.zoneId,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Example Route53 zone with query logging\nexample_com = aws.route53.Zone(\"example_com\", name=\"example.com\")\naws_route53_example_com = aws.cloudwatch.LogGroup(\"aws_route53_example_com\",\n name=example_com.name.apply(lambda name: f\"/aws/route53/{name}\"),\n retention_in_days=30)\n# Example CloudWatch log resource policy to allow Route53 to write logs\n# to any log group under /aws/route53/*\nroute53_query_logging_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources=[\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n identifiers=[\"route53.amazonaws.com\"],\n type=\"Service\",\n )],\n)])\nroute53_query_logging_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policy\",\n policy_document=route53_query_logging_policy.json,\n policy_name=\"route53-query-logging-policy\")\nexample_com_query_log = aws.route53.QueryLog(\"example_com\",\n cloudwatch_log_group_arn=aws_route53_example_com.arn,\n zone_id=example_com.zone_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Example Route53 zone with query logging\n var exampleCom = new Aws.Route53.Zone(\"example_com\", new()\n {\n Name = \"example.com\",\n });\n\n var awsRoute53ExampleCom = new Aws.CloudWatch.LogGroup(\"aws_route53_example_com\", new()\n {\n Name = exampleCom.Name.Apply(name =\u003e $\"/aws/route53/{name}\"),\n RetentionInDays = 30,\n });\n\n // Example CloudWatch log resource policy to allow Route53 to write logs\n // to any log group under /aws/route53/*\n var route53_query_logging_policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*:*:log-group:/aws/route53/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"route53.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var route53_query_logging_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"route53-query-logging-policy\", new()\n {\n PolicyDocument = route53_query_logging_policy.Apply(route53_query_logging_policy =\u003e route53_query_logging_policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n PolicyName = \"route53-query-logging-policy\",\n });\n\n var exampleComQueryLog = new Aws.Route53.QueryLog(\"example_com\", new()\n {\n CloudwatchLogGroupArn = awsRoute53ExampleCom.Arn,\n ZoneId = exampleCom.ZoneId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Example Route53 zone with query logging\n\t\texampleCom, err := route53.NewZone(ctx, \"example_com\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tawsRoute53ExampleCom, err := cloudwatch.NewLogGroup(ctx, \"aws_route53_example_com\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: exampleCom.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"/aws/route53/%v\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRetentionInDays: pulumi.Int(30),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Example CloudWatch log resource policy to allow Route53 to write logs\n\t\t// to any log group under /aws/route53/*\n\t\troute53_query_logging_policy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*:*:log-group:/aws/route53/*\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"route53.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"route53-query-logging-policy\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyDocument: pulumi.String(route53_query_logging_policy.Json),\n\t\t\tPolicyName: pulumi.String(\"route53-query-logging-policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewQueryLog(ctx, \"example_com\", \u0026route53.QueryLogArgs{\n\t\t\tCloudwatchLogGroupArn: awsRoute53ExampleCom.Arn,\n\t\t\tZoneId: exampleCom.ZoneId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.route53.QueryLog;\nimport com.pulumi.aws.route53.QueryLogArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Example Route53 zone with query logging\n var exampleCom = new Zone(\"exampleCom\", ZoneArgs.builder() \n .name(\"example.com\")\n .build());\n\n var awsRoute53ExampleCom = new LogGroup(\"awsRoute53ExampleCom\", LogGroupArgs.builder() \n .name(exampleCom.name().applyValue(name -\u003e String.format(\"/aws/route53/%s\", name)))\n .retentionInDays(30)\n .build());\n\n // Example CloudWatch log resource policy to allow Route53 to write logs\n // to any log group under /aws/route53/*\n final var route53-query-logging-policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\")\n .resources(\"arn:aws:logs:*:*:log-group:/aws/route53/*\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"route53.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var route53_query_logging_policyLogResourcePolicy = new LogResourcePolicy(\"route53-query-logging-policyLogResourcePolicy\", LogResourcePolicyArgs.builder() \n .policyDocument(route53_query_logging_policy.json())\n .policyName(\"route53-query-logging-policy\")\n .build());\n\n var exampleComQueryLog = new QueryLog(\"exampleComQueryLog\", QueryLogArgs.builder() \n .cloudwatchLogGroupArn(awsRoute53ExampleCom.arn())\n .zoneId(exampleCom.zoneId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n awsRoute53ExampleCom:\n type: aws:cloudwatch:LogGroup\n name: aws_route53_example_com\n properties:\n name: /aws/route53/${exampleCom.name}\n retentionInDays: 30\n route53-query-logging-policyLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: route53-query-logging-policy\n properties:\n policyDocument: ${[\"route53-query-logging-policy\"].json}\n policyName: route53-query-logging-policy\n # Example Route53 zone with query logging\n exampleCom:\n type: aws:route53:Zone\n name: example_com\n properties:\n name: example.com\n exampleComQueryLog:\n type: aws:route53:QueryLog\n name: example_com\n properties:\n cloudwatchLogGroupArn: ${awsRoute53ExampleCom.arn}\n zoneId: ${exampleCom.zoneId}\nvariables:\n # Example CloudWatch log resource policy to allow Route53 to write logs\n # to any log group under /aws/route53/*\n route53-query-logging-policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - logs:CreateLogStream\n - logs:PutLogEvents\n resources:\n - arn:aws:logs:*:*:log-group:/aws/route53/*\n principals:\n - identifiers:\n - route53.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 query logging configurations using their ID. For example:\n\n```sh\n$ pulumi import aws:route53/queryLog:QueryLog example_com xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\n```\n", + "description": "Provides a Route53 query logging configuration resource.\n\n\u003e **NOTE:** There are restrictions on the configuration of query logging. Notably,\nthe CloudWatch log group must be in the `us-east-1` region,\na permissive CloudWatch log resource policy must be in place, and\nthe Route53 hosted zone must be public.\nSee [Configuring Logging for DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html?console_help=true#query-logs-configuring) for additional details.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// Example Route53 zone with query logging\nconst exampleCom = new aws.route53.Zone(\"example_com\", {name: \"example.com\"});\nconst awsRoute53ExampleCom = new aws.cloudwatch.LogGroup(\"aws_route53_example_com\", {\n name: pulumi.interpolate`/aws/route53/${exampleCom.name}`,\n retentionInDays: 30,\n});\n// Example CloudWatch log resource policy to allow Route53 to write logs\n// to any log group under /aws/route53/*\nconst route53-query-logging-policy = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources: [\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n principals: [{\n identifiers: [\"route53.amazonaws.com\"],\n type: \"Service\",\n }],\n }],\n});\nconst route53_query_logging_policyLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policy\", {\n policyDocument: route53_query_logging_policy.then(route53_query_logging_policy =\u003e route53_query_logging_policy.json),\n policyName: \"route53-query-logging-policy\",\n});\nconst exampleComQueryLog = new aws.route53.QueryLog(\"example_com\", {\n cloudwatchLogGroupArn: awsRoute53ExampleCom.arn,\n zoneId: exampleCom.zoneId,\n}, {\n dependsOn: [route53_query_logging_policyLogResourcePolicy],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# Example Route53 zone with query logging\nexample_com = aws.route53.Zone(\"example_com\", name=\"example.com\")\naws_route53_example_com = aws.cloudwatch.LogGroup(\"aws_route53_example_com\",\n name=example_com.name.apply(lambda name: f\"/aws/route53/{name}\"),\n retention_in_days=30)\n# Example CloudWatch log resource policy to allow Route53 to write logs\n# to any log group under /aws/route53/*\nroute53_query_logging_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n ],\n resources=[\"arn:aws:logs:*:*:log-group:/aws/route53/*\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n identifiers=[\"route53.amazonaws.com\"],\n type=\"Service\",\n )],\n)])\nroute53_query_logging_policy_log_resource_policy = aws.cloudwatch.LogResourcePolicy(\"route53-query-logging-policy\",\n policy_document=route53_query_logging_policy.json,\n policy_name=\"route53-query-logging-policy\")\nexample_com_query_log = aws.route53.QueryLog(\"example_com\",\n cloudwatch_log_group_arn=aws_route53_example_com.arn,\n zone_id=example_com.zone_id,\n opts=pulumi.ResourceOptions(depends_on=[route53_query_logging_policy_log_resource_policy]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Example Route53 zone with query logging\n var exampleCom = new Aws.Route53.Zone(\"example_com\", new()\n {\n Name = \"example.com\",\n });\n\n var awsRoute53ExampleCom = new Aws.CloudWatch.LogGroup(\"aws_route53_example_com\", new()\n {\n Name = exampleCom.Name.Apply(name =\u003e $\"/aws/route53/{name}\"),\n RetentionInDays = 30,\n });\n\n // Example CloudWatch log resource policy to allow Route53 to write logs\n // to any log group under /aws/route53/*\n var route53_query_logging_policy = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\",\n },\n Resources = new[]\n {\n \"arn:aws:logs:*:*:log-group:/aws/route53/*\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Identifiers = new[]\n {\n \"route53.amazonaws.com\",\n },\n Type = \"Service\",\n },\n },\n },\n },\n });\n\n var route53_query_logging_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy(\"route53-query-logging-policy\", new()\n {\n PolicyDocument = route53_query_logging_policy.Apply(route53_query_logging_policy =\u003e route53_query_logging_policy.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json)),\n PolicyName = \"route53-query-logging-policy\",\n });\n\n var exampleComQueryLog = new Aws.Route53.QueryLog(\"example_com\", new()\n {\n CloudwatchLogGroupArn = awsRoute53ExampleCom.Arn,\n ZoneId = exampleCom.ZoneId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n route53_query_logging_policyLogResourcePolicy, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Example Route53 zone with query logging\n\t\texampleCom, err := route53.NewZone(ctx, \"example_com\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tawsRoute53ExampleCom, err := cloudwatch.NewLogGroup(ctx, \"aws_route53_example_com\", \u0026cloudwatch.LogGroupArgs{\n\t\t\tName: exampleCom.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"/aws/route53/%v\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tRetentionInDays: pulumi.Int(30),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Example CloudWatch log resource policy to allow Route53 to write logs\n\t\t// to any log group under /aws/route53/*\n\t\troute53_query_logging_policy, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"logs:CreateLogStream\",\n\t\t\t\t\t\t\"logs:PutLogEvents\",\n\t\t\t\t\t},\n\t\t\t\t\tResources: []string{\n\t\t\t\t\t\t\"arn:aws:logs:*:*:log-group:/aws/route53/*\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"route53.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudwatch.NewLogResourcePolicy(ctx, \"route53-query-logging-policy\", \u0026cloudwatch.LogResourcePolicyArgs{\n\t\t\tPolicyDocument: pulumi.String(route53_query_logging_policy.Json),\n\t\t\tPolicyName: pulumi.String(\"route53-query-logging-policy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewQueryLog(ctx, \"example_com\", \u0026route53.QueryLogArgs{\n\t\t\tCloudwatchLogGroupArn: awsRoute53ExampleCom.Arn,\n\t\t\tZoneId: exampleCom.ZoneId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\troute53_query_logging_policyLogResourcePolicy,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.cloudwatch.LogGroup;\nimport com.pulumi.aws.cloudwatch.LogGroupArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicy;\nimport com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;\nimport com.pulumi.aws.route53.QueryLog;\nimport com.pulumi.aws.route53.QueryLogArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Example Route53 zone with query logging\n var exampleCom = new Zone(\"exampleCom\", ZoneArgs.builder() \n .name(\"example.com\")\n .build());\n\n var awsRoute53ExampleCom = new LogGroup(\"awsRoute53ExampleCom\", LogGroupArgs.builder() \n .name(exampleCom.name().applyValue(name -\u003e String.format(\"/aws/route53/%s\", name)))\n .retentionInDays(30)\n .build());\n\n // Example CloudWatch log resource policy to allow Route53 to write logs\n // to any log group under /aws/route53/*\n final var route53-query-logging-policy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions( \n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\")\n .resources(\"arn:aws:logs:*:*:log-group:/aws/route53/*\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .identifiers(\"route53.amazonaws.com\")\n .type(\"Service\")\n .build())\n .build())\n .build());\n\n var route53_query_logging_policyLogResourcePolicy = new LogResourcePolicy(\"route53-query-logging-policyLogResourcePolicy\", LogResourcePolicyArgs.builder() \n .policyDocument(route53_query_logging_policy.json())\n .policyName(\"route53-query-logging-policy\")\n .build());\n\n var exampleComQueryLog = new QueryLog(\"exampleComQueryLog\", QueryLogArgs.builder() \n .cloudwatchLogGroupArn(awsRoute53ExampleCom.arn())\n .zoneId(exampleCom.zoneId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(route53_query_logging_policyLogResourcePolicy)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n awsRoute53ExampleCom:\n type: aws:cloudwatch:LogGroup\n name: aws_route53_example_com\n properties:\n name: /aws/route53/${exampleCom.name}\n retentionInDays: 30\n route53-query-logging-policyLogResourcePolicy:\n type: aws:cloudwatch:LogResourcePolicy\n name: route53-query-logging-policy\n properties:\n policyDocument: ${[\"route53-query-logging-policy\"].json}\n policyName: route53-query-logging-policy\n # Example Route53 zone with query logging\n exampleCom:\n type: aws:route53:Zone\n name: example_com\n properties:\n name: example.com\n exampleComQueryLog:\n type: aws:route53:QueryLog\n name: example_com\n properties:\n cloudwatchLogGroupArn: ${awsRoute53ExampleCom.arn}\n zoneId: ${exampleCom.zoneId}\n options:\n dependson:\n - ${[\"route53-query-logging-policyLogResourcePolicy\"]}\nvariables:\n # Example CloudWatch log resource policy to allow Route53 to write logs\n # to any log group under /aws/route53/*\n route53-query-logging-policy:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - logs:CreateLogStream\n - logs:PutLogEvents\n resources:\n - arn:aws:logs:*:*:log-group:/aws/route53/*\n principals:\n - identifiers:\n - route53.amazonaws.com\n type: Service\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Route53 query logging configurations using their ID. For example:\n\n```sh\n$ pulumi import aws:route53/queryLog:QueryLog example_com xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\n```\n", "properties": { "arn": { "type": "string", @@ -314586,7 +314586,7 @@ } }, "aws:route53domains/delegationSignerRecord:DelegationSignerRecord": { - "description": "Provides a resource to manage a [delegation signer record](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-enable-signing.html#dns-configuring-dnssec-enable-signing-step-1) in the parent DNS zone for domains registered with Route53.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n customerMasterKeySpec: \"ECC_NIST_P256\",\n deletionWindowInDays: 7,\n keyUsage: \"SIGN_VERIFY\",\n policy: JSON.stringify({\n statement: [\n {\n action: [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n effect: \"Allow\",\n principal: {\n service: \"dnssec-route53.amazonaws.com\",\n },\n sid: \"Allow Route 53 DNSSEC Service\",\n resource: \"*\",\n condition: {\n stringEquals: {\n \"aws:SourceAccount\": current.then(current =\u003e current.accountId),\n },\n arnLike: {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n action: \"kms:CreateGrant\",\n effect: \"Allow\",\n principal: {\n service: \"dnssec-route53.amazonaws.com\",\n },\n sid: \"Allow Route 53 DNSSEC Service to CreateGrant\",\n resource: \"*\",\n condition: {\n bool: {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n action: \"kms:*\",\n effect: \"Allow\",\n principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n resource: \"*\",\n sid: \"Enable IAM User Permissions\",\n },\n ],\n version: \"2012-10-17\",\n }),\n});\nconst exampleZone = new aws.route53.Zone(\"example\", {name: \"example.com\"});\nconst exampleKeySigningKey = new aws.route53.KeySigningKey(\"example\", {\n hostedZoneId: test.id,\n keyManagementServiceArn: testAwsKmsKey.arn,\n name: \"example\",\n});\nconst exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec(\"example\", {hostedZoneId: exampleKeySigningKey.hostedZoneId});\nconst exampleDelegationSignerRecord = new aws.route53domains.DelegationSignerRecord(\"example\", {\n domainName: \"example.com\",\n signingAttributes: {\n algorithm: exampleKeySigningKey.signingAlgorithmType,\n flags: exampleKeySigningKey.flag,\n publicKey: exampleKeySigningKey.publicKey,\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n customer_master_key_spec=\"ECC_NIST_P256\",\n deletion_window_in_days=7,\n key_usage=\"SIGN_VERIFY\",\n policy=json.dumps({\n \"statement\": [\n {\n \"action\": [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": \"dnssec-route53.amazonaws.com\",\n },\n \"sid\": \"Allow Route 53 DNSSEC Service\",\n \"resource\": \"*\",\n \"condition\": {\n \"stringEquals\": {\n \"aws:SourceAccount\": current.account_id,\n },\n \"arnLike\": {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n \"action\": \"kms:CreateGrant\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"service\": \"dnssec-route53.amazonaws.com\",\n },\n \"sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n \"resource\": \"*\",\n \"condition\": {\n \"bool\": {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n \"action\": \"kms:*\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"resource\": \"*\",\n \"sid\": \"Enable IAM User Permissions\",\n },\n ],\n \"version\": \"2012-10-17\",\n }))\nexample_zone = aws.route53.Zone(\"example\", name=\"example.com\")\nexample_key_signing_key = aws.route53.KeySigningKey(\"example\",\n hosted_zone_id=test[\"id\"],\n key_management_service_arn=test_aws_kms_key[\"arn\"],\n name=\"example\")\nexample_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec(\"example\", hosted_zone_id=example_key_signing_key.hosted_zone_id)\nexample_delegation_signer_record = aws.route53domains.DelegationSignerRecord(\"example\",\n domain_name=\"example.com\",\n signing_attributes=aws.route53domains.DelegationSignerRecordSigningAttributesArgs(\n algorithm=example_key_signing_key.signing_algorithm_type,\n flags=example_key_signing_key.flag,\n public_key=example_key_signing_key.public_key,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n CustomerMasterKeySpec = \"ECC_NIST_P256\",\n DeletionWindowInDays = 7,\n KeyUsage = \"SIGN_VERIFY\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n },\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"sid\"] = \"Allow Route 53 DNSSEC Service\",\n [\"resource\"] = \"*\",\n [\"condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"stringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceAccount\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"arnLike\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceArn\"] = \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"kms:CreateGrant\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"sid\"] = \"Allow Route 53 DNSSEC Service to CreateGrant\",\n [\"resource\"] = \"*\",\n [\"condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"bool\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"kms:GrantIsForAWSResource\"] = \"true\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"kms:*\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"resource\"] = \"*\",\n [\"sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"version\"] = \"2012-10-17\",\n }),\n });\n\n var exampleZone = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n });\n\n var exampleKeySigningKey = new Aws.Route53.KeySigningKey(\"example\", new()\n {\n HostedZoneId = test.Id,\n KeyManagementServiceArn = testAwsKmsKey.Arn,\n Name = \"example\",\n });\n\n var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec(\"example\", new()\n {\n HostedZoneId = exampleKeySigningKey.HostedZoneId,\n });\n\n var exampleDelegationSignerRecord = new Aws.Route53Domains.DelegationSignerRecord(\"example\", new()\n {\n DomainName = \"example.com\",\n SigningAttributes = new Aws.Route53Domains.Inputs.DelegationSignerRecordSigningAttributesArgs\n {\n Algorithm = exampleKeySigningKey.SigningAlgorithmType,\n Flags = exampleKeySigningKey.Flag,\n PublicKey = exampleKeySigningKey.PublicKey,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53domains\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:GetPublicKey\",\n\t\t\t\t\t\t\"kms:Sign\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"sid\": \"Allow Route 53 DNSSEC Service\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"condition\": map[string]interface{}{\n\t\t\t\t\t\t\"stringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceAccount\": current.AccountId,\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"arnLike\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"kms:CreateGrant\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"condition\": map[string]interface{}{\n\t\t\t\t\t\t\"bool\": map[string]interface{}{\n\t\t\t\t\t\t\t\"kms:GrantIsForAWSResource\": \"true\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"kms:*\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"ECC_NIST_P256\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tKeyUsage: pulumi.String(\"SIGN_VERIFY\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeySigningKey, err := route53.NewKeySigningKey(ctx, \"example\", \u0026route53.KeySigningKeyArgs{\n\t\t\tHostedZoneId: pulumi.Any(test.Id),\n\t\t\tKeyManagementServiceArn: pulumi.Any(testAwsKmsKey.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHostedZoneDnsSec(ctx, \"example\", \u0026route53.HostedZoneDnsSecArgs{\n\t\t\tHostedZoneId: exampleKeySigningKey.HostedZoneId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53domains.NewDelegationSignerRecord(ctx, \"example\", \u0026route53domains.DelegationSignerRecordArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tSigningAttributes: \u0026route53domains.DelegationSignerRecordSigningAttributesArgs{\n\t\t\t\tAlgorithm: exampleKeySigningKey.SigningAlgorithmType,\n\t\t\t\tFlags: exampleKeySigningKey.Flag,\n\t\t\t\tPublicKey: exampleKeySigningKey.PublicKey,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.KeySigningKey;\nimport com.pulumi.aws.route53.KeySigningKeyArgs;\nimport com.pulumi.aws.route53.HostedZoneDnsSec;\nimport com.pulumi.aws.route53.HostedZoneDnsSecArgs;\nimport com.pulumi.aws.route53domains.DelegationSignerRecord;\nimport com.pulumi.aws.route53domains.DelegationSignerRecordArgs;\nimport com.pulumi.aws.route53domains.inputs.DelegationSignerRecordSigningAttributesArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder() \n .customerMasterKeySpec(\"ECC_NIST_P256\")\n .deletionWindowInDays(7)\n .keyUsage(\"SIGN_VERIFY\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"statement\", jsonArray(\n jsonObject(\n jsonProperty(\"action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:GetPublicKey\", \n \"kms:Sign\"\n )),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"sid\", \"Allow Route 53 DNSSEC Service\"),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"condition\", jsonObject(\n jsonProperty(\"stringEquals\", jsonObject(\n jsonProperty(\"aws:SourceAccount\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n )),\n jsonProperty(\"arnLike\", jsonObject(\n jsonProperty(\"aws:SourceArn\", \"arn:aws:route53:::hostedzone/*\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"action\", \"kms:CreateGrant\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"sid\", \"Allow Route 53 DNSSEC Service to CreateGrant\"),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"condition\", jsonObject(\n jsonProperty(\"bool\", jsonObject(\n jsonProperty(\"kms:GrantIsForAWSResource\", \"true\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"action\", \"kms:*\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"sid\", \"Enable IAM User Permissions\")\n )\n )),\n jsonProperty(\"version\", \"2012-10-17\")\n )))\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder() \n .name(\"example.com\")\n .build());\n\n var exampleKeySigningKey = new KeySigningKey(\"exampleKeySigningKey\", KeySigningKeyArgs.builder() \n .hostedZoneId(test.id())\n .keyManagementServiceArn(testAwsKmsKey.arn())\n .name(\"example\")\n .build());\n\n var exampleHostedZoneDnsSec = new HostedZoneDnsSec(\"exampleHostedZoneDnsSec\", HostedZoneDnsSecArgs.builder() \n .hostedZoneId(exampleKeySigningKey.hostedZoneId())\n .build());\n\n var exampleDelegationSignerRecord = new DelegationSignerRecord(\"exampleDelegationSignerRecord\", DelegationSignerRecordArgs.builder() \n .domainName(\"example.com\")\n .signingAttributes(DelegationSignerRecordSigningAttributesArgs.builder()\n .algorithm(exampleKeySigningKey.signingAlgorithmType())\n .flags(exampleKeySigningKey.flag())\n .publicKey(exampleKeySigningKey.publicKey())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n customerMasterKeySpec: ECC_NIST_P256\n deletionWindowInDays: 7\n keyUsage: SIGN_VERIFY\n policy:\n fn::toJSON:\n statement:\n - action:\n - kms:DescribeKey\n - kms:GetPublicKey\n - kms:Sign\n effect: Allow\n principal:\n service: dnssec-route53.amazonaws.com\n sid: Allow Route 53 DNSSEC Service\n resource: '*'\n condition:\n stringEquals:\n aws:SourceAccount: ${current.accountId}\n arnLike:\n aws:SourceArn: arn:aws:route53:::hostedzone/*\n - action: kms:CreateGrant\n effect: Allow\n principal:\n service: dnssec-route53.amazonaws.com\n sid: Allow Route 53 DNSSEC Service to CreateGrant\n resource: '*'\n condition:\n bool:\n kms:GrantIsForAWSResource: 'true'\n - action: kms:*\n effect: Allow\n principal:\n AWS: arn:aws:iam::${current.accountId}:root\n resource: '*'\n sid: Enable IAM User Permissions\n version: 2012-10-17\n exampleZone:\n type: aws:route53:Zone\n name: example\n properties:\n name: example.com\n exampleKeySigningKey:\n type: aws:route53:KeySigningKey\n name: example\n properties:\n hostedZoneId: ${test.id}\n keyManagementServiceArn: ${testAwsKmsKey.arn}\n name: example\n exampleHostedZoneDnsSec:\n type: aws:route53:HostedZoneDnsSec\n name: example\n properties:\n hostedZoneId: ${exampleKeySigningKey.hostedZoneId}\n exampleDelegationSignerRecord:\n type: aws:route53domains:DelegationSignerRecord\n name: example\n properties:\n domainName: example.com\n signingAttributes:\n algorithm: ${exampleKeySigningKey.signingAlgorithmType}\n flags: ${exampleKeySigningKey.flag}\n publicKey: ${exampleKeySigningKey.publicKey}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import delegation signer records using the domain name and DNSSEC key ID, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:route53domains/delegationSignerRecord:DelegationSignerRecord example example.com,40DE3534F5324DBDAC598ACEDB5B1E26A5368732D9C791D1347E4FBDDF6FC343\n```\n", + "description": "Provides a resource to manage a [delegation signer record](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-enable-signing.html#dns-configuring-dnssec-enable-signing-step-1) in the parent DNS zone for domains registered with Route53.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.kms.Key(\"example\", {\n customerMasterKeySpec: \"ECC_NIST_P256\",\n deletionWindowInDays: 7,\n keyUsage: \"SIGN_VERIFY\",\n policy: JSON.stringify({\n Statement: [\n {\n Action: [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n Effect: \"Allow\",\n Principal: {\n Service: \"dnssec-route53.amazonaws.com\",\n },\n Sid: \"Allow Route 53 DNSSEC Service\",\n Resource: \"*\",\n Condition: {\n StringEquals: {\n \"aws:SourceAccount\": current.then(current =\u003e current.accountId),\n },\n ArnLike: {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n Action: \"kms:CreateGrant\",\n Effect: \"Allow\",\n Principal: {\n Service: \"dnssec-route53.amazonaws.com\",\n },\n Sid: \"Allow Route 53 DNSSEC Service to CreateGrant\",\n Resource: \"*\",\n Condition: {\n Bool: {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n Action: \"kms:*\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e `arn:aws:iam::${current.accountId}:root`),\n },\n Resource: \"*\",\n Sid: \"Enable IAM User Permissions\",\n },\n ],\n Version: \"2012-10-17\",\n }),\n});\nconst exampleZone = new aws.route53.Zone(\"example\", {name: \"example.com\"});\nconst exampleKeySigningKey = new aws.route53.KeySigningKey(\"example\", {\n hostedZoneId: test.id,\n keyManagementServiceArn: testAwsKmsKey.arn,\n name: \"example\",\n});\nconst exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec(\"example\", {hostedZoneId: exampleKeySigningKey.hostedZoneId}, {\n dependsOn: [exampleKeySigningKey],\n});\nconst exampleDelegationSignerRecord = new aws.route53domains.DelegationSignerRecord(\"example\", {\n domainName: \"example.com\",\n signingAttributes: {\n algorithm: exampleKeySigningKey.signingAlgorithmType,\n flags: exampleKeySigningKey.flag,\n publicKey: exampleKeySigningKey.publicKey,\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.kms.Key(\"example\",\n customer_master_key_spec=\"ECC_NIST_P256\",\n deletion_window_in_days=7,\n key_usage=\"SIGN_VERIFY\",\n policy=json.dumps({\n \"Statement\": [\n {\n \"Action\": [\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n ],\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dnssec-route53.amazonaws.com\",\n },\n \"Sid\": \"Allow Route 53 DNSSEC Service\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringEquals\": {\n \"aws:SourceAccount\": current.account_id,\n },\n \"ArnLike\": {\n \"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n {\n \"Action\": \"kms:CreateGrant\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"dnssec-route53.amazonaws.com\",\n },\n \"Sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"kms:GrantIsForAWSResource\": \"true\",\n },\n },\n },\n {\n \"Action\": \"kms:*\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:aws:iam::{current.account_id}:root\",\n },\n \"Resource\": \"*\",\n \"Sid\": \"Enable IAM User Permissions\",\n },\n ],\n \"Version\": \"2012-10-17\",\n }))\nexample_zone = aws.route53.Zone(\"example\", name=\"example.com\")\nexample_key_signing_key = aws.route53.KeySigningKey(\"example\",\n hosted_zone_id=test[\"id\"],\n key_management_service_arn=test_aws_kms_key[\"arn\"],\n name=\"example\")\nexample_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec(\"example\", hosted_zone_id=example_key_signing_key.hosted_zone_id,\nopts=pulumi.ResourceOptions(depends_on=[example_key_signing_key]))\nexample_delegation_signer_record = aws.route53domains.DelegationSignerRecord(\"example\",\n domain_name=\"example.com\",\n signing_attributes=aws.route53domains.DelegationSignerRecordSigningAttributesArgs(\n algorithm=example_key_signing_key.signing_algorithm_type,\n flags=example_key_signing_key.flag,\n public_key=example_key_signing_key.public_key,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Kms.Key(\"example\", new()\n {\n CustomerMasterKeySpec = \"ECC_NIST_P256\",\n DeletionWindowInDays = 7,\n KeyUsage = \"SIGN_VERIFY\",\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"kms:DescribeKey\",\n \"kms:GetPublicKey\",\n \"kms:Sign\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"Sid\"] = \"Allow Route 53 DNSSEC Service\",\n [\"Resource\"] = \"*\",\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"StringEquals\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceAccount\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"ArnLike\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:SourceArn\"] = \"arn:aws:route53:::hostedzone/*\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:CreateGrant\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"dnssec-route53.amazonaws.com\",\n },\n [\"Sid\"] = \"Allow Route 53 DNSSEC Service to CreateGrant\",\n [\"Resource\"] = \"*\",\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Bool\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"kms:GrantIsForAWSResource\"] = \"true\",\n },\n },\n },\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"kms:*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = $\"arn:aws:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\",\n },\n [\"Resource\"] = \"*\",\n [\"Sid\"] = \"Enable IAM User Permissions\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n var exampleZone = new Aws.Route53.Zone(\"example\", new()\n {\n Name = \"example.com\",\n });\n\n var exampleKeySigningKey = new Aws.Route53.KeySigningKey(\"example\", new()\n {\n HostedZoneId = test.Id,\n KeyManagementServiceArn = testAwsKmsKey.Arn,\n Name = \"example\",\n });\n\n var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec(\"example\", new()\n {\n HostedZoneId = exampleKeySigningKey.HostedZoneId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleKeySigningKey, \n },\n });\n\n var exampleDelegationSignerRecord = new Aws.Route53Domains.DelegationSignerRecord(\"example\", new()\n {\n DomainName = \"example.com\",\n SigningAttributes = new Aws.Route53Domains.Inputs.DelegationSignerRecordSigningAttributesArgs\n {\n Algorithm = exampleKeySigningKey.SigningAlgorithmType,\n Flags = exampleKeySigningKey.Flag,\n PublicKey = exampleKeySigningKey.PublicKey,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53domains\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Statement\": []interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"kms:DescribeKey\",\n\t\t\t\t\t\t\"kms:GetPublicKey\",\n\t\t\t\t\t\t\"kms:Sign\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"Allow Route 53 DNSSEC Service\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"StringEquals\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceAccount\": current.AccountId,\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\"ArnLike\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:SourceArn\": \"arn:aws:route53:::hostedzone/*\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:CreateGrant\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"dnssec-route53.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Sid\": \"Allow Route 53 DNSSEC Service to CreateGrant\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"Bool\": map[string]interface{}{\n\t\t\t\t\t\t\t\"kms:GrantIsForAWSResource\": \"true\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"kms:*\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:aws:iam::%v:root\", current.AccountId),\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Sid\": \"Enable IAM User Permissions\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = kms.NewKey(ctx, \"example\", \u0026kms.KeyArgs{\n\t\t\tCustomerMasterKeySpec: pulumi.String(\"ECC_NIST_P256\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t\tKeyUsage: pulumi.String(\"SIGN_VERIFY\"),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewZone(ctx, \"example\", \u0026route53.ZoneArgs{\n\t\t\tName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeySigningKey, err := route53.NewKeySigningKey(ctx, \"example\", \u0026route53.KeySigningKeyArgs{\n\t\t\tHostedZoneId: pulumi.Any(test.Id),\n\t\t\tKeyManagementServiceArn: pulumi.Any(testAwsKmsKey.Arn),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewHostedZoneDnsSec(ctx, \"example\", \u0026route53.HostedZoneDnsSecArgs{\n\t\t\tHostedZoneId: exampleKeySigningKey.HostedZoneId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleKeySigningKey,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53domains.NewDelegationSignerRecord(ctx, \"example\", \u0026route53domains.DelegationSignerRecordArgs{\n\t\t\tDomainName: pulumi.String(\"example.com\"),\n\t\t\tSigningAttributes: \u0026route53domains.DelegationSignerRecordSigningAttributesArgs{\n\t\t\t\tAlgorithm: exampleKeySigningKey.SigningAlgorithmType,\n\t\t\t\tFlags: exampleKeySigningKey.Flag,\n\t\t\t\tPublicKey: exampleKeySigningKey.PublicKey,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.route53.Zone;\nimport com.pulumi.aws.route53.ZoneArgs;\nimport com.pulumi.aws.route53.KeySigningKey;\nimport com.pulumi.aws.route53.KeySigningKeyArgs;\nimport com.pulumi.aws.route53.HostedZoneDnsSec;\nimport com.pulumi.aws.route53.HostedZoneDnsSecArgs;\nimport com.pulumi.aws.route53domains.DelegationSignerRecord;\nimport com.pulumi.aws.route53domains.DelegationSignerRecordArgs;\nimport com.pulumi.aws.route53domains.inputs.DelegationSignerRecordSigningAttributesArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new Key(\"example\", KeyArgs.builder() \n .customerMasterKeySpec(\"ECC_NIST_P256\")\n .deletionWindowInDays(7)\n .keyUsage(\"SIGN_VERIFY\")\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Statement\", jsonArray(\n jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"kms:DescribeKey\", \n \"kms:GetPublicKey\", \n \"kms:Sign\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"Sid\", \"Allow Route 53 DNSSEC Service\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"StringEquals\", jsonObject(\n jsonProperty(\"aws:SourceAccount\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n )),\n jsonProperty(\"ArnLike\", jsonObject(\n jsonProperty(\"aws:SourceArn\", \"arn:aws:route53:::hostedzone/*\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Action\", \"kms:CreateGrant\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"dnssec-route53.amazonaws.com\")\n )),\n jsonProperty(\"Sid\", \"Allow Route 53 DNSSEC Service to CreateGrant\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"Bool\", jsonObject(\n jsonProperty(\"kms:GrantIsForAWSResource\", \"true\")\n ))\n ))\n ), \n jsonObject(\n jsonProperty(\"Action\", \"kms:*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:aws:iam::%s:root\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Sid\", \"Enable IAM User Permissions\")\n )\n )),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder() \n .name(\"example.com\")\n .build());\n\n var exampleKeySigningKey = new KeySigningKey(\"exampleKeySigningKey\", KeySigningKeyArgs.builder() \n .hostedZoneId(test.id())\n .keyManagementServiceArn(testAwsKmsKey.arn())\n .name(\"example\")\n .build());\n\n var exampleHostedZoneDnsSec = new HostedZoneDnsSec(\"exampleHostedZoneDnsSec\", HostedZoneDnsSecArgs.builder() \n .hostedZoneId(exampleKeySigningKey.hostedZoneId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleKeySigningKey)\n .build());\n\n var exampleDelegationSignerRecord = new DelegationSignerRecord(\"exampleDelegationSignerRecord\", DelegationSignerRecordArgs.builder() \n .domainName(\"example.com\")\n .signingAttributes(DelegationSignerRecordSigningAttributesArgs.builder()\n .algorithm(exampleKeySigningKey.signingAlgorithmType())\n .flags(exampleKeySigningKey.flag())\n .publicKey(exampleKeySigningKey.publicKey())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:kms:Key\n properties:\n customerMasterKeySpec: ECC_NIST_P256\n deletionWindowInDays: 7\n keyUsage: SIGN_VERIFY\n policy:\n fn::toJSON:\n Statement:\n - Action:\n - kms:DescribeKey\n - kms:GetPublicKey\n - kms:Sign\n Effect: Allow\n Principal:\n Service: dnssec-route53.amazonaws.com\n Sid: Allow Route 53 DNSSEC Service\n Resource: '*'\n Condition:\n StringEquals:\n aws:SourceAccount: ${current.accountId}\n ArnLike:\n aws:SourceArn: arn:aws:route53:::hostedzone/*\n - Action: kms:CreateGrant\n Effect: Allow\n Principal:\n Service: dnssec-route53.amazonaws.com\n Sid: Allow Route 53 DNSSEC Service to CreateGrant\n Resource: '*'\n Condition:\n Bool:\n kms:GrantIsForAWSResource: 'true'\n - Action: kms:*\n Effect: Allow\n Principal:\n AWS: arn:aws:iam::${current.accountId}:root\n Resource: '*'\n Sid: Enable IAM User Permissions\n Version: 2012-10-17\n exampleZone:\n type: aws:route53:Zone\n name: example\n properties:\n name: example.com\n exampleKeySigningKey:\n type: aws:route53:KeySigningKey\n name: example\n properties:\n hostedZoneId: ${test.id}\n keyManagementServiceArn: ${testAwsKmsKey.arn}\n name: example\n exampleHostedZoneDnsSec:\n type: aws:route53:HostedZoneDnsSec\n name: example\n properties:\n hostedZoneId: ${exampleKeySigningKey.hostedZoneId}\n options:\n dependson:\n - ${exampleKeySigningKey}\n exampleDelegationSignerRecord:\n type: aws:route53domains:DelegationSignerRecord\n name: example\n properties:\n domainName: example.com\n signingAttributes:\n algorithm: ${exampleKeySigningKey.signingAlgorithmType}\n flags: ${exampleKeySigningKey.flag}\n publicKey: ${exampleKeySigningKey.publicKey}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import delegation signer records using the domain name and DNSSEC key ID, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:route53domains/delegationSignerRecord:DelegationSignerRecord example example.com,40DE3534F5324DBDAC598ACEDB5B1E26A5368732D9C791D1347E4FBDDF6FC343\n```\n", "properties": { "dnssecKeyId": { "type": "string", @@ -316801,7 +316801,7 @@ } }, "aws:s3/bucketAclV2:BucketAclV2": { - "description": "Provides an S3 bucket ACL resource.\n\n\u003e **Note:** destroy does not delete the S3 Bucket ACL but does remove the resource from state.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### With `private` ACL\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-example-bucket\"});\nconst exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls(\"example\", {\n bucket: example.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\",\n },\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n acl: \"private\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-example-bucket\")\nexample_bucket_ownership_controls = aws.s3.BucketOwnershipControls(\"example\",\n bucket=example.id,\n rule=aws.s3.BucketOwnershipControlsRuleArgs(\n object_ownership=\"BucketOwnerPreferred\",\n ))\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n acl=\"private\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-example-bucket\",\n });\n\n var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs\n {\n ObjectOwnership = \"BucketOwnerPreferred\",\n },\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n Acl = \"private\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketOwnershipControls(ctx, \"example\", \u0026s3.BucketOwnershipControlsArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketOwnershipControlsRuleArgs{\n\t\t\t\tObjectOwnership: pulumi.String(\"BucketOwnerPreferred\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketOwnershipControls;\nimport com.pulumi.aws.s3.BucketOwnershipControlsArgs;\nimport com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"my-tf-example-bucket\")\n .build());\n\n var exampleBucketOwnershipControls = new BucketOwnershipControls(\"exampleBucketOwnershipControls\", BucketOwnershipControlsArgs.builder() \n .bucket(example.id())\n .rule(BucketOwnershipControlsRuleArgs.builder()\n .objectOwnership(\"BucketOwnerPreferred\")\n .build())\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder() \n .bucket(example.id())\n .acl(\"private\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-example-bucket\n exampleBucketOwnershipControls:\n type: aws:s3:BucketOwnershipControls\n name: example\n properties:\n bucket: ${example.id}\n rule:\n objectOwnership: BucketOwnerPreferred\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n acl: private\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With `public-read` ACL\n\n\u003e This example explicitly disables the default S3 bucket security settings. This\nshould be done with caution, as all bucket objects become publicly exposed.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-example-bucket\"});\nconst exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls(\"example\", {\n bucket: example.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\",\n },\n});\nconst exampleBucketPublicAccessBlock = new aws.s3.BucketPublicAccessBlock(\"example\", {\n bucket: example.id,\n blockPublicAcls: false,\n blockPublicPolicy: false,\n ignorePublicAcls: false,\n restrictPublicBuckets: false,\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n acl: \"public-read\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-example-bucket\")\nexample_bucket_ownership_controls = aws.s3.BucketOwnershipControls(\"example\",\n bucket=example.id,\n rule=aws.s3.BucketOwnershipControlsRuleArgs(\n object_ownership=\"BucketOwnerPreferred\",\n ))\nexample_bucket_public_access_block = aws.s3.BucketPublicAccessBlock(\"example\",\n bucket=example.id,\n block_public_acls=False,\n block_public_policy=False,\n ignore_public_acls=False,\n restrict_public_buckets=False)\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n acl=\"public-read\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-example-bucket\",\n });\n\n var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs\n {\n ObjectOwnership = \"BucketOwnerPreferred\",\n },\n });\n\n var exampleBucketPublicAccessBlock = new Aws.S3.BucketPublicAccessBlock(\"example\", new()\n {\n Bucket = example.Id,\n BlockPublicAcls = false,\n BlockPublicPolicy = false,\n IgnorePublicAcls = false,\n RestrictPublicBuckets = false,\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n Acl = \"public-read\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketOwnershipControls(ctx, \"example\", \u0026s3.BucketOwnershipControlsArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketOwnershipControlsRuleArgs{\n\t\t\t\tObjectOwnership: pulumi.String(\"BucketOwnerPreferred\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketPublicAccessBlock(ctx, \"example\", \u0026s3.BucketPublicAccessBlockArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tBlockPublicAcls: pulumi.Bool(false),\n\t\t\tBlockPublicPolicy: pulumi.Bool(false),\n\t\t\tIgnorePublicAcls: pulumi.Bool(false),\n\t\t\tRestrictPublicBuckets: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAcl: pulumi.String(\"public-read\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketOwnershipControls;\nimport com.pulumi.aws.s3.BucketOwnershipControlsArgs;\nimport com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;\nimport com.pulumi.aws.s3.BucketPublicAccessBlock;\nimport com.pulumi.aws.s3.BucketPublicAccessBlockArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"my-tf-example-bucket\")\n .build());\n\n var exampleBucketOwnershipControls = new BucketOwnershipControls(\"exampleBucketOwnershipControls\", BucketOwnershipControlsArgs.builder() \n .bucket(example.id())\n .rule(BucketOwnershipControlsRuleArgs.builder()\n .objectOwnership(\"BucketOwnerPreferred\")\n .build())\n .build());\n\n var exampleBucketPublicAccessBlock = new BucketPublicAccessBlock(\"exampleBucketPublicAccessBlock\", BucketPublicAccessBlockArgs.builder() \n .bucket(example.id())\n .blockPublicAcls(false)\n .blockPublicPolicy(false)\n .ignorePublicAcls(false)\n .restrictPublicBuckets(false)\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder() \n .bucket(example.id())\n .acl(\"public-read\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-example-bucket\n exampleBucketOwnershipControls:\n type: aws:s3:BucketOwnershipControls\n name: example\n properties:\n bucket: ${example.id}\n rule:\n objectOwnership: BucketOwnerPreferred\n exampleBucketPublicAccessBlock:\n type: aws:s3:BucketPublicAccessBlock\n name: example\n properties:\n bucket: ${example.id}\n blockPublicAcls: false\n blockPublicPolicy: false\n ignorePublicAcls: false\n restrictPublicBuckets: false\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n acl: public-read\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Grants\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.s3.getCanonicalUserId({});\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-example-bucket\"});\nconst exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls(\"example\", {\n bucket: example.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\",\n },\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n accessControlPolicy: {\n grants: [\n {\n grantee: {\n id: current.then(current =\u003e current.id),\n type: \"CanonicalUser\",\n },\n permission: \"READ\",\n },\n {\n grantee: {\n type: \"Group\",\n uri: \"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n },\n permission: \"READ_ACP\",\n },\n ],\n owner: {\n id: current.then(current =\u003e current.id),\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.s3.get_canonical_user_id()\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-example-bucket\")\nexample_bucket_ownership_controls = aws.s3.BucketOwnershipControls(\"example\",\n bucket=example.id,\n rule=aws.s3.BucketOwnershipControlsRuleArgs(\n object_ownership=\"BucketOwnerPreferred\",\n ))\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n access_control_policy=aws.s3.BucketAclV2AccessControlPolicyArgs(\n grants=[\n aws.s3.BucketAclV2AccessControlPolicyGrantArgs(\n grantee=aws.s3.BucketAclV2AccessControlPolicyGrantGranteeArgs(\n id=current.id,\n type=\"CanonicalUser\",\n ),\n permission=\"READ\",\n ),\n aws.s3.BucketAclV2AccessControlPolicyGrantArgs(\n grantee=aws.s3.BucketAclV2AccessControlPolicyGrantGranteeArgs(\n type=\"Group\",\n uri=\"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n ),\n permission=\"READ_ACP\",\n ),\n ],\n owner=aws.s3.BucketAclV2AccessControlPolicyOwnerArgs(\n id=current.id,\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.S3.GetCanonicalUserId.Invoke();\n\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-example-bucket\",\n });\n\n var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs\n {\n ObjectOwnership = \"BucketOwnerPreferred\",\n },\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n AccessControlPolicy = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyArgs\n {\n Grants = new[]\n {\n new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantArgs\n {\n Grantee = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantGranteeArgs\n {\n Id = current.Apply(getCanonicalUserIdResult =\u003e getCanonicalUserIdResult.Id),\n Type = \"CanonicalUser\",\n },\n Permission = \"READ\",\n },\n new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantArgs\n {\n Grantee = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantGranteeArgs\n {\n Type = \"Group\",\n Uri = \"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n },\n Permission = \"READ_ACP\",\n },\n },\n Owner = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyOwnerArgs\n {\n Id = current.Apply(getCanonicalUserIdResult =\u003e getCanonicalUserIdResult.Id),\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := s3.GetCanonicalUserId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketOwnershipControls(ctx, \"example\", \u0026s3.BucketOwnershipControlsArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketOwnershipControlsRuleArgs{\n\t\t\t\tObjectOwnership: pulumi.String(\"BucketOwnerPreferred\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAccessControlPolicy: \u0026s3.BucketAclV2AccessControlPolicyArgs{\n\t\t\t\tGrants: s3.BucketAclV2AccessControlPolicyGrantArray{\n\t\t\t\t\t\u0026s3.BucketAclV2AccessControlPolicyGrantArgs{\n\t\t\t\t\t\tGrantee: \u0026s3.BucketAclV2AccessControlPolicyGrantGranteeArgs{\n\t\t\t\t\t\t\tId: pulumi.String(current.Id),\n\t\t\t\t\t\t\tType: pulumi.String(\"CanonicalUser\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tPermission: pulumi.String(\"READ\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026s3.BucketAclV2AccessControlPolicyGrantArgs{\n\t\t\t\t\t\tGrantee: \u0026s3.BucketAclV2AccessControlPolicyGrantGranteeArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Group\"),\n\t\t\t\t\t\t\tUri: pulumi.String(\"http://acs.amazonaws.com/groups/s3/LogDelivery\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tPermission: pulumi.String(\"READ_ACP\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tOwner: \u0026s3.BucketAclV2AccessControlPolicyOwnerArgs{\n\t\t\t\t\tId: pulumi.String(current.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketOwnershipControls;\nimport com.pulumi.aws.s3.BucketOwnershipControlsArgs;\nimport com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyArgs;\nimport com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyOwnerArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = S3Functions.getCanonicalUserId();\n\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"my-tf-example-bucket\")\n .build());\n\n var exampleBucketOwnershipControls = new BucketOwnershipControls(\"exampleBucketOwnershipControls\", BucketOwnershipControlsArgs.builder() \n .bucket(example.id())\n .rule(BucketOwnershipControlsRuleArgs.builder()\n .objectOwnership(\"BucketOwnerPreferred\")\n .build())\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder() \n .bucket(example.id())\n .accessControlPolicy(BucketAclV2AccessControlPolicyArgs.builder()\n .grants( \n BucketAclV2AccessControlPolicyGrantArgs.builder()\n .grantee(BucketAclV2AccessControlPolicyGrantGranteeArgs.builder()\n .id(current.applyValue(getCanonicalUserIdResult -\u003e getCanonicalUserIdResult.id()))\n .type(\"CanonicalUser\")\n .build())\n .permission(\"READ\")\n .build(),\n BucketAclV2AccessControlPolicyGrantArgs.builder()\n .grantee(BucketAclV2AccessControlPolicyGrantGranteeArgs.builder()\n .type(\"Group\")\n .uri(\"http://acs.amazonaws.com/groups/s3/LogDelivery\")\n .build())\n .permission(\"READ_ACP\")\n .build())\n .owner(BucketAclV2AccessControlPolicyOwnerArgs.builder()\n .id(current.applyValue(getCanonicalUserIdResult -\u003e getCanonicalUserIdResult.id()))\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-example-bucket\n exampleBucketOwnershipControls:\n type: aws:s3:BucketOwnershipControls\n name: example\n properties:\n bucket: ${example.id}\n rule:\n objectOwnership: BucketOwnerPreferred\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n accessControlPolicy:\n grants:\n - grantee:\n id: ${current.id}\n type: CanonicalUser\n permission: READ\n - grantee:\n type: Group\n uri: http://acs.amazonaws.com/groups/s3/LogDelivery\n permission: READ_ACP\n owner:\n id: ${current.id}\nvariables:\n current:\n fn::invoke:\n Function: aws:s3:getCanonicalUserId\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket is the _same_ account used to configure the AWS Provider, and the source bucket is __configured__ with a\n[canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), import using the `bucket` and `acl` separated by a comma (`,`):\n\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __not configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __configured__ with a\n[canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket`, `expected_bucket_owner`, and `acl` separated by commas (`,`):\n\n__Using `pulumi import` to import__ using `bucket`, `expected_bucket_owner`, and/or `acl`, depending on your situation. For example:\n\nIf the owner (account ID) of the source bucket is the _same_ account used to configure the AWS Provider, and the source bucket is __not configured__ with a\n[canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket is the _same_ account used to configure the AWS Provider, and the source bucket is __configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), import using the `bucket` and `acl` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name,private\n```\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __not configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name,123456789012\n```\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket`, `expected_bucket_owner`, and `acl` separated by commas (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name,123456789012,private\n```\n", + "description": "Provides an S3 bucket ACL resource.\n\n\u003e **Note:** destroy does not delete the S3 Bucket ACL but does remove the resource from state.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### With `private` ACL\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-example-bucket\"});\nconst exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls(\"example\", {\n bucket: example.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\",\n },\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n acl: \"private\",\n}, {\n dependsOn: [exampleBucketOwnershipControls],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-example-bucket\")\nexample_bucket_ownership_controls = aws.s3.BucketOwnershipControls(\"example\",\n bucket=example.id,\n rule=aws.s3.BucketOwnershipControlsRuleArgs(\n object_ownership=\"BucketOwnerPreferred\",\n ))\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n acl=\"private\",\n opts=pulumi.ResourceOptions(depends_on=[example_bucket_ownership_controls]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-example-bucket\",\n });\n\n var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs\n {\n ObjectOwnership = \"BucketOwnerPreferred\",\n },\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n Acl = \"private\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketOwnershipControls, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, \"example\", \u0026s3.BucketOwnershipControlsArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketOwnershipControlsRuleArgs{\n\t\t\t\tObjectOwnership: pulumi.String(\"BucketOwnerPreferred\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketOwnershipControls,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketOwnershipControls;\nimport com.pulumi.aws.s3.BucketOwnershipControlsArgs;\nimport com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"my-tf-example-bucket\")\n .build());\n\n var exampleBucketOwnershipControls = new BucketOwnershipControls(\"exampleBucketOwnershipControls\", BucketOwnershipControlsArgs.builder() \n .bucket(example.id())\n .rule(BucketOwnershipControlsRuleArgs.builder()\n .objectOwnership(\"BucketOwnerPreferred\")\n .build())\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder() \n .bucket(example.id())\n .acl(\"private\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketOwnershipControls)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-example-bucket\n exampleBucketOwnershipControls:\n type: aws:s3:BucketOwnershipControls\n name: example\n properties:\n bucket: ${example.id}\n rule:\n objectOwnership: BucketOwnerPreferred\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n acl: private\n options:\n dependson:\n - ${exampleBucketOwnershipControls}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With `public-read` ACL\n\n\u003e This example explicitly disables the default S3 bucket security settings. This\nshould be done with caution, as all bucket objects become publicly exposed.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-example-bucket\"});\nconst exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls(\"example\", {\n bucket: example.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\",\n },\n});\nconst exampleBucketPublicAccessBlock = new aws.s3.BucketPublicAccessBlock(\"example\", {\n bucket: example.id,\n blockPublicAcls: false,\n blockPublicPolicy: false,\n ignorePublicAcls: false,\n restrictPublicBuckets: false,\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n acl: \"public-read\",\n}, {\n dependsOn: [\n exampleBucketOwnershipControls,\n exampleBucketPublicAccessBlock,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-example-bucket\")\nexample_bucket_ownership_controls = aws.s3.BucketOwnershipControls(\"example\",\n bucket=example.id,\n rule=aws.s3.BucketOwnershipControlsRuleArgs(\n object_ownership=\"BucketOwnerPreferred\",\n ))\nexample_bucket_public_access_block = aws.s3.BucketPublicAccessBlock(\"example\",\n bucket=example.id,\n block_public_acls=False,\n block_public_policy=False,\n ignore_public_acls=False,\n restrict_public_buckets=False)\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n acl=\"public-read\",\n opts=pulumi.ResourceOptions(depends_on=[\n example_bucket_ownership_controls,\n example_bucket_public_access_block,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-example-bucket\",\n });\n\n var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs\n {\n ObjectOwnership = \"BucketOwnerPreferred\",\n },\n });\n\n var exampleBucketPublicAccessBlock = new Aws.S3.BucketPublicAccessBlock(\"example\", new()\n {\n Bucket = example.Id,\n BlockPublicAcls = false,\n BlockPublicPolicy = false,\n IgnorePublicAcls = false,\n RestrictPublicBuckets = false,\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n Acl = \"public-read\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketOwnershipControls, \n exampleBucketPublicAccessBlock, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, \"example\", \u0026s3.BucketOwnershipControlsArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketOwnershipControlsRuleArgs{\n\t\t\t\tObjectOwnership: pulumi.String(\"BucketOwnerPreferred\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketPublicAccessBlock, err := s3.NewBucketPublicAccessBlock(ctx, \"example\", \u0026s3.BucketPublicAccessBlockArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tBlockPublicAcls: pulumi.Bool(false),\n\t\t\tBlockPublicPolicy: pulumi.Bool(false),\n\t\t\tIgnorePublicAcls: pulumi.Bool(false),\n\t\t\tRestrictPublicBuckets: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAcl: pulumi.String(\"public-read\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketOwnershipControls,\n\t\t\texampleBucketPublicAccessBlock,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketOwnershipControls;\nimport com.pulumi.aws.s3.BucketOwnershipControlsArgs;\nimport com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;\nimport com.pulumi.aws.s3.BucketPublicAccessBlock;\nimport com.pulumi.aws.s3.BucketPublicAccessBlockArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"my-tf-example-bucket\")\n .build());\n\n var exampleBucketOwnershipControls = new BucketOwnershipControls(\"exampleBucketOwnershipControls\", BucketOwnershipControlsArgs.builder() \n .bucket(example.id())\n .rule(BucketOwnershipControlsRuleArgs.builder()\n .objectOwnership(\"BucketOwnerPreferred\")\n .build())\n .build());\n\n var exampleBucketPublicAccessBlock = new BucketPublicAccessBlock(\"exampleBucketPublicAccessBlock\", BucketPublicAccessBlockArgs.builder() \n .bucket(example.id())\n .blockPublicAcls(false)\n .blockPublicPolicy(false)\n .ignorePublicAcls(false)\n .restrictPublicBuckets(false)\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder() \n .bucket(example.id())\n .acl(\"public-read\")\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n exampleBucketOwnershipControls,\n exampleBucketPublicAccessBlock)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-example-bucket\n exampleBucketOwnershipControls:\n type: aws:s3:BucketOwnershipControls\n name: example\n properties:\n bucket: ${example.id}\n rule:\n objectOwnership: BucketOwnerPreferred\n exampleBucketPublicAccessBlock:\n type: aws:s3:BucketPublicAccessBlock\n name: example\n properties:\n bucket: ${example.id}\n blockPublicAcls: false\n blockPublicPolicy: false\n ignorePublicAcls: false\n restrictPublicBuckets: false\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n acl: public-read\n options:\n dependson:\n - ${exampleBucketOwnershipControls}\n - ${exampleBucketPublicAccessBlock}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### With Grants\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.s3.getCanonicalUserId({});\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"my-tf-example-bucket\"});\nconst exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls(\"example\", {\n bucket: example.id,\n rule: {\n objectOwnership: \"BucketOwnerPreferred\",\n },\n});\nconst exampleBucketAclV2 = new aws.s3.BucketAclV2(\"example\", {\n bucket: example.id,\n accessControlPolicy: {\n grants: [\n {\n grantee: {\n id: current.then(current =\u003e current.id),\n type: \"CanonicalUser\",\n },\n permission: \"READ\",\n },\n {\n grantee: {\n type: \"Group\",\n uri: \"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n },\n permission: \"READ_ACP\",\n },\n ],\n owner: {\n id: current.then(current =\u003e current.id),\n },\n },\n}, {\n dependsOn: [exampleBucketOwnershipControls],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.s3.get_canonical_user_id()\nexample = aws.s3.BucketV2(\"example\", bucket=\"my-tf-example-bucket\")\nexample_bucket_ownership_controls = aws.s3.BucketOwnershipControls(\"example\",\n bucket=example.id,\n rule=aws.s3.BucketOwnershipControlsRuleArgs(\n object_ownership=\"BucketOwnerPreferred\",\n ))\nexample_bucket_acl_v2 = aws.s3.BucketAclV2(\"example\",\n bucket=example.id,\n access_control_policy=aws.s3.BucketAclV2AccessControlPolicyArgs(\n grants=[\n aws.s3.BucketAclV2AccessControlPolicyGrantArgs(\n grantee=aws.s3.BucketAclV2AccessControlPolicyGrantGranteeArgs(\n id=current.id,\n type=\"CanonicalUser\",\n ),\n permission=\"READ\",\n ),\n aws.s3.BucketAclV2AccessControlPolicyGrantArgs(\n grantee=aws.s3.BucketAclV2AccessControlPolicyGrantGranteeArgs(\n type=\"Group\",\n uri=\"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n ),\n permission=\"READ_ACP\",\n ),\n ],\n owner=aws.s3.BucketAclV2AccessControlPolicyOwnerArgs(\n id=current.id,\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_bucket_ownership_controls]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.S3.GetCanonicalUserId.Invoke();\n\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-tf-example-bucket\",\n });\n\n var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls(\"example\", new()\n {\n Bucket = example.Id,\n Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs\n {\n ObjectOwnership = \"BucketOwnerPreferred\",\n },\n });\n\n var exampleBucketAclV2 = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = example.Id,\n AccessControlPolicy = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyArgs\n {\n Grants = new[]\n {\n new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantArgs\n {\n Grantee = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantGranteeArgs\n {\n Id = current.Apply(getCanonicalUserIdResult =\u003e getCanonicalUserIdResult.Id),\n Type = \"CanonicalUser\",\n },\n Permission = \"READ\",\n },\n new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantArgs\n {\n Grantee = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantGranteeArgs\n {\n Type = \"Group\",\n Uri = \"http://acs.amazonaws.com/groups/s3/LogDelivery\",\n },\n Permission = \"READ_ACP\",\n },\n },\n Owner = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyOwnerArgs\n {\n Id = current.Apply(getCanonicalUserIdResult =\u003e getCanonicalUserIdResult.Id),\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketOwnershipControls, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := s3.GetCanonicalUserId(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-tf-example-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, \"example\", \u0026s3.BucketOwnershipControlsArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tRule: \u0026s3.BucketOwnershipControlsRuleArgs{\n\t\t\t\tObjectOwnership: pulumi.String(\"BucketOwnerPreferred\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tAccessControlPolicy: \u0026s3.BucketAclV2AccessControlPolicyArgs{\n\t\t\t\tGrants: s3.BucketAclV2AccessControlPolicyGrantArray{\n\t\t\t\t\t\u0026s3.BucketAclV2AccessControlPolicyGrantArgs{\n\t\t\t\t\t\tGrantee: \u0026s3.BucketAclV2AccessControlPolicyGrantGranteeArgs{\n\t\t\t\t\t\t\tId: pulumi.String(current.Id),\n\t\t\t\t\t\t\tType: pulumi.String(\"CanonicalUser\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tPermission: pulumi.String(\"READ\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026s3.BucketAclV2AccessControlPolicyGrantArgs{\n\t\t\t\t\t\tGrantee: \u0026s3.BucketAclV2AccessControlPolicyGrantGranteeArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Group\"),\n\t\t\t\t\t\t\tUri: pulumi.String(\"http://acs.amazonaws.com/groups/s3/LogDelivery\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tPermission: pulumi.String(\"READ_ACP\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tOwner: \u0026s3.BucketAclV2AccessControlPolicyOwnerArgs{\n\t\t\t\t\tId: pulumi.String(current.Id),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketOwnershipControls,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.S3Functions;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketOwnershipControls;\nimport com.pulumi.aws.s3.BucketOwnershipControlsArgs;\nimport com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyArgs;\nimport com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyOwnerArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = S3Functions.getCanonicalUserId();\n\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"my-tf-example-bucket\")\n .build());\n\n var exampleBucketOwnershipControls = new BucketOwnershipControls(\"exampleBucketOwnershipControls\", BucketOwnershipControlsArgs.builder() \n .bucket(example.id())\n .rule(BucketOwnershipControlsRuleArgs.builder()\n .objectOwnership(\"BucketOwnerPreferred\")\n .build())\n .build());\n\n var exampleBucketAclV2 = new BucketAclV2(\"exampleBucketAclV2\", BucketAclV2Args.builder() \n .bucket(example.id())\n .accessControlPolicy(BucketAclV2AccessControlPolicyArgs.builder()\n .grants( \n BucketAclV2AccessControlPolicyGrantArgs.builder()\n .grantee(BucketAclV2AccessControlPolicyGrantGranteeArgs.builder()\n .id(current.applyValue(getCanonicalUserIdResult -\u003e getCanonicalUserIdResult.id()))\n .type(\"CanonicalUser\")\n .build())\n .permission(\"READ\")\n .build(),\n BucketAclV2AccessControlPolicyGrantArgs.builder()\n .grantee(BucketAclV2AccessControlPolicyGrantGranteeArgs.builder()\n .type(\"Group\")\n .uri(\"http://acs.amazonaws.com/groups/s3/LogDelivery\")\n .build())\n .permission(\"READ_ACP\")\n .build())\n .owner(BucketAclV2AccessControlPolicyOwnerArgs.builder()\n .id(current.applyValue(getCanonicalUserIdResult -\u003e getCanonicalUserIdResult.id()))\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketOwnershipControls)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: my-tf-example-bucket\n exampleBucketOwnershipControls:\n type: aws:s3:BucketOwnershipControls\n name: example\n properties:\n bucket: ${example.id}\n rule:\n objectOwnership: BucketOwnerPreferred\n exampleBucketAclV2:\n type: aws:s3:BucketAclV2\n name: example\n properties:\n bucket: ${example.id}\n accessControlPolicy:\n grants:\n - grantee:\n id: ${current.id}\n type: CanonicalUser\n permission: READ\n - grantee:\n type: Group\n uri: http://acs.amazonaws.com/groups/s3/LogDelivery\n permission: READ_ACP\n owner:\n id: ${current.id}\n options:\n dependson:\n - ${exampleBucketOwnershipControls}\nvariables:\n current:\n fn::invoke:\n Function: aws:s3:getCanonicalUserId\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket is the _same_ account used to configure the AWS Provider, and the source bucket is __configured__ with a\n[canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), import using the `bucket` and `acl` separated by a comma (`,`):\n\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __not configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __configured__ with a\n[canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket`, `expected_bucket_owner`, and `acl` separated by commas (`,`):\n\n__Using `pulumi import` to import__ using `bucket`, `expected_bucket_owner`, and/or `acl`, depending on your situation. For example:\n\nIf the owner (account ID) of the source bucket is the _same_ account used to configure the AWS Provider, and the source bucket is __not configured__ with a\n[canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket is the _same_ account used to configure the AWS Provider, and the source bucket is __configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), import using the `bucket` and `acl` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name,private\n```\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __not configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name,123456789012\n```\nIf the owner (account ID) of the source bucket _differs_ from the account used to configure the AWS Provider, and the source bucket is __configured__ with a [canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) (i.e. predefined grant), imported using the `bucket`, `expected_bucket_owner`, and `acl` separated by commas (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketAclV2:BucketAclV2 example bucket-name,123456789012,private\n```\n", "properties": { "accessControlPolicy": { "$ref": "#/types/aws:s3/BucketAclV2AccessControlPolicy:BucketAclV2AccessControlPolicy", @@ -317038,7 +317038,7 @@ } }, "aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2": { - "description": "Provides an independent configuration resource for S3 bucket [lifecycle configuration](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html).\n\nAn S3 Lifecycle configuration consists of one or more Lifecycle rules. Each rule consists of the following:\n\n* Rule metadata (`id` and `status`)\n* Filter identifying objects to which the rule applies\n* One or more transition or expiration actions\n\nFor more information see the Amazon S3 User Guide on [`Lifecycle Configuration Elements`](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html).\n\n\u003e **NOTE:** S3 Buckets only support a single lifecycle configuration. Declaring multiple `aws.s3.BucketLifecycleConfigurationV2` resources to the same S3 Bucket will cause a perpetual difference in configuration.\n\n\u003e **NOTE:** Lifecycle configurations may take some time to fully propagate to all AWS S3 systems.\nRunning Pulumi operations shortly after creating a lifecycle configuration may result in changes that affect configuration idempotence.\nSee the Amazon S3 User Guide on [setting lifecycle configuration on a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/how-to-set-lifecycle-configuration-intro.html).\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### With neither a filter nor prefix specified\n\nThe Lifecycle rule applies to a subset of objects based on the key name prefix (`\"\"`).\n\nThis configuration is intended to replicate the default behavior of the `lifecycle_rule`\nparameter in the AWS Provider `aws.s3.BucketV2` resource prior to `v4.0`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying an empty filter\n\nThe Lifecycle rule applies to all objects in the bucket.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {},\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = null,\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: nil,\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter()\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter: {}\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter using key prefixes\n\nThe Lifecycle rule applies to a subset of objects based on the key name prefix (`logs/`).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n prefix: \"logs/\",\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n prefix=\"logs/\",\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"logs/\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"logs/\")\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n prefix: logs/\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nIf you want to apply a Lifecycle action to a subset of objects based on different key name prefixes, specify separate rules.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [\n {\n id: \"rule-1\",\n filter: {\n prefix: \"logs/\",\n },\n status: \"Enabled\",\n },\n {\n id: \"rule-2\",\n filter: {\n prefix: \"tmp/\",\n },\n status: \"Enabled\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[\n aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n prefix=\"logs/\",\n ),\n status=\"Enabled\",\n ),\n aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-2\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n prefix=\"tmp/\",\n ),\n status=\"Enabled\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"logs/\",\n },\n Status = \"Enabled\",\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-2\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"tmp/\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-2\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"tmp/\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules( \n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"logs/\")\n .build())\n .status(\"Enabled\")\n .build(),\n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-2\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"tmp/\")\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n prefix: logs/\n status: Enabled\n - id: rule-2\n filter:\n prefix: tmp/\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on an object tag\n\nThe Lifecycle rule specifies a filter based on a tag key and value. The rule then applies only to a subset of objects with the specific tag.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n tag: {\n key: \"Name\",\n value: \"Staging\",\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n tag=aws.s3.BucketLifecycleConfigurationV2RuleFilterTagArgs(\n key=\"Name\",\n value=\"Staging\",\n ),\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Tag = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterTagArgs\n {\n Key = \"Name\",\n Value = \"Staging\",\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tTag: \u0026s3.BucketLifecycleConfigurationV2RuleFilterTagArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"Name\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"Staging\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .tag(BucketLifecycleConfigurationV2RuleFilterTagArgs.builder()\n .key(\"Name\")\n .value(\"Staging\")\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n tag:\n key: Name\n value: Staging\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on multiple tags\n\nThe Lifecycle rule directs Amazon S3 to perform lifecycle actions on objects with two tags (with the specific tag keys and values). Notice `tags` is wrapped in the `and` configuration block.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n and: {\n tags: {\n Key1: \"Value1\",\n Key2: \"Value2\",\n },\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n and_=aws.s3.BucketLifecycleConfigurationV2RuleFilterAndArgs(\n tags={\n \"Key1\": \"Value1\",\n \"Key2\": \"Value2\",\n },\n ),\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Tags = \n {\n { \"Key1\", \"Value1\" },\n { \"Key2\", \"Value2\" },\n },\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t\t\t\t\t\t\"Key2\": pulumi.String(\"Value2\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .tags(Map.ofEntries(\n Map.entry(\"Key1\", \"Value1\"),\n Map.entry(\"Key2\", \"Value2\")\n ))\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n and:\n tags:\n Key1: Value1\n Key2: Value2\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on both prefix and one or more tags\n\nThe Lifecycle rule directs Amazon S3 to perform lifecycle actions on objects with the specified prefix and two tags (with the specific tag keys and values). Notice both `prefix` and `tags` are wrapped in the `and` configuration block.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n and: {\n prefix: \"logs/\",\n tags: {\n Key1: \"Value1\",\n Key2: \"Value2\",\n },\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n and_=aws.s3.BucketLifecycleConfigurationV2RuleFilterAndArgs(\n prefix=\"logs/\",\n tags={\n \"Key1\": \"Value1\",\n \"Key2\": \"Value2\",\n },\n ),\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Prefix = \"logs/\",\n Tags = \n {\n { \"Key1\", \"Value1\" },\n { \"Key2\", \"Value2\" },\n },\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t\t\t\t\t\t\"Key2\": pulumi.String(\"Value2\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .prefix(\"logs/\")\n .tags(Map.ofEntries(\n Map.entry(\"Key1\", \"Value1\"),\n Map.entry(\"Key2\", \"Value2\")\n ))\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n and:\n prefix: logs/\n tags:\n Key1: Value1\n Key2: Value2\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on object size\n\nObject size values are in bytes. Maximum filter size is 5TB. Some storage classes have minimum object size limitations, for more information, see [Comparing the Amazon S3 storage classes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html#sc-compare).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n objectSizeGreaterThan: \"500\",\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n object_size_greater_than=\"500\",\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n ObjectSizeGreaterThan = \"500\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tObjectSizeGreaterThan: pulumi.String(\"500\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .objectSizeGreaterThan(500)\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n objectSizeGreaterThan: 500\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on object size range and prefix\n\nThe `object_size_greater_than` must be less than the `object_size_less_than`. Notice both the object size range and prefix are wrapped in the `and` configuration block.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n and: {\n prefix: \"logs/\",\n objectSizeGreaterThan: 500,\n objectSizeLessThan: 64000,\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n and_=aws.s3.BucketLifecycleConfigurationV2RuleFilterAndArgs(\n prefix=\"logs/\",\n object_size_greater_than=500,\n object_size_less_than=64000,\n ),\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Prefix = \"logs/\",\n ObjectSizeGreaterThan = 500,\n ObjectSizeLessThan = 64000,\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t\t\tObjectSizeGreaterThan: pulumi.Int(500),\n\t\t\t\t\t\t\tObjectSizeLessThan: pulumi.Int(64000),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .prefix(\"logs/\")\n .objectSizeGreaterThan(500)\n .objectSizeLessThan(64000)\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n and:\n prefix: logs/\n objectSizeGreaterThan: 500\n objectSizeLessThan: 64000\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Creating a Lifecycle Configuration for a bucket with versioning\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"my-bucket\"});\nconst bucketAcl = new aws.s3.BucketAclV2(\"bucket_acl\", {\n bucket: bucket.id,\n acl: \"private\",\n});\nconst bucket_config = new aws.s3.BucketLifecycleConfigurationV2(\"bucket-config\", {\n bucket: bucket.id,\n rules: [\n {\n id: \"log\",\n expiration: {\n days: 90,\n },\n filter: {\n and: {\n prefix: \"log/\",\n tags: {\n rule: \"log\",\n autoclean: \"true\",\n },\n },\n },\n status: \"Enabled\",\n transitions: [\n {\n days: 30,\n storageClass: \"STANDARD_IA\",\n },\n {\n days: 60,\n storageClass: \"GLACIER\",\n },\n ],\n },\n {\n id: \"tmp\",\n filter: {\n prefix: \"tmp/\",\n },\n expiration: {\n date: \"2023-01-13T00:00:00Z\",\n },\n status: \"Enabled\",\n },\n ],\n});\nconst versioningBucket = new aws.s3.BucketV2(\"versioning_bucket\", {bucket: \"my-versioning-bucket\"});\nconst versioningBucketAcl = new aws.s3.BucketAclV2(\"versioning_bucket_acl\", {\n bucket: versioningBucket.id,\n acl: \"private\",\n});\nconst versioning = new aws.s3.BucketVersioningV2(\"versioning\", {\n bucket: versioningBucket.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst versioning_bucket_config = new aws.s3.BucketLifecycleConfigurationV2(\"versioning-bucket-config\", {\n bucket: versioningBucket.id,\n rules: [{\n id: \"config\",\n filter: {\n prefix: \"config/\",\n },\n noncurrentVersionExpiration: {\n noncurrentDays: 90,\n },\n noncurrentVersionTransitions: [\n {\n noncurrentDays: 30,\n storageClass: \"STANDARD_IA\",\n },\n {\n noncurrentDays: 60,\n storageClass: \"GLACIER\",\n },\n ],\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"my-bucket\")\nbucket_acl = aws.s3.BucketAclV2(\"bucket_acl\",\n bucket=bucket.id,\n acl=\"private\")\nbucket_config = aws.s3.BucketLifecycleConfigurationV2(\"bucket-config\",\n bucket=bucket.id,\n rules=[\n aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"log\",\n expiration=aws.s3.BucketLifecycleConfigurationV2RuleExpirationArgs(\n days=90,\n ),\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n and_=aws.s3.BucketLifecycleConfigurationV2RuleFilterAndArgs(\n prefix=\"log/\",\n tags={\n \"rule\": \"log\",\n \"autoclean\": \"true\",\n },\n ),\n ),\n status=\"Enabled\",\n transitions=[\n aws.s3.BucketLifecycleConfigurationV2RuleTransitionArgs(\n days=30,\n storage_class=\"STANDARD_IA\",\n ),\n aws.s3.BucketLifecycleConfigurationV2RuleTransitionArgs(\n days=60,\n storage_class=\"GLACIER\",\n ),\n ],\n ),\n aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"tmp\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n prefix=\"tmp/\",\n ),\n expiration=aws.s3.BucketLifecycleConfigurationV2RuleExpirationArgs(\n date=\"2023-01-13T00:00:00Z\",\n ),\n status=\"Enabled\",\n ),\n ])\nversioning_bucket = aws.s3.BucketV2(\"versioning_bucket\", bucket=\"my-versioning-bucket\")\nversioning_bucket_acl = aws.s3.BucketAclV2(\"versioning_bucket_acl\",\n bucket=versioning_bucket.id,\n acl=\"private\")\nversioning = aws.s3.BucketVersioningV2(\"versioning\",\n bucket=versioning_bucket.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nversioning_bucket_config = aws.s3.BucketLifecycleConfigurationV2(\"versioning-bucket-config\",\n bucket=versioning_bucket.id,\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"config\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n prefix=\"config/\",\n ),\n noncurrent_version_expiration=aws.s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs(\n noncurrent_days=90,\n ),\n noncurrent_version_transitions=[\n aws.s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs(\n noncurrent_days=30,\n storage_class=\"STANDARD_IA\",\n ),\n aws.s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs(\n noncurrent_days=60,\n storage_class=\"GLACIER\",\n ),\n ],\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"my-bucket\",\n });\n\n var bucketAcl = new Aws.S3.BucketAclV2(\"bucket_acl\", new()\n {\n Bucket = bucket.Id,\n Acl = \"private\",\n });\n\n var bucket_config = new Aws.S3.BucketLifecycleConfigurationV2(\"bucket-config\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"log\",\n Expiration = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleExpirationArgs\n {\n Days = 90,\n },\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Prefix = \"log/\",\n Tags = \n {\n { \"rule\", \"log\" },\n { \"autoclean\", \"true\" },\n },\n },\n },\n Status = \"Enabled\",\n Transitions = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleTransitionArgs\n {\n Days = 30,\n StorageClass = \"STANDARD_IA\",\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleTransitionArgs\n {\n Days = 60,\n StorageClass = \"GLACIER\",\n },\n },\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"tmp\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"tmp/\",\n },\n Expiration = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleExpirationArgs\n {\n Date = \"2023-01-13T00:00:00Z\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n var versioningBucket = new Aws.S3.BucketV2(\"versioning_bucket\", new()\n {\n Bucket = \"my-versioning-bucket\",\n });\n\n var versioningBucketAcl = new Aws.S3.BucketAclV2(\"versioning_bucket_acl\", new()\n {\n Bucket = versioningBucket.Id,\n Acl = \"private\",\n });\n\n var versioning = new Aws.S3.BucketVersioningV2(\"versioning\", new()\n {\n Bucket = versioningBucket.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var versioning_bucket_config = new Aws.S3.BucketLifecycleConfigurationV2(\"versioning-bucket-config\", new()\n {\n Bucket = versioningBucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"config\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"config/\",\n },\n NoncurrentVersionExpiration = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs\n {\n NoncurrentDays = 90,\n },\n NoncurrentVersionTransitions = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs\n {\n NoncurrentDays = 30,\n StorageClass = \"STANDARD_IA\",\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs\n {\n NoncurrentDays = 60,\n StorageClass = \"GLACIER\",\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketLifecycleConfigurationV2(ctx, \"bucket-config\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"log\"),\n\t\t\t\t\tExpiration: \u0026s3.BucketLifecycleConfigurationV2RuleExpirationArgs{\n\t\t\t\t\t\tDays: pulumi.Int(90),\n\t\t\t\t\t},\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"log/\"),\n\t\t\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"rule\": pulumi.String(\"log\"),\n\t\t\t\t\t\t\t\t\"autoclean\": pulumi.String(\"true\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tTransitions: s3.BucketLifecycleConfigurationV2RuleTransitionArray{\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleTransitionArgs{\n\t\t\t\t\t\t\tDays: pulumi.Int(30),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD_IA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleTransitionArgs{\n\t\t\t\t\t\t\tDays: pulumi.Int(60),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"GLACIER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"tmp\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"tmp/\"),\n\t\t\t\t\t},\n\t\t\t\t\tExpiration: \u0026s3.BucketLifecycleConfigurationV2RuleExpirationArgs{\n\t\t\t\t\t\tDate: pulumi.String(\"2023-01-13T00:00:00Z\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tversioningBucket, err := s3.NewBucketV2(ctx, \"versioning_bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-versioning-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"versioning_bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: versioningBucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"versioning\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: versioningBucket.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketLifecycleConfigurationV2(ctx, \"versioning-bucket-config\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: versioningBucket.ID(),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"config\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"config/\"),\n\t\t\t\t\t},\n\t\t\t\t\tNoncurrentVersionExpiration: \u0026s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs{\n\t\t\t\t\t\tNoncurrentDays: pulumi.Int(90),\n\t\t\t\t\t},\n\t\t\t\t\tNoncurrentVersionTransitions: s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArray{\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs{\n\t\t\t\t\t\t\tNoncurrentDays: pulumi.Int(30),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD_IA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs{\n\t\t\t\t\t\t\tNoncurrentDays: pulumi.Int(60),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"GLACIER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleExpirationArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"my-bucket\")\n .build());\n\n var bucketAcl = new BucketAclV2(\"bucketAcl\", BucketAclV2Args.builder() \n .bucket(bucket.id())\n .acl(\"private\")\n .build());\n\n var bucket_config = new BucketLifecycleConfigurationV2(\"bucket-config\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules( \n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"log\")\n .expiration(BucketLifecycleConfigurationV2RuleExpirationArgs.builder()\n .days(90)\n .build())\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .prefix(\"log/\")\n .tags(Map.ofEntries(\n Map.entry(\"rule\", \"log\"),\n Map.entry(\"autoclean\", \"true\")\n ))\n .build())\n .build())\n .status(\"Enabled\")\n .transitions( \n BucketLifecycleConfigurationV2RuleTransitionArgs.builder()\n .days(30)\n .storageClass(\"STANDARD_IA\")\n .build(),\n BucketLifecycleConfigurationV2RuleTransitionArgs.builder()\n .days(60)\n .storageClass(\"GLACIER\")\n .build())\n .build(),\n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"tmp\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"tmp/\")\n .build())\n .expiration(BucketLifecycleConfigurationV2RuleExpirationArgs.builder()\n .date(\"2023-01-13T00:00:00Z\")\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n var versioningBucket = new BucketV2(\"versioningBucket\", BucketV2Args.builder() \n .bucket(\"my-versioning-bucket\")\n .build());\n\n var versioningBucketAcl = new BucketAclV2(\"versioningBucketAcl\", BucketAclV2Args.builder() \n .bucket(versioningBucket.id())\n .acl(\"private\")\n .build());\n\n var versioning = new BucketVersioningV2(\"versioning\", BucketVersioningV2Args.builder() \n .bucket(versioningBucket.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var versioning_bucket_config = new BucketLifecycleConfigurationV2(\"versioning-bucket-config\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(versioningBucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"config\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"config/\")\n .build())\n .noncurrentVersionExpiration(BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs.builder()\n .noncurrentDays(90)\n .build())\n .noncurrentVersionTransitions( \n BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs.builder()\n .noncurrentDays(30)\n .storageClass(\"STANDARD_IA\")\n .build(),\n BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs.builder()\n .noncurrentDays(60)\n .storageClass(\"GLACIER\")\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: my-bucket\n bucketAcl:\n type: aws:s3:BucketAclV2\n name: bucket_acl\n properties:\n bucket: ${bucket.id}\n acl: private\n bucket-config:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: log\n expiration:\n days: 90\n filter:\n and:\n prefix: log/\n tags:\n rule: log\n autoclean: 'true'\n status: Enabled\n transitions:\n - days: 30\n storageClass: STANDARD_IA\n - days: 60\n storageClass: GLACIER\n - id: tmp\n filter:\n prefix: tmp/\n expiration:\n date: 2023-01-13T00:00:00Z\n status: Enabled\n versioningBucket:\n type: aws:s3:BucketV2\n name: versioning_bucket\n properties:\n bucket: my-versioning-bucket\n versioningBucketAcl:\n type: aws:s3:BucketAclV2\n name: versioning_bucket_acl\n properties:\n bucket: ${versioningBucket.id}\n acl: private\n versioning:\n type: aws:s3:BucketVersioningV2\n properties:\n bucket: ${versioningBucket.id}\n versioningConfiguration:\n status: Enabled\n versioning-bucket-config:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${versioningBucket.id}\n rules:\n - id: config\n filter:\n prefix: config/\n noncurrentVersionExpiration:\n noncurrentDays: 90\n noncurrentVersionTransitions:\n - noncurrentDays: 30\n storageClass: STANDARD_IA\n - noncurrentDays: 60\n storageClass: GLACIER\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n__Using `pulumi import` to import__ S3 bucket lifecycle configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2 example bucket-name,123456789012\n```\n", + "description": "Provides an independent configuration resource for S3 bucket [lifecycle configuration](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html).\n\nAn S3 Lifecycle configuration consists of one or more Lifecycle rules. Each rule consists of the following:\n\n* Rule metadata (`id` and `status`)\n* Filter identifying objects to which the rule applies\n* One or more transition or expiration actions\n\nFor more information see the Amazon S3 User Guide on [`Lifecycle Configuration Elements`](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html).\n\n\u003e **NOTE:** S3 Buckets only support a single lifecycle configuration. Declaring multiple `aws.s3.BucketLifecycleConfigurationV2` resources to the same S3 Bucket will cause a perpetual difference in configuration.\n\n\u003e **NOTE:** Lifecycle configurations may take some time to fully propagate to all AWS S3 systems.\nRunning Pulumi operations shortly after creating a lifecycle configuration may result in changes that affect configuration idempotence.\nSee the Amazon S3 User Guide on [setting lifecycle configuration on a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/how-to-set-lifecycle-configuration-intro.html).\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### With neither a filter nor prefix specified\n\nThe Lifecycle rule applies to a subset of objects based on the key name prefix (`\"\"`).\n\nThis configuration is intended to replicate the default behavior of the `lifecycle_rule`\nparameter in the AWS Provider `aws.s3.BucketV2` resource prior to `v4.0`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying an empty filter\n\nThe Lifecycle rule applies to all objects in the bucket.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {},\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = null,\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: nil,\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter()\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter: {}\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter using key prefixes\n\nThe Lifecycle rule applies to a subset of objects based on the key name prefix (`logs/`).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n prefix: \"logs/\",\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n prefix=\"logs/\",\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"logs/\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"logs/\")\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n prefix: logs/\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nIf you want to apply a Lifecycle action to a subset of objects based on different key name prefixes, specify separate rules.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [\n {\n id: \"rule-1\",\n filter: {\n prefix: \"logs/\",\n },\n status: \"Enabled\",\n },\n {\n id: \"rule-2\",\n filter: {\n prefix: \"tmp/\",\n },\n status: \"Enabled\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[\n aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n prefix=\"logs/\",\n ),\n status=\"Enabled\",\n ),\n aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-2\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n prefix=\"tmp/\",\n ),\n status=\"Enabled\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"logs/\",\n },\n Status = \"Enabled\",\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-2\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"tmp/\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-2\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"tmp/\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules( \n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"logs/\")\n .build())\n .status(\"Enabled\")\n .build(),\n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-2\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"tmp/\")\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n prefix: logs/\n status: Enabled\n - id: rule-2\n filter:\n prefix: tmp/\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on an object tag\n\nThe Lifecycle rule specifies a filter based on a tag key and value. The rule then applies only to a subset of objects with the specific tag.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n tag: {\n key: \"Name\",\n value: \"Staging\",\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n tag=aws.s3.BucketLifecycleConfigurationV2RuleFilterTagArgs(\n key=\"Name\",\n value=\"Staging\",\n ),\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Tag = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterTagArgs\n {\n Key = \"Name\",\n Value = \"Staging\",\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tTag: \u0026s3.BucketLifecycleConfigurationV2RuleFilterTagArgs{\n\t\t\t\t\t\t\tKey: pulumi.String(\"Name\"),\n\t\t\t\t\t\t\tValue: pulumi.String(\"Staging\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterTagArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .tag(BucketLifecycleConfigurationV2RuleFilterTagArgs.builder()\n .key(\"Name\")\n .value(\"Staging\")\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n tag:\n key: Name\n value: Staging\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on multiple tags\n\nThe Lifecycle rule directs Amazon S3 to perform lifecycle actions on objects with two tags (with the specific tag keys and values). Notice `tags` is wrapped in the `and` configuration block.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n and: {\n tags: {\n Key1: \"Value1\",\n Key2: \"Value2\",\n },\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n and_=aws.s3.BucketLifecycleConfigurationV2RuleFilterAndArgs(\n tags={\n \"Key1\": \"Value1\",\n \"Key2\": \"Value2\",\n },\n ),\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Tags = \n {\n { \"Key1\", \"Value1\" },\n { \"Key2\", \"Value2\" },\n },\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t\t\t\t\t\t\"Key2\": pulumi.String(\"Value2\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .tags(Map.ofEntries(\n Map.entry(\"Key1\", \"Value1\"),\n Map.entry(\"Key2\", \"Value2\")\n ))\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n and:\n tags:\n Key1: Value1\n Key2: Value2\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on both prefix and one or more tags\n\nThe Lifecycle rule directs Amazon S3 to perform lifecycle actions on objects with the specified prefix and two tags (with the specific tag keys and values). Notice both `prefix` and `tags` are wrapped in the `and` configuration block.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n and: {\n prefix: \"logs/\",\n tags: {\n Key1: \"Value1\",\n Key2: \"Value2\",\n },\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n and_=aws.s3.BucketLifecycleConfigurationV2RuleFilterAndArgs(\n prefix=\"logs/\",\n tags={\n \"Key1\": \"Value1\",\n \"Key2\": \"Value2\",\n },\n ),\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Prefix = \"logs/\",\n Tags = \n {\n { \"Key1\", \"Value1\" },\n { \"Key2\", \"Value2\" },\n },\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"Key1\": pulumi.String(\"Value1\"),\n\t\t\t\t\t\t\t\t\"Key2\": pulumi.String(\"Value2\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .prefix(\"logs/\")\n .tags(Map.ofEntries(\n Map.entry(\"Key1\", \"Value1\"),\n Map.entry(\"Key2\", \"Value2\")\n ))\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n and:\n prefix: logs/\n tags:\n Key1: Value1\n Key2: Value2\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on object size\n\nObject size values are in bytes. Maximum filter size is 5TB. Some storage classes have minimum object size limitations, for more information, see [Comparing the Amazon S3 storage classes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html#sc-compare).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n objectSizeGreaterThan: \"500\",\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n object_size_greater_than=\"500\",\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n ObjectSizeGreaterThan = \"500\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tObjectSizeGreaterThan: pulumi.String(\"500\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .objectSizeGreaterThan(500)\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n objectSizeGreaterThan: 500\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specifying a filter based on object size range and prefix\n\nThe `object_size_greater_than` must be less than the `object_size_less_than`. Notice both the object size range and prefix are wrapped in the `and` configuration block.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketLifecycleConfigurationV2(\"example\", {\n bucket: bucket.id,\n rules: [{\n id: \"rule-1\",\n filter: {\n and: {\n prefix: \"logs/\",\n objectSizeGreaterThan: 500,\n objectSizeLessThan: 64000,\n },\n },\n status: \"Enabled\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketLifecycleConfigurationV2(\"example\",\n bucket=bucket[\"id\"],\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"rule-1\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n and_=aws.s3.BucketLifecycleConfigurationV2RuleFilterAndArgs(\n prefix=\"logs/\",\n object_size_greater_than=500,\n object_size_less_than=64000,\n ),\n ),\n status=\"Enabled\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketLifecycleConfigurationV2(\"example\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"rule-1\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Prefix = \"logs/\",\n ObjectSizeGreaterThan = 500,\n ObjectSizeLessThan = 64000,\n },\n },\n Status = \"Enabled\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketLifecycleConfigurationV2(ctx, \"example\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: pulumi.Any(bucket.Id),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"rule-1\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"logs/\"),\n\t\t\t\t\t\t\tObjectSizeGreaterThan: pulumi.Int(500),\n\t\t\t\t\t\t\tObjectSizeLessThan: pulumi.Int(64000),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketLifecycleConfigurationV2(\"example\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"rule-1\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .prefix(\"logs/\")\n .objectSizeGreaterThan(500)\n .objectSizeLessThan(64000)\n .build())\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: rule-1\n filter:\n and:\n prefix: logs/\n objectSizeGreaterThan: 500\n objectSizeLessThan: 64000\n status: Enabled\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Creating a Lifecycle Configuration for a bucket with versioning\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"my-bucket\"});\nconst bucketAcl = new aws.s3.BucketAclV2(\"bucket_acl\", {\n bucket: bucket.id,\n acl: \"private\",\n});\nconst bucket_config = new aws.s3.BucketLifecycleConfigurationV2(\"bucket-config\", {\n bucket: bucket.id,\n rules: [\n {\n id: \"log\",\n expiration: {\n days: 90,\n },\n filter: {\n and: {\n prefix: \"log/\",\n tags: {\n rule: \"log\",\n autoclean: \"true\",\n },\n },\n },\n status: \"Enabled\",\n transitions: [\n {\n days: 30,\n storageClass: \"STANDARD_IA\",\n },\n {\n days: 60,\n storageClass: \"GLACIER\",\n },\n ],\n },\n {\n id: \"tmp\",\n filter: {\n prefix: \"tmp/\",\n },\n expiration: {\n date: \"2023-01-13T00:00:00Z\",\n },\n status: \"Enabled\",\n },\n ],\n});\nconst versioningBucket = new aws.s3.BucketV2(\"versioning_bucket\", {bucket: \"my-versioning-bucket\"});\nconst versioningBucketAcl = new aws.s3.BucketAclV2(\"versioning_bucket_acl\", {\n bucket: versioningBucket.id,\n acl: \"private\",\n});\nconst versioning = new aws.s3.BucketVersioningV2(\"versioning\", {\n bucket: versioningBucket.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst versioning_bucket_config = new aws.s3.BucketLifecycleConfigurationV2(\"versioning-bucket-config\", {\n bucket: versioningBucket.id,\n rules: [{\n id: \"config\",\n filter: {\n prefix: \"config/\",\n },\n noncurrentVersionExpiration: {\n noncurrentDays: 90,\n },\n noncurrentVersionTransitions: [\n {\n noncurrentDays: 30,\n storageClass: \"STANDARD_IA\",\n },\n {\n noncurrentDays: 60,\n storageClass: \"GLACIER\",\n },\n ],\n status: \"Enabled\",\n }],\n}, {\n dependsOn: [versioning],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"my-bucket\")\nbucket_acl = aws.s3.BucketAclV2(\"bucket_acl\",\n bucket=bucket.id,\n acl=\"private\")\nbucket_config = aws.s3.BucketLifecycleConfigurationV2(\"bucket-config\",\n bucket=bucket.id,\n rules=[\n aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"log\",\n expiration=aws.s3.BucketLifecycleConfigurationV2RuleExpirationArgs(\n days=90,\n ),\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n and_=aws.s3.BucketLifecycleConfigurationV2RuleFilterAndArgs(\n prefix=\"log/\",\n tags={\n \"rule\": \"log\",\n \"autoclean\": \"true\",\n },\n ),\n ),\n status=\"Enabled\",\n transitions=[\n aws.s3.BucketLifecycleConfigurationV2RuleTransitionArgs(\n days=30,\n storage_class=\"STANDARD_IA\",\n ),\n aws.s3.BucketLifecycleConfigurationV2RuleTransitionArgs(\n days=60,\n storage_class=\"GLACIER\",\n ),\n ],\n ),\n aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"tmp\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n prefix=\"tmp/\",\n ),\n expiration=aws.s3.BucketLifecycleConfigurationV2RuleExpirationArgs(\n date=\"2023-01-13T00:00:00Z\",\n ),\n status=\"Enabled\",\n ),\n ])\nversioning_bucket = aws.s3.BucketV2(\"versioning_bucket\", bucket=\"my-versioning-bucket\")\nversioning_bucket_acl = aws.s3.BucketAclV2(\"versioning_bucket_acl\",\n bucket=versioning_bucket.id,\n acl=\"private\")\nversioning = aws.s3.BucketVersioningV2(\"versioning\",\n bucket=versioning_bucket.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nversioning_bucket_config = aws.s3.BucketLifecycleConfigurationV2(\"versioning-bucket-config\",\n bucket=versioning_bucket.id,\n rules=[aws.s3.BucketLifecycleConfigurationV2RuleArgs(\n id=\"config\",\n filter=aws.s3.BucketLifecycleConfigurationV2RuleFilterArgs(\n prefix=\"config/\",\n ),\n noncurrent_version_expiration=aws.s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs(\n noncurrent_days=90,\n ),\n noncurrent_version_transitions=[\n aws.s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs(\n noncurrent_days=30,\n storage_class=\"STANDARD_IA\",\n ),\n aws.s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs(\n noncurrent_days=60,\n storage_class=\"GLACIER\",\n ),\n ],\n status=\"Enabled\",\n )],\n opts=pulumi.ResourceOptions(depends_on=[versioning]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"my-bucket\",\n });\n\n var bucketAcl = new Aws.S3.BucketAclV2(\"bucket_acl\", new()\n {\n Bucket = bucket.Id,\n Acl = \"private\",\n });\n\n var bucket_config = new Aws.S3.BucketLifecycleConfigurationV2(\"bucket-config\", new()\n {\n Bucket = bucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"log\",\n Expiration = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleExpirationArgs\n {\n Days = 90,\n },\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n And = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs\n {\n Prefix = \"log/\",\n Tags = \n {\n { \"rule\", \"log\" },\n { \"autoclean\", \"true\" },\n },\n },\n },\n Status = \"Enabled\",\n Transitions = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleTransitionArgs\n {\n Days = 30,\n StorageClass = \"STANDARD_IA\",\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleTransitionArgs\n {\n Days = 60,\n StorageClass = \"GLACIER\",\n },\n },\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"tmp\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"tmp/\",\n },\n Expiration = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleExpirationArgs\n {\n Date = \"2023-01-13T00:00:00Z\",\n },\n Status = \"Enabled\",\n },\n },\n });\n\n var versioningBucket = new Aws.S3.BucketV2(\"versioning_bucket\", new()\n {\n Bucket = \"my-versioning-bucket\",\n });\n\n var versioningBucketAcl = new Aws.S3.BucketAclV2(\"versioning_bucket_acl\", new()\n {\n Bucket = versioningBucket.Id,\n Acl = \"private\",\n });\n\n var versioning = new Aws.S3.BucketVersioningV2(\"versioning\", new()\n {\n Bucket = versioningBucket.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var versioning_bucket_config = new Aws.S3.BucketLifecycleConfigurationV2(\"versioning-bucket-config\", new()\n {\n Bucket = versioningBucket.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleArgs\n {\n Id = \"config\",\n Filter = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleFilterArgs\n {\n Prefix = \"config/\",\n },\n NoncurrentVersionExpiration = new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs\n {\n NoncurrentDays = 90,\n },\n NoncurrentVersionTransitions = new[]\n {\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs\n {\n NoncurrentDays = 30,\n StorageClass = \"STANDARD_IA\",\n },\n new Aws.S3.Inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs\n {\n NoncurrentDays = 60,\n StorageClass = \"GLACIER\",\n },\n },\n Status = \"Enabled\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n versioning, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketLifecycleConfigurationV2(ctx, \"bucket-config\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: bucket.ID(),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"log\"),\n\t\t\t\t\tExpiration: \u0026s3.BucketLifecycleConfigurationV2RuleExpirationArgs{\n\t\t\t\t\t\tDays: pulumi.Int(90),\n\t\t\t\t\t},\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tAnd: \u0026s3.BucketLifecycleConfigurationV2RuleFilterAndArgs{\n\t\t\t\t\t\t\tPrefix: pulumi.String(\"log/\"),\n\t\t\t\t\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\t\t\t\t\"rule\": pulumi.String(\"log\"),\n\t\t\t\t\t\t\t\t\"autoclean\": pulumi.String(\"true\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tTransitions: s3.BucketLifecycleConfigurationV2RuleTransitionArray{\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleTransitionArgs{\n\t\t\t\t\t\t\tDays: pulumi.Int(30),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD_IA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleTransitionArgs{\n\t\t\t\t\t\t\tDays: pulumi.Int(60),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"GLACIER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"tmp\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"tmp/\"),\n\t\t\t\t\t},\n\t\t\t\t\tExpiration: \u0026s3.BucketLifecycleConfigurationV2RuleExpirationArgs{\n\t\t\t\t\t\tDate: pulumi.String(\"2023-01-13T00:00:00Z\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tversioningBucket, err := s3.NewBucketV2(ctx, \"versioning_bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-versioning-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"versioning_bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: versioningBucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tversioning, err := s3.NewBucketVersioningV2(ctx, \"versioning\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: versioningBucket.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketLifecycleConfigurationV2(ctx, \"versioning-bucket-config\", \u0026s3.BucketLifecycleConfigurationV2Args{\n\t\t\tBucket: versioningBucket.ID(),\n\t\t\tRules: s3.BucketLifecycleConfigurationV2RuleArray{\n\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleArgs{\n\t\t\t\t\tId: pulumi.String(\"config\"),\n\t\t\t\t\tFilter: \u0026s3.BucketLifecycleConfigurationV2RuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"config/\"),\n\t\t\t\t\t},\n\t\t\t\t\tNoncurrentVersionExpiration: \u0026s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs{\n\t\t\t\t\t\tNoncurrentDays: pulumi.Int(90),\n\t\t\t\t\t},\n\t\t\t\t\tNoncurrentVersionTransitions: s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArray{\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs{\n\t\t\t\t\t\t\tNoncurrentDays: pulumi.Int(30),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD_IA\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026s3.BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs{\n\t\t\t\t\t\t\tNoncurrentDays: pulumi.Int(60),\n\t\t\t\t\t\t\tStorageClass: pulumi.String(\"GLACIER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tversioning,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2;\nimport com.pulumi.aws.s3.BucketLifecycleConfigurationV2Args;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleExpirationArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleFilterAndArgs;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"my-bucket\")\n .build());\n\n var bucketAcl = new BucketAclV2(\"bucketAcl\", BucketAclV2Args.builder() \n .bucket(bucket.id())\n .acl(\"private\")\n .build());\n\n var bucket_config = new BucketLifecycleConfigurationV2(\"bucket-config\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(bucket.id())\n .rules( \n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"log\")\n .expiration(BucketLifecycleConfigurationV2RuleExpirationArgs.builder()\n .days(90)\n .build())\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .and(BucketLifecycleConfigurationV2RuleFilterAndArgs.builder()\n .prefix(\"log/\")\n .tags(Map.ofEntries(\n Map.entry(\"rule\", \"log\"),\n Map.entry(\"autoclean\", \"true\")\n ))\n .build())\n .build())\n .status(\"Enabled\")\n .transitions( \n BucketLifecycleConfigurationV2RuleTransitionArgs.builder()\n .days(30)\n .storageClass(\"STANDARD_IA\")\n .build(),\n BucketLifecycleConfigurationV2RuleTransitionArgs.builder()\n .days(60)\n .storageClass(\"GLACIER\")\n .build())\n .build(),\n BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"tmp\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"tmp/\")\n .build())\n .expiration(BucketLifecycleConfigurationV2RuleExpirationArgs.builder()\n .date(\"2023-01-13T00:00:00Z\")\n .build())\n .status(\"Enabled\")\n .build())\n .build());\n\n var versioningBucket = new BucketV2(\"versioningBucket\", BucketV2Args.builder() \n .bucket(\"my-versioning-bucket\")\n .build());\n\n var versioningBucketAcl = new BucketAclV2(\"versioningBucketAcl\", BucketAclV2Args.builder() \n .bucket(versioningBucket.id())\n .acl(\"private\")\n .build());\n\n var versioning = new BucketVersioningV2(\"versioning\", BucketVersioningV2Args.builder() \n .bucket(versioningBucket.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var versioning_bucket_config = new BucketLifecycleConfigurationV2(\"versioning-bucket-config\", BucketLifecycleConfigurationV2Args.builder() \n .bucket(versioningBucket.id())\n .rules(BucketLifecycleConfigurationV2RuleArgs.builder()\n .id(\"config\")\n .filter(BucketLifecycleConfigurationV2RuleFilterArgs.builder()\n .prefix(\"config/\")\n .build())\n .noncurrentVersionExpiration(BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs.builder()\n .noncurrentDays(90)\n .build())\n .noncurrentVersionTransitions( \n BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs.builder()\n .noncurrentDays(30)\n .storageClass(\"STANDARD_IA\")\n .build(),\n BucketLifecycleConfigurationV2RuleNoncurrentVersionTransitionArgs.builder()\n .noncurrentDays(60)\n .storageClass(\"GLACIER\")\n .build())\n .status(\"Enabled\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(versioning)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: my-bucket\n bucketAcl:\n type: aws:s3:BucketAclV2\n name: bucket_acl\n properties:\n bucket: ${bucket.id}\n acl: private\n bucket-config:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${bucket.id}\n rules:\n - id: log\n expiration:\n days: 90\n filter:\n and:\n prefix: log/\n tags:\n rule: log\n autoclean: 'true'\n status: Enabled\n transitions:\n - days: 30\n storageClass: STANDARD_IA\n - days: 60\n storageClass: GLACIER\n - id: tmp\n filter:\n prefix: tmp/\n expiration:\n date: 2023-01-13T00:00:00Z\n status: Enabled\n versioningBucket:\n type: aws:s3:BucketV2\n name: versioning_bucket\n properties:\n bucket: my-versioning-bucket\n versioningBucketAcl:\n type: aws:s3:BucketAclV2\n name: versioning_bucket_acl\n properties:\n bucket: ${versioningBucket.id}\n acl: private\n versioning:\n type: aws:s3:BucketVersioningV2\n properties:\n bucket: ${versioningBucket.id}\n versioningConfiguration:\n status: Enabled\n versioning-bucket-config:\n type: aws:s3:BucketLifecycleConfigurationV2\n properties:\n bucket: ${versioningBucket.id}\n rules:\n - id: config\n filter:\n prefix: config/\n noncurrentVersionExpiration:\n noncurrentDays: 90\n noncurrentVersionTransitions:\n - noncurrentDays: 30\n storageClass: STANDARD_IA\n - noncurrentDays: 60\n storageClass: GLACIER\n status: Enabled\n options:\n dependson:\n - ${versioning}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n__Using `pulumi import` to import__ S3 bucket lifecycle configuration using the `bucket` or using the `bucket` and `expected_bucket_owner` separated by a comma (`,`). For example:\n\nIf the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the `bucket`:\n\n```sh\n$ pulumi import aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2 example bucket-name\n```\nIf the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the `bucket` and `expected_bucket_owner` separated by a comma (`,`):\n\n```sh\n$ pulumi import aws:s3/bucketLifecycleConfigurationV2:BucketLifecycleConfigurationV2 example bucket-name,123456789012\n```\n", "properties": { "bucket": { "type": "string", @@ -317276,7 +317276,7 @@ } }, "aws:s3/bucketNotification:BucketNotification": { - "description": "Manages a S3 Bucket Notification Configuration. For additional information, see the [Configuring S3 Event Notifications section in the Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html).\n\n\u003e **NOTE:** S3 Buckets only support a single notification configuration. Declaring multiple `aws.s3.BucketNotification` resources to the same S3 Bucket will cause a perpetual difference in configuration. See the example \"Trigger multiple Lambda functions\" for an option.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Add notification configuration to SNS Topic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst topic = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"s3.amazonaws.com\"],\n }],\n actions: [\"SNS:Publish\"],\n resources: [\"arn:aws:sns:*:*:s3-event-notification-topic\"],\n conditions: [{\n test: \"ArnLike\",\n variable: \"aws:SourceArn\",\n values: [bucket.arn],\n }],\n }],\n});\nconst topicTopic = new aws.sns.Topic(\"topic\", {\n name: \"s3-event-notification-topic\",\n policy: topic.apply(topic =\u003e topic.json),\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n topics: [{\n topicArn: topicTopic.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterSuffix: \".log\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\ntopic = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"s3.amazonaws.com\"],\n )],\n actions=[\"SNS:Publish\"],\n resources=[\"arn:aws:sns:*:*:s3-event-notification-topic\"],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"ArnLike\",\n variable=\"aws:SourceArn\",\n values=[bucket.arn],\n )],\n)])\ntopic_topic = aws.sns.Topic(\"topic\",\n name=\"s3-event-notification-topic\",\n policy=topic.json)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n topics=[aws.s3.BucketNotificationTopicArgs(\n topic_arn=topic_topic.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_suffix=\".log\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var topic = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"s3.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"SNS:Publish\",\n },\n Resources = new[]\n {\n \"arn:aws:sns:*:*:s3-event-notification-topic\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnLike\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n bucket.Arn,\n },\n },\n },\n },\n },\n });\n\n var topicTopic = new Aws.Sns.Topic(\"topic\", new()\n {\n Name = \"s3-event-notification-topic\",\n Policy = topic.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Topics = new[]\n {\n new Aws.S3.Inputs.BucketNotificationTopicArgs\n {\n TopicArn = topicTopic.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterSuffix = \".log\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttopic := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"s3.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"SNS:Publish\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"arn:aws:sns:*:*:s3-event-notification-topic\"),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"ArnLike\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tbucket.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\ttopicTopic, err := sns.NewTopic(ctx, \"topic\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"s3-event-notification-topic\"),\n\t\t\tPolicy: topic.ApplyT(func(topic iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026topic.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tTopics: s3.BucketNotificationTopicArray{\n\t\t\t\t\u0026s3.BucketNotificationTopicArgs{\n\t\t\t\t\tTopicArn: topicTopic.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationTopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n final var topic = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"s3.amazonaws.com\")\n .build())\n .actions(\"SNS:Publish\")\n .resources(\"arn:aws:sns:*:*:s3-event-notification-topic\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnLike\")\n .variable(\"aws:SourceArn\")\n .values(bucket.arn())\n .build())\n .build())\n .build());\n\n var topicTopic = new Topic(\"topicTopic\", TopicArgs.builder() \n .name(\"s3-event-notification-topic\")\n .policy(topic.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(topic -\u003e topic.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .topics(BucketNotificationTopicArgs.builder()\n .topicArn(topicTopic.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterSuffix(\".log\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n topicTopic:\n type: aws:sns:Topic\n name: topic\n properties:\n name: s3-event-notification-topic\n policy: ${topic.json}\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n topics:\n - topicArn: ${topicTopic.arn}\n events:\n - s3:ObjectCreated:*\n filterSuffix: .log\nvariables:\n topic:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - s3.amazonaws.com\n actions:\n - SNS:Publish\n resources:\n - arn:aws:sns:*:*:s3-event-notification-topic\n conditions:\n - test: ArnLike\n variable: aws:SourceArn\n values:\n - ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add notification configuration to SQS Queue\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst queue = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"sqs:SendMessage\"],\n resources: [\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n conditions: [{\n test: \"ArnEquals\",\n variable: \"aws:SourceArn\",\n values: [bucket.arn],\n }],\n }],\n});\nconst queueQueue = new aws.sqs.Queue(\"queue\", {\n name: \"s3-event-notification-queue\",\n policy: queue.apply(queue =\u003e queue.json),\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n queues: [{\n queueArn: queueQueue.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterSuffix: \".log\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nqueue = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"*\",\n identifiers=[\"*\"],\n )],\n actions=[\"sqs:SendMessage\"],\n resources=[\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"ArnEquals\",\n variable=\"aws:SourceArn\",\n values=[bucket.arn],\n )],\n)])\nqueue_queue = aws.sqs.Queue(\"queue\",\n name=\"s3-event-notification-queue\",\n policy=queue.json)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n queues=[aws.s3.BucketNotificationQueueArgs(\n queue_arn=queue_queue.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_suffix=\".log\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var queue = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"sqs:SendMessage\",\n },\n Resources = new[]\n {\n \"arn:aws:sqs:*:*:s3-event-notification-queue\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n bucket.Arn,\n },\n },\n },\n },\n },\n });\n\n var queueQueue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"s3-event-notification-queue\",\n Policy = queue.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Queues = new[]\n {\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n QueueArn = queueQueue.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterSuffix = \".log\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tqueue := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sqs:SendMessage\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"arn:aws:sqs:*:*:s3-event-notification-queue\"),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"ArnEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tbucket.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tqueueQueue, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"s3-event-notification-queue\"),\n\t\t\tPolicy: queue.ApplyT(func(queue iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026queue.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tQueues: s3.BucketNotificationQueueArray{\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tQueueArn: queueQueue.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n final var queue = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"sqs:SendMessage\")\n .resources(\"arn:aws:sqs:*:*:s3-event-notification-queue\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnEquals\")\n .variable(\"aws:SourceArn\")\n .values(bucket.arn())\n .build())\n .build())\n .build());\n\n var queueQueue = new Queue(\"queueQueue\", QueueArgs.builder() \n .name(\"s3-event-notification-queue\")\n .policy(queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(queue -\u003e queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .queues(BucketNotificationQueueArgs.builder()\n .queueArn(queueQueue.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterSuffix(\".log\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queueQueue:\n type: aws:sqs:Queue\n name: queue\n properties:\n name: s3-event-notification-queue\n policy: ${queue.json}\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n queues:\n - queueArn: ${queueQueue.arn}\n events:\n - s3:ObjectCreated:*\n filterSuffix: .log\nvariables:\n queue:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - sqs:SendMessage\n resources:\n - arn:aws:sqs:*:*:s3-event-notification-queue\n conditions:\n - test: ArnEquals\n variable: aws:SourceArn\n values:\n - ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add notification configuration to Lambda Function\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst func = new aws.lambda.Function(\"func\", {\n code: new pulumi.asset.FileArchive(\"your-function.zip\"),\n name: \"example_lambda_name\",\n role: iamForLambda.arn,\n handler: \"exports.example\",\n runtime: aws.lambda.Runtime.Go1dx,\n});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst allowBucket = new aws.lambda.Permission(\"allow_bucket\", {\n statementId: \"AllowExecutionFromS3Bucket\",\n action: \"lambda:InvokeFunction\",\n \"function\": func.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: bucket.arn,\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n lambdaFunctions: [{\n lambdaFunctionArn: func.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"AWSLogs/\",\n filterSuffix: \".log\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\nfunc = aws.lambda_.Function(\"func\",\n code=pulumi.FileArchive(\"your-function.zip\"),\n name=\"example_lambda_name\",\n role=iam_for_lambda.arn,\n handler=\"exports.example\",\n runtime=aws.lambda_.Runtime.GO1DX)\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nallow_bucket = aws.lambda_.Permission(\"allow_bucket\",\n statement_id=\"AllowExecutionFromS3Bucket\",\n action=\"lambda:InvokeFunction\",\n function=func.arn,\n principal=\"s3.amazonaws.com\",\n source_arn=bucket.arn)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n lambda_functions=[aws.s3.BucketNotificationLambdaFunctionArgs(\n lambda_function_arn=func.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_prefix=\"AWSLogs/\",\n filter_suffix=\".log\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var func = new Aws.Lambda.Function(\"func\", new()\n {\n Code = new FileArchive(\"your-function.zip\"),\n Name = \"example_lambda_name\",\n Role = iamForLambda.Arn,\n Handler = \"exports.example\",\n Runtime = Aws.Lambda.Runtime.Go1dx,\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var allowBucket = new Aws.Lambda.Permission(\"allow_bucket\", new()\n {\n StatementId = \"AllowExecutionFromS3Bucket\",\n Action = \"lambda:InvokeFunction\",\n Function = func.Arn,\n Principal = \"s3.amazonaws.com\",\n SourceArn = bucket.Arn,\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n LambdaFunctions = new[]\n {\n new Aws.S3.Inputs.BucketNotificationLambdaFunctionArgs\n {\n LambdaFunctionArn = func.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"AWSLogs/\",\n FilterSuffix = \".log\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"func\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"your-function.zip\"),\n\t\t\tName: pulumi.String(\"example_lambda_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.example\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeGo1dx),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"allow_bucket\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromS3Bucket\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: _func.Arn,\n\t\t\tPrincipal: pulumi.String(\"s3.amazonaws.com\"),\n\t\t\tSourceArn: bucket.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tLambdaFunctions: s3.BucketNotificationLambdaFunctionArray{\n\t\t\t\t\u0026s3.BucketNotificationLambdaFunctionArgs{\n\t\t\t\t\tLambdaFunctionArn: _func.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"AWSLogs/\"),\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationLambdaFunctionArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder() \n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var func = new Function(\"func\", FunctionArgs.builder() \n .code(new FileArchive(\"your-function.zip\"))\n .name(\"example_lambda_name\")\n .role(iamForLambda.arn())\n .handler(\"exports.example\")\n .runtime(\"go1.x\")\n .build());\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n var allowBucket = new Permission(\"allowBucket\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromS3Bucket\")\n .action(\"lambda:InvokeFunction\")\n .function(func.arn())\n .principal(\"s3.amazonaws.com\")\n .sourceArn(bucket.arn())\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .lambdaFunctions(BucketNotificationLambdaFunctionArgs.builder()\n .lambdaFunctionArn(func.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"AWSLogs/\")\n .filterSuffix(\".log\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n allowBucket:\n type: aws:lambda:Permission\n name: allow_bucket\n properties:\n statementId: AllowExecutionFromS3Bucket\n action: lambda:InvokeFunction\n function: ${func.arn}\n principal: s3.amazonaws.com\n sourceArn: ${bucket.arn}\n func:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: your-function.zip\n name: example_lambda_name\n role: ${iamForLambda.arn}\n handler: exports.example\n runtime: go1.x\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n lambdaFunctions:\n - lambdaFunctionArn: ${func.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: AWSLogs/\n filterSuffix: .log\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Trigger multiple Lambda functions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst func1 = new aws.lambda.Function(\"func1\", {\n code: new pulumi.asset.FileArchive(\"your-function1.zip\"),\n name: \"example_lambda_name1\",\n role: iamForLambda.arn,\n handler: \"exports.example\",\n runtime: aws.lambda.Runtime.Go1dx,\n});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst allowBucket1 = new aws.lambda.Permission(\"allow_bucket1\", {\n statementId: \"AllowExecutionFromS3Bucket1\",\n action: \"lambda:InvokeFunction\",\n \"function\": func1.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: bucket.arn,\n});\nconst func2 = new aws.lambda.Function(\"func2\", {\n code: new pulumi.asset.FileArchive(\"your-function2.zip\"),\n name: \"example_lambda_name2\",\n role: iamForLambda.arn,\n handler: \"exports.example\",\n});\nconst allowBucket2 = new aws.lambda.Permission(\"allow_bucket2\", {\n statementId: \"AllowExecutionFromS3Bucket2\",\n action: \"lambda:InvokeFunction\",\n \"function\": func2.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: bucket.arn,\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n lambdaFunctions: [\n {\n lambdaFunctionArn: func1.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"AWSLogs/\",\n filterSuffix: \".log\",\n },\n {\n lambdaFunctionArn: func2.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"OtherLogs/\",\n filterSuffix: \".log\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\nfunc1 = aws.lambda_.Function(\"func1\",\n code=pulumi.FileArchive(\"your-function1.zip\"),\n name=\"example_lambda_name1\",\n role=iam_for_lambda.arn,\n handler=\"exports.example\",\n runtime=aws.lambda_.Runtime.GO1DX)\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nallow_bucket1 = aws.lambda_.Permission(\"allow_bucket1\",\n statement_id=\"AllowExecutionFromS3Bucket1\",\n action=\"lambda:InvokeFunction\",\n function=func1.arn,\n principal=\"s3.amazonaws.com\",\n source_arn=bucket.arn)\nfunc2 = aws.lambda_.Function(\"func2\",\n code=pulumi.FileArchive(\"your-function2.zip\"),\n name=\"example_lambda_name2\",\n role=iam_for_lambda.arn,\n handler=\"exports.example\")\nallow_bucket2 = aws.lambda_.Permission(\"allow_bucket2\",\n statement_id=\"AllowExecutionFromS3Bucket2\",\n action=\"lambda:InvokeFunction\",\n function=func2.arn,\n principal=\"s3.amazonaws.com\",\n source_arn=bucket.arn)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n lambda_functions=[\n aws.s3.BucketNotificationLambdaFunctionArgs(\n lambda_function_arn=func1.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_prefix=\"AWSLogs/\",\n filter_suffix=\".log\",\n ),\n aws.s3.BucketNotificationLambdaFunctionArgs(\n lambda_function_arn=func2.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_prefix=\"OtherLogs/\",\n filter_suffix=\".log\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var func1 = new Aws.Lambda.Function(\"func1\", new()\n {\n Code = new FileArchive(\"your-function1.zip\"),\n Name = \"example_lambda_name1\",\n Role = iamForLambda.Arn,\n Handler = \"exports.example\",\n Runtime = Aws.Lambda.Runtime.Go1dx,\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var allowBucket1 = new Aws.Lambda.Permission(\"allow_bucket1\", new()\n {\n StatementId = \"AllowExecutionFromS3Bucket1\",\n Action = \"lambda:InvokeFunction\",\n Function = func1.Arn,\n Principal = \"s3.amazonaws.com\",\n SourceArn = bucket.Arn,\n });\n\n var func2 = new Aws.Lambda.Function(\"func2\", new()\n {\n Code = new FileArchive(\"your-function2.zip\"),\n Name = \"example_lambda_name2\",\n Role = iamForLambda.Arn,\n Handler = \"exports.example\",\n });\n\n var allowBucket2 = new Aws.Lambda.Permission(\"allow_bucket2\", new()\n {\n StatementId = \"AllowExecutionFromS3Bucket2\",\n Action = \"lambda:InvokeFunction\",\n Function = func2.Arn,\n Principal = \"s3.amazonaws.com\",\n SourceArn = bucket.Arn,\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n LambdaFunctions = new[]\n {\n new Aws.S3.Inputs.BucketNotificationLambdaFunctionArgs\n {\n LambdaFunctionArn = func1.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"AWSLogs/\",\n FilterSuffix = \".log\",\n },\n new Aws.S3.Inputs.BucketNotificationLambdaFunctionArgs\n {\n LambdaFunctionArn = func2.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"OtherLogs/\",\n FilterSuffix = \".log\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfunc1, err := lambda.NewFunction(ctx, \"func1\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"your-function1.zip\"),\n\t\t\tName: pulumi.String(\"example_lambda_name1\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.example\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeGo1dx),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"allow_bucket1\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromS3Bucket1\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: func1.Arn,\n\t\t\tPrincipal: pulumi.String(\"s3.amazonaws.com\"),\n\t\t\tSourceArn: bucket.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfunc2, err := lambda.NewFunction(ctx, \"func2\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"your-function2.zip\"),\n\t\t\tName: pulumi.String(\"example_lambda_name2\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewPermission(ctx, \"allow_bucket2\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromS3Bucket2\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: func2.Arn,\n\t\t\tPrincipal: pulumi.String(\"s3.amazonaws.com\"),\n\t\t\tSourceArn: bucket.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tLambdaFunctions: s3.BucketNotificationLambdaFunctionArray{\n\t\t\t\t\u0026s3.BucketNotificationLambdaFunctionArgs{\n\t\t\t\t\tLambdaFunctionArn: func1.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"AWSLogs/\"),\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketNotificationLambdaFunctionArgs{\n\t\t\t\t\tLambdaFunctionArn: func2.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"OtherLogs/\"),\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationLambdaFunctionArgs;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder() \n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var func1 = new Function(\"func1\", FunctionArgs.builder() \n .code(new FileArchive(\"your-function1.zip\"))\n .name(\"example_lambda_name1\")\n .role(iamForLambda.arn())\n .handler(\"exports.example\")\n .runtime(\"go1.x\")\n .build());\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n var allowBucket1 = new Permission(\"allowBucket1\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromS3Bucket1\")\n .action(\"lambda:InvokeFunction\")\n .function(func1.arn())\n .principal(\"s3.amazonaws.com\")\n .sourceArn(bucket.arn())\n .build());\n\n var func2 = new Function(\"func2\", FunctionArgs.builder() \n .code(new FileArchive(\"your-function2.zip\"))\n .name(\"example_lambda_name2\")\n .role(iamForLambda.arn())\n .handler(\"exports.example\")\n .build());\n\n var allowBucket2 = new Permission(\"allowBucket2\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromS3Bucket2\")\n .action(\"lambda:InvokeFunction\")\n .function(func2.arn())\n .principal(\"s3.amazonaws.com\")\n .sourceArn(bucket.arn())\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .lambdaFunctions( \n BucketNotificationLambdaFunctionArgs.builder()\n .lambdaFunctionArn(func1.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"AWSLogs/\")\n .filterSuffix(\".log\")\n .build(),\n BucketNotificationLambdaFunctionArgs.builder()\n .lambdaFunctionArn(func2.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"OtherLogs/\")\n .filterSuffix(\".log\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n allowBucket1:\n type: aws:lambda:Permission\n name: allow_bucket1\n properties:\n statementId: AllowExecutionFromS3Bucket1\n action: lambda:InvokeFunction\n function: ${func1.arn}\n principal: s3.amazonaws.com\n sourceArn: ${bucket.arn}\n func1:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: your-function1.zip\n name: example_lambda_name1\n role: ${iamForLambda.arn}\n handler: exports.example\n runtime: go1.x\n allowBucket2:\n type: aws:lambda:Permission\n name: allow_bucket2\n properties:\n statementId: AllowExecutionFromS3Bucket2\n action: lambda:InvokeFunction\n function: ${func2.arn}\n principal: s3.amazonaws.com\n sourceArn: ${bucket.arn}\n func2:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: your-function2.zip\n name: example_lambda_name2\n role: ${iamForLambda.arn}\n handler: exports.example\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n lambdaFunctions:\n - lambdaFunctionArn: ${func1.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: AWSLogs/\n filterSuffix: .log\n - lambdaFunctionArn: ${func2.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: OtherLogs/\n filterSuffix: .log\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add multiple notification configurations to SQS Queue\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst queue = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"sqs:SendMessage\"],\n resources: [\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n conditions: [{\n test: \"ArnEquals\",\n variable: \"aws:SourceArn\",\n values: [bucket.arn],\n }],\n }],\n});\nconst queueQueue = new aws.sqs.Queue(\"queue\", {\n name: \"s3-event-notification-queue\",\n policy: queue.apply(queue =\u003e queue.json),\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n queues: [\n {\n id: \"image-upload-event\",\n queueArn: queueQueue.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"images/\",\n },\n {\n id: \"video-upload-event\",\n queueArn: queueQueue.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"videos/\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nqueue = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"*\",\n identifiers=[\"*\"],\n )],\n actions=[\"sqs:SendMessage\"],\n resources=[\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"ArnEquals\",\n variable=\"aws:SourceArn\",\n values=[bucket.arn],\n )],\n)])\nqueue_queue = aws.sqs.Queue(\"queue\",\n name=\"s3-event-notification-queue\",\n policy=queue.json)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n queues=[\n aws.s3.BucketNotificationQueueArgs(\n id=\"image-upload-event\",\n queue_arn=queue_queue.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_prefix=\"images/\",\n ),\n aws.s3.BucketNotificationQueueArgs(\n id=\"video-upload-event\",\n queue_arn=queue_queue.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_prefix=\"videos/\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var queue = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"sqs:SendMessage\",\n },\n Resources = new[]\n {\n \"arn:aws:sqs:*:*:s3-event-notification-queue\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n bucket.Arn,\n },\n },\n },\n },\n },\n });\n\n var queueQueue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"s3-event-notification-queue\",\n Policy = queue.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Queues = new[]\n {\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n Id = \"image-upload-event\",\n QueueArn = queueQueue.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"images/\",\n },\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n Id = \"video-upload-event\",\n QueueArn = queueQueue.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"videos/\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tqueue := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sqs:SendMessage\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"arn:aws:sqs:*:*:s3-event-notification-queue\"),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"ArnEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tbucket.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tqueueQueue, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"s3-event-notification-queue\"),\n\t\t\tPolicy: queue.ApplyT(func(queue iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026queue.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tQueues: s3.BucketNotificationQueueArray{\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tId: pulumi.String(\"image-upload-event\"),\n\t\t\t\t\tQueueArn: queueQueue.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"images/\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tId: pulumi.String(\"video-upload-event\"),\n\t\t\t\t\tQueueArn: queueQueue.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"videos/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n final var queue = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"sqs:SendMessage\")\n .resources(\"arn:aws:sqs:*:*:s3-event-notification-queue\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnEquals\")\n .variable(\"aws:SourceArn\")\n .values(bucket.arn())\n .build())\n .build())\n .build());\n\n var queueQueue = new Queue(\"queueQueue\", QueueArgs.builder() \n .name(\"s3-event-notification-queue\")\n .policy(queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(queue -\u003e queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .queues( \n BucketNotificationQueueArgs.builder()\n .id(\"image-upload-event\")\n .queueArn(queueQueue.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"images/\")\n .build(),\n BucketNotificationQueueArgs.builder()\n .id(\"video-upload-event\")\n .queueArn(queueQueue.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"videos/\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queueQueue:\n type: aws:sqs:Queue\n name: queue\n properties:\n name: s3-event-notification-queue\n policy: ${queue.json}\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n queues:\n - id: image-upload-event\n queueArn: ${queueQueue.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: images/\n - id: video-upload-event\n queueArn: ${queueQueue.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: videos/\nvariables:\n queue:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - sqs:SendMessage\n resources:\n - arn:aws:sqs:*:*:s3-event-notification-queue\n conditions:\n - test: ArnEquals\n variable: aws:SourceArn\n values:\n - ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nFor JSON syntax, use an array instead of defining the `queue` key twice.\n\n```json\n{\n\t\"bucket\": \"${aws_s3_bucket.bucket.id}\",\n\t\"queue\": [\n\t\t{\n\t\t\t\"id\": \"image-upload-event\",\n\t\t\t\"queue_arn\": \"${aws_sqs_queue.queue.arn}\",\n\t\t\t\"events\": [\"s3:ObjectCreated:*\"],\n\t\t\t\"filter_prefix\": \"images/\"\n\t\t},\n\t\t{\n\t\t\t\"id\": \"video-upload-event\",\n\t\t\t\"queue_arn\": \"${aws_sqs_queue.queue.arn}\",\n\t\t\t\"events\": [\"s3:ObjectCreated:*\"],\n\t\t\t\"filter_prefix\": \"videos/\"\n\t\t}\n\t]\n}\n```\n\n### Emit events to EventBridge\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n eventbridge: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n eventbridge=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Eventbridge = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tEventbridge: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .eventbridge(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n eventbridge: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket notification using the `bucket`. For example:\n\n```sh\n$ pulumi import aws:s3/bucketNotification:BucketNotification bucket_notification bucket-name\n```\n", + "description": "Manages a S3 Bucket Notification Configuration. For additional information, see the [Configuring S3 Event Notifications section in the Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html).\n\n\u003e **NOTE:** S3 Buckets only support a single notification configuration. Declaring multiple `aws.s3.BucketNotification` resources to the same S3 Bucket will cause a perpetual difference in configuration. See the example \"Trigger multiple Lambda functions\" for an option.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Add notification configuration to SNS Topic\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst topic = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"s3.amazonaws.com\"],\n }],\n actions: [\"SNS:Publish\"],\n resources: [\"arn:aws:sns:*:*:s3-event-notification-topic\"],\n conditions: [{\n test: \"ArnLike\",\n variable: \"aws:SourceArn\",\n values: [bucket.arn],\n }],\n }],\n});\nconst topicTopic = new aws.sns.Topic(\"topic\", {\n name: \"s3-event-notification-topic\",\n policy: topic.apply(topic =\u003e topic.json),\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n topics: [{\n topicArn: topicTopic.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterSuffix: \".log\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\ntopic = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"s3.amazonaws.com\"],\n )],\n actions=[\"SNS:Publish\"],\n resources=[\"arn:aws:sns:*:*:s3-event-notification-topic\"],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"ArnLike\",\n variable=\"aws:SourceArn\",\n values=[bucket.arn],\n )],\n)])\ntopic_topic = aws.sns.Topic(\"topic\",\n name=\"s3-event-notification-topic\",\n policy=topic.json)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n topics=[aws.s3.BucketNotificationTopicArgs(\n topic_arn=topic_topic.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_suffix=\".log\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var topic = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"s3.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"SNS:Publish\",\n },\n Resources = new[]\n {\n \"arn:aws:sns:*:*:s3-event-notification-topic\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnLike\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n bucket.Arn,\n },\n },\n },\n },\n },\n });\n\n var topicTopic = new Aws.Sns.Topic(\"topic\", new()\n {\n Name = \"s3-event-notification-topic\",\n Policy = topic.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Topics = new[]\n {\n new Aws.S3.Inputs.BucketNotificationTopicArgs\n {\n TopicArn = topicTopic.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterSuffix = \".log\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttopic := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"Service\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"s3.amazonaws.com\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"SNS:Publish\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"arn:aws:sns:*:*:s3-event-notification-topic\"),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"ArnLike\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tbucket.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\ttopicTopic, err := sns.NewTopic(ctx, \"topic\", \u0026sns.TopicArgs{\n\t\t\tName: pulumi.String(\"s3-event-notification-topic\"),\n\t\t\tPolicy: topic.ApplyT(func(topic iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026topic.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tTopics: s3.BucketNotificationTopicArray{\n\t\t\t\t\u0026s3.BucketNotificationTopicArgs{\n\t\t\t\t\tTopicArn: topicTopic.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sns.Topic;\nimport com.pulumi.aws.sns.TopicArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationTopicArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n final var topic = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"s3.amazonaws.com\")\n .build())\n .actions(\"SNS:Publish\")\n .resources(\"arn:aws:sns:*:*:s3-event-notification-topic\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnLike\")\n .variable(\"aws:SourceArn\")\n .values(bucket.arn())\n .build())\n .build())\n .build());\n\n var topicTopic = new Topic(\"topicTopic\", TopicArgs.builder() \n .name(\"s3-event-notification-topic\")\n .policy(topic.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(topic -\u003e topic.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .topics(BucketNotificationTopicArgs.builder()\n .topicArn(topicTopic.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterSuffix(\".log\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n topicTopic:\n type: aws:sns:Topic\n name: topic\n properties:\n name: s3-event-notification-topic\n policy: ${topic.json}\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n topics:\n - topicArn: ${topicTopic.arn}\n events:\n - s3:ObjectCreated:*\n filterSuffix: .log\nvariables:\n topic:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - s3.amazonaws.com\n actions:\n - SNS:Publish\n resources:\n - arn:aws:sns:*:*:s3-event-notification-topic\n conditions:\n - test: ArnLike\n variable: aws:SourceArn\n values:\n - ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add notification configuration to SQS Queue\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst queue = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"sqs:SendMessage\"],\n resources: [\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n conditions: [{\n test: \"ArnEquals\",\n variable: \"aws:SourceArn\",\n values: [bucket.arn],\n }],\n }],\n});\nconst queueQueue = new aws.sqs.Queue(\"queue\", {\n name: \"s3-event-notification-queue\",\n policy: queue.apply(queue =\u003e queue.json),\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n queues: [{\n queueArn: queueQueue.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterSuffix: \".log\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nqueue = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"*\",\n identifiers=[\"*\"],\n )],\n actions=[\"sqs:SendMessage\"],\n resources=[\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"ArnEquals\",\n variable=\"aws:SourceArn\",\n values=[bucket.arn],\n )],\n)])\nqueue_queue = aws.sqs.Queue(\"queue\",\n name=\"s3-event-notification-queue\",\n policy=queue.json)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n queues=[aws.s3.BucketNotificationQueueArgs(\n queue_arn=queue_queue.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_suffix=\".log\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var queue = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"sqs:SendMessage\",\n },\n Resources = new[]\n {\n \"arn:aws:sqs:*:*:s3-event-notification-queue\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n bucket.Arn,\n },\n },\n },\n },\n },\n });\n\n var queueQueue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"s3-event-notification-queue\",\n Policy = queue.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Queues = new[]\n {\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n QueueArn = queueQueue.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterSuffix = \".log\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tqueue := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sqs:SendMessage\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"arn:aws:sqs:*:*:s3-event-notification-queue\"),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"ArnEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tbucket.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tqueueQueue, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"s3-event-notification-queue\"),\n\t\t\tPolicy: queue.ApplyT(func(queue iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026queue.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tQueues: s3.BucketNotificationQueueArray{\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tQueueArn: queueQueue.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n final var queue = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"sqs:SendMessage\")\n .resources(\"arn:aws:sqs:*:*:s3-event-notification-queue\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnEquals\")\n .variable(\"aws:SourceArn\")\n .values(bucket.arn())\n .build())\n .build())\n .build());\n\n var queueQueue = new Queue(\"queueQueue\", QueueArgs.builder() \n .name(\"s3-event-notification-queue\")\n .policy(queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(queue -\u003e queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .queues(BucketNotificationQueueArgs.builder()\n .queueArn(queueQueue.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterSuffix(\".log\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queueQueue:\n type: aws:sqs:Queue\n name: queue\n properties:\n name: s3-event-notification-queue\n policy: ${queue.json}\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n queues:\n - queueArn: ${queueQueue.arn}\n events:\n - s3:ObjectCreated:*\n filterSuffix: .log\nvariables:\n queue:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - sqs:SendMessage\n resources:\n - arn:aws:sqs:*:*:s3-event-notification-queue\n conditions:\n - test: ArnEquals\n variable: aws:SourceArn\n values:\n - ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add notification configuration to Lambda Function\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst func = new aws.lambda.Function(\"func\", {\n code: new pulumi.asset.FileArchive(\"your-function.zip\"),\n name: \"example_lambda_name\",\n role: iamForLambda.arn,\n handler: \"exports.example\",\n runtime: aws.lambda.Runtime.Go1dx,\n});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst allowBucket = new aws.lambda.Permission(\"allow_bucket\", {\n statementId: \"AllowExecutionFromS3Bucket\",\n action: \"lambda:InvokeFunction\",\n \"function\": func.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: bucket.arn,\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n lambdaFunctions: [{\n lambdaFunctionArn: func.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"AWSLogs/\",\n filterSuffix: \".log\",\n }],\n}, {\n dependsOn: [allowBucket],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\nfunc = aws.lambda_.Function(\"func\",\n code=pulumi.FileArchive(\"your-function.zip\"),\n name=\"example_lambda_name\",\n role=iam_for_lambda.arn,\n handler=\"exports.example\",\n runtime=aws.lambda_.Runtime.GO1DX)\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nallow_bucket = aws.lambda_.Permission(\"allow_bucket\",\n statement_id=\"AllowExecutionFromS3Bucket\",\n action=\"lambda:InvokeFunction\",\n function=func.arn,\n principal=\"s3.amazonaws.com\",\n source_arn=bucket.arn)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n lambda_functions=[aws.s3.BucketNotificationLambdaFunctionArgs(\n lambda_function_arn=func.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_prefix=\"AWSLogs/\",\n filter_suffix=\".log\",\n )],\n opts=pulumi.ResourceOptions(depends_on=[allow_bucket]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var func = new Aws.Lambda.Function(\"func\", new()\n {\n Code = new FileArchive(\"your-function.zip\"),\n Name = \"example_lambda_name\",\n Role = iamForLambda.Arn,\n Handler = \"exports.example\",\n Runtime = Aws.Lambda.Runtime.Go1dx,\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var allowBucket = new Aws.Lambda.Permission(\"allow_bucket\", new()\n {\n StatementId = \"AllowExecutionFromS3Bucket\",\n Action = \"lambda:InvokeFunction\",\n Function = func.Arn,\n Principal = \"s3.amazonaws.com\",\n SourceArn = bucket.Arn,\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n LambdaFunctions = new[]\n {\n new Aws.S3.Inputs.BucketNotificationLambdaFunctionArgs\n {\n LambdaFunctionArn = func.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"AWSLogs/\",\n FilterSuffix = \".log\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n allowBucket, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = lambda.NewFunction(ctx, \"func\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"your-function.zip\"),\n\t\t\tName: pulumi.String(\"example_lambda_name\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.example\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeGo1dx),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tallowBucket, err := lambda.NewPermission(ctx, \"allow_bucket\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromS3Bucket\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: _func.Arn,\n\t\t\tPrincipal: pulumi.String(\"s3.amazonaws.com\"),\n\t\t\tSourceArn: bucket.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tLambdaFunctions: s3.BucketNotificationLambdaFunctionArray{\n\t\t\t\t\u0026s3.BucketNotificationLambdaFunctionArgs{\n\t\t\t\t\tLambdaFunctionArn: _func.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"AWSLogs/\"),\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tallowBucket,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationLambdaFunctionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder() \n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var func = new Function(\"func\", FunctionArgs.builder() \n .code(new FileArchive(\"your-function.zip\"))\n .name(\"example_lambda_name\")\n .role(iamForLambda.arn())\n .handler(\"exports.example\")\n .runtime(\"go1.x\")\n .build());\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n var allowBucket = new Permission(\"allowBucket\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromS3Bucket\")\n .action(\"lambda:InvokeFunction\")\n .function(func.arn())\n .principal(\"s3.amazonaws.com\")\n .sourceArn(bucket.arn())\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .lambdaFunctions(BucketNotificationLambdaFunctionArgs.builder()\n .lambdaFunctionArn(func.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"AWSLogs/\")\n .filterSuffix(\".log\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(allowBucket)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n allowBucket:\n type: aws:lambda:Permission\n name: allow_bucket\n properties:\n statementId: AllowExecutionFromS3Bucket\n action: lambda:InvokeFunction\n function: ${func.arn}\n principal: s3.amazonaws.com\n sourceArn: ${bucket.arn}\n func:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: your-function.zip\n name: example_lambda_name\n role: ${iamForLambda.arn}\n handler: exports.example\n runtime: go1.x\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n lambdaFunctions:\n - lambdaFunctionArn: ${func.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: AWSLogs/\n filterSuffix: .log\n options:\n dependson:\n - ${allowBucket}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Trigger multiple Lambda functions\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"lambda.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst iamForLambda = new aws.iam.Role(\"iam_for_lambda\", {\n name: \"iam_for_lambda\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst func1 = new aws.lambda.Function(\"func1\", {\n code: new pulumi.asset.FileArchive(\"your-function1.zip\"),\n name: \"example_lambda_name1\",\n role: iamForLambda.arn,\n handler: \"exports.example\",\n runtime: aws.lambda.Runtime.Go1dx,\n});\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst allowBucket1 = new aws.lambda.Permission(\"allow_bucket1\", {\n statementId: \"AllowExecutionFromS3Bucket1\",\n action: \"lambda:InvokeFunction\",\n \"function\": func1.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: bucket.arn,\n});\nconst func2 = new aws.lambda.Function(\"func2\", {\n code: new pulumi.asset.FileArchive(\"your-function2.zip\"),\n name: \"example_lambda_name2\",\n role: iamForLambda.arn,\n handler: \"exports.example\",\n});\nconst allowBucket2 = new aws.lambda.Permission(\"allow_bucket2\", {\n statementId: \"AllowExecutionFromS3Bucket2\",\n action: \"lambda:InvokeFunction\",\n \"function\": func2.arn,\n principal: \"s3.amazonaws.com\",\n sourceArn: bucket.arn,\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n lambdaFunctions: [\n {\n lambdaFunctionArn: func1.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"AWSLogs/\",\n filterSuffix: \".log\",\n },\n {\n lambdaFunctionArn: func2.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"OtherLogs/\",\n filterSuffix: \".log\",\n },\n ],\n}, {\n dependsOn: [\n allowBucket1,\n allowBucket2,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"lambda.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\niam_for_lambda = aws.iam.Role(\"iam_for_lambda\",\n name=\"iam_for_lambda\",\n assume_role_policy=assume_role.json)\nfunc1 = aws.lambda_.Function(\"func1\",\n code=pulumi.FileArchive(\"your-function1.zip\"),\n name=\"example_lambda_name1\",\n role=iam_for_lambda.arn,\n handler=\"exports.example\",\n runtime=aws.lambda_.Runtime.GO1DX)\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nallow_bucket1 = aws.lambda_.Permission(\"allow_bucket1\",\n statement_id=\"AllowExecutionFromS3Bucket1\",\n action=\"lambda:InvokeFunction\",\n function=func1.arn,\n principal=\"s3.amazonaws.com\",\n source_arn=bucket.arn)\nfunc2 = aws.lambda_.Function(\"func2\",\n code=pulumi.FileArchive(\"your-function2.zip\"),\n name=\"example_lambda_name2\",\n role=iam_for_lambda.arn,\n handler=\"exports.example\")\nallow_bucket2 = aws.lambda_.Permission(\"allow_bucket2\",\n statement_id=\"AllowExecutionFromS3Bucket2\",\n action=\"lambda:InvokeFunction\",\n function=func2.arn,\n principal=\"s3.amazonaws.com\",\n source_arn=bucket.arn)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n lambda_functions=[\n aws.s3.BucketNotificationLambdaFunctionArgs(\n lambda_function_arn=func1.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_prefix=\"AWSLogs/\",\n filter_suffix=\".log\",\n ),\n aws.s3.BucketNotificationLambdaFunctionArgs(\n lambda_function_arn=func2.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_prefix=\"OtherLogs/\",\n filter_suffix=\".log\",\n ),\n ],\n opts=pulumi.ResourceOptions(depends_on=[\n allow_bucket1,\n allow_bucket2,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"lambda.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var iamForLambda = new Aws.Iam.Role(\"iam_for_lambda\", new()\n {\n Name = \"iam_for_lambda\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var func1 = new Aws.Lambda.Function(\"func1\", new()\n {\n Code = new FileArchive(\"your-function1.zip\"),\n Name = \"example_lambda_name1\",\n Role = iamForLambda.Arn,\n Handler = \"exports.example\",\n Runtime = Aws.Lambda.Runtime.Go1dx,\n });\n\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var allowBucket1 = new Aws.Lambda.Permission(\"allow_bucket1\", new()\n {\n StatementId = \"AllowExecutionFromS3Bucket1\",\n Action = \"lambda:InvokeFunction\",\n Function = func1.Arn,\n Principal = \"s3.amazonaws.com\",\n SourceArn = bucket.Arn,\n });\n\n var func2 = new Aws.Lambda.Function(\"func2\", new()\n {\n Code = new FileArchive(\"your-function2.zip\"),\n Name = \"example_lambda_name2\",\n Role = iamForLambda.Arn,\n Handler = \"exports.example\",\n });\n\n var allowBucket2 = new Aws.Lambda.Permission(\"allow_bucket2\", new()\n {\n StatementId = \"AllowExecutionFromS3Bucket2\",\n Action = \"lambda:InvokeFunction\",\n Function = func2.Arn,\n Principal = \"s3.amazonaws.com\",\n SourceArn = bucket.Arn,\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n LambdaFunctions = new[]\n {\n new Aws.S3.Inputs.BucketNotificationLambdaFunctionArgs\n {\n LambdaFunctionArn = func1.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"AWSLogs/\",\n FilterSuffix = \".log\",\n },\n new Aws.S3.Inputs.BucketNotificationLambdaFunctionArgs\n {\n LambdaFunctionArn = func2.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"OtherLogs/\",\n FilterSuffix = \".log\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n allowBucket1, \n allowBucket2, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"lambda.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tiamForLambda, err := iam.NewRole(ctx, \"iam_for_lambda\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"iam_for_lambda\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfunc1, err := lambda.NewFunction(ctx, \"func1\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"your-function1.zip\"),\n\t\t\tName: pulumi.String(\"example_lambda_name1\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.example\"),\n\t\t\tRuntime: pulumi.String(lambda.RuntimeGo1dx),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tallowBucket1, err := lambda.NewPermission(ctx, \"allow_bucket1\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromS3Bucket1\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: func1.Arn,\n\t\t\tPrincipal: pulumi.String(\"s3.amazonaws.com\"),\n\t\t\tSourceArn: bucket.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfunc2, err := lambda.NewFunction(ctx, \"func2\", \u0026lambda.FunctionArgs{\n\t\t\tCode: pulumi.NewFileArchive(\"your-function2.zip\"),\n\t\t\tName: pulumi.String(\"example_lambda_name2\"),\n\t\t\tRole: iamForLambda.Arn,\n\t\t\tHandler: pulumi.String(\"exports.example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tallowBucket2, err := lambda.NewPermission(ctx, \"allow_bucket2\", \u0026lambda.PermissionArgs{\n\t\t\tStatementId: pulumi.String(\"AllowExecutionFromS3Bucket2\"),\n\t\t\tAction: pulumi.String(\"lambda:InvokeFunction\"),\n\t\t\tFunction: func2.Arn,\n\t\t\tPrincipal: pulumi.String(\"s3.amazonaws.com\"),\n\t\t\tSourceArn: bucket.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tLambdaFunctions: s3.BucketNotificationLambdaFunctionArray{\n\t\t\t\t\u0026s3.BucketNotificationLambdaFunctionArgs{\n\t\t\t\t\tLambdaFunctionArn: func1.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"AWSLogs/\"),\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketNotificationLambdaFunctionArgs{\n\t\t\t\t\tLambdaFunctionArn: func2.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"OtherLogs/\"),\n\t\t\t\t\tFilterSuffix: pulumi.String(\".log\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tallowBucket1,\n\t\t\tallowBucket2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.lambda.Function;\nimport com.pulumi.aws.lambda.FunctionArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.lambda.Permission;\nimport com.pulumi.aws.lambda.PermissionArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationLambdaFunctionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileArchive;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"lambda.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var iamForLambda = new Role(\"iamForLambda\", RoleArgs.builder() \n .name(\"iam_for_lambda\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var func1 = new Function(\"func1\", FunctionArgs.builder() \n .code(new FileArchive(\"your-function1.zip\"))\n .name(\"example_lambda_name1\")\n .role(iamForLambda.arn())\n .handler(\"exports.example\")\n .runtime(\"go1.x\")\n .build());\n\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n var allowBucket1 = new Permission(\"allowBucket1\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromS3Bucket1\")\n .action(\"lambda:InvokeFunction\")\n .function(func1.arn())\n .principal(\"s3.amazonaws.com\")\n .sourceArn(bucket.arn())\n .build());\n\n var func2 = new Function(\"func2\", FunctionArgs.builder() \n .code(new FileArchive(\"your-function2.zip\"))\n .name(\"example_lambda_name2\")\n .role(iamForLambda.arn())\n .handler(\"exports.example\")\n .build());\n\n var allowBucket2 = new Permission(\"allowBucket2\", PermissionArgs.builder() \n .statementId(\"AllowExecutionFromS3Bucket2\")\n .action(\"lambda:InvokeFunction\")\n .function(func2.arn())\n .principal(\"s3.amazonaws.com\")\n .sourceArn(bucket.arn())\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .lambdaFunctions( \n BucketNotificationLambdaFunctionArgs.builder()\n .lambdaFunctionArn(func1.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"AWSLogs/\")\n .filterSuffix(\".log\")\n .build(),\n BucketNotificationLambdaFunctionArgs.builder()\n .lambdaFunctionArn(func2.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"OtherLogs/\")\n .filterSuffix(\".log\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n allowBucket1,\n allowBucket2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n iamForLambda:\n type: aws:iam:Role\n name: iam_for_lambda\n properties:\n name: iam_for_lambda\n assumeRolePolicy: ${assumeRole.json}\n allowBucket1:\n type: aws:lambda:Permission\n name: allow_bucket1\n properties:\n statementId: AllowExecutionFromS3Bucket1\n action: lambda:InvokeFunction\n function: ${func1.arn}\n principal: s3.amazonaws.com\n sourceArn: ${bucket.arn}\n func1:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: your-function1.zip\n name: example_lambda_name1\n role: ${iamForLambda.arn}\n handler: exports.example\n runtime: go1.x\n allowBucket2:\n type: aws:lambda:Permission\n name: allow_bucket2\n properties:\n statementId: AllowExecutionFromS3Bucket2\n action: lambda:InvokeFunction\n function: ${func2.arn}\n principal: s3.amazonaws.com\n sourceArn: ${bucket.arn}\n func2:\n type: aws:lambda:Function\n properties:\n code:\n fn::FileArchive: your-function2.zip\n name: example_lambda_name2\n role: ${iamForLambda.arn}\n handler: exports.example\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n lambdaFunctions:\n - lambdaFunctionArn: ${func1.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: AWSLogs/\n filterSuffix: .log\n - lambdaFunctionArn: ${func2.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: OtherLogs/\n filterSuffix: .log\n options:\n dependson:\n - ${allowBucket1}\n - ${allowBucket2}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - lambda.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Add multiple notification configurations to SQS Queue\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst queue = aws.iam.getPolicyDocumentOutput({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"*\",\n identifiers: [\"*\"],\n }],\n actions: [\"sqs:SendMessage\"],\n resources: [\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n conditions: [{\n test: \"ArnEquals\",\n variable: \"aws:SourceArn\",\n values: [bucket.arn],\n }],\n }],\n});\nconst queueQueue = new aws.sqs.Queue(\"queue\", {\n name: \"s3-event-notification-queue\",\n policy: queue.apply(queue =\u003e queue.json),\n});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n queues: [\n {\n id: \"image-upload-event\",\n queueArn: queueQueue.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"images/\",\n },\n {\n id: \"video-upload-event\",\n queueArn: queueQueue.arn,\n events: [\"s3:ObjectCreated:*\"],\n filterPrefix: \"videos/\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nqueue = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"*\",\n identifiers=[\"*\"],\n )],\n actions=[\"sqs:SendMessage\"],\n resources=[\"arn:aws:sqs:*:*:s3-event-notification-queue\"],\n conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(\n test=\"ArnEquals\",\n variable=\"aws:SourceArn\",\n values=[bucket.arn],\n )],\n)])\nqueue_queue = aws.sqs.Queue(\"queue\",\n name=\"s3-event-notification-queue\",\n policy=queue.json)\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n queues=[\n aws.s3.BucketNotificationQueueArgs(\n id=\"image-upload-event\",\n queue_arn=queue_queue.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_prefix=\"images/\",\n ),\n aws.s3.BucketNotificationQueueArgs(\n id=\"video-upload-event\",\n queue_arn=queue_queue.arn,\n events=[\"s3:ObjectCreated:*\"],\n filter_prefix=\"videos/\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var queue = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"*\",\n Identifiers = new[]\n {\n \"*\",\n },\n },\n },\n Actions = new[]\n {\n \"sqs:SendMessage\",\n },\n Resources = new[]\n {\n \"arn:aws:sqs:*:*:s3-event-notification-queue\",\n },\n Conditions = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs\n {\n Test = \"ArnEquals\",\n Variable = \"aws:SourceArn\",\n Values = new[]\n {\n bucket.Arn,\n },\n },\n },\n },\n },\n });\n\n var queueQueue = new Aws.Sqs.Queue(\"queue\", new()\n {\n Name = \"s3-event-notification-queue\",\n Policy = queue.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Queues = new[]\n {\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n Id = \"image-upload-event\",\n QueueArn = queueQueue.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"images/\",\n },\n new Aws.S3.Inputs.BucketNotificationQueueArgs\n {\n Id = \"video-upload-event\",\n QueueArn = queueQueue.Arn,\n Events = new[]\n {\n \"s3:ObjectCreated:*\",\n },\n FilterPrefix = \"videos/\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tqueue := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tPrincipals: iam.GetPolicyDocumentStatementPrincipalArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementPrincipalArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"*\"),\n\t\t\t\t\t\t\tIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"*\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"sqs:SendMessage\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"arn:aws:sqs:*:*:s3-event-notification-queue\"),\n\t\t\t\t\t},\n\t\t\t\t\tConditions: iam.GetPolicyDocumentStatementConditionArray{\n\t\t\t\t\t\t\u0026iam.GetPolicyDocumentStatementConditionArgs{\n\t\t\t\t\t\t\tTest: pulumi.String(\"ArnEquals\"),\n\t\t\t\t\t\t\tVariable: pulumi.String(\"aws:SourceArn\"),\n\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tbucket.Arn,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tqueueQueue, err := sqs.NewQueue(ctx, \"queue\", \u0026sqs.QueueArgs{\n\t\t\tName: pulumi.String(\"s3-event-notification-queue\"),\n\t\t\tPolicy: queue.ApplyT(func(queue iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026queue.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tQueues: s3.BucketNotificationQueueArray{\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tId: pulumi.String(\"image-upload-event\"),\n\t\t\t\t\tQueueArn: queueQueue.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"images/\"),\n\t\t\t\t},\n\t\t\t\t\u0026s3.BucketNotificationQueueArgs{\n\t\t\t\t\tId: pulumi.String(\"video-upload-event\"),\n\t\t\t\t\tQueueArn: queueQueue.Arn,\n\t\t\t\t\tEvents: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ObjectCreated:*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFilterPrefix: pulumi.String(\"videos/\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.sqs.QueueArgs;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport com.pulumi.aws.s3.inputs.BucketNotificationQueueArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n final var queue = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"*\")\n .identifiers(\"*\")\n .build())\n .actions(\"sqs:SendMessage\")\n .resources(\"arn:aws:sqs:*:*:s3-event-notification-queue\")\n .conditions(GetPolicyDocumentStatementConditionArgs.builder()\n .test(\"ArnEquals\")\n .variable(\"aws:SourceArn\")\n .values(bucket.arn())\n .build())\n .build())\n .build());\n\n var queueQueue = new Queue(\"queueQueue\", QueueArgs.builder() \n .name(\"s3-event-notification-queue\")\n .policy(queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(queue -\u003e queue.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .queues( \n BucketNotificationQueueArgs.builder()\n .id(\"image-upload-event\")\n .queueArn(queueQueue.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"images/\")\n .build(),\n BucketNotificationQueueArgs.builder()\n .id(\"video-upload-event\")\n .queueArn(queueQueue.arn())\n .events(\"s3:ObjectCreated:*\")\n .filterPrefix(\"videos/\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n queueQueue:\n type: aws:sqs:Queue\n name: queue\n properties:\n name: s3-event-notification-queue\n policy: ${queue.json}\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n queues:\n - id: image-upload-event\n queueArn: ${queueQueue.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: images/\n - id: video-upload-event\n queueArn: ${queueQueue.arn}\n events:\n - s3:ObjectCreated:*\n filterPrefix: videos/\nvariables:\n queue:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: '*'\n identifiers:\n - '*'\n actions:\n - sqs:SendMessage\n resources:\n - arn:aws:sqs:*:*:s3-event-notification-queue\n conditions:\n - test: ArnEquals\n variable: aws:SourceArn\n values:\n - ${bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nFor JSON syntax, use an array instead of defining the `queue` key twice.\n\n```json\n{\n\t\"bucket\": \"${aws_s3_bucket.bucket.id}\",\n\t\"queue\": [\n\t\t{\n\t\t\t\"id\": \"image-upload-event\",\n\t\t\t\"queue_arn\": \"${aws_sqs_queue.queue.arn}\",\n\t\t\t\"events\": [\"s3:ObjectCreated:*\"],\n\t\t\t\"filter_prefix\": \"images/\"\n\t\t},\n\t\t{\n\t\t\t\"id\": \"video-upload-event\",\n\t\t\t\"queue_arn\": \"${aws_sqs_queue.queue.arn}\",\n\t\t\t\"events\": [\"s3:ObjectCreated:*\"],\n\t\t\t\"filter_prefix\": \"videos/\"\n\t\t}\n\t]\n}\n```\n\n### Emit events to EventBridge\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst bucket = new aws.s3.BucketV2(\"bucket\", {bucket: \"your-bucket-name\"});\nconst bucketNotification = new aws.s3.BucketNotification(\"bucket_notification\", {\n bucket: bucket.id,\n eventbridge: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nbucket = aws.s3.BucketV2(\"bucket\", bucket=\"your-bucket-name\")\nbucket_notification = aws.s3.BucketNotification(\"bucket_notification\",\n bucket=bucket.id,\n eventbridge=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var bucket = new Aws.S3.BucketV2(\"bucket\", new()\n {\n Bucket = \"your-bucket-name\",\n });\n\n var bucketNotification = new Aws.S3.BucketNotification(\"bucket_notification\", new()\n {\n Bucket = bucket.Id,\n Eventbridge = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbucket, err := s3.NewBucketV2(ctx, \"bucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"your-bucket-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketNotification(ctx, \"bucket_notification\", \u0026s3.BucketNotificationArgs{\n\t\t\tBucket: bucket.ID(),\n\t\t\tEventbridge: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketNotification;\nimport com.pulumi.aws.s3.BucketNotificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var bucket = new BucketV2(\"bucket\", BucketV2Args.builder() \n .bucket(\"your-bucket-name\")\n .build());\n\n var bucketNotification = new BucketNotification(\"bucketNotification\", BucketNotificationArgs.builder() \n .bucket(bucket.id())\n .eventbridge(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: aws:s3:BucketV2\n properties:\n bucket: your-bucket-name\n bucketNotification:\n type: aws:s3:BucketNotification\n name: bucket_notification\n properties:\n bucket: ${bucket.id}\n eventbridge: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket notification using the `bucket`. For example:\n\n```sh\n$ pulumi import aws:s3/bucketNotification:BucketNotification bucket_notification bucket-name\n```\n", "properties": { "bucket": { "type": "string", @@ -317384,7 +317384,7 @@ } }, "aws:s3/bucketObject:BucketObject": { - "description": "Provides an S3 object resource.\n\n## Example Usage\n\n### Uploading a file to a bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst object = new aws.s3.BucketObject(\"object\", {\n bucket: \"your_bucket_name\",\n key: \"new_object_key\",\n source: new pulumi.asset.FileAsset(\"path/to/file\"),\n etag: std.filemd5({\n input: \"path/to/file\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nobject = aws.s3.BucketObject(\"object\",\n bucket=\"your_bucket_name\",\n key=\"new_object_key\",\n source=pulumi.FileAsset(\"path/to/file\"),\n etag=std.filemd5(input=\"path/to/file\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @object = new Aws.S3.BucketObject(\"object\", new()\n {\n Bucket = \"your_bucket_name\",\n Key = \"new_object_key\",\n Source = new FileAsset(\"path/to/file\"),\n Etag = Std.Filemd5.Invoke(new()\n {\n Input = \"path/to/file\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilemd5, err := std.Filemd5(ctx, \u0026std.Filemd5Args{\n\t\t\tInput: \"path/to/file\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"object\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: pulumi.Any(\"your_bucket_name\"),\n\t\t\tKey: pulumi.String(\"new_object_key\"),\n\t\t\tSource: pulumi.NewFileAsset(\"path/to/file\"),\n\t\t\tEtag: invokeFilemd5.Result,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var object = new BucketObject(\"object\", BucketObjectArgs.builder() \n .bucket(\"your_bucket_name\")\n .key(\"new_object_key\")\n .source(new FileAsset(\"path/to/file\"))\n .etag(StdFunctions.filemd5(Filemd5Args.builder()\n .input(\"path/to/file\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n object:\n type: aws:s3:BucketObject\n properties:\n bucket: your_bucket_name\n key: new_object_key\n source:\n fn::FileAsset: path/to/file\n etag:\n fn::invoke:\n Function: std:filemd5\n Arguments:\n input: path/to/file\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Encrypting with KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplekms = new aws.kms.Key(\"examplekms\", {\n description: \"KMS key 1\",\n deletionWindowInDays: 7,\n});\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n kmsKeyId: examplekms.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplekms = aws.kms.Key(\"examplekms\",\n description=\"KMS key 1\",\n deletion_window_in_days=7)\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n kms_key_id=examplekms.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplekms = new Aws.Kms.Key(\"examplekms\", new()\n {\n Description = \"KMS key 1\",\n DeletionWindowInDays = 7,\n });\n\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n KmsKeyId = examplekms.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplekms, err := kms.NewKey(ctx, \"examplekms\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS key 1\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tKmsKeyId: examplekms.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplekms = new Key(\"examplekms\", KeyArgs.builder() \n .description(\"KMS key 1\")\n .deletionWindowInDays(7)\n .build());\n\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .kmsKeyId(examplekms.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplekms:\n type: aws:kms:Key\n properties:\n description: KMS key 1\n deletionWindowInDays: 7\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n kmsKeyId: ${examplekms.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with S3 Default Master Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"aws:kms\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"aws:kms\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"aws:kms\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"aws:kms\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"aws:kms\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with AWS-Managed Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"AES256\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"AES256\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"AES256\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"AES256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"AES256\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: AES256\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Object Lock\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {\n bucket: \"examplebuckettftest\",\n objectLockEnabled: true,\n});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"example\", {\n bucket: examplebucket.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"important.txt\"),\n objectLockLegalHoldStatus: \"ON\",\n objectLockMode: \"GOVERNANCE\",\n objectLockRetainUntilDate: \"2021-12-31T23:59:60Z\",\n forceDestroy: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\",\n bucket=\"examplebuckettftest\",\n object_lock_enabled=True)\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"example\",\n bucket=examplebucket.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"important.txt\"),\n object_lock_legal_hold_status=\"ON\",\n object_lock_mode=\"GOVERNANCE\",\n object_lock_retain_until_date=\"2021-12-31T23:59:60Z\",\n force_destroy=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n ObjectLockEnabled = true,\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"important.txt\"),\n ObjectLockLegalHoldStatus = \"ON\",\n ObjectLockMode = \"GOVERNANCE\",\n ObjectLockRetainUntilDate = \"2021-12-31T23:59:60Z\",\n ForceDestroy = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t\tObjectLockEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"example\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"important.txt\"),\n\t\t\tObjectLockLegalHoldStatus: pulumi.String(\"ON\"),\n\t\t\tObjectLockMode: pulumi.String(\"GOVERNANCE\"),\n\t\t\tObjectLockRetainUntilDate: pulumi.String(\"2021-12-31T23:59:60Z\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .objectLockEnabled(true)\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketVersioningV2 = new BucketVersioningV2(\"exampleBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(examplebucket.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"important.txt\"))\n .objectLockLegalHoldStatus(\"ON\")\n .objectLockMode(\"GOVERNANCE\")\n .objectLockRetainUntilDate(\"2021-12-31T23:59:60Z\")\n .forceDestroy(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n objectLockEnabled: true\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: example\n properties:\n bucket: ${examplebucket.id}\n versioningConfiguration:\n status: Enabled\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: important.txt\n objectLockLegalHoldStatus: ON\n objectLockMode: GOVERNANCE\n objectLockRetainUntilDate: 2021-12-31T23:59:60Z\n forceDestroy: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport using S3 URL syntax:\n\n__Using `pulumi import` to import__ objects using the `id` or S3 URL. For example:\n\nImport using the `id`, which is the bucket name and the key together:\n\n```sh\n$ pulumi import aws:s3/bucketObject:BucketObject example some-bucket-name/some/key.txt\n```\nImport using S3 URL syntax:\n\n```sh\n$ pulumi import aws:s3/bucketObject:BucketObject example s3://some-bucket-name/some/key.txt\n```\n", + "description": "Provides an S3 object resource.\n\n## Example Usage\n\n### Uploading a file to a bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst object = new aws.s3.BucketObject(\"object\", {\n bucket: \"your_bucket_name\",\n key: \"new_object_key\",\n source: new pulumi.asset.FileAsset(\"path/to/file\"),\n etag: std.filemd5({\n input: \"path/to/file\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nobject = aws.s3.BucketObject(\"object\",\n bucket=\"your_bucket_name\",\n key=\"new_object_key\",\n source=pulumi.FileAsset(\"path/to/file\"),\n etag=std.filemd5(input=\"path/to/file\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @object = new Aws.S3.BucketObject(\"object\", new()\n {\n Bucket = \"your_bucket_name\",\n Key = \"new_object_key\",\n Source = new FileAsset(\"path/to/file\"),\n Etag = Std.Filemd5.Invoke(new()\n {\n Input = \"path/to/file\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilemd5, err := std.Filemd5(ctx, \u0026std.Filemd5Args{\n\t\t\tInput: \"path/to/file\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"object\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: pulumi.Any(\"your_bucket_name\"),\n\t\t\tKey: pulumi.String(\"new_object_key\"),\n\t\t\tSource: pulumi.NewFileAsset(\"path/to/file\"),\n\t\t\tEtag: invokeFilemd5.Result,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var object = new BucketObject(\"object\", BucketObjectArgs.builder() \n .bucket(\"your_bucket_name\")\n .key(\"new_object_key\")\n .source(new FileAsset(\"path/to/file\"))\n .etag(StdFunctions.filemd5(Filemd5Args.builder()\n .input(\"path/to/file\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n object:\n type: aws:s3:BucketObject\n properties:\n bucket: your_bucket_name\n key: new_object_key\n source:\n fn::FileAsset: path/to/file\n etag:\n fn::invoke:\n Function: std:filemd5\n Arguments:\n input: path/to/file\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Encrypting with KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplekms = new aws.kms.Key(\"examplekms\", {\n description: \"KMS key 1\",\n deletionWindowInDays: 7,\n});\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n kmsKeyId: examplekms.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplekms = aws.kms.Key(\"examplekms\",\n description=\"KMS key 1\",\n deletion_window_in_days=7)\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n kms_key_id=examplekms.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplekms = new Aws.Kms.Key(\"examplekms\", new()\n {\n Description = \"KMS key 1\",\n DeletionWindowInDays = 7,\n });\n\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n KmsKeyId = examplekms.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplekms, err := kms.NewKey(ctx, \"examplekms\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS key 1\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tKmsKeyId: examplekms.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplekms = new Key(\"examplekms\", KeyArgs.builder() \n .description(\"KMS key 1\")\n .deletionWindowInDays(7)\n .build());\n\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .kmsKeyId(examplekms.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplekms:\n type: aws:kms:Key\n properties:\n description: KMS key 1\n deletionWindowInDays: 7\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n kmsKeyId: ${examplekms.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with S3 Default Master Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"aws:kms\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"aws:kms\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"aws:kms\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"aws:kms\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"aws:kms\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with AWS-Managed Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"AES256\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"AES256\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"AES256\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"AES256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"AES256\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: AES256\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Object Lock\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {\n bucket: \"examplebuckettftest\",\n objectLockEnabled: true,\n});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"example\", {\n bucket: examplebucket.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst exampleBucketObject = new aws.s3.BucketObject(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"important.txt\"),\n objectLockLegalHoldStatus: \"ON\",\n objectLockMode: \"GOVERNANCE\",\n objectLockRetainUntilDate: \"2021-12-31T23:59:60Z\",\n forceDestroy: true,\n}, {\n dependsOn: [exampleBucketVersioningV2],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\",\n bucket=\"examplebuckettftest\",\n object_lock_enabled=True)\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"example\",\n bucket=examplebucket.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nexample_bucket_object = aws.s3.BucketObject(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"important.txt\"),\n object_lock_legal_hold_status=\"ON\",\n object_lock_mode=\"GOVERNANCE\",\n object_lock_retain_until_date=\"2021-12-31T23:59:60Z\",\n force_destroy=True,\n opts=pulumi.ResourceOptions(depends_on=[example_bucket_versioning_v2]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n ObjectLockEnabled = true,\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var exampleBucketObject = new Aws.S3.BucketObject(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"important.txt\"),\n ObjectLockLegalHoldStatus = \"ON\",\n ObjectLockMode = \"GOVERNANCE\",\n ObjectLockRetainUntilDate = \"2021-12-31T23:59:60Z\",\n ForceDestroy = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketVersioningV2, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t\tObjectLockEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"example\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"important.txt\"),\n\t\t\tObjectLockLegalHoldStatus: pulumi.String(\"ON\"),\n\t\t\tObjectLockMode: pulumi.String(\"GOVERNANCE\"),\n\t\t\tObjectLockRetainUntilDate: pulumi.String(\"2021-12-31T23:59:60Z\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketVersioningV2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .objectLockEnabled(true)\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketVersioningV2 = new BucketVersioningV2(\"exampleBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(examplebucket.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var exampleBucketObject = new BucketObject(\"exampleBucketObject\", BucketObjectArgs.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"important.txt\"))\n .objectLockLegalHoldStatus(\"ON\")\n .objectLockMode(\"GOVERNANCE\")\n .objectLockRetainUntilDate(\"2021-12-31T23:59:60Z\")\n .forceDestroy(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketVersioningV2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n objectLockEnabled: true\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: example\n properties:\n bucket: ${examplebucket.id}\n versioningConfiguration:\n status: Enabled\n exampleBucketObject:\n type: aws:s3:BucketObject\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: important.txt\n objectLockLegalHoldStatus: ON\n objectLockMode: GOVERNANCE\n objectLockRetainUntilDate: 2021-12-31T23:59:60Z\n forceDestroy: true\n options:\n dependson:\n - ${exampleBucketVersioningV2}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport using S3 URL syntax:\n\n__Using `pulumi import` to import__ objects using the `id` or S3 URL. For example:\n\nImport using the `id`, which is the bucket name and the key together:\n\n```sh\n$ pulumi import aws:s3/bucketObject:BucketObject example some-bucket-name/some/key.txt\n```\nImport using S3 URL syntax:\n\n```sh\n$ pulumi import aws:s3/bucketObject:BucketObject example s3://some-bucket-name/some/key.txt\n```\n", "properties": { "acl": { "type": "string", @@ -317861,7 +317861,7 @@ } }, "aws:s3/bucketObjectv2:BucketObjectv2": { - "description": "Provides an S3 object resource.\n\n## Example Usage\n\n### Uploading a file to a bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: \"your_bucket_name\",\n key: \"new_object_key\",\n source: new pulumi.asset.FileAsset(\"path/to/file\"),\n etag: std.filemd5({\n input: \"path/to/file\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=\"your_bucket_name\",\n key=\"new_object_key\",\n source=pulumi.FileAsset(\"path/to/file\"),\n etag=std.filemd5(input=\"path/to/file\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = \"your_bucket_name\",\n Key = \"new_object_key\",\n Source = new FileAsset(\"path/to/file\"),\n Etag = Std.Filemd5.Invoke(new()\n {\n Input = \"path/to/file\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilemd5, err := std.Filemd5(ctx, \u0026std.Filemd5Args{\n\t\t\tInput: \"path/to/file\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: pulumi.Any(\"your_bucket_name\"),\n\t\t\tKey: pulumi.String(\"new_object_key\"),\n\t\t\tSource: pulumi.NewFileAsset(\"path/to/file\"),\n\t\t\tEtag: invokeFilemd5.Result,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder() \n .bucket(\"your_bucket_name\")\n .key(\"new_object_key\")\n .source(new FileAsset(\"path/to/file\"))\n .etag(StdFunctions.filemd5(Filemd5Args.builder()\n .input(\"path/to/file\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: your_bucket_name\n key: new_object_key\n source:\n fn::FileAsset: path/to/file\n etag:\n fn::invoke:\n Function: std:filemd5\n Arguments:\n input: path/to/file\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Encrypting with KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplekms = new aws.kms.Key(\"examplekms\", {\n description: \"KMS key 1\",\n deletionWindowInDays: 7,\n});\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n kmsKeyId: examplekms.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplekms = aws.kms.Key(\"examplekms\",\n description=\"KMS key 1\",\n deletion_window_in_days=7)\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n kms_key_id=examplekms.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplekms = new Aws.Kms.Key(\"examplekms\", new()\n {\n Description = \"KMS key 1\",\n DeletionWindowInDays = 7,\n });\n\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n KmsKeyId = examplekms.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplekms, err := kms.NewKey(ctx, \"examplekms\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS key 1\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tKmsKeyId: examplekms.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplekms = new Key(\"examplekms\", KeyArgs.builder() \n .description(\"KMS key 1\")\n .deletionWindowInDays(7)\n .build());\n\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .kmsKeyId(examplekms.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplekms:\n type: aws:kms:Key\n properties:\n description: KMS key 1\n deletionWindowInDays: 7\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n kmsKeyId: ${examplekms.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with S3 Default Master Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"aws:kms\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"aws:kms\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"aws:kms\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"aws:kms\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"aws:kms\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with AWS-Managed Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"AES256\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"AES256\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"AES256\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"AES256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"AES256\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: AES256\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Object Lock\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {\n bucket: \"examplebuckettftest\",\n objectLockEnabled: true,\n});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"example\", {\n bucket: examplebucket.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst examplebucketObject = new aws.s3.BucketObjectv2(\"examplebucket_object\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"important.txt\"),\n objectLockLegalHoldStatus: \"ON\",\n objectLockMode: \"GOVERNANCE\",\n objectLockRetainUntilDate: \"2021-12-31T23:59:60Z\",\n forceDestroy: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\",\n bucket=\"examplebuckettftest\",\n object_lock_enabled=True)\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"example\",\n bucket=examplebucket.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nexamplebucket_object = aws.s3.BucketObjectv2(\"examplebucket_object\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"important.txt\"),\n object_lock_legal_hold_status=\"ON\",\n object_lock_mode=\"GOVERNANCE\",\n object_lock_retain_until_date=\"2021-12-31T23:59:60Z\",\n force_destroy=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n ObjectLockEnabled = true,\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var examplebucketObject = new Aws.S3.BucketObjectv2(\"examplebucket_object\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"important.txt\"),\n ObjectLockLegalHoldStatus = \"ON\",\n ObjectLockMode = \"GOVERNANCE\",\n ObjectLockRetainUntilDate = \"2021-12-31T23:59:60Z\",\n ForceDestroy = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t\tObjectLockEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"example\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"examplebucket_object\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"important.txt\"),\n\t\t\tObjectLockLegalHoldStatus: pulumi.String(\"ON\"),\n\t\t\tObjectLockMode: pulumi.String(\"GOVERNANCE\"),\n\t\t\tObjectLockRetainUntilDate: pulumi.String(\"2021-12-31T23:59:60Z\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .objectLockEnabled(true)\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketVersioningV2 = new BucketVersioningV2(\"exampleBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(examplebucket.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var examplebucketObject = new BucketObjectv2(\"examplebucketObject\", BucketObjectv2Args.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"important.txt\"))\n .objectLockLegalHoldStatus(\"ON\")\n .objectLockMode(\"GOVERNANCE\")\n .objectLockRetainUntilDate(\"2021-12-31T23:59:60Z\")\n .forceDestroy(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n objectLockEnabled: true\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: example\n properties:\n bucket: ${examplebucket.id}\n versioningConfiguration:\n status: Enabled\n examplebucketObject:\n type: aws:s3:BucketObjectv2\n name: examplebucket_object\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: important.txt\n objectLockLegalHoldStatus: ON\n objectLockMode: GOVERNANCE\n objectLockRetainUntilDate: 2021-12-31T23:59:60Z\n forceDestroy: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ignoring Provider `default_tags`\n\nS3 objects support a [maximum of 10 tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html).\nIf the resource's own `tags` and the provider-level `default_tags` would together lead to more than 10 tags on an S3 object, use the `override_provider` configuration block to suppress any provider-level `default_tags`.\n\n\u003e S3 objects stored in Amazon S3 Express directory buckets do not support tags, so any provider-level `default_tags` must be suppressed.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst examplebucketObject = new aws.s3.BucketObjectv2(\"examplebucket_object\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"important.txt\"),\n tags: {\n Env: \"test\",\n },\n overrideProvider: {\n defaultTags: {\n tags: {},\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexamplebucket_object = aws.s3.BucketObjectv2(\"examplebucket_object\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"important.txt\"),\n tags={\n \"Env\": \"test\",\n },\n override_provider=aws.s3.BucketObjectv2OverrideProviderArgs(\n default_tags=aws.s3.BucketObjectv2OverrideProviderDefaultTagsArgs(\n tags={},\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var examplebucketObject = new Aws.S3.BucketObjectv2(\"examplebucket_object\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"important.txt\"),\n Tags = \n {\n { \"Env\", \"test\" },\n },\n OverrideProvider = new Aws.S3.Inputs.BucketObjectv2OverrideProviderArgs\n {\n DefaultTags = new Aws.S3.Inputs.BucketObjectv2OverrideProviderDefaultTagsArgs\n {\n Tags = null,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"examplebucket_object\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"important.txt\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Env\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tOverrideProvider: \u0026s3.BucketObjectv2OverrideProviderArgs{\n\t\t\t\tDefaultTags: \u0026s3.BucketObjectv2OverrideProviderDefaultTagsArgs{\n\t\t\t\t\tTags: nil,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.s3.inputs.BucketObjectv2OverrideProviderArgs;\nimport com.pulumi.aws.s3.inputs.BucketObjectv2OverrideProviderDefaultTagsArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var examplebucketObject = new BucketObjectv2(\"examplebucketObject\", BucketObjectv2Args.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"important.txt\"))\n .tags(Map.of(\"Env\", \"test\"))\n .overrideProvider(BucketObjectv2OverrideProviderArgs.builder()\n .defaultTags(BucketObjectv2OverrideProviderDefaultTagsArgs.builder()\n .tags()\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n examplebucketObject:\n type: aws:s3:BucketObjectv2\n name: examplebucket_object\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: important.txt\n tags:\n Env: test\n overrideProvider:\n defaultTags:\n tags: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport using S3 URL syntax:\n\n__Using `pulumi import` to import__ objects using the `id` or S3 URL. For example:\n\nImport using the `id`, which is the bucket name and the key together:\n\n```sh\n$ pulumi import aws:s3/bucketObjectv2:BucketObjectv2 example some-bucket-name/some/key.txt\n```\nImport using S3 URL syntax:\n\n```sh\n$ pulumi import aws:s3/bucketObjectv2:BucketObjectv2 example s3://some-bucket-name/some/key.txt\n```\n", + "description": "Provides an S3 object resource.\n\n## Example Usage\n\n### Uploading a file to a bucket\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\nimport * as std from \"@pulumi/std\";\n\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: \"your_bucket_name\",\n key: \"new_object_key\",\n source: new pulumi.asset.FileAsset(\"path/to/file\"),\n etag: std.filemd5({\n input: \"path/to/file\",\n }).then(invoke =\u003e invoke.result),\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\nimport pulumi_std as std\n\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=\"your_bucket_name\",\n key=\"new_object_key\",\n source=pulumi.FileAsset(\"path/to/file\"),\n etag=std.filemd5(input=\"path/to/file\").result)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = \"your_bucket_name\",\n Key = \"new_object_key\",\n Source = new FileAsset(\"path/to/file\"),\n Etag = Std.Filemd5.Invoke(new()\n {\n Input = \"path/to/file\",\n }).Apply(invoke =\u003e invoke.Result),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tinvokeFilemd5, err := std.Filemd5(ctx, \u0026std.Filemd5Args{\n\t\t\tInput: \"path/to/file\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: pulumi.Any(\"your_bucket_name\"),\n\t\t\tKey: pulumi.String(\"new_object_key\"),\n\t\t\tSource: pulumi.NewFileAsset(\"path/to/file\"),\n\t\t\tEtag: invokeFilemd5.Result,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder() \n .bucket(\"your_bucket_name\")\n .key(\"new_object_key\")\n .source(new FileAsset(\"path/to/file\"))\n .etag(StdFunctions.filemd5(Filemd5Args.builder()\n .input(\"path/to/file\")\n .build()).result())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: your_bucket_name\n key: new_object_key\n source:\n fn::FileAsset: path/to/file\n etag:\n fn::invoke:\n Function: std:filemd5\n Arguments:\n input: path/to/file\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Encrypting with KMS Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplekms = new aws.kms.Key(\"examplekms\", {\n description: \"KMS key 1\",\n deletionWindowInDays: 7,\n});\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n kmsKeyId: examplekms.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplekms = aws.kms.Key(\"examplekms\",\n description=\"KMS key 1\",\n deletion_window_in_days=7)\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n kms_key_id=examplekms.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplekms = new Aws.Kms.Key(\"examplekms\", new()\n {\n Description = \"KMS key 1\",\n DeletionWindowInDays = 7,\n });\n\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n KmsKeyId = examplekms.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/kms\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplekms, err := kms.NewKey(ctx, \"examplekms\", \u0026kms.KeyArgs{\n\t\t\tDescription: pulumi.String(\"KMS key 1\"),\n\t\t\tDeletionWindowInDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tKmsKeyId: examplekms.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.kms.Key;\nimport com.pulumi.aws.kms.KeyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplekms = new Key(\"examplekms\", KeyArgs.builder() \n .description(\"KMS key 1\")\n .deletionWindowInDays(7)\n .build());\n\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .kmsKeyId(examplekms.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplekms:\n type: aws:kms:Key\n properties:\n description: KMS key 1\n deletionWindowInDays: 7\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n kmsKeyId: ${examplekms.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with S3 Default Master Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"aws:kms\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"aws:kms\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"aws:kms\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"aws:kms\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"aws:kms\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: aws:kms\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Server Side Encryption with AWS-Managed Key\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketObjectv2 = new aws.s3.BucketObjectv2(\"example\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"index.html\"),\n serverSideEncryption: \"AES256\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_objectv2 = aws.s3.BucketObjectv2(\"example\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"index.html\"),\n server_side_encryption=\"AES256\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketObjectv2 = new Aws.S3.BucketObjectv2(\"example\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"index.html\"),\n ServerSideEncryption = \"AES256\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"example\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"index.html\"),\n\t\t\tServerSideEncryption: pulumi.String(\"AES256\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketObjectv2 = new BucketObjectv2(\"exampleBucketObjectv2\", BucketObjectv2Args.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"index.html\"))\n .serverSideEncryption(\"AES256\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketObjectv2:\n type: aws:s3:BucketObjectv2\n name: example\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: index.html\n serverSideEncryption: AES256\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### S3 Object Lock\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {\n bucket: \"examplebuckettftest\",\n objectLockEnabled: true,\n});\nconst example = new aws.s3.BucketAclV2(\"example\", {\n bucket: examplebucket.id,\n acl: \"private\",\n});\nconst exampleBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"example\", {\n bucket: examplebucket.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst examplebucketObject = new aws.s3.BucketObjectv2(\"examplebucket_object\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"important.txt\"),\n objectLockLegalHoldStatus: \"ON\",\n objectLockMode: \"GOVERNANCE\",\n objectLockRetainUntilDate: \"2021-12-31T23:59:60Z\",\n forceDestroy: true,\n}, {\n dependsOn: [exampleBucketVersioningV2],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\",\n bucket=\"examplebuckettftest\",\n object_lock_enabled=True)\nexample = aws.s3.BucketAclV2(\"example\",\n bucket=examplebucket.id,\n acl=\"private\")\nexample_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"example\",\n bucket=examplebucket.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nexamplebucket_object = aws.s3.BucketObjectv2(\"examplebucket_object\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"important.txt\"),\n object_lock_legal_hold_status=\"ON\",\n object_lock_mode=\"GOVERNANCE\",\n object_lock_retain_until_date=\"2021-12-31T23:59:60Z\",\n force_destroy=True,\n opts=pulumi.ResourceOptions(depends_on=[example_bucket_versioning_v2]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n ObjectLockEnabled = true,\n });\n\n var example = new Aws.S3.BucketAclV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n Acl = \"private\",\n });\n\n var exampleBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"example\", new()\n {\n Bucket = examplebucket.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var examplebucketObject = new Aws.S3.BucketObjectv2(\"examplebucket_object\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"important.txt\"),\n ObjectLockLegalHoldStatus = \"ON\",\n ObjectLockMode = \"GOVERNANCE\",\n ObjectLockRetainUntilDate = \"2021-12-31T23:59:60Z\",\n ForceDestroy = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleBucketVersioningV2, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t\tObjectLockEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"example\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"example\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"examplebucket_object\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"important.txt\"),\n\t\t\tObjectLockLegalHoldStatus: pulumi.String(\"ON\"),\n\t\t\tObjectLockMode: pulumi.String(\"GOVERNANCE\"),\n\t\t\tObjectLockRetainUntilDate: pulumi.String(\"2021-12-31T23:59:60Z\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleBucketVersioningV2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .objectLockEnabled(true)\n .build());\n\n var example = new BucketAclV2(\"example\", BucketAclV2Args.builder() \n .bucket(examplebucket.id())\n .acl(\"private\")\n .build());\n\n var exampleBucketVersioningV2 = new BucketVersioningV2(\"exampleBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(examplebucket.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var examplebucketObject = new BucketObjectv2(\"examplebucketObject\", BucketObjectv2Args.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"important.txt\"))\n .objectLockLegalHoldStatus(\"ON\")\n .objectLockMode(\"GOVERNANCE\")\n .objectLockRetainUntilDate(\"2021-12-31T23:59:60Z\")\n .forceDestroy(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleBucketVersioningV2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n objectLockEnabled: true\n example:\n type: aws:s3:BucketAclV2\n properties:\n bucket: ${examplebucket.id}\n acl: private\n exampleBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: example\n properties:\n bucket: ${examplebucket.id}\n versioningConfiguration:\n status: Enabled\n examplebucketObject:\n type: aws:s3:BucketObjectv2\n name: examplebucket_object\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: important.txt\n objectLockLegalHoldStatus: ON\n objectLockMode: GOVERNANCE\n objectLockRetainUntilDate: 2021-12-31T23:59:60Z\n forceDestroy: true\n options:\n dependson:\n - ${exampleBucketVersioningV2}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Ignoring Provider `default_tags`\n\nS3 objects support a [maximum of 10 tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html).\nIf the resource's own `tags` and the provider-level `default_tags` would together lead to more than 10 tags on an S3 object, use the `override_provider` configuration block to suppress any provider-level `default_tags`.\n\n\u003e S3 objects stored in Amazon S3 Express directory buckets do not support tags, so any provider-level `default_tags` must be suppressed.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst examplebucket = new aws.s3.BucketV2(\"examplebucket\", {bucket: \"examplebuckettftest\"});\nconst examplebucketObject = new aws.s3.BucketObjectv2(\"examplebucket_object\", {\n key: \"someobject\",\n bucket: examplebucket.id,\n source: new pulumi.asset.FileAsset(\"important.txt\"),\n tags: {\n Env: \"test\",\n },\n overrideProvider: {\n defaultTags: {\n tags: {},\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexamplebucket = aws.s3.BucketV2(\"examplebucket\", bucket=\"examplebuckettftest\")\nexamplebucket_object = aws.s3.BucketObjectv2(\"examplebucket_object\",\n key=\"someobject\",\n bucket=examplebucket.id,\n source=pulumi.FileAsset(\"important.txt\"),\n tags={\n \"Env\": \"test\",\n },\n override_provider=aws.s3.BucketObjectv2OverrideProviderArgs(\n default_tags=aws.s3.BucketObjectv2OverrideProviderDefaultTagsArgs(\n tags={},\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var examplebucket = new Aws.S3.BucketV2(\"examplebucket\", new()\n {\n Bucket = \"examplebuckettftest\",\n });\n\n var examplebucketObject = new Aws.S3.BucketObjectv2(\"examplebucket_object\", new()\n {\n Key = \"someobject\",\n Bucket = examplebucket.Id,\n Source = new FileAsset(\"important.txt\"),\n Tags = \n {\n { \"Env\", \"test\" },\n },\n OverrideProvider = new Aws.S3.Inputs.BucketObjectv2OverrideProviderArgs\n {\n DefaultTags = new Aws.S3.Inputs.BucketObjectv2OverrideProviderDefaultTagsArgs\n {\n Tags = null,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texamplebucket, err := s3.NewBucketV2(ctx, \"examplebucket\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"examplebuckettftest\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"examplebucket_object\", \u0026s3.BucketObjectv2Args{\n\t\t\tKey: pulumi.String(\"someobject\"),\n\t\t\tBucket: examplebucket.ID(),\n\t\t\tSource: pulumi.NewFileAsset(\"important.txt\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Env\": pulumi.String(\"test\"),\n\t\t\t},\n\t\t\tOverrideProvider: \u0026s3.BucketObjectv2OverrideProviderArgs{\n\t\t\t\tDefaultTags: \u0026s3.BucketObjectv2OverrideProviderDefaultTagsArgs{\n\t\t\t\t\tTags: nil,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.s3.inputs.BucketObjectv2OverrideProviderArgs;\nimport com.pulumi.aws.s3.inputs.BucketObjectv2OverrideProviderDefaultTagsArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var examplebucket = new BucketV2(\"examplebucket\", BucketV2Args.builder() \n .bucket(\"examplebuckettftest\")\n .build());\n\n var examplebucketObject = new BucketObjectv2(\"examplebucketObject\", BucketObjectv2Args.builder() \n .key(\"someobject\")\n .bucket(examplebucket.id())\n .source(new FileAsset(\"important.txt\"))\n .tags(Map.of(\"Env\", \"test\"))\n .overrideProvider(BucketObjectv2OverrideProviderArgs.builder()\n .defaultTags(BucketObjectv2OverrideProviderDefaultTagsArgs.builder()\n .tags()\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n examplebucket:\n type: aws:s3:BucketV2\n properties:\n bucket: examplebuckettftest\n examplebucketObject:\n type: aws:s3:BucketObjectv2\n name: examplebucket_object\n properties:\n key: someobject\n bucket: ${examplebucket.id}\n source:\n fn::FileAsset: important.txt\n tags:\n Env: test\n overrideProvider:\n defaultTags:\n tags: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nImport using S3 URL syntax:\n\n__Using `pulumi import` to import__ objects using the `id` or S3 URL. For example:\n\nImport using the `id`, which is the bucket name and the key together:\n\n```sh\n$ pulumi import aws:s3/bucketObjectv2:BucketObjectv2 example some-bucket-name/some/key.txt\n```\nImport using S3 URL syntax:\n\n```sh\n$ pulumi import aws:s3/bucketObjectv2:BucketObjectv2 example s3://some-bucket-name/some/key.txt\n```\n", "properties": { "acl": { "type": "string", @@ -318509,7 +318509,7 @@ } }, "aws:s3/bucketReplicationConfig:BucketReplicationConfig": { - "description": "Provides an independent configuration resource for S3 bucket [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html).\n\n\u003e **NOTE:** S3 Buckets only support a single replication configuration. Declaring multiple `aws.s3.BucketReplicationConfig` resources to the same S3 Bucket will cause a perpetual difference in configuration.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Using replication configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"s3.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst replicationRole = new aws.iam.Role(\"replication\", {\n name: \"tf-iam-role-replication-12345\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst destination = new aws.s3.BucketV2(\"destination\", {bucket: \"tf-test-bucket-destination-12345\"});\nconst source = new aws.s3.BucketV2(\"source\", {bucket: \"tf-test-bucket-source-12345\"});\nconst replication = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n actions: [\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\",\n ],\n resources: [source.arn],\n },\n {\n effect: \"Allow\",\n actions: [\n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\",\n ],\n resources: [pulumi.interpolate`${source.arn}/*`],\n },\n {\n effect: \"Allow\",\n actions: [\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\",\n ],\n resources: [pulumi.interpolate`${destination.arn}/*`],\n },\n ],\n});\nconst replicationPolicy = new aws.iam.Policy(\"replication\", {\n name: \"tf-iam-role-policy-replication-12345\",\n policy: replication.apply(replication =\u003e replication.json),\n});\nconst replicationRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"replication\", {\n role: replicationRole.name,\n policyArn: replicationPolicy.arn,\n});\nconst destinationBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"destination\", {\n bucket: destination.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst sourceBucketAcl = new aws.s3.BucketAclV2(\"source_bucket_acl\", {\n bucket: source.id,\n acl: \"private\",\n});\nconst sourceBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"source\", {\n bucket: source.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst replicationBucketReplicationConfig = new aws.s3.BucketReplicationConfig(\"replication\", {\n role: replicationRole.arn,\n bucket: source.id,\n rules: [{\n id: \"foobar\",\n filter: {\n prefix: \"foo\",\n },\n status: \"Enabled\",\n destination: {\n bucket: destination.arn,\n storageClass: \"STANDARD\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"s3.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nreplication_role = aws.iam.Role(\"replication\",\n name=\"tf-iam-role-replication-12345\",\n assume_role_policy=assume_role.json)\ndestination = aws.s3.BucketV2(\"destination\", bucket=\"tf-test-bucket-destination-12345\")\nsource = aws.s3.BucketV2(\"source\", bucket=\"tf-test-bucket-source-12345\")\nreplication = aws.iam.get_policy_document_output(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\",\n ],\n resources=[source.arn],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\",\n ],\n resources=[source.arn.apply(lambda arn: f\"{arn}/*\")],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\",\n ],\n resources=[destination.arn.apply(lambda arn: f\"{arn}/*\")],\n ),\n])\nreplication_policy = aws.iam.Policy(\"replication\",\n name=\"tf-iam-role-policy-replication-12345\",\n policy=replication.json)\nreplication_role_policy_attachment = aws.iam.RolePolicyAttachment(\"replication\",\n role=replication_role.name,\n policy_arn=replication_policy.arn)\ndestination_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"destination\",\n bucket=destination.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nsource_bucket_acl = aws.s3.BucketAclV2(\"source_bucket_acl\",\n bucket=source.id,\n acl=\"private\")\nsource_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"source\",\n bucket=source.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nreplication_bucket_replication_config = aws.s3.BucketReplicationConfig(\"replication\",\n role=replication_role.arn,\n bucket=source.id,\n rules=[aws.s3.BucketReplicationConfigRuleArgs(\n id=\"foobar\",\n filter=aws.s3.BucketReplicationConfigRuleFilterArgs(\n prefix=\"foo\",\n ),\n status=\"Enabled\",\n destination=aws.s3.BucketReplicationConfigRuleDestinationArgs(\n bucket=destination.arn,\n storage_class=\"STANDARD\",\n ),\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"s3.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var replicationRole = new Aws.Iam.Role(\"replication\", new()\n {\n Name = \"tf-iam-role-replication-12345\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var destination = new Aws.S3.BucketV2(\"destination\", new()\n {\n Bucket = \"tf-test-bucket-destination-12345\",\n });\n\n var source = new Aws.S3.BucketV2(\"source\", new()\n {\n Bucket = \"tf-test-bucket-source-12345\",\n });\n\n var replication = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\",\n },\n Resources = new[]\n {\n source.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\",\n },\n Resources = new[]\n {\n $\"{source.Arn}/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\",\n },\n Resources = new[]\n {\n $\"{destination.Arn}/*\",\n },\n },\n },\n });\n\n var replicationPolicy = new Aws.Iam.Policy(\"replication\", new()\n {\n Name = \"tf-iam-role-policy-replication-12345\",\n PolicyDocument = replication.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var replicationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"replication\", new()\n {\n Role = replicationRole.Name,\n PolicyArn = replicationPolicy.Arn,\n });\n\n var destinationBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"destination\", new()\n {\n Bucket = destination.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var sourceBucketAcl = new Aws.S3.BucketAclV2(\"source_bucket_acl\", new()\n {\n Bucket = source.Id,\n Acl = \"private\",\n });\n\n var sourceBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"source\", new()\n {\n Bucket = source.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var replicationBucketReplicationConfig = new Aws.S3.BucketReplicationConfig(\"replication\", new()\n {\n Role = replicationRole.Arn,\n Bucket = source.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketReplicationConfigRuleArgs\n {\n Id = \"foobar\",\n Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs\n {\n Prefix = \"foo\",\n },\n Status = \"Enabled\",\n Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs\n {\n Bucket = destination.Arn,\n StorageClass = \"STANDARD\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"s3.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treplicationRole, err := iam.NewRole(ctx, \"replication\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"tf-iam-role-replication-12345\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdestination, err := s3.NewBucketV2(ctx, \"destination\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-destination-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsource, err := s3.NewBucketV2(ctx, \"source\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-source-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treplication := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetReplicationConfiguration\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ListBucket\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tsource.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetObjectVersionForReplication\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetObjectVersionAcl\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetObjectVersionTagging\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tsource.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ReplicateObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ReplicateDelete\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ReplicateTags\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tdestination.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\treplicationPolicy, err := iam.NewPolicy(ctx, \"replication\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"tf-iam-role-policy-replication-12345\"),\n\t\t\tPolicy: replication.ApplyT(func(replication iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026replication.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"replication\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: replicationRole.Name,\n\t\t\tPolicyArn: replicationPolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"destination\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: destination.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"source_bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: source.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"source\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: source.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketReplicationConfig(ctx, \"replication\", \u0026s3.BucketReplicationConfigArgs{\n\t\t\tRole: replicationRole.Arn,\n\t\t\tBucket: source.ID(),\n\t\t\tRules: s3.BucketReplicationConfigRuleArray{\n\t\t\t\t\u0026s3.BucketReplicationConfigRuleArgs{\n\t\t\t\t\tId: pulumi.String(\"foobar\"),\n\t\t\t\t\tFilter: \u0026s3.BucketReplicationConfigRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tDestination: \u0026s3.BucketReplicationConfigRuleDestinationArgs{\n\t\t\t\t\t\tBucket: destination.Arn,\n\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketReplicationConfig;\nimport com.pulumi.aws.s3.BucketReplicationConfigArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"s3.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var replicationRole = new Role(\"replicationRole\", RoleArgs.builder() \n .name(\"tf-iam-role-replication-12345\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var destination = new BucketV2(\"destination\", BucketV2Args.builder() \n .bucket(\"tf-test-bucket-destination-12345\")\n .build());\n\n var source = new BucketV2(\"source\", BucketV2Args.builder() \n .bucket(\"tf-test-bucket-source-12345\")\n .build());\n\n final var replication = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\")\n .resources(source.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\")\n .resources(source.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\")\n .resources(destination.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var replicationPolicy = new Policy(\"replicationPolicy\", PolicyArgs.builder() \n .name(\"tf-iam-role-policy-replication-12345\")\n .policy(replication.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(replication -\u003e replication.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var replicationRolePolicyAttachment = new RolePolicyAttachment(\"replicationRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(replicationRole.name())\n .policyArn(replicationPolicy.arn())\n .build());\n\n var destinationBucketVersioningV2 = new BucketVersioningV2(\"destinationBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(destination.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var sourceBucketAcl = new BucketAclV2(\"sourceBucketAcl\", BucketAclV2Args.builder() \n .bucket(source.id())\n .acl(\"private\")\n .build());\n\n var sourceBucketVersioningV2 = new BucketVersioningV2(\"sourceBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(source.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var replicationBucketReplicationConfig = new BucketReplicationConfig(\"replicationBucketReplicationConfig\", BucketReplicationConfigArgs.builder() \n .role(replicationRole.arn())\n .bucket(source.id())\n .rules(BucketReplicationConfigRuleArgs.builder()\n .id(\"foobar\")\n .filter(BucketReplicationConfigRuleFilterArgs.builder()\n .prefix(\"foo\")\n .build())\n .status(\"Enabled\")\n .destination(BucketReplicationConfigRuleDestinationArgs.builder()\n .bucket(destination.arn())\n .storageClass(\"STANDARD\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n replicationRole:\n type: aws:iam:Role\n name: replication\n properties:\n name: tf-iam-role-replication-12345\n assumeRolePolicy: ${assumeRole.json}\n replicationPolicy:\n type: aws:iam:Policy\n name: replication\n properties:\n name: tf-iam-role-policy-replication-12345\n policy: ${replication.json}\n replicationRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: replication\n properties:\n role: ${replicationRole.name}\n policyArn: ${replicationPolicy.arn}\n destination:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-destination-12345\n destinationBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: destination\n properties:\n bucket: ${destination.id}\n versioningConfiguration:\n status: Enabled\n source:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-source-12345\n sourceBucketAcl:\n type: aws:s3:BucketAclV2\n name: source_bucket_acl\n properties:\n bucket: ${source.id}\n acl: private\n sourceBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: source\n properties:\n bucket: ${source.id}\n versioningConfiguration:\n status: Enabled\n replicationBucketReplicationConfig:\n type: aws:s3:BucketReplicationConfig\n name: replication\n properties:\n role: ${replicationRole.arn}\n bucket: ${source.id}\n rules:\n - id: foobar\n filter:\n prefix: foo\n status: Enabled\n destination:\n bucket: ${destination.arn}\n storageClass: STANDARD\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - s3.amazonaws.com\n actions:\n - sts:AssumeRole\n replication:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:GetReplicationConfiguration\n - s3:ListBucket\n resources:\n - ${source.arn}\n - effect: Allow\n actions:\n - s3:GetObjectVersionForReplication\n - s3:GetObjectVersionAcl\n - s3:GetObjectVersionTagging\n resources:\n - ${source.arn}/*\n - effect: Allow\n actions:\n - s3:ReplicateObject\n - s3:ReplicateDelete\n - s3:ReplicateTags\n resources:\n - ${destination.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Bi-Directional Replication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ... other configuration ...\nconst east = new aws.s3.BucketV2(\"east\", {bucket: \"tf-test-bucket-east-12345\"});\nconst eastBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"east\", {\n bucket: east.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst west = new aws.s3.BucketV2(\"west\", {bucket: \"tf-test-bucket-west-12345\"});\nconst westBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"west\", {\n bucket: west.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst eastToWest = new aws.s3.BucketReplicationConfig(\"east_to_west\", {\n role: eastReplication.arn,\n bucket: east.id,\n rules: [{\n id: \"foobar\",\n filter: {\n prefix: \"foo\",\n },\n status: \"Enabled\",\n destination: {\n bucket: west.arn,\n storageClass: \"STANDARD\",\n },\n }],\n});\nconst westToEast = new aws.s3.BucketReplicationConfig(\"west_to_east\", {\n role: westReplication.arn,\n bucket: west.id,\n rules: [{\n id: \"foobar\",\n filter: {\n prefix: \"foo\",\n },\n status: \"Enabled\",\n destination: {\n bucket: east.arn,\n storageClass: \"STANDARD\",\n },\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ... other configuration ...\neast = aws.s3.BucketV2(\"east\", bucket=\"tf-test-bucket-east-12345\")\neast_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"east\",\n bucket=east.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nwest = aws.s3.BucketV2(\"west\", bucket=\"tf-test-bucket-west-12345\")\nwest_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"west\",\n bucket=west.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\neast_to_west = aws.s3.BucketReplicationConfig(\"east_to_west\",\n role=east_replication[\"arn\"],\n bucket=east.id,\n rules=[aws.s3.BucketReplicationConfigRuleArgs(\n id=\"foobar\",\n filter=aws.s3.BucketReplicationConfigRuleFilterArgs(\n prefix=\"foo\",\n ),\n status=\"Enabled\",\n destination=aws.s3.BucketReplicationConfigRuleDestinationArgs(\n bucket=west.arn,\n storage_class=\"STANDARD\",\n ),\n )])\nwest_to_east = aws.s3.BucketReplicationConfig(\"west_to_east\",\n role=west_replication[\"arn\"],\n bucket=west.id,\n rules=[aws.s3.BucketReplicationConfigRuleArgs(\n id=\"foobar\",\n filter=aws.s3.BucketReplicationConfigRuleFilterArgs(\n prefix=\"foo\",\n ),\n status=\"Enabled\",\n destination=aws.s3.BucketReplicationConfigRuleDestinationArgs(\n bucket=east.arn,\n storage_class=\"STANDARD\",\n ),\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // ... other configuration ...\n var east = new Aws.S3.BucketV2(\"east\", new()\n {\n Bucket = \"tf-test-bucket-east-12345\",\n });\n\n var eastBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"east\", new()\n {\n Bucket = east.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var west = new Aws.S3.BucketV2(\"west\", new()\n {\n Bucket = \"tf-test-bucket-west-12345\",\n });\n\n var westBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"west\", new()\n {\n Bucket = west.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var eastToWest = new Aws.S3.BucketReplicationConfig(\"east_to_west\", new()\n {\n Role = eastReplication.Arn,\n Bucket = east.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketReplicationConfigRuleArgs\n {\n Id = \"foobar\",\n Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs\n {\n Prefix = \"foo\",\n },\n Status = \"Enabled\",\n Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs\n {\n Bucket = west.Arn,\n StorageClass = \"STANDARD\",\n },\n },\n },\n });\n\n var westToEast = new Aws.S3.BucketReplicationConfig(\"west_to_east\", new()\n {\n Role = westReplication.Arn,\n Bucket = west.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketReplicationConfigRuleArgs\n {\n Id = \"foobar\",\n Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs\n {\n Prefix = \"foo\",\n },\n Status = \"Enabled\",\n Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs\n {\n Bucket = east.Arn,\n StorageClass = \"STANDARD\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// ... other configuration ...\n\t\teast, err := s3.NewBucketV2(ctx, \"east\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-east-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"east\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: east.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twest, err := s3.NewBucketV2(ctx, \"west\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-west-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"west\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: west.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketReplicationConfig(ctx, \"east_to_west\", \u0026s3.BucketReplicationConfigArgs{\n\t\t\tRole: pulumi.Any(eastReplication.Arn),\n\t\t\tBucket: east.ID(),\n\t\t\tRules: s3.BucketReplicationConfigRuleArray{\n\t\t\t\t\u0026s3.BucketReplicationConfigRuleArgs{\n\t\t\t\t\tId: pulumi.String(\"foobar\"),\n\t\t\t\t\tFilter: \u0026s3.BucketReplicationConfigRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tDestination: \u0026s3.BucketReplicationConfigRuleDestinationArgs{\n\t\t\t\t\t\tBucket: west.Arn,\n\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketReplicationConfig(ctx, \"west_to_east\", \u0026s3.BucketReplicationConfigArgs{\n\t\t\tRole: pulumi.Any(westReplication.Arn),\n\t\t\tBucket: west.ID(),\n\t\t\tRules: s3.BucketReplicationConfigRuleArray{\n\t\t\t\t\u0026s3.BucketReplicationConfigRuleArgs{\n\t\t\t\t\tId: pulumi.String(\"foobar\"),\n\t\t\t\t\tFilter: \u0026s3.BucketReplicationConfigRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tDestination: \u0026s3.BucketReplicationConfigRuleDestinationArgs{\n\t\t\t\t\t\tBucket: east.Arn,\n\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketReplicationConfig;\nimport com.pulumi.aws.s3.BucketReplicationConfigArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // ... other configuration ...\n var east = new BucketV2(\"east\", BucketV2Args.builder() \n .bucket(\"tf-test-bucket-east-12345\")\n .build());\n\n var eastBucketVersioningV2 = new BucketVersioningV2(\"eastBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(east.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var west = new BucketV2(\"west\", BucketV2Args.builder() \n .bucket(\"tf-test-bucket-west-12345\")\n .build());\n\n var westBucketVersioningV2 = new BucketVersioningV2(\"westBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(west.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var eastToWest = new BucketReplicationConfig(\"eastToWest\", BucketReplicationConfigArgs.builder() \n .role(eastReplication.arn())\n .bucket(east.id())\n .rules(BucketReplicationConfigRuleArgs.builder()\n .id(\"foobar\")\n .filter(BucketReplicationConfigRuleFilterArgs.builder()\n .prefix(\"foo\")\n .build())\n .status(\"Enabled\")\n .destination(BucketReplicationConfigRuleDestinationArgs.builder()\n .bucket(west.arn())\n .storageClass(\"STANDARD\")\n .build())\n .build())\n .build());\n\n var westToEast = new BucketReplicationConfig(\"westToEast\", BucketReplicationConfigArgs.builder() \n .role(westReplication.arn())\n .bucket(west.id())\n .rules(BucketReplicationConfigRuleArgs.builder()\n .id(\"foobar\")\n .filter(BucketReplicationConfigRuleFilterArgs.builder()\n .prefix(\"foo\")\n .build())\n .status(\"Enabled\")\n .destination(BucketReplicationConfigRuleDestinationArgs.builder()\n .bucket(east.arn())\n .storageClass(\"STANDARD\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # ... other configuration ...\n east:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-east-12345\n eastBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: east\n properties:\n bucket: ${east.id}\n versioningConfiguration:\n status: Enabled\n west:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-west-12345\n westBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: west\n properties:\n bucket: ${west.id}\n versioningConfiguration:\n status: Enabled\n eastToWest:\n type: aws:s3:BucketReplicationConfig\n name: east_to_west\n properties:\n role: ${eastReplication.arn}\n bucket: ${east.id}\n rules:\n - id: foobar\n filter:\n prefix: foo\n status: Enabled\n destination:\n bucket: ${west.arn}\n storageClass: STANDARD\n westToEast:\n type: aws:s3:BucketReplicationConfig\n name: west_to_east\n properties:\n role: ${westReplication.arn}\n bucket: ${west.id}\n rules:\n - id: foobar\n filter:\n prefix: foo\n status: Enabled\n destination:\n bucket: ${east.arn}\n storageClass: STANDARD\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket replication configuration using the `bucket`. For example:\n\n```sh\n$ pulumi import aws:s3/bucketReplicationConfig:BucketReplicationConfig replication bucket-name\n```\n", + "description": "Provides an independent configuration resource for S3 bucket [replication configuration](http://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html).\n\n\u003e **NOTE:** S3 Buckets only support a single replication configuration. Declaring multiple `aws.s3.BucketReplicationConfig` resources to the same S3 Bucket will cause a perpetual difference in configuration.\n\n\u003e This resource cannot be used with S3 directory buckets.\n\n## Example Usage\n\n### Using replication configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"s3.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst replicationRole = new aws.iam.Role(\"replication\", {\n name: \"tf-iam-role-replication-12345\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst destination = new aws.s3.BucketV2(\"destination\", {bucket: \"tf-test-bucket-destination-12345\"});\nconst source = new aws.s3.BucketV2(\"source\", {bucket: \"tf-test-bucket-source-12345\"});\nconst replication = aws.iam.getPolicyDocumentOutput({\n statements: [\n {\n effect: \"Allow\",\n actions: [\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\",\n ],\n resources: [source.arn],\n },\n {\n effect: \"Allow\",\n actions: [\n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\",\n ],\n resources: [pulumi.interpolate`${source.arn}/*`],\n },\n {\n effect: \"Allow\",\n actions: [\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\",\n ],\n resources: [pulumi.interpolate`${destination.arn}/*`],\n },\n ],\n});\nconst replicationPolicy = new aws.iam.Policy(\"replication\", {\n name: \"tf-iam-role-policy-replication-12345\",\n policy: replication.apply(replication =\u003e replication.json),\n});\nconst replicationRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"replication\", {\n role: replicationRole.name,\n policyArn: replicationPolicy.arn,\n});\nconst destinationBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"destination\", {\n bucket: destination.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst sourceBucketAcl = new aws.s3.BucketAclV2(\"source_bucket_acl\", {\n bucket: source.id,\n acl: \"private\",\n});\nconst sourceBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"source\", {\n bucket: source.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst replicationBucketReplicationConfig = new aws.s3.BucketReplicationConfig(\"replication\", {\n role: replicationRole.arn,\n bucket: source.id,\n rules: [{\n id: \"foobar\",\n filter: {\n prefix: \"foo\",\n },\n status: \"Enabled\",\n destination: {\n bucket: destination.arn,\n storageClass: \"STANDARD\",\n },\n }],\n}, {\n dependsOn: [sourceBucketVersioningV2],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"s3.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\nreplication_role = aws.iam.Role(\"replication\",\n name=\"tf-iam-role-replication-12345\",\n assume_role_policy=assume_role.json)\ndestination = aws.s3.BucketV2(\"destination\", bucket=\"tf-test-bucket-destination-12345\")\nsource = aws.s3.BucketV2(\"source\", bucket=\"tf-test-bucket-source-12345\")\nreplication = aws.iam.get_policy_document_output(statements=[\n aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\",\n ],\n resources=[source.arn],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\",\n ],\n resources=[source.arn.apply(lambda arn: f\"{arn}/*\")],\n ),\n aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n actions=[\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\",\n ],\n resources=[destination.arn.apply(lambda arn: f\"{arn}/*\")],\n ),\n])\nreplication_policy = aws.iam.Policy(\"replication\",\n name=\"tf-iam-role-policy-replication-12345\",\n policy=replication.json)\nreplication_role_policy_attachment = aws.iam.RolePolicyAttachment(\"replication\",\n role=replication_role.name,\n policy_arn=replication_policy.arn)\ndestination_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"destination\",\n bucket=destination.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nsource_bucket_acl = aws.s3.BucketAclV2(\"source_bucket_acl\",\n bucket=source.id,\n acl=\"private\")\nsource_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"source\",\n bucket=source.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nreplication_bucket_replication_config = aws.s3.BucketReplicationConfig(\"replication\",\n role=replication_role.arn,\n bucket=source.id,\n rules=[aws.s3.BucketReplicationConfigRuleArgs(\n id=\"foobar\",\n filter=aws.s3.BucketReplicationConfigRuleFilterArgs(\n prefix=\"foo\",\n ),\n status=\"Enabled\",\n destination=aws.s3.BucketReplicationConfigRuleDestinationArgs(\n bucket=destination.arn,\n storage_class=\"STANDARD\",\n ),\n )],\n opts=pulumi.ResourceOptions(depends_on=[source_bucket_versioning_v2]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"s3.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var replicationRole = new Aws.Iam.Role(\"replication\", new()\n {\n Name = \"tf-iam-role-replication-12345\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var destination = new Aws.S3.BucketV2(\"destination\", new()\n {\n Bucket = \"tf-test-bucket-destination-12345\",\n });\n\n var source = new Aws.S3.BucketV2(\"source\", new()\n {\n Bucket = \"tf-test-bucket-source-12345\",\n });\n\n var replication = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\",\n },\n Resources = new[]\n {\n source.Arn,\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\",\n },\n Resources = new[]\n {\n $\"{source.Arn}/*\",\n },\n },\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Actions = new[]\n {\n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\",\n },\n Resources = new[]\n {\n $\"{destination.Arn}/*\",\n },\n },\n },\n });\n\n var replicationPolicy = new Aws.Iam.Policy(\"replication\", new()\n {\n Name = \"tf-iam-role-policy-replication-12345\",\n PolicyDocument = replication.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var replicationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"replication\", new()\n {\n Role = replicationRole.Name,\n PolicyArn = replicationPolicy.Arn,\n });\n\n var destinationBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"destination\", new()\n {\n Bucket = destination.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var sourceBucketAcl = new Aws.S3.BucketAclV2(\"source_bucket_acl\", new()\n {\n Bucket = source.Id,\n Acl = \"private\",\n });\n\n var sourceBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"source\", new()\n {\n Bucket = source.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var replicationBucketReplicationConfig = new Aws.S3.BucketReplicationConfig(\"replication\", new()\n {\n Role = replicationRole.Arn,\n Bucket = source.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketReplicationConfigRuleArgs\n {\n Id = \"foobar\",\n Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs\n {\n Prefix = \"foo\",\n },\n Status = \"Enabled\",\n Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs\n {\n Bucket = destination.Arn,\n StorageClass = \"STANDARD\",\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n sourceBucketVersioningV2, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"s3.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treplicationRole, err := iam.NewRole(ctx, \"replication\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"tf-iam-role-replication-12345\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdestination, err := s3.NewBucketV2(ctx, \"destination\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-destination-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsource, err := s3.NewBucketV2(ctx, \"source\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-source-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treplication := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{\n\t\t\tStatements: iam.GetPolicyDocumentStatementArray{\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetReplicationConfiguration\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ListBucket\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tsource.Arn,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:GetObjectVersionForReplication\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetObjectVersionAcl\"),\n\t\t\t\t\t\tpulumi.String(\"s3:GetObjectVersionTagging\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tsource.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026iam.GetPolicyDocumentStatementArgs{\n\t\t\t\t\tEffect: pulumi.String(\"Allow\"),\n\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"s3:ReplicateObject\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ReplicateDelete\"),\n\t\t\t\t\t\tpulumi.String(\"s3:ReplicateTags\"),\n\t\t\t\t\t},\n\t\t\t\t\tResources: pulumi.StringArray{\n\t\t\t\t\t\tdestination.Arn.ApplyT(func(arn string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"%v/*\", arn), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\treplicationPolicy, err := iam.NewPolicy(ctx, \"replication\", \u0026iam.PolicyArgs{\n\t\t\tName: pulumi.String(\"tf-iam-role-policy-replication-12345\"),\n\t\t\tPolicy: replication.ApplyT(func(replication iam.GetPolicyDocumentResult) (*string, error) {\n\t\t\t\treturn \u0026replication.Json, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"replication\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: replicationRole.Name,\n\t\t\tPolicyArn: replicationPolicy.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketVersioningV2(ctx, \"destination\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: destination.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketAclV2(ctx, \"source_bucket_acl\", \u0026s3.BucketAclV2Args{\n\t\t\tBucket: source.ID(),\n\t\t\tAcl: pulumi.String(\"private\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsourceBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"source\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: source.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketReplicationConfig(ctx, \"replication\", \u0026s3.BucketReplicationConfigArgs{\n\t\t\tRole: replicationRole.Arn,\n\t\t\tBucket: source.ID(),\n\t\t\tRules: s3.BucketReplicationConfigRuleArray{\n\t\t\t\t\u0026s3.BucketReplicationConfigRuleArgs{\n\t\t\t\t\tId: pulumi.String(\"foobar\"),\n\t\t\t\t\tFilter: \u0026s3.BucketReplicationConfigRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tDestination: \u0026s3.BucketReplicationConfigRuleDestinationArgs{\n\t\t\t\t\t\tBucket: destination.Arn,\n\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsourceBucketVersioningV2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.Policy;\nimport com.pulumi.aws.iam.PolicyArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketAclV2;\nimport com.pulumi.aws.s3.BucketAclV2Args;\nimport com.pulumi.aws.s3.BucketReplicationConfig;\nimport com.pulumi.aws.s3.BucketReplicationConfigArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"s3.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var replicationRole = new Role(\"replicationRole\", RoleArgs.builder() \n .name(\"tf-iam-role-replication-12345\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var destination = new BucketV2(\"destination\", BucketV2Args.builder() \n .bucket(\"tf-test-bucket-destination-12345\")\n .build());\n\n var source = new BucketV2(\"source\", BucketV2Args.builder() \n .bucket(\"tf-test-bucket-source-12345\")\n .build());\n\n final var replication = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements( \n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:GetReplicationConfiguration\",\n \"s3:ListBucket\")\n .resources(source.arn())\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:GetObjectVersionForReplication\",\n \"s3:GetObjectVersionAcl\",\n \"s3:GetObjectVersionTagging\")\n .resources(source.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build(),\n GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .actions( \n \"s3:ReplicateObject\",\n \"s3:ReplicateDelete\",\n \"s3:ReplicateTags\")\n .resources(destination.arn().applyValue(arn -\u003e String.format(\"%s/*\", arn)))\n .build())\n .build());\n\n var replicationPolicy = new Policy(\"replicationPolicy\", PolicyArgs.builder() \n .name(\"tf-iam-role-policy-replication-12345\")\n .policy(replication.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult).applyValue(replication -\u003e replication.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json())))\n .build());\n\n var replicationRolePolicyAttachment = new RolePolicyAttachment(\"replicationRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(replicationRole.name())\n .policyArn(replicationPolicy.arn())\n .build());\n\n var destinationBucketVersioningV2 = new BucketVersioningV2(\"destinationBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(destination.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var sourceBucketAcl = new BucketAclV2(\"sourceBucketAcl\", BucketAclV2Args.builder() \n .bucket(source.id())\n .acl(\"private\")\n .build());\n\n var sourceBucketVersioningV2 = new BucketVersioningV2(\"sourceBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(source.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var replicationBucketReplicationConfig = new BucketReplicationConfig(\"replicationBucketReplicationConfig\", BucketReplicationConfigArgs.builder() \n .role(replicationRole.arn())\n .bucket(source.id())\n .rules(BucketReplicationConfigRuleArgs.builder()\n .id(\"foobar\")\n .filter(BucketReplicationConfigRuleFilterArgs.builder()\n .prefix(\"foo\")\n .build())\n .status(\"Enabled\")\n .destination(BucketReplicationConfigRuleDestinationArgs.builder()\n .bucket(destination.arn())\n .storageClass(\"STANDARD\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(sourceBucketVersioningV2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n replicationRole:\n type: aws:iam:Role\n name: replication\n properties:\n name: tf-iam-role-replication-12345\n assumeRolePolicy: ${assumeRole.json}\n replicationPolicy:\n type: aws:iam:Policy\n name: replication\n properties:\n name: tf-iam-role-policy-replication-12345\n policy: ${replication.json}\n replicationRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: replication\n properties:\n role: ${replicationRole.name}\n policyArn: ${replicationPolicy.arn}\n destination:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-destination-12345\n destinationBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: destination\n properties:\n bucket: ${destination.id}\n versioningConfiguration:\n status: Enabled\n source:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-source-12345\n sourceBucketAcl:\n type: aws:s3:BucketAclV2\n name: source_bucket_acl\n properties:\n bucket: ${source.id}\n acl: private\n sourceBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: source\n properties:\n bucket: ${source.id}\n versioningConfiguration:\n status: Enabled\n replicationBucketReplicationConfig:\n type: aws:s3:BucketReplicationConfig\n name: replication\n properties:\n role: ${replicationRole.arn}\n bucket: ${source.id}\n rules:\n - id: foobar\n filter:\n prefix: foo\n status: Enabled\n destination:\n bucket: ${destination.arn}\n storageClass: STANDARD\n options:\n dependson:\n - ${sourceBucketVersioningV2}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - s3.amazonaws.com\n actions:\n - sts:AssumeRole\n replication:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n actions:\n - s3:GetReplicationConfiguration\n - s3:ListBucket\n resources:\n - ${source.arn}\n - effect: Allow\n actions:\n - s3:GetObjectVersionForReplication\n - s3:GetObjectVersionAcl\n - s3:GetObjectVersionTagging\n resources:\n - ${source.arn}/*\n - effect: Allow\n actions:\n - s3:ReplicateObject\n - s3:ReplicateDelete\n - s3:ReplicateTags\n resources:\n - ${destination.arn}/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Bi-Directional Replication\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\n// ... other configuration ...\nconst east = new aws.s3.BucketV2(\"east\", {bucket: \"tf-test-bucket-east-12345\"});\nconst eastBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"east\", {\n bucket: east.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst west = new aws.s3.BucketV2(\"west\", {bucket: \"tf-test-bucket-west-12345\"});\nconst westBucketVersioningV2 = new aws.s3.BucketVersioningV2(\"west\", {\n bucket: west.id,\n versioningConfiguration: {\n status: \"Enabled\",\n },\n});\nconst eastToWest = new aws.s3.BucketReplicationConfig(\"east_to_west\", {\n role: eastReplication.arn,\n bucket: east.id,\n rules: [{\n id: \"foobar\",\n filter: {\n prefix: \"foo\",\n },\n status: \"Enabled\",\n destination: {\n bucket: west.arn,\n storageClass: \"STANDARD\",\n },\n }],\n}, {\n dependsOn: [eastBucketVersioningV2],\n});\nconst westToEast = new aws.s3.BucketReplicationConfig(\"west_to_east\", {\n role: westReplication.arn,\n bucket: west.id,\n rules: [{\n id: \"foobar\",\n filter: {\n prefix: \"foo\",\n },\n status: \"Enabled\",\n destination: {\n bucket: east.arn,\n storageClass: \"STANDARD\",\n },\n }],\n}, {\n dependsOn: [westBucketVersioningV2],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\n# ... other configuration ...\neast = aws.s3.BucketV2(\"east\", bucket=\"tf-test-bucket-east-12345\")\neast_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"east\",\n bucket=east.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\nwest = aws.s3.BucketV2(\"west\", bucket=\"tf-test-bucket-west-12345\")\nwest_bucket_versioning_v2 = aws.s3.BucketVersioningV2(\"west\",\n bucket=west.id,\n versioning_configuration=aws.s3.BucketVersioningV2VersioningConfigurationArgs(\n status=\"Enabled\",\n ))\neast_to_west = aws.s3.BucketReplicationConfig(\"east_to_west\",\n role=east_replication[\"arn\"],\n bucket=east.id,\n rules=[aws.s3.BucketReplicationConfigRuleArgs(\n id=\"foobar\",\n filter=aws.s3.BucketReplicationConfigRuleFilterArgs(\n prefix=\"foo\",\n ),\n status=\"Enabled\",\n destination=aws.s3.BucketReplicationConfigRuleDestinationArgs(\n bucket=west.arn,\n storage_class=\"STANDARD\",\n ),\n )],\n opts=pulumi.ResourceOptions(depends_on=[east_bucket_versioning_v2]))\nwest_to_east = aws.s3.BucketReplicationConfig(\"west_to_east\",\n role=west_replication[\"arn\"],\n bucket=west.id,\n rules=[aws.s3.BucketReplicationConfigRuleArgs(\n id=\"foobar\",\n filter=aws.s3.BucketReplicationConfigRuleFilterArgs(\n prefix=\"foo\",\n ),\n status=\"Enabled\",\n destination=aws.s3.BucketReplicationConfigRuleDestinationArgs(\n bucket=east.arn,\n storage_class=\"STANDARD\",\n ),\n )],\n opts=pulumi.ResourceOptions(depends_on=[west_bucket_versioning_v2]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // ... other configuration ...\n var east = new Aws.S3.BucketV2(\"east\", new()\n {\n Bucket = \"tf-test-bucket-east-12345\",\n });\n\n var eastBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"east\", new()\n {\n Bucket = east.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var west = new Aws.S3.BucketV2(\"west\", new()\n {\n Bucket = \"tf-test-bucket-west-12345\",\n });\n\n var westBucketVersioningV2 = new Aws.S3.BucketVersioningV2(\"west\", new()\n {\n Bucket = west.Id,\n VersioningConfiguration = new Aws.S3.Inputs.BucketVersioningV2VersioningConfigurationArgs\n {\n Status = \"Enabled\",\n },\n });\n\n var eastToWest = new Aws.S3.BucketReplicationConfig(\"east_to_west\", new()\n {\n Role = eastReplication.Arn,\n Bucket = east.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketReplicationConfigRuleArgs\n {\n Id = \"foobar\",\n Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs\n {\n Prefix = \"foo\",\n },\n Status = \"Enabled\",\n Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs\n {\n Bucket = west.Arn,\n StorageClass = \"STANDARD\",\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n eastBucketVersioningV2, \n },\n });\n\n var westToEast = new Aws.S3.BucketReplicationConfig(\"west_to_east\", new()\n {\n Role = westReplication.Arn,\n Bucket = west.Id,\n Rules = new[]\n {\n new Aws.S3.Inputs.BucketReplicationConfigRuleArgs\n {\n Id = \"foobar\",\n Filter = new Aws.S3.Inputs.BucketReplicationConfigRuleFilterArgs\n {\n Prefix = \"foo\",\n },\n Status = \"Enabled\",\n Destination = new Aws.S3.Inputs.BucketReplicationConfigRuleDestinationArgs\n {\n Bucket = east.Arn,\n StorageClass = \"STANDARD\",\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n westBucketVersioningV2, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// ... other configuration ...\n\t\teast, err := s3.NewBucketV2(ctx, \"east\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-east-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teastBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"east\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: east.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twest, err := s3.NewBucketV2(ctx, \"west\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"tf-test-bucket-west-12345\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twestBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, \"west\", \u0026s3.BucketVersioningV2Args{\n\t\t\tBucket: west.ID(),\n\t\t\tVersioningConfiguration: \u0026s3.BucketVersioningV2VersioningConfigurationArgs{\n\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketReplicationConfig(ctx, \"east_to_west\", \u0026s3.BucketReplicationConfigArgs{\n\t\t\tRole: pulumi.Any(eastReplication.Arn),\n\t\t\tBucket: east.ID(),\n\t\t\tRules: s3.BucketReplicationConfigRuleArray{\n\t\t\t\t\u0026s3.BucketReplicationConfigRuleArgs{\n\t\t\t\t\tId: pulumi.String(\"foobar\"),\n\t\t\t\t\tFilter: \u0026s3.BucketReplicationConfigRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tDestination: \u0026s3.BucketReplicationConfigRuleDestinationArgs{\n\t\t\t\t\t\tBucket: west.Arn,\n\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\teastBucketVersioningV2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketReplicationConfig(ctx, \"west_to_east\", \u0026s3.BucketReplicationConfigArgs{\n\t\t\tRole: pulumi.Any(westReplication.Arn),\n\t\t\tBucket: west.ID(),\n\t\t\tRules: s3.BucketReplicationConfigRuleArray{\n\t\t\t\t\u0026s3.BucketReplicationConfigRuleArgs{\n\t\t\t\t\tId: pulumi.String(\"foobar\"),\n\t\t\t\t\tFilter: \u0026s3.BucketReplicationConfigRuleFilterArgs{\n\t\t\t\t\t\tPrefix: pulumi.String(\"foo\"),\n\t\t\t\t\t},\n\t\t\t\t\tStatus: pulumi.String(\"Enabled\"),\n\t\t\t\t\tDestination: \u0026s3.BucketReplicationConfigRuleDestinationArgs{\n\t\t\t\t\t\tBucket: east.Arn,\n\t\t\t\t\t\tStorageClass: pulumi.String(\"STANDARD\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twestBucketVersioningV2,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketVersioningV2;\nimport com.pulumi.aws.s3.BucketVersioningV2Args;\nimport com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs;\nimport com.pulumi.aws.s3.BucketReplicationConfig;\nimport com.pulumi.aws.s3.BucketReplicationConfigArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs;\nimport com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // ... other configuration ...\n var east = new BucketV2(\"east\", BucketV2Args.builder() \n .bucket(\"tf-test-bucket-east-12345\")\n .build());\n\n var eastBucketVersioningV2 = new BucketVersioningV2(\"eastBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(east.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var west = new BucketV2(\"west\", BucketV2Args.builder() \n .bucket(\"tf-test-bucket-west-12345\")\n .build());\n\n var westBucketVersioningV2 = new BucketVersioningV2(\"westBucketVersioningV2\", BucketVersioningV2Args.builder() \n .bucket(west.id())\n .versioningConfiguration(BucketVersioningV2VersioningConfigurationArgs.builder()\n .status(\"Enabled\")\n .build())\n .build());\n\n var eastToWest = new BucketReplicationConfig(\"eastToWest\", BucketReplicationConfigArgs.builder() \n .role(eastReplication.arn())\n .bucket(east.id())\n .rules(BucketReplicationConfigRuleArgs.builder()\n .id(\"foobar\")\n .filter(BucketReplicationConfigRuleFilterArgs.builder()\n .prefix(\"foo\")\n .build())\n .status(\"Enabled\")\n .destination(BucketReplicationConfigRuleDestinationArgs.builder()\n .bucket(west.arn())\n .storageClass(\"STANDARD\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(eastBucketVersioningV2)\n .build());\n\n var westToEast = new BucketReplicationConfig(\"westToEast\", BucketReplicationConfigArgs.builder() \n .role(westReplication.arn())\n .bucket(west.id())\n .rules(BucketReplicationConfigRuleArgs.builder()\n .id(\"foobar\")\n .filter(BucketReplicationConfigRuleFilterArgs.builder()\n .prefix(\"foo\")\n .build())\n .status(\"Enabled\")\n .destination(BucketReplicationConfigRuleDestinationArgs.builder()\n .bucket(east.arn())\n .storageClass(\"STANDARD\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(westBucketVersioningV2)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # ... other configuration ...\n east:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-east-12345\n eastBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: east\n properties:\n bucket: ${east.id}\n versioningConfiguration:\n status: Enabled\n west:\n type: aws:s3:BucketV2\n properties:\n bucket: tf-test-bucket-west-12345\n westBucketVersioningV2:\n type: aws:s3:BucketVersioningV2\n name: west\n properties:\n bucket: ${west.id}\n versioningConfiguration:\n status: Enabled\n eastToWest:\n type: aws:s3:BucketReplicationConfig\n name: east_to_west\n properties:\n role: ${eastReplication.arn}\n bucket: ${east.id}\n rules:\n - id: foobar\n filter:\n prefix: foo\n status: Enabled\n destination:\n bucket: ${west.arn}\n storageClass: STANDARD\n options:\n dependson:\n - ${eastBucketVersioningV2}\n westToEast:\n type: aws:s3:BucketReplicationConfig\n name: west_to_east\n properties:\n role: ${westReplication.arn}\n bucket: ${west.id}\n rules:\n - id: foobar\n filter:\n prefix: foo\n status: Enabled\n destination:\n bucket: ${east.arn}\n storageClass: STANDARD\n options:\n dependson:\n - ${westBucketVersioningV2}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 bucket replication configuration using the `bucket`. For example:\n\n```sh\n$ pulumi import aws:s3/bucketReplicationConfig:BucketReplicationConfig replication bucket-name\n```\n", "properties": { "bucket": { "type": "string", @@ -320289,7 +320289,7 @@ } }, "aws:s3control/accessGrant:AccessGrant": { - "description": "Provides a resource to manage an S3 Access Grant.\nEach access grant has its own ID and gives an IAM user or role or a directory user, or group (the grantee) access to a registered location. You determine the level of access, such as `READ` or `READWRITE`.\nBefore you can create a grant, you must have an S3 Access Grants instance in the same Region as the S3 data.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.AccessGrantsInstance(\"example\", {});\nconst exampleAccessGrantsLocation = new aws.s3control.AccessGrantsLocation(\"example\", {\n iamRoleArn: exampleAwsIamRole.arn,\n locationScope: `s3://${exampleAwsS3Bucket.bucket}/prefixA*`,\n});\nconst exampleAccessGrant = new aws.s3control.AccessGrant(\"example\", {\n accessGrantsLocationId: exampleAccessGrantsLocation.accessGrantsLocationId,\n permission: \"READ\",\n accessGrantsLocationConfiguration: {\n s3SubPrefix: \"prefixB*\",\n },\n grantee: {\n granteeType: \"IAM\",\n granteeIdentifier: exampleAwsIamUser.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.AccessGrantsInstance(\"example\")\nexample_access_grants_location = aws.s3control.AccessGrantsLocation(\"example\",\n iam_role_arn=example_aws_iam_role[\"arn\"],\n location_scope=f\"s3://{example_aws_s3_bucket['bucket']}/prefixA*\")\nexample_access_grant = aws.s3control.AccessGrant(\"example\",\n access_grants_location_id=example_access_grants_location.access_grants_location_id,\n permission=\"READ\",\n access_grants_location_configuration=aws.s3control.AccessGrantAccessGrantsLocationConfigurationArgs(\n s3_sub_prefix=\"prefixB*\",\n ),\n grantee=aws.s3control.AccessGrantGranteeArgs(\n grantee_type=\"IAM\",\n grantee_identifier=example_aws_iam_user[\"arn\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new Aws.S3Control.AccessGrantsLocation(\"example\", new()\n {\n IamRoleArn = exampleAwsIamRole.Arn,\n LocationScope = $\"s3://{exampleAwsS3Bucket.Bucket}/prefixA*\",\n });\n\n var exampleAccessGrant = new Aws.S3Control.AccessGrant(\"example\", new()\n {\n AccessGrantsLocationId = exampleAccessGrantsLocation.AccessGrantsLocationId,\n Permission = \"READ\",\n AccessGrantsLocationConfiguration = new Aws.S3Control.Inputs.AccessGrantAccessGrantsLocationConfigurationArgs\n {\n S3SubPrefix = \"prefixB*\",\n },\n Grantee = new Aws.S3Control.Inputs.AccessGrantGranteeArgs\n {\n GranteeType = \"IAM\",\n GranteeIdentifier = exampleAwsIamUser.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3control.NewAccessGrantsInstance(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessGrantsLocation, err := s3control.NewAccessGrantsLocation(ctx, \"example\", \u0026s3control.AccessGrantsLocationArgs{\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLocationScope: pulumi.String(fmt.Sprintf(\"s3://%v/prefixA*\", exampleAwsS3Bucket.Bucket)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewAccessGrant(ctx, \"example\", \u0026s3control.AccessGrantArgs{\n\t\t\tAccessGrantsLocationId: exampleAccessGrantsLocation.AccessGrantsLocationId,\n\t\t\tPermission: pulumi.String(\"READ\"),\n\t\t\tAccessGrantsLocationConfiguration: \u0026s3control.AccessGrantAccessGrantsLocationConfigurationArgs{\n\t\t\t\tS3SubPrefix: pulumi.String(\"prefixB*\"),\n\t\t\t},\n\t\t\tGrantee: \u0026s3control.AccessGrantGranteeArgs{\n\t\t\t\tGranteeType: pulumi.String(\"IAM\"),\n\t\t\t\tGranteeIdentifier: pulumi.Any(exampleAwsIamUser.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.AccessGrantsInstance;\nimport com.pulumi.aws.s3control.AccessGrantsLocation;\nimport com.pulumi.aws.s3control.AccessGrantsLocationArgs;\nimport com.pulumi.aws.s3control.AccessGrant;\nimport com.pulumi.aws.s3control.AccessGrantArgs;\nimport com.pulumi.aws.s3control.inputs.AccessGrantAccessGrantsLocationConfigurationArgs;\nimport com.pulumi.aws.s3control.inputs.AccessGrantGranteeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new AccessGrantsLocation(\"exampleAccessGrantsLocation\", AccessGrantsLocationArgs.builder() \n .iamRoleArn(exampleAwsIamRole.arn())\n .locationScope(String.format(\"s3://%s/prefixA*\", exampleAwsS3Bucket.bucket()))\n .build());\n\n var exampleAccessGrant = new AccessGrant(\"exampleAccessGrant\", AccessGrantArgs.builder() \n .accessGrantsLocationId(exampleAccessGrantsLocation.accessGrantsLocationId())\n .permission(\"READ\")\n .accessGrantsLocationConfiguration(AccessGrantAccessGrantsLocationConfigurationArgs.builder()\n .s3SubPrefix(\"prefixB*\")\n .build())\n .grantee(AccessGrantGranteeArgs.builder()\n .granteeType(\"IAM\")\n .granteeIdentifier(exampleAwsIamUser.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:AccessGrantsInstance\n exampleAccessGrantsLocation:\n type: aws:s3control:AccessGrantsLocation\n name: example\n properties:\n iamRoleArn: ${exampleAwsIamRole.arn}\n locationScope: s3://${exampleAwsS3Bucket.bucket}/prefixA*\n exampleAccessGrant:\n type: aws:s3control:AccessGrant\n name: example\n properties:\n accessGrantsLocationId: ${exampleAccessGrantsLocation.accessGrantsLocationId}\n permission: READ\n accessGrantsLocationConfiguration:\n s3SubPrefix: prefixB*\n grantee:\n granteeType: IAM\n granteeIdentifier: ${exampleAwsIamUser.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Access Grants using the `account_id` and `access_grant_id`, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:s3control/accessGrant:AccessGrant example 123456789012,04549c5e-2f3c-4a07-824d-2cafe720aa22\n```\n", + "description": "Provides a resource to manage an S3 Access Grant.\nEach access grant has its own ID and gives an IAM user or role or a directory user, or group (the grantee) access to a registered location. You determine the level of access, such as `READ` or `READWRITE`.\nBefore you can create a grant, you must have an S3 Access Grants instance in the same Region as the S3 data.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.AccessGrantsInstance(\"example\", {});\nconst exampleAccessGrantsLocation = new aws.s3control.AccessGrantsLocation(\"example\", {\n iamRoleArn: exampleAwsIamRole.arn,\n locationScope: `s3://${exampleAwsS3Bucket.bucket}/prefixA*`,\n}, {\n dependsOn: [example],\n});\nconst exampleAccessGrant = new aws.s3control.AccessGrant(\"example\", {\n accessGrantsLocationId: exampleAccessGrantsLocation.accessGrantsLocationId,\n permission: \"READ\",\n accessGrantsLocationConfiguration: {\n s3SubPrefix: \"prefixB*\",\n },\n grantee: {\n granteeType: \"IAM\",\n granteeIdentifier: exampleAwsIamUser.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.AccessGrantsInstance(\"example\")\nexample_access_grants_location = aws.s3control.AccessGrantsLocation(\"example\",\n iam_role_arn=example_aws_iam_role[\"arn\"],\n location_scope=f\"s3://{example_aws_s3_bucket['bucket']}/prefixA*\",\n opts=pulumi.ResourceOptions(depends_on=[example]))\nexample_access_grant = aws.s3control.AccessGrant(\"example\",\n access_grants_location_id=example_access_grants_location.access_grants_location_id,\n permission=\"READ\",\n access_grants_location_configuration=aws.s3control.AccessGrantAccessGrantsLocationConfigurationArgs(\n s3_sub_prefix=\"prefixB*\",\n ),\n grantee=aws.s3control.AccessGrantGranteeArgs(\n grantee_type=\"IAM\",\n grantee_identifier=example_aws_iam_user[\"arn\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new Aws.S3Control.AccessGrantsLocation(\"example\", new()\n {\n IamRoleArn = exampleAwsIamRole.Arn,\n LocationScope = $\"s3://{exampleAwsS3Bucket.Bucket}/prefixA*\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n var exampleAccessGrant = new Aws.S3Control.AccessGrant(\"example\", new()\n {\n AccessGrantsLocationId = exampleAccessGrantsLocation.AccessGrantsLocationId,\n Permission = \"READ\",\n AccessGrantsLocationConfiguration = new Aws.S3Control.Inputs.AccessGrantAccessGrantsLocationConfigurationArgs\n {\n S3SubPrefix = \"prefixB*\",\n },\n Grantee = new Aws.S3Control.Inputs.AccessGrantGranteeArgs\n {\n GranteeType = \"IAM\",\n GranteeIdentifier = exampleAwsIamUser.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3control.NewAccessGrantsInstance(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessGrantsLocation, err := s3control.NewAccessGrantsLocation(ctx, \"example\", \u0026s3control.AccessGrantsLocationArgs{\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLocationScope: pulumi.String(fmt.Sprintf(\"s3://%v/prefixA*\", exampleAwsS3Bucket.Bucket)),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewAccessGrant(ctx, \"example\", \u0026s3control.AccessGrantArgs{\n\t\t\tAccessGrantsLocationId: exampleAccessGrantsLocation.AccessGrantsLocationId,\n\t\t\tPermission: pulumi.String(\"READ\"),\n\t\t\tAccessGrantsLocationConfiguration: \u0026s3control.AccessGrantAccessGrantsLocationConfigurationArgs{\n\t\t\t\tS3SubPrefix: pulumi.String(\"prefixB*\"),\n\t\t\t},\n\t\t\tGrantee: \u0026s3control.AccessGrantGranteeArgs{\n\t\t\t\tGranteeType: pulumi.String(\"IAM\"),\n\t\t\t\tGranteeIdentifier: pulumi.Any(exampleAwsIamUser.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.AccessGrantsInstance;\nimport com.pulumi.aws.s3control.AccessGrantsLocation;\nimport com.pulumi.aws.s3control.AccessGrantsLocationArgs;\nimport com.pulumi.aws.s3control.AccessGrant;\nimport com.pulumi.aws.s3control.AccessGrantArgs;\nimport com.pulumi.aws.s3control.inputs.AccessGrantAccessGrantsLocationConfigurationArgs;\nimport com.pulumi.aws.s3control.inputs.AccessGrantGranteeArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new AccessGrantsLocation(\"exampleAccessGrantsLocation\", AccessGrantsLocationArgs.builder() \n .iamRoleArn(exampleAwsIamRole.arn())\n .locationScope(String.format(\"s3://%s/prefixA*\", exampleAwsS3Bucket.bucket()))\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleAccessGrant = new AccessGrant(\"exampleAccessGrant\", AccessGrantArgs.builder() \n .accessGrantsLocationId(exampleAccessGrantsLocation.accessGrantsLocationId())\n .permission(\"READ\")\n .accessGrantsLocationConfiguration(AccessGrantAccessGrantsLocationConfigurationArgs.builder()\n .s3SubPrefix(\"prefixB*\")\n .build())\n .grantee(AccessGrantGranteeArgs.builder()\n .granteeType(\"IAM\")\n .granteeIdentifier(exampleAwsIamUser.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:AccessGrantsInstance\n exampleAccessGrantsLocation:\n type: aws:s3control:AccessGrantsLocation\n name: example\n properties:\n iamRoleArn: ${exampleAwsIamRole.arn}\n locationScope: s3://${exampleAwsS3Bucket.bucket}/prefixA*\n options:\n dependson:\n - ${example}\n exampleAccessGrant:\n type: aws:s3control:AccessGrant\n name: example\n properties:\n accessGrantsLocationId: ${exampleAccessGrantsLocation.accessGrantsLocationId}\n permission: READ\n accessGrantsLocationConfiguration:\n s3SubPrefix: prefixB*\n grantee:\n granteeType: IAM\n granteeIdentifier: ${exampleAwsIamUser.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Access Grants using the `account_id` and `access_grant_id`, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:s3control/accessGrant:AccessGrant example 123456789012,04549c5e-2f3c-4a07-824d-2cafe720aa22\n```\n", "properties": { "accessGrantArn": { "type": "string", @@ -320588,7 +320588,7 @@ } }, "aws:s3control/accessGrantsLocation:AccessGrantsLocation": { - "description": "Provides a resource to manage an S3 Access Grants location.\nA location is an S3 resource (bucket or prefix) in a permission grant that the grantee can access.\nThe S3 data must be in the same Region as your S3 Access Grants instance.\nWhen you register a location, you must include the IAM role that has permission to manage the S3 location that you are registering.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.AccessGrantsInstance(\"example\", {});\nconst exampleAccessGrantsLocation = new aws.s3control.AccessGrantsLocation(\"example\", {\n iamRoleArn: exampleAwsIamRole.arn,\n locationScope: \"s3://\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.AccessGrantsInstance(\"example\")\nexample_access_grants_location = aws.s3control.AccessGrantsLocation(\"example\",\n iam_role_arn=example_aws_iam_role[\"arn\"],\n location_scope=\"s3://\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new Aws.S3Control.AccessGrantsLocation(\"example\", new()\n {\n IamRoleArn = exampleAwsIamRole.Arn,\n LocationScope = \"s3://\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3control.NewAccessGrantsInstance(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewAccessGrantsLocation(ctx, \"example\", \u0026s3control.AccessGrantsLocationArgs{\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLocationScope: pulumi.String(\"s3://\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.AccessGrantsInstance;\nimport com.pulumi.aws.s3control.AccessGrantsLocation;\nimport com.pulumi.aws.s3control.AccessGrantsLocationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new AccessGrantsLocation(\"exampleAccessGrantsLocation\", AccessGrantsLocationArgs.builder() \n .iamRoleArn(exampleAwsIamRole.arn())\n .locationScope(\"s3://\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:AccessGrantsInstance\n exampleAccessGrantsLocation:\n type: aws:s3control:AccessGrantsLocation\n name: example\n properties:\n iamRoleArn: ${exampleAwsIamRole.arn}\n locationScope: s3://\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Access Grants locations using the `account_id` and `access_grants_location_id`, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:s3control/accessGrantsLocation:AccessGrantsLocation example 123456789012,default\n```\n", + "description": "Provides a resource to manage an S3 Access Grants location.\nA location is an S3 resource (bucket or prefix) in a permission grant that the grantee can access.\nThe S3 data must be in the same Region as your S3 Access Grants instance.\nWhen you register a location, you must include the IAM role that has permission to manage the S3 location that you are registering.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.AccessGrantsInstance(\"example\", {});\nconst exampleAccessGrantsLocation = new aws.s3control.AccessGrantsLocation(\"example\", {\n iamRoleArn: exampleAwsIamRole.arn,\n locationScope: \"s3://\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3control.AccessGrantsInstance(\"example\")\nexample_access_grants_location = aws.s3control.AccessGrantsLocation(\"example\",\n iam_role_arn=example_aws_iam_role[\"arn\"],\n location_scope=\"s3://\",\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new Aws.S3Control.AccessGrantsLocation(\"example\", new()\n {\n IamRoleArn = exampleAwsIamRole.Arn,\n LocationScope = \"s3://\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3control.NewAccessGrantsInstance(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewAccessGrantsLocation(ctx, \"example\", \u0026s3control.AccessGrantsLocationArgs{\n\t\t\tIamRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tLocationScope: pulumi.String(\"s3://\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.AccessGrantsInstance;\nimport com.pulumi.aws.s3control.AccessGrantsLocation;\nimport com.pulumi.aws.s3control.AccessGrantsLocationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new AccessGrantsInstance(\"example\");\n\n var exampleAccessGrantsLocation = new AccessGrantsLocation(\"exampleAccessGrantsLocation\", AccessGrantsLocationArgs.builder() \n .iamRoleArn(exampleAwsIamRole.arn())\n .locationScope(\"s3://\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:AccessGrantsInstance\n exampleAccessGrantsLocation:\n type: aws:s3control:AccessGrantsLocation\n name: example\n properties:\n iamRoleArn: ${exampleAwsIamRole.arn}\n locationScope: s3://\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Access Grants locations using the `account_id` and `access_grants_location_id`, separated by a comma (`,`). For example:\n\n```sh\n$ pulumi import aws:s3control/accessGrantsLocation:AccessGrantsLocation example 123456789012,default\n```\n", "properties": { "accessGrantsLocationArn": { "type": "string", @@ -320699,7 +320699,7 @@ } }, "aws:s3control/accessPointPolicy:AccessPointPolicy": { - "description": "Provides a resource to manage an S3 Access Point resource policy.\n\n\u003e **NOTE on Access Points and Access Point Policies:** The provider provides both a standalone Access Point Policy resource and an Access Point resource with a resource policy defined in-line. You cannot use an Access Point with in-line resource policy in conjunction with an Access Point Policy resource. Doing so will cause a conflict of policies and will overwrite the access point's resource policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleAccessPoint = new aws.s3.AccessPoint(\"example\", {\n bucket: example.id,\n name: \"example\",\n publicAccessBlockConfiguration: {\n blockPublicAcls: true,\n blockPublicPolicy: false,\n ignorePublicAcls: true,\n restrictPublicBuckets: false,\n },\n});\nconst exampleAccessPointPolicy = new aws.s3control.AccessPointPolicy(\"example\", {\n accessPointArn: exampleAccessPoint.arn,\n policy: pulumi.jsonStringify({\n version: \"2008-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"s3:GetObjectTagging\",\n principal: {\n AWS: \"*\",\n },\n resource: pulumi.interpolate`${exampleAccessPoint.arn}/object/*`,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_access_point = aws.s3.AccessPoint(\"example\",\n bucket=example.id,\n name=\"example\",\n public_access_block_configuration=aws.s3.AccessPointPublicAccessBlockConfigurationArgs(\n block_public_acls=True,\n block_public_policy=False,\n ignore_public_acls=True,\n restrict_public_buckets=False,\n ))\nexample_access_point_policy = aws.s3control.AccessPointPolicy(\"example\",\n access_point_arn=example_access_point.arn,\n policy=pulumi.Output.json_dumps({\n \"version\": \"2008-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"s3:GetObjectTagging\",\n \"principal\": {\n \"AWS\": \"*\",\n },\n \"resource\": example_access_point.arn.apply(lambda arn: f\"{arn}/object/*\"),\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleAccessPoint = new Aws.S3.AccessPoint(\"example\", new()\n {\n Bucket = example.Id,\n Name = \"example\",\n PublicAccessBlockConfiguration = new Aws.S3.Inputs.AccessPointPublicAccessBlockConfigurationArgs\n {\n BlockPublicAcls = true,\n BlockPublicPolicy = false,\n IgnorePublicAcls = true,\n RestrictPublicBuckets = false,\n },\n });\n\n var exampleAccessPointPolicy = new Aws.S3Control.AccessPointPolicy(\"example\", new()\n {\n AccessPointArn = exampleAccessPoint.Arn,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2008-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"s3:GetObjectTagging\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"resource\"] = exampleAccessPoint.Arn.Apply(arn =\u003e $\"{arn}/object/*\"),\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPoint, err := s3.NewAccessPoint(ctx, \"example\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPublicAccessBlockConfiguration: \u0026s3.AccessPointPublicAccessBlockConfigurationArgs{\n\t\t\t\tBlockPublicAcls: pulumi.Bool(true),\n\t\t\t\tBlockPublicPolicy: pulumi.Bool(false),\n\t\t\t\tIgnorePublicAcls: pulumi.Bool(true),\n\t\t\t\tRestrictPublicBuckets: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewAccessPointPolicy(ctx, \"example\", \u0026s3control.AccessPointPolicyArgs{\n\t\t\tAccessPointArn: exampleAccessPoint.Arn,\n\t\t\tPolicy: exampleAccessPoint.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"version\": \"2008-10-17\",\n\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\"action\": \"s3:GetObjectTagging\",\n\t\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"resource\": fmt.Sprintf(\"%v/object/*\", arn),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AccessPoint;\nimport com.pulumi.aws.s3.AccessPointArgs;\nimport com.pulumi.aws.s3.inputs.AccessPointPublicAccessBlockConfigurationArgs;\nimport com.pulumi.aws.s3control.AccessPointPolicy;\nimport com.pulumi.aws.s3control.AccessPointPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example\")\n .build());\n\n var exampleAccessPoint = new AccessPoint(\"exampleAccessPoint\", AccessPointArgs.builder() \n .bucket(example.id())\n .name(\"example\")\n .publicAccessBlockConfiguration(AccessPointPublicAccessBlockConfigurationArgs.builder()\n .blockPublicAcls(true)\n .blockPublicPolicy(false)\n .ignorePublicAcls(true)\n .restrictPublicBuckets(false)\n .build())\n .build());\n\n var exampleAccessPointPolicy = new AccessPointPolicy(\"exampleAccessPointPolicy\", AccessPointPolicyArgs.builder() \n .accessPointArn(exampleAccessPoint.arn())\n .policy(exampleAccessPoint.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2008-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"action\", \"s3:GetObjectTagging\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"resource\", String.format(\"%s/object/*\", arn))\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleAccessPoint:\n type: aws:s3:AccessPoint\n name: example\n properties:\n bucket: ${example.id}\n name: example\n publicAccessBlockConfiguration:\n blockPublicAcls: true\n blockPublicPolicy: false\n ignorePublicAcls: true\n restrictPublicBuckets: false\n exampleAccessPointPolicy:\n type: aws:s3control:AccessPointPolicy\n name: example\n properties:\n accessPointArn: ${exampleAccessPoint.arn}\n policy:\n fn::toJSON:\n version: 2008-10-17\n statement:\n - effect: Allow\n action: s3:GetObjectTagging\n principal:\n AWS: '*'\n resource: ${exampleAccessPoint.arn}/object/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Access Point policies using the `access_point_arn`. For example:\n\n```sh\n$ pulumi import aws:s3control/accessPointPolicy:AccessPointPolicy example arn:aws:s3:us-west-2:123456789012:accesspoint/example\n```\n", + "description": "Provides a resource to manage an S3 Access Point resource policy.\n\n\u003e **NOTE on Access Points and Access Point Policies:** The provider provides both a standalone Access Point Policy resource and an Access Point resource with a resource policy defined in-line. You cannot use an Access Point with in-line resource policy in conjunction with an Access Point Policy resource. Doing so will cause a conflict of policies and will overwrite the access point's resource policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleAccessPoint = new aws.s3.AccessPoint(\"example\", {\n bucket: example.id,\n name: \"example\",\n publicAccessBlockConfiguration: {\n blockPublicAcls: true,\n blockPublicPolicy: false,\n ignorePublicAcls: true,\n restrictPublicBuckets: false,\n },\n});\nconst exampleAccessPointPolicy = new aws.s3control.AccessPointPolicy(\"example\", {\n accessPointArn: exampleAccessPoint.arn,\n policy: pulumi.jsonStringify({\n Version: \"2008-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: \"s3:GetObjectTagging\",\n Principal: {\n AWS: \"*\",\n },\n Resource: pulumi.interpolate`${exampleAccessPoint.arn}/object/*`,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_access_point = aws.s3.AccessPoint(\"example\",\n bucket=example.id,\n name=\"example\",\n public_access_block_configuration=aws.s3.AccessPointPublicAccessBlockConfigurationArgs(\n block_public_acls=True,\n block_public_policy=False,\n ignore_public_acls=True,\n restrict_public_buckets=False,\n ))\nexample_access_point_policy = aws.s3control.AccessPointPolicy(\"example\",\n access_point_arn=example_access_point.arn,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2008-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObjectTagging\",\n \"Principal\": {\n \"AWS\": \"*\",\n },\n \"Resource\": example_access_point.arn.apply(lambda arn: f\"{arn}/object/*\"),\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleAccessPoint = new Aws.S3.AccessPoint(\"example\", new()\n {\n Bucket = example.Id,\n Name = \"example\",\n PublicAccessBlockConfiguration = new Aws.S3.Inputs.AccessPointPublicAccessBlockConfigurationArgs\n {\n BlockPublicAcls = true,\n BlockPublicPolicy = false,\n IgnorePublicAcls = true,\n RestrictPublicBuckets = false,\n },\n });\n\n var exampleAccessPointPolicy = new Aws.S3Control.AccessPointPolicy(\"example\", new()\n {\n AccessPointArn = exampleAccessPoint.Arn,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2008-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = \"s3:GetObjectTagging\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"Resource\"] = exampleAccessPoint.Arn.Apply(arn =\u003e $\"{arn}/object/*\"),\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPoint, err := s3.NewAccessPoint(ctx, \"example\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tPublicAccessBlockConfiguration: \u0026s3.AccessPointPublicAccessBlockConfigurationArgs{\n\t\t\t\tBlockPublicAcls: pulumi.Bool(true),\n\t\t\t\tBlockPublicPolicy: pulumi.Bool(false),\n\t\t\t\tIgnorePublicAcls: pulumi.Bool(true),\n\t\t\t\tRestrictPublicBuckets: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewAccessPointPolicy(ctx, \"example\", \u0026s3control.AccessPointPolicyArgs{\n\t\t\tAccessPointArn: exampleAccessPoint.Arn,\n\t\t\tPolicy: exampleAccessPoint.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2008-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Action\": \"s3:GetObjectTagging\",\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": fmt.Sprintf(\"%v/object/*\", arn),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AccessPoint;\nimport com.pulumi.aws.s3.AccessPointArgs;\nimport com.pulumi.aws.s3.inputs.AccessPointPublicAccessBlockConfigurationArgs;\nimport com.pulumi.aws.s3control.AccessPointPolicy;\nimport com.pulumi.aws.s3control.AccessPointPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example\")\n .build());\n\n var exampleAccessPoint = new AccessPoint(\"exampleAccessPoint\", AccessPointArgs.builder() \n .bucket(example.id())\n .name(\"example\")\n .publicAccessBlockConfiguration(AccessPointPublicAccessBlockConfigurationArgs.builder()\n .blockPublicAcls(true)\n .blockPublicPolicy(false)\n .ignorePublicAcls(true)\n .restrictPublicBuckets(false)\n .build())\n .build());\n\n var exampleAccessPointPolicy = new AccessPointPolicy(\"exampleAccessPointPolicy\", AccessPointPolicyArgs.builder() \n .accessPointArn(exampleAccessPoint.arn())\n .policy(exampleAccessPoint.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2008-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", \"s3:GetObjectTagging\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"Resource\", String.format(\"%s/object/*\", arn))\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleAccessPoint:\n type: aws:s3:AccessPoint\n name: example\n properties:\n bucket: ${example.id}\n name: example\n publicAccessBlockConfiguration:\n blockPublicAcls: true\n blockPublicPolicy: false\n ignorePublicAcls: true\n restrictPublicBuckets: false\n exampleAccessPointPolicy:\n type: aws:s3control:AccessPointPolicy\n name: example\n properties:\n accessPointArn: ${exampleAccessPoint.arn}\n policy:\n fn::toJSON:\n Version: 2008-10-17\n Statement:\n - Effect: Allow\n Action: s3:GetObjectTagging\n Principal:\n AWS: '*'\n Resource: ${exampleAccessPoint.arn}/object/*\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Access Point policies using the `access_point_arn`. For example:\n\n```sh\n$ pulumi import aws:s3control/accessPointPolicy:AccessPointPolicy example arn:aws:s3:us-west-2:123456789012:accesspoint/example\n```\n", "properties": { "accessPointArn": { "type": "string", @@ -320940,7 +320940,7 @@ } }, "aws:s3control/bucketPolicy:BucketPolicy": { - "description": "Provides a resource to manage an S3 Control Bucket Policy.\n\n\u003e This functionality is for managing [S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html). To manage S3 Bucket Policies in an AWS Partition, see the `aws.s3.BucketPolicy` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.BucketPolicy(\"example\", {\n bucket: exampleAwsS3controlBucket.arn,\n policy: JSON.stringify({\n id: \"testBucketPolicy\",\n statement: [{\n action: \"s3-outposts:PutBucketLifecycleConfiguration\",\n effect: \"Deny\",\n principal: {\n AWS: \"*\",\n },\n resource: exampleAwsS3controlBucket.arn,\n sid: \"statement1\",\n }],\n version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.s3control.BucketPolicy(\"example\",\n bucket=example_aws_s3control_bucket[\"arn\"],\n policy=json.dumps({\n \"id\": \"testBucketPolicy\",\n \"statement\": [{\n \"action\": \"s3-outposts:PutBucketLifecycleConfiguration\",\n \"effect\": \"Deny\",\n \"principal\": {\n \"AWS\": \"*\",\n },\n \"resource\": example_aws_s3control_bucket[\"arn\"],\n \"sid\": \"statement1\",\n }],\n \"version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.BucketPolicy(\"example\", new()\n {\n Bucket = exampleAwsS3controlBucket.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"id\"] = \"testBucketPolicy\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"s3-outposts:PutBucketLifecycleConfiguration\",\n [\"effect\"] = \"Deny\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"resource\"] = exampleAwsS3controlBucket.Arn,\n [\"sid\"] = \"statement1\",\n },\n },\n [\"version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"id\": \"testBucketPolicy\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"s3-outposts:PutBucketLifecycleConfiguration\",\n\t\t\t\t\t\"effect\": \"Deny\",\n\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"resource\": exampleAwsS3controlBucket.Arn,\n\t\t\t\t\t\"sid\": \"statement1\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = s3control.NewBucketPolicy(ctx, \"example\", \u0026s3control.BucketPolicyArgs{\n\t\t\tBucket: pulumi.Any(exampleAwsS3controlBucket.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.BucketPolicy;\nimport com.pulumi.aws.s3control.BucketPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketPolicy(\"example\", BucketPolicyArgs.builder() \n .bucket(exampleAwsS3controlBucket.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"id\", \"testBucketPolicy\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"s3-outposts:PutBucketLifecycleConfiguration\"),\n jsonProperty(\"effect\", \"Deny\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"resource\", exampleAwsS3controlBucket.arn()),\n jsonProperty(\"sid\", \"statement1\")\n ))),\n jsonProperty(\"version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:BucketPolicy\n properties:\n bucket: ${exampleAwsS3controlBucket.arn}\n policy:\n fn::toJSON:\n id: testBucketPolicy\n statement:\n - action: s3-outposts:PutBucketLifecycleConfiguration\n effect: Deny\n principal:\n AWS: '*'\n resource: ${exampleAwsS3controlBucket.arn}\n sid: statement1\n version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Control Bucket Policies using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:s3control/bucketPolicy:BucketPolicy example arn:aws:s3-outposts:us-east-1:123456789012:outpost/op-12345678/bucket/example\n```\n", + "description": "Provides a resource to manage an S3 Control Bucket Policy.\n\n\u003e This functionality is for managing [S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html). To manage S3 Bucket Policies in an AWS Partition, see the `aws.s3.BucketPolicy` resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3control.BucketPolicy(\"example\", {\n bucket: exampleAwsS3controlBucket.arn,\n policy: JSON.stringify({\n Id: \"testBucketPolicy\",\n Statement: [{\n Action: \"s3-outposts:PutBucketLifecycleConfiguration\",\n Effect: \"Deny\",\n Principal: {\n AWS: \"*\",\n },\n Resource: exampleAwsS3controlBucket.arn,\n Sid: \"statement1\",\n }],\n Version: \"2012-10-17\",\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.s3control.BucketPolicy(\"example\",\n bucket=example_aws_s3control_bucket[\"arn\"],\n policy=json.dumps({\n \"Id\": \"testBucketPolicy\",\n \"Statement\": [{\n \"Action\": \"s3-outposts:PutBucketLifecycleConfiguration\",\n \"Effect\": \"Deny\",\n \"Principal\": {\n \"AWS\": \"*\",\n },\n \"Resource\": example_aws_s3control_bucket[\"arn\"],\n \"Sid\": \"statement1\",\n }],\n \"Version\": \"2012-10-17\",\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3Control.BucketPolicy(\"example\", new()\n {\n Bucket = exampleAwsS3controlBucket.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Id\"] = \"testBucketPolicy\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"s3-outposts:PutBucketLifecycleConfiguration\",\n [\"Effect\"] = \"Deny\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = \"*\",\n },\n [\"Resource\"] = exampleAwsS3controlBucket.Arn,\n [\"Sid\"] = \"statement1\",\n },\n },\n [\"Version\"] = \"2012-10-17\",\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Id\": \"testBucketPolicy\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"s3-outposts:PutBucketLifecycleConfiguration\",\n\t\t\t\t\t\"Effect\": \"Deny\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"AWS\": \"*\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Resource\": exampleAwsS3controlBucket.Arn,\n\t\t\t\t\t\"Sid\": \"statement1\",\n\t\t\t\t},\n\t\t\t},\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = s3control.NewBucketPolicy(ctx, \"example\", \u0026s3control.BucketPolicyArgs{\n\t\t\tBucket: pulumi.Any(exampleAwsS3controlBucket.Arn),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3control.BucketPolicy;\nimport com.pulumi.aws.s3control.BucketPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketPolicy(\"example\", BucketPolicyArgs.builder() \n .bucket(exampleAwsS3controlBucket.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Id\", \"testBucketPolicy\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"s3-outposts:PutBucketLifecycleConfiguration\"),\n jsonProperty(\"Effect\", \"Deny\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", \"*\")\n )),\n jsonProperty(\"Resource\", exampleAwsS3controlBucket.arn()),\n jsonProperty(\"Sid\", \"statement1\")\n ))),\n jsonProperty(\"Version\", \"2012-10-17\")\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3control:BucketPolicy\n properties:\n bucket: ${exampleAwsS3controlBucket.arn}\n policy:\n fn::toJSON:\n Id: testBucketPolicy\n Statement:\n - Action: s3-outposts:PutBucketLifecycleConfiguration\n Effect: Deny\n Principal:\n AWS: '*'\n Resource: ${exampleAwsS3controlBucket.arn}\n Sid: statement1\n Version: 2012-10-17\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import S3 Control Bucket Policies using the Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:s3control/bucketPolicy:BucketPolicy example arn:aws:s3-outposts:us-east-1:123456789012:outpost/op-12345678/bucket/example\n```\n", "properties": { "bucket": { "type": "string", @@ -321214,7 +321214,7 @@ } }, "aws:s3control/objectLambdaAccessPointPolicy:ObjectLambdaAccessPointPolicy": { - "description": "Provides a resource to manage an S3 Object Lambda Access Point resource policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleAccessPoint = new aws.s3.AccessPoint(\"example\", {\n bucket: example.id,\n name: \"example\",\n});\nconst exampleObjectLambdaAccessPoint = new aws.s3control.ObjectLambdaAccessPoint(\"example\", {\n name: \"example\",\n configuration: {\n supportingAccessPoint: exampleAccessPoint.arn,\n transformationConfigurations: [{\n actions: [\"GetObject\"],\n contentTransformation: {\n awsLambda: {\n functionArn: exampleAwsLambdaFunction.arn,\n },\n },\n }],\n },\n});\nconst exampleObjectLambdaAccessPointPolicy = new aws.s3control.ObjectLambdaAccessPointPolicy(\"example\", {\n name: exampleObjectLambdaAccessPoint.name,\n policy: pulumi.jsonStringify({\n version: \"2008-10-17\",\n statement: [{\n effect: \"Allow\",\n action: \"s3-object-lambda:GetObject\",\n principal: {\n AWS: current.accountId,\n },\n resource: exampleObjectLambdaAccessPoint.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_access_point = aws.s3.AccessPoint(\"example\",\n bucket=example.id,\n name=\"example\")\nexample_object_lambda_access_point = aws.s3control.ObjectLambdaAccessPoint(\"example\",\n name=\"example\",\n configuration=aws.s3control.ObjectLambdaAccessPointConfigurationArgs(\n supporting_access_point=example_access_point.arn,\n transformation_configurations=[aws.s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs(\n actions=[\"GetObject\"],\n content_transformation=aws.s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs(\n aws_lambda=aws.s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs(\n function_arn=example_aws_lambda_function[\"arn\"],\n ),\n ),\n )],\n ))\nexample_object_lambda_access_point_policy = aws.s3control.ObjectLambdaAccessPointPolicy(\"example\",\n name=example_object_lambda_access_point.name,\n policy=pulumi.Output.json_dumps({\n \"version\": \"2008-10-17\",\n \"statement\": [{\n \"effect\": \"Allow\",\n \"action\": \"s3-object-lambda:GetObject\",\n \"principal\": {\n \"AWS\": current[\"accountId\"],\n },\n \"resource\": example_object_lambda_access_point.arn,\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleAccessPoint = new Aws.S3.AccessPoint(\"example\", new()\n {\n Bucket = example.Id,\n Name = \"example\",\n });\n\n var exampleObjectLambdaAccessPoint = new Aws.S3Control.ObjectLambdaAccessPoint(\"example\", new()\n {\n Name = \"example\",\n Configuration = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationArgs\n {\n SupportingAccessPoint = exampleAccessPoint.Arn,\n TransformationConfigurations = new[]\n {\n new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs\n {\n Actions = new[]\n {\n \"GetObject\",\n },\n ContentTransformation = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs\n {\n AwsLambda = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs\n {\n FunctionArn = exampleAwsLambdaFunction.Arn,\n },\n },\n },\n },\n },\n });\n\n var exampleObjectLambdaAccessPointPolicy = new Aws.S3Control.ObjectLambdaAccessPointPolicy(\"example\", new()\n {\n Name = exampleObjectLambdaAccessPoint.Name,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2008-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"effect\"] = \"Allow\",\n [\"action\"] = \"s3-object-lambda:GetObject\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = current.AccountId,\n },\n [\"resource\"] = exampleObjectLambdaAccessPoint.Arn,\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPoint, err := s3.NewAccessPoint(ctx, \"example\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleObjectLambdaAccessPoint, err := s3control.NewObjectLambdaAccessPoint(ctx, \"example\", \u0026s3control.ObjectLambdaAccessPointArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026s3control.ObjectLambdaAccessPointConfigurationArgs{\n\t\t\t\tSupportingAccessPoint: exampleAccessPoint.Arn,\n\t\t\t\tTransformationConfigurations: s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationArray{\n\t\t\t\t\t\u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs{\n\t\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"GetObject\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tContentTransformation: \u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs{\n\t\t\t\t\t\t\tAwsLambda: \u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs{\n\t\t\t\t\t\t\t\tFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewObjectLambdaAccessPointPolicy(ctx, \"example\", \u0026s3control.ObjectLambdaAccessPointPolicyArgs{\n\t\t\tName: exampleObjectLambdaAccessPoint.Name,\n\t\t\tPolicy: exampleObjectLambdaAccessPoint.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"version\": \"2008-10-17\",\n\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\"action\": \"s3-object-lambda:GetObject\",\n\t\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": current.AccountId,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AccessPoint;\nimport com.pulumi.aws.s3.AccessPointArgs;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPoint;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPointArgs;\nimport com.pulumi.aws.s3control.inputs.ObjectLambdaAccessPointConfigurationArgs;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPointPolicy;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPointPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example\")\n .build());\n\n var exampleAccessPoint = new AccessPoint(\"exampleAccessPoint\", AccessPointArgs.builder() \n .bucket(example.id())\n .name(\"example\")\n .build());\n\n var exampleObjectLambdaAccessPoint = new ObjectLambdaAccessPoint(\"exampleObjectLambdaAccessPoint\", ObjectLambdaAccessPointArgs.builder() \n .name(\"example\")\n .configuration(ObjectLambdaAccessPointConfigurationArgs.builder()\n .supportingAccessPoint(exampleAccessPoint.arn())\n .transformationConfigurations(ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs.builder()\n .actions(\"GetObject\")\n .contentTransformation(ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs.builder()\n .awsLambda(ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs.builder()\n .functionArn(exampleAwsLambdaFunction.arn())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n var exampleObjectLambdaAccessPointPolicy = new ObjectLambdaAccessPointPolicy(\"exampleObjectLambdaAccessPointPolicy\", ObjectLambdaAccessPointPolicyArgs.builder() \n .name(exampleObjectLambdaAccessPoint.name())\n .policy(exampleObjectLambdaAccessPoint.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2008-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"action\", \"s3-object-lambda:GetObject\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", current.accountId())\n )),\n jsonProperty(\"resource\", arn)\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleAccessPoint:\n type: aws:s3:AccessPoint\n name: example\n properties:\n bucket: ${example.id}\n name: example\n exampleObjectLambdaAccessPoint:\n type: aws:s3control:ObjectLambdaAccessPoint\n name: example\n properties:\n name: example\n configuration:\n supportingAccessPoint: ${exampleAccessPoint.arn}\n transformationConfigurations:\n - actions:\n - GetObject\n contentTransformation:\n awsLambda:\n functionArn: ${exampleAwsLambdaFunction.arn}\n exampleObjectLambdaAccessPointPolicy:\n type: aws:s3control:ObjectLambdaAccessPointPolicy\n name: example\n properties:\n name: ${exampleObjectLambdaAccessPoint.name}\n policy:\n fn::toJSON:\n version: 2008-10-17\n statement:\n - effect: Allow\n action: s3-object-lambda:GetObject\n principal:\n AWS: ${current.accountId}\n resource: ${exampleObjectLambdaAccessPoint.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Object Lambda Access Point policies using the `account_id` and `name`, separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:s3control/objectLambdaAccessPointPolicy:ObjectLambdaAccessPointPolicy example 123456789012:example\n```\n", + "description": "Provides a resource to manage an S3 Object Lambda Access Point resource policy.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {bucket: \"example\"});\nconst exampleAccessPoint = new aws.s3.AccessPoint(\"example\", {\n bucket: example.id,\n name: \"example\",\n});\nconst exampleObjectLambdaAccessPoint = new aws.s3control.ObjectLambdaAccessPoint(\"example\", {\n name: \"example\",\n configuration: {\n supportingAccessPoint: exampleAccessPoint.arn,\n transformationConfigurations: [{\n actions: [\"GetObject\"],\n contentTransformation: {\n awsLambda: {\n functionArn: exampleAwsLambdaFunction.arn,\n },\n },\n }],\n },\n});\nconst exampleObjectLambdaAccessPointPolicy = new aws.s3control.ObjectLambdaAccessPointPolicy(\"example\", {\n name: exampleObjectLambdaAccessPoint.name,\n policy: pulumi.jsonStringify({\n Version: \"2008-10-17\",\n Statement: [{\n Effect: \"Allow\",\n Action: \"s3-object-lambda:GetObject\",\n Principal: {\n AWS: current.accountId,\n },\n Resource: exampleObjectLambdaAccessPoint.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\", bucket=\"example\")\nexample_access_point = aws.s3.AccessPoint(\"example\",\n bucket=example.id,\n name=\"example\")\nexample_object_lambda_access_point = aws.s3control.ObjectLambdaAccessPoint(\"example\",\n name=\"example\",\n configuration=aws.s3control.ObjectLambdaAccessPointConfigurationArgs(\n supporting_access_point=example_access_point.arn,\n transformation_configurations=[aws.s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs(\n actions=[\"GetObject\"],\n content_transformation=aws.s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs(\n aws_lambda=aws.s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs(\n function_arn=example_aws_lambda_function[\"arn\"],\n ),\n ),\n )],\n ))\nexample_object_lambda_access_point_policy = aws.s3control.ObjectLambdaAccessPointPolicy(\"example\",\n name=example_object_lambda_access_point.name,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2008-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Action\": \"s3-object-lambda:GetObject\",\n \"Principal\": {\n \"AWS\": current[\"accountId\"],\n },\n \"Resource\": example_object_lambda_access_point.arn,\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example\",\n });\n\n var exampleAccessPoint = new Aws.S3.AccessPoint(\"example\", new()\n {\n Bucket = example.Id,\n Name = \"example\",\n });\n\n var exampleObjectLambdaAccessPoint = new Aws.S3Control.ObjectLambdaAccessPoint(\"example\", new()\n {\n Name = \"example\",\n Configuration = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationArgs\n {\n SupportingAccessPoint = exampleAccessPoint.Arn,\n TransformationConfigurations = new[]\n {\n new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs\n {\n Actions = new[]\n {\n \"GetObject\",\n },\n ContentTransformation = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs\n {\n AwsLambda = new Aws.S3Control.Inputs.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs\n {\n FunctionArn = exampleAwsLambdaFunction.Arn,\n },\n },\n },\n },\n },\n });\n\n var exampleObjectLambdaAccessPointPolicy = new Aws.S3Control.ObjectLambdaAccessPointPolicy(\"example\", new()\n {\n Name = exampleObjectLambdaAccessPoint.Name,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2008-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Effect\"] = \"Allow\",\n [\"Action\"] = \"s3-object-lambda:GetObject\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = current.AccountId,\n },\n [\"Resource\"] = exampleObjectLambdaAccessPoint.Arn,\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3control\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccessPoint, err := s3.NewAccessPoint(ctx, \"example\", \u0026s3.AccessPointArgs{\n\t\t\tBucket: example.ID(),\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleObjectLambdaAccessPoint, err := s3control.NewObjectLambdaAccessPoint(ctx, \"example\", \u0026s3control.ObjectLambdaAccessPointArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tConfiguration: \u0026s3control.ObjectLambdaAccessPointConfigurationArgs{\n\t\t\t\tSupportingAccessPoint: exampleAccessPoint.Arn,\n\t\t\t\tTransformationConfigurations: s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationArray{\n\t\t\t\t\t\u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs{\n\t\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"GetObject\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tContentTransformation: \u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs{\n\t\t\t\t\t\t\tAwsLambda: \u0026s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs{\n\t\t\t\t\t\t\t\tFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3control.NewObjectLambdaAccessPointPolicy(ctx, \"example\", \u0026s3control.ObjectLambdaAccessPointPolicyArgs{\n\t\t\tName: exampleObjectLambdaAccessPoint.Name,\n\t\t\tPolicy: exampleObjectLambdaAccessPoint.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2008-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Action\": \"s3-object-lambda:GetObject\",\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": current.AccountId,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.AccessPoint;\nimport com.pulumi.aws.s3.AccessPointArgs;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPoint;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPointArgs;\nimport com.pulumi.aws.s3control.inputs.ObjectLambdaAccessPointConfigurationArgs;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPointPolicy;\nimport com.pulumi.aws.s3control.ObjectLambdaAccessPointPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example\")\n .build());\n\n var exampleAccessPoint = new AccessPoint(\"exampleAccessPoint\", AccessPointArgs.builder() \n .bucket(example.id())\n .name(\"example\")\n .build());\n\n var exampleObjectLambdaAccessPoint = new ObjectLambdaAccessPoint(\"exampleObjectLambdaAccessPoint\", ObjectLambdaAccessPointArgs.builder() \n .name(\"example\")\n .configuration(ObjectLambdaAccessPointConfigurationArgs.builder()\n .supportingAccessPoint(exampleAccessPoint.arn())\n .transformationConfigurations(ObjectLambdaAccessPointConfigurationTransformationConfigurationArgs.builder()\n .actions(\"GetObject\")\n .contentTransformation(ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationArgs.builder()\n .awsLambda(ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambdaArgs.builder()\n .functionArn(exampleAwsLambdaFunction.arn())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n var exampleObjectLambdaAccessPointPolicy = new ObjectLambdaAccessPointPolicy(\"exampleObjectLambdaAccessPointPolicy\", ObjectLambdaAccessPointPolicyArgs.builder() \n .name(exampleObjectLambdaAccessPoint.name())\n .policy(exampleObjectLambdaAccessPoint.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2008-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Action\", \"s3-object-lambda:GetObject\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", current.accountId())\n )),\n jsonProperty(\"Resource\", arn)\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example\n exampleAccessPoint:\n type: aws:s3:AccessPoint\n name: example\n properties:\n bucket: ${example.id}\n name: example\n exampleObjectLambdaAccessPoint:\n type: aws:s3control:ObjectLambdaAccessPoint\n name: example\n properties:\n name: example\n configuration:\n supportingAccessPoint: ${exampleAccessPoint.arn}\n transformationConfigurations:\n - actions:\n - GetObject\n contentTransformation:\n awsLambda:\n functionArn: ${exampleAwsLambdaFunction.arn}\n exampleObjectLambdaAccessPointPolicy:\n type: aws:s3control:ObjectLambdaAccessPointPolicy\n name: example\n properties:\n name: ${exampleObjectLambdaAccessPoint.name}\n policy:\n fn::toJSON:\n Version: 2008-10-17\n Statement:\n - Effect: Allow\n Action: s3-object-lambda:GetObject\n Principal:\n AWS: ${current.accountId}\n Resource: ${exampleObjectLambdaAccessPoint.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Object Lambda Access Point policies using the `account_id` and `name`, separated by a colon (`:`). For example:\n\n```sh\n$ pulumi import aws:s3control/objectLambdaAccessPointPolicy:ObjectLambdaAccessPointPolicy example 123456789012:example\n```\n", "properties": { "accountId": { "type": "string", @@ -321800,7 +321800,7 @@ } }, "aws:sagemaker/codeRepository:CodeRepository": { - "description": "Provides a SageMaker Code Repository resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.CodeRepository(\"example\", {\n codeRepositoryName: \"example\",\n gitConfig: {\n repositoryUrl: \"https://github.com/github/docs.git\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.CodeRepository(\"example\",\n code_repository_name=\"example\",\n git_config=aws.sagemaker.CodeRepositoryGitConfigArgs(\n repository_url=\"https://github.com/github/docs.git\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.CodeRepository(\"example\", new()\n {\n CodeRepositoryName = \"example\",\n GitConfig = new Aws.Sagemaker.Inputs.CodeRepositoryGitConfigArgs\n {\n RepositoryUrl = \"https://github.com/github/docs.git\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewCodeRepository(ctx, \"example\", \u0026sagemaker.CodeRepositoryArgs{\n\t\t\tCodeRepositoryName: pulumi.String(\"example\"),\n\t\t\tGitConfig: \u0026sagemaker.CodeRepositoryGitConfigArgs{\n\t\t\t\tRepositoryUrl: pulumi.String(\"https://github.com/github/docs.git\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.CodeRepository;\nimport com.pulumi.aws.sagemaker.CodeRepositoryArgs;\nimport com.pulumi.aws.sagemaker.inputs.CodeRepositoryGitConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CodeRepository(\"example\", CodeRepositoryArgs.builder() \n .codeRepositoryName(\"example\")\n .gitConfig(CodeRepositoryGitConfigArgs.builder()\n .repositoryUrl(\"https://github.com/github/docs.git\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:CodeRepository\n properties:\n codeRepositoryName: example\n gitConfig:\n repositoryUrl: https://github.com/github/docs.git\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example with Secret\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.Secret(\"example\", {name: \"example\"});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: example.id,\n secretString: JSON.stringify({\n username: \"example\",\n password: \"example\",\n }),\n});\nconst exampleCodeRepository = new aws.sagemaker.CodeRepository(\"example\", {\n codeRepositoryName: \"example\",\n gitConfig: {\n repositoryUrl: \"https://github.com/github/docs.git\",\n secretArn: example.arn,\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.Secret(\"example\", name=\"example\")\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example.id,\n secret_string=json.dumps({\n \"username\": \"example\",\n \"password\": \"example\",\n }))\nexample_code_repository = aws.sagemaker.CodeRepository(\"example\",\n code_repository_name=\"example\",\n git_config=aws.sagemaker.CodeRepositoryGitConfigArgs(\n repository_url=\"https://github.com/github/docs.git\",\n secret_arn=example.arn,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = example.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = \"example\",\n [\"password\"] = \"example\",\n }),\n });\n\n var exampleCodeRepository = new Aws.Sagemaker.CodeRepository(\"example\", new()\n {\n CodeRepositoryName = \"example\",\n GitConfig = new Aws.Sagemaker.Inputs.CodeRepositoryGitConfigArgs\n {\n RepositoryUrl = \"https://github.com/github/docs.git\",\n SecretArn = example.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"username\": \"example\",\n\t\t\t\"password\": \"example\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: example.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewCodeRepository(ctx, \"example\", \u0026sagemaker.CodeRepositoryArgs{\n\t\t\tCodeRepositoryName: pulumi.String(\"example\"),\n\t\t\tGitConfig: \u0026sagemaker.CodeRepositoryGitConfigArgs{\n\t\t\t\tRepositoryUrl: pulumi.String(\"https://github.com/github/docs.git\"),\n\t\t\t\tSecretArn: example.Arn,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.sagemaker.CodeRepository;\nimport com.pulumi.aws.sagemaker.CodeRepositoryArgs;\nimport com.pulumi.aws.sagemaker.inputs.CodeRepositoryGitConfigArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Secret(\"example\", SecretArgs.builder() \n .name(\"example\")\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder() \n .secretId(example.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"username\", \"example\"),\n jsonProperty(\"password\", \"example\")\n )))\n .build());\n\n var exampleCodeRepository = new CodeRepository(\"exampleCodeRepository\", CodeRepositoryArgs.builder() \n .codeRepositoryName(\"example\")\n .gitConfig(CodeRepositoryGitConfigArgs.builder()\n .repositoryUrl(\"https://github.com/github/docs.git\")\n .secretArn(example.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:Secret\n properties:\n name: example\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${example.id}\n secretString:\n fn::toJSON:\n username: example\n password: example\n exampleCodeRepository:\n type: aws:sagemaker:CodeRepository\n name: example\n properties:\n codeRepositoryName: example\n gitConfig:\n repositoryUrl: https://github.com/github/docs.git\n secretArn: ${example.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Code Repositories using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/codeRepository:CodeRepository test_code_repository my-code-repo\n```\n", + "description": "Provides a SageMaker Code Repository resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.CodeRepository(\"example\", {\n codeRepositoryName: \"example\",\n gitConfig: {\n repositoryUrl: \"https://github.com/github/docs.git\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.CodeRepository(\"example\",\n code_repository_name=\"example\",\n git_config=aws.sagemaker.CodeRepositoryGitConfigArgs(\n repository_url=\"https://github.com/github/docs.git\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.CodeRepository(\"example\", new()\n {\n CodeRepositoryName = \"example\",\n GitConfig = new Aws.Sagemaker.Inputs.CodeRepositoryGitConfigArgs\n {\n RepositoryUrl = \"https://github.com/github/docs.git\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := sagemaker.NewCodeRepository(ctx, \"example\", \u0026sagemaker.CodeRepositoryArgs{\n\t\t\tCodeRepositoryName: pulumi.String(\"example\"),\n\t\t\tGitConfig: \u0026sagemaker.CodeRepositoryGitConfigArgs{\n\t\t\t\tRepositoryUrl: pulumi.String(\"https://github.com/github/docs.git\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.CodeRepository;\nimport com.pulumi.aws.sagemaker.CodeRepositoryArgs;\nimport com.pulumi.aws.sagemaker.inputs.CodeRepositoryGitConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new CodeRepository(\"example\", CodeRepositoryArgs.builder() \n .codeRepositoryName(\"example\")\n .gitConfig(CodeRepositoryGitConfigArgs.builder()\n .repositoryUrl(\"https://github.com/github/docs.git\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:CodeRepository\n properties:\n codeRepositoryName: example\n gitConfig:\n repositoryUrl: https://github.com/github/docs.git\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Example with Secret\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.secretsmanager.Secret(\"example\", {name: \"example\"});\nconst exampleSecretVersion = new aws.secretsmanager.SecretVersion(\"example\", {\n secretId: example.id,\n secretString: JSON.stringify({\n username: \"example\",\n password: \"example\",\n }),\n});\nconst exampleCodeRepository = new aws.sagemaker.CodeRepository(\"example\", {\n codeRepositoryName: \"example\",\n gitConfig: {\n repositoryUrl: \"https://github.com/github/docs.git\",\n secretArn: example.arn,\n },\n}, {\n dependsOn: [exampleSecretVersion],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.secretsmanager.Secret(\"example\", name=\"example\")\nexample_secret_version = aws.secretsmanager.SecretVersion(\"example\",\n secret_id=example.id,\n secret_string=json.dumps({\n \"username\": \"example\",\n \"password\": \"example\",\n }))\nexample_code_repository = aws.sagemaker.CodeRepository(\"example\",\n code_repository_name=\"example\",\n git_config=aws.sagemaker.CodeRepositoryGitConfigArgs(\n repository_url=\"https://github.com/github/docs.git\",\n secret_arn=example.arn,\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_secret_version]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecretsManager.Secret(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleSecretVersion = new Aws.SecretsManager.SecretVersion(\"example\", new()\n {\n SecretId = example.Id,\n SecretString = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"username\"] = \"example\",\n [\"password\"] = \"example\",\n }),\n });\n\n var exampleCodeRepository = new Aws.Sagemaker.CodeRepository(\"example\", new()\n {\n CodeRepositoryName = \"example\",\n GitConfig = new Aws.Sagemaker.Inputs.CodeRepositoryGitConfigArgs\n {\n RepositoryUrl = \"https://github.com/github/docs.git\",\n SecretArn = example.Arn,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleSecretVersion, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/secretsmanager\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := secretsmanager.NewSecret(ctx, \"example\", \u0026secretsmanager.SecretArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"username\": \"example\",\n\t\t\t\"password\": \"example\",\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texampleSecretVersion, err := secretsmanager.NewSecretVersion(ctx, \"example\", \u0026secretsmanager.SecretVersionArgs{\n\t\t\tSecretId: example.ID(),\n\t\t\tSecretString: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sagemaker.NewCodeRepository(ctx, \"example\", \u0026sagemaker.CodeRepositoryArgs{\n\t\t\tCodeRepositoryName: pulumi.String(\"example\"),\n\t\t\tGitConfig: \u0026sagemaker.CodeRepositoryGitConfigArgs{\n\t\t\t\tRepositoryUrl: pulumi.String(\"https://github.com/github/docs.git\"),\n\t\t\t\tSecretArn: example.Arn,\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.secretsmanager.Secret;\nimport com.pulumi.aws.secretsmanager.SecretArgs;\nimport com.pulumi.aws.secretsmanager.SecretVersion;\nimport com.pulumi.aws.secretsmanager.SecretVersionArgs;\nimport com.pulumi.aws.sagemaker.CodeRepository;\nimport com.pulumi.aws.sagemaker.CodeRepositoryArgs;\nimport com.pulumi.aws.sagemaker.inputs.CodeRepositoryGitConfigArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Secret(\"example\", SecretArgs.builder() \n .name(\"example\")\n .build());\n\n var exampleSecretVersion = new SecretVersion(\"exampleSecretVersion\", SecretVersionArgs.builder() \n .secretId(example.id())\n .secretString(serializeJson(\n jsonObject(\n jsonProperty(\"username\", \"example\"),\n jsonProperty(\"password\", \"example\")\n )))\n .build());\n\n var exampleCodeRepository = new CodeRepository(\"exampleCodeRepository\", CodeRepositoryArgs.builder() \n .codeRepositoryName(\"example\")\n .gitConfig(CodeRepositoryGitConfigArgs.builder()\n .repositoryUrl(\"https://github.com/github/docs.git\")\n .secretArn(example.arn())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleSecretVersion)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:secretsmanager:Secret\n properties:\n name: example\n exampleSecretVersion:\n type: aws:secretsmanager:SecretVersion\n name: example\n properties:\n secretId: ${example.id}\n secretString:\n fn::toJSON:\n username: example\n password: example\n exampleCodeRepository:\n type: aws:sagemaker:CodeRepository\n name: example\n properties:\n codeRepositoryName: example\n gitConfig:\n repositoryUrl: https://github.com/github/docs.git\n secretArn: ${example.arn}\n options:\n dependson:\n - ${exampleSecretVersion}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SageMaker Code Repositories using the `name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/codeRepository:CodeRepository test_code_repository my-code-repo\n```\n", "properties": { "arn": { "type": "string", @@ -324295,7 +324295,7 @@ } }, "aws:sagemaker/pipeline:Pipeline": { - "description": "Provides a SageMaker Pipeline resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.Pipeline(\"example\", {\n pipelineName: \"example\",\n pipelineDisplayName: \"example\",\n roleArn: exampleAwsIamRole.arn,\n pipelineDefinition: JSON.stringify({\n version: \"2020-12-01\",\n steps: [{\n name: \"Test\",\n type: \"Fail\",\n arguments: {\n errorMessage: \"test\",\n },\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.Pipeline(\"example\",\n pipeline_name=\"example\",\n pipeline_display_name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n pipeline_definition=json.dumps({\n \"version\": \"2020-12-01\",\n \"steps\": [{\n \"name\": \"Test\",\n \"type\": \"Fail\",\n \"arguments\": {\n \"errorMessage\": \"test\",\n },\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.Pipeline(\"example\", new()\n {\n PipelineName = \"example\",\n PipelineDisplayName = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n PipelineDefinition = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2020-12-01\",\n [\"steps\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"name\"] = \"Test\",\n [\"type\"] = \"Fail\",\n [\"arguments\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"errorMessage\"] = \"test\",\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2020-12-01\",\n\t\t\t\"steps\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"name\": \"Test\",\n\t\t\t\t\t\"type\": \"Fail\",\n\t\t\t\t\t\"arguments\": map[string]interface{}{\n\t\t\t\t\t\t\"errorMessage\": \"test\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = sagemaker.NewPipeline(ctx, \"example\", \u0026sagemaker.PipelineArgs{\n\t\t\tPipelineName: pulumi.String(\"example\"),\n\t\t\tPipelineDisplayName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tPipelineDefinition: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Pipeline;\nimport com.pulumi.aws.sagemaker.PipelineArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipeline(\"example\", PipelineArgs.builder() \n .pipelineName(\"example\")\n .pipelineDisplayName(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .pipelineDefinition(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2020-12-01\"),\n jsonProperty(\"steps\", jsonArray(jsonObject(\n jsonProperty(\"name\", \"Test\"),\n jsonProperty(\"type\", \"Fail\"),\n jsonProperty(\"arguments\", jsonObject(\n jsonProperty(\"errorMessage\", \"test\")\n ))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Pipeline\n properties:\n pipelineName: example\n pipelineDisplayName: example\n roleArn: ${exampleAwsIamRole.arn}\n pipelineDefinition:\n fn::toJSON:\n version: 2020-12-01\n steps:\n - name: Test\n type: Fail\n arguments:\n errorMessage: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import pipelines using the `pipeline_name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/pipeline:Pipeline test_pipeline pipeline\n```\n", + "description": "Provides a SageMaker Pipeline resource.\n\n## Example Usage\n\n### Basic usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sagemaker.Pipeline(\"example\", {\n pipelineName: \"example\",\n pipelineDisplayName: \"example\",\n roleArn: exampleAwsIamRole.arn,\n pipelineDefinition: JSON.stringify({\n Version: \"2020-12-01\",\n Steps: [{\n Name: \"Test\",\n Type: \"Fail\",\n Arguments: {\n ErrorMessage: \"test\",\n },\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sagemaker.Pipeline(\"example\",\n pipeline_name=\"example\",\n pipeline_display_name=\"example\",\n role_arn=example_aws_iam_role[\"arn\"],\n pipeline_definition=json.dumps({\n \"Version\": \"2020-12-01\",\n \"Steps\": [{\n \"Name\": \"Test\",\n \"Type\": \"Fail\",\n \"Arguments\": {\n \"ErrorMessage\": \"test\",\n },\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sagemaker.Pipeline(\"example\", new()\n {\n PipelineName = \"example\",\n PipelineDisplayName = \"example\",\n RoleArn = exampleAwsIamRole.Arn,\n PipelineDefinition = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2020-12-01\",\n [\"Steps\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Name\"] = \"Test\",\n [\"Type\"] = \"Fail\",\n [\"Arguments\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"ErrorMessage\"] = \"test\",\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sagemaker\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2020-12-01\",\n\t\t\t\"Steps\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Name\": \"Test\",\n\t\t\t\t\t\"Type\": \"Fail\",\n\t\t\t\t\t\"Arguments\": map[string]interface{}{\n\t\t\t\t\t\t\"ErrorMessage\": \"test\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = sagemaker.NewPipeline(ctx, \"example\", \u0026sagemaker.PipelineArgs{\n\t\t\tPipelineName: pulumi.String(\"example\"),\n\t\t\tPipelineDisplayName: pulumi.String(\"example\"),\n\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\tPipelineDefinition: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sagemaker.Pipeline;\nimport com.pulumi.aws.sagemaker.PipelineArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Pipeline(\"example\", PipelineArgs.builder() \n .pipelineName(\"example\")\n .pipelineDisplayName(\"example\")\n .roleArn(exampleAwsIamRole.arn())\n .pipelineDefinition(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2020-12-01\"),\n jsonProperty(\"Steps\", jsonArray(jsonObject(\n jsonProperty(\"Name\", \"Test\"),\n jsonProperty(\"Type\", \"Fail\"),\n jsonProperty(\"Arguments\", jsonObject(\n jsonProperty(\"ErrorMessage\", \"test\")\n ))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sagemaker:Pipeline\n properties:\n pipelineName: example\n pipelineDisplayName: example\n roleArn: ${exampleAwsIamRole.arn}\n pipelineDefinition:\n fn::toJSON:\n Version: 2020-12-01\n Steps:\n - Name: Test\n Type: Fail\n Arguments:\n ErrorMessage: test\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import pipelines using the `pipeline_name`. For example:\n\n```sh\n$ pulumi import aws:sagemaker/pipeline:Pipeline test_pipeline pipeline\n```\n", "properties": { "arn": { "type": "string", @@ -325270,7 +325270,7 @@ } }, "aws:scheduler/schedule:Schedule": { - "description": "Provides an EventBridge Scheduler Schedule resource.\n\nYou can find out more about EventBridge Scheduler in the [User Guide](https://docs.aws.amazon.com/scheduler/latest/UserGuide/what-is-scheduler.html).\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.scheduler.Schedule(\"example\", {\n name: \"my-schedule\",\n groupName: \"default\",\n flexibleTimeWindow: {\n mode: \"OFF\",\n },\n scheduleExpression: \"rate(1 hours)\",\n target: {\n arn: exampleAwsSqsQueue.arn,\n roleArn: exampleAwsIamRole.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.scheduler.Schedule(\"example\",\n name=\"my-schedule\",\n group_name=\"default\",\n flexible_time_window=aws.scheduler.ScheduleFlexibleTimeWindowArgs(\n mode=\"OFF\",\n ),\n schedule_expression=\"rate(1 hours)\",\n target=aws.scheduler.ScheduleTargetArgs(\n arn=example_aws_sqs_queue[\"arn\"],\n role_arn=example_aws_iam_role[\"arn\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Scheduler.Schedule(\"example\", new()\n {\n Name = \"my-schedule\",\n GroupName = \"default\",\n FlexibleTimeWindow = new Aws.Scheduler.Inputs.ScheduleFlexibleTimeWindowArgs\n {\n Mode = \"OFF\",\n },\n ScheduleExpression = \"rate(1 hours)\",\n Target = new Aws.Scheduler.Inputs.ScheduleTargetArgs\n {\n Arn = exampleAwsSqsQueue.Arn,\n RoleArn = exampleAwsIamRole.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/scheduler\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := scheduler.NewSchedule(ctx, \"example\", \u0026scheduler.ScheduleArgs{\n\t\t\tName: pulumi.String(\"my-schedule\"),\n\t\t\tGroupName: pulumi.String(\"default\"),\n\t\t\tFlexibleTimeWindow: \u0026scheduler.ScheduleFlexibleTimeWindowArgs{\n\t\t\t\tMode: pulumi.String(\"OFF\"),\n\t\t\t},\n\t\t\tScheduleExpression: pulumi.String(\"rate(1 hours)\"),\n\t\t\tTarget: \u0026scheduler.ScheduleTargetArgs{\n\t\t\t\tArn: pulumi.Any(exampleAwsSqsQueue.Arn),\n\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.scheduler.Schedule;\nimport com.pulumi.aws.scheduler.ScheduleArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleFlexibleTimeWindowArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Schedule(\"example\", ScheduleArgs.builder() \n .name(\"my-schedule\")\n .groupName(\"default\")\n .flexibleTimeWindow(ScheduleFlexibleTimeWindowArgs.builder()\n .mode(\"OFF\")\n .build())\n .scheduleExpression(\"rate(1 hours)\")\n .target(ScheduleTargetArgs.builder()\n .arn(exampleAwsSqsQueue.arn())\n .roleArn(exampleAwsIamRole.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:scheduler:Schedule\n properties:\n name: my-schedule\n groupName: default\n flexibleTimeWindow:\n mode: OFF\n scheduleExpression: rate(1 hours)\n target:\n arn: ${exampleAwsSqsQueue.arn}\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Universal Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sqs.Queue(\"example\", {});\nconst exampleSchedule = new aws.scheduler.Schedule(\"example\", {\n name: \"my-schedule\",\n flexibleTimeWindow: {\n mode: \"OFF\",\n },\n scheduleExpression: \"rate(1 hours)\",\n target: {\n arn: \"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\",\n roleArn: exampleAwsIamRole.arn,\n input: pulumi.jsonStringify({\n messageBody: \"Greetings, programs!\",\n queueUrl: example.url,\n }),\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sqs.Queue(\"example\")\nexample_schedule = aws.scheduler.Schedule(\"example\",\n name=\"my-schedule\",\n flexible_time_window=aws.scheduler.ScheduleFlexibleTimeWindowArgs(\n mode=\"OFF\",\n ),\n schedule_expression=\"rate(1 hours)\",\n target=aws.scheduler.ScheduleTargetArgs(\n arn=\"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\",\n role_arn=example_aws_iam_role[\"arn\"],\n input=pulumi.Output.json_dumps({\n \"messageBody\": \"Greetings, programs!\",\n \"queueUrl\": example.url,\n }),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sqs.Queue(\"example\");\n\n var exampleSchedule = new Aws.Scheduler.Schedule(\"example\", new()\n {\n Name = \"my-schedule\",\n FlexibleTimeWindow = new Aws.Scheduler.Inputs.ScheduleFlexibleTimeWindowArgs\n {\n Mode = \"OFF\",\n },\n ScheduleExpression = \"rate(1 hours)\",\n Target = new Aws.Scheduler.Inputs.ScheduleTargetArgs\n {\n Arn = \"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\",\n RoleArn = exampleAwsIamRole.Arn,\n Input = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"messageBody\"] = \"Greetings, programs!\",\n [\"queueUrl\"] = example.Url,\n })),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/scheduler\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sqs.NewQueue(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = scheduler.NewSchedule(ctx, \"example\", \u0026scheduler.ScheduleArgs{\n\t\t\tName: pulumi.String(\"my-schedule\"),\n\t\t\tFlexibleTimeWindow: \u0026scheduler.ScheduleFlexibleTimeWindowArgs{\n\t\t\t\tMode: pulumi.String(\"OFF\"),\n\t\t\t},\n\t\t\tScheduleExpression: pulumi.String(\"rate(1 hours)\"),\n\t\t\tTarget: \u0026scheduler.ScheduleTargetArgs{\n\t\t\t\tArn: pulumi.String(\"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\"),\n\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\tInput: example.Url.ApplyT(func(url string) (pulumi.String, error) {\n\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\"messageBody\": \"Greetings, programs!\",\n\t\t\t\t\t\t\"queueUrl\": url,\n\t\t\t\t\t})\n\t\t\t\t\tif err != nil {\n\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t}\n\t\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.scheduler.Schedule;\nimport com.pulumi.aws.scheduler.ScheduleArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleFlexibleTimeWindowArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleTargetArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Queue(\"example\");\n\n var exampleSchedule = new Schedule(\"exampleSchedule\", ScheduleArgs.builder() \n .name(\"my-schedule\")\n .flexibleTimeWindow(ScheduleFlexibleTimeWindowArgs.builder()\n .mode(\"OFF\")\n .build())\n .scheduleExpression(\"rate(1 hours)\")\n .target(ScheduleTargetArgs.builder()\n .arn(\"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\")\n .roleArn(exampleAwsIamRole.arn())\n .input(example.url().applyValue(url -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"messageBody\", \"Greetings, programs!\"),\n jsonProperty(\"queueUrl\", url)\n ))))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sqs:Queue\n exampleSchedule:\n type: aws:scheduler:Schedule\n name: example\n properties:\n name: my-schedule\n flexibleTimeWindow:\n mode: OFF\n scheduleExpression: rate(1 hours)\n target:\n arn: arn:aws:scheduler:::aws-sdk:sqs:sendMessage\n roleArn: ${exampleAwsIamRole.arn}\n input:\n fn::toJSON:\n messageBody: Greetings, programs!\n queueUrl: ${example.url}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import schedules using the combination `group_name/name`. For example:\n\n```sh\n$ pulumi import aws:scheduler/schedule:Schedule example my-schedule-group/my-schedule\n```\n", + "description": "Provides an EventBridge Scheduler Schedule resource.\n\nYou can find out more about EventBridge Scheduler in the [User Guide](https://docs.aws.amazon.com/scheduler/latest/UserGuide/what-is-scheduler.html).\n\n\u003e **Note:** EventBridge was formerly known as CloudWatch Events. The functionality is identical.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.scheduler.Schedule(\"example\", {\n name: \"my-schedule\",\n groupName: \"default\",\n flexibleTimeWindow: {\n mode: \"OFF\",\n },\n scheduleExpression: \"rate(1 hours)\",\n target: {\n arn: exampleAwsSqsQueue.arn,\n roleArn: exampleAwsIamRole.arn,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.scheduler.Schedule(\"example\",\n name=\"my-schedule\",\n group_name=\"default\",\n flexible_time_window=aws.scheduler.ScheduleFlexibleTimeWindowArgs(\n mode=\"OFF\",\n ),\n schedule_expression=\"rate(1 hours)\",\n target=aws.scheduler.ScheduleTargetArgs(\n arn=example_aws_sqs_queue[\"arn\"],\n role_arn=example_aws_iam_role[\"arn\"],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Scheduler.Schedule(\"example\", new()\n {\n Name = \"my-schedule\",\n GroupName = \"default\",\n FlexibleTimeWindow = new Aws.Scheduler.Inputs.ScheduleFlexibleTimeWindowArgs\n {\n Mode = \"OFF\",\n },\n ScheduleExpression = \"rate(1 hours)\",\n Target = new Aws.Scheduler.Inputs.ScheduleTargetArgs\n {\n Arn = exampleAwsSqsQueue.Arn,\n RoleArn = exampleAwsIamRole.Arn,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/scheduler\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := scheduler.NewSchedule(ctx, \"example\", \u0026scheduler.ScheduleArgs{\n\t\t\tName: pulumi.String(\"my-schedule\"),\n\t\t\tGroupName: pulumi.String(\"default\"),\n\t\t\tFlexibleTimeWindow: \u0026scheduler.ScheduleFlexibleTimeWindowArgs{\n\t\t\t\tMode: pulumi.String(\"OFF\"),\n\t\t\t},\n\t\t\tScheduleExpression: pulumi.String(\"rate(1 hours)\"),\n\t\t\tTarget: \u0026scheduler.ScheduleTargetArgs{\n\t\t\t\tArn: pulumi.Any(exampleAwsSqsQueue.Arn),\n\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.scheduler.Schedule;\nimport com.pulumi.aws.scheduler.ScheduleArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleFlexibleTimeWindowArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Schedule(\"example\", ScheduleArgs.builder() \n .name(\"my-schedule\")\n .groupName(\"default\")\n .flexibleTimeWindow(ScheduleFlexibleTimeWindowArgs.builder()\n .mode(\"OFF\")\n .build())\n .scheduleExpression(\"rate(1 hours)\")\n .target(ScheduleTargetArgs.builder()\n .arn(exampleAwsSqsQueue.arn())\n .roleArn(exampleAwsIamRole.arn())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:scheduler:Schedule\n properties:\n name: my-schedule\n groupName: default\n flexibleTimeWindow:\n mode: OFF\n scheduleExpression: rate(1 hours)\n target:\n arn: ${exampleAwsSqsQueue.arn}\n roleArn: ${exampleAwsIamRole.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Universal Target\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.sqs.Queue(\"example\", {});\nconst exampleSchedule = new aws.scheduler.Schedule(\"example\", {\n name: \"my-schedule\",\n flexibleTimeWindow: {\n mode: \"OFF\",\n },\n scheduleExpression: \"rate(1 hours)\",\n target: {\n arn: \"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\",\n roleArn: exampleAwsIamRole.arn,\n input: pulumi.jsonStringify({\n MessageBody: \"Greetings, programs!\",\n QueueUrl: example.url,\n }),\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.sqs.Queue(\"example\")\nexample_schedule = aws.scheduler.Schedule(\"example\",\n name=\"my-schedule\",\n flexible_time_window=aws.scheduler.ScheduleFlexibleTimeWindowArgs(\n mode=\"OFF\",\n ),\n schedule_expression=\"rate(1 hours)\",\n target=aws.scheduler.ScheduleTargetArgs(\n arn=\"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\",\n role_arn=example_aws_iam_role[\"arn\"],\n input=pulumi.Output.json_dumps({\n \"MessageBody\": \"Greetings, programs!\",\n \"QueueUrl\": example.url,\n }),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Sqs.Queue(\"example\");\n\n var exampleSchedule = new Aws.Scheduler.Schedule(\"example\", new()\n {\n Name = \"my-schedule\",\n FlexibleTimeWindow = new Aws.Scheduler.Inputs.ScheduleFlexibleTimeWindowArgs\n {\n Mode = \"OFF\",\n },\n ScheduleExpression = \"rate(1 hours)\",\n Target = new Aws.Scheduler.Inputs.ScheduleTargetArgs\n {\n Arn = \"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\",\n RoleArn = exampleAwsIamRole.Arn,\n Input = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"MessageBody\"] = \"Greetings, programs!\",\n [\"QueueUrl\"] = example.Url,\n })),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/scheduler\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/sqs\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := sqs.NewQueue(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = scheduler.NewSchedule(ctx, \"example\", \u0026scheduler.ScheduleArgs{\n\t\t\tName: pulumi.String(\"my-schedule\"),\n\t\t\tFlexibleTimeWindow: \u0026scheduler.ScheduleFlexibleTimeWindowArgs{\n\t\t\t\tMode: pulumi.String(\"OFF\"),\n\t\t\t},\n\t\t\tScheduleExpression: pulumi.String(\"rate(1 hours)\"),\n\t\t\tTarget: \u0026scheduler.ScheduleTargetArgs{\n\t\t\t\tArn: pulumi.String(\"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\"),\n\t\t\t\tRoleArn: pulumi.Any(exampleAwsIamRole.Arn),\n\t\t\t\tInput: example.Url.ApplyT(func(url string) (pulumi.String, error) {\n\t\t\t\t\tvar _zero pulumi.String\n\t\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\t\"MessageBody\": \"Greetings, programs!\",\n\t\t\t\t\t\t\"QueueUrl\": url,\n\t\t\t\t\t})\n\t\t\t\t\tif err != nil {\n\t\t\t\t\t\treturn _zero, err\n\t\t\t\t\t}\n\t\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.sqs.Queue;\nimport com.pulumi.aws.scheduler.Schedule;\nimport com.pulumi.aws.scheduler.ScheduleArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleFlexibleTimeWindowArgs;\nimport com.pulumi.aws.scheduler.inputs.ScheduleTargetArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Queue(\"example\");\n\n var exampleSchedule = new Schedule(\"exampleSchedule\", ScheduleArgs.builder() \n .name(\"my-schedule\")\n .flexibleTimeWindow(ScheduleFlexibleTimeWindowArgs.builder()\n .mode(\"OFF\")\n .build())\n .scheduleExpression(\"rate(1 hours)\")\n .target(ScheduleTargetArgs.builder()\n .arn(\"arn:aws:scheduler:::aws-sdk:sqs:sendMessage\")\n .roleArn(exampleAwsIamRole.arn())\n .input(example.url().applyValue(url -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"MessageBody\", \"Greetings, programs!\"),\n jsonProperty(\"QueueUrl\", url)\n ))))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:sqs:Queue\n exampleSchedule:\n type: aws:scheduler:Schedule\n name: example\n properties:\n name: my-schedule\n flexibleTimeWindow:\n mode: OFF\n scheduleExpression: rate(1 hours)\n target:\n arn: arn:aws:scheduler:::aws-sdk:sqs:sendMessage\n roleArn: ${exampleAwsIamRole.arn}\n input:\n fn::toJSON:\n MessageBody: Greetings, programs!\n QueueUrl: ${example.url}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import schedules using the combination `group_name/name`. For example:\n\n```sh\n$ pulumi import aws:scheduler/schedule:Schedule example my-schedule-group/my-schedule\n```\n", "properties": { "arn": { "type": "string", @@ -326448,7 +326448,7 @@ } }, "aws:securityhub/actionTarget:ActionTarget": { - "description": "Creates Security Hub custom action.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleActionTarget = new aws.securityhub.ActionTarget(\"example\", {\n name: \"Send notification to chat\",\n identifier: \"SendToChat\",\n description: \"This is custom action sends selected findings to chat\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_action_target = aws.securityhub.ActionTarget(\"example\",\n name=\"Send notification to chat\",\n identifier=\"SendToChat\",\n description=\"This is custom action sends selected findings to chat\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleActionTarget = new Aws.SecurityHub.ActionTarget(\"example\", new()\n {\n Name = \"Send notification to chat\",\n Identifier = \"SendToChat\",\n Description = \"This is custom action sends selected findings to chat\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewActionTarget(ctx, \"example\", \u0026securityhub.ActionTargetArgs{\n\t\t\tName: pulumi.String(\"Send notification to chat\"),\n\t\t\tIdentifier: pulumi.String(\"SendToChat\"),\n\t\t\tDescription: pulumi.String(\"This is custom action sends selected findings to chat\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.ActionTarget;\nimport com.pulumi.aws.securityhub.ActionTargetArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleActionTarget = new ActionTarget(\"exampleActionTarget\", ActionTargetArgs.builder() \n .name(\"Send notification to chat\")\n .identifier(\"SendToChat\")\n .description(\"This is custom action sends selected findings to chat\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleActionTarget:\n type: aws:securityhub:ActionTarget\n name: example\n properties:\n name: Send notification to chat\n identifier: SendToChat\n description: This is custom action sends selected findings to chat\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub custom action using the action target ARN. For example:\n\n```sh\n$ pulumi import aws:securityhub/actionTarget:ActionTarget example arn:aws:securityhub:eu-west-1:312940875350:action/custom/a\n```\n", + "description": "Creates Security Hub custom action.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleActionTarget = new aws.securityhub.ActionTarget(\"example\", {\n name: \"Send notification to chat\",\n identifier: \"SendToChat\",\n description: \"This is custom action sends selected findings to chat\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_action_target = aws.securityhub.ActionTarget(\"example\",\n name=\"Send notification to chat\",\n identifier=\"SendToChat\",\n description=\"This is custom action sends selected findings to chat\",\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleActionTarget = new Aws.SecurityHub.ActionTarget(\"example\", new()\n {\n Name = \"Send notification to chat\",\n Identifier = \"SendToChat\",\n Description = \"This is custom action sends selected findings to chat\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewActionTarget(ctx, \"example\", \u0026securityhub.ActionTargetArgs{\n\t\t\tName: pulumi.String(\"Send notification to chat\"),\n\t\t\tIdentifier: pulumi.String(\"SendToChat\"),\n\t\t\tDescription: pulumi.String(\"This is custom action sends selected findings to chat\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.ActionTarget;\nimport com.pulumi.aws.securityhub.ActionTargetArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleActionTarget = new ActionTarget(\"exampleActionTarget\", ActionTargetArgs.builder() \n .name(\"Send notification to chat\")\n .identifier(\"SendToChat\")\n .description(\"This is custom action sends selected findings to chat\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleActionTarget:\n type: aws:securityhub:ActionTarget\n name: example\n properties:\n name: Send notification to chat\n identifier: SendToChat\n description: This is custom action sends selected findings to chat\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub custom action using the action target ARN. For example:\n\n```sh\n$ pulumi import aws:securityhub/actionTarget:ActionTarget example arn:aws:securityhub:eu-west-1:312940875350:action/custom/a\n```\n", "properties": { "arn": { "type": "string", @@ -326677,7 +326677,7 @@ } }, "aws:securityhub/configurationPolicy:ConfigurationPolicy": { - "description": "Manages Security Hub configuration policy\n\n\u003e **NOTE:** This resource requires `aws.securityhub.OrganizationConfiguration` to be configured of type `CENTRAL`. More information about Security Hub central configuration and configuration policies can be found in the [How Security Hub configuration policies work](https://docs.aws.amazon.com/securityhub/latest/userguide/configuration-policies-overview.html) documentation.\n\n## Example Usage\n\n### Default standards enabled\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {\n autoEnable: false,\n autoEnableStandards: \"NONE\",\n organizationConfiguration: {\n configurationType: \"CENTRAL\",\n },\n});\nconst exampleConfigurationPolicy = new aws.securityhub.ConfigurationPolicy(\"example\", {\n name: \"Example\",\n description: \"This is an example configuration policy\",\n configurationPolicy: {\n serviceEnabled: true,\n enabledStandardArns: [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n securityControlsConfiguration: {\n disabledControlIdentifiers: [],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\")\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\",\n auto_enable=False,\n auto_enable_standards=\"NONE\",\n organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs(\n configuration_type=\"CENTRAL\",\n ))\nexample_configuration_policy = aws.securityhub.ConfigurationPolicy(\"example\",\n name=\"Example\",\n description=\"This is an example configuration policy\",\n configuration_policy=aws.securityhub.ConfigurationPolicyConfigurationPolicyArgs(\n service_enabled=True,\n enabled_standard_arns=[\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n security_controls_configuration=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs(\n disabled_control_identifiers=[],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = false,\n AutoEnableStandards = \"NONE\",\n OrganizationConfigurationDetails = new Aws.SecurityHub.Inputs.OrganizationConfigurationOrganizationConfigurationArgs\n {\n ConfigurationType = \"CENTRAL\",\n },\n });\n\n var exampleConfigurationPolicy = new Aws.SecurityHub.ConfigurationPolicy(\"example\", new()\n {\n Name = \"Example\",\n Description = \"This is an example configuration policy\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = true,\n EnabledStandardArns = new[]\n {\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n SecurityControlsConfiguration = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs\n {\n DisabledControlIdentifiers = new() { },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(false),\n\t\t\tAutoEnableStandards: pulumi.String(\"NONE\"),\n\t\t\tOrganizationConfiguration: \u0026securityhub.OrganizationConfigurationOrganizationConfigurationArgs{\n\t\t\t\tConfigurationType: pulumi.String(\"CENTRAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicy(ctx, \"example\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"This is an example configuration policy\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(true),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\"),\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t},\n\t\t\t\tSecurityControlsConfiguration: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs{\n\t\t\t\t\tDisabledControlIdentifiers: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FindingAggregator(\"example\", FindingAggregatorArgs.builder() \n .linkingMode(\"ALL_REGIONS\")\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder() \n .autoEnable(false)\n .autoEnableStandards(\"NONE\")\n .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder()\n .configurationType(\"CENTRAL\")\n .build())\n .build());\n\n var exampleConfigurationPolicy = new ConfigurationPolicy(\"exampleConfigurationPolicy\", ConfigurationPolicyArgs.builder() \n .name(\"Example\")\n .description(\"This is an example configuration policy\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(true)\n .enabledStandardArns( \n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .securityControlsConfiguration(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs.builder()\n .disabledControlIdentifiers()\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:FindingAggregator\n properties:\n linkingMode: ALL_REGIONS\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: false\n autoEnableStandards: NONE\n organizationConfiguration:\n configurationType: CENTRAL\n exampleConfigurationPolicy:\n type: aws:securityhub:ConfigurationPolicy\n name: example\n properties:\n name: Example\n description: This is an example configuration policy\n configurationPolicy:\n serviceEnabled: true\n enabledStandardArns:\n - arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\n - arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n securityControlsConfiguration:\n disabledControlIdentifiers: []\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Disabled Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst disabled = new aws.securityhub.ConfigurationPolicy(\"disabled\", {\n name: \"Disabled\",\n description: \"This is an example of disabled configuration policy\",\n configurationPolicy: {\n serviceEnabled: false,\n enabledStandardArns: [],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndisabled = aws.securityhub.ConfigurationPolicy(\"disabled\",\n name=\"Disabled\",\n description=\"This is an example of disabled configuration policy\",\n configuration_policy=aws.securityhub.ConfigurationPolicyConfigurationPolicyArgs(\n service_enabled=False,\n enabled_standard_arns=[],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var disabled = new Aws.SecurityHub.ConfigurationPolicy(\"disabled\", new()\n {\n Name = \"Disabled\",\n Description = \"This is an example of disabled configuration policy\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = false,\n EnabledStandardArns = new() { },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewConfigurationPolicy(ctx, \"disabled\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Disabled\"),\n\t\t\tDescription: pulumi.String(\"This is an example of disabled configuration policy\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(false),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var disabled = new ConfigurationPolicy(\"disabled\", ConfigurationPolicyArgs.builder() \n .name(\"Disabled\")\n .description(\"This is an example of disabled configuration policy\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(false)\n .enabledStandardArns()\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n disabled:\n type: aws:securityhub:ConfigurationPolicy\n properties:\n name: Disabled\n description: This is an example of disabled configuration policy\n configurationPolicy:\n serviceEnabled: false\n enabledStandardArns: []\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Control Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst disabled = new aws.securityhub.ConfigurationPolicy(\"disabled\", {\n name: \"Custom Controls\",\n description: \"This is an example of configuration policy with custom control settings\",\n configurationPolicy: {\n serviceEnabled: true,\n enabledStandardArns: [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n securityControlsConfiguration: {\n enabledControlIdentifiers: [\n \"APIGateway.1\",\n \"IAM.7\",\n ],\n securityControlCustomParameters: [\n {\n securityControlId: \"APIGateway.1\",\n parameters: [{\n name: \"loggingLevel\",\n valueType: \"CUSTOM\",\n \"enum\": {\n value: \"INFO\",\n },\n }],\n },\n {\n securityControlId: \"IAM.7\",\n parameters: [\n {\n name: \"RequireLowercaseCharacters\",\n valueType: \"CUSTOM\",\n bool: {\n value: false,\n },\n },\n {\n name: \"MaxPasswordAge\",\n valueType: \"CUSTOM\",\n int: {\n value: 60,\n },\n },\n ],\n },\n ],\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndisabled = aws.securityhub.ConfigurationPolicy(\"disabled\",\n name=\"Custom Controls\",\n description=\"This is an example of configuration policy with custom control settings\",\n configuration_policy=aws.securityhub.ConfigurationPolicyConfigurationPolicyArgs(\n service_enabled=True,\n enabled_standard_arns=[\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n security_controls_configuration=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs(\n enabled_control_identifiers=[\n \"APIGateway.1\",\n \"IAM.7\",\n ],\n security_control_custom_parameters=[\n aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs(\n security_control_id=\"APIGateway.1\",\n parameters=[aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs(\n name=\"loggingLevel\",\n value_type=\"CUSTOM\",\n enum=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs(\n value=\"INFO\",\n ),\n )],\n ),\n aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs(\n security_control_id=\"IAM.7\",\n parameters=[\n aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs(\n name=\"RequireLowercaseCharacters\",\n value_type=\"CUSTOM\",\n bool=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs(\n value=False,\n ),\n ),\n aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs(\n name=\"MaxPasswordAge\",\n value_type=\"CUSTOM\",\n int=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs(\n value=60,\n ),\n ),\n ],\n ),\n ],\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var disabled = new Aws.SecurityHub.ConfigurationPolicy(\"disabled\", new()\n {\n Name = \"Custom Controls\",\n Description = \"This is an example of configuration policy with custom control settings\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = true,\n EnabledStandardArns = new[]\n {\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n SecurityControlsConfiguration = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs\n {\n EnabledControlIdentifiers = new[]\n {\n \"APIGateway.1\",\n \"IAM.7\",\n },\n SecurityControlCustomParameters = new[]\n {\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs\n {\n SecurityControlId = \"APIGateway.1\",\n Parameters = new[]\n {\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs\n {\n Name = \"loggingLevel\",\n ValueType = \"CUSTOM\",\n Enum = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs\n {\n Value = \"INFO\",\n },\n },\n },\n },\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs\n {\n SecurityControlId = \"IAM.7\",\n Parameters = new[]\n {\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs\n {\n Name = \"RequireLowercaseCharacters\",\n ValueType = \"CUSTOM\",\n Bool = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs\n {\n Value = false,\n },\n },\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs\n {\n Name = \"MaxPasswordAge\",\n ValueType = \"CUSTOM\",\n Int = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs\n {\n Value = 60,\n },\n },\n },\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewConfigurationPolicy(ctx, \"disabled\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Custom Controls\"),\n\t\t\tDescription: pulumi.String(\"This is an example of configuration policy with custom control settings\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(true),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\"),\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t},\n\t\t\t\tSecurityControlsConfiguration: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs{\n\t\t\t\t\tEnabledControlIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"APIGateway.1\"),\n\t\t\t\t\t\tpulumi.String(\"IAM.7\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecurityControlCustomParameters: securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArray{\n\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs{\n\t\t\t\t\t\t\tSecurityControlId: pulumi.String(\"APIGateway.1\"),\n\t\t\t\t\t\t\tParameters: securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArray{\n\t\t\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"loggingLevel\"),\n\t\t\t\t\t\t\t\t\tValueType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\t\t\t\tEnum: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs{\n\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"INFO\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs{\n\t\t\t\t\t\t\tSecurityControlId: pulumi.String(\"IAM.7\"),\n\t\t\t\t\t\t\tParameters: securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArray{\n\t\t\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"RequireLowercaseCharacters\"),\n\t\t\t\t\t\t\t\t\tValueType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\t\t\t\tBool: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs{\n\t\t\t\t\t\t\t\t\t\tValue: pulumi.Bool(false),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"MaxPasswordAge\"),\n\t\t\t\t\t\t\t\t\tValueType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\t\t\t\tInt: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs{\n\t\t\t\t\t\t\t\t\t\tValue: pulumi.Int(60),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var disabled = new ConfigurationPolicy(\"disabled\", ConfigurationPolicyArgs.builder() \n .name(\"Custom Controls\")\n .description(\"This is an example of configuration policy with custom control settings\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(true)\n .enabledStandardArns( \n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .securityControlsConfiguration(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs.builder()\n .enabledControlIdentifiers( \n \"APIGateway.1\",\n \"IAM.7\")\n .securityControlCustomParameters( \n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs.builder()\n .securityControlId(\"APIGateway.1\")\n .parameters(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs.builder()\n .name(\"loggingLevel\")\n .valueType(\"CUSTOM\")\n .enum_(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs.builder()\n .value(\"INFO\")\n .build())\n .build())\n .build(),\n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs.builder()\n .securityControlId(\"IAM.7\")\n .parameters( \n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs.builder()\n .name(\"RequireLowercaseCharacters\")\n .valueType(\"CUSTOM\")\n .bool(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs.builder()\n .value(false)\n .build())\n .build(),\n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs.builder()\n .name(\"MaxPasswordAge\")\n .valueType(\"CUSTOM\")\n .int_(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs.builder()\n .value(60)\n .build())\n .build())\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n disabled:\n type: aws:securityhub:ConfigurationPolicy\n properties:\n name: Custom Controls\n description: This is an example of configuration policy with custom control settings\n configurationPolicy:\n serviceEnabled: true\n enabledStandardArns:\n - arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\n - arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n securityControlsConfiguration:\n enabledControlIdentifiers:\n - APIGateway.1\n - IAM.7\n securityControlCustomParameters:\n - securityControlId: APIGateway.1\n parameters:\n - name: loggingLevel\n valueType: CUSTOM\n enum:\n value: INFO\n - securityControlId: IAM.7\n parameters:\n - name: RequireLowercaseCharacters\n valueType: CUSTOM\n bool:\n value: false\n - name: MaxPasswordAge\n valueType: CUSTOM\n int:\n value: 60\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub enabled account using the universally unique identifier (UUID) of the policy. For example:\n\n```sh\n$ pulumi import aws:securityhub/configurationPolicy:ConfigurationPolicy example \"00000000-1111-2222-3333-444444444444\"\n```\n", + "description": "Manages Security Hub configuration policy\n\n\u003e **NOTE:** This resource requires `aws.securityhub.OrganizationConfiguration` to be configured of type `CENTRAL`. More information about Security Hub central configuration and configuration policies can be found in the [How Security Hub configuration policies work](https://docs.aws.amazon.com/securityhub/latest/userguide/configuration-policies-overview.html) documentation.\n\n## Example Usage\n\n### Default standards enabled\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {\n autoEnable: false,\n autoEnableStandards: \"NONE\",\n organizationConfiguration: {\n configurationType: \"CENTRAL\",\n },\n}, {\n dependsOn: [example],\n});\nconst exampleConfigurationPolicy = new aws.securityhub.ConfigurationPolicy(\"example\", {\n name: \"Example\",\n description: \"This is an example configuration policy\",\n configurationPolicy: {\n serviceEnabled: true,\n enabledStandardArns: [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n securityControlsConfiguration: {\n disabledControlIdentifiers: [],\n },\n },\n}, {\n dependsOn: [exampleOrganizationConfiguration],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\")\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\",\n auto_enable=False,\n auto_enable_standards=\"NONE\",\n organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs(\n configuration_type=\"CENTRAL\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[example]))\nexample_configuration_policy = aws.securityhub.ConfigurationPolicy(\"example\",\n name=\"Example\",\n description=\"This is an example configuration policy\",\n configuration_policy=aws.securityhub.ConfigurationPolicyConfigurationPolicyArgs(\n service_enabled=True,\n enabled_standard_arns=[\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n security_controls_configuration=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs(\n disabled_control_identifiers=[],\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_organization_configuration]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = false,\n AutoEnableStandards = \"NONE\",\n OrganizationConfigurationDetails = new Aws.SecurityHub.Inputs.OrganizationConfigurationOrganizationConfigurationArgs\n {\n ConfigurationType = \"CENTRAL\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n var exampleConfigurationPolicy = new Aws.SecurityHub.ConfigurationPolicy(\"example\", new()\n {\n Name = \"Example\",\n Description = \"This is an example configuration policy\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = true,\n EnabledStandardArns = new[]\n {\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n SecurityControlsConfiguration = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs\n {\n DisabledControlIdentifiers = new() { },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleOrganizationConfiguration, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleOrganizationConfiguration, err := securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(false),\n\t\t\tAutoEnableStandards: pulumi.String(\"NONE\"),\n\t\t\tOrganizationConfiguration: \u0026securityhub.OrganizationConfigurationOrganizationConfigurationArgs{\n\t\t\t\tConfigurationType: pulumi.String(\"CENTRAL\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicy(ctx, \"example\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"This is an example configuration policy\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(true),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\"),\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t},\n\t\t\t\tSecurityControlsConfiguration: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs{\n\t\t\t\t\tDisabledControlIdentifiers: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleOrganizationConfiguration,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FindingAggregator(\"example\", FindingAggregatorArgs.builder() \n .linkingMode(\"ALL_REGIONS\")\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder() \n .autoEnable(false)\n .autoEnableStandards(\"NONE\")\n .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder()\n .configurationType(\"CENTRAL\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleConfigurationPolicy = new ConfigurationPolicy(\"exampleConfigurationPolicy\", ConfigurationPolicyArgs.builder() \n .name(\"Example\")\n .description(\"This is an example configuration policy\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(true)\n .enabledStandardArns( \n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .securityControlsConfiguration(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs.builder()\n .disabledControlIdentifiers()\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleOrganizationConfiguration)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:FindingAggregator\n properties:\n linkingMode: ALL_REGIONS\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: false\n autoEnableStandards: NONE\n organizationConfiguration:\n configurationType: CENTRAL\n options:\n dependson:\n - ${example}\n exampleConfigurationPolicy:\n type: aws:securityhub:ConfigurationPolicy\n name: example\n properties:\n name: Example\n description: This is an example configuration policy\n configurationPolicy:\n serviceEnabled: true\n enabledStandardArns:\n - arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\n - arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n securityControlsConfiguration:\n disabledControlIdentifiers: []\n options:\n dependson:\n - ${exampleOrganizationConfiguration}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Disabled Policy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst disabled = new aws.securityhub.ConfigurationPolicy(\"disabled\", {\n name: \"Disabled\",\n description: \"This is an example of disabled configuration policy\",\n configurationPolicy: {\n serviceEnabled: false,\n enabledStandardArns: [],\n },\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndisabled = aws.securityhub.ConfigurationPolicy(\"disabled\",\n name=\"Disabled\",\n description=\"This is an example of disabled configuration policy\",\n configuration_policy=aws.securityhub.ConfigurationPolicyConfigurationPolicyArgs(\n service_enabled=False,\n enabled_standard_arns=[],\n ),\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var disabled = new Aws.SecurityHub.ConfigurationPolicy(\"disabled\", new()\n {\n Name = \"Disabled\",\n Description = \"This is an example of disabled configuration policy\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = false,\n EnabledStandardArns = new() { },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewConfigurationPolicy(ctx, \"disabled\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Disabled\"),\n\t\t\tDescription: pulumi.String(\"This is an example of disabled configuration policy\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(false),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var disabled = new ConfigurationPolicy(\"disabled\", ConfigurationPolicyArgs.builder() \n .name(\"Disabled\")\n .description(\"This is an example of disabled configuration policy\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(false)\n .enabledStandardArns()\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n disabled:\n type: aws:securityhub:ConfigurationPolicy\n properties:\n name: Disabled\n description: This is an example of disabled configuration policy\n configurationPolicy:\n serviceEnabled: false\n enabledStandardArns: []\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Custom Control Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst disabled = new aws.securityhub.ConfigurationPolicy(\"disabled\", {\n name: \"Custom Controls\",\n description: \"This is an example of configuration policy with custom control settings\",\n configurationPolicy: {\n serviceEnabled: true,\n enabledStandardArns: [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n securityControlsConfiguration: {\n enabledControlIdentifiers: [\n \"APIGateway.1\",\n \"IAM.7\",\n ],\n securityControlCustomParameters: [\n {\n securityControlId: \"APIGateway.1\",\n parameters: [{\n name: \"loggingLevel\",\n valueType: \"CUSTOM\",\n \"enum\": {\n value: \"INFO\",\n },\n }],\n },\n {\n securityControlId: \"IAM.7\",\n parameters: [\n {\n name: \"RequireLowercaseCharacters\",\n valueType: \"CUSTOM\",\n bool: {\n value: false,\n },\n },\n {\n name: \"MaxPasswordAge\",\n valueType: \"CUSTOM\",\n int: {\n value: 60,\n },\n },\n ],\n },\n ],\n },\n },\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ndisabled = aws.securityhub.ConfigurationPolicy(\"disabled\",\n name=\"Custom Controls\",\n description=\"This is an example of configuration policy with custom control settings\",\n configuration_policy=aws.securityhub.ConfigurationPolicyConfigurationPolicyArgs(\n service_enabled=True,\n enabled_standard_arns=[\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n security_controls_configuration=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs(\n enabled_control_identifiers=[\n \"APIGateway.1\",\n \"IAM.7\",\n ],\n security_control_custom_parameters=[\n aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs(\n security_control_id=\"APIGateway.1\",\n parameters=[aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs(\n name=\"loggingLevel\",\n value_type=\"CUSTOM\",\n enum=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs(\n value=\"INFO\",\n ),\n )],\n ),\n aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs(\n security_control_id=\"IAM.7\",\n parameters=[\n aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs(\n name=\"RequireLowercaseCharacters\",\n value_type=\"CUSTOM\",\n bool=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs(\n value=False,\n ),\n ),\n aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs(\n name=\"MaxPasswordAge\",\n value_type=\"CUSTOM\",\n int=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs(\n value=60,\n ),\n ),\n ],\n ),\n ],\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var disabled = new Aws.SecurityHub.ConfigurationPolicy(\"disabled\", new()\n {\n Name = \"Custom Controls\",\n Description = \"This is an example of configuration policy with custom control settings\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = true,\n EnabledStandardArns = new[]\n {\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n SecurityControlsConfiguration = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs\n {\n EnabledControlIdentifiers = new[]\n {\n \"APIGateway.1\",\n \"IAM.7\",\n },\n SecurityControlCustomParameters = new[]\n {\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs\n {\n SecurityControlId = \"APIGateway.1\",\n Parameters = new[]\n {\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs\n {\n Name = \"loggingLevel\",\n ValueType = \"CUSTOM\",\n Enum = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs\n {\n Value = \"INFO\",\n },\n },\n },\n },\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs\n {\n SecurityControlId = \"IAM.7\",\n Parameters = new[]\n {\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs\n {\n Name = \"RequireLowercaseCharacters\",\n ValueType = \"CUSTOM\",\n Bool = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs\n {\n Value = false,\n },\n },\n new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs\n {\n Name = \"MaxPasswordAge\",\n ValueType = \"CUSTOM\",\n Int = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs\n {\n Value = 60,\n },\n },\n },\n },\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewConfigurationPolicy(ctx, \"disabled\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Custom Controls\"),\n\t\t\tDescription: pulumi.String(\"This is an example of configuration policy with custom control settings\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(true),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\"),\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t},\n\t\t\t\tSecurityControlsConfiguration: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs{\n\t\t\t\t\tEnabledControlIdentifiers: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"APIGateway.1\"),\n\t\t\t\t\t\tpulumi.String(\"IAM.7\"),\n\t\t\t\t\t},\n\t\t\t\t\tSecurityControlCustomParameters: securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArray{\n\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs{\n\t\t\t\t\t\t\tSecurityControlId: pulumi.String(\"APIGateway.1\"),\n\t\t\t\t\t\t\tParameters: securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArray{\n\t\t\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"loggingLevel\"),\n\t\t\t\t\t\t\t\t\tValueType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\t\t\t\tEnum: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs{\n\t\t\t\t\t\t\t\t\t\tValue: pulumi.String(\"INFO\"),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs{\n\t\t\t\t\t\t\tSecurityControlId: pulumi.String(\"IAM.7\"),\n\t\t\t\t\t\t\tParameters: securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArray{\n\t\t\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"RequireLowercaseCharacters\"),\n\t\t\t\t\t\t\t\t\tValueType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\t\t\t\tBool: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs{\n\t\t\t\t\t\t\t\t\t\tValue: pulumi.Bool(false),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs{\n\t\t\t\t\t\t\t\t\tName: pulumi.String(\"MaxPasswordAge\"),\n\t\t\t\t\t\t\t\t\tValueType: pulumi.String(\"CUSTOM\"),\n\t\t\t\t\t\t\t\t\tInt: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs{\n\t\t\t\t\t\t\t\t\t\tValue: pulumi.Int(60),\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var disabled = new ConfigurationPolicy(\"disabled\", ConfigurationPolicyArgs.builder() \n .name(\"Custom Controls\")\n .description(\"This is an example of configuration policy with custom control settings\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(true)\n .enabledStandardArns( \n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .securityControlsConfiguration(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs.builder()\n .enabledControlIdentifiers( \n \"APIGateway.1\",\n \"IAM.7\")\n .securityControlCustomParameters( \n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs.builder()\n .securityControlId(\"APIGateway.1\")\n .parameters(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs.builder()\n .name(\"loggingLevel\")\n .valueType(\"CUSTOM\")\n .enum_(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterEnumArgs.builder()\n .value(\"INFO\")\n .build())\n .build())\n .build(),\n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterArgs.builder()\n .securityControlId(\"IAM.7\")\n .parameters( \n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs.builder()\n .name(\"RequireLowercaseCharacters\")\n .valueType(\"CUSTOM\")\n .bool(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterBoolArgs.builder()\n .value(false)\n .build())\n .build(),\n ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterArgs.builder()\n .name(\"MaxPasswordAge\")\n .valueType(\"CUSTOM\")\n .int_(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationSecurityControlCustomParameterParameterIntArgs.builder()\n .value(60)\n .build())\n .build())\n .build())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n disabled:\n type: aws:securityhub:ConfigurationPolicy\n properties:\n name: Custom Controls\n description: This is an example of configuration policy with custom control settings\n configurationPolicy:\n serviceEnabled: true\n enabledStandardArns:\n - arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\n - arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n securityControlsConfiguration:\n enabledControlIdentifiers:\n - APIGateway.1\n - IAM.7\n securityControlCustomParameters:\n - securityControlId: APIGateway.1\n parameters:\n - name: loggingLevel\n valueType: CUSTOM\n enum:\n value: INFO\n - securityControlId: IAM.7\n parameters:\n - name: RequireLowercaseCharacters\n valueType: CUSTOM\n bool:\n value: false\n - name: MaxPasswordAge\n valueType: CUSTOM\n int:\n value: 60\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub enabled account using the universally unique identifier (UUID) of the policy. For example:\n\n```sh\n$ pulumi import aws:securityhub/configurationPolicy:ConfigurationPolicy example \"00000000-1111-2222-3333-444444444444\"\n```\n", "properties": { "arn": { "type": "string" @@ -326755,7 +326755,7 @@ } }, "aws:securityhub/configurationPolicyAssociation:ConfigurationPolicyAssociation": { - "description": "Manages Security Hub configuration policy associations.\n\n\u003e **NOTE:** This resource requires `aws.securityhub.OrganizationConfiguration` to be configured with type `CENTRAL`. More information about Security Hub central configuration and configuration policies can be found in the [How Security Hub configuration policies work](https://docs.aws.amazon.com/securityhub/latest/userguide/configuration-policies-overview.html) documentation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {\n autoEnable: false,\n autoEnableStandards: \"NONE\",\n organizationConfiguration: {\n configurationType: \"CENTRAL\",\n },\n});\nconst exampleConfigurationPolicy = new aws.securityhub.ConfigurationPolicy(\"example\", {\n name: \"Example\",\n description: \"This is an example configuration policy\",\n configurationPolicy: {\n serviceEnabled: true,\n enabledStandardArns: [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n securityControlsConfiguration: {\n disabledControlIdentifiers: [],\n },\n },\n});\nconst accountExample = new aws.securityhub.ConfigurationPolicyAssociation(\"account_example\", {\n targetId: \"123456789012\",\n policyId: exampleConfigurationPolicy.id,\n});\nconst rootExample = new aws.securityhub.ConfigurationPolicyAssociation(\"root_example\", {\n targetId: \"r-abcd\",\n policyId: exampleConfigurationPolicy.id,\n});\nconst ouExample = new aws.securityhub.ConfigurationPolicyAssociation(\"ou_example\", {\n targetId: \"ou-abcd-12345678\",\n policyId: exampleConfigurationPolicy.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\")\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\",\n auto_enable=False,\n auto_enable_standards=\"NONE\",\n organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs(\n configuration_type=\"CENTRAL\",\n ))\nexample_configuration_policy = aws.securityhub.ConfigurationPolicy(\"example\",\n name=\"Example\",\n description=\"This is an example configuration policy\",\n configuration_policy=aws.securityhub.ConfigurationPolicyConfigurationPolicyArgs(\n service_enabled=True,\n enabled_standard_arns=[\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n security_controls_configuration=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs(\n disabled_control_identifiers=[],\n ),\n ))\naccount_example = aws.securityhub.ConfigurationPolicyAssociation(\"account_example\",\n target_id=\"123456789012\",\n policy_id=example_configuration_policy.id)\nroot_example = aws.securityhub.ConfigurationPolicyAssociation(\"root_example\",\n target_id=\"r-abcd\",\n policy_id=example_configuration_policy.id)\nou_example = aws.securityhub.ConfigurationPolicyAssociation(\"ou_example\",\n target_id=\"ou-abcd-12345678\",\n policy_id=example_configuration_policy.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = false,\n AutoEnableStandards = \"NONE\",\n OrganizationConfigurationDetails = new Aws.SecurityHub.Inputs.OrganizationConfigurationOrganizationConfigurationArgs\n {\n ConfigurationType = \"CENTRAL\",\n },\n });\n\n var exampleConfigurationPolicy = new Aws.SecurityHub.ConfigurationPolicy(\"example\", new()\n {\n Name = \"Example\",\n Description = \"This is an example configuration policy\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = true,\n EnabledStandardArns = new[]\n {\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n SecurityControlsConfiguration = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs\n {\n DisabledControlIdentifiers = new() { },\n },\n },\n });\n\n var accountExample = new Aws.SecurityHub.ConfigurationPolicyAssociation(\"account_example\", new()\n {\n TargetId = \"123456789012\",\n PolicyId = exampleConfigurationPolicy.Id,\n });\n\n var rootExample = new Aws.SecurityHub.ConfigurationPolicyAssociation(\"root_example\", new()\n {\n TargetId = \"r-abcd\",\n PolicyId = exampleConfigurationPolicy.Id,\n });\n\n var ouExample = new Aws.SecurityHub.ConfigurationPolicyAssociation(\"ou_example\", new()\n {\n TargetId = \"ou-abcd-12345678\",\n PolicyId = exampleConfigurationPolicy.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(false),\n\t\t\tAutoEnableStandards: pulumi.String(\"NONE\"),\n\t\t\tOrganizationConfiguration: \u0026securityhub.OrganizationConfigurationOrganizationConfigurationArgs{\n\t\t\t\tConfigurationType: pulumi.String(\"CENTRAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleConfigurationPolicy, err := securityhub.NewConfigurationPolicy(ctx, \"example\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"This is an example configuration policy\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(true),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\"),\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t},\n\t\t\t\tSecurityControlsConfiguration: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs{\n\t\t\t\t\tDisabledControlIdentifiers: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicyAssociation(ctx, \"account_example\", \u0026securityhub.ConfigurationPolicyAssociationArgs{\n\t\t\tTargetId: pulumi.String(\"123456789012\"),\n\t\t\tPolicyId: exampleConfigurationPolicy.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicyAssociation(ctx, \"root_example\", \u0026securityhub.ConfigurationPolicyAssociationArgs{\n\t\t\tTargetId: pulumi.String(\"r-abcd\"),\n\t\t\tPolicyId: exampleConfigurationPolicy.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicyAssociation(ctx, \"ou_example\", \u0026securityhub.ConfigurationPolicyAssociationArgs{\n\t\t\tTargetId: pulumi.String(\"ou-abcd-12345678\"),\n\t\t\tPolicyId: exampleConfigurationPolicy.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyAssociation;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FindingAggregator(\"example\", FindingAggregatorArgs.builder() \n .linkingMode(\"ALL_REGIONS\")\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder() \n .autoEnable(false)\n .autoEnableStandards(\"NONE\")\n .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder()\n .configurationType(\"CENTRAL\")\n .build())\n .build());\n\n var exampleConfigurationPolicy = new ConfigurationPolicy(\"exampleConfigurationPolicy\", ConfigurationPolicyArgs.builder() \n .name(\"Example\")\n .description(\"This is an example configuration policy\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(true)\n .enabledStandardArns( \n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .securityControlsConfiguration(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs.builder()\n .disabledControlIdentifiers()\n .build())\n .build())\n .build());\n\n var accountExample = new ConfigurationPolicyAssociation(\"accountExample\", ConfigurationPolicyAssociationArgs.builder() \n .targetId(\"123456789012\")\n .policyId(exampleConfigurationPolicy.id())\n .build());\n\n var rootExample = new ConfigurationPolicyAssociation(\"rootExample\", ConfigurationPolicyAssociationArgs.builder() \n .targetId(\"r-abcd\")\n .policyId(exampleConfigurationPolicy.id())\n .build());\n\n var ouExample = new ConfigurationPolicyAssociation(\"ouExample\", ConfigurationPolicyAssociationArgs.builder() \n .targetId(\"ou-abcd-12345678\")\n .policyId(exampleConfigurationPolicy.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:FindingAggregator\n properties:\n linkingMode: ALL_REGIONS\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: false\n autoEnableStandards: NONE\n organizationConfiguration:\n configurationType: CENTRAL\n exampleConfigurationPolicy:\n type: aws:securityhub:ConfigurationPolicy\n name: example\n properties:\n name: Example\n description: This is an example configuration policy\n configurationPolicy:\n serviceEnabled: true\n enabledStandardArns:\n - arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\n - arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n securityControlsConfiguration:\n disabledControlIdentifiers: []\n accountExample:\n type: aws:securityhub:ConfigurationPolicyAssociation\n name: account_example\n properties:\n targetId: '123456789012'\n policyId: ${exampleConfigurationPolicy.id}\n rootExample:\n type: aws:securityhub:ConfigurationPolicyAssociation\n name: root_example\n properties:\n targetId: r-abcd\n policyId: ${exampleConfigurationPolicy.id}\n ouExample:\n type: aws:securityhub:ConfigurationPolicyAssociation\n name: ou_example\n properties:\n targetId: ou-abcd-12345678\n policyId: ${exampleConfigurationPolicy.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub enabled account using the universally unique identifier (UUID) of the policy. For example:\n\n```sh\n$ pulumi import aws:securityhub/configurationPolicyAssociation:ConfigurationPolicyAssociation example_account_association 123456789012\n```\n", + "description": "Manages Security Hub configuration policy associations.\n\n\u003e **NOTE:** This resource requires `aws.securityhub.OrganizationConfiguration` to be configured with type `CENTRAL`. More information about Security Hub central configuration and configuration policies can be found in the [How Security Hub configuration policies work](https://docs.aws.amazon.com/securityhub/latest/userguide/configuration-policies-overview.html) documentation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {\n autoEnable: false,\n autoEnableStandards: \"NONE\",\n organizationConfiguration: {\n configurationType: \"CENTRAL\",\n },\n}, {\n dependsOn: [example],\n});\nconst exampleConfigurationPolicy = new aws.securityhub.ConfigurationPolicy(\"example\", {\n name: \"Example\",\n description: \"This is an example configuration policy\",\n configurationPolicy: {\n serviceEnabled: true,\n enabledStandardArns: [\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n securityControlsConfiguration: {\n disabledControlIdentifiers: [],\n },\n },\n}, {\n dependsOn: [exampleOrganizationConfiguration],\n});\nconst accountExample = new aws.securityhub.ConfigurationPolicyAssociation(\"account_example\", {\n targetId: \"123456789012\",\n policyId: exampleConfigurationPolicy.id,\n});\nconst rootExample = new aws.securityhub.ConfigurationPolicyAssociation(\"root_example\", {\n targetId: \"r-abcd\",\n policyId: exampleConfigurationPolicy.id,\n});\nconst ouExample = new aws.securityhub.ConfigurationPolicyAssociation(\"ou_example\", {\n targetId: \"ou-abcd-12345678\",\n policyId: exampleConfigurationPolicy.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\")\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\",\n auto_enable=False,\n auto_enable_standards=\"NONE\",\n organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs(\n configuration_type=\"CENTRAL\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[example]))\nexample_configuration_policy = aws.securityhub.ConfigurationPolicy(\"example\",\n name=\"Example\",\n description=\"This is an example configuration policy\",\n configuration_policy=aws.securityhub.ConfigurationPolicyConfigurationPolicyArgs(\n service_enabled=True,\n enabled_standard_arns=[\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n ],\n security_controls_configuration=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs(\n disabled_control_identifiers=[],\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_organization_configuration]))\naccount_example = aws.securityhub.ConfigurationPolicyAssociation(\"account_example\",\n target_id=\"123456789012\",\n policy_id=example_configuration_policy.id)\nroot_example = aws.securityhub.ConfigurationPolicyAssociation(\"root_example\",\n target_id=\"r-abcd\",\n policy_id=example_configuration_policy.id)\nou_example = aws.securityhub.ConfigurationPolicyAssociation(\"ou_example\",\n target_id=\"ou-abcd-12345678\",\n policy_id=example_configuration_policy.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = false,\n AutoEnableStandards = \"NONE\",\n OrganizationConfigurationDetails = new Aws.SecurityHub.Inputs.OrganizationConfigurationOrganizationConfigurationArgs\n {\n ConfigurationType = \"CENTRAL\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n var exampleConfigurationPolicy = new Aws.SecurityHub.ConfigurationPolicy(\"example\", new()\n {\n Name = \"Example\",\n Description = \"This is an example configuration policy\",\n ConfigurationPolicyDetails = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicyArgs\n {\n ServiceEnabled = true,\n EnabledStandardArns = new[]\n {\n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n },\n SecurityControlsConfiguration = new Aws.SecurityHub.Inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs\n {\n DisabledControlIdentifiers = new() { },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleOrganizationConfiguration, \n },\n });\n\n var accountExample = new Aws.SecurityHub.ConfigurationPolicyAssociation(\"account_example\", new()\n {\n TargetId = \"123456789012\",\n PolicyId = exampleConfigurationPolicy.Id,\n });\n\n var rootExample = new Aws.SecurityHub.ConfigurationPolicyAssociation(\"root_example\", new()\n {\n TargetId = \"r-abcd\",\n PolicyId = exampleConfigurationPolicy.Id,\n });\n\n var ouExample = new Aws.SecurityHub.ConfigurationPolicyAssociation(\"ou_example\", new()\n {\n TargetId = \"ou-abcd-12345678\",\n PolicyId = exampleConfigurationPolicy.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleOrganizationConfiguration, err := securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(false),\n\t\t\tAutoEnableStandards: pulumi.String(\"NONE\"),\n\t\t\tOrganizationConfiguration: \u0026securityhub.OrganizationConfigurationOrganizationConfigurationArgs{\n\t\t\t\tConfigurationType: pulumi.String(\"CENTRAL\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleConfigurationPolicy, err := securityhub.NewConfigurationPolicy(ctx, \"example\", \u0026securityhub.ConfigurationPolicyArgs{\n\t\t\tName: pulumi.String(\"Example\"),\n\t\t\tDescription: pulumi.String(\"This is an example configuration policy\"),\n\t\t\tConfigurationPolicy: \u0026securityhub.ConfigurationPolicyConfigurationPolicyArgs{\n\t\t\t\tServiceEnabled: pulumi.Bool(true),\n\t\t\t\tEnabledStandardArns: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\"),\n\t\t\t\t\tpulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t\t\t},\n\t\t\t\tSecurityControlsConfiguration: \u0026securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs{\n\t\t\t\t\tDisabledControlIdentifiers: pulumi.StringArray{},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleOrganizationConfiguration,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicyAssociation(ctx, \"account_example\", \u0026securityhub.ConfigurationPolicyAssociationArgs{\n\t\t\tTargetId: pulumi.String(\"123456789012\"),\n\t\t\tPolicyId: exampleConfigurationPolicy.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicyAssociation(ctx, \"root_example\", \u0026securityhub.ConfigurationPolicyAssociationArgs{\n\t\t\tTargetId: pulumi.String(\"r-abcd\"),\n\t\t\tPolicyId: exampleConfigurationPolicy.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewConfigurationPolicyAssociation(ctx, \"ou_example\", \u0026securityhub.ConfigurationPolicyAssociationArgs{\n\t\t\tTargetId: pulumi.String(\"ou-abcd-12345678\"),\n\t\t\tPolicyId: exampleConfigurationPolicy.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.ConfigurationPolicy;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs;\nimport com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyAssociation;\nimport com.pulumi.aws.securityhub.ConfigurationPolicyAssociationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FindingAggregator(\"example\", FindingAggregatorArgs.builder() \n .linkingMode(\"ALL_REGIONS\")\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder() \n .autoEnable(false)\n .autoEnableStandards(\"NONE\")\n .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder()\n .configurationType(\"CENTRAL\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleConfigurationPolicy = new ConfigurationPolicy(\"exampleConfigurationPolicy\", ConfigurationPolicyArgs.builder() \n .name(\"Example\")\n .description(\"This is an example configuration policy\")\n .configurationPolicy(ConfigurationPolicyConfigurationPolicyArgs.builder()\n .serviceEnabled(true)\n .enabledStandardArns( \n \"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\",\n \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .securityControlsConfiguration(ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs.builder()\n .disabledControlIdentifiers()\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleOrganizationConfiguration)\n .build());\n\n var accountExample = new ConfigurationPolicyAssociation(\"accountExample\", ConfigurationPolicyAssociationArgs.builder() \n .targetId(\"123456789012\")\n .policyId(exampleConfigurationPolicy.id())\n .build());\n\n var rootExample = new ConfigurationPolicyAssociation(\"rootExample\", ConfigurationPolicyAssociationArgs.builder() \n .targetId(\"r-abcd\")\n .policyId(exampleConfigurationPolicy.id())\n .build());\n\n var ouExample = new ConfigurationPolicyAssociation(\"ouExample\", ConfigurationPolicyAssociationArgs.builder() \n .targetId(\"ou-abcd-12345678\")\n .policyId(exampleConfigurationPolicy.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:FindingAggregator\n properties:\n linkingMode: ALL_REGIONS\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: false\n autoEnableStandards: NONE\n organizationConfiguration:\n configurationType: CENTRAL\n options:\n dependson:\n - ${example}\n exampleConfigurationPolicy:\n type: aws:securityhub:ConfigurationPolicy\n name: example\n properties:\n name: Example\n description: This is an example configuration policy\n configurationPolicy:\n serviceEnabled: true\n enabledStandardArns:\n - arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0\n - arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n securityControlsConfiguration:\n disabledControlIdentifiers: []\n options:\n dependson:\n - ${exampleOrganizationConfiguration}\n accountExample:\n type: aws:securityhub:ConfigurationPolicyAssociation\n name: account_example\n properties:\n targetId: '123456789012'\n policyId: ${exampleConfigurationPolicy.id}\n rootExample:\n type: aws:securityhub:ConfigurationPolicyAssociation\n name: root_example\n properties:\n targetId: r-abcd\n policyId: ${exampleConfigurationPolicy.id}\n ouExample:\n type: aws:securityhub:ConfigurationPolicyAssociation\n name: ou_example\n properties:\n targetId: ou-abcd-12345678\n policyId: ${exampleConfigurationPolicy.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub enabled account using the universally unique identifier (UUID) of the policy. For example:\n\n```sh\n$ pulumi import aws:securityhub/configurationPolicyAssociation:ConfigurationPolicyAssociation example_account_association 123456789012\n```\n", "properties": { "policyId": { "type": "string", @@ -326802,7 +326802,7 @@ } }, "aws:securityhub/findingAggregator:FindingAggregator": { - "description": "Manages a Security Hub finding aggregator. Security Hub needs to be enabled in a region in order for the aggregator to pull through findings.\n\n## Example Usage\n\n### All Regions Usage\n\nThe following example will enable the aggregator for every region.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder() \n .linkingMode(\"ALL_REGIONS\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: ALL_REGIONS\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### All Regions Except Specified Regions Usage\n\nThe following example will enable the aggregator for every region except those specified in `specified_regions`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {\n linkingMode: \"ALL_REGIONS_EXCEPT_SPECIFIED\",\n specifiedRegions: [\n \"eu-west-1\",\n \"eu-west-2\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\",\n linking_mode=\"ALL_REGIONS_EXCEPT_SPECIFIED\",\n specified_regions=[\n \"eu-west-1\",\n \"eu-west-2\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS_EXCEPT_SPECIFIED\",\n SpecifiedRegions = new[]\n {\n \"eu-west-1\",\n \"eu-west-2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS_EXCEPT_SPECIFIED\"),\n\t\t\tSpecifiedRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"eu-west-1\"),\n\t\t\t\tpulumi.String(\"eu-west-2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder() \n .linkingMode(\"ALL_REGIONS_EXCEPT_SPECIFIED\")\n .specifiedRegions( \n \"eu-west-1\",\n \"eu-west-2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: ALL_REGIONS_EXCEPT_SPECIFIED\n specifiedRegions:\n - eu-west-1\n - eu-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specified Regions Usage\n\nThe following example will enable the aggregator for every region specified in `specified_regions`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {\n linkingMode: \"SPECIFIED_REGIONS\",\n specifiedRegions: [\n \"eu-west-1\",\n \"eu-west-2\",\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\",\n linking_mode=\"SPECIFIED_REGIONS\",\n specified_regions=[\n \"eu-west-1\",\n \"eu-west-2\",\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"SPECIFIED_REGIONS\",\n SpecifiedRegions = new[]\n {\n \"eu-west-1\",\n \"eu-west-2\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"SPECIFIED_REGIONS\"),\n\t\t\tSpecifiedRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"eu-west-1\"),\n\t\t\t\tpulumi.String(\"eu-west-2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder() \n .linkingMode(\"SPECIFIED_REGIONS\")\n .specifiedRegions( \n \"eu-west-1\",\n \"eu-west-2\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: SPECIFIED_REGIONS\n specifiedRegions:\n - eu-west-1\n - eu-west-2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub finding aggregator using the `arn`. For example:\n\n```sh\n$ pulumi import aws:securityhub/findingAggregator:FindingAggregator example arn:aws:securityhub:eu-west-1:123456789098:finding-aggregator/abcd1234-abcd-1234-1234-abcdef123456\n```\n", + "description": "Manages a Security Hub finding aggregator. Security Hub needs to be enabled in a region in order for the aggregator to pull through findings.\n\n## Example Usage\n\n### All Regions Usage\n\nThe following example will enable the aggregator for every region.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder() \n .linkingMode(\"ALL_REGIONS\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: ALL_REGIONS\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### All Regions Except Specified Regions Usage\n\nThe following example will enable the aggregator for every region except those specified in `specified_regions`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {\n linkingMode: \"ALL_REGIONS_EXCEPT_SPECIFIED\",\n specifiedRegions: [\n \"eu-west-1\",\n \"eu-west-2\",\n ],\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\",\n linking_mode=\"ALL_REGIONS_EXCEPT_SPECIFIED\",\n specified_regions=[\n \"eu-west-1\",\n \"eu-west-2\",\n ],\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS_EXCEPT_SPECIFIED\",\n SpecifiedRegions = new[]\n {\n \"eu-west-1\",\n \"eu-west-2\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS_EXCEPT_SPECIFIED\"),\n\t\t\tSpecifiedRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"eu-west-1\"),\n\t\t\t\tpulumi.String(\"eu-west-2\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder() \n .linkingMode(\"ALL_REGIONS_EXCEPT_SPECIFIED\")\n .specifiedRegions( \n \"eu-west-1\",\n \"eu-west-2\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: ALL_REGIONS_EXCEPT_SPECIFIED\n specifiedRegions:\n - eu-west-1\n - eu-west-2\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Specified Regions Usage\n\nThe following example will enable the aggregator for every region specified in `specified_regions`.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {\n linkingMode: \"SPECIFIED_REGIONS\",\n specifiedRegions: [\n \"eu-west-1\",\n \"eu-west-2\",\n ],\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\",\n linking_mode=\"SPECIFIED_REGIONS\",\n specified_regions=[\n \"eu-west-1\",\n \"eu-west-2\",\n ],\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"SPECIFIED_REGIONS\",\n SpecifiedRegions = new[]\n {\n \"eu-west-1\",\n \"eu-west-2\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"SPECIFIED_REGIONS\"),\n\t\t\tSpecifiedRegions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"eu-west-1\"),\n\t\t\t\tpulumi.String(\"eu-west-2\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder() \n .linkingMode(\"SPECIFIED_REGIONS\")\n .specifiedRegions( \n \"eu-west-1\",\n \"eu-west-2\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: SPECIFIED_REGIONS\n specifiedRegions:\n - eu-west-1\n - eu-west-2\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub finding aggregator using the `arn`. For example:\n\n```sh\n$ pulumi import aws:securityhub/findingAggregator:FindingAggregator example arn:aws:securityhub:eu-west-1:123456789098:finding-aggregator/abcd1234-abcd-1234-1234-abcdef123456\n```\n", "properties": { "linkingMode": { "type": "string", @@ -326854,7 +326854,7 @@ } }, "aws:securityhub/insight:Insight": { - "description": "Provides a Security Hub custom insight resource. See the [Managing custom insights section](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-custom-insights.html) of the AWS User Guide for more information.\n\n## Example Usage\n\n### Filter by AWS account ID\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n awsAccountIds: [\n {\n comparison: \"EQUALS\",\n value: \"1234567890\",\n },\n {\n comparison: \"EQUALS\",\n value: \"09876543210\",\n },\n ],\n },\n groupByAttribute: \"AwsAccountId\",\n name: \"example-insight\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters=aws.securityhub.InsightFiltersArgs(\n aws_account_ids=[\n aws.securityhub.InsightFiltersAwsAccountIdArgs(\n comparison=\"EQUALS\",\n value=\"1234567890\",\n ),\n aws.securityhub.InsightFiltersAwsAccountIdArgs(\n comparison=\"EQUALS\",\n value=\"09876543210\",\n ),\n ],\n ),\n group_by_attribute=\"AwsAccountId\",\n name=\"example-insight\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n AwsAccountIds = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs\n {\n Comparison = \"EQUALS\",\n Value = \"1234567890\",\n },\n new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs\n {\n Comparison = \"EQUALS\",\n Value = \"09876543210\",\n },\n },\n },\n GroupByAttribute = \"AwsAccountId\",\n Name = \"example-insight\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tAwsAccountIds: securityhub.InsightFiltersAwsAccountIdArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersAwsAccountIdArgs{\n\t\t\t\t\t\tComparison: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tValue: pulumi.String(\"1234567890\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.InsightFiltersAwsAccountIdArgs{\n\t\t\t\t\t\tComparison: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tValue: pulumi.String(\"09876543210\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"AwsAccountId\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder() \n .filters(InsightFiltersArgs.builder()\n .awsAccountIds( \n InsightFiltersAwsAccountIdArgs.builder()\n .comparison(\"EQUALS\")\n .value(\"1234567890\")\n .build(),\n InsightFiltersAwsAccountIdArgs.builder()\n .comparison(\"EQUALS\")\n .value(\"09876543210\")\n .build())\n .build())\n .groupByAttribute(\"AwsAccountId\")\n .name(\"example-insight\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n awsAccountIds:\n - comparison: EQUALS\n value: '1234567890'\n - comparison: EQUALS\n value: '09876543210'\n groupByAttribute: AwsAccountId\n name: example-insight\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by date range\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n createdAts: [{\n dateRange: {\n unit: \"DAYS\",\n value: 5,\n },\n }],\n },\n groupByAttribute: \"CreatedAt\",\n name: \"example-insight\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters=aws.securityhub.InsightFiltersArgs(\n created_ats=[aws.securityhub.InsightFiltersCreatedAtArgs(\n date_range=aws.securityhub.InsightFiltersCreatedAtDateRangeArgs(\n unit=\"DAYS\",\n value=5,\n ),\n )],\n ),\n group_by_attribute=\"CreatedAt\",\n name=\"example-insight\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n CreatedAts = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtArgs\n {\n DateRange = new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtDateRangeArgs\n {\n Unit = \"DAYS\",\n Value = 5,\n },\n },\n },\n },\n GroupByAttribute = \"CreatedAt\",\n Name = \"example-insight\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tCreatedAts: securityhub.InsightFiltersCreatedAtArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersCreatedAtArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.InsightFiltersCreatedAtDateRangeArgs{\n\t\t\t\t\t\t\tUnit: pulumi.String(\"DAYS\"),\n\t\t\t\t\t\t\tValue: pulumi.Int(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"CreatedAt\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder() \n .filters(InsightFiltersArgs.builder()\n .createdAts(InsightFiltersCreatedAtArgs.builder()\n .dateRange(InsightFiltersCreatedAtDateRangeArgs.builder()\n .unit(\"DAYS\")\n .value(5)\n .build())\n .build())\n .build())\n .groupByAttribute(\"CreatedAt\")\n .name(\"example-insight\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n createdAts:\n - dateRange:\n unit: DAYS\n value: 5\n groupByAttribute: CreatedAt\n name: example-insight\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by destination IPv4 address\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n networkDestinationIpv4s: [{\n cidr: \"10.0.0.0/16\",\n }],\n },\n groupByAttribute: \"NetworkDestinationIpV4\",\n name: \"example-insight\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters=aws.securityhub.InsightFiltersArgs(\n network_destination_ipv4s=[aws.securityhub.InsightFiltersNetworkDestinationIpv4Args(\n cidr=\"10.0.0.0/16\",\n )],\n ),\n group_by_attribute=\"NetworkDestinationIpV4\",\n name=\"example-insight\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n NetworkDestinationIpv4s = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationIpv4Args\n {\n Cidr = \"10.0.0.0/16\",\n },\n },\n },\n GroupByAttribute = \"NetworkDestinationIpV4\",\n Name = \"example-insight\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tNetworkDestinationIpv4s: securityhub.InsightFiltersNetworkDestinationIpv4Array{\n\t\t\t\t\t\u0026securityhub.InsightFiltersNetworkDestinationIpv4Args{\n\t\t\t\t\t\tCidr: pulumi.String(\"10.0.0.0/16\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"NetworkDestinationIpV4\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder() \n .filters(InsightFiltersArgs.builder()\n .networkDestinationIpv4s(InsightFiltersNetworkDestinationIpv4Args.builder()\n .cidr(\"10.0.0.0/16\")\n .build())\n .build())\n .groupByAttribute(\"NetworkDestinationIpV4\")\n .name(\"example-insight\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n networkDestinationIpv4s:\n - cidr: 10.0.0.0/16\n groupByAttribute: NetworkDestinationIpV4\n name: example-insight\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by finding's confidence\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n confidences: [{\n gte: \"80\",\n }],\n },\n groupByAttribute: \"Confidence\",\n name: \"example-insight\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters=aws.securityhub.InsightFiltersArgs(\n confidences=[aws.securityhub.InsightFiltersConfidenceArgs(\n gte=\"80\",\n )],\n ),\n group_by_attribute=\"Confidence\",\n name=\"example-insight\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n Confidences = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersConfidenceArgs\n {\n Gte = \"80\",\n },\n },\n },\n GroupByAttribute = \"Confidence\",\n Name = \"example-insight\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tConfidences: securityhub.InsightFiltersConfidenceArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersConfidenceArgs{\n\t\t\t\t\t\tGte: pulumi.String(\"80\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"Confidence\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder() \n .filters(InsightFiltersArgs.builder()\n .confidences(InsightFiltersConfidenceArgs.builder()\n .gte(\"80\")\n .build())\n .build())\n .groupByAttribute(\"Confidence\")\n .name(\"example-insight\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n confidences:\n - gte: '80'\n groupByAttribute: Confidence\n name: example-insight\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by resource tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n resourceTags: [{\n comparison: \"EQUALS\",\n key: \"Environment\",\n value: \"Production\",\n }],\n },\n groupByAttribute: \"ResourceTags\",\n name: \"example-insight\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters=aws.securityhub.InsightFiltersArgs(\n resource_tags=[aws.securityhub.InsightFiltersResourceTagArgs(\n comparison=\"EQUALS\",\n key=\"Environment\",\n value=\"Production\",\n )],\n ),\n group_by_attribute=\"ResourceTags\",\n name=\"example-insight\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n ResourceTags = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersResourceTagArgs\n {\n Comparison = \"EQUALS\",\n Key = \"Environment\",\n Value = \"Production\",\n },\n },\n },\n GroupByAttribute = \"ResourceTags\",\n Name = \"example-insight\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tResourceTags: securityhub.InsightFiltersResourceTagArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersResourceTagArgs{\n\t\t\t\t\t\tComparison: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tKey: pulumi.String(\"Environment\"),\n\t\t\t\t\t\tValue: pulumi.String(\"Production\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"ResourceTags\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder() \n .filters(InsightFiltersArgs.builder()\n .resourceTags(InsightFiltersResourceTagArgs.builder()\n .comparison(\"EQUALS\")\n .key(\"Environment\")\n .value(\"Production\")\n .build())\n .build())\n .groupByAttribute(\"ResourceTags\")\n .name(\"example-insight\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n resourceTags:\n - comparison: EQUALS\n key: Environment\n value: Production\n groupByAttribute: ResourceTags\n name: example-insight\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub insights using the ARN. For example:\n\n```sh\n$ pulumi import aws:securityhub/insight:Insight example arn:aws:securityhub:us-west-2:1234567890:insight/1234567890/custom/91299ed7-abd0-4e44-a858-d0b15e37141a\n```\n", + "description": "Provides a Security Hub custom insight resource. See the [Managing custom insights section](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-custom-insights.html) of the AWS User Guide for more information.\n\n## Example Usage\n\n### Filter by AWS account ID\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n awsAccountIds: [\n {\n comparison: \"EQUALS\",\n value: \"1234567890\",\n },\n {\n comparison: \"EQUALS\",\n value: \"09876543210\",\n },\n ],\n },\n groupByAttribute: \"AwsAccountId\",\n name: \"example-insight\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters=aws.securityhub.InsightFiltersArgs(\n aws_account_ids=[\n aws.securityhub.InsightFiltersAwsAccountIdArgs(\n comparison=\"EQUALS\",\n value=\"1234567890\",\n ),\n aws.securityhub.InsightFiltersAwsAccountIdArgs(\n comparison=\"EQUALS\",\n value=\"09876543210\",\n ),\n ],\n ),\n group_by_attribute=\"AwsAccountId\",\n name=\"example-insight\",\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n AwsAccountIds = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs\n {\n Comparison = \"EQUALS\",\n Value = \"1234567890\",\n },\n new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs\n {\n Comparison = \"EQUALS\",\n Value = \"09876543210\",\n },\n },\n },\n GroupByAttribute = \"AwsAccountId\",\n Name = \"example-insight\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tAwsAccountIds: securityhub.InsightFiltersAwsAccountIdArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersAwsAccountIdArgs{\n\t\t\t\t\t\tComparison: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tValue: pulumi.String(\"1234567890\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026securityhub.InsightFiltersAwsAccountIdArgs{\n\t\t\t\t\t\tComparison: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tValue: pulumi.String(\"09876543210\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"AwsAccountId\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder() \n .filters(InsightFiltersArgs.builder()\n .awsAccountIds( \n InsightFiltersAwsAccountIdArgs.builder()\n .comparison(\"EQUALS\")\n .value(\"1234567890\")\n .build(),\n InsightFiltersAwsAccountIdArgs.builder()\n .comparison(\"EQUALS\")\n .value(\"09876543210\")\n .build())\n .build())\n .groupByAttribute(\"AwsAccountId\")\n .name(\"example-insight\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n awsAccountIds:\n - comparison: EQUALS\n value: '1234567890'\n - comparison: EQUALS\n value: '09876543210'\n groupByAttribute: AwsAccountId\n name: example-insight\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by date range\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n createdAts: [{\n dateRange: {\n unit: \"DAYS\",\n value: 5,\n },\n }],\n },\n groupByAttribute: \"CreatedAt\",\n name: \"example-insight\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters=aws.securityhub.InsightFiltersArgs(\n created_ats=[aws.securityhub.InsightFiltersCreatedAtArgs(\n date_range=aws.securityhub.InsightFiltersCreatedAtDateRangeArgs(\n unit=\"DAYS\",\n value=5,\n ),\n )],\n ),\n group_by_attribute=\"CreatedAt\",\n name=\"example-insight\",\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n CreatedAts = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtArgs\n {\n DateRange = new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtDateRangeArgs\n {\n Unit = \"DAYS\",\n Value = 5,\n },\n },\n },\n },\n GroupByAttribute = \"CreatedAt\",\n Name = \"example-insight\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tCreatedAts: securityhub.InsightFiltersCreatedAtArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersCreatedAtArgs{\n\t\t\t\t\t\tDateRange: \u0026securityhub.InsightFiltersCreatedAtDateRangeArgs{\n\t\t\t\t\t\t\tUnit: pulumi.String(\"DAYS\"),\n\t\t\t\t\t\t\tValue: pulumi.Int(5),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"CreatedAt\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder() \n .filters(InsightFiltersArgs.builder()\n .createdAts(InsightFiltersCreatedAtArgs.builder()\n .dateRange(InsightFiltersCreatedAtDateRangeArgs.builder()\n .unit(\"DAYS\")\n .value(5)\n .build())\n .build())\n .build())\n .groupByAttribute(\"CreatedAt\")\n .name(\"example-insight\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n createdAts:\n - dateRange:\n unit: DAYS\n value: 5\n groupByAttribute: CreatedAt\n name: example-insight\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by destination IPv4 address\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n networkDestinationIpv4s: [{\n cidr: \"10.0.0.0/16\",\n }],\n },\n groupByAttribute: \"NetworkDestinationIpV4\",\n name: \"example-insight\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters=aws.securityhub.InsightFiltersArgs(\n network_destination_ipv4s=[aws.securityhub.InsightFiltersNetworkDestinationIpv4Args(\n cidr=\"10.0.0.0/16\",\n )],\n ),\n group_by_attribute=\"NetworkDestinationIpV4\",\n name=\"example-insight\",\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n NetworkDestinationIpv4s = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationIpv4Args\n {\n Cidr = \"10.0.0.0/16\",\n },\n },\n },\n GroupByAttribute = \"NetworkDestinationIpV4\",\n Name = \"example-insight\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tNetworkDestinationIpv4s: securityhub.InsightFiltersNetworkDestinationIpv4Array{\n\t\t\t\t\t\u0026securityhub.InsightFiltersNetworkDestinationIpv4Args{\n\t\t\t\t\t\tCidr: pulumi.String(\"10.0.0.0/16\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"NetworkDestinationIpV4\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder() \n .filters(InsightFiltersArgs.builder()\n .networkDestinationIpv4s(InsightFiltersNetworkDestinationIpv4Args.builder()\n .cidr(\"10.0.0.0/16\")\n .build())\n .build())\n .groupByAttribute(\"NetworkDestinationIpV4\")\n .name(\"example-insight\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n networkDestinationIpv4s:\n - cidr: 10.0.0.0/16\n groupByAttribute: NetworkDestinationIpV4\n name: example-insight\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by finding's confidence\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n confidences: [{\n gte: \"80\",\n }],\n },\n groupByAttribute: \"Confidence\",\n name: \"example-insight\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters=aws.securityhub.InsightFiltersArgs(\n confidences=[aws.securityhub.InsightFiltersConfidenceArgs(\n gte=\"80\",\n )],\n ),\n group_by_attribute=\"Confidence\",\n name=\"example-insight\",\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n Confidences = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersConfidenceArgs\n {\n Gte = \"80\",\n },\n },\n },\n GroupByAttribute = \"Confidence\",\n Name = \"example-insight\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tConfidences: securityhub.InsightFiltersConfidenceArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersConfidenceArgs{\n\t\t\t\t\t\tGte: pulumi.String(\"80\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"Confidence\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder() \n .filters(InsightFiltersArgs.builder()\n .confidences(InsightFiltersConfidenceArgs.builder()\n .gte(\"80\")\n .build())\n .build())\n .groupByAttribute(\"Confidence\")\n .name(\"example-insight\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n confidences:\n - gte: '80'\n groupByAttribute: Confidence\n name: example-insight\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Filter by resource tags\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleInsight = new aws.securityhub.Insight(\"example\", {\n filters: {\n resourceTags: [{\n comparison: \"EQUALS\",\n key: \"Environment\",\n value: \"Production\",\n }],\n },\n groupByAttribute: \"ResourceTags\",\n name: \"example-insight\",\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_insight = aws.securityhub.Insight(\"example\",\n filters=aws.securityhub.InsightFiltersArgs(\n resource_tags=[aws.securityhub.InsightFiltersResourceTagArgs(\n comparison=\"EQUALS\",\n key=\"Environment\",\n value=\"Production\",\n )],\n ),\n group_by_attribute=\"ResourceTags\",\n name=\"example-insight\",\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleInsight = new Aws.SecurityHub.Insight(\"example\", new()\n {\n Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs\n {\n ResourceTags = new[]\n {\n new Aws.SecurityHub.Inputs.InsightFiltersResourceTagArgs\n {\n Comparison = \"EQUALS\",\n Key = \"Environment\",\n Value = \"Production\",\n },\n },\n },\n GroupByAttribute = \"ResourceTags\",\n Name = \"example-insight\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInsight(ctx, \"example\", \u0026securityhub.InsightArgs{\n\t\t\tFilters: \u0026securityhub.InsightFiltersArgs{\n\t\t\t\tResourceTags: securityhub.InsightFiltersResourceTagArray{\n\t\t\t\t\t\u0026securityhub.InsightFiltersResourceTagArgs{\n\t\t\t\t\t\tComparison: pulumi.String(\"EQUALS\"),\n\t\t\t\t\t\tKey: pulumi.String(\"Environment\"),\n\t\t\t\t\t\tValue: pulumi.String(\"Production\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tGroupByAttribute: pulumi.String(\"ResourceTags\"),\n\t\t\tName: pulumi.String(\"example-insight\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Insight;\nimport com.pulumi.aws.securityhub.InsightArgs;\nimport com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleInsight = new Insight(\"exampleInsight\", InsightArgs.builder() \n .filters(InsightFiltersArgs.builder()\n .resourceTags(InsightFiltersResourceTagArgs.builder()\n .comparison(\"EQUALS\")\n .key(\"Environment\")\n .value(\"Production\")\n .build())\n .build())\n .groupByAttribute(\"ResourceTags\")\n .name(\"example-insight\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleInsight:\n type: aws:securityhub:Insight\n name: example\n properties:\n filters:\n resourceTags:\n - comparison: EQUALS\n key: Environment\n value: Production\n groupByAttribute: ResourceTags\n name: example-insight\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub insights using the ARN. For example:\n\n```sh\n$ pulumi import aws:securityhub/insight:Insight example arn:aws:securityhub:us-west-2:1234567890:insight/1234567890/custom/91299ed7-abd0-4e44-a858-d0b15e37141a\n```\n", "properties": { "arn": { "type": "string", @@ -326921,7 +326921,7 @@ } }, "aws:securityhub/inviteAccepter:InviteAccepter": { - "description": "\u003e **Note:** AWS accounts can only be associated with a single Security Hub master account. Destroying this resource will disassociate the member account from the master account.\n\nAccepts a Security Hub invitation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleMember = new aws.securityhub.Member(\"example\", {\n accountId: \"123456789012\",\n email: \"example@example.com\",\n invite: true,\n});\nconst invitee = new aws.securityhub.Account(\"invitee\", {});\nconst inviteeInviteAccepter = new aws.securityhub.InviteAccepter(\"invitee\", {masterId: exampleMember.masterId});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_member = aws.securityhub.Member(\"example\",\n account_id=\"123456789012\",\n email=\"example@example.com\",\n invite=True)\ninvitee = aws.securityhub.Account(\"invitee\")\ninvitee_invite_accepter = aws.securityhub.InviteAccepter(\"invitee\", master_id=example_member.master_id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleMember = new Aws.SecurityHub.Member(\"example\", new()\n {\n AccountId = \"123456789012\",\n Email = \"example@example.com\",\n Invite = true,\n });\n\n var invitee = new Aws.SecurityHub.Account(\"invitee\");\n\n var inviteeInviteAccepter = new Aws.SecurityHub.InviteAccepter(\"invitee\", new()\n {\n MasterId = exampleMember.MasterId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleMember, err := securityhub.NewMember(ctx, \"example\", \u0026securityhub.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tEmail: pulumi.String(\"example@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewAccount(ctx, \"invitee\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInviteAccepter(ctx, \"invitee\", \u0026securityhub.InviteAccepterArgs{\n\t\t\tMasterId: exampleMember.MasterId,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Member;\nimport com.pulumi.aws.securityhub.MemberArgs;\nimport com.pulumi.aws.securityhub.InviteAccepter;\nimport com.pulumi.aws.securityhub.InviteAccepterArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleMember = new Member(\"exampleMember\", MemberArgs.builder() \n .accountId(\"123456789012\")\n .email(\"example@example.com\")\n .invite(true)\n .build());\n\n var invitee = new Account(\"invitee\");\n\n var inviteeInviteAccepter = new InviteAccepter(\"inviteeInviteAccepter\", InviteAccepterArgs.builder() \n .masterId(exampleMember.masterId())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleMember:\n type: aws:securityhub:Member\n name: example\n properties:\n accountId: '123456789012'\n email: example@example.com\n invite: true\n invitee:\n type: aws:securityhub:Account\n inviteeInviteAccepter:\n type: aws:securityhub:InviteAccepter\n name: invitee\n properties:\n masterId: ${exampleMember.masterId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub invite acceptance using the account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/inviteAccepter:InviteAccepter example 123456789012\n```\n", + "description": "\u003e **Note:** AWS accounts can only be associated with a single Security Hub master account. Destroying this resource will disassociate the member account from the master account.\n\nAccepts a Security Hub invitation.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleMember = new aws.securityhub.Member(\"example\", {\n accountId: \"123456789012\",\n email: \"example@example.com\",\n invite: true,\n});\nconst invitee = new aws.securityhub.Account(\"invitee\", {});\nconst inviteeInviteAccepter = new aws.securityhub.InviteAccepter(\"invitee\", {masterId: exampleMember.masterId}, {\n dependsOn: [invitee],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_member = aws.securityhub.Member(\"example\",\n account_id=\"123456789012\",\n email=\"example@example.com\",\n invite=True)\ninvitee = aws.securityhub.Account(\"invitee\")\ninvitee_invite_accepter = aws.securityhub.InviteAccepter(\"invitee\", master_id=example_member.master_id,\nopts=pulumi.ResourceOptions(depends_on=[invitee]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleMember = new Aws.SecurityHub.Member(\"example\", new()\n {\n AccountId = \"123456789012\",\n Email = \"example@example.com\",\n Invite = true,\n });\n\n var invitee = new Aws.SecurityHub.Account(\"invitee\");\n\n var inviteeInviteAccepter = new Aws.SecurityHub.InviteAccepter(\"invitee\", new()\n {\n MasterId = exampleMember.MasterId,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n invitee, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleMember, err := securityhub.NewMember(ctx, \"example\", \u0026securityhub.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tEmail: pulumi.String(\"example@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvitee, err := securityhub.NewAccount(ctx, \"invitee\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewInviteAccepter(ctx, \"invitee\", \u0026securityhub.InviteAccepterArgs{\n\t\t\tMasterId: exampleMember.MasterId,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tinvitee,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Member;\nimport com.pulumi.aws.securityhub.MemberArgs;\nimport com.pulumi.aws.securityhub.InviteAccepter;\nimport com.pulumi.aws.securityhub.InviteAccepterArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleMember = new Member(\"exampleMember\", MemberArgs.builder() \n .accountId(\"123456789012\")\n .email(\"example@example.com\")\n .invite(true)\n .build());\n\n var invitee = new Account(\"invitee\");\n\n var inviteeInviteAccepter = new InviteAccepter(\"inviteeInviteAccepter\", InviteAccepterArgs.builder() \n .masterId(exampleMember.masterId())\n .build(), CustomResourceOptions.builder()\n .dependsOn(invitee)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleMember:\n type: aws:securityhub:Member\n name: example\n properties:\n accountId: '123456789012'\n email: example@example.com\n invite: true\n invitee:\n type: aws:securityhub:Account\n inviteeInviteAccepter:\n type: aws:securityhub:InviteAccepter\n name: invitee\n properties:\n masterId: ${exampleMember.masterId}\n options:\n dependson:\n - ${invitee}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub invite acceptance using the account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/inviteAccepter:InviteAccepter example 123456789012\n```\n", "properties": { "invitationId": { "type": "string", @@ -326963,7 +326963,7 @@ } }, "aws:securityhub/member:Member": { - "description": "Provides a Security Hub member resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleMember = new aws.securityhub.Member(\"example\", {\n accountId: \"123456789012\",\n email: \"example@example.com\",\n invite: true,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_member = aws.securityhub.Member(\"example\",\n account_id=\"123456789012\",\n email=\"example@example.com\",\n invite=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleMember = new Aws.SecurityHub.Member(\"example\", new()\n {\n AccountId = \"123456789012\",\n Email = \"example@example.com\",\n Invite = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewMember(ctx, \"example\", \u0026securityhub.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tEmail: pulumi.String(\"example@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Member;\nimport com.pulumi.aws.securityhub.MemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleMember = new Member(\"exampleMember\", MemberArgs.builder() \n .accountId(\"123456789012\")\n .email(\"example@example.com\")\n .invite(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleMember:\n type: aws:securityhub:Member\n name: example\n properties:\n accountId: '123456789012'\n email: example@example.com\n invite: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub members using their account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/member:Member example 123456789012\n```\n", + "description": "Provides a Security Hub member resource.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst exampleMember = new aws.securityhub.Member(\"example\", {\n accountId: \"123456789012\",\n email: \"example@example.com\",\n invite: true,\n}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\nexample_member = aws.securityhub.Member(\"example\",\n account_id=\"123456789012\",\n email=\"example@example.com\",\n invite=True,\n opts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var exampleMember = new Aws.SecurityHub.Member(\"example\", new()\n {\n AccountId = \"123456789012\",\n Email = \"example@example.com\",\n Invite = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewMember(ctx, \"example\", \u0026securityhub.MemberArgs{\n\t\t\tAccountId: pulumi.String(\"123456789012\"),\n\t\t\tEmail: pulumi.String(\"example@example.com\"),\n\t\t\tInvite: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.Member;\nimport com.pulumi.aws.securityhub.MemberArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var exampleMember = new Member(\"exampleMember\", MemberArgs.builder() \n .accountId(\"123456789012\")\n .email(\"example@example.com\")\n .invite(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleMember:\n type: aws:securityhub:Member\n name: example\n properties:\n accountId: '123456789012'\n email: example@example.com\n invite: true\n options:\n dependson:\n - ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub members using their account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/member:Member example 123456789012\n```\n", "properties": { "accountId": { "type": "string", @@ -327042,7 +327042,7 @@ } }, "aws:securityhub/organizationAdminAccount:OrganizationAdminAccount": { - "description": "Manages a Security Hub administrator account for an organization. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in Security Hub can be found in the [Security Hub User Guide](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"securityhub.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleAccount = new aws.securityhub.Account(\"example\", {});\nconst exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"});\n// Auto enable security hub in organization member accounts\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {autoEnable: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"securityhub.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_account = aws.securityhub.Account(\"example\")\nexample_organization_admin_account = aws.securityhub.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\")\n# Auto enable security hub in organization member accounts\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\", auto_enable=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"securityhub.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleAccount = new Aws.SecurityHub.Account(\"example\");\n\n var exampleOrganizationAdminAccount = new Aws.SecurityHub.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n });\n\n // Auto enable security hub in organization member accounts\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"securityhub.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationAdminAccount(ctx, \"example\", \u0026securityhub.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Auto enable security hub in organization member accounts\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccount;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccountArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"securityhub.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleAccount = new Account(\"exampleAccount\");\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder() \n .adminAccountId(\"123456789012\")\n .build());\n\n // Auto enable security hub in organization member accounts\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder() \n .autoEnable(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - securityhub.amazonaws.com\n featureSet: ALL\n exampleAccount:\n type: aws:securityhub:Account\n name: example\n exampleOrganizationAdminAccount:\n type: aws:securityhub:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: '123456789012'\n # Auto enable security hub in organization member accounts\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub Organization Admin Accounts using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/organizationAdminAccount:OrganizationAdminAccount example 123456789012\n```\n", + "description": "Manages a Security Hub administrator account for an organization. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in Security Hub can be found in the [Security Hub User Guide](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"securityhub.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleAccount = new aws.securityhub.Account(\"example\", {});\nconst exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"}, {\n dependsOn: [example],\n});\n// Auto enable security hub in organization member accounts\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {autoEnable: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"securityhub.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_account = aws.securityhub.Account(\"example\")\nexample_organization_admin_account = aws.securityhub.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\n# Auto enable security hub in organization member accounts\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\", auto_enable=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"securityhub.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleAccount = new Aws.SecurityHub.Account(\"example\");\n\n var exampleOrganizationAdminAccount = new Aws.SecurityHub.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n // Auto enable security hub in organization member accounts\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"securityhub.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationAdminAccount(ctx, \"example\", \u0026securityhub.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Auto enable security hub in organization member accounts\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccount;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccountArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"securityhub.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleAccount = new Account(\"exampleAccount\");\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder() \n .adminAccountId(\"123456789012\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n // Auto enable security hub in organization member accounts\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder() \n .autoEnable(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - securityhub.amazonaws.com\n featureSet: ALL\n exampleAccount:\n type: aws:securityhub:Account\n name: example\n exampleOrganizationAdminAccount:\n type: aws:securityhub:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: '123456789012'\n options:\n dependson:\n - ${example}\n # Auto enable security hub in organization member accounts\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub Organization Admin Accounts using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/organizationAdminAccount:OrganizationAdminAccount example 123456789012\n```\n", "properties": { "adminAccountId": { "type": "string", @@ -327075,7 +327075,7 @@ } }, "aws:securityhub/organizationConfiguration:OrganizationConfiguration": { - "description": "Manages the Security Hub Organization Configuration.\n\n\u003e **NOTE:** This resource requires an `aws.securityhub.OrganizationAdminAccount` to be configured (not necessarily with Pulumi). More information about managing Security Hub in an organization can be found in the [Managing administrator and member accounts](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts.html) documentation.\n\n\u003e **NOTE:** In order to set the `configuration_type` to `CENTRAL`, the delegated admin must be a member account of the organization and not the management account. Central configuration also requires an `aws.securityhub.FindingAggregator` to be configured.\n\n\u003e **NOTE:** This is an advanced AWS resource. Pulumi will automatically assume management of the Security Hub Organization Configuration without import and perform no actions on removal from the Pulumi program.\n\n\u003e **NOTE:** Deleting this resource resets security hub to a local organization configuration with auto enable false.\n\n## Example Usage\n\n### Local Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"securityhub.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {autoEnable: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"securityhub.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_admin_account = aws.securityhub.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\")\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\", auto_enable=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"securityhub.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationAdminAccount = new Aws.SecurityHub.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"securityhub.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationAdminAccount(ctx, \"example\", \u0026securityhub.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccount;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccountArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"securityhub.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder() \n .adminAccountId(\"123456789012\")\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder() \n .autoEnable(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - securityhub.amazonaws.com\n featureSet: ALL\n exampleOrganizationAdminAccount:\n type: aws:securityhub:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: '123456789012'\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Central Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {\n autoEnable: false,\n autoEnableStandards: \"NONE\",\n organizationConfiguration: {\n configurationType: \"CENTRAL\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\")\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\")\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\",\n auto_enable=False,\n auto_enable_standards=\"NONE\",\n organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs(\n configuration_type=\"CENTRAL\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n });\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = false,\n AutoEnableStandards = \"NONE\",\n OrganizationConfigurationDetails = new Aws.SecurityHub.Inputs.OrganizationConfigurationOrganizationConfigurationArgs\n {\n ConfigurationType = \"CENTRAL\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewOrganizationAdminAccount(ctx, \"example\", \u0026securityhub.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(false),\n\t\t\tAutoEnableStandards: pulumi.String(\"NONE\"),\n\t\t\tOrganizationConfiguration: \u0026securityhub.OrganizationConfigurationOrganizationConfigurationArgs{\n\t\t\t\tConfigurationType: pulumi.String(\"CENTRAL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccount;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccountArgs;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OrganizationAdminAccount(\"example\", OrganizationAdminAccountArgs.builder() \n .adminAccountId(\"123456789012\")\n .build());\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder() \n .linkingMode(\"ALL_REGIONS\")\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder() \n .autoEnable(false)\n .autoEnableStandards(\"NONE\")\n .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder()\n .configurationType(\"CENTRAL\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:OrganizationAdminAccount\n properties:\n adminAccountId: '123456789012'\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: ALL_REGIONS\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: false\n autoEnableStandards: NONE\n organizationConfiguration:\n configurationType: CENTRAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub enabled account using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/organizationConfiguration:OrganizationConfiguration example 123456789012\n```\n", + "description": "Manages the Security Hub Organization Configuration.\n\n\u003e **NOTE:** This resource requires an `aws.securityhub.OrganizationAdminAccount` to be configured (not necessarily with Pulumi). More information about managing Security Hub in an organization can be found in the [Managing administrator and member accounts](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts.html) documentation.\n\n\u003e **NOTE:** In order to set the `configuration_type` to `CENTRAL`, the delegated admin must be a member account of the organization and not the management account. Central configuration also requires an `aws.securityhub.FindingAggregator` to be configured.\n\n\u003e **NOTE:** This is an advanced AWS resource. Pulumi will automatically assume management of the Security Hub Organization Configuration without import and perform no actions on removal from the Pulumi program.\n\n\u003e **NOTE:** Deleting this resource resets security hub to a local organization configuration with auto enable false.\n\n## Example Usage\n\n### Local Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.organizations.Organization(\"example\", {\n awsServiceAccessPrincipals: [\"securityhub.amazonaws.com\"],\n featureSet: \"ALL\",\n});\nconst exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"}, {\n dependsOn: [example],\n});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {autoEnable: true});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.organizations.Organization(\"example\",\n aws_service_access_principals=[\"securityhub.amazonaws.com\"],\n feature_set=\"ALL\")\nexample_organization_admin_account = aws.securityhub.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\", auto_enable=True)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Organizations.Organization(\"example\", new()\n {\n AwsServiceAccessPrincipals = new[]\n {\n \"securityhub.amazonaws.com\",\n },\n FeatureSet = \"ALL\",\n });\n\n var exampleOrganizationAdminAccount = new Aws.SecurityHub.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = true,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := organizations.NewOrganization(ctx, \"example\", \u0026organizations.OrganizationArgs{\n\t\t\tAwsServiceAccessPrincipals: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"securityhub.amazonaws.com\"),\n\t\t\t},\n\t\t\tFeatureSet: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationAdminAccount(ctx, \"example\", \u0026securityhub.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.organizations.Organization;\nimport com.pulumi.aws.organizations.OrganizationArgs;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccount;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccountArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Organization(\"example\", OrganizationArgs.builder() \n .awsServiceAccessPrincipals(\"securityhub.amazonaws.com\")\n .featureSet(\"ALL\")\n .build());\n\n var exampleOrganizationAdminAccount = new OrganizationAdminAccount(\"exampleOrganizationAdminAccount\", OrganizationAdminAccountArgs.builder() \n .adminAccountId(\"123456789012\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder() \n .autoEnable(true)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:organizations:Organization\n properties:\n awsServiceAccessPrincipals:\n - securityhub.amazonaws.com\n featureSet: ALL\n exampleOrganizationAdminAccount:\n type: aws:securityhub:OrganizationAdminAccount\n name: example\n properties:\n adminAccountId: '123456789012'\n options:\n dependson:\n - ${example}\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Central Configuration\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.OrganizationAdminAccount(\"example\", {adminAccountId: \"123456789012\"}, {\n dependsOn: [exampleAwsOrganizationsOrganization],\n});\nconst exampleFindingAggregator = new aws.securityhub.FindingAggregator(\"example\", {linkingMode: \"ALL_REGIONS\"}, {\n dependsOn: [example],\n});\nconst exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration(\"example\", {\n autoEnable: false,\n autoEnableStandards: \"NONE\",\n organizationConfiguration: {\n configurationType: \"CENTRAL\",\n },\n}, {\n dependsOn: [exampleFindingAggregator],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.OrganizationAdminAccount(\"example\", admin_account_id=\"123456789012\",\nopts=pulumi.ResourceOptions(depends_on=[example_aws_organizations_organization]))\nexample_finding_aggregator = aws.securityhub.FindingAggregator(\"example\", linking_mode=\"ALL_REGIONS\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\nexample_organization_configuration = aws.securityhub.OrganizationConfiguration(\"example\",\n auto_enable=False,\n auto_enable_standards=\"NONE\",\n organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs(\n configuration_type=\"CENTRAL\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[example_finding_aggregator]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.OrganizationAdminAccount(\"example\", new()\n {\n AdminAccountId = \"123456789012\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsOrganizationsOrganization, \n },\n });\n\n var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator(\"example\", new()\n {\n LinkingMode = \"ALL_REGIONS\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration(\"example\", new()\n {\n AutoEnable = false,\n AutoEnableStandards = \"NONE\",\n OrganizationConfigurationDetails = new Aws.SecurityHub.Inputs.OrganizationConfigurationOrganizationConfigurationArgs\n {\n ConfigurationType = \"CENTRAL\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleFindingAggregator, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewOrganizationAdminAccount(ctx, \"example\", \u0026securityhub.OrganizationAdminAccountArgs{\n\t\t\tAdminAccountId: pulumi.String(\"123456789012\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsOrganizationsOrganization,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFindingAggregator, err := securityhub.NewFindingAggregator(ctx, \"example\", \u0026securityhub.FindingAggregatorArgs{\n\t\t\tLinkingMode: pulumi.String(\"ALL_REGIONS\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewOrganizationConfiguration(ctx, \"example\", \u0026securityhub.OrganizationConfigurationArgs{\n\t\t\tAutoEnable: pulumi.Bool(false),\n\t\t\tAutoEnableStandards: pulumi.String(\"NONE\"),\n\t\t\tOrganizationConfiguration: \u0026securityhub.OrganizationConfigurationOrganizationConfigurationArgs{\n\t\t\t\tConfigurationType: pulumi.String(\"CENTRAL\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleFindingAggregator,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccount;\nimport com.pulumi.aws.securityhub.OrganizationAdminAccountArgs;\nimport com.pulumi.aws.securityhub.FindingAggregator;\nimport com.pulumi.aws.securityhub.FindingAggregatorArgs;\nimport com.pulumi.aws.securityhub.OrganizationConfiguration;\nimport com.pulumi.aws.securityhub.OrganizationConfigurationArgs;\nimport com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new OrganizationAdminAccount(\"example\", OrganizationAdminAccountArgs.builder() \n .adminAccountId(\"123456789012\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsOrganizationsOrganization)\n .build());\n\n var exampleFindingAggregator = new FindingAggregator(\"exampleFindingAggregator\", FindingAggregatorArgs.builder() \n .linkingMode(\"ALL_REGIONS\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var exampleOrganizationConfiguration = new OrganizationConfiguration(\"exampleOrganizationConfiguration\", OrganizationConfigurationArgs.builder() \n .autoEnable(false)\n .autoEnableStandards(\"NONE\")\n .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder()\n .configurationType(\"CENTRAL\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleFindingAggregator)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:OrganizationAdminAccount\n properties:\n adminAccountId: '123456789012'\n options:\n dependson:\n - ${exampleAwsOrganizationsOrganization}\n exampleFindingAggregator:\n type: aws:securityhub:FindingAggregator\n name: example\n properties:\n linkingMode: ALL_REGIONS\n options:\n dependson:\n - ${example}\n exampleOrganizationConfiguration:\n type: aws:securityhub:OrganizationConfiguration\n name: example\n properties:\n autoEnable: false\n autoEnableStandards: NONE\n organizationConfiguration:\n configurationType: CENTRAL\n options:\n dependson:\n - ${exampleFindingAggregator}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an existing Security Hub enabled account using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:securityhub/organizationConfiguration:OrganizationConfiguration example 123456789012\n```\n", "properties": { "autoEnable": { "type": "boolean", @@ -327147,7 +327147,7 @@ } }, "aws:securityhub/productSubscription:ProductSubscription": { - "description": "Subscribes to a Security Hub product.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst current = aws.getRegion({});\nconst exampleProductSubscription = new aws.securityhub.ProductSubscription(\"example\", {productArn: current.then(current =\u003e `arn:aws:securityhub:${current.name}:733251395267:product/alertlogic/althreatmanagement`)});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\ncurrent = aws.get_region()\nexample_product_subscription = aws.securityhub.ProductSubscription(\"example\", product_arn=f\"arn:aws:securityhub:{current.name}:733251395267:product/alertlogic/althreatmanagement\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var current = Aws.GetRegion.Invoke();\n\n var exampleProductSubscription = new Aws.SecurityHub.ProductSubscription(\"example\", new()\n {\n ProductArn = $\"arn:aws:securityhub:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:733251395267:product/alertlogic/althreatmanagement\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewProductSubscription(ctx, \"example\", \u0026securityhub.ProductSubscriptionArgs{\n\t\t\tProductArn: pulumi.String(fmt.Sprintf(\"arn:aws:securityhub:%v:733251395267:product/alertlogic/althreatmanagement\", current.Name)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.securityhub.ProductSubscription;\nimport com.pulumi.aws.securityhub.ProductSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n final var current = AwsFunctions.getRegion();\n\n var exampleProductSubscription = new ProductSubscription(\"exampleProductSubscription\", ProductSubscriptionArgs.builder() \n .productArn(String.format(\"arn:aws:securityhub:%s:733251395267:product/alertlogic/althreatmanagement\", current.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleProductSubscription:\n type: aws:securityhub:ProductSubscription\n name: example\n properties:\n productArn: arn:aws:securityhub:${current.name}:733251395267:product/alertlogic/althreatmanagement\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub product subscriptions using `product_arn,arn`. For example:\n\n```sh\n$ pulumi import aws:securityhub/productSubscription:ProductSubscription example arn:aws:securityhub:eu-west-1:733251395267:product/alertlogic/althreatmanagement,arn:aws:securityhub:eu-west-1:123456789012:product-subscription/alertlogic/althreatmanagement\n```\n", + "description": "Subscribes to a Security Hub product.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst current = aws.getRegion({});\nconst exampleProductSubscription = new aws.securityhub.ProductSubscription(\"example\", {productArn: current.then(current =\u003e `arn:aws:securityhub:${current.name}:733251395267:product/alertlogic/althreatmanagement`)}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\ncurrent = aws.get_region()\nexample_product_subscription = aws.securityhub.ProductSubscription(\"example\", product_arn=f\"arn:aws:securityhub:{current.name}:733251395267:product/alertlogic/althreatmanagement\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var current = Aws.GetRegion.Invoke();\n\n var exampleProductSubscription = new Aws.SecurityHub.ProductSubscription(\"example\", new()\n {\n ProductArn = $\"arn:aws:securityhub:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:733251395267:product/alertlogic/althreatmanagement\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewProductSubscription(ctx, \"example\", \u0026securityhub.ProductSubscriptionArgs{\n\t\t\tProductArn: pulumi.String(fmt.Sprintf(\"arn:aws:securityhub:%v:733251395267:product/alertlogic/althreatmanagement\", current.Name)),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.securityhub.ProductSubscription;\nimport com.pulumi.aws.securityhub.ProductSubscriptionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n final var current = AwsFunctions.getRegion();\n\n var exampleProductSubscription = new ProductSubscription(\"exampleProductSubscription\", ProductSubscriptionArgs.builder() \n .productArn(String.format(\"arn:aws:securityhub:%s:733251395267:product/alertlogic/althreatmanagement\", current.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n exampleProductSubscription:\n type: aws:securityhub:ProductSubscription\n name: example\n properties:\n productArn: arn:aws:securityhub:${current.name}:733251395267:product/alertlogic/althreatmanagement\n options:\n dependson:\n - ${example}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub product subscriptions using `product_arn,arn`. For example:\n\n```sh\n$ pulumi import aws:securityhub/productSubscription:ProductSubscription example arn:aws:securityhub:eu-west-1:733251395267:product/alertlogic/althreatmanagement,arn:aws:securityhub:eu-west-1:123456789012:product-subscription/alertlogic/althreatmanagement\n```\n", "properties": { "arn": { "type": "string", @@ -327189,7 +327189,7 @@ } }, "aws:securityhub/standardsControl:StandardsControl": { - "description": "Disable/enable Security Hub standards control in the current region.\n\nThe `aws.securityhub.StandardsControl` behaves differently from normal resources, in that\nPulumi does not _create_ this resource, but instead \"adopts\" it\ninto management. When you _delete_ this resource configuration, Pulumi \"abandons\" resource as is and just removes it from the state.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst cisAwsFoundationsBenchmark = new aws.securityhub.StandardsSubscription(\"cis_aws_foundations_benchmark\", {standardsArn: \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"});\nconst ensureIamPasswordPolicyPreventsPasswordReuse = new aws.securityhub.StandardsControl(\"ensure_iam_password_policy_prevents_password_reuse\", {\n standardsControlArn: \"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\",\n controlStatus: \"DISABLED\",\n disabledReason: \"We handle password policies within Okta\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\ncis_aws_foundations_benchmark = aws.securityhub.StandardsSubscription(\"cis_aws_foundations_benchmark\", standards_arn=\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\nensure_iam_password_policy_prevents_password_reuse = aws.securityhub.StandardsControl(\"ensure_iam_password_policy_prevents_password_reuse\",\n standards_control_arn=\"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\",\n control_status=\"DISABLED\",\n disabled_reason=\"We handle password policies within Okta\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var cisAwsFoundationsBenchmark = new Aws.SecurityHub.StandardsSubscription(\"cis_aws_foundations_benchmark\", new()\n {\n StandardsArn = \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n });\n\n var ensureIamPasswordPolicyPreventsPasswordReuse = new Aws.SecurityHub.StandardsControl(\"ensure_iam_password_policy_prevents_password_reuse\", new()\n {\n StandardsControlArn = \"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\",\n ControlStatus = \"DISABLED\",\n DisabledReason = \"We handle password policies within Okta\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsSubscription(ctx, \"cis_aws_foundations_benchmark\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsControl(ctx, \"ensure_iam_password_policy_prevents_password_reuse\", \u0026securityhub.StandardsControlArgs{\n\t\t\tStandardsControlArn: pulumi.String(\"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\"),\n\t\t\tControlStatus: pulumi.String(\"DISABLED\"),\n\t\t\tDisabledReason: pulumi.String(\"We handle password policies within Okta\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.StandardsSubscription;\nimport com.pulumi.aws.securityhub.StandardsSubscriptionArgs;\nimport com.pulumi.aws.securityhub.StandardsControl;\nimport com.pulumi.aws.securityhub.StandardsControlArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var cisAwsFoundationsBenchmark = new StandardsSubscription(\"cisAwsFoundationsBenchmark\", StandardsSubscriptionArgs.builder() \n .standardsArn(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .build());\n\n var ensureIamPasswordPolicyPreventsPasswordReuse = new StandardsControl(\"ensureIamPasswordPolicyPreventsPasswordReuse\", StandardsControlArgs.builder() \n .standardsControlArn(\"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\")\n .controlStatus(\"DISABLED\")\n .disabledReason(\"We handle password policies within Okta\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n cisAwsFoundationsBenchmark:\n type: aws:securityhub:StandardsSubscription\n name: cis_aws_foundations_benchmark\n properties:\n standardsArn: arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n ensureIamPasswordPolicyPreventsPasswordReuse:\n type: aws:securityhub:StandardsControl\n name: ensure_iam_password_policy_prevents_password_reuse\n properties:\n standardsControlArn: arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\n controlStatus: DISABLED\n disabledReason: We handle password policies within Okta\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Disable/enable Security Hub standards control in the current region.\n\nThe `aws.securityhub.StandardsControl` behaves differently from normal resources, in that\nPulumi does not _create_ this resource, but instead \"adopts\" it\ninto management. When you _delete_ this resource configuration, Pulumi \"abandons\" resource as is and just removes it from the state.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst cisAwsFoundationsBenchmark = new aws.securityhub.StandardsSubscription(\"cis_aws_foundations_benchmark\", {standardsArn: \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"}, {\n dependsOn: [example],\n});\nconst ensureIamPasswordPolicyPreventsPasswordReuse = new aws.securityhub.StandardsControl(\"ensure_iam_password_policy_prevents_password_reuse\", {\n standardsControlArn: \"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\",\n controlStatus: \"DISABLED\",\n disabledReason: \"We handle password policies within Okta\",\n}, {\n dependsOn: [cisAwsFoundationsBenchmark],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\ncis_aws_foundations_benchmark = aws.securityhub.StandardsSubscription(\"cis_aws_foundations_benchmark\", standards_arn=\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\nensure_iam_password_policy_prevents_password_reuse = aws.securityhub.StandardsControl(\"ensure_iam_password_policy_prevents_password_reuse\",\n standards_control_arn=\"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\",\n control_status=\"DISABLED\",\n disabled_reason=\"We handle password policies within Okta\",\n opts=pulumi.ResourceOptions(depends_on=[cis_aws_foundations_benchmark]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var cisAwsFoundationsBenchmark = new Aws.SecurityHub.StandardsSubscription(\"cis_aws_foundations_benchmark\", new()\n {\n StandardsArn = \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n var ensureIamPasswordPolicyPreventsPasswordReuse = new Aws.SecurityHub.StandardsControl(\"ensure_iam_password_policy_prevents_password_reuse\", new()\n {\n StandardsControlArn = \"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\",\n ControlStatus = \"DISABLED\",\n DisabledReason = \"We handle password policies within Okta\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n cisAwsFoundationsBenchmark, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcisAwsFoundationsBenchmark, err := securityhub.NewStandardsSubscription(ctx, \"cis_aws_foundations_benchmark\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsControl(ctx, \"ensure_iam_password_policy_prevents_password_reuse\", \u0026securityhub.StandardsControlArgs{\n\t\t\tStandardsControlArn: pulumi.String(\"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\"),\n\t\t\tControlStatus: pulumi.String(\"DISABLED\"),\n\t\t\tDisabledReason: pulumi.String(\"We handle password policies within Okta\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tcisAwsFoundationsBenchmark,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.securityhub.StandardsSubscription;\nimport com.pulumi.aws.securityhub.StandardsSubscriptionArgs;\nimport com.pulumi.aws.securityhub.StandardsControl;\nimport com.pulumi.aws.securityhub.StandardsControlArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n var cisAwsFoundationsBenchmark = new StandardsSubscription(\"cisAwsFoundationsBenchmark\", StandardsSubscriptionArgs.builder() \n .standardsArn(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var ensureIamPasswordPolicyPreventsPasswordReuse = new StandardsControl(\"ensureIamPasswordPolicyPreventsPasswordReuse\", StandardsControlArgs.builder() \n .standardsControlArn(\"arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\")\n .controlStatus(\"DISABLED\")\n .disabledReason(\"We handle password policies within Okta\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(cisAwsFoundationsBenchmark)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n cisAwsFoundationsBenchmark:\n type: aws:securityhub:StandardsSubscription\n name: cis_aws_foundations_benchmark\n properties:\n standardsArn: arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n options:\n dependson:\n - ${example}\n ensureIamPasswordPolicyPreventsPasswordReuse:\n type: aws:securityhub:StandardsControl\n name: ensure_iam_password_policy_prevents_password_reuse\n properties:\n standardsControlArn: arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10\n controlStatus: DISABLED\n disabledReason: We handle password policies within Okta\n options:\n dependson:\n - ${cisAwsFoundationsBenchmark}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "controlId": { "type": "string", @@ -327318,7 +327318,7 @@ } }, "aws:securityhub/standardsSubscription:StandardsSubscription": { - "description": "Subscribes to a Security Hub standard.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst current = aws.getRegion({});\nconst cis = new aws.securityhub.StandardsSubscription(\"cis\", {standardsArn: \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"});\nconst pci321 = new aws.securityhub.StandardsSubscription(\"pci_321\", {standardsArn: current.then(current =\u003e `arn:aws:securityhub:${current.name}::standards/pci-dss/v/3.2.1`)});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\ncurrent = aws.get_region()\ncis = aws.securityhub.StandardsSubscription(\"cis\", standards_arn=\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\npci321 = aws.securityhub.StandardsSubscription(\"pci_321\", standards_arn=f\"arn:aws:securityhub:{current.name}::standards/pci-dss/v/3.2.1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var current = Aws.GetRegion.Invoke();\n\n var cis = new Aws.SecurityHub.StandardsSubscription(\"cis\", new()\n {\n StandardsArn = \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n });\n\n var pci321 = new Aws.SecurityHub.StandardsSubscription(\"pci_321\", new()\n {\n StandardsArn = $\"arn:aws:securityhub:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}::standards/pci-dss/v/3.2.1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsSubscription(ctx, \"cis\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsSubscription(ctx, \"pci_321\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(fmt.Sprintf(\"arn:aws:securityhub:%v::standards/pci-dss/v/3.2.1\", current.Name)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.securityhub.StandardsSubscription;\nimport com.pulumi.aws.securityhub.StandardsSubscriptionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n final var current = AwsFunctions.getRegion();\n\n var cis = new StandardsSubscription(\"cis\", StandardsSubscriptionArgs.builder() \n .standardsArn(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .build());\n\n var pci321 = new StandardsSubscription(\"pci321\", StandardsSubscriptionArgs.builder() \n .standardsArn(String.format(\"arn:aws:securityhub:%s::standards/pci-dss/v/3.2.1\", current.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n cis:\n type: aws:securityhub:StandardsSubscription\n properties:\n standardsArn: arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n pci321:\n type: aws:securityhub:StandardsSubscription\n name: pci_321\n properties:\n standardsArn: arn:aws:securityhub:${current.name}::standards/pci-dss/v/3.2.1\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub standards subscriptions using the standards subscription ARN. For example:\n\n```sh\n$ pulumi import aws:securityhub/standardsSubscription:StandardsSubscription cis arn:aws:securityhub:eu-west-1:123456789012:subscription/cis-aws-foundations-benchmark/v/1.2.0\n```\n```sh\n$ pulumi import aws:securityhub/standardsSubscription:StandardsSubscription pci_321 arn:aws:securityhub:eu-west-1:123456789012:subscription/pci-dss/v/3.2.1\n```\n```sh\n$ pulumi import aws:securityhub/standardsSubscription:StandardsSubscription nist_800_53_rev_5 arn:aws:securityhub:eu-west-1:123456789012:subscription/nist-800-53/v/5.0.0\n```\n", + "description": "Subscribes to a Security Hub standard.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.securityhub.Account(\"example\", {});\nconst current = aws.getRegion({});\nconst cis = new aws.securityhub.StandardsSubscription(\"cis\", {standardsArn: \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"}, {\n dependsOn: [example],\n});\nconst pci321 = new aws.securityhub.StandardsSubscription(\"pci_321\", {standardsArn: current.then(current =\u003e `arn:aws:securityhub:${current.name}::standards/pci-dss/v/3.2.1`)}, {\n dependsOn: [example],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.securityhub.Account(\"example\")\ncurrent = aws.get_region()\ncis = aws.securityhub.StandardsSubscription(\"cis\", standards_arn=\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\npci321 = aws.securityhub.StandardsSubscription(\"pci_321\", standards_arn=f\"arn:aws:securityhub:{current.name}::standards/pci-dss/v/3.2.1\",\nopts=pulumi.ResourceOptions(depends_on=[example]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SecurityHub.Account(\"example\");\n\n var current = Aws.GetRegion.Invoke();\n\n var cis = new Aws.SecurityHub.StandardsSubscription(\"cis\", new()\n {\n StandardsArn = \"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n var pci321 = new Aws.SecurityHub.StandardsSubscription(\"pci_321\", new()\n {\n StandardsArn = $\"arn:aws:securityhub:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}::standards/pci-dss/v/3.2.1\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := securityhub.NewAccount(ctx, \"example\", nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsSubscription(ctx, \"cis\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = securityhub.NewStandardsSubscription(ctx, \"pci_321\", \u0026securityhub.StandardsSubscriptionArgs{\n\t\t\tStandardsArn: pulumi.String(fmt.Sprintf(\"arn:aws:securityhub:%v::standards/pci-dss/v/3.2.1\", current.Name)),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.securityhub.Account;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.securityhub.StandardsSubscription;\nimport com.pulumi.aws.securityhub.StandardsSubscriptionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Account(\"example\");\n\n final var current = AwsFunctions.getRegion();\n\n var cis = new StandardsSubscription(\"cis\", StandardsSubscriptionArgs.builder() \n .standardsArn(\"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n var pci321 = new StandardsSubscription(\"pci321\", StandardsSubscriptionArgs.builder() \n .standardsArn(String.format(\"arn:aws:securityhub:%s::standards/pci-dss/v/3.2.1\", current.applyValue(getRegionResult -\u003e getRegionResult.name())))\n .build(), CustomResourceOptions.builder()\n .dependsOn(example)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:securityhub:Account\n cis:\n type: aws:securityhub:StandardsSubscription\n properties:\n standardsArn: arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0\n options:\n dependson:\n - ${example}\n pci321:\n type: aws:securityhub:StandardsSubscription\n name: pci_321\n properties:\n standardsArn: arn:aws:securityhub:${current.name}::standards/pci-dss/v/3.2.1\n options:\n dependson:\n - ${example}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Security Hub standards subscriptions using the standards subscription ARN. For example:\n\n```sh\n$ pulumi import aws:securityhub/standardsSubscription:StandardsSubscription cis arn:aws:securityhub:eu-west-1:123456789012:subscription/cis-aws-foundations-benchmark/v/1.2.0\n```\n```sh\n$ pulumi import aws:securityhub/standardsSubscription:StandardsSubscription pci_321 arn:aws:securityhub:eu-west-1:123456789012:subscription/pci-dss/v/3.2.1\n```\n```sh\n$ pulumi import aws:securityhub/standardsSubscription:StandardsSubscription nist_800_53_rev_5 arn:aws:securityhub:eu-west-1:123456789012:subscription/nist-800-53/v/5.0.0\n```\n", "properties": { "standardsArn": { "type": "string", @@ -330651,7 +330651,7 @@ } }, "aws:ses/domainIdentityVerification:DomainIdentityVerification": { - "description": "Represents a successful verification of an SES domain identity.\n\nMost commonly, this resource is used together with `aws.route53.Record` and\n`aws.ses.DomainIdentity` to request an SES domain identity,\ndeploy the required DNS verification records, and wait for verification to complete.\n\n\u003e **WARNING:** This resource implements a part of the verification workflow. It does not represent a real-world entity in AWS, therefore changing or deleting this resource on its own has no immediate effect.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ses.DomainIdentity(\"example\", {domain: \"example.com\"});\nconst exampleAmazonsesVerificationRecord = new aws.route53.Record(\"example_amazonses_verification_record\", {\n zoneId: exampleAwsRoute53Zone.zoneId,\n name: pulumi.interpolate`_amazonses.${example.id}`,\n type: aws.route53.RecordType.TXT,\n ttl: 600,\n records: [example.verificationToken],\n});\nconst exampleVerification = new aws.ses.DomainIdentityVerification(\"example_verification\", {domain: example.id});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.DomainIdentity(\"example\", domain=\"example.com\")\nexample_amazonses_verification_record = aws.route53.Record(\"example_amazonses_verification_record\",\n zone_id=example_aws_route53_zone[\"zoneId\"],\n name=example.id.apply(lambda id: f\"_amazonses.{id}\"),\n type=aws.route53.RecordType.TXT,\n ttl=600,\n records=[example.verification_token])\nexample_verification = aws.ses.DomainIdentityVerification(\"example_verification\", domain=example.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ses.DomainIdentity(\"example\", new()\n {\n Domain = \"example.com\",\n });\n\n var exampleAmazonsesVerificationRecord = new Aws.Route53.Record(\"example_amazonses_verification_record\", new()\n {\n ZoneId = exampleAwsRoute53Zone.ZoneId,\n Name = example.Id.Apply(id =\u003e $\"_amazonses.{id}\"),\n Type = Aws.Route53.RecordType.TXT,\n Ttl = 600,\n Records = new[]\n {\n example.VerificationToken,\n },\n });\n\n var exampleVerification = new Aws.Ses.DomainIdentityVerification(\"example_verification\", new()\n {\n Domain = example.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ses.NewDomainIdentity(ctx, \"example\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = route53.NewRecord(ctx, \"example_amazonses_verification_record\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(exampleAwsRoute53Zone.ZoneId),\n\t\t\tName: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"_amazonses.%v\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tType: pulumi.String(route53.RecordTypeTXT),\n\t\t\tTtl: pulumi.Int(600),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\texample.VerificationToken,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ses.NewDomainIdentityVerification(ctx, \"example_verification\", \u0026ses.DomainIdentityVerificationArgs{\n\t\t\tDomain: example.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.DomainIdentity;\nimport com.pulumi.aws.ses.DomainIdentityArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.ses.DomainIdentityVerification;\nimport com.pulumi.aws.ses.DomainIdentityVerificationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainIdentity(\"example\", DomainIdentityArgs.builder() \n .domain(\"example.com\")\n .build());\n\n var exampleAmazonsesVerificationRecord = new Record(\"exampleAmazonsesVerificationRecord\", RecordArgs.builder() \n .zoneId(exampleAwsRoute53Zone.zoneId())\n .name(example.id().applyValue(id -\u003e String.format(\"_amazonses.%s\", id)))\n .type(\"TXT\")\n .ttl(\"600\")\n .records(example.verificationToken())\n .build());\n\n var exampleVerification = new DomainIdentityVerification(\"exampleVerification\", DomainIdentityVerificationArgs.builder() \n .domain(example.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ses:DomainIdentity\n properties:\n domain: example.com\n exampleAmazonsesVerificationRecord:\n type: aws:route53:Record\n name: example_amazonses_verification_record\n properties:\n zoneId: ${exampleAwsRoute53Zone.zoneId}\n name: _amazonses.${example.id}\n type: TXT\n ttl: '600'\n records:\n - ${example.verificationToken}\n exampleVerification:\n type: aws:ses:DomainIdentityVerification\n name: example_verification\n properties:\n domain: ${example.id}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "description": "Represents a successful verification of an SES domain identity.\n\nMost commonly, this resource is used together with `aws.route53.Record` and\n`aws.ses.DomainIdentity` to request an SES domain identity,\ndeploy the required DNS verification records, and wait for verification to complete.\n\n\u003e **WARNING:** This resource implements a part of the verification workflow. It does not represent a real-world entity in AWS, therefore changing or deleting this resource on its own has no immediate effect.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ses.DomainIdentity(\"example\", {domain: \"example.com\"});\nconst exampleAmazonsesVerificationRecord = new aws.route53.Record(\"example_amazonses_verification_record\", {\n zoneId: exampleAwsRoute53Zone.zoneId,\n name: pulumi.interpolate`_amazonses.${example.id}`,\n type: aws.route53.RecordType.TXT,\n ttl: 600,\n records: [example.verificationToken],\n});\nconst exampleVerification = new aws.ses.DomainIdentityVerification(\"example_verification\", {domain: example.id}, {\n dependsOn: [exampleAmazonsesVerificationRecord],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ses.DomainIdentity(\"example\", domain=\"example.com\")\nexample_amazonses_verification_record = aws.route53.Record(\"example_amazonses_verification_record\",\n zone_id=example_aws_route53_zone[\"zoneId\"],\n name=example.id.apply(lambda id: f\"_amazonses.{id}\"),\n type=aws.route53.RecordType.TXT,\n ttl=600,\n records=[example.verification_token])\nexample_verification = aws.ses.DomainIdentityVerification(\"example_verification\", domain=example.id,\nopts=pulumi.ResourceOptions(depends_on=[example_amazonses_verification_record]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ses.DomainIdentity(\"example\", new()\n {\n Domain = \"example.com\",\n });\n\n var exampleAmazonsesVerificationRecord = new Aws.Route53.Record(\"example_amazonses_verification_record\", new()\n {\n ZoneId = exampleAwsRoute53Zone.ZoneId,\n Name = example.Id.Apply(id =\u003e $\"_amazonses.{id}\"),\n Type = Aws.Route53.RecordType.TXT,\n Ttl = 600,\n Records = new[]\n {\n example.VerificationToken,\n },\n });\n\n var exampleVerification = new Aws.Ses.DomainIdentityVerification(\"example_verification\", new()\n {\n Domain = example.Id,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAmazonsesVerificationRecord, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ses\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := ses.NewDomainIdentity(ctx, \"example\", \u0026ses.DomainIdentityArgs{\n\t\t\tDomain: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAmazonsesVerificationRecord, err := route53.NewRecord(ctx, \"example_amazonses_verification_record\", \u0026route53.RecordArgs{\n\t\t\tZoneId: pulumi.Any(exampleAwsRoute53Zone.ZoneId),\n\t\t\tName: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"_amazonses.%v\", id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tType: pulumi.String(route53.RecordTypeTXT),\n\t\t\tTtl: pulumi.Int(600),\n\t\t\tRecords: pulumi.StringArray{\n\t\t\t\texample.VerificationToken,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ses.NewDomainIdentityVerification(ctx, \"example_verification\", \u0026ses.DomainIdentityVerificationArgs{\n\t\t\tDomain: example.ID(),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAmazonsesVerificationRecord,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ses.DomainIdentity;\nimport com.pulumi.aws.ses.DomainIdentityArgs;\nimport com.pulumi.aws.route53.Record;\nimport com.pulumi.aws.route53.RecordArgs;\nimport com.pulumi.aws.ses.DomainIdentityVerification;\nimport com.pulumi.aws.ses.DomainIdentityVerificationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new DomainIdentity(\"example\", DomainIdentityArgs.builder() \n .domain(\"example.com\")\n .build());\n\n var exampleAmazonsesVerificationRecord = new Record(\"exampleAmazonsesVerificationRecord\", RecordArgs.builder() \n .zoneId(exampleAwsRoute53Zone.zoneId())\n .name(example.id().applyValue(id -\u003e String.format(\"_amazonses.%s\", id)))\n .type(\"TXT\")\n .ttl(\"600\")\n .records(example.verificationToken())\n .build());\n\n var exampleVerification = new DomainIdentityVerification(\"exampleVerification\", DomainIdentityVerificationArgs.builder() \n .domain(example.id())\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAmazonsesVerificationRecord)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ses:DomainIdentity\n properties:\n domain: example.com\n exampleAmazonsesVerificationRecord:\n type: aws:route53:Record\n name: example_amazonses_verification_record\n properties:\n zoneId: ${exampleAwsRoute53Zone.zoneId}\n name: _amazonses.${example.id}\n type: TXT\n ttl: '600'\n records:\n - ${example.verificationToken}\n exampleVerification:\n type: aws:ses:DomainIdentityVerification\n name: example_verification\n properties:\n domain: ${example.id}\n options:\n dependson:\n - ${exampleAmazonsesVerificationRecord}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "properties": { "arn": { "type": "string", @@ -332876,7 +332876,7 @@ } }, "aws:shield/drtAccessRoleArnAssociation:DrtAccessRoleArnAssociation": { - "description": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks.\nFor more information see [Configure AWS SRT Support](https://docs.aws.amazon.com/waf/latest/developerguide/authorize-srt.html)\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.iam.Role(\"test\", {\n name: awsShieldDrtAccessRoleArn,\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n Sid: \"\",\n Effect: \"Allow\",\n Principal: {\n Service: \"drt.shield.amazonaws.com\",\n },\n Action: \"sts:AssumeRole\",\n }],\n }),\n});\nconst testRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"test\", {\n role: test.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n});\nconst testDrtAccessRoleArnAssociation = new aws.shield.DrtAccessRoleArnAssociation(\"test\", {roleArn: test.arn});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.iam.Role(\"test\",\n name=aws_shield_drt_access_role_arn,\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"drt.shield.amazonaws.com\",\n },\n \"Action\": \"sts:AssumeRole\",\n }],\n }))\ntest_role_policy_attachment = aws.iam.RolePolicyAttachment(\"test\",\n role=test.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\ntest_drt_access_role_arn_association = aws.shield.DrtAccessRoleArnAssociation(\"test\", role_arn=test.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Iam.Role(\"test\", new()\n {\n Name = awsShieldDrtAccessRoleArn,\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"drt.shield.amazonaws.com\",\n },\n [\"Action\"] = \"sts:AssumeRole\",\n },\n },\n }),\n });\n\n var testRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"test\", new()\n {\n Role = test.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n });\n\n var testDrtAccessRoleArnAssociation = new Aws.Shield.DrtAccessRoleArnAssociation(\"test\", new()\n {\n RoleArn = test.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"drt.shield.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttest, err := iam.NewRole(ctx, \"test\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.Any(awsShieldDrtAccessRoleArn),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"test\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: test.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewDrtAccessRoleArnAssociation(ctx, \"test\", \u0026shield.DrtAccessRoleArnAssociationArgs{\n\t\t\tRoleArn: test.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociation;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Role(\"test\", RoleArgs.builder() \n .name(awsShieldDrtAccessRoleArn)\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"drt.shield.amazonaws.com\")\n )),\n jsonProperty(\"Action\", \"sts:AssumeRole\")\n )))\n )))\n .build());\n\n var testRolePolicyAttachment = new RolePolicyAttachment(\"testRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(test.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\n .build());\n\n var testDrtAccessRoleArnAssociation = new DrtAccessRoleArnAssociation(\"testDrtAccessRoleArnAssociation\", DrtAccessRoleArnAssociationArgs.builder() \n .roleArn(test.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:iam:Role\n properties:\n name: ${awsShieldDrtAccessRoleArn}\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - Sid:\n Effect: Allow\n Principal:\n Service: drt.shield.amazonaws.com\n Action: sts:AssumeRole\n testRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: test\n properties:\n role: ${test.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\n testDrtAccessRoleArnAssociation:\n type: aws:shield:DrtAccessRoleArnAssociation\n name: test\n properties:\n roleArn: ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield DRT access role ARN association using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:shield/drtAccessRoleArnAssociation:DrtAccessRoleArnAssociation example 123456789012\n```\n", + "description": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks.\nFor more information see [Configure AWS SRT Support](https://docs.aws.amazon.com/waf/latest/developerguide/authorize-srt.html)\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst test = new aws.iam.Role(\"test\", {\n name: awsShieldDrtAccessRoleArn,\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"\",\n Effect: \"Allow\",\n Principal: {\n Service: \"drt.shield.amazonaws.com\",\n },\n Action: \"sts:AssumeRole\",\n }],\n }),\n});\nconst testRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"test\", {\n role: test.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n});\nconst testDrtAccessRoleArnAssociation = new aws.shield.DrtAccessRoleArnAssociation(\"test\", {roleArn: test.arn});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ntest = aws.iam.Role(\"test\",\n name=aws_shield_drt_access_role_arn,\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"drt.shield.amazonaws.com\",\n },\n \"Action\": \"sts:AssumeRole\",\n }],\n }))\ntest_role_policy_attachment = aws.iam.RolePolicyAttachment(\"test\",\n role=test.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\ntest_drt_access_role_arn_association = aws.shield.DrtAccessRoleArnAssociation(\"test\", role_arn=test.arn)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var test = new Aws.Iam.Role(\"test\", new()\n {\n Name = awsShieldDrtAccessRoleArn,\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"drt.shield.amazonaws.com\",\n },\n [\"Action\"] = \"sts:AssumeRole\",\n },\n },\n }),\n });\n\n var testRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"test\", new()\n {\n Role = test.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n });\n\n var testDrtAccessRoleArnAssociation = new Aws.Shield.DrtAccessRoleArnAssociation(\"test\", new()\n {\n RoleArn = test.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"drt.shield.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\ttest, err := iam.NewRole(ctx, \"test\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.Any(awsShieldDrtAccessRoleArn),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"test\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: test.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewDrtAccessRoleArnAssociation(ctx, \"test\", \u0026shield.DrtAccessRoleArnAssociationArgs{\n\t\t\tRoleArn: test.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociation;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var test = new Role(\"test\", RoleArgs.builder() \n .name(awsShieldDrtAccessRoleArn)\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"drt.shield.amazonaws.com\")\n )),\n jsonProperty(\"Action\", \"sts:AssumeRole\")\n )))\n )))\n .build());\n\n var testRolePolicyAttachment = new RolePolicyAttachment(\"testRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(test.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\n .build());\n\n var testDrtAccessRoleArnAssociation = new DrtAccessRoleArnAssociation(\"testDrtAccessRoleArnAssociation\", DrtAccessRoleArnAssociationArgs.builder() \n .roleArn(test.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:iam:Role\n properties:\n name: ${awsShieldDrtAccessRoleArn}\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid:\n Effect: Allow\n Principal:\n Service: drt.shield.amazonaws.com\n Action: sts:AssumeRole\n testRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: test\n properties:\n role: ${test.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\n testDrtAccessRoleArnAssociation:\n type: aws:shield:DrtAccessRoleArnAssociation\n name: test\n properties:\n roleArn: ${test.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield DRT access role ARN association using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:shield/drtAccessRoleArnAssociation:DrtAccessRoleArnAssociation example 123456789012\n```\n", "properties": { "roleArn": { "type": "string", @@ -332916,7 +332916,7 @@ } }, "aws:shield/proactiveEngagement:ProactiveEngagement": { - "description": "Resource for managing a AWS Shield Proactive Engagement.\nProactive engagement authorizes the Shield Response Team (SRT) to use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: awsShieldDrtAccessRoleArn,\n assumeRolePolicy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n Sid: \"\",\n Effect: \"Allow\",\n Principal: {\n Service: \"drt.shield.amazonaws.com\",\n },\n Action: \"sts:AssumeRole\",\n }],\n }),\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n role: example.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n});\nconst exampleDrtAccessRoleArnAssociation = new aws.shield.DrtAccessRoleArnAssociation(\"example\", {roleArn: example.arn});\nconst test = new aws.shield.ProtectionGroup(\"test\", {\n protectionGroupId: \"example\",\n aggregation: \"MAX\",\n pattern: \"ALL\",\n});\nconst testProactiveEngagement = new aws.shield.ProactiveEngagement(\"test\", {\n enabled: true,\n emergencyContacts: [\n {\n contactNotes: \"Notes\",\n emailAddress: \"test@company.com\",\n phoneNumber: \"+12358132134\",\n },\n {\n contactNotes: \"Notes 2\",\n emailAddress: \"test2@company.com\",\n phoneNumber: \"+12358132134\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=aws_shield_drt_access_role_arn,\n assume_role_policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"drt.shield.amazonaws.com\",\n },\n \"Action\": \"sts:AssumeRole\",\n }],\n }))\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n role=example.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\nexample_drt_access_role_arn_association = aws.shield.DrtAccessRoleArnAssociation(\"example\", role_arn=example.arn)\ntest = aws.shield.ProtectionGroup(\"test\",\n protection_group_id=\"example\",\n aggregation=\"MAX\",\n pattern=\"ALL\")\ntest_proactive_engagement = aws.shield.ProactiveEngagement(\"test\",\n enabled=True,\n emergency_contacts=[\n aws.shield.ProactiveEngagementEmergencyContactArgs(\n contact_notes=\"Notes\",\n email_address=\"test@company.com\",\n phone_number=\"+12358132134\",\n ),\n aws.shield.ProactiveEngagementEmergencyContactArgs(\n contact_notes=\"Notes 2\",\n email_address=\"test2@company.com\",\n phone_number=\"+12358132134\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = awsShieldDrtAccessRoleArn,\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"drt.shield.amazonaws.com\",\n },\n [\"Action\"] = \"sts:AssumeRole\",\n },\n },\n }),\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = example.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n });\n\n var exampleDrtAccessRoleArnAssociation = new Aws.Shield.DrtAccessRoleArnAssociation(\"example\", new()\n {\n RoleArn = example.Arn,\n });\n\n var test = new Aws.Shield.ProtectionGroup(\"test\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"MAX\",\n Pattern = \"ALL\",\n });\n\n var testProactiveEngagement = new Aws.Shield.ProactiveEngagement(\"test\", new()\n {\n Enabled = true,\n EmergencyContacts = new[]\n {\n new Aws.Shield.Inputs.ProactiveEngagementEmergencyContactArgs\n {\n ContactNotes = \"Notes\",\n EmailAddress = \"test@company.com\",\n PhoneNumber = \"+12358132134\",\n },\n new Aws.Shield.Inputs.ProactiveEngagementEmergencyContactArgs\n {\n ContactNotes = \"Notes 2\",\n EmailAddress = \"test2@company.com\",\n PhoneNumber = \"+12358132134\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"drt.shield.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.Any(awsShieldDrtAccessRoleArn),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: example.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewDrtAccessRoleArnAssociation(ctx, \"example\", \u0026shield.DrtAccessRoleArnAssociationArgs{\n\t\t\tRoleArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProtectionGroup(ctx, \"test\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"MAX\"),\n\t\t\tPattern: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProactiveEngagement(ctx, \"test\", \u0026shield.ProactiveEngagementArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tEmergencyContacts: shield.ProactiveEngagementEmergencyContactArray{\n\t\t\t\t\u0026shield.ProactiveEngagementEmergencyContactArgs{\n\t\t\t\t\tContactNotes: pulumi.String(\"Notes\"),\n\t\t\t\t\tEmailAddress: pulumi.String(\"test@company.com\"),\n\t\t\t\t\tPhoneNumber: pulumi.String(\"+12358132134\"),\n\t\t\t\t},\n\t\t\t\t\u0026shield.ProactiveEngagementEmergencyContactArgs{\n\t\t\t\t\tContactNotes: pulumi.String(\"Notes 2\"),\n\t\t\t\t\tEmailAddress: pulumi.String(\"test2@company.com\"),\n\t\t\t\t\tPhoneNumber: pulumi.String(\"+12358132134\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociation;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport com.pulumi.aws.shield.ProactiveEngagement;\nimport com.pulumi.aws.shield.ProactiveEngagementArgs;\nimport com.pulumi.aws.shield.inputs.ProactiveEngagementEmergencyContactArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .name(awsShieldDrtAccessRoleArn)\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"drt.shield.amazonaws.com\")\n )),\n jsonProperty(\"Action\", \"sts:AssumeRole\")\n )))\n )))\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(example.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\n .build());\n\n var exampleDrtAccessRoleArnAssociation = new DrtAccessRoleArnAssociation(\"exampleDrtAccessRoleArnAssociation\", DrtAccessRoleArnAssociationArgs.builder() \n .roleArn(example.arn())\n .build());\n\n var test = new ProtectionGroup(\"test\", ProtectionGroupArgs.builder() \n .protectionGroupId(\"example\")\n .aggregation(\"MAX\")\n .pattern(\"ALL\")\n .build());\n\n var testProactiveEngagement = new ProactiveEngagement(\"testProactiveEngagement\", ProactiveEngagementArgs.builder() \n .enabled(true)\n .emergencyContacts( \n ProactiveEngagementEmergencyContactArgs.builder()\n .contactNotes(\"Notes\")\n .emailAddress(\"test@company.com\")\n .phoneNumber(\"+12358132134\")\n .build(),\n ProactiveEngagementEmergencyContactArgs.builder()\n .contactNotes(\"Notes 2\")\n .emailAddress(\"test2@company.com\")\n .phoneNumber(\"+12358132134\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: ${awsShieldDrtAccessRoleArn}\n assumeRolePolicy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - Sid:\n Effect: Allow\n Principal:\n Service: drt.shield.amazonaws.com\n Action: sts:AssumeRole\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n role: ${example.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\n exampleDrtAccessRoleArnAssociation:\n type: aws:shield:DrtAccessRoleArnAssociation\n name: example\n properties:\n roleArn: ${example.arn}\n test:\n type: aws:shield:ProtectionGroup\n properties:\n protectionGroupId: example\n aggregation: MAX\n pattern: ALL\n testProactiveEngagement:\n type: aws:shield:ProactiveEngagement\n name: test\n properties:\n enabled: true\n emergencyContacts:\n - contactNotes: Notes\n emailAddress: test@company.com\n phoneNumber: '+12358132134'\n - contactNotes: Notes 2\n emailAddress: test2@company.com\n phoneNumber: '+12358132134'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield proactive engagement using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:shield/proactiveEngagement:ProactiveEngagement example 123456789012\n```\n", + "description": "Resource for managing a AWS Shield Proactive Engagement.\nProactive engagement authorizes the Shield Response Team (SRT) to use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.iam.Role(\"example\", {\n name: awsShieldDrtAccessRoleArn,\n assumeRolePolicy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"\",\n Effect: \"Allow\",\n Principal: {\n Service: \"drt.shield.amazonaws.com\",\n },\n Action: \"sts:AssumeRole\",\n }],\n }),\n});\nconst exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment(\"example\", {\n role: example.name,\n policyArn: \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n});\nconst exampleDrtAccessRoleArnAssociation = new aws.shield.DrtAccessRoleArnAssociation(\"example\", {roleArn: example.arn});\nconst test = new aws.shield.ProtectionGroup(\"test\", {\n protectionGroupId: \"example\",\n aggregation: \"MAX\",\n pattern: \"ALL\",\n});\nconst testProactiveEngagement = new aws.shield.ProactiveEngagement(\"test\", {\n enabled: true,\n emergencyContacts: [\n {\n contactNotes: \"Notes\",\n emailAddress: \"test@company.com\",\n phoneNumber: \"+12358132134\",\n },\n {\n contactNotes: \"Notes 2\",\n emailAddress: \"test2@company.com\",\n phoneNumber: \"+12358132134\",\n },\n ],\n}, {\n dependsOn: [testAwsShieldDrtAccessRoleArnAssociation],\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.Role(\"example\",\n name=aws_shield_drt_access_role_arn,\n assume_role_policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"drt.shield.amazonaws.com\",\n },\n \"Action\": \"sts:AssumeRole\",\n }],\n }))\nexample_role_policy_attachment = aws.iam.RolePolicyAttachment(\"example\",\n role=example.name,\n policy_arn=\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\nexample_drt_access_role_arn_association = aws.shield.DrtAccessRoleArnAssociation(\"example\", role_arn=example.arn)\ntest = aws.shield.ProtectionGroup(\"test\",\n protection_group_id=\"example\",\n aggregation=\"MAX\",\n pattern=\"ALL\")\ntest_proactive_engagement = aws.shield.ProactiveEngagement(\"test\",\n enabled=True,\n emergency_contacts=[\n aws.shield.ProactiveEngagementEmergencyContactArgs(\n contact_notes=\"Notes\",\n email_address=\"test@company.com\",\n phone_number=\"+12358132134\",\n ),\n aws.shield.ProactiveEngagementEmergencyContactArgs(\n contact_notes=\"Notes 2\",\n email_address=\"test2@company.com\",\n phone_number=\"+12358132134\",\n ),\n ],\n opts=pulumi.ResourceOptions(depends_on=[test_aws_shield_drt_access_role_arn_association]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Iam.Role(\"example\", new()\n {\n Name = awsShieldDrtAccessRoleArn,\n AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"Service\"] = \"drt.shield.amazonaws.com\",\n },\n [\"Action\"] = \"sts:AssumeRole\",\n },\n },\n }),\n });\n\n var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment(\"example\", new()\n {\n Role = example.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\",\n });\n\n var exampleDrtAccessRoleArnAssociation = new Aws.Shield.DrtAccessRoleArnAssociation(\"example\", new()\n {\n RoleArn = example.Arn,\n });\n\n var test = new Aws.Shield.ProtectionGroup(\"test\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"MAX\",\n Pattern = \"ALL\",\n });\n\n var testProactiveEngagement = new Aws.Shield.ProactiveEngagement(\"test\", new()\n {\n Enabled = true,\n EmergencyContacts = new[]\n {\n new Aws.Shield.Inputs.ProactiveEngagementEmergencyContactArgs\n {\n ContactNotes = \"Notes\",\n EmailAddress = \"test@company.com\",\n PhoneNumber = \"+12358132134\",\n },\n new Aws.Shield.Inputs.ProactiveEngagementEmergencyContactArgs\n {\n ContactNotes = \"Notes 2\",\n EmailAddress = \"test2@company.com\",\n PhoneNumber = \"+12358132134\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testAwsShieldDrtAccessRoleArnAssociation, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Sid\": \"\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\"Service\": \"drt.shield.amazonaws.com\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Action\": \"sts:AssumeRole\",\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\texample, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.Any(awsShieldDrtAccessRoleArn),\n\t\t\tAssumeRolePolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"example\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: example.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewDrtAccessRoleArnAssociation(ctx, \"example\", \u0026shield.DrtAccessRoleArnAssociationArgs{\n\t\t\tRoleArn: example.Arn,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProtectionGroup(ctx, \"test\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"MAX\"),\n\t\t\tPattern: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProactiveEngagement(ctx, \"test\", \u0026shield.ProactiveEngagementArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tEmergencyContacts: shield.ProactiveEngagementEmergencyContactArray{\n\t\t\t\t\u0026shield.ProactiveEngagementEmergencyContactArgs{\n\t\t\t\t\tContactNotes: pulumi.String(\"Notes\"),\n\t\t\t\t\tEmailAddress: pulumi.String(\"test@company.com\"),\n\t\t\t\t\tPhoneNumber: pulumi.String(\"+12358132134\"),\n\t\t\t\t},\n\t\t\t\t\u0026shield.ProactiveEngagementEmergencyContactArgs{\n\t\t\t\t\tContactNotes: pulumi.String(\"Notes 2\"),\n\t\t\t\t\tEmailAddress: pulumi.String(\"test2@company.com\"),\n\t\t\t\t\tPhoneNumber: pulumi.String(\"+12358132134\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestAwsShieldDrtAccessRoleArnAssociation,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociation;\nimport com.pulumi.aws.shield.DrtAccessRoleArnAssociationArgs;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport com.pulumi.aws.shield.ProactiveEngagement;\nimport com.pulumi.aws.shield.ProactiveEngagementArgs;\nimport com.pulumi.aws.shield.inputs.ProactiveEngagementEmergencyContactArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Role(\"example\", RoleArgs.builder() \n .name(awsShieldDrtAccessRoleArn)\n .assumeRolePolicy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"Service\", \"drt.shield.amazonaws.com\")\n )),\n jsonProperty(\"Action\", \"sts:AssumeRole\")\n )))\n )))\n .build());\n\n var exampleRolePolicyAttachment = new RolePolicyAttachment(\"exampleRolePolicyAttachment\", RolePolicyAttachmentArgs.builder() \n .role(example.name())\n .policyArn(\"arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\")\n .build());\n\n var exampleDrtAccessRoleArnAssociation = new DrtAccessRoleArnAssociation(\"exampleDrtAccessRoleArnAssociation\", DrtAccessRoleArnAssociationArgs.builder() \n .roleArn(example.arn())\n .build());\n\n var test = new ProtectionGroup(\"test\", ProtectionGroupArgs.builder() \n .protectionGroupId(\"example\")\n .aggregation(\"MAX\")\n .pattern(\"ALL\")\n .build());\n\n var testProactiveEngagement = new ProactiveEngagement(\"testProactiveEngagement\", ProactiveEngagementArgs.builder() \n .enabled(true)\n .emergencyContacts( \n ProactiveEngagementEmergencyContactArgs.builder()\n .contactNotes(\"Notes\")\n .emailAddress(\"test@company.com\")\n .phoneNumber(\"+12358132134\")\n .build(),\n ProactiveEngagementEmergencyContactArgs.builder()\n .contactNotes(\"Notes 2\")\n .emailAddress(\"test2@company.com\")\n .phoneNumber(\"+12358132134\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(testAwsShieldDrtAccessRoleArnAssociation)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:Role\n properties:\n name: ${awsShieldDrtAccessRoleArn}\n assumeRolePolicy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid:\n Effect: Allow\n Principal:\n Service: drt.shield.amazonaws.com\n Action: sts:AssumeRole\n exampleRolePolicyAttachment:\n type: aws:iam:RolePolicyAttachment\n name: example\n properties:\n role: ${example.name}\n policyArn: arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy\n exampleDrtAccessRoleArnAssociation:\n type: aws:shield:DrtAccessRoleArnAssociation\n name: example\n properties:\n roleArn: ${example.arn}\n test:\n type: aws:shield:ProtectionGroup\n properties:\n protectionGroupId: example\n aggregation: MAX\n pattern: ALL\n testProactiveEngagement:\n type: aws:shield:ProactiveEngagement\n name: test\n properties:\n enabled: true\n emergencyContacts:\n - contactNotes: Notes\n emailAddress: test@company.com\n phoneNumber: '+12358132134'\n - contactNotes: Notes 2\n emailAddress: test2@company.com\n phoneNumber: '+12358132134'\n options:\n dependson:\n - ${testAwsShieldDrtAccessRoleArnAssociation}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield proactive engagement using the AWS account ID. For example:\n\n```sh\n$ pulumi import aws:shield/proactiveEngagement:ProactiveEngagement example 123456789012\n```\n", "properties": { "emergencyContacts": { "type": "array", @@ -333063,7 +333063,7 @@ } }, "aws:shield/protectionGroup:ProtectionGroup": { - "description": "Creates a grouping of protected resources so they can be handled as a collective.\nThis resource grouping improves the accuracy of detection and reduces false positives. For more information see\n[Managing AWS Shield Advanced protection groups](https://docs.aws.amazon.com/waf/latest/developerguide/manage-protection-group.html)\n\n## Example Usage\n\n### Create protection group for all resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.shield.ProtectionGroup(\"example\", {\n protectionGroupId: \"example\",\n aggregation: \"MAX\",\n pattern: \"ALL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.shield.ProtectionGroup(\"example\",\n protection_group_id=\"example\",\n aggregation=\"MAX\",\n pattern=\"ALL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Shield.ProtectionGroup(\"example\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"MAX\",\n Pattern = \"ALL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := shield.NewProtectionGroup(ctx, \"example\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"MAX\"),\n\t\t\tPattern: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProtectionGroup(\"example\", ProtectionGroupArgs.builder() \n .protectionGroupId(\"example\")\n .aggregation(\"MAX\")\n .pattern(\"ALL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:shield:ProtectionGroup\n properties:\n protectionGroupId: example\n aggregation: MAX\n pattern: ALL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create protection group for arbitrary number of resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst example = new aws.ec2.Eip(\"example\", {domain: \"vpc\"});\nconst exampleProtection = new aws.shield.Protection(\"example\", {\n name: \"example\",\n resourceArn: pulumi.all([current, currentGetCallerIdentity, example.id]).apply(([current, currentGetCallerIdentity, id]) =\u003e `arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`),\n});\nconst exampleProtectionGroup = new aws.shield.ProtectionGroup(\"example\", {\n protectionGroupId: \"example\",\n aggregation: \"MEAN\",\n pattern: \"ARBITRARY\",\n members: [pulumi.all([current, currentGetCallerIdentity, example.id]).apply(([current, currentGetCallerIdentity, id]) =\u003e `arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`)],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample = aws.ec2.Eip(\"example\", domain=\"vpc\")\nexample_protection = aws.shield.Protection(\"example\",\n name=\"example\",\n resource_arn=example.id.apply(lambda id: f\"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}\"))\nexample_protection_group = aws.shield.ProtectionGroup(\"example\",\n protection_group_id=\"example\",\n aggregation=\"MEAN\",\n pattern=\"ARBITRARY\",\n members=[example.id.apply(lambda id: f\"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}\")])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Ec2.Eip(\"example\", new()\n {\n Domain = \"vpc\",\n });\n\n var exampleProtection = new Aws.Shield.Protection(\"example\", new()\n {\n Name = \"example\",\n ResourceArn = Output.Tuple(current, currentGetCallerIdentity, example.Id).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n var id = values.Item3;\n return $\"arn:aws:ec2:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:eip-allocation/{id}\";\n }),\n });\n\n var exampleProtectionGroup = new Aws.Shield.ProtectionGroup(\"example\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"MEAN\",\n Pattern = \"ARBITRARY\",\n Members = new[]\n {\n Output.Tuple(current, currentGetCallerIdentity, example.Id).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n var id = values.Item3;\n return $\"arn:aws:ec2:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:eip-allocation/{id}\";\n }),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewEip(ctx, \"example\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProtection(ctx, \"example\", \u0026shield.ProtectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tResourceArn: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"arn:aws:ec2:%v:%v:eip-allocation/%v\", current.Name, currentGetCallerIdentity.AccountId, id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProtectionGroup(ctx, \"example\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"MEAN\"),\n\t\t\tPattern: pulumi.String(\"ARBITRARY\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\texample.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"arn:aws:ec2:%v:%v:eip-allocation/%v\", current.Name, currentGetCallerIdentity.AccountId, id), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport com.pulumi.aws.shield.Protection;\nimport com.pulumi.aws.shield.ProtectionArgs;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var example = new Eip(\"example\", EipArgs.builder() \n .domain(\"vpc\")\n .build());\n\n var exampleProtection = new Protection(\"exampleProtection\", ProtectionArgs.builder() \n .name(\"example\")\n .resourceArn(example.id().applyValue(id -\u003e String.format(\"arn:aws:ec2:%s:%s:eip-allocation/%s\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),id)))\n .build());\n\n var exampleProtectionGroup = new ProtectionGroup(\"exampleProtectionGroup\", ProtectionGroupArgs.builder() \n .protectionGroupId(\"example\")\n .aggregation(\"MEAN\")\n .pattern(\"ARBITRARY\")\n .members(example.id().applyValue(id -\u003e String.format(\"arn:aws:ec2:%s:%s:eip-allocation/%s\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),id)))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n exampleProtection:\n type: aws:shield:Protection\n name: example\n properties:\n name: example\n resourceArn: arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${example.id}\n exampleProtectionGroup:\n type: aws:shield:ProtectionGroup\n name: example\n properties:\n protectionGroupId: example\n aggregation: MEAN\n pattern: ARBITRARY\n members:\n - arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${example.id}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create protection group for a type of resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.shield.ProtectionGroup(\"example\", {\n protectionGroupId: \"example\",\n aggregation: \"SUM\",\n pattern: \"BY_RESOURCE_TYPE\",\n resourceType: \"ELASTIC_IP_ALLOCATION\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.shield.ProtectionGroup(\"example\",\n protection_group_id=\"example\",\n aggregation=\"SUM\",\n pattern=\"BY_RESOURCE_TYPE\",\n resource_type=\"ELASTIC_IP_ALLOCATION\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Shield.ProtectionGroup(\"example\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"SUM\",\n Pattern = \"BY_RESOURCE_TYPE\",\n ResourceType = \"ELASTIC_IP_ALLOCATION\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := shield.NewProtectionGroup(ctx, \"example\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"SUM\"),\n\t\t\tPattern: pulumi.String(\"BY_RESOURCE_TYPE\"),\n\t\t\tResourceType: pulumi.String(\"ELASTIC_IP_ALLOCATION\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProtectionGroup(\"example\", ProtectionGroupArgs.builder() \n .protectionGroupId(\"example\")\n .aggregation(\"SUM\")\n .pattern(\"BY_RESOURCE_TYPE\")\n .resourceType(\"ELASTIC_IP_ALLOCATION\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:shield:ProtectionGroup\n properties:\n protectionGroupId: example\n aggregation: SUM\n pattern: BY_RESOURCE_TYPE\n resourceType: ELASTIC_IP_ALLOCATION\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield protection group resources using their protection group id. For example:\n\n```sh\n$ pulumi import aws:shield/protectionGroup:ProtectionGroup example example\n```\n", + "description": "Creates a grouping of protected resources so they can be handled as a collective.\nThis resource grouping improves the accuracy of detection and reduces false positives. For more information see\n[Managing AWS Shield Advanced protection groups](https://docs.aws.amazon.com/waf/latest/developerguide/manage-protection-group.html)\n\n## Example Usage\n\n### Create protection group for all resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.shield.ProtectionGroup(\"example\", {\n protectionGroupId: \"example\",\n aggregation: \"MAX\",\n pattern: \"ALL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.shield.ProtectionGroup(\"example\",\n protection_group_id=\"example\",\n aggregation=\"MAX\",\n pattern=\"ALL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Shield.ProtectionGroup(\"example\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"MAX\",\n Pattern = \"ALL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := shield.NewProtectionGroup(ctx, \"example\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"MAX\"),\n\t\t\tPattern: pulumi.String(\"ALL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProtectionGroup(\"example\", ProtectionGroupArgs.builder() \n .protectionGroupId(\"example\")\n .aggregation(\"MAX\")\n .pattern(\"ALL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:shield:ProtectionGroup\n properties:\n protectionGroupId: example\n aggregation: MAX\n pattern: ALL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create protection group for arbitrary number of resources\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getRegion({});\nconst currentGetCallerIdentity = aws.getCallerIdentity({});\nconst example = new aws.ec2.Eip(\"example\", {domain: \"vpc\"});\nconst exampleProtection = new aws.shield.Protection(\"example\", {\n name: \"example\",\n resourceArn: pulumi.all([current, currentGetCallerIdentity, example.id]).apply(([current, currentGetCallerIdentity, id]) =\u003e `arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`),\n});\nconst exampleProtectionGroup = new aws.shield.ProtectionGroup(\"example\", {\n protectionGroupId: \"example\",\n aggregation: \"MEAN\",\n pattern: \"ARBITRARY\",\n members: [pulumi.all([current, currentGetCallerIdentity, example.id]).apply(([current, currentGetCallerIdentity, id]) =\u003e `arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`)],\n}, {\n dependsOn: [exampleProtection],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_region()\ncurrent_get_caller_identity = aws.get_caller_identity()\nexample = aws.ec2.Eip(\"example\", domain=\"vpc\")\nexample_protection = aws.shield.Protection(\"example\",\n name=\"example\",\n resource_arn=example.id.apply(lambda id: f\"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}\"))\nexample_protection_group = aws.shield.ProtectionGroup(\"example\",\n protection_group_id=\"example\",\n aggregation=\"MEAN\",\n pattern=\"ARBITRARY\",\n members=[example.id.apply(lambda id: f\"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}\")],\n opts=pulumi.ResourceOptions(depends_on=[example_protection]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetRegion.Invoke();\n\n var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Ec2.Eip(\"example\", new()\n {\n Domain = \"vpc\",\n });\n\n var exampleProtection = new Aws.Shield.Protection(\"example\", new()\n {\n Name = \"example\",\n ResourceArn = Output.Tuple(current, currentGetCallerIdentity, example.Id).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n var id = values.Item3;\n return $\"arn:aws:ec2:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:eip-allocation/{id}\";\n }),\n });\n\n var exampleProtectionGroup = new Aws.Shield.ProtectionGroup(\"example\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"MEAN\",\n Pattern = \"ARBITRARY\",\n Members = new[]\n {\n Output.Tuple(current, currentGetCallerIdentity, example.Id).Apply(values =\u003e\n {\n var current = values.Item1;\n var currentGetCallerIdentity = values.Item2;\n var id = values.Item3;\n return $\"arn:aws:ec2:{current.Apply(getRegionResult =\u003e getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:eip-allocation/{id}\";\n }),\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleProtection, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetRegion(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := ec2.NewEip(ctx, \"example\", \u0026ec2.EipArgs{\n\t\t\tDomain: pulumi.String(\"vpc\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleProtection, err := shield.NewProtection(ctx, \"example\", \u0026shield.ProtectionArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tResourceArn: example.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"arn:aws:ec2:%v:%v:eip-allocation/%v\", current.Name, currentGetCallerIdentity.AccountId, id), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = shield.NewProtectionGroup(ctx, \"example\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"MEAN\"),\n\t\t\tPattern: pulumi.String(\"ARBITRARY\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\texample.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"arn:aws:ec2:%v:%v:eip-allocation/%v\", current.Name, currentGetCallerIdentity.AccountId, id), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleProtection,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetRegionArgs;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.ec2.Eip;\nimport com.pulumi.aws.ec2.EipArgs;\nimport com.pulumi.aws.shield.Protection;\nimport com.pulumi.aws.shield.ProtectionArgs;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getRegion();\n\n final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();\n\n var example = new Eip(\"example\", EipArgs.builder() \n .domain(\"vpc\")\n .build());\n\n var exampleProtection = new Protection(\"exampleProtection\", ProtectionArgs.builder() \n .name(\"example\")\n .resourceArn(example.id().applyValue(id -\u003e String.format(\"arn:aws:ec2:%s:%s:eip-allocation/%s\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),id)))\n .build());\n\n var exampleProtectionGroup = new ProtectionGroup(\"exampleProtectionGroup\", ProtectionGroupArgs.builder() \n .protectionGroupId(\"example\")\n .aggregation(\"MEAN\")\n .pattern(\"ARBITRARY\")\n .members(example.id().applyValue(id -\u003e String.format(\"arn:aws:ec2:%s:%s:eip-allocation/%s\", current.applyValue(getRegionResult -\u003e getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()),id)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleProtection)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ec2:Eip\n properties:\n domain: vpc\n exampleProtection:\n type: aws:shield:Protection\n name: example\n properties:\n name: example\n resourceArn: arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${example.id}\n exampleProtectionGroup:\n type: aws:shield:ProtectionGroup\n name: example\n properties:\n protectionGroupId: example\n aggregation: MEAN\n pattern: ARBITRARY\n members:\n - arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${example.id}\n options:\n dependson:\n - ${exampleProtection}\nvariables:\n current:\n fn::invoke:\n Function: aws:getRegion\n Arguments: {}\n currentGetCallerIdentity:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Create protection group for a type of resource\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.shield.ProtectionGroup(\"example\", {\n protectionGroupId: \"example\",\n aggregation: \"SUM\",\n pattern: \"BY_RESOURCE_TYPE\",\n resourceType: \"ELASTIC_IP_ALLOCATION\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.shield.ProtectionGroup(\"example\",\n protection_group_id=\"example\",\n aggregation=\"SUM\",\n pattern=\"BY_RESOURCE_TYPE\",\n resource_type=\"ELASTIC_IP_ALLOCATION\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Shield.ProtectionGroup(\"example\", new()\n {\n ProtectionGroupId = \"example\",\n Aggregation = \"SUM\",\n Pattern = \"BY_RESOURCE_TYPE\",\n ResourceType = \"ELASTIC_IP_ALLOCATION\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := shield.NewProtectionGroup(ctx, \"example\", \u0026shield.ProtectionGroupArgs{\n\t\t\tProtectionGroupId: pulumi.String(\"example\"),\n\t\t\tAggregation: pulumi.String(\"SUM\"),\n\t\t\tPattern: pulumi.String(\"BY_RESOURCE_TYPE\"),\n\t\t\tResourceType: pulumi.String(\"ELASTIC_IP_ALLOCATION\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.shield.ProtectionGroup;\nimport com.pulumi.aws.shield.ProtectionGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ProtectionGroup(\"example\", ProtectionGroupArgs.builder() \n .protectionGroupId(\"example\")\n .aggregation(\"SUM\")\n .pattern(\"BY_RESOURCE_TYPE\")\n .resourceType(\"ELASTIC_IP_ALLOCATION\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:shield:ProtectionGroup\n properties:\n protectionGroupId: example\n aggregation: SUM\n pattern: BY_RESOURCE_TYPE\n resourceType: ELASTIC_IP_ALLOCATION\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Shield protection group resources using their protection group id. For example:\n\n```sh\n$ pulumi import aws:shield/protectionGroup:ProtectionGroup example example\n```\n", "properties": { "aggregation": { "type": "string", @@ -335314,7 +335314,7 @@ } }, "aws:ssm/activation:Activation": { - "description": "Registers an on-premises server or virtual machine with Amazon EC2 so that it can be managed using Run Command.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ssm.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst testRole = new aws.iam.Role(\"test_role\", {\n name: \"test_role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst testAttach = new aws.iam.RolePolicyAttachment(\"test_attach\", {\n role: testRole.name,\n policyArn: \"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\",\n});\nconst foo = new aws.ssm.Activation(\"foo\", {\n name: \"test_ssm_activation\",\n description: \"Test\",\n iamRole: testRole.id,\n registrationLimit: 5,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"ssm.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\ntest_role = aws.iam.Role(\"test_role\",\n name=\"test_role\",\n assume_role_policy=assume_role.json)\ntest_attach = aws.iam.RolePolicyAttachment(\"test_attach\",\n role=test_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\")\nfoo = aws.ssm.Activation(\"foo\",\n name=\"test_ssm_activation\",\n description=\"Test\",\n iam_role=test_role.id,\n registration_limit=5)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ssm.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var testRole = new Aws.Iam.Role(\"test_role\", new()\n {\n Name = \"test_role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testAttach = new Aws.Iam.RolePolicyAttachment(\"test_attach\", new()\n {\n Role = testRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\",\n });\n\n var foo = new Aws.Ssm.Activation(\"foo\", new()\n {\n Name = \"test_ssm_activation\",\n Description = \"Test\",\n IamRole = testRole.Id,\n RegistrationLimit = 5,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ssm.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRole, err := iam.NewRole(ctx, \"test_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"test_attach\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: testRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewActivation(ctx, \"foo\", \u0026ssm.ActivationArgs{\n\t\t\tName: pulumi.String(\"test_ssm_activation\"),\n\t\t\tDescription: pulumi.String(\"Test\"),\n\t\t\tIamRole: testRole.ID(),\n\t\t\tRegistrationLimit: pulumi.Int(5),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.ssm.Activation;\nimport com.pulumi.aws.ssm.ActivationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ssm.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var testRole = new Role(\"testRole\", RoleArgs.builder() \n .name(\"test_role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testAttach = new RolePolicyAttachment(\"testAttach\", RolePolicyAttachmentArgs.builder() \n .role(testRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\")\n .build());\n\n var foo = new Activation(\"foo\", ActivationArgs.builder() \n .name(\"test_ssm_activation\")\n .description(\"Test\")\n .iamRole(testRole.id())\n .registrationLimit(\"5\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testRole:\n type: aws:iam:Role\n name: test_role\n properties:\n name: test_role\n assumeRolePolicy: ${assumeRole.json}\n testAttach:\n type: aws:iam:RolePolicyAttachment\n name: test_attach\n properties:\n role: ${testRole.name}\n policyArn: arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\n foo:\n type: aws:ssm:Activation\n properties:\n name: test_ssm_activation\n description: Test\n iamRole: ${testRole.id}\n registrationLimit: '5'\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - ssm.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS SSM Activation using the `id`. For example:\n\n```sh\n$ pulumi import aws:ssm/activation:Activation example e488f2f6-e686-4afb-8a04-ef6dfEXAMPLE\n```\n-\u003e __Note:__ The `activation_code` attribute cannot be imported.\n\n", + "description": "Registers an on-premises server or virtual machine with Amazon EC2 so that it can be managed using Run Command.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst assumeRole = aws.iam.getPolicyDocument({\n statements: [{\n effect: \"Allow\",\n principals: [{\n type: \"Service\",\n identifiers: [\"ssm.amazonaws.com\"],\n }],\n actions: [\"sts:AssumeRole\"],\n }],\n});\nconst testRole = new aws.iam.Role(\"test_role\", {\n name: \"test_role\",\n assumeRolePolicy: assumeRole.then(assumeRole =\u003e assumeRole.json),\n});\nconst testAttach = new aws.iam.RolePolicyAttachment(\"test_attach\", {\n role: testRole.name,\n policyArn: \"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\",\n});\nconst foo = new aws.ssm.Activation(\"foo\", {\n name: \"test_ssm_activation\",\n description: \"Test\",\n iamRole: testRole.id,\n registrationLimit: 5,\n}, {\n dependsOn: [testAttach],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nassume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n effect=\"Allow\",\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"ssm.amazonaws.com\"],\n )],\n actions=[\"sts:AssumeRole\"],\n)])\ntest_role = aws.iam.Role(\"test_role\",\n name=\"test_role\",\n assume_role_policy=assume_role.json)\ntest_attach = aws.iam.RolePolicyAttachment(\"test_attach\",\n role=test_role.name,\n policy_arn=\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\")\nfoo = aws.ssm.Activation(\"foo\",\n name=\"test_ssm_activation\",\n description=\"Test\",\n iam_role=test_role.id,\n registration_limit=5,\n opts=pulumi.ResourceOptions(depends_on=[test_attach]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Effect = \"Allow\",\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"ssm.amazonaws.com\",\n },\n },\n },\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n },\n },\n });\n\n var testRole = new Aws.Iam.Role(\"test_role\", new()\n {\n Name = \"test_role\",\n AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testAttach = new Aws.Iam.RolePolicyAttachment(\"test_attach\", new()\n {\n Role = testRole.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\",\n });\n\n var foo = new Aws.Ssm.Activation(\"foo\", new()\n {\n Name = \"test_ssm_activation\",\n Description = \"Test\",\n IamRole = testRole.Id,\n RegistrationLimit = 5,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testAttach, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tassumeRole, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tEffect: pulumi.StringRef(\"Allow\"),\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"ssm.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestRole, err := iam.NewRole(ctx, \"test_role\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"test_role\"),\n\t\t\tAssumeRolePolicy: pulumi.String(assumeRole.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAttach, err := iam.NewRolePolicyAttachment(ctx, \"test_attach\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: testRole.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = ssm.NewActivation(ctx, \"foo\", \u0026ssm.ActivationArgs{\n\t\t\tName: pulumi.String(\"test_ssm_activation\"),\n\t\t\tDescription: pulumi.String(\"Test\"),\n\t\t\tIamRole: testRole.ID(),\n\t\t\tRegistrationLimit: pulumi.Int(5),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestAttach,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.ssm.Activation;\nimport com.pulumi.aws.ssm.ActivationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .effect(\"Allow\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"ssm.amazonaws.com\")\n .build())\n .actions(\"sts:AssumeRole\")\n .build())\n .build());\n\n var testRole = new Role(\"testRole\", RoleArgs.builder() \n .name(\"test_role\")\n .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testAttach = new RolePolicyAttachment(\"testAttach\", RolePolicyAttachmentArgs.builder() \n .role(testRole.name())\n .policyArn(\"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\")\n .build());\n\n var foo = new Activation(\"foo\", ActivationArgs.builder() \n .name(\"test_ssm_activation\")\n .description(\"Test\")\n .iamRole(testRole.id())\n .registrationLimit(\"5\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(testAttach)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testRole:\n type: aws:iam:Role\n name: test_role\n properties:\n name: test_role\n assumeRolePolicy: ${assumeRole.json}\n testAttach:\n type: aws:iam:RolePolicyAttachment\n name: test_attach\n properties:\n role: ${testRole.name}\n policyArn: arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore\n foo:\n type: aws:ssm:Activation\n properties:\n name: test_ssm_activation\n description: Test\n iamRole: ${testRole.id}\n registrationLimit: '5'\n options:\n dependson:\n - ${testAttach}\nvariables:\n assumeRole:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - effect: Allow\n principals:\n - type: Service\n identifiers:\n - ssm.amazonaws.com\n actions:\n - sts:AssumeRole\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import AWS SSM Activation using the `id`. For example:\n\n```sh\n$ pulumi import aws:ssm/activation:Activation example e488f2f6-e686-4afb-8a04-ef6dfEXAMPLE\n```\n-\u003e __Note:__ The `activation_code` attribute cannot be imported.\n\n", "properties": { "activationCode": { "type": "string", @@ -335715,7 +335715,7 @@ } }, "aws:ssm/contactsRotation:ContactsRotation": { - "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.ContactsRotation(\"example\", {\n contactIds: [exampleAwsSsmcontactsContact.arn],\n name: \"rotation\",\n recurrence: {\n numberOfOnCalls: 1,\n recurrenceMultiplier: 1,\n dailySettings: [{\n hourOfDay: 9,\n minuteOfHour: 0,\n }],\n },\n timeZoneId: \"Australia/Sydney\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.ContactsRotation(\"example\",\n contact_ids=[example_aws_ssmcontacts_contact[\"arn\"]],\n name=\"rotation\",\n recurrence=aws.ssm.ContactsRotationRecurrenceArgs(\n number_of_on_calls=1,\n recurrence_multiplier=1,\n daily_settings=[aws.ssm.ContactsRotationRecurrenceDailySettingArgs(\n hour_of_day=9,\n minute_of_hour=0,\n )],\n ),\n time_zone_id=\"Australia/Sydney\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.ContactsRotation(\"example\", new()\n {\n ContactIds = new[]\n {\n exampleAwsSsmcontactsContact.Arn,\n },\n Name = \"rotation\",\n Recurrence = new Aws.Ssm.Inputs.ContactsRotationRecurrenceArgs\n {\n NumberOfOnCalls = 1,\n RecurrenceMultiplier = 1,\n DailySettings = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceDailySettingArgs\n {\n HourOfDay = 9,\n MinuteOfHour = 0,\n },\n },\n },\n TimeZoneId = \"Australia/Sydney\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewContactsRotation(ctx, \"example\", \u0026ssm.ContactsRotationArgs{\n\t\t\tContactIds: pulumi.StringArray{\n\t\t\t\texampleAwsSsmcontactsContact.Arn,\n\t\t\t},\n\t\t\tName: pulumi.String(\"rotation\"),\n\t\t\tRecurrence: \u0026ssm.ContactsRotationRecurrenceArgs{\n\t\t\t\tNumberOfOnCalls: pulumi.Int(1),\n\t\t\t\tRecurrenceMultiplier: pulumi.Int(1),\n\t\t\t\tDailySettings: ssm.ContactsRotationRecurrenceDailySettingArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceDailySettingArgs{\n\t\t\t\t\t\tHourOfDay: pulumi.Int(9),\n\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTimeZoneId: pulumi.String(\"Australia/Sydney\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.ContactsRotation;\nimport com.pulumi.aws.ssm.ContactsRotationArgs;\nimport com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactsRotation(\"example\", ContactsRotationArgs.builder() \n .contactIds(exampleAwsSsmcontactsContact.arn())\n .name(\"rotation\")\n .recurrence(ContactsRotationRecurrenceArgs.builder()\n .numberOfOnCalls(1)\n .recurrenceMultiplier(1)\n .dailySettings(ContactsRotationRecurrenceDailySettingArgs.builder()\n .hourOfDay(9)\n .minuteOfHour(0)\n .build())\n .build())\n .timeZoneId(\"Australia/Sydney\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:ContactsRotation\n properties:\n contactIds:\n - ${exampleAwsSsmcontactsContact.arn}\n name: rotation\n recurrence:\n numberOfOnCalls: 1\n recurrenceMultiplier: 1\n dailySettings:\n - hourOfDay: 9\n minuteOfHour: 0\n timeZoneId: Australia/Sydney\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with Weekly Settings and Shift Coverages Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.ContactsRotation(\"example\", {\n contactIds: [exampleAwsSsmcontactsContact.arn],\n name: \"rotation\",\n recurrence: {\n numberOfOnCalls: 1,\n recurrenceMultiplier: 1,\n weeklySettings: [\n {\n dayOfWeek: \"WED\",\n handOffTime: {\n hourOfDay: 4,\n minuteOfHour: 25,\n },\n },\n {\n dayOfWeek: \"FRI\",\n handOffTime: {\n hourOfDay: 15,\n minuteOfHour: 57,\n },\n },\n ],\n shiftCoverages: [{\n mapBlockKey: \"MON\",\n coverageTimes: [{\n start: {\n hourOfDay: 1,\n minuteOfHour: 0,\n },\n end: {\n hourOfDay: 23,\n minuteOfHour: 0,\n },\n }],\n }],\n },\n startTime: \"2023-07-20T02:21:49+00:00\",\n timeZoneId: \"Australia/Sydney\",\n tags: {\n key1: \"tag1\",\n key2: \"tag2\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.ContactsRotation(\"example\",\n contact_ids=[example_aws_ssmcontacts_contact[\"arn\"]],\n name=\"rotation\",\n recurrence=aws.ssm.ContactsRotationRecurrenceArgs(\n number_of_on_calls=1,\n recurrence_multiplier=1,\n weekly_settings=[\n aws.ssm.ContactsRotationRecurrenceWeeklySettingArgs(\n day_of_week=\"WED\",\n hand_off_time=aws.ssm.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs(\n hour_of_day=4,\n minute_of_hour=25,\n ),\n ),\n aws.ssm.ContactsRotationRecurrenceWeeklySettingArgs(\n day_of_week=\"FRI\",\n hand_off_time=aws.ssm.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs(\n hour_of_day=15,\n minute_of_hour=57,\n ),\n ),\n ],\n shift_coverages=[aws.ssm.ContactsRotationRecurrenceShiftCoverageArgs(\n map_block_key=\"MON\",\n coverage_times=[aws.ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs(\n start=aws.ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs(\n hour_of_day=1,\n minute_of_hour=0,\n ),\n end=aws.ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs(\n hour_of_day=23,\n minute_of_hour=0,\n ),\n )],\n )],\n ),\n start_time=\"2023-07-20T02:21:49+00:00\",\n time_zone_id=\"Australia/Sydney\",\n tags={\n \"key1\": \"tag1\",\n \"key2\": \"tag2\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.ContactsRotation(\"example\", new()\n {\n ContactIds = new[]\n {\n exampleAwsSsmcontactsContact.Arn,\n },\n Name = \"rotation\",\n Recurrence = new Aws.Ssm.Inputs.ContactsRotationRecurrenceArgs\n {\n NumberOfOnCalls = 1,\n RecurrenceMultiplier = 1,\n WeeklySettings = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingArgs\n {\n DayOfWeek = \"WED\",\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs\n {\n HourOfDay = 4,\n MinuteOfHour = 25,\n },\n },\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingArgs\n {\n DayOfWeek = \"FRI\",\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs\n {\n HourOfDay = 15,\n MinuteOfHour = 57,\n },\n },\n },\n ShiftCoverages = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageArgs\n {\n MapBlockKey = \"MON\",\n CoverageTimes = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs\n {\n Start = new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs\n {\n HourOfDay = 1,\n MinuteOfHour = 0,\n },\n End = new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs\n {\n HourOfDay = 23,\n MinuteOfHour = 0,\n },\n },\n },\n },\n },\n },\n StartTime = \"2023-07-20T02:21:49+00:00\",\n TimeZoneId = \"Australia/Sydney\",\n Tags = \n {\n { \"key1\", \"tag1\" },\n { \"key2\", \"tag2\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewContactsRotation(ctx, \"example\", \u0026ssm.ContactsRotationArgs{\n\t\t\tContactIds: pulumi.StringArray{\n\t\t\t\texampleAwsSsmcontactsContact.Arn,\n\t\t\t},\n\t\t\tName: pulumi.String(\"rotation\"),\n\t\t\tRecurrence: \u0026ssm.ContactsRotationRecurrenceArgs{\n\t\t\t\tNumberOfOnCalls: pulumi.Int(1),\n\t\t\t\tRecurrenceMultiplier: pulumi.Int(1),\n\t\t\t\tWeeklySettings: ssm.ContactsRotationRecurrenceWeeklySettingArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceWeeklySettingArgs{\n\t\t\t\t\t\tDayOfWeek: pulumi.String(\"WED\"),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(4),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(25),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceWeeklySettingArgs{\n\t\t\t\t\t\tDayOfWeek: pulumi.String(\"FRI\"),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(15),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(57),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tShiftCoverages: ssm.ContactsRotationRecurrenceShiftCoverageArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceShiftCoverageArgs{\n\t\t\t\t\t\tMapBlockKey: pulumi.String(\"MON\"),\n\t\t\t\t\t\tCoverageTimes: ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeArray{\n\t\t\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs{\n\t\t\t\t\t\t\t\tStart: \u0026ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs{\n\t\t\t\t\t\t\t\t\tHourOfDay: pulumi.Int(1),\n\t\t\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tEnd: \u0026ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs{\n\t\t\t\t\t\t\t\t\tHourOfDay: pulumi.Int(23),\n\t\t\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tStartTime: pulumi.String(\"2023-07-20T02:21:49+00:00\"),\n\t\t\tTimeZoneId: pulumi.String(\"Australia/Sydney\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key1\": pulumi.String(\"tag1\"),\n\t\t\t\t\"key2\": pulumi.String(\"tag2\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.ContactsRotation;\nimport com.pulumi.aws.ssm.ContactsRotationArgs;\nimport com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactsRotation(\"example\", ContactsRotationArgs.builder() \n .contactIds(exampleAwsSsmcontactsContact.arn())\n .name(\"rotation\")\n .recurrence(ContactsRotationRecurrenceArgs.builder()\n .numberOfOnCalls(1)\n .recurrenceMultiplier(1)\n .weeklySettings( \n ContactsRotationRecurrenceWeeklySettingArgs.builder()\n .dayOfWeek(\"WED\")\n .handOffTime(ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs.builder()\n .hourOfDay(4)\n .minuteOfHour(25)\n .build())\n .build(),\n ContactsRotationRecurrenceWeeklySettingArgs.builder()\n .dayOfWeek(\"FRI\")\n .handOffTime(ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs.builder()\n .hourOfDay(15)\n .minuteOfHour(57)\n .build())\n .build())\n .shiftCoverages(ContactsRotationRecurrenceShiftCoverageArgs.builder()\n .mapBlockKey(\"MON\")\n .coverageTimes(ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs.builder()\n .start(ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs.builder()\n .hourOfDay(1)\n .minuteOfHour(0)\n .build())\n .end(ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs.builder()\n .hourOfDay(23)\n .minuteOfHour(0)\n .build())\n .build())\n .build())\n .build())\n .startTime(\"2023-07-20T02:21:49+00:00\")\n .timeZoneId(\"Australia/Sydney\")\n .tags(Map.ofEntries(\n Map.entry(\"key1\", \"tag1\"),\n Map.entry(\"key2\", \"tag2\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:ContactsRotation\n properties:\n contactIds:\n - ${exampleAwsSsmcontactsContact.arn}\n name: rotation\n recurrence:\n numberOfOnCalls: 1\n recurrenceMultiplier: 1\n weeklySettings:\n - dayOfWeek: WED\n handOffTime:\n hourOfDay: 4\n minuteOfHour: 25\n - dayOfWeek: FRI\n handOffTime:\n hourOfDay: 15\n minuteOfHour: 57\n shiftCoverages:\n - mapBlockKey: MON\n coverageTimes:\n - start:\n hourOfDay: 1\n minuteOfHour: 0\n end:\n hourOfDay: 23\n minuteOfHour: 0\n startTime: 2023-07-20T02:21:49+00:00\n timeZoneId: Australia/Sydney\n tags:\n key1: tag1\n key2: tag2\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with Monthly Settings Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.ContactsRotation(\"example\", {\n contactIds: [exampleAwsSsmcontactsContact.arn],\n name: \"rotation\",\n recurrence: {\n numberOfOnCalls: 1,\n recurrenceMultiplier: 1,\n monthlySettings: [\n {\n dayOfMonth: 20,\n handOffTime: {\n hourOfDay: 8,\n minuteOfHour: 0,\n },\n },\n {\n dayOfMonth: 13,\n handOffTime: {\n hourOfDay: 12,\n minuteOfHour: 34,\n },\n },\n ],\n },\n timeZoneId: \"Australia/Sydney\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.ContactsRotation(\"example\",\n contact_ids=[example_aws_ssmcontacts_contact[\"arn\"]],\n name=\"rotation\",\n recurrence=aws.ssm.ContactsRotationRecurrenceArgs(\n number_of_on_calls=1,\n recurrence_multiplier=1,\n monthly_settings=[\n aws.ssm.ContactsRotationRecurrenceMonthlySettingArgs(\n day_of_month=20,\n hand_off_time=aws.ssm.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs(\n hour_of_day=8,\n minute_of_hour=0,\n ),\n ),\n aws.ssm.ContactsRotationRecurrenceMonthlySettingArgs(\n day_of_month=13,\n hand_off_time=aws.ssm.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs(\n hour_of_day=12,\n minute_of_hour=34,\n ),\n ),\n ],\n ),\n time_zone_id=\"Australia/Sydney\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.ContactsRotation(\"example\", new()\n {\n ContactIds = new[]\n {\n exampleAwsSsmcontactsContact.Arn,\n },\n Name = \"rotation\",\n Recurrence = new Aws.Ssm.Inputs.ContactsRotationRecurrenceArgs\n {\n NumberOfOnCalls = 1,\n RecurrenceMultiplier = 1,\n MonthlySettings = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingArgs\n {\n DayOfMonth = 20,\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs\n {\n HourOfDay = 8,\n MinuteOfHour = 0,\n },\n },\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingArgs\n {\n DayOfMonth = 13,\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs\n {\n HourOfDay = 12,\n MinuteOfHour = 34,\n },\n },\n },\n },\n TimeZoneId = \"Australia/Sydney\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewContactsRotation(ctx, \"example\", \u0026ssm.ContactsRotationArgs{\n\t\t\tContactIds: pulumi.StringArray{\n\t\t\t\texampleAwsSsmcontactsContact.Arn,\n\t\t\t},\n\t\t\tName: pulumi.String(\"rotation\"),\n\t\t\tRecurrence: \u0026ssm.ContactsRotationRecurrenceArgs{\n\t\t\t\tNumberOfOnCalls: pulumi.Int(1),\n\t\t\t\tRecurrenceMultiplier: pulumi.Int(1),\n\t\t\t\tMonthlySettings: ssm.ContactsRotationRecurrenceMonthlySettingArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceMonthlySettingArgs{\n\t\t\t\t\t\tDayOfMonth: pulumi.Int(20),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(8),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceMonthlySettingArgs{\n\t\t\t\t\t\tDayOfMonth: pulumi.Int(13),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(12),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(34),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTimeZoneId: pulumi.String(\"Australia/Sydney\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.ContactsRotation;\nimport com.pulumi.aws.ssm.ContactsRotationArgs;\nimport com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactsRotation(\"example\", ContactsRotationArgs.builder() \n .contactIds(exampleAwsSsmcontactsContact.arn())\n .name(\"rotation\")\n .recurrence(ContactsRotationRecurrenceArgs.builder()\n .numberOfOnCalls(1)\n .recurrenceMultiplier(1)\n .monthlySettings( \n ContactsRotationRecurrenceMonthlySettingArgs.builder()\n .dayOfMonth(20)\n .handOffTime(ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs.builder()\n .hourOfDay(8)\n .minuteOfHour(0)\n .build())\n .build(),\n ContactsRotationRecurrenceMonthlySettingArgs.builder()\n .dayOfMonth(13)\n .handOffTime(ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs.builder()\n .hourOfDay(12)\n .minuteOfHour(34)\n .build())\n .build())\n .build())\n .timeZoneId(\"Australia/Sydney\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:ContactsRotation\n properties:\n contactIds:\n - ${exampleAwsSsmcontactsContact.arn}\n name: rotation\n recurrence:\n numberOfOnCalls: 1\n recurrenceMultiplier: 1\n monthlySettings:\n - dayOfMonth: 20\n handOffTime:\n hourOfDay: 8\n minuteOfHour: 0\n - dayOfMonth: 13\n handOffTime:\n hourOfDay: 12\n minuteOfHour: 34\n timeZoneId: Australia/Sydney\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeGuru Profiler Profiling Group using the `arn`. For example:\n\n```sh\n$ pulumi import aws:ssm/contactsRotation:ContactsRotation example arn:aws:ssm-contacts:us-east-1:012345678910:rotation/example\n```\n", + "description": "## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.ContactsRotation(\"example\", {\n contactIds: [exampleAwsSsmcontactsContact.arn],\n name: \"rotation\",\n recurrence: {\n numberOfOnCalls: 1,\n recurrenceMultiplier: 1,\n dailySettings: [{\n hourOfDay: 9,\n minuteOfHour: 0,\n }],\n },\n timeZoneId: \"Australia/Sydney\",\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.ContactsRotation(\"example\",\n contact_ids=[example_aws_ssmcontacts_contact[\"arn\"]],\n name=\"rotation\",\n recurrence=aws.ssm.ContactsRotationRecurrenceArgs(\n number_of_on_calls=1,\n recurrence_multiplier=1,\n daily_settings=[aws.ssm.ContactsRotationRecurrenceDailySettingArgs(\n hour_of_day=9,\n minute_of_hour=0,\n )],\n ),\n time_zone_id=\"Australia/Sydney\",\n opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.ContactsRotation(\"example\", new()\n {\n ContactIds = new[]\n {\n exampleAwsSsmcontactsContact.Arn,\n },\n Name = \"rotation\",\n Recurrence = new Aws.Ssm.Inputs.ContactsRotationRecurrenceArgs\n {\n NumberOfOnCalls = 1,\n RecurrenceMultiplier = 1,\n DailySettings = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceDailySettingArgs\n {\n HourOfDay = 9,\n MinuteOfHour = 0,\n },\n },\n },\n TimeZoneId = \"Australia/Sydney\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewContactsRotation(ctx, \"example\", \u0026ssm.ContactsRotationArgs{\n\t\t\tContactIds: pulumi.StringArray{\n\t\t\t\texampleAwsSsmcontactsContact.Arn,\n\t\t\t},\n\t\t\tName: pulumi.String(\"rotation\"),\n\t\t\tRecurrence: \u0026ssm.ContactsRotationRecurrenceArgs{\n\t\t\t\tNumberOfOnCalls: pulumi.Int(1),\n\t\t\t\tRecurrenceMultiplier: pulumi.Int(1),\n\t\t\t\tDailySettings: ssm.ContactsRotationRecurrenceDailySettingArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceDailySettingArgs{\n\t\t\t\t\t\tHourOfDay: pulumi.Int(9),\n\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTimeZoneId: pulumi.String(\"Australia/Sydney\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.ContactsRotation;\nimport com.pulumi.aws.ssm.ContactsRotationArgs;\nimport com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactsRotation(\"example\", ContactsRotationArgs.builder() \n .contactIds(exampleAwsSsmcontactsContact.arn())\n .name(\"rotation\")\n .recurrence(ContactsRotationRecurrenceArgs.builder()\n .numberOfOnCalls(1)\n .recurrenceMultiplier(1)\n .dailySettings(ContactsRotationRecurrenceDailySettingArgs.builder()\n .hourOfDay(9)\n .minuteOfHour(0)\n .build())\n .build())\n .timeZoneId(\"Australia/Sydney\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:ContactsRotation\n properties:\n contactIds:\n - ${exampleAwsSsmcontactsContact.arn}\n name: rotation\n recurrence:\n numberOfOnCalls: 1\n recurrenceMultiplier: 1\n dailySettings:\n - hourOfDay: 9\n minuteOfHour: 0\n timeZoneId: Australia/Sydney\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with Weekly Settings and Shift Coverages Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.ContactsRotation(\"example\", {\n contactIds: [exampleAwsSsmcontactsContact.arn],\n name: \"rotation\",\n recurrence: {\n numberOfOnCalls: 1,\n recurrenceMultiplier: 1,\n weeklySettings: [\n {\n dayOfWeek: \"WED\",\n handOffTime: {\n hourOfDay: 4,\n minuteOfHour: 25,\n },\n },\n {\n dayOfWeek: \"FRI\",\n handOffTime: {\n hourOfDay: 15,\n minuteOfHour: 57,\n },\n },\n ],\n shiftCoverages: [{\n mapBlockKey: \"MON\",\n coverageTimes: [{\n start: {\n hourOfDay: 1,\n minuteOfHour: 0,\n },\n end: {\n hourOfDay: 23,\n minuteOfHour: 0,\n },\n }],\n }],\n },\n startTime: \"2023-07-20T02:21:49+00:00\",\n timeZoneId: \"Australia/Sydney\",\n tags: {\n key1: \"tag1\",\n key2: \"tag2\",\n },\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.ContactsRotation(\"example\",\n contact_ids=[example_aws_ssmcontacts_contact[\"arn\"]],\n name=\"rotation\",\n recurrence=aws.ssm.ContactsRotationRecurrenceArgs(\n number_of_on_calls=1,\n recurrence_multiplier=1,\n weekly_settings=[\n aws.ssm.ContactsRotationRecurrenceWeeklySettingArgs(\n day_of_week=\"WED\",\n hand_off_time=aws.ssm.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs(\n hour_of_day=4,\n minute_of_hour=25,\n ),\n ),\n aws.ssm.ContactsRotationRecurrenceWeeklySettingArgs(\n day_of_week=\"FRI\",\n hand_off_time=aws.ssm.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs(\n hour_of_day=15,\n minute_of_hour=57,\n ),\n ),\n ],\n shift_coverages=[aws.ssm.ContactsRotationRecurrenceShiftCoverageArgs(\n map_block_key=\"MON\",\n coverage_times=[aws.ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs(\n start=aws.ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs(\n hour_of_day=1,\n minute_of_hour=0,\n ),\n end=aws.ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs(\n hour_of_day=23,\n minute_of_hour=0,\n ),\n )],\n )],\n ),\n start_time=\"2023-07-20T02:21:49+00:00\",\n time_zone_id=\"Australia/Sydney\",\n tags={\n \"key1\": \"tag1\",\n \"key2\": \"tag2\",\n },\n opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.ContactsRotation(\"example\", new()\n {\n ContactIds = new[]\n {\n exampleAwsSsmcontactsContact.Arn,\n },\n Name = \"rotation\",\n Recurrence = new Aws.Ssm.Inputs.ContactsRotationRecurrenceArgs\n {\n NumberOfOnCalls = 1,\n RecurrenceMultiplier = 1,\n WeeklySettings = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingArgs\n {\n DayOfWeek = \"WED\",\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs\n {\n HourOfDay = 4,\n MinuteOfHour = 25,\n },\n },\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingArgs\n {\n DayOfWeek = \"FRI\",\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs\n {\n HourOfDay = 15,\n MinuteOfHour = 57,\n },\n },\n },\n ShiftCoverages = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageArgs\n {\n MapBlockKey = \"MON\",\n CoverageTimes = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs\n {\n Start = new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs\n {\n HourOfDay = 1,\n MinuteOfHour = 0,\n },\n End = new Aws.Ssm.Inputs.ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs\n {\n HourOfDay = 23,\n MinuteOfHour = 0,\n },\n },\n },\n },\n },\n },\n StartTime = \"2023-07-20T02:21:49+00:00\",\n TimeZoneId = \"Australia/Sydney\",\n Tags = \n {\n { \"key1\", \"tag1\" },\n { \"key2\", \"tag2\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewContactsRotation(ctx, \"example\", \u0026ssm.ContactsRotationArgs{\n\t\t\tContactIds: pulumi.StringArray{\n\t\t\t\texampleAwsSsmcontactsContact.Arn,\n\t\t\t},\n\t\t\tName: pulumi.String(\"rotation\"),\n\t\t\tRecurrence: \u0026ssm.ContactsRotationRecurrenceArgs{\n\t\t\t\tNumberOfOnCalls: pulumi.Int(1),\n\t\t\t\tRecurrenceMultiplier: pulumi.Int(1),\n\t\t\t\tWeeklySettings: ssm.ContactsRotationRecurrenceWeeklySettingArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceWeeklySettingArgs{\n\t\t\t\t\t\tDayOfWeek: pulumi.String(\"WED\"),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(4),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(25),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceWeeklySettingArgs{\n\t\t\t\t\t\tDayOfWeek: pulumi.String(\"FRI\"),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(15),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(57),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tShiftCoverages: ssm.ContactsRotationRecurrenceShiftCoverageArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceShiftCoverageArgs{\n\t\t\t\t\t\tMapBlockKey: pulumi.String(\"MON\"),\n\t\t\t\t\t\tCoverageTimes: ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeArray{\n\t\t\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs{\n\t\t\t\t\t\t\t\tStart: \u0026ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs{\n\t\t\t\t\t\t\t\t\tHourOfDay: pulumi.Int(1),\n\t\t\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tEnd: \u0026ssm.ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs{\n\t\t\t\t\t\t\t\t\tHourOfDay: pulumi.Int(23),\n\t\t\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tStartTime: pulumi.String(\"2023-07-20T02:21:49+00:00\"),\n\t\t\tTimeZoneId: pulumi.String(\"Australia/Sydney\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key1\": pulumi.String(\"tag1\"),\n\t\t\t\t\"key2\": pulumi.String(\"tag2\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.ContactsRotation;\nimport com.pulumi.aws.ssm.ContactsRotationArgs;\nimport com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactsRotation(\"example\", ContactsRotationArgs.builder() \n .contactIds(exampleAwsSsmcontactsContact.arn())\n .name(\"rotation\")\n .recurrence(ContactsRotationRecurrenceArgs.builder()\n .numberOfOnCalls(1)\n .recurrenceMultiplier(1)\n .weeklySettings( \n ContactsRotationRecurrenceWeeklySettingArgs.builder()\n .dayOfWeek(\"WED\")\n .handOffTime(ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs.builder()\n .hourOfDay(4)\n .minuteOfHour(25)\n .build())\n .build(),\n ContactsRotationRecurrenceWeeklySettingArgs.builder()\n .dayOfWeek(\"FRI\")\n .handOffTime(ContactsRotationRecurrenceWeeklySettingHandOffTimeArgs.builder()\n .hourOfDay(15)\n .minuteOfHour(57)\n .build())\n .build())\n .shiftCoverages(ContactsRotationRecurrenceShiftCoverageArgs.builder()\n .mapBlockKey(\"MON\")\n .coverageTimes(ContactsRotationRecurrenceShiftCoverageCoverageTimeArgs.builder()\n .start(ContactsRotationRecurrenceShiftCoverageCoverageTimeStartArgs.builder()\n .hourOfDay(1)\n .minuteOfHour(0)\n .build())\n .end(ContactsRotationRecurrenceShiftCoverageCoverageTimeEndArgs.builder()\n .hourOfDay(23)\n .minuteOfHour(0)\n .build())\n .build())\n .build())\n .build())\n .startTime(\"2023-07-20T02:21:49+00:00\")\n .timeZoneId(\"Australia/Sydney\")\n .tags(Map.ofEntries(\n Map.entry(\"key1\", \"tag1\"),\n Map.entry(\"key2\", \"tag2\")\n ))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:ContactsRotation\n properties:\n contactIds:\n - ${exampleAwsSsmcontactsContact.arn}\n name: rotation\n recurrence:\n numberOfOnCalls: 1\n recurrenceMultiplier: 1\n weeklySettings:\n - dayOfWeek: WED\n handOffTime:\n hourOfDay: 4\n minuteOfHour: 25\n - dayOfWeek: FRI\n handOffTime:\n hourOfDay: 15\n minuteOfHour: 57\n shiftCoverages:\n - mapBlockKey: MON\n coverageTimes:\n - start:\n hourOfDay: 1\n minuteOfHour: 0\n end:\n hourOfDay: 23\n minuteOfHour: 0\n startTime: 2023-07-20T02:21:49+00:00\n timeZoneId: Australia/Sydney\n tags:\n key1: tag1\n key2: tag2\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage with Monthly Settings Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssm.ContactsRotation(\"example\", {\n contactIds: [exampleAwsSsmcontactsContact.arn],\n name: \"rotation\",\n recurrence: {\n numberOfOnCalls: 1,\n recurrenceMultiplier: 1,\n monthlySettings: [\n {\n dayOfMonth: 20,\n handOffTime: {\n hourOfDay: 8,\n minuteOfHour: 0,\n },\n },\n {\n dayOfMonth: 13,\n handOffTime: {\n hourOfDay: 12,\n minuteOfHour: 34,\n },\n },\n ],\n },\n timeZoneId: \"Australia/Sydney\",\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssm.ContactsRotation(\"example\",\n contact_ids=[example_aws_ssmcontacts_contact[\"arn\"]],\n name=\"rotation\",\n recurrence=aws.ssm.ContactsRotationRecurrenceArgs(\n number_of_on_calls=1,\n recurrence_multiplier=1,\n monthly_settings=[\n aws.ssm.ContactsRotationRecurrenceMonthlySettingArgs(\n day_of_month=20,\n hand_off_time=aws.ssm.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs(\n hour_of_day=8,\n minute_of_hour=0,\n ),\n ),\n aws.ssm.ContactsRotationRecurrenceMonthlySettingArgs(\n day_of_month=13,\n hand_off_time=aws.ssm.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs(\n hour_of_day=12,\n minute_of_hour=34,\n ),\n ),\n ],\n ),\n time_zone_id=\"Australia/Sydney\",\n opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Ssm.ContactsRotation(\"example\", new()\n {\n ContactIds = new[]\n {\n exampleAwsSsmcontactsContact.Arn,\n },\n Name = \"rotation\",\n Recurrence = new Aws.Ssm.Inputs.ContactsRotationRecurrenceArgs\n {\n NumberOfOnCalls = 1,\n RecurrenceMultiplier = 1,\n MonthlySettings = new[]\n {\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingArgs\n {\n DayOfMonth = 20,\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs\n {\n HourOfDay = 8,\n MinuteOfHour = 0,\n },\n },\n new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingArgs\n {\n DayOfMonth = 13,\n HandOffTime = new Aws.Ssm.Inputs.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs\n {\n HourOfDay = 12,\n MinuteOfHour = 34,\n },\n },\n },\n },\n TimeZoneId = \"Australia/Sydney\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssm.NewContactsRotation(ctx, \"example\", \u0026ssm.ContactsRotationArgs{\n\t\t\tContactIds: pulumi.StringArray{\n\t\t\t\texampleAwsSsmcontactsContact.Arn,\n\t\t\t},\n\t\t\tName: pulumi.String(\"rotation\"),\n\t\t\tRecurrence: \u0026ssm.ContactsRotationRecurrenceArgs{\n\t\t\t\tNumberOfOnCalls: pulumi.Int(1),\n\t\t\t\tRecurrenceMultiplier: pulumi.Int(1),\n\t\t\t\tMonthlySettings: ssm.ContactsRotationRecurrenceMonthlySettingArray{\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceMonthlySettingArgs{\n\t\t\t\t\t\tDayOfMonth: pulumi.Int(20),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(8),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(0),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026ssm.ContactsRotationRecurrenceMonthlySettingArgs{\n\t\t\t\t\t\tDayOfMonth: pulumi.Int(13),\n\t\t\t\t\t\tHandOffTime: \u0026ssm.ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs{\n\t\t\t\t\t\t\tHourOfDay: pulumi.Int(12),\n\t\t\t\t\t\t\tMinuteOfHour: pulumi.Int(34),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTimeZoneId: pulumi.String(\"Australia/Sydney\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.ContactsRotation;\nimport com.pulumi.aws.ssm.ContactsRotationArgs;\nimport com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ContactsRotation(\"example\", ContactsRotationArgs.builder() \n .contactIds(exampleAwsSsmcontactsContact.arn())\n .name(\"rotation\")\n .recurrence(ContactsRotationRecurrenceArgs.builder()\n .numberOfOnCalls(1)\n .recurrenceMultiplier(1)\n .monthlySettings( \n ContactsRotationRecurrenceMonthlySettingArgs.builder()\n .dayOfMonth(20)\n .handOffTime(ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs.builder()\n .hourOfDay(8)\n .minuteOfHour(0)\n .build())\n .build(),\n ContactsRotationRecurrenceMonthlySettingArgs.builder()\n .dayOfMonth(13)\n .handOffTime(ContactsRotationRecurrenceMonthlySettingHandOffTimeArgs.builder()\n .hourOfDay(12)\n .minuteOfHour(34)\n .build())\n .build())\n .build())\n .timeZoneId(\"Australia/Sydney\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssm:ContactsRotation\n properties:\n contactIds:\n - ${exampleAwsSsmcontactsContact.arn}\n name: rotation\n recurrence:\n numberOfOnCalls: 1\n recurrenceMultiplier: 1\n monthlySettings:\n - dayOfMonth: 20\n handOffTime:\n hourOfDay: 8\n minuteOfHour: 0\n - dayOfMonth: 13\n handOffTime:\n hourOfDay: 12\n minuteOfHour: 34\n timeZoneId: Australia/Sydney\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import CodeGuru Profiler Profiling Group using the `arn`. For example:\n\n```sh\n$ pulumi import aws:ssm/contactsRotation:ContactsRotation example arn:aws:ssm-contacts:us-east-1:012345678910:rotation/example\n```\n", "properties": { "arn": { "type": "string", @@ -337373,7 +337373,7 @@ } }, "aws:ssmcontacts/contact:Contact": { - "description": "Resource for managing an AWS SSM Contact.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmcontacts.Contact(\"example\", {\n alias: \"alias\",\n type: \"PERSONAL\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmcontacts.Contact(\"example\",\n alias=\"alias\",\n type=\"PERSONAL\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmContacts.Contact(\"example\", new()\n {\n Alias = \"alias\",\n Type = \"PERSONAL\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.NewContact(ctx, \"example\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"alias\"),\n\t\t\tType: pulumi.String(\"PERSONAL\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.Contact;\nimport com.pulumi.aws.ssmcontacts.ContactArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Contact(\"example\", ContactArgs.builder() \n .alias(\"alias\")\n .type(\"PERSONAL\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmcontacts:Contact\n properties:\n alias: alias\n type: PERSONAL\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage With All Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmcontacts.Contact(\"example\", {\n alias: \"alias\",\n displayName: \"displayName\",\n type: \"ESCALATION\",\n tags: {\n key: \"value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmcontacts.Contact(\"example\",\n alias=\"alias\",\n display_name=\"displayName\",\n type=\"ESCALATION\",\n tags={\n \"key\": \"value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmContacts.Contact(\"example\", new()\n {\n Alias = \"alias\",\n DisplayName = \"displayName\",\n Type = \"ESCALATION\",\n Tags = \n {\n { \"key\", \"value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.NewContact(ctx, \"example\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"alias\"),\n\t\t\tDisplayName: pulumi.String(\"displayName\"),\n\t\t\tType: pulumi.String(\"ESCALATION\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.Contact;\nimport com.pulumi.aws.ssmcontacts.ContactArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Contact(\"example\", ContactArgs.builder() \n .alias(\"alias\")\n .displayName(\"displayName\")\n .type(\"ESCALATION\")\n .tags(Map.of(\"key\", \"value\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmcontacts:Contact\n properties:\n alias: alias\n displayName: displayName\n type: ESCALATION\n tags:\n key: value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM Contact using the `ARN`. For example:\n\n```sh\n$ pulumi import aws:ssmcontacts/contact:Contact example {ARNValue}\n```\n", + "description": "Resource for managing an AWS SSM Contact.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmcontacts.Contact(\"example\", {\n alias: \"alias\",\n type: \"PERSONAL\",\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmcontacts.Contact(\"example\",\n alias=\"alias\",\n type=\"PERSONAL\",\n opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmContacts.Contact(\"example\", new()\n {\n Alias = \"alias\",\n Type = \"PERSONAL\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.NewContact(ctx, \"example\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"alias\"),\n\t\t\tType: pulumi.String(\"PERSONAL\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.Contact;\nimport com.pulumi.aws.ssmcontacts.ContactArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Contact(\"example\", ContactArgs.builder() \n .alias(\"alias\")\n .type(\"PERSONAL\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmcontacts:Contact\n properties:\n alias: alias\n type: PERSONAL\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage With All Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmcontacts.Contact(\"example\", {\n alias: \"alias\",\n displayName: \"displayName\",\n type: \"ESCALATION\",\n tags: {\n key: \"value\",\n },\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmcontacts.Contact(\"example\",\n alias=\"alias\",\n display_name=\"displayName\",\n type=\"ESCALATION\",\n tags={\n \"key\": \"value\",\n },\n opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmContacts.Contact(\"example\", new()\n {\n Alias = \"alias\",\n DisplayName = \"displayName\",\n Type = \"ESCALATION\",\n Tags = \n {\n { \"key\", \"value\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmcontacts\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmcontacts.NewContact(ctx, \"example\", \u0026ssmcontacts.ContactArgs{\n\t\t\tAlias: pulumi.String(\"alias\"),\n\t\t\tDisplayName: pulumi.String(\"displayName\"),\n\t\t\tType: pulumi.String(\"ESCALATION\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmcontacts.Contact;\nimport com.pulumi.aws.ssmcontacts.ContactArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Contact(\"example\", ContactArgs.builder() \n .alias(\"alias\")\n .displayName(\"displayName\")\n .type(\"ESCALATION\")\n .tags(Map.of(\"key\", \"value\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmcontacts:Contact\n properties:\n alias: alias\n displayName: displayName\n type: ESCALATION\n tags:\n key: value\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import SSM Contact using the `ARN`. For example:\n\n```sh\n$ pulumi import aws:ssmcontacts/contact:Contact example {ARNValue}\n```\n", "properties": { "alias": { "type": "string", @@ -337751,7 +337751,7 @@ } }, "aws:ssmincidents/responsePlan:ResponsePlan": { - "description": "Provides a resource to manage response plans in AWS Systems Manager Incident Manager.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmincidents.ResponsePlan(\"example\", {\n name: \"name\",\n incidentTemplate: {\n title: \"title\",\n impact: 3,\n },\n tags: {\n key: \"value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmincidents.ResponsePlan(\"example\",\n name=\"name\",\n incident_template=aws.ssmincidents.ResponsePlanIncidentTemplateArgs(\n title=\"title\",\n impact=3,\n ),\n tags={\n \"key\": \"value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmIncidents.ResponsePlan(\"example\", new()\n {\n Name = \"name\",\n IncidentTemplate = new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateArgs\n {\n Title = \"title\",\n Impact = 3,\n },\n Tags = \n {\n { \"key\", \"value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmincidents.NewResponsePlan(ctx, \"example\", \u0026ssmincidents.ResponsePlanArgs{\n\t\t\tName: pulumi.String(\"name\"),\n\t\t\tIncidentTemplate: \u0026ssmincidents.ResponsePlanIncidentTemplateArgs{\n\t\t\t\tTitle: pulumi.String(\"title\"),\n\t\t\t\tImpact: pulumi.Int(3),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmincidents.ResponsePlan;\nimport com.pulumi.aws.ssmincidents.ResponsePlanArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanIncidentTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResponsePlan(\"example\", ResponsePlanArgs.builder() \n .name(\"name\")\n .incidentTemplate(ResponsePlanIncidentTemplateArgs.builder()\n .title(\"title\")\n .impact(\"3\")\n .build())\n .tags(Map.of(\"key\", \"value\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmincidents:ResponsePlan\n properties:\n name: name\n incidentTemplate:\n title: title\n impact: '3'\n tags:\n key: value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage With All Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmincidents.ResponsePlan(\"example\", {\n name: \"name\",\n incidentTemplate: {\n title: \"title\",\n impact: 3,\n dedupeString: \"dedupe\",\n incidentTags: {\n key: \"value\",\n },\n notificationTargets: [\n {\n snsTopicArn: example1.arn,\n },\n {\n snsTopicArn: example2.arn,\n },\n ],\n summary: \"summary\",\n },\n displayName: \"display name\",\n chatChannels: [topic.arn],\n engagements: [\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\"],\n action: {\n ssmAutomations: [{\n documentName: document1.name,\n roleArn: role1.arn,\n documentVersion: \"version1\",\n targetAccount: \"RESPONSE_PLAN_OWNER_ACCOUNT\",\n parameters: [\n {\n name: \"key\",\n values: [\n \"value1\",\n \"value2\",\n ],\n },\n {\n name: \"foo\",\n values: [\"bar\"],\n },\n ],\n dynamicParameters: {\n someKey: \"INVOLVED_RESOURCES\",\n anotherKey: \"INCIDENT_RECORD_ARN\",\n },\n }],\n },\n integration: {\n pagerduties: [{\n name: \"pagerdutyIntergration\",\n serviceId: \"example\",\n secretId: \"example\",\n }],\n },\n tags: {\n key: \"value\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmincidents.ResponsePlan(\"example\",\n name=\"name\",\n incident_template=aws.ssmincidents.ResponsePlanIncidentTemplateArgs(\n title=\"title\",\n impact=3,\n dedupe_string=\"dedupe\",\n incident_tags={\n \"key\": \"value\",\n },\n notification_targets=[\n aws.ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArgs(\n sns_topic_arn=example1[\"arn\"],\n ),\n aws.ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArgs(\n sns_topic_arn=example2[\"arn\"],\n ),\n ],\n summary=\"summary\",\n ),\n display_name=\"display name\",\n chat_channels=[topic[\"arn\"]],\n engagements=[\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\"],\n action=aws.ssmincidents.ResponsePlanActionArgs(\n ssm_automations=[aws.ssmincidents.ResponsePlanActionSsmAutomationArgs(\n document_name=document1[\"name\"],\n role_arn=role1[\"arn\"],\n document_version=\"version1\",\n target_account=\"RESPONSE_PLAN_OWNER_ACCOUNT\",\n parameters=[\n aws.ssmincidents.ResponsePlanActionSsmAutomationParameterArgs(\n name=\"key\",\n values=[\n \"value1\",\n \"value2\",\n ],\n ),\n aws.ssmincidents.ResponsePlanActionSsmAutomationParameterArgs(\n name=\"foo\",\n values=[\"bar\"],\n ),\n ],\n dynamic_parameters={\n \"someKey\": \"INVOLVED_RESOURCES\",\n \"anotherKey\": \"INCIDENT_RECORD_ARN\",\n },\n )],\n ),\n integration=aws.ssmincidents.ResponsePlanIntegrationArgs(\n pagerduties=[aws.ssmincidents.ResponsePlanIntegrationPagerdutyArgs(\n name=\"pagerdutyIntergration\",\n service_id=\"example\",\n secret_id=\"example\",\n )],\n ),\n tags={\n \"key\": \"value\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmIncidents.ResponsePlan(\"example\", new()\n {\n Name = \"name\",\n IncidentTemplate = new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateArgs\n {\n Title = \"title\",\n Impact = 3,\n DedupeString = \"dedupe\",\n IncidentTags = \n {\n { \"key\", \"value\" },\n },\n NotificationTargets = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateNotificationTargetArgs\n {\n SnsTopicArn = example1.Arn,\n },\n new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateNotificationTargetArgs\n {\n SnsTopicArn = example2.Arn,\n },\n },\n Summary = \"summary\",\n },\n DisplayName = \"display name\",\n ChatChannels = new[]\n {\n topic.Arn,\n },\n Engagements = new[]\n {\n \"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\",\n },\n Action = new Aws.SsmIncidents.Inputs.ResponsePlanActionArgs\n {\n SsmAutomations = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanActionSsmAutomationArgs\n {\n DocumentName = document1.Name,\n RoleArn = role1.Arn,\n DocumentVersion = \"version1\",\n TargetAccount = \"RESPONSE_PLAN_OWNER_ACCOUNT\",\n Parameters = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanActionSsmAutomationParameterArgs\n {\n Name = \"key\",\n Values = new[]\n {\n \"value1\",\n \"value2\",\n },\n },\n new Aws.SsmIncidents.Inputs.ResponsePlanActionSsmAutomationParameterArgs\n {\n Name = \"foo\",\n Values = new[]\n {\n \"bar\",\n },\n },\n },\n DynamicParameters = \n {\n { \"someKey\", \"INVOLVED_RESOURCES\" },\n { \"anotherKey\", \"INCIDENT_RECORD_ARN\" },\n },\n },\n },\n },\n Integration = new Aws.SsmIncidents.Inputs.ResponsePlanIntegrationArgs\n {\n Pagerduties = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanIntegrationPagerdutyArgs\n {\n Name = \"pagerdutyIntergration\",\n ServiceId = \"example\",\n SecretId = \"example\",\n },\n },\n },\n Tags = \n {\n { \"key\", \"value\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmincidents.NewResponsePlan(ctx, \"example\", \u0026ssmincidents.ResponsePlanArgs{\n\t\t\tName: pulumi.String(\"name\"),\n\t\t\tIncidentTemplate: \u0026ssmincidents.ResponsePlanIncidentTemplateArgs{\n\t\t\t\tTitle: pulumi.String(\"title\"),\n\t\t\t\tImpact: pulumi.Int(3),\n\t\t\t\tDedupeString: pulumi.String(\"dedupe\"),\n\t\t\t\tIncidentTags: pulumi.StringMap{\n\t\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t\t},\n\t\t\t\tNotificationTargets: ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArray{\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArgs{\n\t\t\t\t\t\tSnsTopicArn: pulumi.Any(example1.Arn),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArgs{\n\t\t\t\t\t\tSnsTopicArn: pulumi.Any(example2.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSummary: pulumi.String(\"summary\"),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"display name\"),\n\t\t\tChatChannels: pulumi.StringArray{\n\t\t\t\ttopic.Arn,\n\t\t\t},\n\t\t\tEngagements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\"),\n\t\t\t},\n\t\t\tAction: \u0026ssmincidents.ResponsePlanActionArgs{\n\t\t\t\tSsmAutomations: ssmincidents.ResponsePlanActionSsmAutomationArray{\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanActionSsmAutomationArgs{\n\t\t\t\t\t\tDocumentName: pulumi.Any(document1.Name),\n\t\t\t\t\t\tRoleArn: pulumi.Any(role1.Arn),\n\t\t\t\t\t\tDocumentVersion: pulumi.String(\"version1\"),\n\t\t\t\t\t\tTargetAccount: pulumi.String(\"RESPONSE_PLAN_OWNER_ACCOUNT\"),\n\t\t\t\t\t\tParameters: ssmincidents.ResponsePlanActionSsmAutomationParameterArray{\n\t\t\t\t\t\t\t\u0026ssmincidents.ResponsePlanActionSsmAutomationParameterArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"key\"),\n\t\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value1\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value2\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026ssmincidents.ResponsePlanActionSsmAutomationParameterArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"foo\"),\n\t\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"bar\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDynamicParameters: pulumi.StringMap{\n\t\t\t\t\t\t\t\"someKey\": pulumi.String(\"INVOLVED_RESOURCES\"),\n\t\t\t\t\t\t\t\"anotherKey\": pulumi.String(\"INCIDENT_RECORD_ARN\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tIntegration: \u0026ssmincidents.ResponsePlanIntegrationArgs{\n\t\t\t\tPagerduties: ssmincidents.ResponsePlanIntegrationPagerdutyArray{\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanIntegrationPagerdutyArgs{\n\t\t\t\t\t\tName: pulumi.String(\"pagerdutyIntergration\"),\n\t\t\t\t\t\tServiceId: pulumi.String(\"example\"),\n\t\t\t\t\t\tSecretId: pulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmincidents.ResponsePlan;\nimport com.pulumi.aws.ssmincidents.ResponsePlanArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanIncidentTemplateArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanActionArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanIntegrationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResponsePlan(\"example\", ResponsePlanArgs.builder() \n .name(\"name\")\n .incidentTemplate(ResponsePlanIncidentTemplateArgs.builder()\n .title(\"title\")\n .impact(\"3\")\n .dedupeString(\"dedupe\")\n .incidentTags(Map.of(\"key\", \"value\"))\n .notificationTargets( \n ResponsePlanIncidentTemplateNotificationTargetArgs.builder()\n .snsTopicArn(example1.arn())\n .build(),\n ResponsePlanIncidentTemplateNotificationTargetArgs.builder()\n .snsTopicArn(example2.arn())\n .build())\n .summary(\"summary\")\n .build())\n .displayName(\"display name\")\n .chatChannels(topic.arn())\n .engagements(\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\")\n .action(ResponsePlanActionArgs.builder()\n .ssmAutomations(ResponsePlanActionSsmAutomationArgs.builder()\n .documentName(document1.name())\n .roleArn(role1.arn())\n .documentVersion(\"version1\")\n .targetAccount(\"RESPONSE_PLAN_OWNER_ACCOUNT\")\n .parameters( \n ResponsePlanActionSsmAutomationParameterArgs.builder()\n .name(\"key\")\n .values( \n \"value1\",\n \"value2\")\n .build(),\n ResponsePlanActionSsmAutomationParameterArgs.builder()\n .name(\"foo\")\n .values(\"bar\")\n .build())\n .dynamicParameters(Map.ofEntries(\n Map.entry(\"someKey\", \"INVOLVED_RESOURCES\"),\n Map.entry(\"anotherKey\", \"INCIDENT_RECORD_ARN\")\n ))\n .build())\n .build())\n .integration(ResponsePlanIntegrationArgs.builder()\n .pagerduties(ResponsePlanIntegrationPagerdutyArgs.builder()\n .name(\"pagerdutyIntergration\")\n .serviceId(\"example\")\n .secretId(\"example\")\n .build())\n .build())\n .tags(Map.of(\"key\", \"value\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmincidents:ResponsePlan\n properties:\n name: name\n incidentTemplate:\n title: title\n impact: '3'\n dedupeString: dedupe\n incidentTags:\n key: value\n notificationTargets:\n - snsTopicArn: ${example1.arn}\n - snsTopicArn: ${example2.arn}\n summary: summary\n displayName: display name\n chatChannels:\n - ${topic.arn}\n engagements:\n - arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\n action:\n ssmAutomations:\n - documentName: ${document1.name}\n roleArn: ${role1.arn}\n documentVersion: version1\n targetAccount: RESPONSE_PLAN_OWNER_ACCOUNT\n parameters:\n - name: key\n values:\n - value1\n - value2\n - name: foo\n values:\n - bar\n dynamicParameters:\n someKey: INVOLVED_RESOURCES\n anotherKey: INCIDENT_RECORD_ARN\n integration:\n pagerduties:\n - name: pagerdutyIntergration\n serviceId: example\n secretId: example\n tags:\n key: value\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an Incident Manager response plan using the response plan ARN. You can find the response plan ARN in the AWS Management Console. For example:\n\n```sh\n$ pulumi import aws:ssmincidents/responsePlan:ResponsePlan responsePlanName ARNValue\n```\n", + "description": "Provides a resource to manage response plans in AWS Systems Manager Incident Manager.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmincidents.ResponsePlan(\"example\", {\n name: \"name\",\n incidentTemplate: {\n title: \"title\",\n impact: 3,\n },\n tags: {\n key: \"value\",\n },\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmincidents.ResponsePlan(\"example\",\n name=\"name\",\n incident_template=aws.ssmincidents.ResponsePlanIncidentTemplateArgs(\n title=\"title\",\n impact=3,\n ),\n tags={\n \"key\": \"value\",\n },\n opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmIncidents.ResponsePlan(\"example\", new()\n {\n Name = \"name\",\n IncidentTemplate = new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateArgs\n {\n Title = \"title\",\n Impact = 3,\n },\n Tags = \n {\n { \"key\", \"value\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmincidents.NewResponsePlan(ctx, \"example\", \u0026ssmincidents.ResponsePlanArgs{\n\t\t\tName: pulumi.String(\"name\"),\n\t\t\tIncidentTemplate: \u0026ssmincidents.ResponsePlanIncidentTemplateArgs{\n\t\t\t\tTitle: pulumi.String(\"title\"),\n\t\t\t\tImpact: pulumi.Int(3),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmincidents.ResponsePlan;\nimport com.pulumi.aws.ssmincidents.ResponsePlanArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanIncidentTemplateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResponsePlan(\"example\", ResponsePlanArgs.builder() \n .name(\"name\")\n .incidentTemplate(ResponsePlanIncidentTemplateArgs.builder()\n .title(\"title\")\n .impact(\"3\")\n .build())\n .tags(Map.of(\"key\", \"value\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmincidents:ResponsePlan\n properties:\n name: name\n incidentTemplate:\n title: title\n impact: '3'\n tags:\n key: value\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Usage With All Fields\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.ssmincidents.ResponsePlan(\"example\", {\n name: \"name\",\n incidentTemplate: {\n title: \"title\",\n impact: 3,\n dedupeString: \"dedupe\",\n incidentTags: {\n key: \"value\",\n },\n notificationTargets: [\n {\n snsTopicArn: example1.arn,\n },\n {\n snsTopicArn: example2.arn,\n },\n ],\n summary: \"summary\",\n },\n displayName: \"display name\",\n chatChannels: [topic.arn],\n engagements: [\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\"],\n action: {\n ssmAutomations: [{\n documentName: document1.name,\n roleArn: role1.arn,\n documentVersion: \"version1\",\n targetAccount: \"RESPONSE_PLAN_OWNER_ACCOUNT\",\n parameters: [\n {\n name: \"key\",\n values: [\n \"value1\",\n \"value2\",\n ],\n },\n {\n name: \"foo\",\n values: [\"bar\"],\n },\n ],\n dynamicParameters: {\n someKey: \"INVOLVED_RESOURCES\",\n anotherKey: \"INCIDENT_RECORD_ARN\",\n },\n }],\n },\n integration: {\n pagerduties: [{\n name: \"pagerdutyIntergration\",\n serviceId: \"example\",\n secretId: \"example\",\n }],\n },\n tags: {\n key: \"value\",\n },\n}, {\n dependsOn: [exampleAwsSsmincidentsReplicationSet],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.ssmincidents.ResponsePlan(\"example\",\n name=\"name\",\n incident_template=aws.ssmincidents.ResponsePlanIncidentTemplateArgs(\n title=\"title\",\n impact=3,\n dedupe_string=\"dedupe\",\n incident_tags={\n \"key\": \"value\",\n },\n notification_targets=[\n aws.ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArgs(\n sns_topic_arn=example1[\"arn\"],\n ),\n aws.ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArgs(\n sns_topic_arn=example2[\"arn\"],\n ),\n ],\n summary=\"summary\",\n ),\n display_name=\"display name\",\n chat_channels=[topic[\"arn\"]],\n engagements=[\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\"],\n action=aws.ssmincidents.ResponsePlanActionArgs(\n ssm_automations=[aws.ssmincidents.ResponsePlanActionSsmAutomationArgs(\n document_name=document1[\"name\"],\n role_arn=role1[\"arn\"],\n document_version=\"version1\",\n target_account=\"RESPONSE_PLAN_OWNER_ACCOUNT\",\n parameters=[\n aws.ssmincidents.ResponsePlanActionSsmAutomationParameterArgs(\n name=\"key\",\n values=[\n \"value1\",\n \"value2\",\n ],\n ),\n aws.ssmincidents.ResponsePlanActionSsmAutomationParameterArgs(\n name=\"foo\",\n values=[\"bar\"],\n ),\n ],\n dynamic_parameters={\n \"someKey\": \"INVOLVED_RESOURCES\",\n \"anotherKey\": \"INCIDENT_RECORD_ARN\",\n },\n )],\n ),\n integration=aws.ssmincidents.ResponsePlanIntegrationArgs(\n pagerduties=[aws.ssmincidents.ResponsePlanIntegrationPagerdutyArgs(\n name=\"pagerdutyIntergration\",\n service_id=\"example\",\n secret_id=\"example\",\n )],\n ),\n tags={\n \"key\": \"value\",\n },\n opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.SsmIncidents.ResponsePlan(\"example\", new()\n {\n Name = \"name\",\n IncidentTemplate = new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateArgs\n {\n Title = \"title\",\n Impact = 3,\n DedupeString = \"dedupe\",\n IncidentTags = \n {\n { \"key\", \"value\" },\n },\n NotificationTargets = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateNotificationTargetArgs\n {\n SnsTopicArn = example1.Arn,\n },\n new Aws.SsmIncidents.Inputs.ResponsePlanIncidentTemplateNotificationTargetArgs\n {\n SnsTopicArn = example2.Arn,\n },\n },\n Summary = \"summary\",\n },\n DisplayName = \"display name\",\n ChatChannels = new[]\n {\n topic.Arn,\n },\n Engagements = new[]\n {\n \"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\",\n },\n Action = new Aws.SsmIncidents.Inputs.ResponsePlanActionArgs\n {\n SsmAutomations = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanActionSsmAutomationArgs\n {\n DocumentName = document1.Name,\n RoleArn = role1.Arn,\n DocumentVersion = \"version1\",\n TargetAccount = \"RESPONSE_PLAN_OWNER_ACCOUNT\",\n Parameters = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanActionSsmAutomationParameterArgs\n {\n Name = \"key\",\n Values = new[]\n {\n \"value1\",\n \"value2\",\n },\n },\n new Aws.SsmIncidents.Inputs.ResponsePlanActionSsmAutomationParameterArgs\n {\n Name = \"foo\",\n Values = new[]\n {\n \"bar\",\n },\n },\n },\n DynamicParameters = \n {\n { \"someKey\", \"INVOLVED_RESOURCES\" },\n { \"anotherKey\", \"INCIDENT_RECORD_ARN\" },\n },\n },\n },\n },\n Integration = new Aws.SsmIncidents.Inputs.ResponsePlanIntegrationArgs\n {\n Pagerduties = new[]\n {\n new Aws.SsmIncidents.Inputs.ResponsePlanIntegrationPagerdutyArgs\n {\n Name = \"pagerdutyIntergration\",\n ServiceId = \"example\",\n SecretId = \"example\",\n },\n },\n },\n Tags = \n {\n { \"key\", \"value\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n exampleAwsSsmincidentsReplicationSet, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssmincidents\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := ssmincidents.NewResponsePlan(ctx, \"example\", \u0026ssmincidents.ResponsePlanArgs{\n\t\t\tName: pulumi.String(\"name\"),\n\t\t\tIncidentTemplate: \u0026ssmincidents.ResponsePlanIncidentTemplateArgs{\n\t\t\t\tTitle: pulumi.String(\"title\"),\n\t\t\t\tImpact: pulumi.Int(3),\n\t\t\t\tDedupeString: pulumi.String(\"dedupe\"),\n\t\t\t\tIncidentTags: pulumi.StringMap{\n\t\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t\t},\n\t\t\t\tNotificationTargets: ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArray{\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArgs{\n\t\t\t\t\t\tSnsTopicArn: pulumi.Any(example1.Arn),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanIncidentTemplateNotificationTargetArgs{\n\t\t\t\t\t\tSnsTopicArn: pulumi.Any(example2.Arn),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tSummary: pulumi.String(\"summary\"),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"display name\"),\n\t\t\tChatChannels: pulumi.StringArray{\n\t\t\t\ttopic.Arn,\n\t\t\t},\n\t\t\tEngagements: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\"),\n\t\t\t},\n\t\t\tAction: \u0026ssmincidents.ResponsePlanActionArgs{\n\t\t\t\tSsmAutomations: ssmincidents.ResponsePlanActionSsmAutomationArray{\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanActionSsmAutomationArgs{\n\t\t\t\t\t\tDocumentName: pulumi.Any(document1.Name),\n\t\t\t\t\t\tRoleArn: pulumi.Any(role1.Arn),\n\t\t\t\t\t\tDocumentVersion: pulumi.String(\"version1\"),\n\t\t\t\t\t\tTargetAccount: pulumi.String(\"RESPONSE_PLAN_OWNER_ACCOUNT\"),\n\t\t\t\t\t\tParameters: ssmincidents.ResponsePlanActionSsmAutomationParameterArray{\n\t\t\t\t\t\t\t\u0026ssmincidents.ResponsePlanActionSsmAutomationParameterArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"key\"),\n\t\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value1\"),\n\t\t\t\t\t\t\t\t\tpulumi.String(\"value2\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\u0026ssmincidents.ResponsePlanActionSsmAutomationParameterArgs{\n\t\t\t\t\t\t\t\tName: pulumi.String(\"foo\"),\n\t\t\t\t\t\t\t\tValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\t\tpulumi.String(\"bar\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\tDynamicParameters: pulumi.StringMap{\n\t\t\t\t\t\t\t\"someKey\": pulumi.String(\"INVOLVED_RESOURCES\"),\n\t\t\t\t\t\t\t\"anotherKey\": pulumi.String(\"INCIDENT_RECORD_ARN\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tIntegration: \u0026ssmincidents.ResponsePlanIntegrationArgs{\n\t\t\t\tPagerduties: ssmincidents.ResponsePlanIntegrationPagerdutyArray{\n\t\t\t\t\t\u0026ssmincidents.ResponsePlanIntegrationPagerdutyArgs{\n\t\t\t\t\t\tName: pulumi.String(\"pagerdutyIntergration\"),\n\t\t\t\t\t\tServiceId: pulumi.String(\"example\"),\n\t\t\t\t\t\tSecretId: pulumi.String(\"example\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleAwsSsmincidentsReplicationSet,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssmincidents.ResponsePlan;\nimport com.pulumi.aws.ssmincidents.ResponsePlanArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanIncidentTemplateArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanActionArgs;\nimport com.pulumi.aws.ssmincidents.inputs.ResponsePlanIntegrationArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResponsePlan(\"example\", ResponsePlanArgs.builder() \n .name(\"name\")\n .incidentTemplate(ResponsePlanIncidentTemplateArgs.builder()\n .title(\"title\")\n .impact(\"3\")\n .dedupeString(\"dedupe\")\n .incidentTags(Map.of(\"key\", \"value\"))\n .notificationTargets( \n ResponsePlanIncidentTemplateNotificationTargetArgs.builder()\n .snsTopicArn(example1.arn())\n .build(),\n ResponsePlanIncidentTemplateNotificationTargetArgs.builder()\n .snsTopicArn(example2.arn())\n .build())\n .summary(\"summary\")\n .build())\n .displayName(\"display name\")\n .chatChannels(topic.arn())\n .engagements(\"arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\")\n .action(ResponsePlanActionArgs.builder()\n .ssmAutomations(ResponsePlanActionSsmAutomationArgs.builder()\n .documentName(document1.name())\n .roleArn(role1.arn())\n .documentVersion(\"version1\")\n .targetAccount(\"RESPONSE_PLAN_OWNER_ACCOUNT\")\n .parameters( \n ResponsePlanActionSsmAutomationParameterArgs.builder()\n .name(\"key\")\n .values( \n \"value1\",\n \"value2\")\n .build(),\n ResponsePlanActionSsmAutomationParameterArgs.builder()\n .name(\"foo\")\n .values(\"bar\")\n .build())\n .dynamicParameters(Map.ofEntries(\n Map.entry(\"someKey\", \"INVOLVED_RESOURCES\"),\n Map.entry(\"anotherKey\", \"INCIDENT_RECORD_ARN\")\n ))\n .build())\n .build())\n .integration(ResponsePlanIntegrationArgs.builder()\n .pagerduties(ResponsePlanIntegrationPagerdutyArgs.builder()\n .name(\"pagerdutyIntergration\")\n .serviceId(\"example\")\n .secretId(\"example\")\n .build())\n .build())\n .tags(Map.of(\"key\", \"value\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleAwsSsmincidentsReplicationSet)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:ssmincidents:ResponsePlan\n properties:\n name: name\n incidentTemplate:\n title: title\n impact: '3'\n dedupeString: dedupe\n incidentTags:\n key: value\n notificationTargets:\n - snsTopicArn: ${example1.arn}\n - snsTopicArn: ${example2.arn}\n summary: summary\n displayName: display name\n chatChannels:\n - ${topic.arn}\n engagements:\n - arn:aws:ssm-contacts:us-east-2:111122223333:contact/test1\n action:\n ssmAutomations:\n - documentName: ${document1.name}\n roleArn: ${role1.arn}\n documentVersion: version1\n targetAccount: RESPONSE_PLAN_OWNER_ACCOUNT\n parameters:\n - name: key\n values:\n - value1\n - value2\n - name: foo\n values:\n - bar\n dynamicParameters:\n someKey: INVOLVED_RESOURCES\n anotherKey: INCIDENT_RECORD_ARN\n integration:\n pagerduties:\n - name: pagerdutyIntergration\n serviceId: example\n secretId: example\n tags:\n key: value\n options:\n dependson:\n - ${exampleAwsSsmincidentsReplicationSet}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import an Incident Manager response plan using the response plan ARN. You can find the response plan ARN in the AWS Management Console. For example:\n\n```sh\n$ pulumi import aws:ssmincidents/responsePlan:ResponsePlan responsePlanName ARNValue\n```\n", "properties": { "action": { "$ref": "#/types/aws:ssmincidents/ResponsePlanAction:ResponsePlanAction", @@ -339256,7 +339256,7 @@ } }, "aws:storagegateway/fileSystemAssociation:FileSystemAssociation": { - "description": "Associate an Amazon FSx file system with the FSx File Gateway. After the association process is complete, the file shares on the Amazon FSx file system are available for access through the gateway. This operation only supports the FSx File Gateway type.\n\n[FSx File Gateway requirements](https://docs.aws.amazon.com/filegateway/latest/filefsxw/Requirements.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.FileSystemAssociation(\"example\", {\n gatewayArn: exampleAwsStoragegatewayGateway.arn,\n locationArn: exampleAwsFsxWindowsFileSystem.arn,\n username: \"Admin\",\n password: \"avoid-plaintext-passwords\",\n auditDestinationArn: exampleAwsS3Bucket.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.FileSystemAssociation(\"example\",\n gateway_arn=example_aws_storagegateway_gateway[\"arn\"],\n location_arn=example_aws_fsx_windows_file_system[\"arn\"],\n username=\"Admin\",\n password=\"avoid-plaintext-passwords\",\n audit_destination_arn=example_aws_s3_bucket[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.FileSystemAssociation(\"example\", new()\n {\n GatewayArn = exampleAwsStoragegatewayGateway.Arn,\n LocationArn = exampleAwsFsxWindowsFileSystem.Arn,\n Username = \"Admin\",\n Password = \"avoid-plaintext-passwords\",\n AuditDestinationArn = exampleAwsS3Bucket.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewFileSystemAssociation(ctx, \"example\", \u0026storagegateway.FileSystemAssociationArgs{\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayGateway.Arn),\n\t\t\tLocationArn: pulumi.Any(exampleAwsFsxWindowsFileSystem.Arn),\n\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\tPassword: pulumi.String(\"avoid-plaintext-passwords\"),\n\t\t\tAuditDestinationArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.FileSystemAssociation;\nimport com.pulumi.aws.storagegateway.FileSystemAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FileSystemAssociation(\"example\", FileSystemAssociationArgs.builder() \n .gatewayArn(exampleAwsStoragegatewayGateway.arn())\n .locationArn(exampleAwsFsxWindowsFileSystem.arn())\n .username(\"Admin\")\n .password(\"avoid-plaintext-passwords\")\n .auditDestinationArn(exampleAwsS3Bucket.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:FileSystemAssociation\n properties:\n gatewayArn: ${exampleAwsStoragegatewayGateway.arn}\n locationArn: ${exampleAwsFsxWindowsFileSystem.arn}\n username: Admin\n password: avoid-plaintext-passwords\n auditDestinationArn: ${exampleAwsS3Bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Required Services Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awsServiceStoragegatewayAmiFILES3Latest = aws.ssm.getParameter({\n name: \"/aws/service/storagegateway/ami/FILE_S3/latest\",\n});\nconst test = new aws.ec2.Instance(\"test\", {\n ami: awsServiceStoragegatewayAmiFILES3Latest.then(awsServiceStoragegatewayAmiFILES3Latest =\u003e awsServiceStoragegatewayAmiFILES3Latest.value),\n associatePublicIpAddress: true,\n instanceType: aws.ec2.InstanceType[available.instanceType],\n vpcSecurityGroupIds: [testAwsSecurityGroup.id],\n subnetId: testAwsSubnet[0].id,\n});\nconst testGateway = new aws.storagegateway.Gateway(\"test\", {\n gatewayIpAddress: test.publicIp,\n gatewayName: \"test-sgw\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"FILE_FSX_SMB\",\n smbActiveDirectorySettings: {\n domainName: testAwsDirectoryServiceDirectory.name,\n password: testAwsDirectoryServiceDirectory.password,\n username: \"Admin\",\n },\n});\nconst testWindowsFileSystem = new aws.fsx.WindowsFileSystem(\"test\", {\n activeDirectoryId: testAwsDirectoryServiceDirectory.id,\n securityGroupIds: [testAwsSecurityGroup.id],\n skipFinalBackup: true,\n storageCapacity: 32,\n subnetIds: [testAwsSubnet[0].id],\n throughputCapacity: 8,\n});\nconst fsx = new aws.storagegateway.FileSystemAssociation(\"fsx\", {\n gatewayArn: testGateway.arn,\n locationArn: testWindowsFileSystem.arn,\n username: \"Admin\",\n password: testAwsDirectoryServiceDirectory.password,\n cacheAttributes: {\n cacheStaleTimeoutInSeconds: 400,\n },\n auditDestinationArn: testAwsCloudwatchLogGroup.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naws_service_storagegateway_ami_files3_latest = aws.ssm.get_parameter(name=\"/aws/service/storagegateway/ami/FILE_S3/latest\")\ntest = aws.ec2.Instance(\"test\",\n ami=aws_service_storagegateway_ami_files3_latest.value,\n associate_public_ip_address=True,\n instance_type=aws.ec2.InstanceType(available[\"instanceType\"]),\n vpc_security_group_ids=[test_aws_security_group[\"id\"]],\n subnet_id=test_aws_subnet[0][\"id\"])\ntest_gateway = aws.storagegateway.Gateway(\"test\",\n gateway_ip_address=test.public_ip,\n gateway_name=\"test-sgw\",\n gateway_timezone=\"GMT\",\n gateway_type=\"FILE_FSX_SMB\",\n smb_active_directory_settings=aws.storagegateway.GatewaySmbActiveDirectorySettingsArgs(\n domain_name=test_aws_directory_service_directory[\"name\"],\n password=test_aws_directory_service_directory[\"password\"],\n username=\"Admin\",\n ))\ntest_windows_file_system = aws.fsx.WindowsFileSystem(\"test\",\n active_directory_id=test_aws_directory_service_directory[\"id\"],\n security_group_ids=[test_aws_security_group[\"id\"]],\n skip_final_backup=True,\n storage_capacity=32,\n subnet_ids=[test_aws_subnet[0][\"id\"]],\n throughput_capacity=8)\nfsx = aws.storagegateway.FileSystemAssociation(\"fsx\",\n gateway_arn=test_gateway.arn,\n location_arn=test_windows_file_system.arn,\n username=\"Admin\",\n password=test_aws_directory_service_directory[\"password\"],\n cache_attributes=aws.storagegateway.FileSystemAssociationCacheAttributesArgs(\n cache_stale_timeout_in_seconds=400,\n ),\n audit_destination_arn=test_aws_cloudwatch_log_group[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var awsServiceStoragegatewayAmiFILES3Latest = Aws.Ssm.GetParameter.Invoke(new()\n {\n Name = \"/aws/service/storagegateway/ami/FILE_S3/latest\",\n });\n\n var test = new Aws.Ec2.Instance(\"test\", new()\n {\n Ami = awsServiceStoragegatewayAmiFILES3Latest.Apply(getParameterResult =\u003e getParameterResult.Value),\n AssociatePublicIpAddress = true,\n InstanceType = System.Enum.Parse\u003cAws.Ec2.InstanceType\u003e(available.InstanceType),\n VpcSecurityGroupIds = new[]\n {\n testAwsSecurityGroup.Id,\n },\n SubnetId = testAwsSubnet[0].Id,\n });\n\n var testGateway = new Aws.StorageGateway.Gateway(\"test\", new()\n {\n GatewayIpAddress = test.PublicIp,\n GatewayName = \"test-sgw\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"FILE_FSX_SMB\",\n SmbActiveDirectorySettings = new Aws.StorageGateway.Inputs.GatewaySmbActiveDirectorySettingsArgs\n {\n DomainName = testAwsDirectoryServiceDirectory.Name,\n Password = testAwsDirectoryServiceDirectory.Password,\n Username = \"Admin\",\n },\n });\n\n var testWindowsFileSystem = new Aws.Fsx.WindowsFileSystem(\"test\", new()\n {\n ActiveDirectoryId = testAwsDirectoryServiceDirectory.Id,\n SecurityGroupIds = new[]\n {\n testAwsSecurityGroup.Id,\n },\n SkipFinalBackup = true,\n StorageCapacity = 32,\n SubnetIds = new[]\n {\n testAwsSubnet[0].Id,\n },\n ThroughputCapacity = 8,\n });\n\n var fsx = new Aws.StorageGateway.FileSystemAssociation(\"fsx\", new()\n {\n GatewayArn = testGateway.Arn,\n LocationArn = testWindowsFileSystem.Arn,\n Username = \"Admin\",\n Password = testAwsDirectoryServiceDirectory.Password,\n CacheAttributes = new Aws.StorageGateway.Inputs.FileSystemAssociationCacheAttributesArgs\n {\n CacheStaleTimeoutInSeconds = 400,\n },\n AuditDestinationArn = testAwsCloudwatchLogGroup.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tawsServiceStoragegatewayAmiFILES3Latest, err := ssm.LookupParameter(ctx, \u0026ssm.LookupParameterArgs{\n\t\t\tName: \"/aws/service/storagegateway/ami/FILE_S3/latest\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := ec2.NewInstance(ctx, \"test\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(awsServiceStoragegatewayAmiFILES3Latest.Value),\n\t\t\tAssociatePublicIpAddress: pulumi.Bool(true),\n\t\t\tInstanceType: ec2.InstanceType(available.InstanceType),\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\ttestAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tSubnetId: pulumi.Any(testAwsSubnet[0].Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestGateway, err := storagegateway.NewGateway(ctx, \"test\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: test.PublicIp,\n\t\t\tGatewayName: pulumi.String(\"test-sgw\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"FILE_FSX_SMB\"),\n\t\t\tSmbActiveDirectorySettings: \u0026storagegateway.GatewaySmbActiveDirectorySettingsArgs{\n\t\t\t\tDomainName: pulumi.Any(testAwsDirectoryServiceDirectory.Name),\n\t\t\t\tPassword: pulumi.Any(testAwsDirectoryServiceDirectory.Password),\n\t\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestWindowsFileSystem, err := fsx.NewWindowsFileSystem(ctx, \"test\", \u0026fsx.WindowsFileSystemArgs{\n\t\t\tActiveDirectoryId: pulumi.Any(testAwsDirectoryServiceDirectory.Id),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\ttestAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tSkipFinalBackup: pulumi.Bool(true),\n\t\t\tStorageCapacity: pulumi.Int(32),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\ttestAwsSubnet[0].Id,\n\t\t\t},\n\t\t\tThroughputCapacity: pulumi.Int(8),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = storagegateway.NewFileSystemAssociation(ctx, \"fsx\", \u0026storagegateway.FileSystemAssociationArgs{\n\t\t\tGatewayArn: testGateway.Arn,\n\t\t\tLocationArn: testWindowsFileSystem.Arn,\n\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\tPassword: pulumi.Any(testAwsDirectoryServiceDirectory.Password),\n\t\t\tCacheAttributes: \u0026storagegateway.FileSystemAssociationCacheAttributesArgs{\n\t\t\t\tCacheStaleTimeoutInSeconds: pulumi.Int(400),\n\t\t\t},\n\t\t\tAuditDestinationArn: pulumi.Any(testAwsCloudwatchLogGroup.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetParameterArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.storagegateway.Gateway;\nimport com.pulumi.aws.storagegateway.GatewayArgs;\nimport com.pulumi.aws.storagegateway.inputs.GatewaySmbActiveDirectorySettingsArgs;\nimport com.pulumi.aws.fsx.WindowsFileSystem;\nimport com.pulumi.aws.fsx.WindowsFileSystemArgs;\nimport com.pulumi.aws.storagegateway.FileSystemAssociation;\nimport com.pulumi.aws.storagegateway.FileSystemAssociationArgs;\nimport com.pulumi.aws.storagegateway.inputs.FileSystemAssociationCacheAttributesArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var awsServiceStoragegatewayAmiFILES3Latest = SsmFunctions.getParameter(GetParameterArgs.builder()\n .name(\"/aws/service/storagegateway/ami/FILE_S3/latest\")\n .build());\n\n var test = new Instance(\"test\", InstanceArgs.builder() \n .ami(awsServiceStoragegatewayAmiFILES3Latest.applyValue(getParameterResult -\u003e getParameterResult.value()))\n .associatePublicIpAddress(true)\n .instanceType(available.instanceType())\n .vpcSecurityGroupIds(testAwsSecurityGroup.id())\n .subnetId(testAwsSubnet[0].id())\n .build());\n\n var testGateway = new Gateway(\"testGateway\", GatewayArgs.builder() \n .gatewayIpAddress(test.publicIp())\n .gatewayName(\"test-sgw\")\n .gatewayTimezone(\"GMT\")\n .gatewayType(\"FILE_FSX_SMB\")\n .smbActiveDirectorySettings(GatewaySmbActiveDirectorySettingsArgs.builder()\n .domainName(testAwsDirectoryServiceDirectory.name())\n .password(testAwsDirectoryServiceDirectory.password())\n .username(\"Admin\")\n .build())\n .build());\n\n var testWindowsFileSystem = new WindowsFileSystem(\"testWindowsFileSystem\", WindowsFileSystemArgs.builder() \n .activeDirectoryId(testAwsDirectoryServiceDirectory.id())\n .securityGroupIds(testAwsSecurityGroup.id())\n .skipFinalBackup(true)\n .storageCapacity(32)\n .subnetIds(testAwsSubnet[0].id())\n .throughputCapacity(8)\n .build());\n\n var fsx = new FileSystemAssociation(\"fsx\", FileSystemAssociationArgs.builder() \n .gatewayArn(testGateway.arn())\n .locationArn(testWindowsFileSystem.arn())\n .username(\"Admin\")\n .password(testAwsDirectoryServiceDirectory.password())\n .cacheAttributes(FileSystemAssociationCacheAttributesArgs.builder()\n .cacheStaleTimeoutInSeconds(400)\n .build())\n .auditDestinationArn(testAwsCloudwatchLogGroup.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:Instance\n properties:\n ami: ${awsServiceStoragegatewayAmiFILES3Latest.value}\n associatePublicIpAddress: true\n instanceType: ${available.instanceType}\n vpcSecurityGroupIds:\n - ${testAwsSecurityGroup.id}\n subnetId: ${testAwsSubnet[0].id}\n testGateway:\n type: aws:storagegateway:Gateway\n name: test\n properties:\n gatewayIpAddress: ${test.publicIp}\n gatewayName: test-sgw\n gatewayTimezone: GMT\n gatewayType: FILE_FSX_SMB\n smbActiveDirectorySettings:\n domainName: ${testAwsDirectoryServiceDirectory.name}\n password: ${testAwsDirectoryServiceDirectory.password}\n username: Admin\n testWindowsFileSystem:\n type: aws:fsx:WindowsFileSystem\n name: test\n properties:\n activeDirectoryId: ${testAwsDirectoryServiceDirectory.id}\n securityGroupIds:\n - ${testAwsSecurityGroup.id}\n skipFinalBackup: true\n storageCapacity: 32\n subnetIds:\n - ${testAwsSubnet[0].id}\n throughputCapacity: 8\n fsx:\n type: aws:storagegateway:FileSystemAssociation\n properties:\n gatewayArn: ${testGateway.arn}\n locationArn: ${testWindowsFileSystem.arn}\n username: Admin\n password: ${testAwsDirectoryServiceDirectory.password}\n cacheAttributes:\n cacheStaleTimeoutInSeconds: 400\n auditDestinationArn: ${testAwsCloudwatchLogGroup.arn}\nvariables:\n awsServiceStoragegatewayAmiFILES3Latest:\n fn::invoke:\n Function: aws:ssm:getParameter\n Arguments:\n name: /aws/service/storagegateway/ami/FILE_S3/latest\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_file_system_association` using the FSx file system association Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:storagegateway/fileSystemAssociation:FileSystemAssociation example arn:aws:storagegateway:us-east-1:123456789012:fs-association/fsa-0DA347732FDB40125\n```\n", + "description": "Associate an Amazon FSx file system with the FSx File Gateway. After the association process is complete, the file shares on the Amazon FSx file system are available for access through the gateway. This operation only supports the FSx File Gateway type.\n\n[FSx File Gateway requirements](https://docs.aws.amazon.com/filegateway/latest/filefsxw/Requirements.html).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.storagegateway.FileSystemAssociation(\"example\", {\n gatewayArn: exampleAwsStoragegatewayGateway.arn,\n locationArn: exampleAwsFsxWindowsFileSystem.arn,\n username: \"Admin\",\n password: \"avoid-plaintext-passwords\",\n auditDestinationArn: exampleAwsS3Bucket.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.storagegateway.FileSystemAssociation(\"example\",\n gateway_arn=example_aws_storagegateway_gateway[\"arn\"],\n location_arn=example_aws_fsx_windows_file_system[\"arn\"],\n username=\"Admin\",\n password=\"avoid-plaintext-passwords\",\n audit_destination_arn=example_aws_s3_bucket[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.StorageGateway.FileSystemAssociation(\"example\", new()\n {\n GatewayArn = exampleAwsStoragegatewayGateway.Arn,\n LocationArn = exampleAwsFsxWindowsFileSystem.Arn,\n Username = \"Admin\",\n Password = \"avoid-plaintext-passwords\",\n AuditDestinationArn = exampleAwsS3Bucket.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storagegateway.NewFileSystemAssociation(ctx, \"example\", \u0026storagegateway.FileSystemAssociationArgs{\n\t\t\tGatewayArn: pulumi.Any(exampleAwsStoragegatewayGateway.Arn),\n\t\t\tLocationArn: pulumi.Any(exampleAwsFsxWindowsFileSystem.Arn),\n\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\tPassword: pulumi.String(\"avoid-plaintext-passwords\"),\n\t\t\tAuditDestinationArn: pulumi.Any(exampleAwsS3Bucket.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.storagegateway.FileSystemAssociation;\nimport com.pulumi.aws.storagegateway.FileSystemAssociationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new FileSystemAssociation(\"example\", FileSystemAssociationArgs.builder() \n .gatewayArn(exampleAwsStoragegatewayGateway.arn())\n .locationArn(exampleAwsFsxWindowsFileSystem.arn())\n .username(\"Admin\")\n .password(\"avoid-plaintext-passwords\")\n .auditDestinationArn(exampleAwsS3Bucket.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:storagegateway:FileSystemAssociation\n properties:\n gatewayArn: ${exampleAwsStoragegatewayGateway.arn}\n locationArn: ${exampleAwsFsxWindowsFileSystem.arn}\n username: Admin\n password: avoid-plaintext-passwords\n auditDestinationArn: ${exampleAwsS3Bucket.arn}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Required Services Example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst awsServiceStoragegatewayAmiFILES3Latest = aws.ssm.getParameter({\n name: \"/aws/service/storagegateway/ami/FILE_S3/latest\",\n});\nconst test = new aws.ec2.Instance(\"test\", {\n ami: awsServiceStoragegatewayAmiFILES3Latest.then(awsServiceStoragegatewayAmiFILES3Latest =\u003e awsServiceStoragegatewayAmiFILES3Latest.value),\n associatePublicIpAddress: true,\n instanceType: aws.ec2.InstanceType[available.instanceType],\n vpcSecurityGroupIds: [testAwsSecurityGroup.id],\n subnetId: testAwsSubnet[0].id,\n}, {\n dependsOn: [\n testAwsRoute,\n testAwsVpcDhcpOptionsAssociation,\n ],\n});\nconst testGateway = new aws.storagegateway.Gateway(\"test\", {\n gatewayIpAddress: test.publicIp,\n gatewayName: \"test-sgw\",\n gatewayTimezone: \"GMT\",\n gatewayType: \"FILE_FSX_SMB\",\n smbActiveDirectorySettings: {\n domainName: testAwsDirectoryServiceDirectory.name,\n password: testAwsDirectoryServiceDirectory.password,\n username: \"Admin\",\n },\n});\nconst testWindowsFileSystem = new aws.fsx.WindowsFileSystem(\"test\", {\n activeDirectoryId: testAwsDirectoryServiceDirectory.id,\n securityGroupIds: [testAwsSecurityGroup.id],\n skipFinalBackup: true,\n storageCapacity: 32,\n subnetIds: [testAwsSubnet[0].id],\n throughputCapacity: 8,\n});\nconst fsx = new aws.storagegateway.FileSystemAssociation(\"fsx\", {\n gatewayArn: testGateway.arn,\n locationArn: testWindowsFileSystem.arn,\n username: \"Admin\",\n password: testAwsDirectoryServiceDirectory.password,\n cacheAttributes: {\n cacheStaleTimeoutInSeconds: 400,\n },\n auditDestinationArn: testAwsCloudwatchLogGroup.arn,\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\naws_service_storagegateway_ami_files3_latest = aws.ssm.get_parameter(name=\"/aws/service/storagegateway/ami/FILE_S3/latest\")\ntest = aws.ec2.Instance(\"test\",\n ami=aws_service_storagegateway_ami_files3_latest.value,\n associate_public_ip_address=True,\n instance_type=aws.ec2.InstanceType(available[\"instanceType\"]),\n vpc_security_group_ids=[test_aws_security_group[\"id\"]],\n subnet_id=test_aws_subnet[0][\"id\"],\n opts=pulumi.ResourceOptions(depends_on=[\n test_aws_route,\n test_aws_vpc_dhcp_options_association,\n ]))\ntest_gateway = aws.storagegateway.Gateway(\"test\",\n gateway_ip_address=test.public_ip,\n gateway_name=\"test-sgw\",\n gateway_timezone=\"GMT\",\n gateway_type=\"FILE_FSX_SMB\",\n smb_active_directory_settings=aws.storagegateway.GatewaySmbActiveDirectorySettingsArgs(\n domain_name=test_aws_directory_service_directory[\"name\"],\n password=test_aws_directory_service_directory[\"password\"],\n username=\"Admin\",\n ))\ntest_windows_file_system = aws.fsx.WindowsFileSystem(\"test\",\n active_directory_id=test_aws_directory_service_directory[\"id\"],\n security_group_ids=[test_aws_security_group[\"id\"]],\n skip_final_backup=True,\n storage_capacity=32,\n subnet_ids=[test_aws_subnet[0][\"id\"]],\n throughput_capacity=8)\nfsx = aws.storagegateway.FileSystemAssociation(\"fsx\",\n gateway_arn=test_gateway.arn,\n location_arn=test_windows_file_system.arn,\n username=\"Admin\",\n password=test_aws_directory_service_directory[\"password\"],\n cache_attributes=aws.storagegateway.FileSystemAssociationCacheAttributesArgs(\n cache_stale_timeout_in_seconds=400,\n ),\n audit_destination_arn=test_aws_cloudwatch_log_group[\"arn\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var awsServiceStoragegatewayAmiFILES3Latest = Aws.Ssm.GetParameter.Invoke(new()\n {\n Name = \"/aws/service/storagegateway/ami/FILE_S3/latest\",\n });\n\n var test = new Aws.Ec2.Instance(\"test\", new()\n {\n Ami = awsServiceStoragegatewayAmiFILES3Latest.Apply(getParameterResult =\u003e getParameterResult.Value),\n AssociatePublicIpAddress = true,\n InstanceType = System.Enum.Parse\u003cAws.Ec2.InstanceType\u003e(available.InstanceType),\n VpcSecurityGroupIds = new[]\n {\n testAwsSecurityGroup.Id,\n },\n SubnetId = testAwsSubnet[0].Id,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n testAwsRoute, \n testAwsVpcDhcpOptionsAssociation, \n },\n });\n\n var testGateway = new Aws.StorageGateway.Gateway(\"test\", new()\n {\n GatewayIpAddress = test.PublicIp,\n GatewayName = \"test-sgw\",\n GatewayTimezone = \"GMT\",\n GatewayType = \"FILE_FSX_SMB\",\n SmbActiveDirectorySettings = new Aws.StorageGateway.Inputs.GatewaySmbActiveDirectorySettingsArgs\n {\n DomainName = testAwsDirectoryServiceDirectory.Name,\n Password = testAwsDirectoryServiceDirectory.Password,\n Username = \"Admin\",\n },\n });\n\n var testWindowsFileSystem = new Aws.Fsx.WindowsFileSystem(\"test\", new()\n {\n ActiveDirectoryId = testAwsDirectoryServiceDirectory.Id,\n SecurityGroupIds = new[]\n {\n testAwsSecurityGroup.Id,\n },\n SkipFinalBackup = true,\n StorageCapacity = 32,\n SubnetIds = new[]\n {\n testAwsSubnet[0].Id,\n },\n ThroughputCapacity = 8,\n });\n\n var fsx = new Aws.StorageGateway.FileSystemAssociation(\"fsx\", new()\n {\n GatewayArn = testGateway.Arn,\n LocationArn = testWindowsFileSystem.Arn,\n Username = \"Admin\",\n Password = testAwsDirectoryServiceDirectory.Password,\n CacheAttributes = new Aws.StorageGateway.Inputs.FileSystemAssociationCacheAttributesArgs\n {\n CacheStaleTimeoutInSeconds = 400,\n },\n AuditDestinationArn = testAwsCloudwatchLogGroup.Arn,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/fsx\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ssm\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/storagegateway\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tawsServiceStoragegatewayAmiFILES3Latest, err := ssm.LookupParameter(ctx, \u0026ssm.LookupParameterArgs{\n\t\t\tName: \"/aws/service/storagegateway/ami/FILE_S3/latest\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := ec2.NewInstance(ctx, \"test\", \u0026ec2.InstanceArgs{\n\t\t\tAmi: pulumi.String(awsServiceStoragegatewayAmiFILES3Latest.Value),\n\t\t\tAssociatePublicIpAddress: pulumi.Bool(true),\n\t\t\tInstanceType: ec2.InstanceType(available.InstanceType),\n\t\t\tVpcSecurityGroupIds: pulumi.StringArray{\n\t\t\t\ttestAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tSubnetId: pulumi.Any(testAwsSubnet[0].Id),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ttestAwsRoute,\n\t\t\ttestAwsVpcDhcpOptionsAssociation,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestGateway, err := storagegateway.NewGateway(ctx, \"test\", \u0026storagegateway.GatewayArgs{\n\t\t\tGatewayIpAddress: test.PublicIp,\n\t\t\tGatewayName: pulumi.String(\"test-sgw\"),\n\t\t\tGatewayTimezone: pulumi.String(\"GMT\"),\n\t\t\tGatewayType: pulumi.String(\"FILE_FSX_SMB\"),\n\t\t\tSmbActiveDirectorySettings: \u0026storagegateway.GatewaySmbActiveDirectorySettingsArgs{\n\t\t\t\tDomainName: pulumi.Any(testAwsDirectoryServiceDirectory.Name),\n\t\t\t\tPassword: pulumi.Any(testAwsDirectoryServiceDirectory.Password),\n\t\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestWindowsFileSystem, err := fsx.NewWindowsFileSystem(ctx, \"test\", \u0026fsx.WindowsFileSystemArgs{\n\t\t\tActiveDirectoryId: pulumi.Any(testAwsDirectoryServiceDirectory.Id),\n\t\t\tSecurityGroupIds: pulumi.StringArray{\n\t\t\t\ttestAwsSecurityGroup.Id,\n\t\t\t},\n\t\t\tSkipFinalBackup: pulumi.Bool(true),\n\t\t\tStorageCapacity: pulumi.Int(32),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\ttestAwsSubnet[0].Id,\n\t\t\t},\n\t\t\tThroughputCapacity: pulumi.Int(8),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = storagegateway.NewFileSystemAssociation(ctx, \"fsx\", \u0026storagegateway.FileSystemAssociationArgs{\n\t\t\tGatewayArn: testGateway.Arn,\n\t\t\tLocationArn: testWindowsFileSystem.Arn,\n\t\t\tUsername: pulumi.String(\"Admin\"),\n\t\t\tPassword: pulumi.Any(testAwsDirectoryServiceDirectory.Password),\n\t\t\tCacheAttributes: \u0026storagegateway.FileSystemAssociationCacheAttributesArgs{\n\t\t\t\tCacheStaleTimeoutInSeconds: pulumi.Int(400),\n\t\t\t},\n\t\t\tAuditDestinationArn: pulumi.Any(testAwsCloudwatchLogGroup.Arn),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ssm.SsmFunctions;\nimport com.pulumi.aws.ssm.inputs.GetParameterArgs;\nimport com.pulumi.aws.ec2.Instance;\nimport com.pulumi.aws.ec2.InstanceArgs;\nimport com.pulumi.aws.storagegateway.Gateway;\nimport com.pulumi.aws.storagegateway.GatewayArgs;\nimport com.pulumi.aws.storagegateway.inputs.GatewaySmbActiveDirectorySettingsArgs;\nimport com.pulumi.aws.fsx.WindowsFileSystem;\nimport com.pulumi.aws.fsx.WindowsFileSystemArgs;\nimport com.pulumi.aws.storagegateway.FileSystemAssociation;\nimport com.pulumi.aws.storagegateway.FileSystemAssociationArgs;\nimport com.pulumi.aws.storagegateway.inputs.FileSystemAssociationCacheAttributesArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var awsServiceStoragegatewayAmiFILES3Latest = SsmFunctions.getParameter(GetParameterArgs.builder()\n .name(\"/aws/service/storagegateway/ami/FILE_S3/latest\")\n .build());\n\n var test = new Instance(\"test\", InstanceArgs.builder() \n .ami(awsServiceStoragegatewayAmiFILES3Latest.applyValue(getParameterResult -\u003e getParameterResult.value()))\n .associatePublicIpAddress(true)\n .instanceType(available.instanceType())\n .vpcSecurityGroupIds(testAwsSecurityGroup.id())\n .subnetId(testAwsSubnet[0].id())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n testAwsRoute,\n testAwsVpcDhcpOptionsAssociation)\n .build());\n\n var testGateway = new Gateway(\"testGateway\", GatewayArgs.builder() \n .gatewayIpAddress(test.publicIp())\n .gatewayName(\"test-sgw\")\n .gatewayTimezone(\"GMT\")\n .gatewayType(\"FILE_FSX_SMB\")\n .smbActiveDirectorySettings(GatewaySmbActiveDirectorySettingsArgs.builder()\n .domainName(testAwsDirectoryServiceDirectory.name())\n .password(testAwsDirectoryServiceDirectory.password())\n .username(\"Admin\")\n .build())\n .build());\n\n var testWindowsFileSystem = new WindowsFileSystem(\"testWindowsFileSystem\", WindowsFileSystemArgs.builder() \n .activeDirectoryId(testAwsDirectoryServiceDirectory.id())\n .securityGroupIds(testAwsSecurityGroup.id())\n .skipFinalBackup(true)\n .storageCapacity(32)\n .subnetIds(testAwsSubnet[0].id())\n .throughputCapacity(8)\n .build());\n\n var fsx = new FileSystemAssociation(\"fsx\", FileSystemAssociationArgs.builder() \n .gatewayArn(testGateway.arn())\n .locationArn(testWindowsFileSystem.arn())\n .username(\"Admin\")\n .password(testAwsDirectoryServiceDirectory.password())\n .cacheAttributes(FileSystemAssociationCacheAttributesArgs.builder()\n .cacheStaleTimeoutInSeconds(400)\n .build())\n .auditDestinationArn(testAwsCloudwatchLogGroup.arn())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n test:\n type: aws:ec2:Instance\n properties:\n ami: ${awsServiceStoragegatewayAmiFILES3Latest.value}\n associatePublicIpAddress: true\n instanceType: ${available.instanceType}\n vpcSecurityGroupIds:\n - ${testAwsSecurityGroup.id}\n subnetId: ${testAwsSubnet[0].id}\n options:\n dependson:\n - ${testAwsRoute}\n - ${testAwsVpcDhcpOptionsAssociation}\n testGateway:\n type: aws:storagegateway:Gateway\n name: test\n properties:\n gatewayIpAddress: ${test.publicIp}\n gatewayName: test-sgw\n gatewayTimezone: GMT\n gatewayType: FILE_FSX_SMB\n smbActiveDirectorySettings:\n domainName: ${testAwsDirectoryServiceDirectory.name}\n password: ${testAwsDirectoryServiceDirectory.password}\n username: Admin\n testWindowsFileSystem:\n type: aws:fsx:WindowsFileSystem\n name: test\n properties:\n activeDirectoryId: ${testAwsDirectoryServiceDirectory.id}\n securityGroupIds:\n - ${testAwsSecurityGroup.id}\n skipFinalBackup: true\n storageCapacity: 32\n subnetIds:\n - ${testAwsSubnet[0].id}\n throughputCapacity: 8\n fsx:\n type: aws:storagegateway:FileSystemAssociation\n properties:\n gatewayArn: ${testGateway.arn}\n locationArn: ${testWindowsFileSystem.arn}\n username: Admin\n password: ${testAwsDirectoryServiceDirectory.password}\n cacheAttributes:\n cacheStaleTimeoutInSeconds: 400\n auditDestinationArn: ${testAwsCloudwatchLogGroup.arn}\nvariables:\n awsServiceStoragegatewayAmiFILES3Latest:\n fn::invoke:\n Function: aws:ssm:getParameter\n Arguments:\n name: /aws/service/storagegateway/ami/FILE_S3/latest\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import `aws_storagegateway_file_system_association` using the FSx file system association Amazon Resource Name (ARN). For example:\n\n```sh\n$ pulumi import aws:storagegateway/fileSystemAssociation:FileSystemAssociation example arn:aws:storagegateway:us-east-1:123456789012:fs-association/fsa-0DA347732FDB40125\n```\n", "properties": { "arn": { "type": "string", @@ -341833,7 +341833,7 @@ } }, "aws:transcribe/languageModel:LanguageModel": { - "description": "Resource for managing an AWS Transcribe LanguageModel.\n\n\u003e This resource can take a significant amount of time to provision. See Language Model [FAQ](https://aws.amazon.com/transcribe/faqs/) for more details.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"transcribe.amazonaws.com\"],\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: example.then(example =\u003e example.json),\n});\nconst testPolicy = new aws.iam.RolePolicy(\"test_policy\", {\n name: \"example\",\n role: exampleRole.id,\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: [\n \"s3:GetObject\",\n \"s3:ListBucket\",\n ],\n effect: \"Allow\",\n resource: [\"*\"],\n }],\n }),\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"example-transcribe\",\n forceDestroy: true,\n});\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: exampleBucketV2.id,\n key: \"transcribe/test1.txt\",\n source: new pulumi.asset.FileAsset(\"test1.txt\"),\n});\nconst exampleLanguageModel = new aws.transcribe.LanguageModel(\"example\", {\n modelName: \"example\",\n baseModelName: \"NarrowBand\",\n inputDataConfig: {\n dataAccessRoleArn: exampleRole.arn,\n s3Uri: pulumi.interpolate`s3://${exampleBucketV2.id}/transcribe/`,\n },\n languageCode: \"en-US\",\n tags: {\n ENVIRONMENT: \"development\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"transcribe.amazonaws.com\"],\n )],\n)])\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=example.json)\ntest_policy = aws.iam.RolePolicy(\"test_policy\",\n name=\"example\",\n role=example_role.id,\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": [\n \"s3:GetObject\",\n \"s3:ListBucket\",\n ],\n \"effect\": \"Allow\",\n \"resource\": [\"*\"],\n }],\n }))\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"example-transcribe\",\n force_destroy=True)\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=example_bucket_v2.id,\n key=\"transcribe/test1.txt\",\n source=pulumi.FileAsset(\"test1.txt\"))\nexample_language_model = aws.transcribe.LanguageModel(\"example\",\n model_name=\"example\",\n base_model_name=\"NarrowBand\",\n input_data_config=aws.transcribe.LanguageModelInputDataConfigArgs(\n data_access_role_arn=example_role.arn,\n s3_uri=example_bucket_v2.id.apply(lambda id: f\"s3://{id}/transcribe/\"),\n ),\n language_code=\"en-US\",\n tags={\n \"ENVIRONMENT\": \"development\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"transcribe.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testPolicy = new Aws.Iam.RolePolicy(\"test_policy\", new()\n {\n Name = \"example\",\n Role = exampleRole.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = new[]\n {\n \"s3:GetObject\",\n \"s3:ListBucket\",\n },\n [\"effect\"] = \"Allow\",\n [\"resource\"] = new[]\n {\n \"*\",\n },\n },\n },\n }),\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-transcribe\",\n ForceDestroy = true,\n });\n\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = exampleBucketV2.Id,\n Key = \"transcribe/test1.txt\",\n Source = new FileAsset(\"test1.txt\"),\n });\n\n var exampleLanguageModel = new Aws.Transcribe.LanguageModel(\"example\", new()\n {\n ModelName = \"example\",\n BaseModelName = \"NarrowBand\",\n InputDataConfig = new Aws.Transcribe.Inputs.LanguageModelInputDataConfigArgs\n {\n DataAccessRoleArn = exampleRole.Arn,\n S3Uri = exampleBucketV2.Id.Apply(id =\u003e $\"s3://{id}/transcribe/\"),\n },\n LanguageCode = \"en-US\",\n Tags = \n {\n { \"ENVIRONMENT\", \"development\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transcribe\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"transcribe.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t},\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRolePolicy(ctx, \"test_policy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: exampleRole.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-transcribe\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tKey: pulumi.String(\"transcribe/test1.txt\"),\n\t\t\tSource: pulumi.NewFileAsset(\"test1.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transcribe.NewLanguageModel(ctx, \"example\", \u0026transcribe.LanguageModelArgs{\n\t\t\tModelName: pulumi.String(\"example\"),\n\t\t\tBaseModelName: pulumi.String(\"NarrowBand\"),\n\t\t\tInputDataConfig: \u0026transcribe.LanguageModelInputDataConfigArgs{\n\t\t\t\tDataAccessRoleArn: exampleRole.Arn,\n\t\t\t\tS3Uri: exampleBucketV2.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/transcribe/\", id), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"ENVIRONMENT\": pulumi.String(\"development\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.transcribe.LanguageModel;\nimport com.pulumi.aws.transcribe.LanguageModelArgs;\nimport com.pulumi.aws.transcribe.inputs.LanguageModelInputDataConfigArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"transcribe.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"example\")\n .assumeRolePolicy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testPolicy = new RolePolicy(\"testPolicy\", RolePolicyArgs.builder() \n .name(\"example\")\n .role(exampleRole.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", jsonArray(\n \"s3:GetObject\", \n \"s3:ListBucket\"\n )),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", jsonArray(\"*\"))\n )))\n )))\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example-transcribe\")\n .forceDestroy(true)\n .build());\n\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder() \n .bucket(exampleBucketV2.id())\n .key(\"transcribe/test1.txt\")\n .source(new FileAsset(\"test1.txt\"))\n .build());\n\n var exampleLanguageModel = new LanguageModel(\"exampleLanguageModel\", LanguageModelArgs.builder() \n .modelName(\"example\")\n .baseModelName(\"NarrowBand\")\n .inputDataConfig(LanguageModelInputDataConfigArgs.builder()\n .dataAccessRoleArn(exampleRole.arn())\n .s3Uri(exampleBucketV2.id().applyValue(id -\u003e String.format(\"s3://%s/transcribe/\", id)))\n .build())\n .languageCode(\"en-US\")\n .tags(Map.of(\"ENVIRONMENT\", \"development\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n assumeRolePolicy: ${example.json}\n testPolicy:\n type: aws:iam:RolePolicy\n name: test_policy\n properties:\n name: example\n role: ${exampleRole.id}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action:\n - s3:GetObject\n - s3:ListBucket\n effect: Allow\n resource:\n - '*'\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example-transcribe\n forceDestroy: true\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${exampleBucketV2.id}\n key: transcribe/test1.txt\n source:\n fn::FileAsset: test1.txt\n exampleLanguageModel:\n type: aws:transcribe:LanguageModel\n name: example\n properties:\n modelName: example\n baseModelName: NarrowBand\n inputDataConfig:\n dataAccessRoleArn: ${exampleRole.arn}\n s3Uri: s3://${exampleBucketV2.id}/transcribe/\n languageCode: en-US\n tags:\n ENVIRONMENT: development\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - transcribe.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transcribe LanguageModel using the `model_name`. For example:\n\n```sh\n$ pulumi import aws:transcribe/languageModel:LanguageModel example example-name\n```\n", + "description": "Resource for managing an AWS Transcribe LanguageModel.\n\n\u003e This resource can take a significant amount of time to provision. See Language Model [FAQ](https://aws.amazon.com/transcribe/faqs/) for more details.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"transcribe.amazonaws.com\"],\n }],\n }],\n});\nconst exampleRole = new aws.iam.Role(\"example\", {\n name: \"example\",\n assumeRolePolicy: example.then(example =\u003e example.json),\n});\nconst testPolicy = new aws.iam.RolePolicy(\"test_policy\", {\n name: \"example\",\n role: exampleRole.id,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: [\n \"s3:GetObject\",\n \"s3:ListBucket\",\n ],\n Effect: \"Allow\",\n Resource: [\"*\"],\n }],\n }),\n});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {\n bucket: \"example-transcribe\",\n forceDestroy: true,\n});\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: exampleBucketV2.id,\n key: \"transcribe/test1.txt\",\n source: new pulumi.asset.FileAsset(\"test1.txt\"),\n});\nconst exampleLanguageModel = new aws.transcribe.LanguageModel(\"example\", {\n modelName: \"example\",\n baseModelName: \"NarrowBand\",\n inputDataConfig: {\n dataAccessRoleArn: exampleRole.arn,\n s3Uri: pulumi.interpolate`s3://${exampleBucketV2.id}/transcribe/`,\n },\n languageCode: \"en-US\",\n tags: {\n ENVIRONMENT: \"development\",\n },\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"transcribe.amazonaws.com\"],\n )],\n)])\nexample_role = aws.iam.Role(\"example\",\n name=\"example\",\n assume_role_policy=example.json)\ntest_policy = aws.iam.RolePolicy(\"test_policy\",\n name=\"example\",\n role=example_role.id,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": [\n \"s3:GetObject\",\n \"s3:ListBucket\",\n ],\n \"Effect\": \"Allow\",\n \"Resource\": [\"*\"],\n }],\n }))\nexample_bucket_v2 = aws.s3.BucketV2(\"example\",\n bucket=\"example-transcribe\",\n force_destroy=True)\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=example_bucket_v2.id,\n key=\"transcribe/test1.txt\",\n source=pulumi.FileAsset(\"test1.txt\"))\nexample_language_model = aws.transcribe.LanguageModel(\"example\",\n model_name=\"example\",\n base_model_name=\"NarrowBand\",\n input_data_config=aws.transcribe.LanguageModelInputDataConfigArgs(\n data_access_role_arn=example_role.arn,\n s3_uri=example_bucket_v2.id.apply(lambda id: f\"s3://{id}/transcribe/\"),\n ),\n language_code=\"en-US\",\n tags={\n \"ENVIRONMENT\": \"development\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"transcribe.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var exampleRole = new Aws.Iam.Role(\"example\", new()\n {\n Name = \"example\",\n AssumeRolePolicy = example.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var testPolicy = new Aws.Iam.RolePolicy(\"test_policy\", new()\n {\n Name = \"example\",\n Role = exampleRole.Id,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = new[]\n {\n \"s3:GetObject\",\n \"s3:ListBucket\",\n },\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = new[]\n {\n \"*\",\n },\n },\n },\n }),\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-transcribe\",\n ForceDestroy = true,\n });\n\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = exampleBucketV2.Id,\n Key = \"transcribe/test1.txt\",\n Source = new FileAsset(\"test1.txt\"),\n });\n\n var exampleLanguageModel = new Aws.Transcribe.LanguageModel(\"example\", new()\n {\n ModelName = \"example\",\n BaseModelName = \"NarrowBand\",\n InputDataConfig = new Aws.Transcribe.Inputs.LanguageModelInputDataConfigArgs\n {\n DataAccessRoleArn = exampleRole.Arn,\n S3Uri = exampleBucketV2.Id.Apply(id =\u003e $\"s3://{id}/transcribe/\"),\n },\n LanguageCode = \"en-US\",\n Tags = \n {\n { \"ENVIRONMENT\", \"development\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transcribe\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"transcribe.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRole, err := iam.NewRole(ctx, \"example\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tAssumeRolePolicy: pulumi.String(example.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\t\t\"s3:ListBucket\",\n\t\t\t\t\t},\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\"*\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = iam.NewRolePolicy(ctx, \"test_policy\", \u0026iam.RolePolicyArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t\tRole: exampleRole.ID(),\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-transcribe\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: exampleBucketV2.ID(),\n\t\t\tKey: pulumi.String(\"transcribe/test1.txt\"),\n\t\t\tSource: pulumi.NewFileAsset(\"test1.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transcribe.NewLanguageModel(ctx, \"example\", \u0026transcribe.LanguageModelArgs{\n\t\t\tModelName: pulumi.String(\"example\"),\n\t\t\tBaseModelName: pulumi.String(\"NarrowBand\"),\n\t\t\tInputDataConfig: \u0026transcribe.LanguageModelInputDataConfigArgs{\n\t\t\t\tDataAccessRoleArn: exampleRole.Arn,\n\t\t\t\tS3Uri: exampleBucketV2.ID().ApplyT(func(id string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"s3://%v/transcribe/\", id), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"ENVIRONMENT\": pulumi.String(\"development\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicy;\nimport com.pulumi.aws.iam.RolePolicyArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.transcribe.LanguageModel;\nimport com.pulumi.aws.transcribe.LanguageModelArgs;\nimport com.pulumi.aws.transcribe.inputs.LanguageModelInputDataConfigArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"transcribe.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var exampleRole = new Role(\"exampleRole\", RoleArgs.builder() \n .name(\"example\")\n .assumeRolePolicy(example.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var testPolicy = new RolePolicy(\"testPolicy\", RolePolicyArgs.builder() \n .name(\"example\")\n .role(exampleRole.id())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", jsonArray(\n \"s3:GetObject\", \n \"s3:ListBucket\"\n )),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", jsonArray(\"*\"))\n )))\n )))\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"example-transcribe\")\n .forceDestroy(true)\n .build());\n\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder() \n .bucket(exampleBucketV2.id())\n .key(\"transcribe/test1.txt\")\n .source(new FileAsset(\"test1.txt\"))\n .build());\n\n var exampleLanguageModel = new LanguageModel(\"exampleLanguageModel\", LanguageModelArgs.builder() \n .modelName(\"example\")\n .baseModelName(\"NarrowBand\")\n .inputDataConfig(LanguageModelInputDataConfigArgs.builder()\n .dataAccessRoleArn(exampleRole.arn())\n .s3Uri(exampleBucketV2.id().applyValue(id -\u003e String.format(\"s3://%s/transcribe/\", id)))\n .build())\n .languageCode(\"en-US\")\n .tags(Map.of(\"ENVIRONMENT\", \"development\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleRole:\n type: aws:iam:Role\n name: example\n properties:\n name: example\n assumeRolePolicy: ${example.json}\n testPolicy:\n type: aws:iam:RolePolicy\n name: test_policy\n properties:\n name: example\n role: ${exampleRole.id}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action:\n - s3:GetObject\n - s3:ListBucket\n Effect: Allow\n Resource:\n - '*'\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: example-transcribe\n forceDestroy: true\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${exampleBucketV2.id}\n key: transcribe/test1.txt\n source:\n fn::FileAsset: test1.txt\n exampleLanguageModel:\n type: aws:transcribe:LanguageModel\n name: example\n properties:\n modelName: example\n baseModelName: NarrowBand\n inputDataConfig:\n dataAccessRoleArn: ${exampleRole.arn}\n s3Uri: s3://${exampleBucketV2.id}/transcribe/\n languageCode: en-US\n tags:\n ENVIRONMENT: development\nvariables:\n example:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - transcribe.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transcribe LanguageModel using the `model_name`. For example:\n\n```sh\n$ pulumi import aws:transcribe/languageModel:LanguageModel example example-name\n```\n", "properties": { "arn": { "type": "string", @@ -341959,7 +341959,7 @@ } }, "aws:transcribe/medicalVocabulary:MedicalVocabulary": { - "description": "Resource for managing an AWS Transcribe MedicalVocabulary.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"example-medical-vocab-123\",\n forceDestroy: true,\n});\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: example.id,\n key: \"transcribe/test1.txt\",\n source: new pulumi.asset.FileAsset(\"test.txt\"),\n});\nconst exampleMedicalVocabulary = new aws.transcribe.MedicalVocabulary(\"example\", {\n vocabularyName: \"example\",\n languageCode: \"en-US\",\n vocabularyFileUri: pulumi.interpolate`s3://${example.id}/${object.key}`,\n tags: {\n tag1: \"value1\",\n tag2: \"value3\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"example-medical-vocab-123\",\n force_destroy=True)\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=example.id,\n key=\"transcribe/test1.txt\",\n source=pulumi.FileAsset(\"test.txt\"))\nexample_medical_vocabulary = aws.transcribe.MedicalVocabulary(\"example\",\n vocabulary_name=\"example\",\n language_code=\"en-US\",\n vocabulary_file_uri=pulumi.Output.all(example.id, object.key).apply(lambda id, key: f\"s3://{id}/{key}\"),\n tags={\n \"tag1\": \"value1\",\n \"tag2\": \"value3\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-medical-vocab-123\",\n ForceDestroy = true,\n });\n\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = example.Id,\n Key = \"transcribe/test1.txt\",\n Source = new FileAsset(\"test.txt\"),\n });\n\n var exampleMedicalVocabulary = new Aws.Transcribe.MedicalVocabulary(\"example\", new()\n {\n VocabularyName = \"example\",\n LanguageCode = \"en-US\",\n VocabularyFileUri = Output.Tuple(example.Id, @object.Key).Apply(values =\u003e\n {\n var id = values.Item1;\n var key = values.Item2;\n return $\"s3://{id}/{key}\";\n }),\n Tags = \n {\n { \"tag1\", \"value1\" },\n { \"tag2\", \"value3\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transcribe\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-medical-vocab-123\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tKey: pulumi.String(\"transcribe/test1.txt\"),\n\t\t\tSource: pulumi.NewFileAsset(\"test.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transcribe.NewMedicalVocabulary(ctx, \"example\", \u0026transcribe.MedicalVocabularyArgs{\n\t\t\tVocabularyName: pulumi.String(\"example\"),\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tVocabularyFileUri: pulumi.All(example.ID(), object.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tid := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", id, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t\t\"tag2\": pulumi.String(\"value3\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.transcribe.MedicalVocabulary;\nimport com.pulumi.aws.transcribe.MedicalVocabularyArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example-medical-vocab-123\")\n .forceDestroy(true)\n .build());\n\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder() \n .bucket(example.id())\n .key(\"transcribe/test1.txt\")\n .source(new FileAsset(\"test.txt\"))\n .build());\n\n var exampleMedicalVocabulary = new MedicalVocabulary(\"exampleMedicalVocabulary\", MedicalVocabularyArgs.builder() \n .vocabularyName(\"example\")\n .languageCode(\"en-US\")\n .vocabularyFileUri(Output.tuple(example.id(), object.key()).applyValue(values -\u003e {\n var id = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", id,key);\n }))\n .tags(Map.ofEntries(\n Map.entry(\"tag1\", \"value1\"),\n Map.entry(\"tag2\", \"value3\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-medical-vocab-123\n forceDestroy: true\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${example.id}\n key: transcribe/test1.txt\n source:\n fn::FileAsset: test.txt\n exampleMedicalVocabulary:\n type: aws:transcribe:MedicalVocabulary\n name: example\n properties:\n vocabularyName: example\n languageCode: en-US\n vocabularyFileUri: s3://${example.id}/${object.key}\n tags:\n tag1: value1\n tag2: value3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transcribe MedicalVocabulary using the `vocabulary_name`. For example:\n\n```sh\n$ pulumi import aws:transcribe/medicalVocabulary:MedicalVocabulary example example-name\n```\n", + "description": "Resource for managing an AWS Transcribe MedicalVocabulary.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"example-medical-vocab-123\",\n forceDestroy: true,\n});\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: example.id,\n key: \"transcribe/test1.txt\",\n source: new pulumi.asset.FileAsset(\"test.txt\"),\n});\nconst exampleMedicalVocabulary = new aws.transcribe.MedicalVocabulary(\"example\", {\n vocabularyName: \"example\",\n languageCode: \"en-US\",\n vocabularyFileUri: pulumi.interpolate`s3://${example.id}/${object.key}`,\n tags: {\n tag1: \"value1\",\n tag2: \"value3\",\n },\n}, {\n dependsOn: [object],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"example-medical-vocab-123\",\n force_destroy=True)\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=example.id,\n key=\"transcribe/test1.txt\",\n source=pulumi.FileAsset(\"test.txt\"))\nexample_medical_vocabulary = aws.transcribe.MedicalVocabulary(\"example\",\n vocabulary_name=\"example\",\n language_code=\"en-US\",\n vocabulary_file_uri=pulumi.Output.all(example.id, object.key).apply(lambda id, key: f\"s3://{id}/{key}\"),\n tags={\n \"tag1\": \"value1\",\n \"tag2\": \"value3\",\n },\n opts=pulumi.ResourceOptions(depends_on=[object]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-medical-vocab-123\",\n ForceDestroy = true,\n });\n\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = example.Id,\n Key = \"transcribe/test1.txt\",\n Source = new FileAsset(\"test.txt\"),\n });\n\n var exampleMedicalVocabulary = new Aws.Transcribe.MedicalVocabulary(\"example\", new()\n {\n VocabularyName = \"example\",\n LanguageCode = \"en-US\",\n VocabularyFileUri = Output.Tuple(example.Id, @object.Key).Apply(values =\u003e\n {\n var id = values.Item1;\n var key = values.Item2;\n return $\"s3://{id}/{key}\";\n }),\n Tags = \n {\n { \"tag1\", \"value1\" },\n { \"tag2\", \"value3\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n @object, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transcribe\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-medical-vocab-123\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tKey: pulumi.String(\"transcribe/test1.txt\"),\n\t\t\tSource: pulumi.NewFileAsset(\"test.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transcribe.NewMedicalVocabulary(ctx, \"example\", \u0026transcribe.MedicalVocabularyArgs{\n\t\t\tVocabularyName: pulumi.String(\"example\"),\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tVocabularyFileUri: pulumi.All(example.ID(), object.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tid := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", id, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t\t\"tag2\": pulumi.String(\"value3\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tobject,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.transcribe.MedicalVocabulary;\nimport com.pulumi.aws.transcribe.MedicalVocabularyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example-medical-vocab-123\")\n .forceDestroy(true)\n .build());\n\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder() \n .bucket(example.id())\n .key(\"transcribe/test1.txt\")\n .source(new FileAsset(\"test.txt\"))\n .build());\n\n var exampleMedicalVocabulary = new MedicalVocabulary(\"exampleMedicalVocabulary\", MedicalVocabularyArgs.builder() \n .vocabularyName(\"example\")\n .languageCode(\"en-US\")\n .vocabularyFileUri(Output.tuple(example.id(), object.key()).applyValue(values -\u003e {\n var id = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", id,key);\n }))\n .tags(Map.ofEntries(\n Map.entry(\"tag1\", \"value1\"),\n Map.entry(\"tag2\", \"value3\")\n ))\n .build(), CustomResourceOptions.builder()\n .dependsOn(object)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-medical-vocab-123\n forceDestroy: true\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${example.id}\n key: transcribe/test1.txt\n source:\n fn::FileAsset: test.txt\n exampleMedicalVocabulary:\n type: aws:transcribe:MedicalVocabulary\n name: example\n properties:\n vocabularyName: example\n languageCode: en-US\n vocabularyFileUri: s3://${example.id}/${object.key}\n tags:\n tag1: value1\n tag2: value3\n options:\n dependson:\n - ${object}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transcribe MedicalVocabulary using the `vocabulary_name`. For example:\n\n```sh\n$ pulumi import aws:transcribe/medicalVocabulary:MedicalVocabulary example example-name\n```\n", "properties": { "arn": { "type": "string", @@ -342076,7 +342076,7 @@ } }, "aws:transcribe/vocabulary:Vocabulary": { - "description": "Resource for managing an AWS Transcribe Vocabulary.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"example-vocab-123\",\n forceDestroy: true,\n});\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: example.id,\n key: \"transcribe/test1.txt\",\n source: new pulumi.asset.FileAsset(\"test.txt\"),\n});\nconst exampleVocabulary = new aws.transcribe.Vocabulary(\"example\", {\n vocabularyName: \"example\",\n languageCode: \"en-US\",\n vocabularyFileUri: pulumi.interpolate`s3://${example.id}/${object.key}`,\n tags: {\n tag1: \"value1\",\n tag2: \"value3\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"example-vocab-123\",\n force_destroy=True)\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=example.id,\n key=\"transcribe/test1.txt\",\n source=pulumi.FileAsset(\"test.txt\"))\nexample_vocabulary = aws.transcribe.Vocabulary(\"example\",\n vocabulary_name=\"example\",\n language_code=\"en-US\",\n vocabulary_file_uri=pulumi.Output.all(example.id, object.key).apply(lambda id, key: f\"s3://{id}/{key}\"),\n tags={\n \"tag1\": \"value1\",\n \"tag2\": \"value3\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-vocab-123\",\n ForceDestroy = true,\n });\n\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = example.Id,\n Key = \"transcribe/test1.txt\",\n Source = new FileAsset(\"test.txt\"),\n });\n\n var exampleVocabulary = new Aws.Transcribe.Vocabulary(\"example\", new()\n {\n VocabularyName = \"example\",\n LanguageCode = \"en-US\",\n VocabularyFileUri = Output.Tuple(example.Id, @object.Key).Apply(values =\u003e\n {\n var id = values.Item1;\n var key = values.Item2;\n return $\"s3://{id}/{key}\";\n }),\n Tags = \n {\n { \"tag1\", \"value1\" },\n { \"tag2\", \"value3\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transcribe\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-vocab-123\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tKey: pulumi.String(\"transcribe/test1.txt\"),\n\t\t\tSource: pulumi.NewFileAsset(\"test.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transcribe.NewVocabulary(ctx, \"example\", \u0026transcribe.VocabularyArgs{\n\t\t\tVocabularyName: pulumi.String(\"example\"),\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tVocabularyFileUri: pulumi.All(example.ID(), object.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tid := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", id, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t\t\"tag2\": pulumi.String(\"value3\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.transcribe.Vocabulary;\nimport com.pulumi.aws.transcribe.VocabularyArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example-vocab-123\")\n .forceDestroy(true)\n .build());\n\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder() \n .bucket(example.id())\n .key(\"transcribe/test1.txt\")\n .source(new FileAsset(\"test.txt\"))\n .build());\n\n var exampleVocabulary = new Vocabulary(\"exampleVocabulary\", VocabularyArgs.builder() \n .vocabularyName(\"example\")\n .languageCode(\"en-US\")\n .vocabularyFileUri(Output.tuple(example.id(), object.key()).applyValue(values -\u003e {\n var id = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", id,key);\n }))\n .tags(Map.ofEntries(\n Map.entry(\"tag1\", \"value1\"),\n Map.entry(\"tag2\", \"value3\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-vocab-123\n forceDestroy: true\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${example.id}\n key: transcribe/test1.txt\n source:\n fn::FileAsset: test.txt\n exampleVocabulary:\n type: aws:transcribe:Vocabulary\n name: example\n properties:\n vocabularyName: example\n languageCode: en-US\n vocabularyFileUri: s3://${example.id}/${object.key}\n tags:\n tag1: value1\n tag2: value3\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transcribe Vocabulary using the `vocabulary_name`. For example:\n\n```sh\n$ pulumi import aws:transcribe/vocabulary:Vocabulary example example-name\n```\n", + "description": "Resource for managing an AWS Transcribe Vocabulary.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketV2(\"example\", {\n bucket: \"example-vocab-123\",\n forceDestroy: true,\n});\nconst object = new aws.s3.BucketObjectv2(\"object\", {\n bucket: example.id,\n key: \"transcribe/test1.txt\",\n source: new pulumi.asset.FileAsset(\"test.txt\"),\n});\nconst exampleVocabulary = new aws.transcribe.Vocabulary(\"example\", {\n vocabularyName: \"example\",\n languageCode: \"en-US\",\n vocabularyFileUri: pulumi.interpolate`s3://${example.id}/${object.key}`,\n tags: {\n tag1: \"value1\",\n tag2: \"value3\",\n },\n}, {\n dependsOn: [object],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketV2(\"example\",\n bucket=\"example-vocab-123\",\n force_destroy=True)\nobject = aws.s3.BucketObjectv2(\"object\",\n bucket=example.id,\n key=\"transcribe/test1.txt\",\n source=pulumi.FileAsset(\"test.txt\"))\nexample_vocabulary = aws.transcribe.Vocabulary(\"example\",\n vocabulary_name=\"example\",\n language_code=\"en-US\",\n vocabulary_file_uri=pulumi.Output.all(example.id, object.key).apply(lambda id, key: f\"s3://{id}/{key}\"),\n tags={\n \"tag1\": \"value1\",\n \"tag2\": \"value3\",\n },\n opts=pulumi.ResourceOptions(depends_on=[object]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"example-vocab-123\",\n ForceDestroy = true,\n });\n\n var @object = new Aws.S3.BucketObjectv2(\"object\", new()\n {\n Bucket = example.Id,\n Key = \"transcribe/test1.txt\",\n Source = new FileAsset(\"test.txt\"),\n });\n\n var exampleVocabulary = new Aws.Transcribe.Vocabulary(\"example\", new()\n {\n VocabularyName = \"example\",\n LanguageCode = \"en-US\",\n VocabularyFileUri = Output.Tuple(example.Id, @object.Key).Apply(values =\u003e\n {\n var id = values.Item1;\n var key = values.Item2;\n return $\"s3://{id}/{key}\";\n }),\n Tags = \n {\n { \"tag1\", \"value1\" },\n { \"tag2\", \"value3\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n @object, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/transcribe\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"example-vocab-123\"),\n\t\t\tForceDestroy: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := s3.NewBucketObjectv2(ctx, \"object\", \u0026s3.BucketObjectv2Args{\n\t\t\tBucket: example.ID(),\n\t\t\tKey: pulumi.String(\"transcribe/test1.txt\"),\n\t\t\tSource: pulumi.NewFileAsset(\"test.txt\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = transcribe.NewVocabulary(ctx, \"example\", \u0026transcribe.VocabularyArgs{\n\t\t\tVocabularyName: pulumi.String(\"example\"),\n\t\t\tLanguageCode: pulumi.String(\"en-US\"),\n\t\t\tVocabularyFileUri: pulumi.All(example.ID(), object.Key).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\tid := _args[0].(string)\n\t\t\t\tkey := _args[1].(string)\n\t\t\t\treturn fmt.Sprintf(\"s3://%v/%v\", id, key), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"tag1\": pulumi.String(\"value1\"),\n\t\t\t\t\"tag2\": pulumi.String(\"value3\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tobject,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.s3.BucketObjectv2;\nimport com.pulumi.aws.s3.BucketObjectv2Args;\nimport com.pulumi.aws.transcribe.Vocabulary;\nimport com.pulumi.aws.transcribe.VocabularyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketV2(\"example\", BucketV2Args.builder() \n .bucket(\"example-vocab-123\")\n .forceDestroy(true)\n .build());\n\n var object = new BucketObjectv2(\"object\", BucketObjectv2Args.builder() \n .bucket(example.id())\n .key(\"transcribe/test1.txt\")\n .source(new FileAsset(\"test.txt\"))\n .build());\n\n var exampleVocabulary = new Vocabulary(\"exampleVocabulary\", VocabularyArgs.builder() \n .vocabularyName(\"example\")\n .languageCode(\"en-US\")\n .vocabularyFileUri(Output.tuple(example.id(), object.key()).applyValue(values -\u003e {\n var id = values.t1;\n var key = values.t2;\n return String.format(\"s3://%s/%s\", id,key);\n }))\n .tags(Map.ofEntries(\n Map.entry(\"tag1\", \"value1\"),\n Map.entry(\"tag2\", \"value3\")\n ))\n .build(), CustomResourceOptions.builder()\n .dependsOn(object)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketV2\n properties:\n bucket: example-vocab-123\n forceDestroy: true\n object:\n type: aws:s3:BucketObjectv2\n properties:\n bucket: ${example.id}\n key: transcribe/test1.txt\n source:\n fn::FileAsset: test.txt\n exampleVocabulary:\n type: aws:transcribe:Vocabulary\n name: example\n properties:\n vocabularyName: example\n languageCode: en-US\n vocabularyFileUri: s3://${example.id}/${object.key}\n tags:\n tag1: value1\n tag2: value3\n options:\n dependson:\n - ${object}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Transcribe Vocabulary using the `vocabulary_name`. For example:\n\n```sh\n$ pulumi import aws:transcribe/vocabulary:Vocabulary example example-name\n```\n", "properties": { "arn": { "type": "string", @@ -345287,7 +345287,7 @@ } }, "aws:vpclattice/authPolicy:AuthPolicy": { - "description": "Resource for managing an AWS VPC Lattice Auth Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.Service(\"example\", {\n name: \"example-vpclattice-service\",\n authType: \"AWS_IAM\",\n customDomainName: \"example.com\",\n});\nconst exampleAuthPolicy = new aws.vpclattice.AuthPolicy(\"example\", {\n resourceIdentifier: example.arn,\n policy: JSON.stringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"*\",\n effect: \"Allow\",\n principal: \"*\",\n resource: \"*\",\n condition: {\n stringNotEqualsIgnoreCase: {\n \"aws:PrincipalType\": \"anonymous\",\n },\n },\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.Service(\"example\",\n name=\"example-vpclattice-service\",\n auth_type=\"AWS_IAM\",\n custom_domain_name=\"example.com\")\nexample_auth_policy = aws.vpclattice.AuthPolicy(\"example\",\n resource_identifier=example.arn,\n policy=json.dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"*\",\n \"effect\": \"Allow\",\n \"principal\": \"*\",\n \"resource\": \"*\",\n \"condition\": {\n \"stringNotEqualsIgnoreCase\": {\n \"aws:PrincipalType\": \"anonymous\",\n },\n },\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.Service(\"example\", new()\n {\n Name = \"example-vpclattice-service\",\n AuthType = \"AWS_IAM\",\n CustomDomainName = \"example.com\",\n });\n\n var exampleAuthPolicy = new Aws.VpcLattice.AuthPolicy(\"example\", new()\n {\n ResourceIdentifier = example.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"*\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = \"*\",\n [\"resource\"] = \"*\",\n [\"condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"stringNotEqualsIgnoreCase\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:PrincipalType\"] = \"anonymous\",\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewService(ctx, \"example\", \u0026vpclattice.ServiceArgs{\n\t\t\tName: pulumi.String(\"example-vpclattice-service\"),\n\t\t\tAuthType: pulumi.String(\"AWS_IAM\"),\n\t\t\tCustomDomainName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"action\": \"*\",\n\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\"principal\": \"*\",\n\t\t\t\t\t\"resource\": \"*\",\n\t\t\t\t\t\"condition\": map[string]interface{}{\n\t\t\t\t\t\t\"stringNotEqualsIgnoreCase\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:PrincipalType\": \"anonymous\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = vpclattice.NewAuthPolicy(ctx, \"example\", \u0026vpclattice.AuthPolicyArgs{\n\t\t\tResourceIdentifier: example.Arn,\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.Service;\nimport com.pulumi.aws.vpclattice.ServiceArgs;\nimport com.pulumi.aws.vpclattice.AuthPolicy;\nimport com.pulumi.aws.vpclattice.AuthPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder() \n .name(\"example-vpclattice-service\")\n .authType(\"AWS_IAM\")\n .customDomainName(\"example.com\")\n .build());\n\n var exampleAuthPolicy = new AuthPolicy(\"exampleAuthPolicy\", AuthPolicyArgs.builder() \n .resourceIdentifier(example.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"*\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", \"*\"),\n jsonProperty(\"resource\", \"*\"),\n jsonProperty(\"condition\", jsonObject(\n jsonProperty(\"stringNotEqualsIgnoreCase\", jsonObject(\n jsonProperty(\"aws:PrincipalType\", \"anonymous\")\n ))\n ))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:Service\n properties:\n name: example-vpclattice-service\n authType: AWS_IAM\n customDomainName: example.com\n exampleAuthPolicy:\n type: aws:vpclattice:AuthPolicy\n name: example\n properties:\n resourceIdentifier: ${example.arn}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: '*'\n effect: Allow\n principal: '*'\n resource: '*'\n condition:\n stringNotEqualsIgnoreCase:\n aws:PrincipalType: anonymous\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Auth Policy using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/authPolicy:AuthPolicy example abcd-12345678\n```\n", + "description": "Resource for managing an AWS VPC Lattice Auth Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.vpclattice.Service(\"example\", {\n name: \"example-vpclattice-service\",\n authType: \"AWS_IAM\",\n customDomainName: \"example.com\",\n});\nconst exampleAuthPolicy = new aws.vpclattice.AuthPolicy(\"example\", {\n resourceIdentifier: example.arn,\n policy: JSON.stringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"*\",\n Effect: \"Allow\",\n Principal: \"*\",\n Resource: \"*\",\n Condition: {\n StringNotEqualsIgnoreCase: {\n \"aws:PrincipalType\": \"anonymous\",\n },\n },\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\nexample = aws.vpclattice.Service(\"example\",\n name=\"example-vpclattice-service\",\n auth_type=\"AWS_IAM\",\n custom_domain_name=\"example.com\")\nexample_auth_policy = aws.vpclattice.AuthPolicy(\"example\",\n resource_identifier=example.arn,\n policy=json.dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"*\",\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringNotEqualsIgnoreCase\": {\n \"aws:PrincipalType\": \"anonymous\",\n },\n },\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.VpcLattice.Service(\"example\", new()\n {\n Name = \"example-vpclattice-service\",\n AuthType = \"AWS_IAM\",\n CustomDomainName = \"example.com\",\n });\n\n var exampleAuthPolicy = new Aws.VpcLattice.AuthPolicy(\"example\", new()\n {\n ResourceIdentifier = example.Arn,\n Policy = JsonSerializer.Serialize(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = \"*\",\n [\"Resource\"] = \"*\",\n [\"Condition\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"StringNotEqualsIgnoreCase\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"aws:PrincipalType\"] = \"anonymous\",\n },\n },\n },\n },\n }),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := vpclattice.NewService(ctx, \"example\", \u0026vpclattice.ServiceArgs{\n\t\t\tName: pulumi.String(\"example-vpclattice-service\"),\n\t\t\tAuthType: pulumi.String(\"AWS_IAM\"),\n\t\t\tCustomDomainName: pulumi.String(\"example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\"Action\": \"*\",\n\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\"Principal\": \"*\",\n\t\t\t\t\t\"Resource\": \"*\",\n\t\t\t\t\t\"Condition\": map[string]interface{}{\n\t\t\t\t\t\t\"StringNotEqualsIgnoreCase\": map[string]interface{}{\n\t\t\t\t\t\t\t\"aws:PrincipalType\": \"anonymous\",\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tjson0 := string(tmpJSON0)\n\t\t_, err = vpclattice.NewAuthPolicy(ctx, \"example\", \u0026vpclattice.AuthPolicyArgs{\n\t\t\tResourceIdentifier: example.Arn,\n\t\t\tPolicy: pulumi.String(json0),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.vpclattice.Service;\nimport com.pulumi.aws.vpclattice.ServiceArgs;\nimport com.pulumi.aws.vpclattice.AuthPolicy;\nimport com.pulumi.aws.vpclattice.AuthPolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Service(\"example\", ServiceArgs.builder() \n .name(\"example-vpclattice-service\")\n .authType(\"AWS_IAM\")\n .customDomainName(\"example.com\")\n .build());\n\n var exampleAuthPolicy = new AuthPolicy(\"exampleAuthPolicy\", AuthPolicyArgs.builder() \n .resourceIdentifier(example.arn())\n .policy(serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", \"*\"),\n jsonProperty(\"Resource\", \"*\"),\n jsonProperty(\"Condition\", jsonObject(\n jsonProperty(\"StringNotEqualsIgnoreCase\", jsonObject(\n jsonProperty(\"aws:PrincipalType\", \"anonymous\")\n ))\n ))\n )))\n )))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:Service\n properties:\n name: example-vpclattice-service\n authType: AWS_IAM\n customDomainName: example.com\n exampleAuthPolicy:\n type: aws:vpclattice:AuthPolicy\n name: example\n properties:\n resourceIdentifier: ${example.arn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: '*'\n Effect: Allow\n Principal: '*'\n Resource: '*'\n Condition:\n StringNotEqualsIgnoreCase:\n aws:PrincipalType: anonymous\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Auth Policy using the `id`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/authPolicy:AuthPolicy example abcd-12345678\n```\n", "properties": { "policy": { "type": "string", @@ -345679,7 +345679,7 @@ } }, "aws:vpclattice/resourcePolicy:ResourcePolicy": { - "description": "Resource for managing an AWS VPC Lattice Resource Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst example = new aws.vpclattice.ServiceNetwork(\"example\", {name: \"example-vpclattice-service-network\"});\nconst exampleResourcePolicy = new aws.vpclattice.ResourcePolicy(\"example\", {\n resourceArn: example.arn,\n policy: pulumi.jsonStringify({\n version: \"2012-10-17\",\n statement: [{\n sid: \"test-pol-principals-6\",\n effect: \"Allow\",\n principal: {\n AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) =\u003e `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`),\n },\n action: [\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n \"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n \"vpc-lattice:GetServiceNetwork\",\n ],\n resource: example.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\nexample = aws.vpclattice.ServiceNetwork(\"example\", name=\"example-vpclattice-service-network\")\nexample_resource_policy = aws.vpclattice.ResourcePolicy(\"example\",\n resource_arn=example.arn,\n policy=pulumi.Output.json_dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"sid\": \"test-pol-principals-6\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": f\"arn:{current_get_partition.partition}:iam::{current.account_id}:root\",\n },\n \"action\": [\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n \"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n \"vpc-lattice:GetServiceNetwork\",\n ],\n \"resource\": example.arn,\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var example = new Aws.VpcLattice.ServiceNetwork(\"example\", new()\n {\n Name = \"example-vpclattice-service-network\",\n });\n\n var exampleResourcePolicy = new Aws.VpcLattice.ResourcePolicy(\"example\", new()\n {\n ResourceArn = example.Arn,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"sid\"] = \"test-pol-principals-6\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(currentGetPartition, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var current = values.Item2;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"action\"] = new[]\n {\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n \"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n \"vpc-lattice:GetServiceNetwork\",\n },\n [\"resource\"] = example.Arn,\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := vpclattice.NewServiceNetwork(ctx, \"example\", \u0026vpclattice.ServiceNetworkArgs{\n\t\t\tName: pulumi.String(\"example-vpclattice-service-network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpclattice.NewResourcePolicy(ctx, \"example\", \u0026vpclattice.ResourcePolicyArgs{\n\t\t\tResourceArn: example.Arn,\n\t\t\tPolicy: example.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"sid\": \"test-pol-principals-6\",\n\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", currentGetPartition.Partition, current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"action\": []string{\n\t\t\t\t\t\t\t\t\"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n\t\t\t\t\t\t\t\t\"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n\t\t\t\t\t\t\t\t\"vpc-lattice:GetServiceNetwork\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.vpclattice.ServiceNetwork;\nimport com.pulumi.aws.vpclattice.ServiceNetworkArgs;\nimport com.pulumi.aws.vpclattice.ResourcePolicy;\nimport com.pulumi.aws.vpclattice.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n var example = new ServiceNetwork(\"example\", ServiceNetworkArgs.builder() \n .name(\"example-vpclattice-service-network\")\n .build());\n\n var exampleResourcePolicy = new ResourcePolicy(\"exampleResourcePolicy\", ResourcePolicyArgs.builder() \n .resourceArn(example.arn())\n .policy(example.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"sid\", \"test-pol-principals-6\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"action\", jsonArray(\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\", \n \"vpc-lattice:CreateServiceNetworkServiceAssociation\", \n \"vpc-lattice:GetServiceNetwork\"\n )),\n jsonProperty(\"resource\", arn)\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:ServiceNetwork\n properties:\n name: example-vpclattice-service-network\n exampleResourcePolicy:\n type: aws:vpclattice:ResourcePolicy\n name: example\n properties:\n resourceArn: ${example.arn}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - sid: test-pol-principals-6\n effect: Allow\n principal:\n AWS: arn:${currentGetPartition.partition}:iam::${current.accountId}:root\n action:\n - vpc-lattice:CreateServiceNetworkVpcAssociation\n - vpc-lattice:CreateServiceNetworkServiceAssociation\n - vpc-lattice:GetServiceNetwork\n resource: ${example.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Resource Policy using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/resourcePolicy:ResourcePolicy example rft-8012925589\n```\n", + "description": "Resource for managing an AWS VPC Lattice Resource Policy.\n\n## Example Usage\n\n### Basic Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst currentGetPartition = aws.getPartition({});\nconst example = new aws.vpclattice.ServiceNetwork(\"example\", {name: \"example-vpclattice-service-network\"});\nconst exampleResourcePolicy = new aws.vpclattice.ResourcePolicy(\"example\", {\n resourceArn: example.arn,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Sid: \"test-pol-principals-6\",\n Effect: \"Allow\",\n Principal: {\n AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) =\u003e `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`),\n },\n Action: [\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n \"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n \"vpc-lattice:GetServiceNetwork\",\n ],\n Resource: example.arn,\n }],\n }),\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ncurrent_get_partition = aws.get_partition()\nexample = aws.vpclattice.ServiceNetwork(\"example\", name=\"example-vpclattice-service-network\")\nexample_resource_policy = aws.vpclattice.ResourcePolicy(\"example\",\n resource_arn=example.arn,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Sid\": \"test-pol-principals-6\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": f\"arn:{current_get_partition.partition}:iam::{current.account_id}:root\",\n },\n \"Action\": [\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n \"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n \"vpc-lattice:GetServiceNetwork\",\n ],\n \"Resource\": example.arn,\n }],\n }))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var currentGetPartition = Aws.GetPartition.Invoke();\n\n var example = new Aws.VpcLattice.ServiceNetwork(\"example\", new()\n {\n Name = \"example-vpclattice-service-network\",\n });\n\n var exampleResourcePolicy = new Aws.VpcLattice.ResourcePolicy(\"example\", new()\n {\n ResourceArn = example.Arn,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Sid\"] = \"test-pol-principals-6\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = Output.Tuple(currentGetPartition, current).Apply(values =\u003e\n {\n var currentGetPartition = values.Item1;\n var current = values.Item2;\n return $\"arn:{currentGetPartition.Apply(getPartitionResult =\u003e getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId)}:root\";\n }),\n },\n [\"Action\"] = new[]\n {\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n \"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n \"vpc-lattice:GetServiceNetwork\",\n },\n [\"Resource\"] = example.Arn,\n },\n },\n })),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpclattice\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tcurrentGetPartition, err := aws.GetPartition(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := vpclattice.NewServiceNetwork(ctx, \"example\", \u0026vpclattice.ServiceNetworkArgs{\n\t\t\tName: pulumi.String(\"example-vpclattice-service-network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = vpclattice.NewResourcePolicy(ctx, \"example\", \u0026vpclattice.ResourcePolicyArgs{\n\t\t\tResourceArn: example.Arn,\n\t\t\tPolicy: example.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Sid\": \"test-pol-principals-6\",\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": fmt.Sprintf(\"arn:%v:iam::%v:root\", currentGetPartition.Partition, current.AccountId),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Action\": []string{\n\t\t\t\t\t\t\t\t\"vpc-lattice:CreateServiceNetworkVpcAssociation\",\n\t\t\t\t\t\t\t\t\"vpc-lattice:CreateServiceNetworkServiceAssociation\",\n\t\t\t\t\t\t\t\t\"vpc-lattice:GetServiceNetwork\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.inputs.GetPartitionArgs;\nimport com.pulumi.aws.vpclattice.ServiceNetwork;\nimport com.pulumi.aws.vpclattice.ServiceNetworkArgs;\nimport com.pulumi.aws.vpclattice.ResourcePolicy;\nimport com.pulumi.aws.vpclattice.ResourcePolicyArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var currentGetPartition = AwsFunctions.getPartition();\n\n var example = new ServiceNetwork(\"example\", ServiceNetworkArgs.builder() \n .name(\"example-vpclattice-service-network\")\n .build());\n\n var exampleResourcePolicy = new ResourcePolicy(\"exampleResourcePolicy\", ResourcePolicyArgs.builder() \n .resourceArn(example.arn())\n .policy(example.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Sid\", \"test-pol-principals-6\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", String.format(\"arn:%s:iam::%s:root\", currentGetPartition.applyValue(getPartitionResult -\u003e getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId())))\n )),\n jsonProperty(\"Action\", jsonArray(\n \"vpc-lattice:CreateServiceNetworkVpcAssociation\", \n \"vpc-lattice:CreateServiceNetworkServiceAssociation\", \n \"vpc-lattice:GetServiceNetwork\"\n )),\n jsonProperty(\"Resource\", arn)\n )))\n ))))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:vpclattice:ServiceNetwork\n properties:\n name: example-vpclattice-service-network\n exampleResourcePolicy:\n type: aws:vpclattice:ResourcePolicy\n name: example\n properties:\n resourceArn: ${example.arn}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Sid: test-pol-principals-6\n Effect: Allow\n Principal:\n AWS: arn:${currentGetPartition.partition}:iam::${current.accountId}:root\n Action:\n - vpc-lattice:CreateServiceNetworkVpcAssociation\n - vpc-lattice:CreateServiceNetworkServiceAssociation\n - vpc-lattice:GetServiceNetwork\n Resource: ${example.arn}\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n currentGetPartition:\n fn::invoke:\n Function: aws:getPartition\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import VPC Lattice Resource Policy using the `resource_arn`. For example:\n\n```sh\n$ pulumi import aws:vpclattice/resourcePolicy:ResourcePolicy example rft-8012925589\n```\n", "properties": { "policy": { "type": "string", @@ -346565,7 +346565,7 @@ } }, "aws:waf/rateBasedRule:RateBasedRule": { - "description": "Provides a WAF Rate Based Rule Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.RateBasedRule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n rateKey: \"IP\",\n rateLimit: 100,\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[aws.waf.IpSetIpSetDescriptorArgs(\n type=\"IPV4\",\n value=\"192.0.7.0/24\",\n )])\nwafrule = aws.waf.RateBasedRule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n rate_key=\"IP\",\n rate_limit=100,\n predicates=[aws.waf.RateBasedRulePredicateArgs(\n data_id=ipset.id,\n negated=False,\n type=\"IPMatch\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.Waf.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.Waf.RateBasedRule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n RateKey = \"IP\",\n RateLimit = 100,\n Predicates = new[]\n {\n new Aws.Waf.Inputs.RateBasedRulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRateBasedRule(ctx, \"wafrule\", \u0026waf.RateBasedRuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tRateKey: pulumi.String(\"IP\"),\n\t\t\tRateLimit: pulumi.Int(100),\n\t\t\tPredicates: waf.RateBasedRulePredicateArray{\n\t\t\t\t\u0026waf.RateBasedRulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.IpSet;\nimport com.pulumi.aws.waf.IpSetArgs;\nimport com.pulumi.aws.waf.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.waf.RateBasedRule;\nimport com.pulumi.aws.waf.RateBasedRuleArgs;\nimport com.pulumi.aws.waf.inputs.RateBasedRulePredicateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder() \n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new RateBasedRule(\"wafrule\", RateBasedRuleArgs.builder() \n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .rateKey(\"IP\")\n .rateLimit(100)\n .predicates(RateBasedRulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:waf:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:waf:RateBasedRule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n rateKey: IP\n rateLimit: 100\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Rated Based Rule using the id. For example:\n\n```sh\n$ pulumi import aws:waf/rateBasedRule:RateBasedRule wafrule a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", + "description": "Provides a WAF Rate Based Rule Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.RateBasedRule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n rateKey: \"IP\",\n rateLimit: 100,\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n}, {\n dependsOn: [ipset],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[aws.waf.IpSetIpSetDescriptorArgs(\n type=\"IPV4\",\n value=\"192.0.7.0/24\",\n )])\nwafrule = aws.waf.RateBasedRule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n rate_key=\"IP\",\n rate_limit=100,\n predicates=[aws.waf.RateBasedRulePredicateArgs(\n data_id=ipset.id,\n negated=False,\n type=\"IPMatch\",\n )],\n opts=pulumi.ResourceOptions(depends_on=[ipset]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.Waf.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.Waf.RateBasedRule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n RateKey = \"IP\",\n RateLimit = 100,\n Predicates = new[]\n {\n new Aws.Waf.Inputs.RateBasedRulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n ipset, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRateBasedRule(ctx, \"wafrule\", \u0026waf.RateBasedRuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tRateKey: pulumi.String(\"IP\"),\n\t\t\tRateLimit: pulumi.Int(100),\n\t\t\tPredicates: waf.RateBasedRulePredicateArray{\n\t\t\t\t\u0026waf.RateBasedRulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tipset,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.IpSet;\nimport com.pulumi.aws.waf.IpSetArgs;\nimport com.pulumi.aws.waf.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.waf.RateBasedRule;\nimport com.pulumi.aws.waf.RateBasedRuleArgs;\nimport com.pulumi.aws.waf.inputs.RateBasedRulePredicateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder() \n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new RateBasedRule(\"wafrule\", RateBasedRuleArgs.builder() \n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .rateKey(\"IP\")\n .rateLimit(100)\n .predicates(RateBasedRulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(ipset)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:waf:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:waf:RateBasedRule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n rateKey: IP\n rateLimit: 100\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n options:\n dependson:\n - ${ipset}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Rated Based Rule using the id. For example:\n\n```sh\n$ pulumi import aws:waf/rateBasedRule:RateBasedRule wafrule a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", @@ -346829,7 +346829,7 @@ } }, "aws:waf/rule:Rule": { - "description": "Provides a WAF Rule Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.Rule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[aws.waf.IpSetIpSetDescriptorArgs(\n type=\"IPV4\",\n value=\"192.0.7.0/24\",\n )])\nwafrule = aws.waf.Rule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n predicates=[aws.waf.RulePredicateArgs(\n data_id=ipset.id,\n negated=False,\n type=\"IPMatch\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.Waf.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.Waf.Rule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n Predicates = new[]\n {\n new Aws.Waf.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRule(ctx, \"wafrule\", \u0026waf.RuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: waf.RulePredicateArray{\n\t\t\t\t\u0026waf.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.IpSet;\nimport com.pulumi.aws.waf.IpSetArgs;\nimport com.pulumi.aws.waf.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.waf.Rule;\nimport com.pulumi.aws.waf.RuleArgs;\nimport com.pulumi.aws.waf.inputs.RulePredicateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder() \n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new Rule(\"wafrule\", RuleArgs.builder() \n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .predicates(RulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:waf:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:waf:Rule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF rules using the id. For example:\n\n```sh\n$ pulumi import aws:waf/rule:Rule example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", + "description": "Provides a WAF Rule Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.Rule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n}, {\n dependsOn: [ipset],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[aws.waf.IpSetIpSetDescriptorArgs(\n type=\"IPV4\",\n value=\"192.0.7.0/24\",\n )])\nwafrule = aws.waf.Rule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n predicates=[aws.waf.RulePredicateArgs(\n data_id=ipset.id,\n negated=False,\n type=\"IPMatch\",\n )],\n opts=pulumi.ResourceOptions(depends_on=[ipset]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.Waf.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.Waf.Rule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n Predicates = new[]\n {\n new Aws.Waf.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n ipset, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewRule(ctx, \"wafrule\", \u0026waf.RuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: waf.RulePredicateArray{\n\t\t\t\t\u0026waf.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tipset,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.IpSet;\nimport com.pulumi.aws.waf.IpSetArgs;\nimport com.pulumi.aws.waf.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.waf.Rule;\nimport com.pulumi.aws.waf.RuleArgs;\nimport com.pulumi.aws.waf.inputs.RulePredicateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder() \n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new Rule(\"wafrule\", RuleArgs.builder() \n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .predicates(RulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(ipset)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:waf:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:waf:Rule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n options:\n dependson:\n - ${ipset}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF rules using the id. For example:\n\n```sh\n$ pulumi import aws:waf/rule:Rule example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", @@ -347172,7 +347172,7 @@ } }, "aws:waf/webAcl:WebAcl": { - "description": "Provides a WAF Web ACL Resource\n\n## Example Usage\n\nThis example blocks requests coming from `192.0.7.0/24` and allows everything else.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.Rule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n});\nconst wafAcl = new aws.waf.WebAcl(\"waf_acl\", {\n name: \"tfWebACL\",\n metricName: \"tfWebACL\",\n defaultAction: {\n type: \"ALLOW\",\n },\n rules: [{\n action: {\n type: \"BLOCK\",\n },\n priority: 1,\n ruleId: wafrule.id,\n type: \"REGULAR\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[aws.waf.IpSetIpSetDescriptorArgs(\n type=\"IPV4\",\n value=\"192.0.7.0/24\",\n )])\nwafrule = aws.waf.Rule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n predicates=[aws.waf.RulePredicateArgs(\n data_id=ipset.id,\n negated=False,\n type=\"IPMatch\",\n )])\nwaf_acl = aws.waf.WebAcl(\"waf_acl\",\n name=\"tfWebACL\",\n metric_name=\"tfWebACL\",\n default_action=aws.waf.WebAclDefaultActionArgs(\n type=\"ALLOW\",\n ),\n rules=[aws.waf.WebAclRuleArgs(\n action=aws.waf.WebAclRuleActionArgs(\n type=\"BLOCK\",\n ),\n priority=1,\n rule_id=wafrule.id,\n type=\"REGULAR\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.Waf.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.Waf.Rule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n Predicates = new[]\n {\n new Aws.Waf.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n\n var wafAcl = new Aws.Waf.WebAcl(\"waf_acl\", new()\n {\n Name = \"tfWebACL\",\n MetricName = \"tfWebACL\",\n DefaultAction = new Aws.Waf.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n Rules = new[]\n {\n new Aws.Waf.Inputs.WebAclRuleArgs\n {\n Action = new Aws.Waf.Inputs.WebAclRuleActionArgs\n {\n Type = \"BLOCK\",\n },\n Priority = 1,\n RuleId = wafrule.Id,\n Type = \"REGULAR\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twafrule, err := waf.NewRule(ctx, \"wafrule\", \u0026waf.RuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: waf.RulePredicateArray{\n\t\t\t\t\u0026waf.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewWebAcl(ctx, \"waf_acl\", \u0026waf.WebAclArgs{\n\t\t\tName: pulumi.String(\"tfWebACL\"),\n\t\t\tMetricName: pulumi.String(\"tfWebACL\"),\n\t\t\tDefaultAction: \u0026waf.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tRules: waf.WebAclRuleArray{\n\t\t\t\t\u0026waf.WebAclRuleArgs{\n\t\t\t\t\tAction: \u0026waf.WebAclRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BLOCK\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: wafrule.ID(),\n\t\t\t\t\tType: pulumi.String(\"REGULAR\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.IpSet;\nimport com.pulumi.aws.waf.IpSetArgs;\nimport com.pulumi.aws.waf.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.waf.Rule;\nimport com.pulumi.aws.waf.RuleArgs;\nimport com.pulumi.aws.waf.inputs.RulePredicateArgs;\nimport com.pulumi.aws.waf.WebAcl;\nimport com.pulumi.aws.waf.WebAclArgs;\nimport com.pulumi.aws.waf.inputs.WebAclDefaultActionArgs;\nimport com.pulumi.aws.waf.inputs.WebAclRuleArgs;\nimport com.pulumi.aws.waf.inputs.WebAclRuleActionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder() \n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new Rule(\"wafrule\", RuleArgs.builder() \n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .predicates(RulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build());\n\n var wafAcl = new WebAcl(\"wafAcl\", WebAclArgs.builder() \n .name(\"tfWebACL\")\n .metricName(\"tfWebACL\")\n .defaultAction(WebAclDefaultActionArgs.builder()\n .type(\"ALLOW\")\n .build())\n .rules(WebAclRuleArgs.builder()\n .action(WebAclRuleActionArgs.builder()\n .type(\"BLOCK\")\n .build())\n .priority(1)\n .ruleId(wafrule.id())\n .type(\"REGULAR\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:waf:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:waf:Rule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n wafAcl:\n type: aws:waf:WebAcl\n name: waf_acl\n properties:\n name: tfWebACL\n metricName: tfWebACL\n defaultAction:\n type: ALLOW\n rules:\n - action:\n type: BLOCK\n priority: 1\n ruleId: ${wafrule.id}\n type: REGULAR\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging\n\n\u003e *NOTE:* The Kinesis Firehose Delivery Stream name must begin with `aws-waf-logs-` and be located in `us-east-1` region. See the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) for more information about enabling WAF logging.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.waf.WebAcl(\"example\", {loggingConfiguration: {\n logDestination: exampleAwsKinesisFirehoseDeliveryStream.arn,\n redactedFields: {\n fieldToMatches: [\n {\n type: \"URI\",\n },\n {\n data: \"referer\",\n type: \"HEADER\",\n },\n ],\n },\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.WebAcl(\"example\", logging_configuration=aws.waf.WebAclLoggingConfigurationArgs(\n log_destination=example_aws_kinesis_firehose_delivery_stream[\"arn\"],\n redacted_fields=aws.waf.WebAclLoggingConfigurationRedactedFieldsArgs(\n field_to_matches=[\n aws.waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs(\n type=\"URI\",\n ),\n aws.waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs(\n data=\"referer\",\n type=\"HEADER\",\n ),\n ],\n ),\n))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Waf.WebAcl(\"example\", new()\n {\n LoggingConfiguration = new Aws.Waf.Inputs.WebAclLoggingConfigurationArgs\n {\n LogDestination = exampleAwsKinesisFirehoseDeliveryStream.Arn,\n RedactedFields = new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsArgs\n {\n FieldToMatches = new[]\n {\n new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs\n {\n Type = \"URI\",\n },\n new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs\n {\n Data = \"referer\",\n Type = \"HEADER\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.NewWebAcl(ctx, \"example\", \u0026waf.WebAclArgs{\n\t\t\tLoggingConfiguration: \u0026waf.WebAclLoggingConfigurationArgs{\n\t\t\t\tLogDestination: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Arn),\n\t\t\t\tRedactedFields: \u0026waf.WebAclLoggingConfigurationRedactedFieldsArgs{\n\t\t\t\t\tFieldToMatches: waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArray{\n\t\t\t\t\t\t\u0026waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"URI\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs{\n\t\t\t\t\t\t\tData: pulumi.String(\"referer\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.WebAcl;\nimport com.pulumi.aws.waf.WebAclArgs;\nimport com.pulumi.aws.waf.inputs.WebAclLoggingConfigurationArgs;\nimport com.pulumi.aws.waf.inputs.WebAclLoggingConfigurationRedactedFieldsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WebAcl(\"example\", WebAclArgs.builder() \n .loggingConfiguration(WebAclLoggingConfigurationArgs.builder()\n .logDestination(exampleAwsKinesisFirehoseDeliveryStream.arn())\n .redactedFields(WebAclLoggingConfigurationRedactedFieldsArgs.builder()\n .fieldToMatches( \n WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs.builder()\n .type(\"URI\")\n .build(),\n WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs.builder()\n .data(\"referer\")\n .type(\"HEADER\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:waf:WebAcl\n properties:\n loggingConfiguration:\n logDestination: ${exampleAwsKinesisFirehoseDeliveryStream.arn}\n redactedFields:\n fieldToMatches:\n - type: URI\n - data: referer\n type: HEADER\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Web ACL using the `id`. For example:\n\n```sh\n$ pulumi import aws:waf/webAcl:WebAcl main 0c8e583e-18f3-4c13-9e2a-67c4805d2f94\n```\n", + "description": "Provides a WAF Web ACL Resource\n\n## Example Usage\n\nThis example blocks requests coming from `192.0.7.0/24` and allows everything else.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.waf.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.waf.Rule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n}, {\n dependsOn: [ipset],\n});\nconst wafAcl = new aws.waf.WebAcl(\"waf_acl\", {\n name: \"tfWebACL\",\n metricName: \"tfWebACL\",\n defaultAction: {\n type: \"ALLOW\",\n },\n rules: [{\n action: {\n type: \"BLOCK\",\n },\n priority: 1,\n ruleId: wafrule.id,\n type: \"REGULAR\",\n }],\n}, {\n dependsOn: [\n ipset,\n wafrule,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.waf.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[aws.waf.IpSetIpSetDescriptorArgs(\n type=\"IPV4\",\n value=\"192.0.7.0/24\",\n )])\nwafrule = aws.waf.Rule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n predicates=[aws.waf.RulePredicateArgs(\n data_id=ipset.id,\n negated=False,\n type=\"IPMatch\",\n )],\n opts=pulumi.ResourceOptions(depends_on=[ipset]))\nwaf_acl = aws.waf.WebAcl(\"waf_acl\",\n name=\"tfWebACL\",\n metric_name=\"tfWebACL\",\n default_action=aws.waf.WebAclDefaultActionArgs(\n type=\"ALLOW\",\n ),\n rules=[aws.waf.WebAclRuleArgs(\n action=aws.waf.WebAclRuleActionArgs(\n type=\"BLOCK\",\n ),\n priority=1,\n rule_id=wafrule.id,\n type=\"REGULAR\",\n )],\n opts=pulumi.ResourceOptions(depends_on=[\n ipset,\n wafrule,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.Waf.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.Waf.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.Waf.Rule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n Predicates = new[]\n {\n new Aws.Waf.Inputs.RulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n ipset, \n },\n });\n\n var wafAcl = new Aws.Waf.WebAcl(\"waf_acl\", new()\n {\n Name = \"tfWebACL\",\n MetricName = \"tfWebACL\",\n DefaultAction = new Aws.Waf.Inputs.WebAclDefaultActionArgs\n {\n Type = \"ALLOW\",\n },\n Rules = new[]\n {\n new Aws.Waf.Inputs.WebAclRuleArgs\n {\n Action = new Aws.Waf.Inputs.WebAclRuleActionArgs\n {\n Type = \"BLOCK\",\n },\n Priority = 1,\n RuleId = wafrule.Id,\n Type = \"REGULAR\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n ipset, \n wafrule, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := waf.NewIpSet(ctx, \"ipset\", \u0026waf.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: waf.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026waf.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\twafrule, err := waf.NewRule(ctx, \"wafrule\", \u0026waf.RuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tPredicates: waf.RulePredicateArray{\n\t\t\t\t\u0026waf.RulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tipset,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = waf.NewWebAcl(ctx, \"waf_acl\", \u0026waf.WebAclArgs{\n\t\t\tName: pulumi.String(\"tfWebACL\"),\n\t\t\tMetricName: pulumi.String(\"tfWebACL\"),\n\t\t\tDefaultAction: \u0026waf.WebAclDefaultActionArgs{\n\t\t\t\tType: pulumi.String(\"ALLOW\"),\n\t\t\t},\n\t\t\tRules: waf.WebAclRuleArray{\n\t\t\t\t\u0026waf.WebAclRuleArgs{\n\t\t\t\t\tAction: \u0026waf.WebAclRuleActionArgs{\n\t\t\t\t\t\tType: pulumi.String(\"BLOCK\"),\n\t\t\t\t\t},\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRuleId: wafrule.ID(),\n\t\t\t\t\tType: pulumi.String(\"REGULAR\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tipset,\n\t\t\twafrule,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.IpSet;\nimport com.pulumi.aws.waf.IpSetArgs;\nimport com.pulumi.aws.waf.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.waf.Rule;\nimport com.pulumi.aws.waf.RuleArgs;\nimport com.pulumi.aws.waf.inputs.RulePredicateArgs;\nimport com.pulumi.aws.waf.WebAcl;\nimport com.pulumi.aws.waf.WebAclArgs;\nimport com.pulumi.aws.waf.inputs.WebAclDefaultActionArgs;\nimport com.pulumi.aws.waf.inputs.WebAclRuleArgs;\nimport com.pulumi.aws.waf.inputs.WebAclRuleActionArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder() \n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new Rule(\"wafrule\", RuleArgs.builder() \n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .predicates(RulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(ipset)\n .build());\n\n var wafAcl = new WebAcl(\"wafAcl\", WebAclArgs.builder() \n .name(\"tfWebACL\")\n .metricName(\"tfWebACL\")\n .defaultAction(WebAclDefaultActionArgs.builder()\n .type(\"ALLOW\")\n .build())\n .rules(WebAclRuleArgs.builder()\n .action(WebAclRuleActionArgs.builder()\n .type(\"BLOCK\")\n .build())\n .priority(1)\n .ruleId(wafrule.id())\n .type(\"REGULAR\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n ipset,\n wafrule)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:waf:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:waf:Rule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n options:\n dependson:\n - ${ipset}\n wafAcl:\n type: aws:waf:WebAcl\n name: waf_acl\n properties:\n name: tfWebACL\n metricName: tfWebACL\n defaultAction:\n type: ALLOW\n rules:\n - action:\n type: BLOCK\n priority: 1\n ruleId: ${wafrule.id}\n type: REGULAR\n options:\n dependson:\n - ${ipset}\n - ${wafrule}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Logging\n\n\u003e *NOTE:* The Kinesis Firehose Delivery Stream name must begin with `aws-waf-logs-` and be located in `us-east-1` region. See the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/logging.html) for more information about enabling WAF logging.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.waf.WebAcl(\"example\", {loggingConfiguration: {\n logDestination: exampleAwsKinesisFirehoseDeliveryStream.arn,\n redactedFields: {\n fieldToMatches: [\n {\n type: \"URI\",\n },\n {\n data: \"referer\",\n type: \"HEADER\",\n },\n ],\n },\n}});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.waf.WebAcl(\"example\", logging_configuration=aws.waf.WebAclLoggingConfigurationArgs(\n log_destination=example_aws_kinesis_firehose_delivery_stream[\"arn\"],\n redacted_fields=aws.waf.WebAclLoggingConfigurationRedactedFieldsArgs(\n field_to_matches=[\n aws.waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs(\n type=\"URI\",\n ),\n aws.waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs(\n data=\"referer\",\n type=\"HEADER\",\n ),\n ],\n ),\n))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.Waf.WebAcl(\"example\", new()\n {\n LoggingConfiguration = new Aws.Waf.Inputs.WebAclLoggingConfigurationArgs\n {\n LogDestination = exampleAwsKinesisFirehoseDeliveryStream.Arn,\n RedactedFields = new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsArgs\n {\n FieldToMatches = new[]\n {\n new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs\n {\n Type = \"URI\",\n },\n new Aws.Waf.Inputs.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs\n {\n Data = \"referer\",\n Type = \"HEADER\",\n },\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/waf\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := waf.NewWebAcl(ctx, \"example\", \u0026waf.WebAclArgs{\n\t\t\tLoggingConfiguration: \u0026waf.WebAclLoggingConfigurationArgs{\n\t\t\t\tLogDestination: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Arn),\n\t\t\t\tRedactedFields: \u0026waf.WebAclLoggingConfigurationRedactedFieldsArgs{\n\t\t\t\t\tFieldToMatches: waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArray{\n\t\t\t\t\t\t\u0026waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs{\n\t\t\t\t\t\t\tType: pulumi.String(\"URI\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026waf.WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs{\n\t\t\t\t\t\t\tData: pulumi.String(\"referer\"),\n\t\t\t\t\t\t\tType: pulumi.String(\"HEADER\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.waf.WebAcl;\nimport com.pulumi.aws.waf.WebAclArgs;\nimport com.pulumi.aws.waf.inputs.WebAclLoggingConfigurationArgs;\nimport com.pulumi.aws.waf.inputs.WebAclLoggingConfigurationRedactedFieldsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new WebAcl(\"example\", WebAclArgs.builder() \n .loggingConfiguration(WebAclLoggingConfigurationArgs.builder()\n .logDestination(exampleAwsKinesisFirehoseDeliveryStream.arn())\n .redactedFields(WebAclLoggingConfigurationRedactedFieldsArgs.builder()\n .fieldToMatches( \n WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs.builder()\n .type(\"URI\")\n .build(),\n WebAclLoggingConfigurationRedactedFieldsFieldToMatchArgs.builder()\n .data(\"referer\")\n .type(\"HEADER\")\n .build())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:waf:WebAcl\n properties:\n loggingConfiguration:\n logDestination: ${exampleAwsKinesisFirehoseDeliveryStream.arn}\n redactedFields:\n fieldToMatches:\n - type: URI\n - data: referer\n type: HEADER\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Web ACL using the `id`. For example:\n\n```sh\n$ pulumi import aws:waf/webAcl:WebAcl main 0c8e583e-18f3-4c13-9e2a-67c4805d2f94\n```\n", "properties": { "arn": { "type": "string", @@ -347536,7 +347536,7 @@ } }, "aws:wafregional/rateBasedRule:RateBasedRule": { - "description": "Provides a WAF Rate Based Rule Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.wafregional.RateBasedRule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n rateKey: \"IP\",\n rateLimit: 100,\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[aws.wafregional.IpSetIpSetDescriptorArgs(\n type=\"IPV4\",\n value=\"192.0.7.0/24\",\n )])\nwafrule = aws.wafregional.RateBasedRule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n rate_key=\"IP\",\n rate_limit=100,\n predicates=[aws.wafregional.RateBasedRulePredicateArgs(\n data_id=ipset.id,\n negated=False,\n type=\"IPMatch\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.WafRegional.RateBasedRule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n RateKey = \"IP\",\n RateLimit = 100,\n Predicates = new[]\n {\n new Aws.WafRegional.Inputs.RateBasedRulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewRateBasedRule(ctx, \"wafrule\", \u0026wafregional.RateBasedRuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tRateKey: pulumi.String(\"IP\"),\n\t\t\tRateLimit: pulumi.Int(100),\n\t\t\tPredicates: wafregional.RateBasedRulePredicateArray{\n\t\t\t\t\u0026wafregional.RateBasedRulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.IpSet;\nimport com.pulumi.aws.wafregional.IpSetArgs;\nimport com.pulumi.aws.wafregional.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.wafregional.RateBasedRule;\nimport com.pulumi.aws.wafregional.RateBasedRuleArgs;\nimport com.pulumi.aws.wafregional.inputs.RateBasedRulePredicateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder() \n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new RateBasedRule(\"wafrule\", RateBasedRuleArgs.builder() \n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .rateKey(\"IP\")\n .rateLimit(100)\n .predicates(RateBasedRulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:wafregional:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:wafregional:RateBasedRule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n rateKey: IP\n rateLimit: 100\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Rate Based Rule using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/rateBasedRule:RateBasedRule wafrule a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", + "description": "Provides a WAF Rate Based Rule Resource\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst ipset = new aws.wafregional.IpSet(\"ipset\", {\n name: \"tfIPSet\",\n ipSetDescriptors: [{\n type: \"IPV4\",\n value: \"192.0.7.0/24\",\n }],\n});\nconst wafrule = new aws.wafregional.RateBasedRule(\"wafrule\", {\n name: \"tfWAFRule\",\n metricName: \"tfWAFRule\",\n rateKey: \"IP\",\n rateLimit: 100,\n predicates: [{\n dataId: ipset.id,\n negated: false,\n type: \"IPMatch\",\n }],\n}, {\n dependsOn: [ipset],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nipset = aws.wafregional.IpSet(\"ipset\",\n name=\"tfIPSet\",\n ip_set_descriptors=[aws.wafregional.IpSetIpSetDescriptorArgs(\n type=\"IPV4\",\n value=\"192.0.7.0/24\",\n )])\nwafrule = aws.wafregional.RateBasedRule(\"wafrule\",\n name=\"tfWAFRule\",\n metric_name=\"tfWAFRule\",\n rate_key=\"IP\",\n rate_limit=100,\n predicates=[aws.wafregional.RateBasedRulePredicateArgs(\n data_id=ipset.id,\n negated=False,\n type=\"IPMatch\",\n )],\n opts=pulumi.ResourceOptions(depends_on=[ipset]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var ipset = new Aws.WafRegional.IpSet(\"ipset\", new()\n {\n Name = \"tfIPSet\",\n IpSetDescriptors = new[]\n {\n new Aws.WafRegional.Inputs.IpSetIpSetDescriptorArgs\n {\n Type = \"IPV4\",\n Value = \"192.0.7.0/24\",\n },\n },\n });\n\n var wafrule = new Aws.WafRegional.RateBasedRule(\"wafrule\", new()\n {\n Name = \"tfWAFRule\",\n MetricName = \"tfWAFRule\",\n RateKey = \"IP\",\n RateLimit = 100,\n Predicates = new[]\n {\n new Aws.WafRegional.Inputs.RateBasedRulePredicateArgs\n {\n DataId = ipset.Id,\n Negated = false,\n Type = \"IPMatch\",\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n ipset, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/wafregional\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tipset, err := wafregional.NewIpSet(ctx, \"ipset\", \u0026wafregional.IpSetArgs{\n\t\t\tName: pulumi.String(\"tfIPSet\"),\n\t\t\tIpSetDescriptors: wafregional.IpSetIpSetDescriptorArray{\n\t\t\t\t\u0026wafregional.IpSetIpSetDescriptorArgs{\n\t\t\t\t\tType: pulumi.String(\"IPV4\"),\n\t\t\t\t\tValue: pulumi.String(\"192.0.7.0/24\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = wafregional.NewRateBasedRule(ctx, \"wafrule\", \u0026wafregional.RateBasedRuleArgs{\n\t\t\tName: pulumi.String(\"tfWAFRule\"),\n\t\t\tMetricName: pulumi.String(\"tfWAFRule\"),\n\t\t\tRateKey: pulumi.String(\"IP\"),\n\t\t\tRateLimit: pulumi.Int(100),\n\t\t\tPredicates: wafregional.RateBasedRulePredicateArray{\n\t\t\t\t\u0026wafregional.RateBasedRulePredicateArgs{\n\t\t\t\t\tDataId: ipset.ID(),\n\t\t\t\t\tNegated: pulumi.Bool(false),\n\t\t\t\t\tType: pulumi.String(\"IPMatch\"),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tipset,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.wafregional.IpSet;\nimport com.pulumi.aws.wafregional.IpSetArgs;\nimport com.pulumi.aws.wafregional.inputs.IpSetIpSetDescriptorArgs;\nimport com.pulumi.aws.wafregional.RateBasedRule;\nimport com.pulumi.aws.wafregional.RateBasedRuleArgs;\nimport com.pulumi.aws.wafregional.inputs.RateBasedRulePredicateArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var ipset = new IpSet(\"ipset\", IpSetArgs.builder() \n .name(\"tfIPSet\")\n .ipSetDescriptors(IpSetIpSetDescriptorArgs.builder()\n .type(\"IPV4\")\n .value(\"192.0.7.0/24\")\n .build())\n .build());\n\n var wafrule = new RateBasedRule(\"wafrule\", RateBasedRuleArgs.builder() \n .name(\"tfWAFRule\")\n .metricName(\"tfWAFRule\")\n .rateKey(\"IP\")\n .rateLimit(100)\n .predicates(RateBasedRulePredicateArgs.builder()\n .dataId(ipset.id())\n .negated(false)\n .type(\"IPMatch\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(ipset)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n ipset:\n type: aws:wafregional:IpSet\n properties:\n name: tfIPSet\n ipSetDescriptors:\n - type: IPV4\n value: 192.0.7.0/24\n wafrule:\n type: aws:wafregional:RateBasedRule\n properties:\n name: tfWAFRule\n metricName: tfWAFRule\n rateKey: IP\n rateLimit: 100\n predicates:\n - dataId: ${ipset.id}\n negated: false\n type: IPMatch\n options:\n dependson:\n - ${ipset}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import WAF Regional Rate Based Rule using the id. For example:\n\n```sh\n$ pulumi import aws:wafregional/rateBasedRule:RateBasedRule wafrule a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc\n```\n", "properties": { "arn": { "type": "string", @@ -349552,7 +349552,7 @@ } }, "aws:workspaces/directory:Directory": { - "description": "Provides a WorkSpaces directory in AWS WorkSpaces Service.\n\n\u003e **NOTE:** AWS WorkSpaces service requires [`workspaces_DefaultRole`](https://docs.aws.amazon.com/workspaces/latest/adminguide/workspaces-access-control.html#create-default-role) IAM role to operate normally.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst exampleA = new aws.ec2.Subnet(\"example_a\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1a\",\n cidrBlock: \"10.0.0.0/24\",\n});\nconst exampleB = new aws.ec2.Subnet(\"example_b\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1b\",\n cidrBlock: \"10.0.1.0/24\",\n});\nconst exampleDirectory = new aws.directoryservice.Directory(\"example\", {\n name: \"corp.example.com\",\n password: \"#S1ncerely\",\n size: \"Small\",\n vpcSettings: {\n vpcId: exampleVpc.id,\n subnetIds: [\n exampleA.id,\n exampleB.id,\n ],\n },\n});\nconst exampleC = new aws.ec2.Subnet(\"example_c\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1c\",\n cidrBlock: \"10.0.2.0/24\",\n});\nconst exampleD = new aws.ec2.Subnet(\"example_d\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1d\",\n cidrBlock: \"10.0.3.0/24\",\n});\nconst example = new aws.workspaces.Directory(\"example\", {\n directoryId: exampleDirectory.id,\n subnetIds: [\n exampleC.id,\n exampleD.id,\n ],\n tags: {\n Example: \"true\",\n },\n selfServicePermissions: {\n changeComputeType: true,\n increaseVolumeSize: true,\n rebuildWorkspace: true,\n restartWorkspace: true,\n switchRunningMode: true,\n },\n workspaceAccessProperties: {\n deviceTypeAndroid: \"ALLOW\",\n deviceTypeChromeos: \"ALLOW\",\n deviceTypeIos: \"ALLOW\",\n deviceTypeLinux: \"DENY\",\n deviceTypeOsx: \"ALLOW\",\n deviceTypeWeb: \"DENY\",\n deviceTypeWindows: \"DENY\",\n deviceTypeZeroclient: \"DENY\",\n },\n workspaceCreationProperties: {\n customSecurityGroupId: exampleAwsSecurityGroup.id,\n defaultOu: \"OU=AWS,DC=Workgroup,DC=Example,DC=com\",\n enableInternetAccess: true,\n enableMaintenanceMode: true,\n userEnabledAsLocalAdministrator: true,\n },\n});\nconst workspaces = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"workspaces.amazonaws.com\"],\n }],\n }],\n});\nconst workspacesDefault = new aws.iam.Role(\"workspaces_default\", {\n name: \"workspaces_DefaultRole\",\n assumeRolePolicy: workspaces.then(workspaces =\u003e workspaces.json),\n});\nconst workspacesDefaultServiceAccess = new aws.iam.RolePolicyAttachment(\"workspaces_default_service_access\", {\n role: workspacesDefault.name,\n policyArn: \"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\",\n});\nconst workspacesDefaultSelfServiceAccess = new aws.iam.RolePolicyAttachment(\"workspaces_default_self_service_access\", {\n role: workspacesDefault.name,\n policyArn: \"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\",\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample_a = aws.ec2.Subnet(\"example_a\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1a\",\n cidr_block=\"10.0.0.0/24\")\nexample_b = aws.ec2.Subnet(\"example_b\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1b\",\n cidr_block=\"10.0.1.0/24\")\nexample_directory = aws.directoryservice.Directory(\"example\",\n name=\"corp.example.com\",\n password=\"#S1ncerely\",\n size=\"Small\",\n vpc_settings=aws.directoryservice.DirectoryVpcSettingsArgs(\n vpc_id=example_vpc.id,\n subnet_ids=[\n example_a.id,\n example_b.id,\n ],\n ))\nexample_c = aws.ec2.Subnet(\"example_c\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1c\",\n cidr_block=\"10.0.2.0/24\")\nexample_d = aws.ec2.Subnet(\"example_d\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1d\",\n cidr_block=\"10.0.3.0/24\")\nexample = aws.workspaces.Directory(\"example\",\n directory_id=example_directory.id,\n subnet_ids=[\n example_c.id,\n example_d.id,\n ],\n tags={\n \"Example\": \"true\",\n },\n self_service_permissions=aws.workspaces.DirectorySelfServicePermissionsArgs(\n change_compute_type=True,\n increase_volume_size=True,\n rebuild_workspace=True,\n restart_workspace=True,\n switch_running_mode=True,\n ),\n workspace_access_properties=aws.workspaces.DirectoryWorkspaceAccessPropertiesArgs(\n device_type_android=\"ALLOW\",\n device_type_chromeos=\"ALLOW\",\n device_type_ios=\"ALLOW\",\n device_type_linux=\"DENY\",\n device_type_osx=\"ALLOW\",\n device_type_web=\"DENY\",\n device_type_windows=\"DENY\",\n device_type_zeroclient=\"DENY\",\n ),\n workspace_creation_properties=aws.workspaces.DirectoryWorkspaceCreationPropertiesArgs(\n custom_security_group_id=example_aws_security_group[\"id\"],\n default_ou=\"OU=AWS,DC=Workgroup,DC=Example,DC=com\",\n enable_internet_access=True,\n enable_maintenance_mode=True,\n user_enabled_as_local_administrator=True,\n ))\nworkspaces = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"workspaces.amazonaws.com\"],\n )],\n)])\nworkspaces_default = aws.iam.Role(\"workspaces_default\",\n name=\"workspaces_DefaultRole\",\n assume_role_policy=workspaces.json)\nworkspaces_default_service_access = aws.iam.RolePolicyAttachment(\"workspaces_default_service_access\",\n role=workspaces_default.name,\n policy_arn=\"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\")\nworkspaces_default_self_service_access = aws.iam.RolePolicyAttachment(\"workspaces_default_self_service_access\",\n role=workspaces_default.name,\n policy_arn=\"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var exampleA = new Aws.Ec2.Subnet(\"example_a\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1a\",\n CidrBlock = \"10.0.0.0/24\",\n });\n\n var exampleB = new Aws.Ec2.Subnet(\"example_b\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1b\",\n CidrBlock = \"10.0.1.0/24\",\n });\n\n var exampleDirectory = new Aws.DirectoryService.Directory(\"example\", new()\n {\n Name = \"corp.example.com\",\n Password = \"#S1ncerely\",\n Size = \"Small\",\n VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs\n {\n VpcId = exampleVpc.Id,\n SubnetIds = new[]\n {\n exampleA.Id,\n exampleB.Id,\n },\n },\n });\n\n var exampleC = new Aws.Ec2.Subnet(\"example_c\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1c\",\n CidrBlock = \"10.0.2.0/24\",\n });\n\n var exampleD = new Aws.Ec2.Subnet(\"example_d\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1d\",\n CidrBlock = \"10.0.3.0/24\",\n });\n\n var example = new Aws.Workspaces.Directory(\"example\", new()\n {\n DirectoryId = exampleDirectory.Id,\n SubnetIds = new[]\n {\n exampleC.Id,\n exampleD.Id,\n },\n Tags = \n {\n { \"Example\", \"true\" },\n },\n SelfServicePermissions = new Aws.Workspaces.Inputs.DirectorySelfServicePermissionsArgs\n {\n ChangeComputeType = true,\n IncreaseVolumeSize = true,\n RebuildWorkspace = true,\n RestartWorkspace = true,\n SwitchRunningMode = true,\n },\n WorkspaceAccessProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceAccessPropertiesArgs\n {\n DeviceTypeAndroid = \"ALLOW\",\n DeviceTypeChromeos = \"ALLOW\",\n DeviceTypeIos = \"ALLOW\",\n DeviceTypeLinux = \"DENY\",\n DeviceTypeOsx = \"ALLOW\",\n DeviceTypeWeb = \"DENY\",\n DeviceTypeWindows = \"DENY\",\n DeviceTypeZeroclient = \"DENY\",\n },\n WorkspaceCreationProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceCreationPropertiesArgs\n {\n CustomSecurityGroupId = exampleAwsSecurityGroup.Id,\n DefaultOu = \"OU=AWS,DC=Workgroup,DC=Example,DC=com\",\n EnableInternetAccess = true,\n EnableMaintenanceMode = true,\n UserEnabledAsLocalAdministrator = true,\n },\n });\n\n var workspaces = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"workspaces.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var workspacesDefault = new Aws.Iam.Role(\"workspaces_default\", new()\n {\n Name = \"workspaces_DefaultRole\",\n AssumeRolePolicy = workspaces.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var workspacesDefaultServiceAccess = new Aws.Iam.RolePolicyAttachment(\"workspaces_default_service_access\", new()\n {\n Role = workspacesDefault.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\",\n });\n\n var workspacesDefaultSelfServiceAccess = new Aws.Iam.RolePolicyAttachment(\"workspaces_default_self_service_access\", new()\n {\n Role = workspacesDefault.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleA, err := ec2.NewSubnet(ctx, \"example_a\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleB, err := ec2.NewSubnet(ctx, \"example_b\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1b\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectory, err := directoryservice.NewDirectory(ctx, \"example\", \u0026directoryservice.DirectoryArgs{\n\t\t\tName: pulumi.String(\"corp.example.com\"),\n\t\t\tPassword: pulumi.String(\"#S1ncerely\"),\n\t\t\tSize: pulumi.String(\"Small\"),\n\t\t\tVpcSettings: \u0026directoryservice.DirectoryVpcSettingsArgs{\n\t\t\t\tVpcId: exampleVpc.ID(),\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\texampleA.ID(),\n\t\t\t\t\texampleB.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleC, err := ec2.NewSubnet(ctx, \"example_c\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1c\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleD, err := ec2.NewSubnet(ctx, \"example_d\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1d\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.3.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = workspaces.NewDirectory(ctx, \"example\", \u0026workspaces.DirectoryArgs{\n\t\t\tDirectoryId: exampleDirectory.ID(),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleC.ID(),\n\t\t\t\texampleD.ID(),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Example\": pulumi.String(\"true\"),\n\t\t\t},\n\t\t\tSelfServicePermissions: \u0026workspaces.DirectorySelfServicePermissionsArgs{\n\t\t\t\tChangeComputeType: pulumi.Bool(true),\n\t\t\t\tIncreaseVolumeSize: pulumi.Bool(true),\n\t\t\t\tRebuildWorkspace: pulumi.Bool(true),\n\t\t\t\tRestartWorkspace: pulumi.Bool(true),\n\t\t\t\tSwitchRunningMode: pulumi.Bool(true),\n\t\t\t},\n\t\t\tWorkspaceAccessProperties: \u0026workspaces.DirectoryWorkspaceAccessPropertiesArgs{\n\t\t\t\tDeviceTypeAndroid: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeChromeos: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeIos: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeLinux: pulumi.String(\"DENY\"),\n\t\t\t\tDeviceTypeOsx: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeWeb: pulumi.String(\"DENY\"),\n\t\t\t\tDeviceTypeWindows: pulumi.String(\"DENY\"),\n\t\t\t\tDeviceTypeZeroclient: pulumi.String(\"DENY\"),\n\t\t\t},\n\t\t\tWorkspaceCreationProperties: \u0026workspaces.DirectoryWorkspaceCreationPropertiesArgs{\n\t\t\t\tCustomSecurityGroupId: pulumi.Any(exampleAwsSecurityGroup.Id),\n\t\t\t\tDefaultOu: pulumi.String(\"OU=AWS,DC=Workgroup,DC=Example,DC=com\"),\n\t\t\t\tEnableInternetAccess: pulumi.Bool(true),\n\t\t\t\tEnableMaintenanceMode: pulumi.Bool(true),\n\t\t\t\tUserEnabledAsLocalAdministrator: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspaces, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"workspaces.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspacesDefault, err := iam.NewRole(ctx, \"workspaces_default\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"workspaces_DefaultRole\"),\n\t\t\tAssumeRolePolicy: pulumi.String(workspaces.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"workspaces_default_service_access\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: workspacesDefault.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewRolePolicyAttachment(ctx, \"workspaces_default_self_service_access\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: workspacesDefault.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.directoryservice.Directory;\nimport com.pulumi.aws.directoryservice.DirectoryArgs;\nimport com.pulumi.aws.directoryservice.inputs.DirectoryVpcSettingsArgs;\nimport com.pulumi.aws.workspaces.Directory;\nimport com.pulumi.aws.workspaces.DirectoryArgs;\nimport com.pulumi.aws.workspaces.inputs.DirectorySelfServicePermissionsArgs;\nimport com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceAccessPropertiesArgs;\nimport com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceCreationPropertiesArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder() \n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var exampleA = new Subnet(\"exampleA\", SubnetArgs.builder() \n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1a\")\n .cidrBlock(\"10.0.0.0/24\")\n .build());\n\n var exampleB = new Subnet(\"exampleB\", SubnetArgs.builder() \n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1b\")\n .cidrBlock(\"10.0.1.0/24\")\n .build());\n\n var exampleDirectory = new Directory(\"exampleDirectory\", DirectoryArgs.builder() \n .name(\"corp.example.com\")\n .password(\"#S1ncerely\")\n .size(\"Small\")\n .vpcSettings(DirectoryVpcSettingsArgs.builder()\n .vpcId(exampleVpc.id())\n .subnetIds( \n exampleA.id(),\n exampleB.id())\n .build())\n .build());\n\n var exampleC = new Subnet(\"exampleC\", SubnetArgs.builder() \n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1c\")\n .cidrBlock(\"10.0.2.0/24\")\n .build());\n\n var exampleD = new Subnet(\"exampleD\", SubnetArgs.builder() \n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1d\")\n .cidrBlock(\"10.0.3.0/24\")\n .build());\n\n var example = new Directory(\"example\", DirectoryArgs.builder() \n .directoryId(exampleDirectory.id())\n .subnetIds( \n exampleC.id(),\n exampleD.id())\n .tags(Map.of(\"Example\", true))\n .selfServicePermissions(DirectorySelfServicePermissionsArgs.builder()\n .changeComputeType(true)\n .increaseVolumeSize(true)\n .rebuildWorkspace(true)\n .restartWorkspace(true)\n .switchRunningMode(true)\n .build())\n .workspaceAccessProperties(DirectoryWorkspaceAccessPropertiesArgs.builder()\n .deviceTypeAndroid(\"ALLOW\")\n .deviceTypeChromeos(\"ALLOW\")\n .deviceTypeIos(\"ALLOW\")\n .deviceTypeLinux(\"DENY\")\n .deviceTypeOsx(\"ALLOW\")\n .deviceTypeWeb(\"DENY\")\n .deviceTypeWindows(\"DENY\")\n .deviceTypeZeroclient(\"DENY\")\n .build())\n .workspaceCreationProperties(DirectoryWorkspaceCreationPropertiesArgs.builder()\n .customSecurityGroupId(exampleAwsSecurityGroup.id())\n .defaultOu(\"OU=AWS,DC=Workgroup,DC=Example,DC=com\")\n .enableInternetAccess(true)\n .enableMaintenanceMode(true)\n .userEnabledAsLocalAdministrator(true)\n .build())\n .build());\n\n final var workspaces = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"workspaces.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var workspacesDefault = new Role(\"workspacesDefault\", RoleArgs.builder() \n .name(\"workspaces_DefaultRole\")\n .assumeRolePolicy(workspaces.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var workspacesDefaultServiceAccess = new RolePolicyAttachment(\"workspacesDefaultServiceAccess\", RolePolicyAttachmentArgs.builder() \n .role(workspacesDefault.name())\n .policyArn(\"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\")\n .build());\n\n var workspacesDefaultSelfServiceAccess = new RolePolicyAttachment(\"workspacesDefaultSelfServiceAccess\", RolePolicyAttachmentArgs.builder() \n .role(workspacesDefault.name())\n .policyArn(\"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:workspaces:Directory\n properties:\n directoryId: ${exampleDirectory.id}\n subnetIds:\n - ${exampleC.id}\n - ${exampleD.id}\n tags:\n Example: true\n selfServicePermissions:\n changeComputeType: true\n increaseVolumeSize: true\n rebuildWorkspace: true\n restartWorkspace: true\n switchRunningMode: true\n workspaceAccessProperties:\n deviceTypeAndroid: ALLOW\n deviceTypeChromeos: ALLOW\n deviceTypeIos: ALLOW\n deviceTypeLinux: DENY\n deviceTypeOsx: ALLOW\n deviceTypeWeb: DENY\n deviceTypeWindows: DENY\n deviceTypeZeroclient: DENY\n workspaceCreationProperties:\n customSecurityGroupId: ${exampleAwsSecurityGroup.id}\n defaultOu: OU=AWS,DC=Workgroup,DC=Example,DC=com\n enableInternetAccess: true\n enableMaintenanceMode: true\n userEnabledAsLocalAdministrator: true\n exampleDirectory:\n type: aws:directoryservice:Directory\n name: example\n properties:\n name: corp.example.com\n password: '#S1ncerely'\n size: Small\n vpcSettings:\n vpcId: ${exampleVpc.id}\n subnetIds:\n - ${exampleA.id}\n - ${exampleB.id}\n workspacesDefault:\n type: aws:iam:Role\n name: workspaces_default\n properties:\n name: workspaces_DefaultRole\n assumeRolePolicy: ${workspaces.json}\n workspacesDefaultServiceAccess:\n type: aws:iam:RolePolicyAttachment\n name: workspaces_default_service_access\n properties:\n role: ${workspacesDefault.name}\n policyArn: arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\n workspacesDefaultSelfServiceAccess:\n type: aws:iam:RolePolicyAttachment\n name: workspaces_default_self_service_access\n properties:\n role: ${workspacesDefault.name}\n policyArn: arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\n exampleVpc:\n type: aws:ec2:Vpc\n name: example\n properties:\n cidrBlock: 10.0.0.0/16\n exampleA:\n type: aws:ec2:Subnet\n name: example_a\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1a\n cidrBlock: 10.0.0.0/24\n exampleB:\n type: aws:ec2:Subnet\n name: example_b\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1b\n cidrBlock: 10.0.1.0/24\n exampleC:\n type: aws:ec2:Subnet\n name: example_c\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1c\n cidrBlock: 10.0.2.0/24\n exampleD:\n type: aws:ec2:Subnet\n name: example_d\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1d\n cidrBlock: 10.0.3.0/24\nvariables:\n workspaces:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - workspaces.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### IP Groups\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleIpGroup = new aws.workspaces.IpGroup(\"example\", {name: \"example\"});\nconst example = new aws.workspaces.Directory(\"example\", {\n directoryId: exampleAwsDirectoryServiceDirectory.id,\n ipGroupIds: [exampleIpGroup.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_ip_group = aws.workspaces.IpGroup(\"example\", name=\"example\")\nexample = aws.workspaces.Directory(\"example\",\n directory_id=example_aws_directory_service_directory[\"id\"],\n ip_group_ids=[example_ip_group.id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleIpGroup = new Aws.Workspaces.IpGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = new Aws.Workspaces.Directory(\"example\", new()\n {\n DirectoryId = exampleAwsDirectoryServiceDirectory.Id,\n IpGroupIds = new[]\n {\n exampleIpGroup.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleIpGroup, err := workspaces.NewIpGroup(ctx, \"example\", \u0026workspaces.IpGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = workspaces.NewDirectory(ctx, \"example\", \u0026workspaces.DirectoryArgs{\n\t\t\tDirectoryId: pulumi.Any(exampleAwsDirectoryServiceDirectory.Id),\n\t\t\tIpGroupIds: pulumi.StringArray{\n\t\t\t\texampleIpGroup.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.IpGroup;\nimport com.pulumi.aws.workspaces.IpGroupArgs;\nimport com.pulumi.aws.workspaces.Directory;\nimport com.pulumi.aws.workspaces.DirectoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleIpGroup = new IpGroup(\"exampleIpGroup\", IpGroupArgs.builder() \n .name(\"example\")\n .build());\n\n var example = new Directory(\"example\", DirectoryArgs.builder() \n .directoryId(exampleAwsDirectoryServiceDirectory.id())\n .ipGroupIds(exampleIpGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:workspaces:Directory\n properties:\n directoryId: ${exampleAwsDirectoryServiceDirectory.id}\n ipGroupIds:\n - ${exampleIpGroup.id}\n exampleIpGroup:\n type: aws:workspaces:IpGroup\n name: example\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Workspaces directory using the directory ID. For example:\n\n```sh\n$ pulumi import aws:workspaces/directory:Directory main d-4444444444\n```\n", + "description": "Provides a WorkSpaces directory in AWS WorkSpaces Service.\n\n\u003e **NOTE:** AWS WorkSpaces service requires [`workspaces_DefaultRole`](https://docs.aws.amazon.com/workspaces/latest/adminguide/workspaces-access-control.html#create-default-role) IAM role to operate normally.\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleVpc = new aws.ec2.Vpc(\"example\", {cidrBlock: \"10.0.0.0/16\"});\nconst exampleA = new aws.ec2.Subnet(\"example_a\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1a\",\n cidrBlock: \"10.0.0.0/24\",\n});\nconst exampleB = new aws.ec2.Subnet(\"example_b\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1b\",\n cidrBlock: \"10.0.1.0/24\",\n});\nconst exampleDirectory = new aws.directoryservice.Directory(\"example\", {\n name: \"corp.example.com\",\n password: \"#S1ncerely\",\n size: \"Small\",\n vpcSettings: {\n vpcId: exampleVpc.id,\n subnetIds: [\n exampleA.id,\n exampleB.id,\n ],\n },\n});\nconst workspaces = aws.iam.getPolicyDocument({\n statements: [{\n actions: [\"sts:AssumeRole\"],\n principals: [{\n type: \"Service\",\n identifiers: [\"workspaces.amazonaws.com\"],\n }],\n }],\n});\nconst workspacesDefault = new aws.iam.Role(\"workspaces_default\", {\n name: \"workspaces_DefaultRole\",\n assumeRolePolicy: workspaces.then(workspaces =\u003e workspaces.json),\n});\nconst workspacesDefaultServiceAccess = new aws.iam.RolePolicyAttachment(\"workspaces_default_service_access\", {\n role: workspacesDefault.name,\n policyArn: \"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\",\n});\nconst workspacesDefaultSelfServiceAccess = new aws.iam.RolePolicyAttachment(\"workspaces_default_self_service_access\", {\n role: workspacesDefault.name,\n policyArn: \"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\",\n});\nconst exampleC = new aws.ec2.Subnet(\"example_c\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1c\",\n cidrBlock: \"10.0.2.0/24\",\n});\nconst exampleD = new aws.ec2.Subnet(\"example_d\", {\n vpcId: exampleVpc.id,\n availabilityZone: \"us-east-1d\",\n cidrBlock: \"10.0.3.0/24\",\n});\nconst example = new aws.workspaces.Directory(\"example\", {\n directoryId: exampleDirectory.id,\n subnetIds: [\n exampleC.id,\n exampleD.id,\n ],\n tags: {\n Example: \"true\",\n },\n selfServicePermissions: {\n changeComputeType: true,\n increaseVolumeSize: true,\n rebuildWorkspace: true,\n restartWorkspace: true,\n switchRunningMode: true,\n },\n workspaceAccessProperties: {\n deviceTypeAndroid: \"ALLOW\",\n deviceTypeChromeos: \"ALLOW\",\n deviceTypeIos: \"ALLOW\",\n deviceTypeLinux: \"DENY\",\n deviceTypeOsx: \"ALLOW\",\n deviceTypeWeb: \"DENY\",\n deviceTypeWindows: \"DENY\",\n deviceTypeZeroclient: \"DENY\",\n },\n workspaceCreationProperties: {\n customSecurityGroupId: exampleAwsSecurityGroup.id,\n defaultOu: \"OU=AWS,DC=Workgroup,DC=Example,DC=com\",\n enableInternetAccess: true,\n enableMaintenanceMode: true,\n userEnabledAsLocalAdministrator: true,\n },\n}, {\n dependsOn: [\n workspacesDefaultServiceAccess,\n workspacesDefaultSelfServiceAccess,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_vpc = aws.ec2.Vpc(\"example\", cidr_block=\"10.0.0.0/16\")\nexample_a = aws.ec2.Subnet(\"example_a\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1a\",\n cidr_block=\"10.0.0.0/24\")\nexample_b = aws.ec2.Subnet(\"example_b\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1b\",\n cidr_block=\"10.0.1.0/24\")\nexample_directory = aws.directoryservice.Directory(\"example\",\n name=\"corp.example.com\",\n password=\"#S1ncerely\",\n size=\"Small\",\n vpc_settings=aws.directoryservice.DirectoryVpcSettingsArgs(\n vpc_id=example_vpc.id,\n subnet_ids=[\n example_a.id,\n example_b.id,\n ],\n ))\nworkspaces = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(\n actions=[\"sts:AssumeRole\"],\n principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(\n type=\"Service\",\n identifiers=[\"workspaces.amazonaws.com\"],\n )],\n)])\nworkspaces_default = aws.iam.Role(\"workspaces_default\",\n name=\"workspaces_DefaultRole\",\n assume_role_policy=workspaces.json)\nworkspaces_default_service_access = aws.iam.RolePolicyAttachment(\"workspaces_default_service_access\",\n role=workspaces_default.name,\n policy_arn=\"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\")\nworkspaces_default_self_service_access = aws.iam.RolePolicyAttachment(\"workspaces_default_self_service_access\",\n role=workspaces_default.name,\n policy_arn=\"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\")\nexample_c = aws.ec2.Subnet(\"example_c\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1c\",\n cidr_block=\"10.0.2.0/24\")\nexample_d = aws.ec2.Subnet(\"example_d\",\n vpc_id=example_vpc.id,\n availability_zone=\"us-east-1d\",\n cidr_block=\"10.0.3.0/24\")\nexample = aws.workspaces.Directory(\"example\",\n directory_id=example_directory.id,\n subnet_ids=[\n example_c.id,\n example_d.id,\n ],\n tags={\n \"Example\": \"true\",\n },\n self_service_permissions=aws.workspaces.DirectorySelfServicePermissionsArgs(\n change_compute_type=True,\n increase_volume_size=True,\n rebuild_workspace=True,\n restart_workspace=True,\n switch_running_mode=True,\n ),\n workspace_access_properties=aws.workspaces.DirectoryWorkspaceAccessPropertiesArgs(\n device_type_android=\"ALLOW\",\n device_type_chromeos=\"ALLOW\",\n device_type_ios=\"ALLOW\",\n device_type_linux=\"DENY\",\n device_type_osx=\"ALLOW\",\n device_type_web=\"DENY\",\n device_type_windows=\"DENY\",\n device_type_zeroclient=\"DENY\",\n ),\n workspace_creation_properties=aws.workspaces.DirectoryWorkspaceCreationPropertiesArgs(\n custom_security_group_id=example_aws_security_group[\"id\"],\n default_ou=\"OU=AWS,DC=Workgroup,DC=Example,DC=com\",\n enable_internet_access=True,\n enable_maintenance_mode=True,\n user_enabled_as_local_administrator=True,\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n workspaces_default_service_access,\n workspaces_default_self_service_access,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleVpc = new Aws.Ec2.Vpc(\"example\", new()\n {\n CidrBlock = \"10.0.0.0/16\",\n });\n\n var exampleA = new Aws.Ec2.Subnet(\"example_a\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1a\",\n CidrBlock = \"10.0.0.0/24\",\n });\n\n var exampleB = new Aws.Ec2.Subnet(\"example_b\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1b\",\n CidrBlock = \"10.0.1.0/24\",\n });\n\n var exampleDirectory = new Aws.DirectoryService.Directory(\"example\", new()\n {\n Name = \"corp.example.com\",\n Password = \"#S1ncerely\",\n Size = \"Small\",\n VpcSettings = new Aws.DirectoryService.Inputs.DirectoryVpcSettingsArgs\n {\n VpcId = exampleVpc.Id,\n SubnetIds = new[]\n {\n exampleA.Id,\n exampleB.Id,\n },\n },\n });\n\n var workspaces = Aws.Iam.GetPolicyDocument.Invoke(new()\n {\n Statements = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs\n {\n Actions = new[]\n {\n \"sts:AssumeRole\",\n },\n Principals = new[]\n {\n new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs\n {\n Type = \"Service\",\n Identifiers = new[]\n {\n \"workspaces.amazonaws.com\",\n },\n },\n },\n },\n },\n });\n\n var workspacesDefault = new Aws.Iam.Role(\"workspaces_default\", new()\n {\n Name = \"workspaces_DefaultRole\",\n AssumeRolePolicy = workspaces.Apply(getPolicyDocumentResult =\u003e getPolicyDocumentResult.Json),\n });\n\n var workspacesDefaultServiceAccess = new Aws.Iam.RolePolicyAttachment(\"workspaces_default_service_access\", new()\n {\n Role = workspacesDefault.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\",\n });\n\n var workspacesDefaultSelfServiceAccess = new Aws.Iam.RolePolicyAttachment(\"workspaces_default_self_service_access\", new()\n {\n Role = workspacesDefault.Name,\n PolicyArn = \"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\",\n });\n\n var exampleC = new Aws.Ec2.Subnet(\"example_c\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1c\",\n CidrBlock = \"10.0.2.0/24\",\n });\n\n var exampleD = new Aws.Ec2.Subnet(\"example_d\", new()\n {\n VpcId = exampleVpc.Id,\n AvailabilityZone = \"us-east-1d\",\n CidrBlock = \"10.0.3.0/24\",\n });\n\n var example = new Aws.Workspaces.Directory(\"example\", new()\n {\n DirectoryId = exampleDirectory.Id,\n SubnetIds = new[]\n {\n exampleC.Id,\n exampleD.Id,\n },\n Tags = \n {\n { \"Example\", \"true\" },\n },\n SelfServicePermissions = new Aws.Workspaces.Inputs.DirectorySelfServicePermissionsArgs\n {\n ChangeComputeType = true,\n IncreaseVolumeSize = true,\n RebuildWorkspace = true,\n RestartWorkspace = true,\n SwitchRunningMode = true,\n },\n WorkspaceAccessProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceAccessPropertiesArgs\n {\n DeviceTypeAndroid = \"ALLOW\",\n DeviceTypeChromeos = \"ALLOW\",\n DeviceTypeIos = \"ALLOW\",\n DeviceTypeLinux = \"DENY\",\n DeviceTypeOsx = \"ALLOW\",\n DeviceTypeWeb = \"DENY\",\n DeviceTypeWindows = \"DENY\",\n DeviceTypeZeroclient = \"DENY\",\n },\n WorkspaceCreationProperties = new Aws.Workspaces.Inputs.DirectoryWorkspaceCreationPropertiesArgs\n {\n CustomSecurityGroupId = exampleAwsSecurityGroup.Id,\n DefaultOu = \"OU=AWS,DC=Workgroup,DC=Example,DC=com\",\n EnableInternetAccess = true,\n EnableMaintenanceMode = true,\n UserEnabledAsLocalAdministrator = true,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n workspacesDefaultServiceAccess, \n workspacesDefaultSelfServiceAccess, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/directoryservice\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVpc, err := ec2.NewVpc(ctx, \"example\", \u0026ec2.VpcArgs{\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/16\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleA, err := ec2.NewSubnet(ctx, \"example_a\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1a\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.0.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleB, err := ec2.NewSubnet(ctx, \"example_b\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1b\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.1.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDirectory, err := directoryservice.NewDirectory(ctx, \"example\", \u0026directoryservice.DirectoryArgs{\n\t\t\tName: pulumi.String(\"corp.example.com\"),\n\t\t\tPassword: pulumi.String(\"#S1ncerely\"),\n\t\t\tSize: pulumi.String(\"Small\"),\n\t\t\tVpcSettings: \u0026directoryservice.DirectoryVpcSettingsArgs{\n\t\t\t\tVpcId: exampleVpc.ID(),\n\t\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\t\texampleA.ID(),\n\t\t\t\t\texampleB.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspaces, err := iam.GetPolicyDocument(ctx, \u0026iam.GetPolicyDocumentArgs{\n\t\t\tStatements: []iam.GetPolicyDocumentStatement{\n\t\t\t\t{\n\t\t\t\t\tActions: []string{\n\t\t\t\t\t\t\"sts:AssumeRole\",\n\t\t\t\t\t},\n\t\t\t\t\tPrincipals: []iam.GetPolicyDocumentStatementPrincipal{\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tType: \"Service\",\n\t\t\t\t\t\t\tIdentifiers: []string{\n\t\t\t\t\t\t\t\t\"workspaces.amazonaws.com\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspacesDefault, err := iam.NewRole(ctx, \"workspaces_default\", \u0026iam.RoleArgs{\n\t\t\tName: pulumi.String(\"workspaces_DefaultRole\"),\n\t\t\tAssumeRolePolicy: pulumi.String(workspaces.Json),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspacesDefaultServiceAccess, err := iam.NewRolePolicyAttachment(ctx, \"workspaces_default_service_access\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: workspacesDefault.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tworkspacesDefaultSelfServiceAccess, err := iam.NewRolePolicyAttachment(ctx, \"workspaces_default_self_service_access\", \u0026iam.RolePolicyAttachmentArgs{\n\t\t\tRole: workspacesDefault.Name,\n\t\t\tPolicyArn: pulumi.String(\"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleC, err := ec2.NewSubnet(ctx, \"example_c\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1c\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.2.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleD, err := ec2.NewSubnet(ctx, \"example_d\", \u0026ec2.SubnetArgs{\n\t\t\tVpcId: exampleVpc.ID(),\n\t\t\tAvailabilityZone: pulumi.String(\"us-east-1d\"),\n\t\t\tCidrBlock: pulumi.String(\"10.0.3.0/24\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = workspaces.NewDirectory(ctx, \"example\", \u0026workspaces.DirectoryArgs{\n\t\t\tDirectoryId: exampleDirectory.ID(),\n\t\t\tSubnetIds: pulumi.StringArray{\n\t\t\t\texampleC.ID(),\n\t\t\t\texampleD.ID(),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Example\": pulumi.String(\"true\"),\n\t\t\t},\n\t\t\tSelfServicePermissions: \u0026workspaces.DirectorySelfServicePermissionsArgs{\n\t\t\t\tChangeComputeType: pulumi.Bool(true),\n\t\t\t\tIncreaseVolumeSize: pulumi.Bool(true),\n\t\t\t\tRebuildWorkspace: pulumi.Bool(true),\n\t\t\t\tRestartWorkspace: pulumi.Bool(true),\n\t\t\t\tSwitchRunningMode: pulumi.Bool(true),\n\t\t\t},\n\t\t\tWorkspaceAccessProperties: \u0026workspaces.DirectoryWorkspaceAccessPropertiesArgs{\n\t\t\t\tDeviceTypeAndroid: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeChromeos: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeIos: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeLinux: pulumi.String(\"DENY\"),\n\t\t\t\tDeviceTypeOsx: pulumi.String(\"ALLOW\"),\n\t\t\t\tDeviceTypeWeb: pulumi.String(\"DENY\"),\n\t\t\t\tDeviceTypeWindows: pulumi.String(\"DENY\"),\n\t\t\t\tDeviceTypeZeroclient: pulumi.String(\"DENY\"),\n\t\t\t},\n\t\t\tWorkspaceCreationProperties: \u0026workspaces.DirectoryWorkspaceCreationPropertiesArgs{\n\t\t\t\tCustomSecurityGroupId: pulumi.Any(exampleAwsSecurityGroup.Id),\n\t\t\t\tDefaultOu: pulumi.String(\"OU=AWS,DC=Workgroup,DC=Example,DC=com\"),\n\t\t\t\tEnableInternetAccess: pulumi.Bool(true),\n\t\t\t\tEnableMaintenanceMode: pulumi.Bool(true),\n\t\t\t\tUserEnabledAsLocalAdministrator: pulumi.Bool(true),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tworkspacesDefaultServiceAccess,\n\t\t\tworkspacesDefaultSelfServiceAccess,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.ec2.Vpc;\nimport com.pulumi.aws.ec2.VpcArgs;\nimport com.pulumi.aws.ec2.Subnet;\nimport com.pulumi.aws.ec2.SubnetArgs;\nimport com.pulumi.aws.directoryservice.Directory;\nimport com.pulumi.aws.directoryservice.DirectoryArgs;\nimport com.pulumi.aws.directoryservice.inputs.DirectoryVpcSettingsArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;\nimport com.pulumi.aws.iam.Role;\nimport com.pulumi.aws.iam.RoleArgs;\nimport com.pulumi.aws.iam.RolePolicyAttachment;\nimport com.pulumi.aws.iam.RolePolicyAttachmentArgs;\nimport com.pulumi.aws.workspaces.Directory;\nimport com.pulumi.aws.workspaces.DirectoryArgs;\nimport com.pulumi.aws.workspaces.inputs.DirectorySelfServicePermissionsArgs;\nimport com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceAccessPropertiesArgs;\nimport com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceCreationPropertiesArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleVpc = new Vpc(\"exampleVpc\", VpcArgs.builder() \n .cidrBlock(\"10.0.0.0/16\")\n .build());\n\n var exampleA = new Subnet(\"exampleA\", SubnetArgs.builder() \n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1a\")\n .cidrBlock(\"10.0.0.0/24\")\n .build());\n\n var exampleB = new Subnet(\"exampleB\", SubnetArgs.builder() \n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1b\")\n .cidrBlock(\"10.0.1.0/24\")\n .build());\n\n var exampleDirectory = new Directory(\"exampleDirectory\", DirectoryArgs.builder() \n .name(\"corp.example.com\")\n .password(\"#S1ncerely\")\n .size(\"Small\")\n .vpcSettings(DirectoryVpcSettingsArgs.builder()\n .vpcId(exampleVpc.id())\n .subnetIds( \n exampleA.id(),\n exampleB.id())\n .build())\n .build());\n\n final var workspaces = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()\n .statements(GetPolicyDocumentStatementArgs.builder()\n .actions(\"sts:AssumeRole\")\n .principals(GetPolicyDocumentStatementPrincipalArgs.builder()\n .type(\"Service\")\n .identifiers(\"workspaces.amazonaws.com\")\n .build())\n .build())\n .build());\n\n var workspacesDefault = new Role(\"workspacesDefault\", RoleArgs.builder() \n .name(\"workspaces_DefaultRole\")\n .assumeRolePolicy(workspaces.applyValue(getPolicyDocumentResult -\u003e getPolicyDocumentResult.json()))\n .build());\n\n var workspacesDefaultServiceAccess = new RolePolicyAttachment(\"workspacesDefaultServiceAccess\", RolePolicyAttachmentArgs.builder() \n .role(workspacesDefault.name())\n .policyArn(\"arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\")\n .build());\n\n var workspacesDefaultSelfServiceAccess = new RolePolicyAttachment(\"workspacesDefaultSelfServiceAccess\", RolePolicyAttachmentArgs.builder() \n .role(workspacesDefault.name())\n .policyArn(\"arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\")\n .build());\n\n var exampleC = new Subnet(\"exampleC\", SubnetArgs.builder() \n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1c\")\n .cidrBlock(\"10.0.2.0/24\")\n .build());\n\n var exampleD = new Subnet(\"exampleD\", SubnetArgs.builder() \n .vpcId(exampleVpc.id())\n .availabilityZone(\"us-east-1d\")\n .cidrBlock(\"10.0.3.0/24\")\n .build());\n\n var example = new Directory(\"example\", DirectoryArgs.builder() \n .directoryId(exampleDirectory.id())\n .subnetIds( \n exampleC.id(),\n exampleD.id())\n .tags(Map.of(\"Example\", true))\n .selfServicePermissions(DirectorySelfServicePermissionsArgs.builder()\n .changeComputeType(true)\n .increaseVolumeSize(true)\n .rebuildWorkspace(true)\n .restartWorkspace(true)\n .switchRunningMode(true)\n .build())\n .workspaceAccessProperties(DirectoryWorkspaceAccessPropertiesArgs.builder()\n .deviceTypeAndroid(\"ALLOW\")\n .deviceTypeChromeos(\"ALLOW\")\n .deviceTypeIos(\"ALLOW\")\n .deviceTypeLinux(\"DENY\")\n .deviceTypeOsx(\"ALLOW\")\n .deviceTypeWeb(\"DENY\")\n .deviceTypeWindows(\"DENY\")\n .deviceTypeZeroclient(\"DENY\")\n .build())\n .workspaceCreationProperties(DirectoryWorkspaceCreationPropertiesArgs.builder()\n .customSecurityGroupId(exampleAwsSecurityGroup.id())\n .defaultOu(\"OU=AWS,DC=Workgroup,DC=Example,DC=com\")\n .enableInternetAccess(true)\n .enableMaintenanceMode(true)\n .userEnabledAsLocalAdministrator(true)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n workspacesDefaultServiceAccess,\n workspacesDefaultSelfServiceAccess)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:workspaces:Directory\n properties:\n directoryId: ${exampleDirectory.id}\n subnetIds:\n - ${exampleC.id}\n - ${exampleD.id}\n tags:\n Example: true\n selfServicePermissions:\n changeComputeType: true\n increaseVolumeSize: true\n rebuildWorkspace: true\n restartWorkspace: true\n switchRunningMode: true\n workspaceAccessProperties:\n deviceTypeAndroid: ALLOW\n deviceTypeChromeos: ALLOW\n deviceTypeIos: ALLOW\n deviceTypeLinux: DENY\n deviceTypeOsx: ALLOW\n deviceTypeWeb: DENY\n deviceTypeWindows: DENY\n deviceTypeZeroclient: DENY\n workspaceCreationProperties:\n customSecurityGroupId: ${exampleAwsSecurityGroup.id}\n defaultOu: OU=AWS,DC=Workgroup,DC=Example,DC=com\n enableInternetAccess: true\n enableMaintenanceMode: true\n userEnabledAsLocalAdministrator: true\n options:\n dependson:\n - ${workspacesDefaultServiceAccess}\n - ${workspacesDefaultSelfServiceAccess}\n exampleDirectory:\n type: aws:directoryservice:Directory\n name: example\n properties:\n name: corp.example.com\n password: '#S1ncerely'\n size: Small\n vpcSettings:\n vpcId: ${exampleVpc.id}\n subnetIds:\n - ${exampleA.id}\n - ${exampleB.id}\n workspacesDefault:\n type: aws:iam:Role\n name: workspaces_default\n properties:\n name: workspaces_DefaultRole\n assumeRolePolicy: ${workspaces.json}\n workspacesDefaultServiceAccess:\n type: aws:iam:RolePolicyAttachment\n name: workspaces_default_service_access\n properties:\n role: ${workspacesDefault.name}\n policyArn: arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess\n workspacesDefaultSelfServiceAccess:\n type: aws:iam:RolePolicyAttachment\n name: workspaces_default_self_service_access\n properties:\n role: ${workspacesDefault.name}\n policyArn: arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess\n exampleVpc:\n type: aws:ec2:Vpc\n name: example\n properties:\n cidrBlock: 10.0.0.0/16\n exampleA:\n type: aws:ec2:Subnet\n name: example_a\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1a\n cidrBlock: 10.0.0.0/24\n exampleB:\n type: aws:ec2:Subnet\n name: example_b\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1b\n cidrBlock: 10.0.1.0/24\n exampleC:\n type: aws:ec2:Subnet\n name: example_c\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1c\n cidrBlock: 10.0.2.0/24\n exampleD:\n type: aws:ec2:Subnet\n name: example_d\n properties:\n vpcId: ${exampleVpc.id}\n availabilityZone: us-east-1d\n cidrBlock: 10.0.3.0/24\nvariables:\n workspaces:\n fn::invoke:\n Function: aws:iam:getPolicyDocument\n Arguments:\n statements:\n - actions:\n - sts:AssumeRole\n principals:\n - type: Service\n identifiers:\n - workspaces.amazonaws.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### IP Groups\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst exampleIpGroup = new aws.workspaces.IpGroup(\"example\", {name: \"example\"});\nconst example = new aws.workspaces.Directory(\"example\", {\n directoryId: exampleAwsDirectoryServiceDirectory.id,\n ipGroupIds: [exampleIpGroup.id],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample_ip_group = aws.workspaces.IpGroup(\"example\", name=\"example\")\nexample = aws.workspaces.Directory(\"example\",\n directory_id=example_aws_directory_service_directory[\"id\"],\n ip_group_ids=[example_ip_group.id])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleIpGroup = new Aws.Workspaces.IpGroup(\"example\", new()\n {\n Name = \"example\",\n });\n\n var example = new Aws.Workspaces.Directory(\"example\", new()\n {\n DirectoryId = exampleAwsDirectoryServiceDirectory.Id,\n IpGroupIds = new[]\n {\n exampleIpGroup.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/workspaces\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleIpGroup, err := workspaces.NewIpGroup(ctx, \"example\", \u0026workspaces.IpGroupArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = workspaces.NewDirectory(ctx, \"example\", \u0026workspaces.DirectoryArgs{\n\t\t\tDirectoryId: pulumi.Any(exampleAwsDirectoryServiceDirectory.Id),\n\t\t\tIpGroupIds: pulumi.StringArray{\n\t\t\t\texampleIpGroup.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.workspaces.IpGroup;\nimport com.pulumi.aws.workspaces.IpGroupArgs;\nimport com.pulumi.aws.workspaces.Directory;\nimport com.pulumi.aws.workspaces.DirectoryArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleIpGroup = new IpGroup(\"exampleIpGroup\", IpGroupArgs.builder() \n .name(\"example\")\n .build());\n\n var example = new Directory(\"example\", DirectoryArgs.builder() \n .directoryId(exampleAwsDirectoryServiceDirectory.id())\n .ipGroupIds(exampleIpGroup.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:workspaces:Directory\n properties:\n directoryId: ${exampleAwsDirectoryServiceDirectory.id}\n ipGroupIds:\n - ${exampleIpGroup.id}\n exampleIpGroup:\n type: aws:workspaces:IpGroup\n name: example\n properties:\n name: example\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nUsing `pulumi import`, import Workspaces directory using the directory ID. For example:\n\n```sh\n$ pulumi import aws:workspaces/directory:Directory main d-4444444444\n```\n", "properties": { "alias": { "type": "string", @@ -373036,7 +373036,7 @@ } }, "aws:iam/getPrincipalPolicySimulation:getPrincipalPolicySimulation": { - "description": "Runs a simulation of the IAM policies of a particular principal against a given hypothetical request.\n\nYou can use this data source in conjunction with\nPreconditions and Postconditions so that your configuration can test either whether it should have sufficient access to do its own work, or whether policies your configuration declares itself are sufficient for their intended use elsewhere.\n\n\u003e **Note:** Correctly using this data source requires familiarity with various details of AWS Identity and Access Management, and how various AWS services integrate with it. For general information on the AWS IAM policy simulator, see [Testing IAM policies with the IAM policy simulator](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html). This data source wraps the `iam:SimulatePrincipalPolicy` API action described on that page.\n\n## Example Usage\n\n### Self Access-checking Example\n\nThe following example raises an error if the credentials passed to the AWS provider do not have access to perform the three actions `s3:GetObject`, `s3:PutObject`, and `s3:DeleteObject` on the S3 bucket with the given ARN.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst s3ObjectAccess = current.then(current =\u003e aws.iam.getPrincipalPolicySimulation({\n actionNames: [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n policySourceArn: current.arn,\n resourceArns: [\"arn:aws:s3:::my-test-bucket\"],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ns3_object_access = aws.iam.get_principal_policy_simulation(action_names=[\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n policy_source_arn=current.arn,\n resource_arns=[\"arn:aws:s3:::my-test-bucket\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var s3ObjectAccess = Aws.Iam.GetPrincipalPolicySimulation.Invoke(new()\n {\n ActionNames = new[]\n {\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n },\n PolicySourceArn = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n ResourceArns = new[]\n {\n \"arn:aws:s3:::my-test-bucket\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.LookupPrincipalPolicySimulation(ctx, \u0026iam.LookupPrincipalPolicySimulationArgs{\n\t\t\tActionNames: []string{\n\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\"s3:PutObject\",\n\t\t\t\t\"s3:DeleteObject\",\n\t\t\t},\n\t\t\tPolicySourceArn: current.Arn,\n\t\t\tResourceArns: []string{\n\t\t\t\t\"arn:aws:s3:::my-test-bucket\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPrincipalPolicySimulationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var s3ObjectAccess = IamFunctions.getPrincipalPolicySimulation(GetPrincipalPolicySimulationArgs.builder()\n .actionNames( \n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\")\n .policySourceArn(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn()))\n .resourceArns(\"arn:aws:s3:::my-test-bucket\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n s3ObjectAccess:\n fn::invoke:\n Function: aws:iam:getPrincipalPolicySimulation\n Arguments:\n actionNames:\n - s3:GetObject\n - s3:PutObject\n - s3:DeleteObject\n policySourceArn: ${current.arn}\n resourceArns:\n - arn:aws:s3:::my-test-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nIf you intend to use this data source to quickly raise an error when the given credentials are insufficient then you must use `depends_on` inside any resource which would require those credentials, to ensure that the policy check will run first:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketObject(\"example\", {bucket: \"my-test-bucket\"});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketObject(\"example\", bucket=\"my-test-bucket\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketObject(\"example\", new()\n {\n Bucket = \"my-test-bucket\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: pulumi.Any(\"my-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketObject(\"example\", BucketObjectArgs.builder() \n .bucket(\"my-test-bucket\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketObject\n properties:\n bucket: my-test-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Testing the Effect of a Declared Policy\n\nThe following example declares an S3 bucket and a user that should have access to the bucket, and then uses `aws.iam.getPrincipalPolicySimulation` to verify that the user does indeed have access to perform needed operations against the bucket.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.iam.User(\"example\", {name: \"example\"});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"my-test-bucket\"});\nconst s3Access = new aws.iam.UserPolicy(\"s3_access\", {\n name: \"example_s3_access\",\n user: example.name,\n policy: pulumi.jsonStringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"s3:GetObject\",\n effect: \"Allow\",\n resource: exampleBucketV2.arn,\n }],\n }),\n});\nconst accountAccess = new aws.s3.BucketPolicy(\"account_access\", {\n bucket: exampleBucketV2.bucket,\n policy: pulumi.jsonStringify({\n version: \"2012-10-17\",\n statement: [{\n action: \"s3:*\",\n effect: \"Allow\",\n principal: {\n AWS: current.then(current =\u003e current.accountId),\n },\n resource: [\n exampleBucketV2.arn,\n pulumi.interpolate`${exampleBucketV2.arn}/*`,\n ],\n }],\n }),\n});\nconst s3ObjectAccess = aws.iam.getPrincipalPolicySimulationOutput({\n actionNames: [\"s3:GetObject\"],\n policySourceArn: example.arn,\n resourceArns: [exampleBucketV2.arn],\n resourcePolicyJson: accountAccess.policy,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.iam.User(\"example\", name=\"example\")\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"my-test-bucket\")\ns3_access = aws.iam.UserPolicy(\"s3_access\",\n name=\"example_s3_access\",\n user=example.name,\n policy=pulumi.Output.json_dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"s3:GetObject\",\n \"effect\": \"Allow\",\n \"resource\": example_bucket_v2.arn,\n }],\n }))\naccount_access = aws.s3.BucketPolicy(\"account_access\",\n bucket=example_bucket_v2.bucket,\n policy=pulumi.Output.json_dumps({\n \"version\": \"2012-10-17\",\n \"statement\": [{\n \"action\": \"s3:*\",\n \"effect\": \"Allow\",\n \"principal\": {\n \"AWS\": current.account_id,\n },\n \"resource\": [\n example_bucket_v2.arn,\n example_bucket_v2.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n }],\n }))\ns3_object_access = aws.iam.get_principal_policy_simulation_output(action_names=[\"s3:GetObject\"],\n policy_source_arn=example.arn,\n resource_arns=[example_bucket_v2.arn],\n resource_policy_json=account_access.policy)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Iam.User(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-test-bucket\",\n });\n\n var s3Access = new Aws.Iam.UserPolicy(\"s3_access\", new()\n {\n Name = \"example_s3_access\",\n User = example.Name,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"s3:GetObject\",\n [\"effect\"] = \"Allow\",\n [\"resource\"] = exampleBucketV2.Arn,\n },\n },\n })),\n });\n\n var accountAccess = new Aws.S3.BucketPolicy(\"account_access\", new()\n {\n Bucket = exampleBucketV2.Bucket,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"version\"] = \"2012-10-17\",\n [\"statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"action\"] = \"s3:*\",\n [\"effect\"] = \"Allow\",\n [\"principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"resource\"] = new[]\n {\n exampleBucketV2.Arn,\n exampleBucketV2.Arn.Apply(arn =\u003e $\"{arn}/*\"),\n },\n },\n },\n })),\n });\n\n var s3ObjectAccess = Aws.Iam.GetPrincipalPolicySimulation.Invoke(new()\n {\n ActionNames = new[]\n {\n \"s3:GetObject\",\n },\n PolicySourceArn = example.Arn,\n ResourceArns = new[]\n {\n exampleBucketV2.Arn,\n },\n ResourcePolicyJson = accountAccess.Policy,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewUser(ctx, \"example\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserPolicy(ctx, \"s3_access\", \u0026iam.UserPolicyArgs{\n\t\t\tName: pulumi.String(\"example_s3_access\"),\n\t\t\tUser: example.Name,\n\t\t\tPolicy: exampleBucketV2.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"action\": \"s3:GetObject\",\n\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\"resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taccountAccess, err := s3.NewBucketPolicy(ctx, \"account_access\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucketV2.Bucket,\n\t\t\tPolicy: pulumi.All(exampleBucketV2.Arn, exampleBucketV2.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\texampleBucketV2Arn := _args[0].(string)\n\t\t\t\texampleBucketV2Arn1 := _args[1].(string)\n\t\t\t\tvar _zero string\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"version\": \"2012-10-17\",\n\t\t\t\t\t\"statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"action\": \"s3:*\",\n\t\t\t\t\t\t\t\"effect\": \"Allow\",\n\t\t\t\t\t\t\t\"principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": current.AccountId,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"resource\": []string{\n\t\t\t\t\t\t\t\texampleBucketV2Arn,\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"%v/*\", exampleBucketV2Arn1),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn json1, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = iam.LookupPrincipalPolicySimulationOutput(ctx, iam.GetPrincipalPolicySimulationOutputArgs{\n\t\t\tActionNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"s3:GetObject\"),\n\t\t\t},\n\t\t\tPolicySourceArn: example.Arn,\n\t\t\tResourceArns: pulumi.StringArray{\n\t\t\t\texampleBucketV2.Arn,\n\t\t\t},\n\t\t\tResourcePolicyJson: accountAccess.Policy,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.UserPolicy;\nimport com.pulumi.aws.iam.UserPolicyArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPrincipalPolicySimulationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new User(\"example\", UserArgs.builder() \n .name(\"example\")\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"my-test-bucket\")\n .build());\n\n var s3Access = new UserPolicy(\"s3Access\", UserPolicyArgs.builder() \n .name(\"example_s3_access\")\n .user(example.name())\n .policy(exampleBucketV2.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"s3:GetObject\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"resource\", arn)\n )))\n ))))\n .build());\n\n var accountAccess = new BucketPolicy(\"accountAccess\", BucketPolicyArgs.builder() \n .bucket(exampleBucketV2.bucket())\n .policy(Output.tuple(exampleBucketV2.arn(), exampleBucketV2.arn()).applyValue(values -\u003e {\n var exampleBucketV2Arn = values.t1;\n var exampleBucketV2Arn1 = values.t2;\n return serializeJson(\n jsonObject(\n jsonProperty(\"version\", \"2012-10-17\"),\n jsonProperty(\"statement\", jsonArray(jsonObject(\n jsonProperty(\"action\", \"s3:*\"),\n jsonProperty(\"effect\", \"Allow\"),\n jsonProperty(\"principal\", jsonObject(\n jsonProperty(\"AWS\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n )),\n jsonProperty(\"resource\", jsonArray(\n exampleBucketV2Arn, \n String.format(\"%s/*\", exampleBucketV2Arn1)\n ))\n )))\n ));\n }))\n .build());\n\n final var s3ObjectAccess = IamFunctions.getPrincipalPolicySimulation(GetPrincipalPolicySimulationArgs.builder()\n .actionNames(\"s3:GetObject\")\n .policySourceArn(example.arn())\n .resourceArns(exampleBucketV2.arn())\n .resourcePolicyJson(accountAccess.policy())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:User\n properties:\n name: example\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: my-test-bucket\n s3Access:\n type: aws:iam:UserPolicy\n name: s3_access\n properties:\n name: example_s3_access\n user: ${example.name}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: s3:GetObject\n effect: Allow\n resource: ${exampleBucketV2.arn}\n accountAccess:\n type: aws:s3:BucketPolicy\n name: account_access\n properties:\n bucket: ${exampleBucketV2.bucket}\n policy:\n fn::toJSON:\n version: 2012-10-17\n statement:\n - action: s3:*\n effect: Allow\n principal:\n AWS: ${current.accountId}\n resource:\n - ${exampleBucketV2.arn}\n - ${exampleBucketV2.arn}/*\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n s3ObjectAccess:\n fn::invoke:\n Function: aws:iam:getPrincipalPolicySimulation\n Arguments:\n actionNames:\n - s3:GetObject\n policySourceArn: ${example.arn}\n resourceArns:\n - ${exampleBucketV2.arn}\n resourcePolicyJson: ${accountAccess.policy}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWhen using `aws.iam.getPrincipalPolicySimulation` to test the effect of a policy declared elsewhere in the same configuration, it's important to use `depends_on` to make sure that the needed policy has been fully created or updated before running the simulation.\n", + "description": "Runs a simulation of the IAM policies of a particular principal against a given hypothetical request.\n\nYou can use this data source in conjunction with\nPreconditions and Postconditions so that your configuration can test either whether it should have sufficient access to do its own work, or whether policies your configuration declares itself are sufficient for their intended use elsewhere.\n\n\u003e **Note:** Correctly using this data source requires familiarity with various details of AWS Identity and Access Management, and how various AWS services integrate with it. For general information on the AWS IAM policy simulator, see [Testing IAM policies with the IAM policy simulator](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html). This data source wraps the `iam:SimulatePrincipalPolicy` API action described on that page.\n\n## Example Usage\n\n### Self Access-checking Example\n\nThe following example raises an error if the credentials passed to the AWS provider do not have access to perform the three actions `s3:GetObject`, `s3:PutObject`, and `s3:DeleteObject` on the S3 bucket with the given ARN.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst s3ObjectAccess = current.then(current =\u003e aws.iam.getPrincipalPolicySimulation({\n actionNames: [\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n policySourceArn: current.arn,\n resourceArns: [\"arn:aws:s3:::my-test-bucket\"],\n}));\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\ns3_object_access = aws.iam.get_principal_policy_simulation(action_names=[\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n ],\n policy_source_arn=current.arn,\n resource_arns=[\"arn:aws:s3:::my-test-bucket\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var s3ObjectAccess = Aws.Iam.GetPrincipalPolicySimulation.Invoke(new()\n {\n ActionNames = new[]\n {\n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\",\n },\n PolicySourceArn = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.Arn),\n ResourceArns = new[]\n {\n \"arn:aws:s3:::my-test-bucket\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.LookupPrincipalPolicySimulation(ctx, \u0026iam.LookupPrincipalPolicySimulationArgs{\n\t\t\tActionNames: []string{\n\t\t\t\t\"s3:GetObject\",\n\t\t\t\t\"s3:PutObject\",\n\t\t\t\t\"s3:DeleteObject\",\n\t\t\t},\n\t\t\tPolicySourceArn: current.Arn,\n\t\t\tResourceArns: []string{\n\t\t\t\t\"arn:aws:s3:::my-test-bucket\",\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPrincipalPolicySimulationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n final var s3ObjectAccess = IamFunctions.getPrincipalPolicySimulation(GetPrincipalPolicySimulationArgs.builder()\n .actionNames( \n \"s3:GetObject\",\n \"s3:PutObject\",\n \"s3:DeleteObject\")\n .policySourceArn(current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.arn()))\n .resourceArns(\"arn:aws:s3:::my-test-bucket\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n s3ObjectAccess:\n fn::invoke:\n Function: aws:iam:getPrincipalPolicySimulation\n Arguments:\n actionNames:\n - s3:GetObject\n - s3:PutObject\n - s3:DeleteObject\n policySourceArn: ${current.arn}\n resourceArns:\n - arn:aws:s3:::my-test-bucket\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nIf you intend to use this data source to quickly raise an error when the given credentials are insufficient then you must use `depends_on` inside any resource which would require those credentials, to ensure that the policy check will run first:\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst example = new aws.s3.BucketObject(\"example\", {bucket: \"my-test-bucket\"}, {\n dependsOn: [s3ObjectAccess],\n});\n```\n```python\nimport pulumi\nimport pulumi_aws as aws\n\nexample = aws.s3.BucketObject(\"example\", bucket=\"my-test-bucket\",\nopts=pulumi.ResourceOptions(depends_on=[s3_object_access]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Aws.S3.BucketObject(\"example\", new()\n {\n Bucket = \"my-test-bucket\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n s3ObjectAccess, \n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := s3.NewBucketObject(ctx, \"example\", \u0026s3.BucketObjectArgs{\n\t\t\tBucket: pulumi.Any(\"my-test-bucket\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\ts3ObjectAccess,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.s3.BucketObject;\nimport com.pulumi.aws.s3.BucketObjectArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new BucketObject(\"example\", BucketObjectArgs.builder() \n .bucket(\"my-test-bucket\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(s3ObjectAccess)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:s3:BucketObject\n properties:\n bucket: my-test-bucket\n options:\n dependson:\n - ${s3ObjectAccess}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n### Testing the Effect of a Declared Policy\n\nThe following example declares an S3 bucket and a user that should have access to the bucket, and then uses `aws.iam.getPrincipalPolicySimulation` to verify that the user does indeed have access to perform needed operations against the bucket.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as aws from \"@pulumi/aws\";\n\nconst current = aws.getCallerIdentity({});\nconst example = new aws.iam.User(\"example\", {name: \"example\"});\nconst exampleBucketV2 = new aws.s3.BucketV2(\"example\", {bucket: \"my-test-bucket\"});\nconst s3Access = new aws.iam.UserPolicy(\"s3_access\", {\n name: \"example_s3_access\",\n user: example.name,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"s3:GetObject\",\n Effect: \"Allow\",\n Resource: exampleBucketV2.arn,\n }],\n }),\n});\nconst accountAccess = new aws.s3.BucketPolicy(\"account_access\", {\n bucket: exampleBucketV2.bucket,\n policy: pulumi.jsonStringify({\n Version: \"2012-10-17\",\n Statement: [{\n Action: \"s3:*\",\n Effect: \"Allow\",\n Principal: {\n AWS: current.then(current =\u003e current.accountId),\n },\n Resource: [\n exampleBucketV2.arn,\n pulumi.interpolate`${exampleBucketV2.arn}/*`,\n ],\n }],\n }),\n});\nconst s3ObjectAccess = aws.iam.getPrincipalPolicySimulationOutput({\n actionNames: [\"s3:GetObject\"],\n policySourceArn: example.arn,\n resourceArns: [exampleBucketV2.arn],\n resourcePolicyJson: accountAccess.policy,\n});\n```\n```python\nimport pulumi\nimport json\nimport pulumi_aws as aws\n\ncurrent = aws.get_caller_identity()\nexample = aws.iam.User(\"example\", name=\"example\")\nexample_bucket_v2 = aws.s3.BucketV2(\"example\", bucket=\"my-test-bucket\")\ns3_access = aws.iam.UserPolicy(\"s3_access\",\n name=\"example_s3_access\",\n user=example.name,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"s3:GetObject\",\n \"Effect\": \"Allow\",\n \"Resource\": example_bucket_v2.arn,\n }],\n }))\naccount_access = aws.s3.BucketPolicy(\"account_access\",\n bucket=example_bucket_v2.bucket,\n policy=pulumi.Output.json_dumps({\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Action\": \"s3:*\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": current.account_id,\n },\n \"Resource\": [\n example_bucket_v2.arn,\n example_bucket_v2.arn.apply(lambda arn: f\"{arn}/*\"),\n ],\n }],\n }))\ns3_object_access = aws.iam.get_principal_policy_simulation_output(action_names=[\"s3:GetObject\"],\n policy_source_arn=example.arn,\n resource_arns=[example_bucket_v2.arn],\n resource_policy_json=account_access.policy)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing System.Text.Json;\nusing Pulumi;\nusing Aws = Pulumi.Aws;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Aws.GetCallerIdentity.Invoke();\n\n var example = new Aws.Iam.User(\"example\", new()\n {\n Name = \"example\",\n });\n\n var exampleBucketV2 = new Aws.S3.BucketV2(\"example\", new()\n {\n Bucket = \"my-test-bucket\",\n });\n\n var s3Access = new Aws.Iam.UserPolicy(\"s3_access\", new()\n {\n Name = \"example_s3_access\",\n User = example.Name,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"s3:GetObject\",\n [\"Effect\"] = \"Allow\",\n [\"Resource\"] = exampleBucketV2.Arn,\n },\n },\n })),\n });\n\n var accountAccess = new Aws.S3.BucketPolicy(\"account_access\", new()\n {\n Bucket = exampleBucketV2.Bucket,\n Policy = Output.JsonSerialize(Output.Create(new Dictionary\u003cstring, object?\u003e\n {\n [\"Version\"] = \"2012-10-17\",\n [\"Statement\"] = new[]\n {\n new Dictionary\u003cstring, object?\u003e\n {\n [\"Action\"] = \"s3:*\",\n [\"Effect\"] = \"Allow\",\n [\"Principal\"] = new Dictionary\u003cstring, object?\u003e\n {\n [\"AWS\"] = current.Apply(getCallerIdentityResult =\u003e getCallerIdentityResult.AccountId),\n },\n [\"Resource\"] = new[]\n {\n exampleBucketV2.Arn,\n exampleBucketV2.Arn.Apply(arn =\u003e $\"{arn}/*\"),\n },\n },\n },\n })),\n });\n\n var s3ObjectAccess = Aws.Iam.GetPrincipalPolicySimulation.Invoke(new()\n {\n ActionNames = new[]\n {\n \"s3:GetObject\",\n },\n PolicySourceArn = example.Arn,\n ResourceArns = new[]\n {\n exampleBucketV2.Arn,\n },\n ResourcePolicyJson = accountAccess.Policy,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/json\"\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam\"\n\t\"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := aws.GetCallerIdentity(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texample, err := iam.NewUser(ctx, \"example\", \u0026iam.UserArgs{\n\t\t\tName: pulumi.String(\"example\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleBucketV2, err := s3.NewBucketV2(ctx, \"example\", \u0026s3.BucketV2Args{\n\t\t\tBucket: pulumi.String(\"my-test-bucket\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = iam.NewUserPolicy(ctx, \"s3_access\", \u0026iam.UserPolicyArgs{\n\t\t\tName: pulumi.String(\"example_s3_access\"),\n\t\t\tUser: example.Name,\n\t\t\tPolicy: exampleBucketV2.Arn.ApplyT(func(arn string) (pulumi.String, error) {\n\t\t\t\tvar _zero pulumi.String\n\t\t\t\ttmpJSON0, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Action\": \"s3:GetObject\",\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Resource\": arn,\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson0 := string(tmpJSON0)\n\t\t\t\treturn pulumi.String(json0), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taccountAccess, err := s3.NewBucketPolicy(ctx, \"account_access\", \u0026s3.BucketPolicyArgs{\n\t\t\tBucket: exampleBucketV2.Bucket,\n\t\t\tPolicy: pulumi.All(exampleBucketV2.Arn, exampleBucketV2.Arn).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\texampleBucketV2Arn := _args[0].(string)\n\t\t\t\texampleBucketV2Arn1 := _args[1].(string)\n\t\t\t\tvar _zero string\n\t\t\t\ttmpJSON1, err := json.Marshal(map[string]interface{}{\n\t\t\t\t\t\"Version\": \"2012-10-17\",\n\t\t\t\t\t\"Statement\": []map[string]interface{}{\n\t\t\t\t\t\tmap[string]interface{}{\n\t\t\t\t\t\t\t\"Action\": \"s3:*\",\n\t\t\t\t\t\t\t\"Effect\": \"Allow\",\n\t\t\t\t\t\t\t\"Principal\": map[string]interface{}{\n\t\t\t\t\t\t\t\t\"AWS\": current.AccountId,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\"Resource\": []string{\n\t\t\t\t\t\t\t\texampleBucketV2Arn,\n\t\t\t\t\t\t\t\tfmt.Sprintf(\"%v/*\", exampleBucketV2Arn1),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t})\n\t\t\t\tif err != nil {\n\t\t\t\t\treturn _zero, err\n\t\t\t\t}\n\t\t\t\tjson1 := string(tmpJSON1)\n\t\t\t\treturn json1, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_ = iam.LookupPrincipalPolicySimulationOutput(ctx, iam.GetPrincipalPolicySimulationOutputArgs{\n\t\t\tActionNames: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"s3:GetObject\"),\n\t\t\t},\n\t\t\tPolicySourceArn: example.Arn,\n\t\t\tResourceArns: pulumi.StringArray{\n\t\t\t\texampleBucketV2.Arn,\n\t\t\t},\n\t\t\tResourcePolicyJson: accountAccess.Policy,\n\t\t}, nil)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.aws.AwsFunctions;\nimport com.pulumi.aws.inputs.GetCallerIdentityArgs;\nimport com.pulumi.aws.iam.User;\nimport com.pulumi.aws.iam.UserArgs;\nimport com.pulumi.aws.s3.BucketV2;\nimport com.pulumi.aws.s3.BucketV2Args;\nimport com.pulumi.aws.iam.UserPolicy;\nimport com.pulumi.aws.iam.UserPolicyArgs;\nimport com.pulumi.aws.s3.BucketPolicy;\nimport com.pulumi.aws.s3.BucketPolicyArgs;\nimport com.pulumi.aws.iam.IamFunctions;\nimport com.pulumi.aws.iam.inputs.GetPrincipalPolicySimulationArgs;\nimport static com.pulumi.codegen.internal.Serialization.*;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = AwsFunctions.getCallerIdentity();\n\n var example = new User(\"example\", UserArgs.builder() \n .name(\"example\")\n .build());\n\n var exampleBucketV2 = new BucketV2(\"exampleBucketV2\", BucketV2Args.builder() \n .bucket(\"my-test-bucket\")\n .build());\n\n var s3Access = new UserPolicy(\"s3Access\", UserPolicyArgs.builder() \n .name(\"example_s3_access\")\n .user(example.name())\n .policy(exampleBucketV2.arn().applyValue(arn -\u003e serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"s3:GetObject\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Resource\", arn)\n )))\n ))))\n .build());\n\n var accountAccess = new BucketPolicy(\"accountAccess\", BucketPolicyArgs.builder() \n .bucket(exampleBucketV2.bucket())\n .policy(Output.tuple(exampleBucketV2.arn(), exampleBucketV2.arn()).applyValue(values -\u003e {\n var exampleBucketV2Arn = values.t1;\n var exampleBucketV2Arn1 = values.t2;\n return serializeJson(\n jsonObject(\n jsonProperty(\"Version\", \"2012-10-17\"),\n jsonProperty(\"Statement\", jsonArray(jsonObject(\n jsonProperty(\"Action\", \"s3:*\"),\n jsonProperty(\"Effect\", \"Allow\"),\n jsonProperty(\"Principal\", jsonObject(\n jsonProperty(\"AWS\", current.applyValue(getCallerIdentityResult -\u003e getCallerIdentityResult.accountId()))\n )),\n jsonProperty(\"Resource\", jsonArray(\n exampleBucketV2Arn, \n String.format(\"%s/*\", exampleBucketV2Arn1)\n ))\n )))\n ));\n }))\n .build());\n\n final var s3ObjectAccess = IamFunctions.getPrincipalPolicySimulation(GetPrincipalPolicySimulationArgs.builder()\n .actionNames(\"s3:GetObject\")\n .policySourceArn(example.arn())\n .resourceArns(exampleBucketV2.arn())\n .resourcePolicyJson(accountAccess.policy())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: aws:iam:User\n properties:\n name: example\n exampleBucketV2:\n type: aws:s3:BucketV2\n name: example\n properties:\n bucket: my-test-bucket\n s3Access:\n type: aws:iam:UserPolicy\n name: s3_access\n properties:\n name: example_s3_access\n user: ${example.name}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: s3:GetObject\n Effect: Allow\n Resource: ${exampleBucketV2.arn}\n accountAccess:\n type: aws:s3:BucketPolicy\n name: account_access\n properties:\n bucket: ${exampleBucketV2.bucket}\n policy:\n fn::toJSON:\n Version: 2012-10-17\n Statement:\n - Action: s3:*\n Effect: Allow\n Principal:\n AWS: ${current.accountId}\n Resource:\n - ${exampleBucketV2.arn}\n - ${exampleBucketV2.arn}/*\nvariables:\n current:\n fn::invoke:\n Function: aws:getCallerIdentity\n Arguments: {}\n s3ObjectAccess:\n fn::invoke:\n Function: aws:iam:getPrincipalPolicySimulation\n Arguments:\n actionNames:\n - s3:GetObject\n policySourceArn: ${example.arn}\n resourceArns:\n - ${exampleBucketV2.arn}\n resourcePolicyJson: ${accountAccess.policy}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nWhen using `aws.iam.getPrincipalPolicySimulation` to test the effect of a policy declared elsewhere in the same configuration, it's important to use `depends_on` to make sure that the needed policy has been fully created or updated before running the simulation.\n", "inputs": { "description": "A collection of arguments for invoking getPrincipalPolicySimulation.\n", "properties": { diff --git a/sdk/dotnet/AccessAnalyzer/Analyzer.cs b/sdk/dotnet/AccessAnalyzer/Analyzer.cs index 3897803a061..bf0ba05e001 100644 --- a/sdk/dotnet/AccessAnalyzer/Analyzer.cs +++ b/sdk/dotnet/AccessAnalyzer/Analyzer.cs @@ -57,6 +57,12 @@ namespace Pulumi.Aws.AccessAnalyzer /// { /// AnalyzerName = "example", /// Type = "ORGANIZATION", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Acmpca/CertificateAuthority.cs b/sdk/dotnet/Acmpca/CertificateAuthority.cs index ad7d231e347..410b57ebad1 100644 --- a/sdk/dotnet/Acmpca/CertificateAuthority.cs +++ b/sdk/dotnet/Acmpca/CertificateAuthority.cs @@ -152,6 +152,12 @@ namespace Pulumi.Aws.Acmpca /// S3ObjectAcl = "BUCKET_OWNER_FULL_CONTROL", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleBucketPolicy, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Alb/TargetGroupAttachment.cs b/sdk/dotnet/Alb/TargetGroupAttachment.cs index f3517cc994e..cb775238457 100644 --- a/sdk/dotnet/Alb/TargetGroupAttachment.cs +++ b/sdk/dotnet/Alb/TargetGroupAttachment.cs @@ -74,6 +74,12 @@ namespace Pulumi.Aws.Alb /// { /// TargetGroupArn = test.Arn, /// TargetId = testFunction.Arn, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// withLb, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/ApiGateway/DocumentationVersion.cs b/sdk/dotnet/ApiGateway/DocumentationVersion.cs index 8580a82ca15..bb787b00300 100644 --- a/sdk/dotnet/ApiGateway/DocumentationVersion.cs +++ b/sdk/dotnet/ApiGateway/DocumentationVersion.cs @@ -28,13 +28,6 @@ namespace Pulumi.Aws.ApiGateway /// Name = "example_api", /// }); /// - /// var example = new Aws.ApiGateway.DocumentationVersion("example", new() - /// { - /// Version = "example_version", - /// RestApiId = exampleRestApi.Id, - /// Description = "Example description", - /// }); - /// /// var exampleDocumentationPart = new Aws.ApiGateway.DocumentationPart("example", new() /// { /// Location = new Aws.ApiGateway.Inputs.DocumentationPartLocationArgs @@ -45,6 +38,19 @@ namespace Pulumi.Aws.ApiGateway /// RestApiId = exampleRestApi.Id, /// }); /// + /// var example = new Aws.ApiGateway.DocumentationVersion("example", new() + /// { + /// Version = "example_version", + /// RestApiId = exampleRestApi.Id, + /// Description = "Example description", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleDocumentationPart, + /// }, + /// }); + /// /// }); /// ``` /// <!--End PulumiCodeChooser --> diff --git a/sdk/dotnet/ApiGateway/MethodResponse.cs b/sdk/dotnet/ApiGateway/MethodResponse.cs index ebdb829d3c9..0e539520993 100644 --- a/sdk/dotnet/ApiGateway/MethodResponse.cs +++ b/sdk/dotnet/ApiGateway/MethodResponse.cs @@ -120,7 +120,7 @@ namespace Pulumi.Aws.ApiGateway /// ["type"] = "object", /// ["properties"] = new Dictionary<string, object?> /// { - /// ["message"] = new Dictionary<string, object?> + /// ["Message"] = new Dictionary<string, object?> /// { /// ["type"] = "string", /// }, diff --git a/sdk/dotnet/ApiGateway/Stage.cs b/sdk/dotnet/ApiGateway/Stage.cs index 3dde129a29c..31a5e2e7bcc 100644 --- a/sdk/dotnet/ApiGateway/Stage.cs +++ b/sdk/dotnet/ApiGateway/Stage.cs @@ -107,17 +107,23 @@ namespace Pulumi.Aws.ApiGateway /// var stageName = config.Get("stageName") ?? "example"; /// var example = new Aws.ApiGateway.RestApi("example"); /// - /// var exampleStage = new Aws.ApiGateway.Stage("example", new() - /// { - /// StageName = stageName, - /// }); - /// /// var exampleLogGroup = new Aws.CloudWatch.LogGroup("example", new() /// { /// Name = example.Id.Apply(id => $"API-Gateway-Execution-Logs_{id}/{stageName}"), /// RetentionInDays = 7, /// }); /// + /// var exampleStage = new Aws.ApiGateway.Stage("example", new() + /// { + /// StageName = stageName, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleLogGroup, + /// }, + /// }); + /// /// }); /// ``` /// <!--End PulumiCodeChooser --> diff --git a/sdk/dotnet/AppFlow/ConnectorProfile.cs b/sdk/dotnet/AppFlow/ConnectorProfile.cs index 86d437bd59a..1f6fedbe5a9 100644 --- a/sdk/dotnet/AppFlow/ConnectorProfile.cs +++ b/sdk/dotnet/AppFlow/ConnectorProfile.cs @@ -42,17 +42,17 @@ namespace Pulumi.Aws.AppFlow /// }, /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "ec2.amazonaws.com", + /// ["Service"] = "ec2.amazonaws.com", /// }, /// }, /// }, diff --git a/sdk/dotnet/ApplicationInsights/Application.cs b/sdk/dotnet/ApplicationInsights/Application.cs index b3173732949..8c9f6d77f97 100644 --- a/sdk/dotnet/ApplicationInsights/Application.cs +++ b/sdk/dotnet/ApplicationInsights/Application.cs @@ -31,16 +31,16 @@ namespace Pulumi.Aws.ApplicationInsights /// { /// Query = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["resourceTypeFilters"] = new[] + /// ["ResourceTypeFilters"] = new[] /// { /// "AWS::EC2::Instance", /// }, - /// ["tagFilters"] = new[] + /// ["TagFilters"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["key"] = "Stage", - /// ["values"] = new[] + /// ["Key"] = "Stage", + /// ["Values"] = new[] /// { /// "Test", /// }, diff --git a/sdk/dotnet/Batch/ComputeEnvironment.cs b/sdk/dotnet/Batch/ComputeEnvironment.cs index 597276b4e82..39d639de811 100644 --- a/sdk/dotnet/Batch/ComputeEnvironment.cs +++ b/sdk/dotnet/Batch/ComputeEnvironment.cs @@ -173,6 +173,12 @@ namespace Pulumi.Aws.Batch /// }, /// ServiceRole = awsBatchServiceRole.Arn, /// Type = "MANAGED", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// awsBatchServiceRoleRolePolicyAttachment, + /// }, /// }); /// /// }); @@ -206,8 +212,14 @@ namespace Pulumi.Aws.Batch /// }, /// Type = "FARGATE", /// }, - /// ServiceRole = awsBatchServiceRole.Arn, + /// ServiceRole = awsBatchServiceRoleAwsIamRole.Arn, /// Type = "MANAGED", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// awsBatchServiceRole, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Cfg/ConfigurationAggregator.cs b/sdk/dotnet/Cfg/ConfigurationAggregator.cs index ed50917586d..269deb28796 100644 --- a/sdk/dotnet/Cfg/ConfigurationAggregator.cs +++ b/sdk/dotnet/Cfg/ConfigurationAggregator.cs @@ -88,6 +88,12 @@ namespace Pulumi.Aws.Cfg /// AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json), /// }); /// + /// var organizationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("organization", new() + /// { + /// Role = organizationRole.Name, + /// PolicyArn = "arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations", + /// }); + /// /// var organization = new Aws.Cfg.ConfigurationAggregator("organization", new() /// { /// Name = "example", @@ -96,12 +102,12 @@ namespace Pulumi.Aws.Cfg /// AllRegions = true, /// RoleArn = organizationRole.Arn, /// }, - /// }); - /// - /// var organizationRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("organization", new() + /// }, new CustomResourceOptions /// { - /// Role = organizationRole.Name, - /// PolicyArn = "arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations", + /// DependsOn = + /// { + /// organizationRolePolicyAttachment, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Cfg/ConformancePack.cs b/sdk/dotnet/Cfg/ConformancePack.cs index 06341713f2e..ac708d6352a 100644 --- a/sdk/dotnet/Cfg/ConformancePack.cs +++ b/sdk/dotnet/Cfg/ConformancePack.cs @@ -55,6 +55,12 @@ namespace Pulumi.Aws.Cfg /// SourceIdentifier: IAM_PASSWORD_POLICY /// Type: AWS::Config::ConfigRule /// ", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsConfigConfigurationRecorder, + /// }, /// }); /// /// }); @@ -101,6 +107,12 @@ namespace Pulumi.Aws.Cfg /// var key = values.Item2; /// return $"s3://{bucket}/{key}"; /// }), + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsConfigConfigurationRecorder, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Cfg/DeliveryChannel.cs b/sdk/dotnet/Cfg/DeliveryChannel.cs index a1aaea79148..6b69c35c215 100644 --- a/sdk/dotnet/Cfg/DeliveryChannel.cs +++ b/sdk/dotnet/Cfg/DeliveryChannel.cs @@ -31,12 +31,6 @@ namespace Pulumi.Aws.Cfg /// ForceDestroy = true, /// }); /// - /// var foo = new Aws.Cfg.DeliveryChannel("foo", new() - /// { - /// Name = "example", - /// S3BucketName = b.Bucket, - /// }); - /// /// var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new() /// { /// Statements = new[] @@ -75,6 +69,18 @@ namespace Pulumi.Aws.Cfg /// RoleArn = r.Arn, /// }); /// + /// var foo = new Aws.Cfg.DeliveryChannel("foo", new() + /// { + /// Name = "example", + /// S3BucketName = b.Bucket, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// fooRecorder, + /// }, + /// }); + /// /// var p = Aws.Iam.GetPolicyDocument.Invoke(new() /// { /// Statements = new[] diff --git a/sdk/dotnet/Cfg/OrganizationConformancePack.cs b/sdk/dotnet/Cfg/OrganizationConformancePack.cs index cb4d407c87f..31d2143bc8d 100644 --- a/sdk/dotnet/Cfg/OrganizationConformancePack.cs +++ b/sdk/dotnet/Cfg/OrganizationConformancePack.cs @@ -27,6 +27,15 @@ namespace Pulumi.Aws.Cfg /// /// return await Deployment.RunAsync(() => /// { + /// var exampleOrganization = new Aws.Organizations.Organization("example", new() + /// { + /// AwsServiceAccessPrincipals = new[] + /// { + /// "config-multiaccountsetup.amazonaws.com", + /// }, + /// FeatureSet = "ALL", + /// }); + /// /// var example = new Aws.Cfg.OrganizationConformancePack("example", new() /// { /// Name = "example", @@ -50,15 +59,13 @@ namespace Pulumi.Aws.Cfg /// SourceIdentifier: IAM_PASSWORD_POLICY /// Type: AWS::Config::ConfigRule /// ", - /// }); - /// - /// var exampleOrganization = new Aws.Organizations.Organization("example", new() + /// }, new CustomResourceOptions /// { - /// AwsServiceAccessPrincipals = new[] + /// DependsOn = /// { - /// "config-multiaccountsetup.amazonaws.com", + /// exampleAwsConfigConfigurationRecorder, + /// exampleOrganization, /// }, - /// FeatureSet = "ALL", /// }); /// /// }); @@ -76,6 +83,15 @@ namespace Pulumi.Aws.Cfg /// /// return await Deployment.RunAsync(() => /// { + /// var exampleOrganization = new Aws.Organizations.Organization("example", new() + /// { + /// AwsServiceAccessPrincipals = new[] + /// { + /// "config-multiaccountsetup.amazonaws.com", + /// }, + /// FeatureSet = "ALL", + /// }); + /// /// var exampleBucketV2 = new Aws.S3.BucketV2("example", new() /// { /// Bucket = "example", @@ -105,15 +121,13 @@ namespace Pulumi.Aws.Cfg /// var key = values.Item2; /// return $"s3://{bucket}/{key}"; /// }), - /// }); - /// - /// var exampleOrganization = new Aws.Organizations.Organization("example", new() + /// }, new CustomResourceOptions /// { - /// AwsServiceAccessPrincipals = new[] + /// DependsOn = /// { - /// "config-multiaccountsetup.amazonaws.com", + /// exampleAwsConfigConfigurationRecorder, + /// exampleOrganization, /// }, - /// FeatureSet = "ALL", /// }); /// /// }); diff --git a/sdk/dotnet/Cfg/OrganizationCustomRule.cs b/sdk/dotnet/Cfg/OrganizationCustomRule.cs index fe11cbf1aa2..b18de68a8cf 100644 --- a/sdk/dotnet/Cfg/OrganizationCustomRule.cs +++ b/sdk/dotnet/Cfg/OrganizationCustomRule.cs @@ -52,6 +52,13 @@ namespace Pulumi.Aws.Cfg /// { /// "ConfigurationItemChangeNotification", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// exampleOrganization, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Cfg/OrganizationManagedRule.cs b/sdk/dotnet/Cfg/OrganizationManagedRule.cs index ddb28ae4802..94a93098179 100644 --- a/sdk/dotnet/Cfg/OrganizationManagedRule.cs +++ b/sdk/dotnet/Cfg/OrganizationManagedRule.cs @@ -40,6 +40,12 @@ namespace Pulumi.Aws.Cfg /// { /// Name = "example", /// RuleIdentifier = "IAM_PASSWORD_POLICY", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Cfg/RecorderStatus.cs b/sdk/dotnet/Cfg/RecorderStatus.cs index 8caa5467182..10157c0a1ab 100644 --- a/sdk/dotnet/Cfg/RecorderStatus.cs +++ b/sdk/dotnet/Cfg/RecorderStatus.cs @@ -25,6 +25,17 @@ namespace Pulumi.Aws.Cfg /// /// return await Deployment.RunAsync(() => /// { + /// var b = new Aws.S3.BucketV2("b", new() + /// { + /// Bucket = "awsconfig-example", + /// }); + /// + /// var fooDeliveryChannel = new Aws.Cfg.DeliveryChannel("foo", new() + /// { + /// Name = "example", + /// S3BucketName = b.Bucket, + /// }); + /// /// var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new() /// { /// Statements = new[] @@ -67,6 +78,12 @@ namespace Pulumi.Aws.Cfg /// { /// Name = fooRecorder.Name, /// IsEnabled = true, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// fooDeliveryChannel, + /// }, /// }); /// /// var a = new Aws.Iam.RolePolicyAttachment("a", new() @@ -75,17 +92,6 @@ namespace Pulumi.Aws.Cfg /// PolicyArn = "arn:aws:iam::aws:policy/service-role/AWS_ConfigRole", /// }); /// - /// var b = new Aws.S3.BucketV2("b", new() - /// { - /// Bucket = "awsconfig-example", - /// }); - /// - /// var fooDeliveryChannel = new Aws.Cfg.DeliveryChannel("foo", new() - /// { - /// Name = "example", - /// S3BucketName = b.Bucket, - /// }); - /// /// var p = Aws.Iam.GetPolicyDocument.Invoke(new() /// { /// Statements = new[] diff --git a/sdk/dotnet/Cfg/Rule.cs b/sdk/dotnet/Cfg/Rule.cs index fcec0291dac..cf97f0a5d9d 100644 --- a/sdk/dotnet/Cfg/Rule.cs +++ b/sdk/dotnet/Cfg/Rule.cs @@ -29,16 +29,6 @@ namespace Pulumi.Aws.Cfg /// /// return await Deployment.RunAsync(() => /// { - /// var r = new Aws.Cfg.Rule("r", new() - /// { - /// Name = "example", - /// Source = new Aws.Cfg.Inputs.RuleSourceArgs - /// { - /// Owner = "AWS", - /// SourceIdentifier = "S3_BUCKET_VERSIONING_ENABLED", - /// }, - /// }); - /// /// var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new() /// { /// Statements = new[] @@ -77,6 +67,22 @@ namespace Pulumi.Aws.Cfg /// RoleArn = rRole.Arn, /// }); /// + /// var r = new Aws.Cfg.Rule("r", new() + /// { + /// Name = "example", + /// Source = new Aws.Cfg.Inputs.RuleSourceArgs + /// { + /// Owner = "AWS", + /// SourceIdentifier = "S3_BUCKET_VERSIONING_ENABLED", + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// foo, + /// }, + /// }); + /// /// var p = Aws.Iam.GetPolicyDocument.Invoke(new() /// { /// Statements = new[] @@ -139,6 +145,13 @@ namespace Pulumi.Aws.Cfg /// Owner = "CUSTOM_LAMBDA", /// SourceIdentifier = exampleFunction.Arn, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// examplePermission, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Chime/VoiceConnectorTerminationCredentials.cs b/sdk/dotnet/Chime/VoiceConnectorTerminationCredentials.cs index 7d236991680..027da640161 100644 --- a/sdk/dotnet/Chime/VoiceConnectorTerminationCredentials.cs +++ b/sdk/dotnet/Chime/VoiceConnectorTerminationCredentials.cs @@ -58,6 +58,12 @@ namespace Pulumi.Aws.Chime /// Password = "test!", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// defaultVoiceConnectorTermination, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/CloudControl/Resource.cs b/sdk/dotnet/CloudControl/Resource.cs index 6627cbd99ba..40a65092446 100644 --- a/sdk/dotnet/CloudControl/Resource.cs +++ b/sdk/dotnet/CloudControl/Resource.cs @@ -29,13 +29,13 @@ namespace Pulumi.Aws.CloudControl /// TypeName = "AWS::ECS::Cluster", /// DesiredState = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["clusterName"] = "example", - /// ["tags"] = new[] + /// ["ClusterName"] = "example", + /// ["Tags"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["key"] = "CostCenter", - /// ["value"] = "IT", + /// ["Key"] = "CostCenter", + /// ["Value"] = "IT", /// }, /// }, /// }), diff --git a/sdk/dotnet/CloudFormation/Stack.cs b/sdk/dotnet/CloudFormation/Stack.cs index 1e5f7c06382..039d3a65584 100644 --- a/sdk/dotnet/CloudFormation/Stack.cs +++ b/sdk/dotnet/CloudFormation/Stack.cs @@ -33,32 +33,32 @@ namespace Pulumi.Aws.CloudFormation /// }, /// TemplateBody = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["parameters"] = new Dictionary<string, object?> + /// ["Parameters"] = new Dictionary<string, object?> /// { - /// ["vPCCidr"] = new Dictionary<string, object?> + /// ["VPCCidr"] = new Dictionary<string, object?> /// { - /// ["type"] = "String", - /// ["default"] = "10.0.0.0/16", - /// ["description"] = "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", + /// ["Type"] = "String", + /// ["Default"] = "10.0.0.0/16", + /// ["Description"] = "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", /// }, /// }, - /// ["resources"] = new Dictionary<string, object?> + /// ["Resources"] = new Dictionary<string, object?> /// { /// ["myVpc"] = new Dictionary<string, object?> /// { - /// ["type"] = "AWS::EC2::VPC", - /// ["properties"] = new Dictionary<string, object?> + /// ["Type"] = "AWS::EC2::VPC", + /// ["Properties"] = new Dictionary<string, object?> /// { - /// ["cidrBlock"] = new Dictionary<string, object?> + /// ["CidrBlock"] = new Dictionary<string, object?> /// { /// ["Ref"] = "VPCCidr", /// }, - /// ["tags"] = new[] + /// ["Tags"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["key"] = "Name", - /// ["value"] = "Primary_CF_VPC", + /// ["Key"] = "Name", + /// ["Value"] = "Primary_CF_VPC", /// }, /// }, /// }, diff --git a/sdk/dotnet/CloudFormation/StackSet.cs b/sdk/dotnet/CloudFormation/StackSet.cs index a45874bafe3..bb5d0f0f5e5 100644 --- a/sdk/dotnet/CloudFormation/StackSet.cs +++ b/sdk/dotnet/CloudFormation/StackSet.cs @@ -70,32 +70,32 @@ namespace Pulumi.Aws.CloudFormation /// }, /// TemplateBody = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["parameters"] = new Dictionary<string, object?> + /// ["Parameters"] = new Dictionary<string, object?> /// { - /// ["vPCCidr"] = new Dictionary<string, object?> + /// ["VPCCidr"] = new Dictionary<string, object?> /// { - /// ["type"] = "String", - /// ["default"] = "10.0.0.0/16", - /// ["description"] = "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", + /// ["Type"] = "String", + /// ["Default"] = "10.0.0.0/16", + /// ["Description"] = "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", /// }, /// }, - /// ["resources"] = new Dictionary<string, object?> + /// ["Resources"] = new Dictionary<string, object?> /// { /// ["myVpc"] = new Dictionary<string, object?> /// { - /// ["type"] = "AWS::EC2::VPC", - /// ["properties"] = new Dictionary<string, object?> + /// ["Type"] = "AWS::EC2::VPC", + /// ["Properties"] = new Dictionary<string, object?> /// { - /// ["cidrBlock"] = new Dictionary<string, object?> + /// ["CidrBlock"] = new Dictionary<string, object?> /// { - /// ["ref"] = "VPCCidr", + /// ["Ref"] = "VPCCidr", /// }, - /// ["tags"] = new[] + /// ["Tags"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["key"] = "Name", - /// ["value"] = "Primary_CF_VPC", + /// ["Key"] = "Name", + /// ["Value"] = "Primary_CF_VPC", /// }, /// }, /// }, diff --git a/sdk/dotnet/CloudFront/RealtimeLogConfig.cs b/sdk/dotnet/CloudFront/RealtimeLogConfig.cs index 8483539346d..2bb59bf3251 100644 --- a/sdk/dotnet/CloudFront/RealtimeLogConfig.cs +++ b/sdk/dotnet/CloudFront/RealtimeLogConfig.cs @@ -102,6 +102,12 @@ namespace Pulumi.Aws.CloudFront /// StreamArn = exampleAwsKinesisStream.Arn, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleRolePolicy, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/CloudTrail/Trail.cs b/sdk/dotnet/CloudTrail/Trail.cs index f6b10fe38c2..80d4fda2084 100644 --- a/sdk/dotnet/CloudTrail/Trail.cs +++ b/sdk/dotnet/CloudTrail/Trail.cs @@ -38,14 +38,6 @@ namespace Pulumi.Aws.CloudTrail /// ForceDestroy = true, /// }); /// - /// var exampleTrail = new Aws.CloudTrail.Trail("example", new() - /// { - /// Name = "example", - /// S3BucketName = exampleBucketV2.Id, - /// S3KeyPrefix = "prefix", - /// IncludeGlobalServiceEvents = false, - /// }); - /// /// var current = Aws.GetCallerIdentity.Invoke(); /// /// var currentGetPartition = Aws.GetPartition.Invoke(); @@ -146,6 +138,20 @@ namespace Pulumi.Aws.CloudTrail /// Policy = example.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json), /// }); /// + /// var exampleTrail = new Aws.CloudTrail.Trail("example", new() + /// { + /// Name = "example", + /// S3BucketName = exampleBucketV2.Id, + /// S3KeyPrefix = "prefix", + /// IncludeGlobalServiceEvents = false, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleBucketPolicy, + /// }, + /// }); + /// /// }); /// ``` /// <!--End PulumiCodeChooser --> diff --git a/sdk/dotnet/CloudWatch/LogDataProtectionPolicy.cs b/sdk/dotnet/CloudWatch/LogDataProtectionPolicy.cs index 598476ca931..85a2f10af4b 100644 --- a/sdk/dotnet/CloudWatch/LogDataProtectionPolicy.cs +++ b/sdk/dotnet/CloudWatch/LogDataProtectionPolicy.cs @@ -41,26 +41,26 @@ namespace Pulumi.Aws.CloudWatch /// LogGroupName = example.Name, /// PolicyDocument = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["name"] = "Example", - /// ["version"] = "2021-06-01", - /// ["statement"] = new[] + /// ["Name"] = "Example", + /// ["Version"] = "2021-06-01", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["sid"] = "Audit", - /// ["dataIdentifier"] = new[] + /// ["Sid"] = "Audit", + /// ["DataIdentifier"] = new[] /// { /// "arn:aws:dataprotection::aws:data-identifier/EmailAddress", /// }, - /// ["operation"] = new Dictionary<string, object?> + /// ["Operation"] = new Dictionary<string, object?> /// { - /// ["audit"] = new Dictionary<string, object?> + /// ["Audit"] = new Dictionary<string, object?> /// { - /// ["findingsDestination"] = new Dictionary<string, object?> + /// ["FindingsDestination"] = new Dictionary<string, object?> /// { /// ["S3"] = new Dictionary<string, object?> /// { - /// ["bucket"] = exampleBucketV2.Bucket, + /// ["Bucket"] = exampleBucketV2.Bucket, /// }, /// }, /// }, @@ -68,16 +68,16 @@ namespace Pulumi.Aws.CloudWatch /// }, /// new Dictionary<string, object?> /// { - /// ["sid"] = "Redact", - /// ["dataIdentifier"] = new[] + /// ["Sid"] = "Redact", + /// ["DataIdentifier"] = new[] /// { /// "arn:aws:dataprotection::aws:data-identifier/EmailAddress", /// }, - /// ["operation"] = new Dictionary<string, object?> + /// ["Operation"] = new Dictionary<string, object?> /// { - /// ["deidentify"] = new Dictionary<string, object?> + /// ["Deidentify"] = new Dictionary<string, object?> /// { - /// ["maskConfig"] = new Dictionary<string, object?> + /// ["MaskConfig"] = new Dictionary<string, object?> /// { /// }, /// }, diff --git a/sdk/dotnet/CodeBuild/ResourcePolicy.cs b/sdk/dotnet/CodeBuild/ResourcePolicy.cs index 0cbbb3b148e..d80091fd8c0 100644 --- a/sdk/dotnet/CodeBuild/ResourcePolicy.cs +++ b/sdk/dotnet/CodeBuild/ResourcePolicy.cs @@ -43,15 +43,15 @@ namespace Pulumi.Aws.CodeBuild /// ResourceArn = example.Arn, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["id"] = "default", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Id"] = "default", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["sid"] = "default", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Sid"] = "default", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = Output.Tuple(current, currentGetCallerIdentity).Apply(values => /// { @@ -60,14 +60,14 @@ namespace Pulumi.Aws.CodeBuild /// return $"arn:{current.Apply(getPartitionResult => getPartitionResult.Partition)}:iam::{currentGetCallerIdentity.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId)}:root"; /// }), /// }, - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "codebuild:BatchGetReportGroups", /// "codebuild:BatchGetReports", /// "codebuild:ListReportsForReportGroup", /// "codebuild:DescribeTestCases", /// }, - /// ["resource"] = example.Arn, + /// ["Resource"] = example.Arn, /// }, /// }, /// })), diff --git a/sdk/dotnet/CodeCommit/ApprovalRuleTemplate.cs b/sdk/dotnet/CodeCommit/ApprovalRuleTemplate.cs index 2ce1f69e745..89f32af1dbc 100644 --- a/sdk/dotnet/CodeCommit/ApprovalRuleTemplate.cs +++ b/sdk/dotnet/CodeCommit/ApprovalRuleTemplate.cs @@ -30,18 +30,18 @@ namespace Pulumi.Aws.CodeCommit /// Description = "This is an example approval rule template", /// Content = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2018-11-08", - /// ["destinationReferences"] = new[] + /// ["Version"] = "2018-11-08", + /// ["DestinationReferences"] = new[] /// { /// "refs/heads/master", /// }, - /// ["statements"] = new[] + /// ["Statements"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["type"] = "Approvers", - /// ["numberOfApprovalsNeeded"] = 2, - /// ["approvalPoolMembers"] = new[] + /// ["Type"] = "Approvers", + /// ["NumberOfApprovalsNeeded"] = 2, + /// ["ApprovalPoolMembers"] = new[] /// { /// "arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*", /// }, diff --git a/sdk/dotnet/Cognito/ManagedUserPoolClient.cs b/sdk/dotnet/Cognito/ManagedUserPoolClient.cs index be2cfb4bc27..a37c6cb0b2b 100644 --- a/sdk/dotnet/Cognito/ManagedUserPoolClient.cs +++ b/sdk/dotnet/Cognito/ManagedUserPoolClient.cs @@ -34,12 +34,6 @@ namespace Pulumi.Aws.Cognito /// Name = "example", /// }); /// - /// var exampleManagedUserPoolClient = new Aws.Cognito.ManagedUserPoolClient("example", new() - /// { - /// NamePrefix = "AmazonOpenSearchService-example", - /// UserPoolId = exampleUserPool.Id, - /// }); - /// /// var exampleIdentityPool = new Aws.Cognito.IdentityPool("example", new() /// { /// IdentityPoolName = "example", @@ -81,6 +75,12 @@ namespace Pulumi.Aws.Cognito /// AssumeRolePolicy = example.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json), /// }); /// + /// var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("example", new() + /// { + /// Role = exampleRole.Name, + /// PolicyArn = $"arn:{current.Apply(getPartitionResult => getPartitionResult.Partition)}:iam::aws:policy/AmazonESCognitoAccess", + /// }); + /// /// var exampleDomain = new Aws.OpenSearch.Domain("example", new() /// { /// DomainName = "example", @@ -96,12 +96,25 @@ namespace Pulumi.Aws.Cognito /// EbsEnabled = true, /// VolumeSize = 10, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsCognitoUserPoolDomain, + /// exampleRolePolicyAttachment, + /// }, /// }); /// - /// var exampleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("example", new() + /// var exampleManagedUserPoolClient = new Aws.Cognito.ManagedUserPoolClient("example", new() /// { - /// Role = exampleRole.Name, - /// PolicyArn = $"arn:{current.Apply(getPartitionResult => getPartitionResult.Partition)}:iam::aws:policy/AmazonESCognitoAccess", + /// NamePrefix = "AmazonOpenSearchService-example", + /// UserPoolId = exampleUserPool.Id, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleDomain, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Comprehend/DocumentClassifier.cs b/sdk/dotnet/Comprehend/DocumentClassifier.cs index 13ae2d30a5a..d29651bfa23 100644 --- a/sdk/dotnet/Comprehend/DocumentClassifier.cs +++ b/sdk/dotnet/Comprehend/DocumentClassifier.cs @@ -36,6 +36,12 @@ namespace Pulumi.Aws.Comprehend /// { /// S3Uri = documents.Id.Apply(id => $"s3://{test.Bucket}/{id}"), /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsIamRolePolicy, + /// }, /// }); /// /// var entities = new Aws.S3.BucketObjectv2("entities"); diff --git a/sdk/dotnet/Comprehend/EntityRecognizer.cs b/sdk/dotnet/Comprehend/EntityRecognizer.cs index fed00205781..283c62f9f38 100644 --- a/sdk/dotnet/Comprehend/EntityRecognizer.cs +++ b/sdk/dotnet/Comprehend/EntityRecognizer.cs @@ -56,6 +56,12 @@ namespace Pulumi.Aws.Comprehend /// S3Uri = entities.Id.Apply(id => $"s3://{entitiesAwsS3Bucket.Bucket}/{id}"), /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsIamRolePolicy, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Connect/ContactFlow.cs b/sdk/dotnet/Connect/ContactFlow.cs index 2b6d0eeca7d..5e113ceb21e 100644 --- a/sdk/dotnet/Connect/ContactFlow.cs +++ b/sdk/dotnet/Connect/ContactFlow.cs @@ -41,37 +41,37 @@ namespace Pulumi.Aws.Connect /// Type = "CONTACT_FLOW", /// Content = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2019-10-30", - /// ["startAction"] = "12345678-1234-1234-1234-123456789012", - /// ["actions"] = new[] + /// ["Version"] = "2019-10-30", + /// ["StartAction"] = "12345678-1234-1234-1234-123456789012", + /// ["Actions"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["identifier"] = "12345678-1234-1234-1234-123456789012", - /// ["type"] = "MessageParticipant", - /// ["transitions"] = new Dictionary<string, object?> + /// ["Identifier"] = "12345678-1234-1234-1234-123456789012", + /// ["Type"] = "MessageParticipant", + /// ["Transitions"] = new Dictionary<string, object?> /// { - /// ["nextAction"] = "abcdef-abcd-abcd-abcd-abcdefghijkl", - /// ["errors"] = new[] + /// ["NextAction"] = "abcdef-abcd-abcd-abcd-abcdefghijkl", + /// ["Errors"] = new[] /// { /// }, - /// ["conditions"] = new[] + /// ["Conditions"] = new[] /// { /// }, /// }, - /// ["parameters"] = new Dictionary<string, object?> + /// ["Parameters"] = new Dictionary<string, object?> /// { - /// ["text"] = "Thanks for calling the sample flow!", + /// ["Text"] = "Thanks for calling the sample flow!", /// }, /// }, /// new Dictionary<string, object?> /// { - /// ["identifier"] = "abcdef-abcd-abcd-abcd-abcdefghijkl", - /// ["type"] = "DisconnectParticipant", - /// ["transitions"] = new Dictionary<string, object?> + /// ["Identifier"] = "abcdef-abcd-abcd-abcd-abcdefghijkl", + /// ["Type"] = "DisconnectParticipant", + /// ["Transitions"] = new Dictionary<string, object?> /// { /// }, - /// ["parameters"] = new Dictionary<string, object?> + /// ["Parameters"] = new Dictionary<string, object?> /// { /// }, /// }, diff --git a/sdk/dotnet/Connect/ContactFlowModule.cs b/sdk/dotnet/Connect/ContactFlowModule.cs index 544ac08a009..87202c5bbba 100644 --- a/sdk/dotnet/Connect/ContactFlowModule.cs +++ b/sdk/dotnet/Connect/ContactFlowModule.cs @@ -40,62 +40,62 @@ namespace Pulumi.Aws.Connect /// Description = "Example Contact Flow Module Description", /// Content = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2019-10-30", - /// ["startAction"] = "12345678-1234-1234-1234-123456789012", - /// ["actions"] = new[] + /// ["Version"] = "2019-10-30", + /// ["StartAction"] = "12345678-1234-1234-1234-123456789012", + /// ["Actions"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["identifier"] = "12345678-1234-1234-1234-123456789012", - /// ["parameters"] = new Dictionary<string, object?> + /// ["Identifier"] = "12345678-1234-1234-1234-123456789012", + /// ["Parameters"] = new Dictionary<string, object?> /// { - /// ["text"] = "Hello contact flow module", + /// ["Text"] = "Hello contact flow module", /// }, - /// ["transitions"] = new Dictionary<string, object?> + /// ["Transitions"] = new Dictionary<string, object?> /// { - /// ["nextAction"] = "abcdef-abcd-abcd-abcd-abcdefghijkl", - /// ["errors"] = new[] + /// ["NextAction"] = "abcdef-abcd-abcd-abcd-abcdefghijkl", + /// ["Errors"] = new[] /// { /// }, - /// ["conditions"] = new[] + /// ["Conditions"] = new[] /// { /// }, /// }, - /// ["type"] = "MessageParticipant", + /// ["Type"] = "MessageParticipant", /// }, /// new Dictionary<string, object?> /// { - /// ["identifier"] = "abcdef-abcd-abcd-abcd-abcdefghijkl", - /// ["type"] = "DisconnectParticipant", - /// ["parameters"] = new Dictionary<string, object?> + /// ["Identifier"] = "abcdef-abcd-abcd-abcd-abcdefghijkl", + /// ["Type"] = "DisconnectParticipant", + /// ["Parameters"] = new Dictionary<string, object?> /// { /// }, - /// ["transitions"] = new Dictionary<string, object?> + /// ["Transitions"] = new Dictionary<string, object?> /// { /// }, /// }, /// }, - /// ["settings"] = new Dictionary<string, object?> + /// ["Settings"] = new Dictionary<string, object?> /// { - /// ["inputParameters"] = new[] + /// ["InputParameters"] = new[] /// { /// }, - /// ["outputParameters"] = new[] + /// ["OutputParameters"] = new[] /// { /// }, - /// ["transitions"] = new[] + /// ["Transitions"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["displayName"] = "Success", - /// ["referenceName"] = "Success", - /// ["description"] = "", + /// ["DisplayName"] = "Success", + /// ["ReferenceName"] = "Success", + /// ["Description"] = "", /// }, /// new Dictionary<string, object?> /// { - /// ["displayName"] = "Error", - /// ["referenceName"] = "Error", - /// ["description"] = "", + /// ["DisplayName"] = "Error", + /// ["ReferenceName"] = "Error", + /// ["Description"] = "", /// }, /// }, /// }, diff --git a/sdk/dotnet/CostExplorer/AnomalyMonitor.cs b/sdk/dotnet/CostExplorer/AnomalyMonitor.cs index 6f4fecca995..f586fd32cf8 100644 --- a/sdk/dotnet/CostExplorer/AnomalyMonitor.cs +++ b/sdk/dotnet/CostExplorer/AnomalyMonitor.cs @@ -56,16 +56,16 @@ namespace Pulumi.Aws.CostExplorer /// MonitorType = "CUSTOM", /// MonitorSpecification = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["and"] = null, - /// ["costCategories"] = null, - /// ["dimensions"] = null, - /// ["not"] = null, - /// ["or"] = null, - /// ["tags"] = new Dictionary<string, object?> + /// ["And"] = null, + /// ["CostCategories"] = null, + /// ["Dimensions"] = null, + /// ["Not"] = null, + /// ["Or"] = null, + /// ["Tags"] = new Dictionary<string, object?> /// { - /// ["key"] = "CostCenter", - /// ["matchOptions"] = null, - /// ["values"] = new[] + /// ["Key"] = "CostCenter", + /// ["MatchOptions"] = null, + /// ["Values"] = new[] /// { /// "10000", /// }, diff --git a/sdk/dotnet/CostExplorer/AnomalySubscription.cs b/sdk/dotnet/CostExplorer/AnomalySubscription.cs index 85e9ab96bb6..d8eb8f4abe1 100644 --- a/sdk/dotnet/CostExplorer/AnomalySubscription.cs +++ b/sdk/dotnet/CostExplorer/AnomalySubscription.cs @@ -294,6 +294,12 @@ namespace Pulumi.Aws.CostExplorer /// Address = costAnomalyUpdates.Arn, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// @default, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/CustomerProfiles/Domain.cs b/sdk/dotnet/CustomerProfiles/Domain.cs index 848ae051c8f..809c4fadd6e 100644 --- a/sdk/dotnet/CustomerProfiles/Domain.cs +++ b/sdk/dotnet/CustomerProfiles/Domain.cs @@ -50,21 +50,21 @@ namespace Pulumi.Aws.CustomerProfiles /// Name = "example", /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["sid"] = "Customer Profiles SQS policy", - /// ["effect"] = "Allow", - /// ["action"] = new[] + /// ["Sid"] = "Customer Profiles SQS policy", + /// ["Effect"] = "Allow", + /// ["Action"] = new[] /// { /// "sqs:SendMessage", /// }, - /// ["resource"] = "*", - /// ["principal"] = new Dictionary<string, object?> + /// ["Resource"] = "*", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "profile.amazonaws.com", + /// ["Service"] = "profile.amazonaws.com", /// }, /// }, /// }, @@ -88,27 +88,27 @@ namespace Pulumi.Aws.CustomerProfiles /// Bucket = exampleBucketV2.Id, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["sid"] = "Customer Profiles S3 policy", - /// ["effect"] = "Allow", - /// ["action"] = new[] + /// ["Sid"] = "Customer Profiles S3 policy", + /// ["Effect"] = "Allow", + /// ["Action"] = new[] /// { /// "s3:GetObject", /// "s3:PutObject", /// "s3:ListBucket", /// }, - /// ["resource"] = new[] + /// ["Resource"] = new[] /// { /// exampleBucketV2.Arn, /// exampleBucketV2.Arn.Apply(arn => $"{arn}/*"), /// }, - /// ["principal"] = new Dictionary<string, object?> + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "profile.amazonaws.com", + /// ["Service"] = "profile.amazonaws.com", /// }, /// }, /// }, diff --git a/sdk/dotnet/Detective/InvitationAccepter.cs b/sdk/dotnet/Detective/InvitationAccepter.cs index 10e9531ea11..8cb6e019e77 100644 --- a/sdk/dotnet/Detective/InvitationAccepter.cs +++ b/sdk/dotnet/Detective/InvitationAccepter.cs @@ -36,6 +36,12 @@ namespace Pulumi.Aws.Detective /// var member = new Aws.Detective.InvitationAccepter("member", new() /// { /// GraphArn = primary.GraphArn, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// primaryMember, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Detective/OrganizationAdminAccount.cs b/sdk/dotnet/Detective/OrganizationAdminAccount.cs index 746769343be..86e9e7ce629 100644 --- a/sdk/dotnet/Detective/OrganizationAdminAccount.cs +++ b/sdk/dotnet/Detective/OrganizationAdminAccount.cs @@ -35,6 +35,12 @@ namespace Pulumi.Aws.Detective /// var exampleOrganizationAdminAccount = new Aws.Detective.OrganizationAdminAccount("example", new() /// { /// AccountId = "123456789012", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/DirectConnect/HostedPrivateVirtualInterfaceAccepter.cs b/sdk/dotnet/DirectConnect/HostedPrivateVirtualInterfaceAccepter.cs index ca77ca3e22a..73cdbabca14 100644 --- a/sdk/dotnet/DirectConnect/HostedPrivateVirtualInterfaceAccepter.cs +++ b/sdk/dotnet/DirectConnect/HostedPrivateVirtualInterfaceAccepter.cs @@ -26,6 +26,9 @@ namespace Pulumi.Aws.DirectConnect /// { /// var accepter = Aws.GetCallerIdentity.Invoke(); /// + /// // Accepter's side of the VIF. + /// var vpnGw = new Aws.Ec2.VpnGateway("vpn_gw"); + /// /// // Creator's side of the VIF /// var creator = new Aws.DirectConnect.HostedPrivateVirtualInterface("creator", new() /// { @@ -35,11 +38,14 @@ namespace Pulumi.Aws.DirectConnect /// Vlan = 4094, /// AddressFamily = "ipv4", /// BgpAsn = 65352, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// vpnGw, + /// }, /// }); /// - /// // Accepter's side of the VIF. - /// var vpnGw = new Aws.Ec2.VpnGateway("vpn_gw"); - /// /// var accepterHostedPrivateVirtualInterfaceAccepter = new Aws.DirectConnect.HostedPrivateVirtualInterfaceAccepter("accepter", new() /// { /// VirtualInterfaceId = creator.Id, diff --git a/sdk/dotnet/DirectConnect/HostedTransitVirtualInterfaceAcceptor.cs b/sdk/dotnet/DirectConnect/HostedTransitVirtualInterfaceAcceptor.cs index 16f35df8ca7..a6b1ff21148 100644 --- a/sdk/dotnet/DirectConnect/HostedTransitVirtualInterfaceAcceptor.cs +++ b/sdk/dotnet/DirectConnect/HostedTransitVirtualInterfaceAcceptor.cs @@ -28,6 +28,13 @@ namespace Pulumi.Aws.DirectConnect /// { /// var accepter = Aws.GetCallerIdentity.Invoke(); /// + /// // Accepter's side of the VIF. + /// var example = new Aws.DirectConnect.Gateway("example", new() + /// { + /// Name = "tf-dxg-example", + /// AmazonSideAsn = "64512", + /// }); + /// /// // Creator's side of the VIF /// var creator = new Aws.DirectConnect.HostedTransitVirtualInterface("creator", new() /// { @@ -37,13 +44,12 @@ namespace Pulumi.Aws.DirectConnect /// Vlan = 4094, /// AddressFamily = "ipv4", /// BgpAsn = 65352, - /// }); - /// - /// // Accepter's side of the VIF. - /// var example = new Aws.DirectConnect.Gateway("example", new() + /// }, new CustomResourceOptions /// { - /// Name = "tf-dxg-example", - /// AmazonSideAsn = "64512", + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// var accepterHostedTransitVirtualInterfaceAcceptor = new Aws.DirectConnect.HostedTransitVirtualInterfaceAcceptor("accepter", new() diff --git a/sdk/dotnet/Dms/ReplicationInstance.cs b/sdk/dotnet/Dms/ReplicationInstance.cs index b732cc8f5e0..3d8b94d5c0c 100644 --- a/sdk/dotnet/Dms/ReplicationInstance.cs +++ b/sdk/dotnet/Dms/ReplicationInstance.cs @@ -115,6 +115,14 @@ namespace Pulumi.Aws.Dms /// { /// "sg-12345678", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// dms_access_for_endpoint_AmazonDMSRedshiftS3Role, + /// dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole, + /// dms_vpc_role_AmazonDMSVPCManagementRole, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Dms/ReplicationSubnetGroup.cs b/sdk/dotnet/Dms/ReplicationSubnetGroup.cs index 073747eb838..c59858150ef 100644 --- a/sdk/dotnet/Dms/ReplicationSubnetGroup.cs +++ b/sdk/dotnet/Dms/ReplicationSubnetGroup.cs @@ -67,17 +67,17 @@ namespace Pulumi.Aws.Dms /// Description = "Allows DMS to manage VPC", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "dms.amazonaws.com", + /// ["Service"] = "dms.amazonaws.com", /// }, - /// ["action"] = "sts:AssumeRole", + /// ["Action"] = "sts:AssumeRole", /// }, /// }, /// }), @@ -102,6 +102,12 @@ namespace Pulumi.Aws.Dms /// { /// { "Name", "example-id" }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Dms/S3Endpoint.cs b/sdk/dotnet/Dms/S3Endpoint.cs index 7bbae6e0c82..37bcaadeb82 100644 --- a/sdk/dotnet/Dms/S3Endpoint.cs +++ b/sdk/dotnet/Dms/S3Endpoint.cs @@ -37,6 +37,12 @@ namespace Pulumi.Aws.Dms /// EndpointType = "target", /// BucketName = "beckut_name", /// ServiceAccessRoleArn = exampleAwsIamRole.Arn, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsIamRolePolicy, + /// }, /// }); /// /// }); @@ -106,6 +112,12 @@ namespace Pulumi.Aws.Dms /// UseCsvNoSupValue = false, /// UseTaskStartTimeForFullLoadTimestamp = true, /// GlueCatalogGeneration = true, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsIamRolePolicy, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/DocDB/GlobalCluster.cs b/sdk/dotnet/DocDB/GlobalCluster.cs index ef66dec8b2e..fd5cd167b89 100644 --- a/sdk/dotnet/DocDB/GlobalCluster.cs +++ b/sdk/dotnet/DocDB/GlobalCluster.cs @@ -60,6 +60,12 @@ namespace Pulumi.Aws.DocDB /// ClusterIdentifier = "test-secondary-cluster", /// GlobalClusterIdentifier = example.Id, /// DbSubnetGroupName = "default", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// primary, + /// }, /// }); /// /// var secondaryClusterInstance = new Aws.DocDB.ClusterInstance("secondary", new() @@ -68,6 +74,12 @@ namespace Pulumi.Aws.DocDB /// Identifier = "test-secondary-cluster-instance", /// ClusterIdentifier = secondary.Id, /// InstanceClass = "db.r5.large", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// primaryClusterInstance, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/DynamoDB/GlobalTable.cs b/sdk/dotnet/DynamoDB/GlobalTable.cs index 182dab71315..44471a5ea8e 100644 --- a/sdk/dotnet/DynamoDB/GlobalTable.cs +++ b/sdk/dotnet/DynamoDB/GlobalTable.cs @@ -77,6 +77,13 @@ namespace Pulumi.Aws.DynamoDB /// RegionName = "us-west-2", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// us_east_1, + /// us_west_2, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Ec2/Eip.cs b/sdk/dotnet/Ec2/Eip.cs index a4f02b7204a..340565c8a80 100644 --- a/sdk/dotnet/Ec2/Eip.cs +++ b/sdk/dotnet/Ec2/Eip.cs @@ -105,6 +105,12 @@ namespace Pulumi.Aws.Ec2 /// VpcId = @default.Id, /// CidrBlock = "10.0.0.0/24", /// MapPublicIpOnLaunch = true, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// gw, + /// }, /// }); /// /// var foo = new Aws.Ec2.Instance("foo", new() @@ -120,6 +126,12 @@ namespace Pulumi.Aws.Ec2 /// Domain = "vpc", /// Instance = foo.Id, /// AssociateWithPrivateIp = "10.0.0.12", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// gw, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Ec2/InternetGateway.cs b/sdk/dotnet/Ec2/InternetGateway.cs index c8851f8d866..653bf72ca9a 100644 --- a/sdk/dotnet/Ec2/InternetGateway.cs +++ b/sdk/dotnet/Ec2/InternetGateway.cs @@ -78,7 +78,15 @@ public partial class InternetGateway : global::Pulumi.CustomResource /// VpcId = main.Id, /// }); /// - /// var foo = new Aws.Ec2.Instance("foo"); + /// var foo = new Aws.Ec2.Instance("foo", new() + /// { + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// gw, + /// }, + /// }); /// /// }); /// ``` @@ -167,7 +175,15 @@ public sealed class InternetGatewayArgs : global::Pulumi.ResourceArgs /// VpcId = main.Id, /// }); /// - /// var foo = new Aws.Ec2.Instance("foo"); + /// var foo = new Aws.Ec2.Instance("foo", new() + /// { + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// gw, + /// }, + /// }); /// /// }); /// ``` @@ -227,7 +243,15 @@ public sealed class InternetGatewayState : global::Pulumi.ResourceArgs /// VpcId = main.Id, /// }); /// - /// var foo = new Aws.Ec2.Instance("foo"); + /// var foo = new Aws.Ec2.Instance("foo", new() + /// { + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// gw, + /// }, + /// }); /// /// }); /// ``` diff --git a/sdk/dotnet/Ec2/NatGateway.cs b/sdk/dotnet/Ec2/NatGateway.cs index 693adffad91..29a235ffc80 100644 --- a/sdk/dotnet/Ec2/NatGateway.cs +++ b/sdk/dotnet/Ec2/NatGateway.cs @@ -33,6 +33,12 @@ namespace Pulumi.Aws.Ec2 /// { /// { "Name", "gw NAT" }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsInternetGateway, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Ec2/SpotFleetRequest.cs b/sdk/dotnet/Ec2/SpotFleetRequest.cs index 86b8531d529..f2079eda9bd 100644 --- a/sdk/dotnet/Ec2/SpotFleetRequest.cs +++ b/sdk/dotnet/Ec2/SpotFleetRequest.cs @@ -113,6 +113,12 @@ namespace Pulumi.Aws.Ec2 /// }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// test_attach, + /// }, /// }); /// /// }); @@ -286,6 +292,12 @@ namespace Pulumi.Aws.Ec2 /// }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// test_attach, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Ec2/Vpc.cs b/sdk/dotnet/Ec2/Vpc.cs index 2a61fa5d3ff..e8293370f5e 100644 --- a/sdk/dotnet/Ec2/Vpc.cs +++ b/sdk/dotnet/Ec2/Vpc.cs @@ -100,6 +100,12 @@ namespace Pulumi.Aws.Ec2 /// { /// Ipv4IpamPoolId = testVpcIpamPool.Id, /// Ipv4NetmaskLength = 28, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// testVpcIpamPoolCidr, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Ec2/VpcIpamPoolCidrAllocation.cs b/sdk/dotnet/Ec2/VpcIpamPoolCidrAllocation.cs index 4da8ae5786c..851a492861e 100644 --- a/sdk/dotnet/Ec2/VpcIpamPoolCidrAllocation.cs +++ b/sdk/dotnet/Ec2/VpcIpamPoolCidrAllocation.cs @@ -45,16 +45,22 @@ namespace Pulumi.Aws.Ec2 /// Locale = current.Apply(getRegionResult => getRegionResult.Name), /// }); /// - /// var example = new Aws.Ec2.VpcIpamPoolCidrAllocation("example", new() + /// var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr("example", new() /// { /// IpamPoolId = exampleVpcIpamPool.Id, - /// Cidr = "172.20.0.0/24", + /// Cidr = "172.20.0.0/16", /// }); /// - /// var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr("example", new() + /// var example = new Aws.Ec2.VpcIpamPoolCidrAllocation("example", new() /// { /// IpamPoolId = exampleVpcIpamPool.Id, - /// Cidr = "172.20.0.0/16", + /// Cidr = "172.20.0.0/24", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleVpcIpamPoolCidr, + /// }, /// }); /// /// }); @@ -92,6 +98,12 @@ namespace Pulumi.Aws.Ec2 /// Locale = current.Apply(getRegionResult => getRegionResult.Name), /// }); /// + /// var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr("example", new() + /// { + /// IpamPoolId = exampleVpcIpamPool.Id, + /// Cidr = "172.20.0.0/16", + /// }); + /// /// var example = new Aws.Ec2.VpcIpamPoolCidrAllocation("example", new() /// { /// IpamPoolId = exampleVpcIpamPool.Id, @@ -100,12 +112,12 @@ namespace Pulumi.Aws.Ec2 /// { /// "172.20.0.0/28", /// }, - /// }); - /// - /// var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr("example", new() + /// }, new CustomResourceOptions /// { - /// IpamPoolId = exampleVpcIpamPool.Id, - /// Cidr = "172.20.0.0/16", + /// DependsOn = + /// { + /// exampleVpcIpamPoolCidr, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Ec2/VpcIpamPreviewNextCidr.cs b/sdk/dotnet/Ec2/VpcIpamPreviewNextCidr.cs index e474dfd2d82..3b11b6d10a2 100644 --- a/sdk/dotnet/Ec2/VpcIpamPreviewNextCidr.cs +++ b/sdk/dotnet/Ec2/VpcIpamPreviewNextCidr.cs @@ -45,6 +45,12 @@ namespace Pulumi.Aws.Ec2 /// Locale = current.Apply(getRegionResult => getRegionResult.Name), /// }); /// + /// var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr("example", new() + /// { + /// IpamPoolId = exampleVpcIpamPool.Id, + /// Cidr = "172.20.0.0/16", + /// }); + /// /// var example = new Aws.Ec2.VpcIpamPreviewNextCidr("example", new() /// { /// IpamPoolId = exampleVpcIpamPool.Id, @@ -53,12 +59,12 @@ namespace Pulumi.Aws.Ec2 /// { /// "172.2.0.0/32", /// }, - /// }); - /// - /// var exampleVpcIpamPoolCidr = new Aws.Ec2.VpcIpamPoolCidr("example", new() + /// }, new CustomResourceOptions /// { - /// IpamPoolId = exampleVpcIpamPool.Id, - /// Cidr = "172.20.0.0/16", + /// DependsOn = + /// { + /// exampleVpcIpamPoolCidr, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Ecr/RegistryPolicy.cs b/sdk/dotnet/Ecr/RegistryPolicy.cs index e957051771c..0bef83cd0f9 100644 --- a/sdk/dotnet/Ecr/RegistryPolicy.cs +++ b/sdk/dotnet/Ecr/RegistryPolicy.cs @@ -36,14 +36,14 @@ namespace Pulumi.Aws.Ecr /// { /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["sid"] = "testpolicy", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Sid"] = "testpolicy", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = Output.Tuple(currentGetPartition, current).Apply(values => /// { @@ -52,11 +52,11 @@ namespace Pulumi.Aws.Ecr /// return $"arn:{currentGetPartition.Apply(getPartitionResult => getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId)}:root"; /// }), /// }, - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "ecr:ReplicateImage", /// }, - /// ["resource"] = new[] + /// ["Resource"] = new[] /// { /// Output.Tuple(currentGetPartition, currentGetRegion, current).Apply(values => /// { diff --git a/sdk/dotnet/Ecs/Service.cs b/sdk/dotnet/Ecs/Service.cs index 7d5461e2a3f..119b9f7ab17 100644 --- a/sdk/dotnet/Ecs/Service.cs +++ b/sdk/dotnet/Ecs/Service.cs @@ -46,7 +46,7 @@ namespace Pulumi.Aws.Ecs /// { /// new Aws.Ecs.Inputs.ServiceLoadBalancerArgs /// { - /// TargetGroupArn = foo.Arn, + /// TargetGroupArn = fooAwsLbTargetGroup.Arn, /// ContainerName = "mongo", /// ContainerPort = 8080, /// }, @@ -59,6 +59,12 @@ namespace Pulumi.Aws.Ecs /// Expression = "attribute:ecs.availability-zone in [us-west-2a, us-west-2b]", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// foo, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Eks/Cluster.cs b/sdk/dotnet/Eks/Cluster.cs index a0bec0d2267..f87266fca26 100644 --- a/sdk/dotnet/Eks/Cluster.cs +++ b/sdk/dotnet/Eks/Cluster.cs @@ -37,6 +37,13 @@ namespace Pulumi.Aws.Eks /// example2.Id, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example_AmazonEKSClusterPolicy, + /// example_AmazonEKSVPCResourceController, + /// }, /// }); /// /// return new Dictionary<string, object?> @@ -126,6 +133,12 @@ namespace Pulumi.Aws.Eks /// { /// var config = new Config(); /// var clusterName = config.Get("clusterName") ?? "example"; + /// var exampleLogGroup = new Aws.CloudWatch.LogGroup("example", new() + /// { + /// Name = $"/aws/eks/{clusterName}/cluster", + /// RetentionInDays = 7, + /// }); + /// /// var example = new Aws.Eks.Cluster("example", new() /// { /// EnabledClusterLogTypes = new[] @@ -134,12 +147,12 @@ namespace Pulumi.Aws.Eks /// "audit", /// }, /// Name = clusterName, - /// }); - /// - /// var exampleLogGroup = new Aws.CloudWatch.LogGroup("example", new() + /// }, new CustomResourceOptions /// { - /// Name = $"/aws/eks/{clusterName}/cluster", - /// RetentionInDays = 7, + /// DependsOn = + /// { + /// exampleLogGroup, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Eks/FargateProfile.cs b/sdk/dotnet/Eks/FargateProfile.cs index 87eae0989e7..ff9ff8a7640 100644 --- a/sdk/dotnet/Eks/FargateProfile.cs +++ b/sdk/dotnet/Eks/FargateProfile.cs @@ -59,19 +59,19 @@ namespace Pulumi.Aws.Eks /// Name = "eks-fargate-profile-example", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["statement"] = new[] + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "eks-fargate-pods.amazonaws.com", + /// ["Service"] = "eks-fargate-pods.amazonaws.com", /// }, /// }, /// }, - /// ["version"] = "2012-10-17", + /// ["Version"] = "2012-10-17", /// }), /// }); /// diff --git a/sdk/dotnet/Eks/NodeGroup.cs b/sdk/dotnet/Eks/NodeGroup.cs index 9ba4b2d6dc9..527c5310f2c 100644 --- a/sdk/dotnet/Eks/NodeGroup.cs +++ b/sdk/dotnet/Eks/NodeGroup.cs @@ -39,6 +39,14 @@ namespace Pulumi.Aws.Eks /// { /// MaxUnavailable = 1, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example_AmazonEKSWorkerNodePolicy, + /// example_AmazonEKSCNIPolicy, + /// example_AmazonEC2ContainerRegistryReadOnly, + /// }, /// }); /// /// }); @@ -87,19 +95,19 @@ namespace Pulumi.Aws.Eks /// Name = "eks-node-group-example", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["statement"] = new[] + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "ec2.amazonaws.com", + /// ["Service"] = "ec2.amazonaws.com", /// }, /// }, /// }, - /// ["version"] = "2012-10-17", + /// ["Version"] = "2012-10-17", /// }), /// }); /// diff --git a/sdk/dotnet/ElasticSearch/Domain.cs b/sdk/dotnet/ElasticSearch/Domain.cs index ed297f6c060..c496c6bd24d 100644 --- a/sdk/dotnet/ElasticSearch/Domain.cs +++ b/sdk/dotnet/ElasticSearch/Domain.cs @@ -277,6 +277,12 @@ namespace Pulumi.Aws.ElasticSearch /// { /// { "Domain", "TestDomain" }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// esServiceLinkedRole, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/FinSpace/KxUser.cs b/sdk/dotnet/FinSpace/KxUser.cs index 6f04c5ea3cd..848434097c4 100644 --- a/sdk/dotnet/FinSpace/KxUser.cs +++ b/sdk/dotnet/FinSpace/KxUser.cs @@ -43,17 +43,17 @@ namespace Pulumi.Aws.FinSpace /// Name = "example-role", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "ec2.amazonaws.com", + /// ["Service"] = "ec2.amazonaws.com", /// }, /// }, /// }, diff --git a/sdk/dotnet/GameLift/GameServerGroup.cs b/sdk/dotnet/GameLift/GameServerGroup.cs index 06c33aa8109..99e5352acad 100644 --- a/sdk/dotnet/GameLift/GameServerGroup.cs +++ b/sdk/dotnet/GameLift/GameServerGroup.cs @@ -44,6 +44,12 @@ namespace Pulumi.Aws.GameLift /// MaxSize = 1, /// MinSize = 1, /// RoleArn = exampleAwsIamRole.Arn, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsIamRolePolicyAttachment, + /// }, /// }); /// /// }); @@ -104,6 +110,12 @@ namespace Pulumi.Aws.GameLift /// "subnet-12345678", /// "subnet-23456789", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsIamRolePolicyAttachment, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Glue/Crawler.cs b/sdk/dotnet/Glue/Crawler.cs index c583c647d91..c022c9cb370 100644 --- a/sdk/dotnet/Glue/Crawler.cs +++ b/sdk/dotnet/Glue/Crawler.cs @@ -197,18 +197,18 @@ namespace Pulumi.Aws.Glue /// Tags = tags, /// Configuration = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["grouping"] = new Dictionary<string, object?> + /// ["Grouping"] = new Dictionary<string, object?> /// { - /// ["tableGroupingPolicy"] = "CombineCompatibleSchemas", + /// ["TableGroupingPolicy"] = "CombineCompatibleSchemas", /// }, - /// ["crawlerOutput"] = new Dictionary<string, object?> + /// ["CrawlerOutput"] = new Dictionary<string, object?> /// { - /// ["partitions"] = new Dictionary<string, object?> + /// ["Partitions"] = new Dictionary<string, object?> /// { - /// ["addOrUpdateBehavior"] = "InheritFromTable", + /// ["AddOrUpdateBehavior"] = "InheritFromTable", /// }, /// }, - /// ["version"] = 1, + /// ["Version"] = 1, /// }), /// S3Targets = new[] /// { diff --git a/sdk/dotnet/Glue/MLTransform.cs b/sdk/dotnet/Glue/MLTransform.cs index 19cb8052fd4..8f4f828b7b6 100644 --- a/sdk/dotnet/Glue/MLTransform.cs +++ b/sdk/dotnet/Glue/MLTransform.cs @@ -142,6 +142,12 @@ namespace Pulumi.Aws.Glue /// PrimaryKeyColumnName = "my_column_1", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// testAwsIamRolePolicyAttachment, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Grafana/LicenseAssociation.cs b/sdk/dotnet/Grafana/LicenseAssociation.cs index 0fa0e761571..8628e8beaab 100644 --- a/sdk/dotnet/Grafana/LicenseAssociation.cs +++ b/sdk/dotnet/Grafana/LicenseAssociation.cs @@ -31,17 +31,17 @@ namespace Pulumi.Aws.Grafana /// Name = "grafana-assume", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "grafana.amazonaws.com", + /// ["Service"] = "grafana.amazonaws.com", /// }, /// }, /// }, diff --git a/sdk/dotnet/Grafana/RoleAssociation.cs b/sdk/dotnet/Grafana/RoleAssociation.cs index b9bb7752adb..d0611f0e7ba 100644 --- a/sdk/dotnet/Grafana/RoleAssociation.cs +++ b/sdk/dotnet/Grafana/RoleAssociation.cs @@ -31,17 +31,17 @@ namespace Pulumi.Aws.Grafana /// Name = "grafana-assume", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "grafana.amazonaws.com", + /// ["Service"] = "grafana.amazonaws.com", /// }, /// }, /// }, diff --git a/sdk/dotnet/Grafana/Workspace.cs b/sdk/dotnet/Grafana/Workspace.cs index 9d578375c87..040adcf362b 100644 --- a/sdk/dotnet/Grafana/Workspace.cs +++ b/sdk/dotnet/Grafana/Workspace.cs @@ -31,17 +31,17 @@ namespace Pulumi.Aws.Grafana /// Name = "grafana-assume", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "grafana.amazonaws.com", + /// ["Service"] = "grafana.amazonaws.com", /// }, /// }, /// }, diff --git a/sdk/dotnet/Grafana/WorkspaceSamlConfiguration.cs b/sdk/dotnet/Grafana/WorkspaceSamlConfiguration.cs index 74671b8165a..a3885151627 100644 --- a/sdk/dotnet/Grafana/WorkspaceSamlConfiguration.cs +++ b/sdk/dotnet/Grafana/WorkspaceSamlConfiguration.cs @@ -31,17 +31,17 @@ namespace Pulumi.Aws.Grafana /// Name = "grafana-assume", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "grafana.amazonaws.com", + /// ["Service"] = "grafana.amazonaws.com", /// }, /// }, /// }, diff --git a/sdk/dotnet/GuardDuty/InviteAccepter.cs b/sdk/dotnet/GuardDuty/InviteAccepter.cs index 48d19abafa4..c30299e2f8c 100644 --- a/sdk/dotnet/GuardDuty/InviteAccepter.cs +++ b/sdk/dotnet/GuardDuty/InviteAccepter.cs @@ -27,12 +27,6 @@ namespace Pulumi.Aws.GuardDuty /// /// var memberDetector = new Aws.GuardDuty.Detector("member"); /// - /// var member = new Aws.GuardDuty.InviteAccepter("member", new() - /// { - /// DetectorId = memberDetector.Id, - /// MasterAccountId = primary.AccountId, - /// }); - /// /// var memberMember = new Aws.GuardDuty.Member("member", new() /// { /// AccountId = memberDetector.AccountId, @@ -41,6 +35,18 @@ namespace Pulumi.Aws.GuardDuty /// Invite = true, /// }); /// + /// var member = new Aws.GuardDuty.InviteAccepter("member", new() + /// { + /// DetectorId = memberDetector.Id, + /// MasterAccountId = primary.AccountId, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// memberMember, + /// }, + /// }); + /// /// }); /// ``` /// <!--End PulumiCodeChooser --> diff --git a/sdk/dotnet/GuardDuty/OrganizationAdminAccount.cs b/sdk/dotnet/GuardDuty/OrganizationAdminAccount.cs index 3bddb371d0e..0776547530d 100644 --- a/sdk/dotnet/GuardDuty/OrganizationAdminAccount.cs +++ b/sdk/dotnet/GuardDuty/OrganizationAdminAccount.cs @@ -37,6 +37,12 @@ namespace Pulumi.Aws.GuardDuty /// var exampleOrganizationAdminAccount = new Aws.GuardDuty.OrganizationAdminAccount("example", new() /// { /// AdminAccountId = "123456789012", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/GuardDuty/PublishingDestination.cs b/sdk/dotnet/GuardDuty/PublishingDestination.cs index 2d81cbd2d0f..74ac86022cd 100644 --- a/sdk/dotnet/GuardDuty/PublishingDestination.cs +++ b/sdk/dotnet/GuardDuty/PublishingDestination.cs @@ -168,6 +168,12 @@ namespace Pulumi.Aws.GuardDuty /// DetectorId = testGd.Id, /// DestinationArn = gdBucket.Arn, /// KmsKeyArn = gdKey.Arn, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// gdBucketPolicy, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Iam/GetPrincipalPolicySimulation.cs b/sdk/dotnet/Iam/GetPrincipalPolicySimulation.cs index f2d6e13df4f..f4ce120b389 100644 --- a/sdk/dotnet/Iam/GetPrincipalPolicySimulation.cs +++ b/sdk/dotnet/Iam/GetPrincipalPolicySimulation.cs @@ -69,6 +69,12 @@ public static class GetPrincipalPolicySimulation /// var example = new Aws.S3.BucketObject("example", new() /// { /// Bucket = "my-test-bucket", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// s3ObjectAccess, + /// }, /// }); /// /// }); @@ -107,14 +113,14 @@ public static class GetPrincipalPolicySimulation /// User = example.Name, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "s3:GetObject", - /// ["effect"] = "Allow", - /// ["resource"] = exampleBucketV2.Arn, + /// ["Action"] = "s3:GetObject", + /// ["Effect"] = "Allow", + /// ["Resource"] = exampleBucketV2.Arn, /// }, /// }, /// })), @@ -125,18 +131,18 @@ public static class GetPrincipalPolicySimulation /// Bucket = exampleBucketV2.Bucket, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "s3:*", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "s3:*", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = current.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId), /// }, - /// ["resource"] = new[] + /// ["Resource"] = new[] /// { /// exampleBucketV2.Arn, /// exampleBucketV2.Arn.Apply(arn => $"{arn}/*"), @@ -227,6 +233,12 @@ public static Task InvokeAsync(GetPrincipalP /// var example = new Aws.S3.BucketObject("example", new() /// { /// Bucket = "my-test-bucket", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// s3ObjectAccess, + /// }, /// }); /// /// }); @@ -265,14 +277,14 @@ public static Task InvokeAsync(GetPrincipalP /// User = example.Name, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "s3:GetObject", - /// ["effect"] = "Allow", - /// ["resource"] = exampleBucketV2.Arn, + /// ["Action"] = "s3:GetObject", + /// ["Effect"] = "Allow", + /// ["Resource"] = exampleBucketV2.Arn, /// }, /// }, /// })), @@ -283,18 +295,18 @@ public static Task InvokeAsync(GetPrincipalP /// Bucket = exampleBucketV2.Bucket, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "s3:*", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "s3:*", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = current.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId), /// }, - /// ["resource"] = new[] + /// ["Resource"] = new[] /// { /// exampleBucketV2.Arn, /// exampleBucketV2.Arn.Apply(arn => $"{arn}/*"), diff --git a/sdk/dotnet/Iam/GroupPolicy.cs b/sdk/dotnet/Iam/GroupPolicy.cs index 47a4b2cd993..3a4d49e452b 100644 --- a/sdk/dotnet/Iam/GroupPolicy.cs +++ b/sdk/dotnet/Iam/GroupPolicy.cs @@ -38,17 +38,17 @@ namespace Pulumi.Aws.Iam /// Group = myDevelopers.Name, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "ec2:Describe*", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = "*", + /// ["Effect"] = "Allow", + /// ["Resource"] = "*", /// }, /// }, /// }), diff --git a/sdk/dotnet/Iam/Policy.cs b/sdk/dotnet/Iam/Policy.cs index 8ad6d76442c..64e515c7a60 100644 --- a/sdk/dotnet/Iam/Policy.cs +++ b/sdk/dotnet/Iam/Policy.cs @@ -33,17 +33,17 @@ namespace Pulumi.Aws.Iam /// Description = "My test policy", /// PolicyDocument = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "ec2:Describe*", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = "*", + /// ["Effect"] = "Allow", + /// ["Resource"] = "*", /// }, /// }, /// }), diff --git a/sdk/dotnet/Iam/Role.cs b/sdk/dotnet/Iam/Role.cs index 224e5367dc6..3bab6205d0b 100644 --- a/sdk/dotnet/Iam/Role.cs +++ b/sdk/dotnet/Iam/Role.cs @@ -37,17 +37,17 @@ namespace Pulumi.Aws.Iam /// Name = "test_role", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "ec2.amazonaws.com", + /// ["Service"] = "ec2.amazonaws.com", /// }, /// }, /// }, @@ -152,17 +152,17 @@ namespace Pulumi.Aws.Iam /// Name = "my_inline_policy", /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "ec2:Describe*", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = "*", + /// ["Effect"] = "Allow", + /// ["Resource"] = "*", /// }, /// }, /// }), @@ -225,17 +225,17 @@ namespace Pulumi.Aws.Iam /// Name = "policy-618033", /// PolicyDocument = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "ec2:Describe*", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = "*", + /// ["Effect"] = "Allow", + /// ["Resource"] = "*", /// }, /// }, /// }), @@ -246,19 +246,19 @@ namespace Pulumi.Aws.Iam /// Name = "policy-381966", /// PolicyDocument = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "s3:ListAllMyBuckets", /// "s3:ListBucket", /// "s3:HeadBucket", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = "*", + /// ["Effect"] = "Allow", + /// ["Resource"] = "*", /// }, /// }, /// }), diff --git a/sdk/dotnet/Iam/RolePolicy.cs b/sdk/dotnet/Iam/RolePolicy.cs index 25e3140e24f..df867130c80 100644 --- a/sdk/dotnet/Iam/RolePolicy.cs +++ b/sdk/dotnet/Iam/RolePolicy.cs @@ -33,17 +33,17 @@ namespace Pulumi.Aws.Iam /// Name = "test_role", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "ec2.amazonaws.com", + /// ["Service"] = "ec2.amazonaws.com", /// }, /// }, /// }, @@ -56,17 +56,17 @@ namespace Pulumi.Aws.Iam /// Role = testRole.Id, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "ec2:Describe*", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = "*", + /// ["Effect"] = "Allow", + /// ["Resource"] = "*", /// }, /// }, /// }), diff --git a/sdk/dotnet/Iam/UserPolicy.cs b/sdk/dotnet/Iam/UserPolicy.cs index b83bfc5aebd..8a7a56e292f 100644 --- a/sdk/dotnet/Iam/UserPolicy.cs +++ b/sdk/dotnet/Iam/UserPolicy.cs @@ -38,17 +38,17 @@ namespace Pulumi.Aws.Iam /// User = lb.Name, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "ec2:Describe*", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = "*", + /// ["Effect"] = "Allow", + /// ["Resource"] = "*", /// }, /// }, /// }), diff --git a/sdk/dotnet/Iot/Policy.cs b/sdk/dotnet/Iot/Policy.cs index 21ea5b04136..9d02030ce9f 100644 --- a/sdk/dotnet/Iot/Policy.cs +++ b/sdk/dotnet/Iot/Policy.cs @@ -31,17 +31,17 @@ namespace Pulumi.Aws.Iot /// Name = "PubSubToAnyTopic", /// PolicyDocument = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "iot:*", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = "*", + /// ["Effect"] = "Allow", + /// ["Resource"] = "*", /// }, /// }, /// }), diff --git a/sdk/dotnet/Iot/ProvisioningTemplate.cs b/sdk/dotnet/Iot/ProvisioningTemplate.cs index b4cf2ac3a8d..d7d74e364ee 100644 --- a/sdk/dotnet/Iot/ProvisioningTemplate.cs +++ b/sdk/dotnet/Iot/ProvisioningTemplate.cs @@ -94,34 +94,34 @@ namespace Pulumi.Aws.Iot /// Enabled = true, /// TemplateBody = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["parameters"] = new Dictionary<string, object?> + /// ["Parameters"] = new Dictionary<string, object?> /// { - /// ["serialNumber"] = new Dictionary<string, object?> + /// ["SerialNumber"] = new Dictionary<string, object?> /// { - /// ["type"] = "String", + /// ["Type"] = "String", /// }, /// }, - /// ["resources"] = new Dictionary<string, object?> + /// ["Resources"] = new Dictionary<string, object?> /// { /// ["certificate"] = new Dictionary<string, object?> /// { - /// ["properties"] = new Dictionary<string, object?> + /// ["Properties"] = new Dictionary<string, object?> /// { - /// ["certificateId"] = new Dictionary<string, object?> + /// ["CertificateId"] = new Dictionary<string, object?> /// { - /// ["ref"] = "AWS::IoT::Certificate::Id", + /// ["Ref"] = "AWS::IoT::Certificate::Id", /// }, - /// ["status"] = "Active", + /// ["Status"] = "Active", /// }, - /// ["type"] = "AWS::IoT::Certificate", + /// ["Type"] = "AWS::IoT::Certificate", /// }, /// ["policy"] = new Dictionary<string, object?> /// { - /// ["properties"] = new Dictionary<string, object?> + /// ["Properties"] = new Dictionary<string, object?> /// { - /// ["policyName"] = devicePolicyPolicy.Name, + /// ["PolicyName"] = devicePolicyPolicy.Name, /// }, - /// ["type"] = "AWS::IoT::Policy", + /// ["Type"] = "AWS::IoT::Policy", /// }, /// }, /// })), diff --git a/sdk/dotnet/Kendra/DataSource.cs b/sdk/dotnet/Kendra/DataSource.cs index 3f362bf2cbe..93dfc737ee9 100644 --- a/sdk/dotnet/Kendra/DataSource.cs +++ b/sdk/dotnet/Kendra/DataSource.cs @@ -320,6 +320,12 @@ namespace Pulumi.Aws.Kendra /// }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsSecretsmanagerSecretVersion, + /// }, /// }); /// /// }); @@ -485,6 +491,12 @@ namespace Pulumi.Aws.Kendra /// }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsSecretsmanagerSecretVersion, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Kinesis/FirehoseDeliveryStream.cs b/sdk/dotnet/Kinesis/FirehoseDeliveryStream.cs index df036a053d3..ce6b90bafe8 100644 --- a/sdk/dotnet/Kinesis/FirehoseDeliveryStream.cs +++ b/sdk/dotnet/Kinesis/FirehoseDeliveryStream.cs @@ -516,6 +516,12 @@ namespace Pulumi.Aws.Kinesis /// RoleArn = firehose.Arn, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// firehose_elasticsearchRolePolicy, + /// }, /// }); /// /// }); @@ -691,6 +697,12 @@ namespace Pulumi.Aws.Kinesis /// RoleArn = firehose.Arn, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// firehose_opensearch, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Kms/KeyPolicy.cs b/sdk/dotnet/Kms/KeyPolicy.cs index 35d89d2aec6..7f14540552e 100644 --- a/sdk/dotnet/Kms/KeyPolicy.cs +++ b/sdk/dotnet/Kms/KeyPolicy.cs @@ -34,22 +34,22 @@ namespace Pulumi.Aws.Kms /// KeyId = example.Id, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["id"] = "example", - /// ["statement"] = new[] + /// ["Id"] = "example", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "kms:*", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "kms:*", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = "*", /// }, - /// ["resource"] = "*", - /// ["sid"] = "Enable IAM User Permissions", + /// ["Resource"] = "*", + /// ["Sid"] = "Enable IAM User Permissions", /// }, /// }, - /// ["version"] = "2012-10-17", + /// ["Version"] = "2012-10-17", /// }), /// }); /// diff --git a/sdk/dotnet/LB/TargetGroupAttachment.cs b/sdk/dotnet/LB/TargetGroupAttachment.cs index b38e6b033ef..e5128cd195d 100644 --- a/sdk/dotnet/LB/TargetGroupAttachment.cs +++ b/sdk/dotnet/LB/TargetGroupAttachment.cs @@ -74,6 +74,12 @@ namespace Pulumi.Aws.LB /// { /// TargetGroupArn = test.Arn, /// TargetId = testFunction.Arn, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// withLb, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Lambda/EventSourceMapping.cs b/sdk/dotnet/Lambda/EventSourceMapping.cs index 34a155819f3..309a3c2753e 100644 --- a/sdk/dotnet/Lambda/EventSourceMapping.cs +++ b/sdk/dotnet/Lambda/EventSourceMapping.cs @@ -184,7 +184,7 @@ namespace Pulumi.Aws.Lambda /// { /// ["body"] = new Dictionary<string, object?> /// { - /// ["temperature"] = new[] + /// ["Temperature"] = new[] /// { /// new Dictionary<string, object?> /// { @@ -197,7 +197,7 @@ namespace Pulumi.Aws.Lambda /// }, /// }, /// }, - /// ["location"] = new[] + /// ["Location"] = new[] /// { /// "New York", /// }, diff --git a/sdk/dotnet/Lambda/Function.cs b/sdk/dotnet/Lambda/Function.cs index 337976ddc24..a37875b4638 100644 --- a/sdk/dotnet/Lambda/Function.cs +++ b/sdk/dotnet/Lambda/Function.cs @@ -203,6 +203,17 @@ namespace Pulumi.Aws.Lambda /// }, /// }); /// + /// // Mount target connects the file system to the subnet + /// var alpha = new Aws.Efs.MountTarget("alpha", new() + /// { + /// FileSystemId = efsForLambda.Id, + /// SubnetId = subnetForLambda.Id, + /// SecurityGroups = new[] + /// { + /// sgForLambda.Id, + /// }, + /// }); + /// /// // EFS access point used by lambda file system /// var accessPointForLambda = new Aws.Efs.AccessPoint("access_point_for_lambda", new() /// { @@ -243,16 +254,11 @@ namespace Pulumi.Aws.Lambda /// sgForLambda.Id, /// }, /// }, - /// }); - /// - /// // Mount target connects the file system to the subnet - /// var alpha = new Aws.Efs.MountTarget("alpha", new() + /// }, new CustomResourceOptions /// { - /// FileSystemId = efsForLambda.Id, - /// SubnetId = subnetForLambda.Id, - /// SecurityGroups = new[] + /// DependsOn = /// { - /// sgForLambda.Id, + /// alpha, /// }, /// }); /// @@ -279,15 +285,6 @@ namespace Pulumi.Aws.Lambda /// { /// var config = new Config(); /// var lambdaFunctionName = config.Get("lambdaFunctionName") ?? "lambda_function_name"; - /// var testLambda = new Aws.Lambda.Function("test_lambda", new() - /// { - /// Name = lambdaFunctionName, - /// LoggingConfig = new Aws.Lambda.Inputs.FunctionLoggingConfigArgs - /// { - /// LogFormat = "Text", - /// }, - /// }); - /// /// // This is to optionally manage the CloudWatch Log Group for the Lambda Function. /// // If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below. /// var example = new Aws.CloudWatch.LogGroup("example", new() @@ -332,6 +329,22 @@ namespace Pulumi.Aws.Lambda /// PolicyArn = lambdaLoggingPolicy.Arn, /// }); /// + /// var testLambda = new Aws.Lambda.Function("test_lambda", new() + /// { + /// Name = lambdaFunctionName, + /// LoggingConfig = new Aws.Lambda.Inputs.FunctionLoggingConfigArgs + /// { + /// LogFormat = "Text", + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// lambdaLogs, + /// example, + /// }, + /// }); + /// /// }); /// ``` /// <!--End PulumiCodeChooser --> diff --git a/sdk/dotnet/Lambda/Permission.cs b/sdk/dotnet/Lambda/Permission.cs index e2a35be0356..10c218a4576 100644 --- a/sdk/dotnet/Lambda/Permission.cs +++ b/sdk/dotnet/Lambda/Permission.cs @@ -31,17 +31,17 @@ namespace Pulumi.Aws.Lambda /// Name = "iam_for_lambda", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "lambda.amazonaws.com", + /// ["Service"] = "lambda.amazonaws.com", /// }, /// }, /// }, @@ -101,17 +101,17 @@ namespace Pulumi.Aws.Lambda /// Name = "iam_for_lambda_with_sns", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "lambda.amazonaws.com", + /// ["Service"] = "lambda.amazonaws.com", /// }, /// }, /// }, @@ -248,6 +248,12 @@ namespace Pulumi.Aws.Lambda /// FilterPattern = "", /// LogGroup = @default.Name, /// Name = "logging_default", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// logging, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/LightSail/Distribution.cs b/sdk/dotnet/LightSail/Distribution.cs index ed023e8ffe3..af345ccc57a 100644 --- a/sdk/dotnet/LightSail/Distribution.cs +++ b/sdk/dotnet/LightSail/Distribution.cs @@ -133,6 +133,12 @@ namespace Pulumi.Aws.LightSail /// { /// Behavior = "cache", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// test, + /// }, /// }); /// /// }); @@ -206,6 +212,12 @@ namespace Pulumi.Aws.LightSail /// { /// Behavior = "cache", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// testLbAttachment, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Macie/CustomDataIdentifier.cs b/sdk/dotnet/Macie/CustomDataIdentifier.cs index 69823779c9b..b7d0598545e 100644 --- a/sdk/dotnet/Macie/CustomDataIdentifier.cs +++ b/sdk/dotnet/Macie/CustomDataIdentifier.cs @@ -39,6 +39,12 @@ namespace Pulumi.Aws.Macie /// { /// "ignore", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// test, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Macie/FindingsFilter.cs b/sdk/dotnet/Macie/FindingsFilter.cs index f349ad318c3..d69cc73d440 100644 --- a/sdk/dotnet/Macie/FindingsFilter.cs +++ b/sdk/dotnet/Macie/FindingsFilter.cs @@ -45,6 +45,12 @@ namespace Pulumi.Aws.Macie /// }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// testAwsMacie2Account, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Macie2/ClassificationExportConfiguration.cs b/sdk/dotnet/Macie2/ClassificationExportConfiguration.cs index a642c09b7bb..83c832729b0 100644 --- a/sdk/dotnet/Macie2/ClassificationExportConfiguration.cs +++ b/sdk/dotnet/Macie2/ClassificationExportConfiguration.cs @@ -33,6 +33,12 @@ namespace Pulumi.Aws.Macie2 /// KeyPrefix = "exampleprefix/", /// KmsKeyArn = exampleAwsKmsKey.Arn, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Macie2/ClassificationJob.cs b/sdk/dotnet/Macie2/ClassificationJob.cs index bc1f80a5d2f..59e71f6d51a 100644 --- a/sdk/dotnet/Macie2/ClassificationJob.cs +++ b/sdk/dotnet/Macie2/ClassificationJob.cs @@ -43,6 +43,12 @@ namespace Pulumi.Aws.Macie2 /// }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// test, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Macie2/InvitationAccepter.cs b/sdk/dotnet/Macie2/InvitationAccepter.cs index 06efc0663e0..806aeb56f21 100644 --- a/sdk/dotnet/Macie2/InvitationAccepter.cs +++ b/sdk/dotnet/Macie2/InvitationAccepter.cs @@ -33,11 +33,23 @@ namespace Pulumi.Aws.Macie2 /// Email = "EMAIL", /// Invite = true, /// InvitationMessage = "Message of the invite", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// primary, + /// }, /// }); /// /// var memberInvitationAccepter = new Aws.Macie2.InvitationAccepter("member", new() /// { /// AdministratorAccountId = "ADMINISTRATOR ACCOUNT ID", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// primaryMember, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Macie2/Member.cs b/sdk/dotnet/Macie2/Member.cs index c3800138dfb..f19b192f45b 100644 --- a/sdk/dotnet/Macie2/Member.cs +++ b/sdk/dotnet/Macie2/Member.cs @@ -32,6 +32,12 @@ namespace Pulumi.Aws.Macie2 /// Invite = true, /// InvitationMessage = "Message of the invitation", /// InvitationDisableEmailNotification = true, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Macie2/OrganizationAdminAccount.cs b/sdk/dotnet/Macie2/OrganizationAdminAccount.cs index 1aeb4b3a5e5..07318215e26 100644 --- a/sdk/dotnet/Macie2/OrganizationAdminAccount.cs +++ b/sdk/dotnet/Macie2/OrganizationAdminAccount.cs @@ -28,6 +28,12 @@ namespace Pulumi.Aws.Macie2 /// var exampleOrganizationAdminAccount = new Aws.Macie2.OrganizationAdminAccount("example", new() /// { /// AdminAccountId = "ID OF THE ADMIN ACCOUNT", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Msk/ClusterPolicy.cs b/sdk/dotnet/Msk/ClusterPolicy.cs index 7e4c661ea6c..beb87455c75 100644 --- a/sdk/dotnet/Msk/ClusterPolicy.cs +++ b/sdk/dotnet/Msk/ClusterPolicy.cs @@ -35,14 +35,14 @@ namespace Pulumi.Aws.Msk /// ClusterArn = exampleAwsMskCluster.Arn, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["sid"] = "ExampleMskClusterPolicy", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Sid"] = "ExampleMskClusterPolicy", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = Output.Tuple(currentGetPartition, current).Apply(values => /// { @@ -51,14 +51,14 @@ namespace Pulumi.Aws.Msk /// return $"arn:{currentGetPartition.Apply(getPartitionResult => getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId)}:root"; /// }), /// }, - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "kafka:Describe*", /// "kafka:Get*", /// "kafka:CreateVpcConnection", /// "kafka:GetBootstrapBrokers", /// }, - /// ["resource"] = exampleAwsMskCluster.Arn, + /// ["Resource"] = exampleAwsMskCluster.Arn, /// }, /// }, /// }), diff --git a/sdk/dotnet/Msk/ScramSecretAssociation.cs b/sdk/dotnet/Msk/ScramSecretAssociation.cs index ba71ec6b756..743299e9ade 100644 --- a/sdk/dotnet/Msk/ScramSecretAssociation.cs +++ b/sdk/dotnet/Msk/ScramSecretAssociation.cs @@ -57,6 +57,16 @@ namespace Pulumi.Aws.Msk /// KmsKeyId = exampleKey.KeyId, /// }); /// + /// var exampleSecretVersion = new Aws.SecretsManager.SecretVersion("example", new() + /// { + /// SecretId = exampleSecret.Id, + /// SecretString = JsonSerializer.Serialize(new Dictionary<string, object?> + /// { + /// ["username"] = "user", + /// ["password"] = "pass", + /// }), + /// }); + /// /// var exampleScramSecretAssociation = new Aws.Msk.ScramSecretAssociation("example", new() /// { /// ClusterArn = exampleCluster.Arn, @@ -64,16 +74,12 @@ namespace Pulumi.Aws.Msk /// { /// exampleSecret.Arn, /// }, - /// }); - /// - /// var exampleSecretVersion = new Aws.SecretsManager.SecretVersion("example", new() + /// }, new CustomResourceOptions /// { - /// SecretId = exampleSecret.Id, - /// SecretString = JsonSerializer.Serialize(new Dictionary<string, object?> + /// DependsOn = /// { - /// ["username"] = "user", - /// ["password"] = "pass", - /// }), + /// exampleSecretVersion, + /// }, /// }); /// /// var example = Aws.Iam.GetPolicyDocument.Invoke(new() diff --git a/sdk/dotnet/Neptune/GlobalCluster.cs b/sdk/dotnet/Neptune/GlobalCluster.cs index 7a603bb0e35..c20f3d4098a 100644 --- a/sdk/dotnet/Neptune/GlobalCluster.cs +++ b/sdk/dotnet/Neptune/GlobalCluster.cs @@ -70,6 +70,12 @@ namespace Pulumi.Aws.Neptune /// ClusterIdentifier = secondary.Id, /// InstanceClass = "db.r5.large", /// NeptuneSubnetGroupName = "default", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// primaryClusterInstance, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/NetworkFirewall/ResourcePolicy.cs b/sdk/dotnet/NetworkFirewall/ResourcePolicy.cs index 534e7bb2481..1ec6f3577c4 100644 --- a/sdk/dotnet/NetworkFirewall/ResourcePolicy.cs +++ b/sdk/dotnet/NetworkFirewall/ResourcePolicy.cs @@ -31,26 +31,26 @@ namespace Pulumi.Aws.NetworkFirewall /// ResourceArn = exampleAwsNetworkfirewallFirewallPolicy.Arn, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["statement"] = new[] + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "network-firewall:ListFirewallPolicies", /// "network-firewall:CreateFirewall", /// "network-firewall:UpdateFirewall", /// "network-firewall:AssociateFirewallPolicy", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = exampleAwsNetworkfirewallFirewallPolicy.Arn, - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Resource"] = exampleAwsNetworkfirewallFirewallPolicy.Arn, + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = "arn:aws:iam::123456789012:root", /// }, /// }, /// }, - /// ["version"] = "2012-10-17", + /// ["Version"] = "2012-10-17", /// }), /// }); /// @@ -75,25 +75,25 @@ namespace Pulumi.Aws.NetworkFirewall /// ResourceArn = exampleAwsNetworkfirewallRuleGroup.Arn, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["statement"] = new[] + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "network-firewall:ListRuleGroups", /// "network-firewall:CreateFirewallPolicy", /// "network-firewall:UpdateFirewallPolicy", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = exampleAwsNetworkfirewallRuleGroup.Arn, - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Resource"] = exampleAwsNetworkfirewallRuleGroup.Arn, + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = "arn:aws:iam::123456789012:root", /// }, /// }, /// }, - /// ["version"] = "2012-10-17", + /// ["Version"] = "2012-10-17", /// }), /// }); /// diff --git a/sdk/dotnet/NetworkManager/ConnectAttachment.cs b/sdk/dotnet/NetworkManager/ConnectAttachment.cs index 36cdb113f59..f373d76e89e 100644 --- a/sdk/dotnet/NetworkManager/ConnectAttachment.cs +++ b/sdk/dotnet/NetworkManager/ConnectAttachment.cs @@ -80,6 +80,12 @@ namespace Pulumi.Aws.NetworkManager /// { /// Protocol = "GRE", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// test, + /// }, /// }); /// /// var example2 = new Aws.NetworkManager.AttachmentAccepter("example2", new() diff --git a/sdk/dotnet/NetworkManager/ConnectPeer.cs b/sdk/dotnet/NetworkManager/ConnectPeer.cs index 6fe3f6bb376..4c3594a9067 100644 --- a/sdk/dotnet/NetworkManager/ConnectPeer.cs +++ b/sdk/dotnet/NetworkManager/ConnectPeer.cs @@ -94,6 +94,12 @@ namespace Pulumi.Aws.NetworkManager /// { /// Protocol = "GRE", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// test, + /// }, /// }); /// /// var example2 = new Aws.NetworkManager.AttachmentAccepter("example2", new() @@ -114,6 +120,12 @@ namespace Pulumi.Aws.NetworkManager /// { /// "172.16.0.0/16", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example2, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/NetworkManager/CustomerGatewayAssociation.cs b/sdk/dotnet/NetworkManager/CustomerGatewayAssociation.cs index 02aa7322eff..60a74dc607b 100644 --- a/sdk/dotnet/NetworkManager/CustomerGatewayAssociation.cs +++ b/sdk/dotnet/NetworkManager/CustomerGatewayAssociation.cs @@ -61,6 +61,12 @@ namespace Pulumi.Aws.NetworkManager /// { /// GlobalNetworkId = example.Id, /// TransitGatewayArn = exampleTransitGateway.Arn, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleVpnConnection, + /// }, /// }); /// /// var exampleCustomerGatewayAssociation = new Aws.NetworkManager.CustomerGatewayAssociation("example", new() @@ -68,6 +74,12 @@ namespace Pulumi.Aws.NetworkManager /// GlobalNetworkId = example.Id, /// CustomerGatewayArn = exampleCustomerGateway.Arn, /// DeviceId = exampleDevice.Id, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleTransitGatewayRegistration, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Oam/SinkPolicy.cs b/sdk/dotnet/Oam/SinkPolicy.cs index 4dd980155ce..113791b7a88 100644 --- a/sdk/dotnet/Oam/SinkPolicy.cs +++ b/sdk/dotnet/Oam/SinkPolicy.cs @@ -36,19 +36,19 @@ namespace Pulumi.Aws.Oam /// SinkIdentifier = example.Id, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "oam:CreateLink", /// "oam:UpdateLink", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = "*", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Resource"] = "*", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = new[] /// { @@ -56,7 +56,7 @@ namespace Pulumi.Aws.Oam /// "222222222222", /// }, /// }, - /// ["condition"] = new Dictionary<string, object?> + /// ["Condition"] = new Dictionary<string, object?> /// { /// ["ForAllValues:StringEquals"] = new Dictionary<string, object?> /// { diff --git a/sdk/dotnet/OpenSearch/Domain.cs b/sdk/dotnet/OpenSearch/Domain.cs index 37b7d01eff0..5c09b2dd8f6 100644 --- a/sdk/dotnet/OpenSearch/Domain.cs +++ b/sdk/dotnet/OpenSearch/Domain.cs @@ -331,6 +331,12 @@ namespace Pulumi.Aws.OpenSearch /// { /// { "Domain", "TestDomain" }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleServiceLinkedRole, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/OpenSearch/ServerlessAccessPolicy.cs b/sdk/dotnet/OpenSearch/ServerlessAccessPolicy.cs index 7a1c463f775..2dc2a35a13f 100644 --- a/sdk/dotnet/OpenSearch/ServerlessAccessPolicy.cs +++ b/sdk/dotnet/OpenSearch/ServerlessAccessPolicy.cs @@ -37,34 +37,34 @@ namespace Pulumi.Aws.OpenSearch /// { /// new Dictionary<string, object?> /// { - /// ["rules"] = new[] + /// ["Rules"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["resourceType"] = "index", - /// ["resource"] = new[] + /// ["ResourceType"] = "index", + /// ["Resource"] = new[] /// { /// "index/example-collection/*", /// }, - /// ["permission"] = new[] + /// ["Permission"] = new[] /// { /// "aoss:*", /// }, /// }, /// new Dictionary<string, object?> /// { - /// ["resourceType"] = "collection", - /// ["resource"] = new[] + /// ["ResourceType"] = "collection", + /// ["Resource"] = new[] /// { /// "collection/example-collection", /// }, - /// ["permission"] = new[] + /// ["Permission"] = new[] /// { /// "aoss:*", /// }, /// }, /// }, - /// ["principal"] = new[] + /// ["Principal"] = new[] /// { /// current.Apply(getCallerIdentityResult => getCallerIdentityResult.Arn), /// }, @@ -99,16 +99,16 @@ namespace Pulumi.Aws.OpenSearch /// { /// new Dictionary<string, object?> /// { - /// ["rules"] = new[] + /// ["Rules"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["resourceType"] = "index", - /// ["resource"] = new[] + /// ["ResourceType"] = "index", + /// ["Resource"] = new[] /// { /// "index/example-collection/*", /// }, - /// ["permission"] = new[] + /// ["Permission"] = new[] /// { /// "aoss:DescribeIndex", /// "aoss:ReadDocument", @@ -116,18 +116,18 @@ namespace Pulumi.Aws.OpenSearch /// }, /// new Dictionary<string, object?> /// { - /// ["resourceType"] = "collection", - /// ["resource"] = new[] + /// ["ResourceType"] = "collection", + /// ["Resource"] = new[] /// { /// "collection/example-collection", /// }, - /// ["permission"] = new[] + /// ["Permission"] = new[] /// { /// "aoss:DescribeCollectionItems", /// }, /// }, /// }, - /// ["principal"] = new[] + /// ["Principal"] = new[] /// { /// current.Apply(getCallerIdentityResult => getCallerIdentityResult.Arn), /// }, @@ -160,34 +160,34 @@ namespace Pulumi.Aws.OpenSearch /// { /// new Dictionary<string, object?> /// { - /// ["rules"] = new[] + /// ["Rules"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["resourceType"] = "index", - /// ["resource"] = new[] + /// ["ResourceType"] = "index", + /// ["Resource"] = new[] /// { /// "index/example-collection/*", /// }, - /// ["permission"] = new[] + /// ["Permission"] = new[] /// { /// "aoss:*", /// }, /// }, /// new Dictionary<string, object?> /// { - /// ["resourceType"] = "collection", - /// ["resource"] = new[] + /// ["ResourceType"] = "collection", + /// ["Resource"] = new[] /// { /// "collection/example-collection", /// }, - /// ["permission"] = new[] + /// ["Permission"] = new[] /// { /// "aoss:*", /// }, /// }, /// }, - /// ["principal"] = new[] + /// ["Principal"] = new[] /// { /// "saml/123456789012/myprovider/user/Annie", /// "saml/123456789012/anotherprovider/group/Accounting", diff --git a/sdk/dotnet/OpenSearch/ServerlessCollection.cs b/sdk/dotnet/OpenSearch/ServerlessCollection.cs index 3aa75868d84..c56b760942f 100644 --- a/sdk/dotnet/OpenSearch/ServerlessCollection.cs +++ b/sdk/dotnet/OpenSearch/ServerlessCollection.cs @@ -54,6 +54,12 @@ namespace Pulumi.Aws.OpenSearch /// var exampleServerlessCollection = new Aws.OpenSearch.ServerlessCollection("example", new() /// { /// Name = "example", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/OpenSearch/ServerlessSecurityPolicy.cs b/sdk/dotnet/OpenSearch/ServerlessSecurityPolicy.cs index 7858c42a02e..6e23c303da1 100644 --- a/sdk/dotnet/OpenSearch/ServerlessSecurityPolicy.cs +++ b/sdk/dotnet/OpenSearch/ServerlessSecurityPolicy.cs @@ -35,18 +35,18 @@ namespace Pulumi.Aws.OpenSearch /// Description = "encryption security policy for example-collection", /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["rules"] = new[] + /// ["Rules"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["resource"] = new[] + /// ["Resource"] = new[] /// { /// "collection/example-collection", /// }, - /// ["resourceType"] = "collection", + /// ["ResourceType"] = "collection", /// }, /// }, - /// ["aWSOwnedKey"] = true, + /// ["AWSOwnedKey"] = true, /// }), /// }); /// @@ -73,18 +73,18 @@ namespace Pulumi.Aws.OpenSearch /// Description = "encryption security policy for collections that begin with \"example\"", /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["rules"] = new[] + /// ["Rules"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["resource"] = new[] + /// ["Resource"] = new[] /// { /// "collection/example*", /// }, - /// ["resourceType"] = "collection", + /// ["ResourceType"] = "collection", /// }, /// }, - /// ["aWSOwnedKey"] = true, + /// ["AWSOwnedKey"] = true, /// }), /// }); /// @@ -111,19 +111,19 @@ namespace Pulumi.Aws.OpenSearch /// Description = "encryption security policy using customer KMS key", /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["rules"] = new[] + /// ["Rules"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["resource"] = new[] + /// ["Resource"] = new[] /// { /// "collection/customer-managed-key-collection", /// }, - /// ["resourceType"] = "collection", + /// ["ResourceType"] = "collection", /// }, /// }, - /// ["aWSOwnedKey"] = false, - /// ["kmsARN"] = "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36", + /// ["AWSOwnedKey"] = false, + /// ["KmsARN"] = "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36", /// }), /// }); /// @@ -154,27 +154,27 @@ namespace Pulumi.Aws.OpenSearch /// { /// new Dictionary<string, object?> /// { - /// ["description"] = "Public access to collection and Dashboards endpoint for example collection", - /// ["rules"] = new[] + /// ["Description"] = "Public access to collection and Dashboards endpoint for example collection", + /// ["Rules"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["resourceType"] = "collection", - /// ["resource"] = new[] + /// ["ResourceType"] = "collection", + /// ["Resource"] = new[] /// { /// "collection/example-collection", /// }, /// }, /// new Dictionary<string, object?> /// { - /// ["resourceType"] = "dashboard", - /// ["resource"] = new[] + /// ["ResourceType"] = "dashboard", + /// ["Resource"] = new[] /// { /// "collection/example-collection", /// }, /// }, /// }, - /// ["allowFromPublic"] = true, + /// ["AllowFromPublic"] = true, /// }, /// }), /// }); @@ -204,28 +204,28 @@ namespace Pulumi.Aws.OpenSearch /// { /// new Dictionary<string, object?> /// { - /// ["description"] = "VPC access to collection and Dashboards endpoint for example collection", - /// ["rules"] = new[] + /// ["Description"] = "VPC access to collection and Dashboards endpoint for example collection", + /// ["Rules"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["resourceType"] = "collection", - /// ["resource"] = new[] + /// ["ResourceType"] = "collection", + /// ["Resource"] = new[] /// { /// "collection/example-collection", /// }, /// }, /// new Dictionary<string, object?> /// { - /// ["resourceType"] = "dashboard", - /// ["resource"] = new[] + /// ["ResourceType"] = "dashboard", + /// ["Resource"] = new[] /// { /// "collection/example-collection", /// }, /// }, /// }, - /// ["allowFromPublic"] = false, - /// ["sourceVPCEs"] = new[] + /// ["AllowFromPublic"] = false, + /// ["SourceVPCEs"] = new[] /// { /// "vpce-050f79086ee71ac05", /// }, diff --git a/sdk/dotnet/OpenSearchIngest/Pipeline.cs b/sdk/dotnet/OpenSearchIngest/Pipeline.cs index f0ea9b359cd..cd0f723d23b 100644 --- a/sdk/dotnet/OpenSearchIngest/Pipeline.cs +++ b/sdk/dotnet/OpenSearchIngest/Pipeline.cs @@ -32,17 +32,17 @@ namespace Pulumi.Aws.OpenSearchIngest /// { /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "osis-pipelines.amazonaws.com", + /// ["Service"] = "osis-pipelines.amazonaws.com", /// }, /// }, /// }, diff --git a/sdk/dotnet/Pipes/Pipe.cs b/sdk/dotnet/Pipes/Pipe.cs index fa309b10c6b..2b0228d87dd 100644 --- a/sdk/dotnet/Pipes/Pipe.cs +++ b/sdk/dotnet/Pipes/Pipe.cs @@ -38,18 +38,18 @@ namespace Pulumi.Aws.Pipes /// { /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new Dictionary<string, object?> + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new Dictionary<string, object?> /// { - /// ["effect"] = "Allow", - /// ["action"] = "sts:AssumeRole", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Action"] = "sts:AssumeRole", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "pipes.amazonaws.com", + /// ["Service"] = "pipes.amazonaws.com", /// }, - /// ["condition"] = new Dictionary<string, object?> + /// ["Condition"] = new Dictionary<string, object?> /// { - /// ["stringEquals"] = new Dictionary<string, object?> + /// ["StringEquals"] = new Dictionary<string, object?> /// { /// ["aws:SourceAccount"] = main.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId), /// }, @@ -65,19 +65,19 @@ namespace Pulumi.Aws.Pipes /// Role = example.Id, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["effect"] = "Allow", - /// ["action"] = new[] + /// ["Effect"] = "Allow", + /// ["Action"] = new[] /// { /// "sqs:DeleteMessage", /// "sqs:GetQueueAttributes", /// "sqs:ReceiveMessage", /// }, - /// ["resource"] = new[] + /// ["Resource"] = new[] /// { /// sourceQueue.Arn, /// }, @@ -93,17 +93,17 @@ namespace Pulumi.Aws.Pipes /// Role = example.Id, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["effect"] = "Allow", - /// ["action"] = new[] + /// ["Effect"] = "Allow", + /// ["Action"] = new[] /// { /// "sqs:SendMessage", /// }, - /// ["resource"] = new[] + /// ["Resource"] = new[] /// { /// targetQueue.Arn, /// }, @@ -118,6 +118,13 @@ namespace Pulumi.Aws.Pipes /// RoleArn = example.Arn, /// Source = sourceQueue.Arn, /// Target = targetQueue.Arn, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// source, + /// target, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Quicksight/VpcConnection.cs b/sdk/dotnet/Quicksight/VpcConnection.cs index 63eb17fda50..7e1c7255e46 100644 --- a/sdk/dotnet/Quicksight/VpcConnection.cs +++ b/sdk/dotnet/Quicksight/VpcConnection.cs @@ -30,16 +30,16 @@ namespace Pulumi.Aws.Quicksight /// { /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["effect"] = "Allow", - /// ["action"] = "sts:AssumeRole", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Action"] = "sts:AssumeRole", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "quicksight.amazonaws.com", + /// ["Service"] = "quicksight.amazonaws.com", /// }, /// }, /// }, @@ -51,13 +51,13 @@ namespace Pulumi.Aws.Quicksight /// Name = "QuickSightVPCConnectionRolePolicy", /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["effect"] = "Allow", - /// ["action"] = new[] + /// ["Effect"] = "Allow", + /// ["Action"] = new[] /// { /// "ec2:CreateNetworkInterface", /// "ec2:ModifyNetworkInterfaceAttribute", @@ -65,7 +65,7 @@ namespace Pulumi.Aws.Quicksight /// "ec2:DescribeSubnets", /// "ec2:DescribeSecurityGroups", /// }, - /// ["resource"] = new[] + /// ["Resource"] = new[] /// { /// "*", /// }, diff --git a/sdk/dotnet/Rds/ClusterActivityStream.cs b/sdk/dotnet/Rds/ClusterActivityStream.cs index 3becc35e830..60a3dfc273e 100644 --- a/sdk/dotnet/Rds/ClusterActivityStream.cs +++ b/sdk/dotnet/Rds/ClusterActivityStream.cs @@ -65,6 +65,12 @@ namespace Pulumi.Aws.Rds /// ResourceArn = @default.Arn, /// Mode = "async", /// KmsKeyId = defaultKey.KeyId, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// defaultClusterInstance, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Rds/ExportTask.cs b/sdk/dotnet/Rds/ExportTask.cs index 4e96c2e4772..6b1a60af7eb 100644 --- a/sdk/dotnet/Rds/ExportTask.cs +++ b/sdk/dotnet/Rds/ExportTask.cs @@ -67,17 +67,17 @@ namespace Pulumi.Aws.Rds /// Name = "example", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "sts:AssumeRole", - /// ["effect"] = "Allow", - /// ["sid"] = "", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "sts:AssumeRole", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "export.rds.amazonaws.com", + /// ["Service"] = "export.rds.amazonaws.com", /// }, /// }, /// }, diff --git a/sdk/dotnet/Rds/GlobalCluster.cs b/sdk/dotnet/Rds/GlobalCluster.cs index c4530d230a0..f876356c42f 100644 --- a/sdk/dotnet/Rds/GlobalCluster.cs +++ b/sdk/dotnet/Rds/GlobalCluster.cs @@ -64,6 +64,12 @@ namespace Pulumi.Aws.Rds /// ClusterIdentifier = "test-secondary-cluster", /// GlobalClusterIdentifier = example.Id, /// DbSubnetGroupName = "default", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// primaryClusterInstance, + /// }, /// }); /// /// var secondaryClusterInstance = new Aws.Rds.ClusterInstance("secondary", new() @@ -129,6 +135,12 @@ namespace Pulumi.Aws.Rds /// GlobalClusterIdentifier = example.Id, /// SkipFinalSnapshot = true, /// DbSubnetGroupName = "default", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// primaryClusterInstance, + /// }, /// }); /// /// var secondaryClusterInstance = new Aws.Rds.ClusterInstance("secondary", new() diff --git a/sdk/dotnet/RedShift/AuthenticationProfile.cs b/sdk/dotnet/RedShift/AuthenticationProfile.cs index 03ec07be8c5..0140bf56da3 100644 --- a/sdk/dotnet/RedShift/AuthenticationProfile.cs +++ b/sdk/dotnet/RedShift/AuthenticationProfile.cs @@ -29,9 +29,9 @@ namespace Pulumi.Aws.RedShift /// AuthenticationProfileName = "example", /// AuthenticationProfileContent = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["allowDBUserOverride"] = "1", - /// ["clientID"] = "ExampleClientID", - /// ["appID"] = "example", + /// ["AllowDBUserOverride"] = "1", + /// ["Client_ID"] = "ExampleClientID", + /// ["App_ID"] = "example", /// }), /// }); /// diff --git a/sdk/dotnet/RedShift/ResourcePolicy.cs b/sdk/dotnet/RedShift/ResourcePolicy.cs index 898f40a6923..a7f994e523b 100644 --- a/sdk/dotnet/RedShift/ResourcePolicy.cs +++ b/sdk/dotnet/RedShift/ResourcePolicy.cs @@ -29,19 +29,19 @@ namespace Pulumi.Aws.RedShift /// ResourceArn = exampleAwsRedshiftCluster.ClusterNamespaceArn, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = "arn:aws:iam::12345678901:root", /// }, - /// ["action"] = "redshift:CreateInboundIntegration", - /// ["resource"] = exampleAwsRedshiftCluster.ClusterNamespaceArn, - /// ["sid"] = "", + /// ["Action"] = "redshift:CreateInboundIntegration", + /// ["Resource"] = exampleAwsRedshiftCluster.ClusterNamespaceArn, + /// ["Sid"] = "", /// }, /// }, /// }), diff --git a/sdk/dotnet/RedshiftServerless/ResourcePolicy.cs b/sdk/dotnet/RedshiftServerless/ResourcePolicy.cs index 95797b40030..392b289b398 100644 --- a/sdk/dotnet/RedshiftServerless/ResourcePolicy.cs +++ b/sdk/dotnet/RedshiftServerless/ResourcePolicy.cs @@ -29,24 +29,24 @@ namespace Pulumi.Aws.RedshiftServerless /// ResourceArn = exampleAwsRedshiftserverlessSnapshot.Arn, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = new[] /// { /// "12345678901", /// }, /// }, - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "redshift-serverless:RestoreFromSnapshot", /// }, - /// ["sid"] = "", + /// ["Sid"] = "", /// }, /// }, /// }), diff --git a/sdk/dotnet/ResourceExplorer/View.cs b/sdk/dotnet/ResourceExplorer/View.cs index 980fe37127a..5aef24aa103 100644 --- a/sdk/dotnet/ResourceExplorer/View.cs +++ b/sdk/dotnet/ResourceExplorer/View.cs @@ -42,6 +42,12 @@ namespace Pulumi.Aws.ResourceExplorer /// Name = "tags", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/RolesAnywhere/Profile.cs b/sdk/dotnet/RolesAnywhere/Profile.cs index 7ac7014f256..f28cb1751a3 100644 --- a/sdk/dotnet/RolesAnywhere/Profile.cs +++ b/sdk/dotnet/RolesAnywhere/Profile.cs @@ -30,23 +30,23 @@ namespace Pulumi.Aws.RolesAnywhere /// Path = "/", /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "sts:AssumeRole", /// "sts:TagSession", /// "sts:SetSourceIdentity", /// }, - /// ["principal"] = new Dictionary<string, object?> + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "rolesanywhere.amazonaws.com", + /// ["Service"] = "rolesanywhere.amazonaws.com", /// }, - /// ["effect"] = "Allow", - /// ["sid"] = "", + /// ["Effect"] = "Allow", + /// ["Sid"] = "", /// }, /// }, /// }), diff --git a/sdk/dotnet/RolesAnywhere/TrustAnchor.cs b/sdk/dotnet/RolesAnywhere/TrustAnchor.cs index 7bef4ab4899..0a58b2e0025 100644 --- a/sdk/dotnet/RolesAnywhere/TrustAnchor.cs +++ b/sdk/dotnet/RolesAnywhere/TrustAnchor.cs @@ -71,6 +71,12 @@ namespace Pulumi.Aws.RolesAnywhere /// }, /// SourceType = "AWS_ACM_PCA", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleCertificateAuthorityCertificate, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Route53/HostedZoneDnsSec.cs b/sdk/dotnet/Route53/HostedZoneDnsSec.cs index c9f9e93994c..c8297d4d696 100644 --- a/sdk/dotnet/Route53/HostedZoneDnsSec.cs +++ b/sdk/dotnet/Route53/HostedZoneDnsSec.cs @@ -37,38 +37,38 @@ namespace Pulumi.Aws.Route53 /// KeyUsage = "SIGN_VERIFY", /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["statement"] = new[] + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "kms:DescribeKey", /// "kms:GetPublicKey", /// "kms:Sign", /// "kms:Verify", /// }, - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "dnssec-route53.amazonaws.com", + /// ["Service"] = "dnssec-route53.amazonaws.com", /// }, - /// ["resource"] = "*", - /// ["sid"] = "Allow Route 53 DNSSEC Service", + /// ["Resource"] = "*", + /// ["Sid"] = "Allow Route 53 DNSSEC Service", /// }, /// new Dictionary<string, object?> /// { - /// ["action"] = "kms:*", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "kms:*", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = $"arn:aws:iam::{current.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId)}:root", /// }, - /// ["resource"] = "*", - /// ["sid"] = "Enable IAM User Permissions", + /// ["Resource"] = "*", + /// ["Sid"] = "Enable IAM User Permissions", /// }, /// }, - /// ["version"] = "2012-10-17", + /// ["Version"] = "2012-10-17", /// }), /// }); /// @@ -87,6 +87,12 @@ namespace Pulumi.Aws.Route53 /// var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec("example", new() /// { /// HostedZoneId = exampleKeySigningKey.HostedZoneId, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleKeySigningKey, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Route53/KeySigningKey.cs b/sdk/dotnet/Route53/KeySigningKey.cs index 2da239e510a..64cd35b4970 100644 --- a/sdk/dotnet/Route53/KeySigningKey.cs +++ b/sdk/dotnet/Route53/KeySigningKey.cs @@ -33,30 +33,30 @@ namespace Pulumi.Aws.Route53 /// KeyUsage = "SIGN_VERIFY", /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["statement"] = new[] + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "kms:DescribeKey", /// "kms:GetPublicKey", /// "kms:Sign", /// }, - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "dnssec-route53.amazonaws.com", + /// ["Service"] = "dnssec-route53.amazonaws.com", /// }, - /// ["sid"] = "Allow Route 53 DNSSEC Service", - /// ["resource"] = "*", - /// ["condition"] = new Dictionary<string, object?> + /// ["Sid"] = "Allow Route 53 DNSSEC Service", + /// ["Resource"] = "*", + /// ["Condition"] = new Dictionary<string, object?> /// { - /// ["stringEquals"] = new Dictionary<string, object?> + /// ["StringEquals"] = new Dictionary<string, object?> /// { /// ["aws:SourceAccount"] = current.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId), /// }, - /// ["arnLike"] = new Dictionary<string, object?> + /// ["ArnLike"] = new Dictionary<string, object?> /// { /// ["aws:SourceArn"] = "arn:aws:route53:::hostedzone/*", /// }, @@ -64,17 +64,17 @@ namespace Pulumi.Aws.Route53 /// }, /// new Dictionary<string, object?> /// { - /// ["action"] = "kms:CreateGrant", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "kms:CreateGrant", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "dnssec-route53.amazonaws.com", + /// ["Service"] = "dnssec-route53.amazonaws.com", /// }, - /// ["sid"] = "Allow Route 53 DNSSEC Service to CreateGrant", - /// ["resource"] = "*", - /// ["condition"] = new Dictionary<string, object?> + /// ["Sid"] = "Allow Route 53 DNSSEC Service to CreateGrant", + /// ["Resource"] = "*", + /// ["Condition"] = new Dictionary<string, object?> /// { - /// ["bool"] = new Dictionary<string, object?> + /// ["Bool"] = new Dictionary<string, object?> /// { /// ["kms:GrantIsForAWSResource"] = "true", /// }, @@ -82,17 +82,17 @@ namespace Pulumi.Aws.Route53 /// }, /// new Dictionary<string, object?> /// { - /// ["action"] = "kms:*", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "kms:*", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = $"arn:aws:iam::{current.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId)}:root", /// }, - /// ["resource"] = "*", - /// ["sid"] = "Enable IAM User Permissions", + /// ["Resource"] = "*", + /// ["Sid"] = "Enable IAM User Permissions", /// }, /// }, - /// ["version"] = "2012-10-17", + /// ["Version"] = "2012-10-17", /// }), /// }); /// @@ -111,6 +111,12 @@ namespace Pulumi.Aws.Route53 /// var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec("example", new() /// { /// HostedZoneId = exampleKeySigningKey.HostedZoneId, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleKeySigningKey, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Route53/QueryLog.cs b/sdk/dotnet/Route53/QueryLog.cs index 19df74ca0f0..e27159cdbed 100644 --- a/sdk/dotnet/Route53/QueryLog.cs +++ b/sdk/dotnet/Route53/QueryLog.cs @@ -83,6 +83,12 @@ namespace Pulumi.Aws.Route53 /// { /// CloudwatchLogGroupArn = awsRoute53ExampleCom.Arn, /// ZoneId = exampleCom.ZoneId, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// route53_query_logging_policyLogResourcePolicy, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Route53Domains/DelegationSignerRecord.cs b/sdk/dotnet/Route53Domains/DelegationSignerRecord.cs index ca14ac6ed34..1cc333f7ed2 100644 --- a/sdk/dotnet/Route53Domains/DelegationSignerRecord.cs +++ b/sdk/dotnet/Route53Domains/DelegationSignerRecord.cs @@ -35,30 +35,30 @@ namespace Pulumi.Aws.Route53Domains /// KeyUsage = "SIGN_VERIFY", /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["statement"] = new[] + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "kms:DescribeKey", /// "kms:GetPublicKey", /// "kms:Sign", /// }, - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "dnssec-route53.amazonaws.com", + /// ["Service"] = "dnssec-route53.amazonaws.com", /// }, - /// ["sid"] = "Allow Route 53 DNSSEC Service", - /// ["resource"] = "*", - /// ["condition"] = new Dictionary<string, object?> + /// ["Sid"] = "Allow Route 53 DNSSEC Service", + /// ["Resource"] = "*", + /// ["Condition"] = new Dictionary<string, object?> /// { - /// ["stringEquals"] = new Dictionary<string, object?> + /// ["StringEquals"] = new Dictionary<string, object?> /// { /// ["aws:SourceAccount"] = current.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId), /// }, - /// ["arnLike"] = new Dictionary<string, object?> + /// ["ArnLike"] = new Dictionary<string, object?> /// { /// ["aws:SourceArn"] = "arn:aws:route53:::hostedzone/*", /// }, @@ -66,17 +66,17 @@ namespace Pulumi.Aws.Route53Domains /// }, /// new Dictionary<string, object?> /// { - /// ["action"] = "kms:CreateGrant", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "kms:CreateGrant", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { - /// ["service"] = "dnssec-route53.amazonaws.com", + /// ["Service"] = "dnssec-route53.amazonaws.com", /// }, - /// ["sid"] = "Allow Route 53 DNSSEC Service to CreateGrant", - /// ["resource"] = "*", - /// ["condition"] = new Dictionary<string, object?> + /// ["Sid"] = "Allow Route 53 DNSSEC Service to CreateGrant", + /// ["Resource"] = "*", + /// ["Condition"] = new Dictionary<string, object?> /// { - /// ["bool"] = new Dictionary<string, object?> + /// ["Bool"] = new Dictionary<string, object?> /// { /// ["kms:GrantIsForAWSResource"] = "true", /// }, @@ -84,17 +84,17 @@ namespace Pulumi.Aws.Route53Domains /// }, /// new Dictionary<string, object?> /// { - /// ["action"] = "kms:*", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "kms:*", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = $"arn:aws:iam::{current.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId)}:root", /// }, - /// ["resource"] = "*", - /// ["sid"] = "Enable IAM User Permissions", + /// ["Resource"] = "*", + /// ["Sid"] = "Enable IAM User Permissions", /// }, /// }, - /// ["version"] = "2012-10-17", + /// ["Version"] = "2012-10-17", /// }), /// }); /// @@ -113,6 +113,12 @@ namespace Pulumi.Aws.Route53Domains /// var exampleHostedZoneDnsSec = new Aws.Route53.HostedZoneDnsSec("example", new() /// { /// HostedZoneId = exampleKeySigningKey.HostedZoneId, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleKeySigningKey, + /// }, /// }); /// /// var exampleDelegationSignerRecord = new Aws.Route53Domains.DelegationSignerRecord("example", new() diff --git a/sdk/dotnet/S3/BucketAclV2.cs b/sdk/dotnet/S3/BucketAclV2.cs index 2014ce5c6e5..7255fffda10 100644 --- a/sdk/dotnet/S3/BucketAclV2.cs +++ b/sdk/dotnet/S3/BucketAclV2.cs @@ -47,6 +47,12 @@ namespace Pulumi.Aws.S3 /// { /// Bucket = example.Id, /// Acl = "private", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleBucketOwnershipControls, + /// }, /// }); /// /// }); @@ -94,6 +100,13 @@ namespace Pulumi.Aws.S3 /// { /// Bucket = example.Id, /// Acl = "public-read", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleBucketOwnershipControls, + /// exampleBucketPublicAccessBlock, + /// }, /// }); /// /// }); @@ -158,6 +171,12 @@ namespace Pulumi.Aws.S3 /// Id = current.Apply(getCanonicalUserIdResult => getCanonicalUserIdResult.Id), /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleBucketOwnershipControls, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/S3/BucketLifecycleConfigurationV2.cs b/sdk/dotnet/S3/BucketLifecycleConfigurationV2.cs index 7d8e60fcab7..a196e5d0656 100644 --- a/sdk/dotnet/S3/BucketLifecycleConfigurationV2.cs +++ b/sdk/dotnet/S3/BucketLifecycleConfigurationV2.cs @@ -492,6 +492,12 @@ namespace Pulumi.Aws.S3 /// Status = "Enabled", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// versioning, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/S3/BucketNotification.cs b/sdk/dotnet/S3/BucketNotification.cs index 76e31103edf..69d6fd5363f 100644 --- a/sdk/dotnet/S3/BucketNotification.cs +++ b/sdk/dotnet/S3/BucketNotification.cs @@ -270,6 +270,12 @@ namespace Pulumi.Aws.S3 /// FilterSuffix = ".log", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// allowBucket, + /// }, /// }); /// /// }); @@ -385,6 +391,13 @@ namespace Pulumi.Aws.S3 /// FilterSuffix = ".log", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// allowBucket1, + /// allowBucket2, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/S3/BucketObject.cs b/sdk/dotnet/S3/BucketObject.cs index 088d5010023..119bb784fc2 100644 --- a/sdk/dotnet/S3/BucketObject.cs +++ b/sdk/dotnet/S3/BucketObject.cs @@ -190,6 +190,12 @@ namespace Pulumi.Aws.S3 /// ObjectLockMode = "GOVERNANCE", /// ObjectLockRetainUntilDate = "2021-12-31T23:59:60Z", /// ForceDestroy = true, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleBucketVersioningV2, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/S3/BucketObjectv2.cs b/sdk/dotnet/S3/BucketObjectv2.cs index 8ffc44a79f4..446fe833985 100644 --- a/sdk/dotnet/S3/BucketObjectv2.cs +++ b/sdk/dotnet/S3/BucketObjectv2.cs @@ -190,6 +190,12 @@ namespace Pulumi.Aws.S3 /// ObjectLockMode = "GOVERNANCE", /// ObjectLockRetainUntilDate = "2021-12-31T23:59:60Z", /// ForceDestroy = true, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleBucketVersioningV2, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/S3/BucketReplicationConfig.cs b/sdk/dotnet/S3/BucketReplicationConfig.cs index ff3de950691..1930975dd6b 100644 --- a/sdk/dotnet/S3/BucketReplicationConfig.cs +++ b/sdk/dotnet/S3/BucketReplicationConfig.cs @@ -176,6 +176,12 @@ namespace Pulumi.Aws.S3 /// }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// sourceBucketVersioningV2, + /// }, /// }); /// /// }); @@ -243,6 +249,12 @@ namespace Pulumi.Aws.S3 /// }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// eastBucketVersioningV2, + /// }, /// }); /// /// var westToEast = new Aws.S3.BucketReplicationConfig("west_to_east", new() @@ -266,6 +278,12 @@ namespace Pulumi.Aws.S3 /// }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// westBucketVersioningV2, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/S3Control/AccessGrant.cs b/sdk/dotnet/S3Control/AccessGrant.cs index 3c6f3556467..6a33417acb1 100644 --- a/sdk/dotnet/S3Control/AccessGrant.cs +++ b/sdk/dotnet/S3Control/AccessGrant.cs @@ -31,6 +31,12 @@ namespace Pulumi.Aws.S3Control /// { /// IamRoleArn = exampleAwsIamRole.Arn, /// LocationScope = $"s3://{exampleAwsS3Bucket.Bucket}/prefixA*", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// var exampleAccessGrant = new Aws.S3Control.AccessGrant("example", new() diff --git a/sdk/dotnet/S3Control/AccessGrantsLocation.cs b/sdk/dotnet/S3Control/AccessGrantsLocation.cs index cb9cc3c2a56..28ca15ba337 100644 --- a/sdk/dotnet/S3Control/AccessGrantsLocation.cs +++ b/sdk/dotnet/S3Control/AccessGrantsLocation.cs @@ -32,6 +32,12 @@ namespace Pulumi.Aws.S3Control /// { /// IamRoleArn = exampleAwsIamRole.Arn, /// LocationScope = "s3://", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/S3Control/AccessPointPolicy.cs b/sdk/dotnet/S3Control/AccessPointPolicy.cs index b4fc5a37536..973430ed6ce 100644 --- a/sdk/dotnet/S3Control/AccessPointPolicy.cs +++ b/sdk/dotnet/S3Control/AccessPointPolicy.cs @@ -49,18 +49,18 @@ namespace Pulumi.Aws.S3Control /// AccessPointArn = exampleAccessPoint.Arn, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2008-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2008-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["effect"] = "Allow", - /// ["action"] = "s3:GetObjectTagging", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Action"] = "s3:GetObjectTagging", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = "*", /// }, - /// ["resource"] = exampleAccessPoint.Arn.Apply(arn => $"{arn}/object/*"), + /// ["Resource"] = exampleAccessPoint.Arn.Apply(arn => $"{arn}/object/*"), /// }, /// }, /// })), diff --git a/sdk/dotnet/S3Control/BucketPolicy.cs b/sdk/dotnet/S3Control/BucketPolicy.cs index 44625d46ef6..c14923d1466 100644 --- a/sdk/dotnet/S3Control/BucketPolicy.cs +++ b/sdk/dotnet/S3Control/BucketPolicy.cs @@ -31,22 +31,22 @@ namespace Pulumi.Aws.S3Control /// Bucket = exampleAwsS3controlBucket.Arn, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["id"] = "testBucketPolicy", - /// ["statement"] = new[] + /// ["Id"] = "testBucketPolicy", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "s3-outposts:PutBucketLifecycleConfiguration", - /// ["effect"] = "Deny", - /// ["principal"] = new Dictionary<string, object?> + /// ["Action"] = "s3-outposts:PutBucketLifecycleConfiguration", + /// ["Effect"] = "Deny", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = "*", /// }, - /// ["resource"] = exampleAwsS3controlBucket.Arn, - /// ["sid"] = "statement1", + /// ["Resource"] = exampleAwsS3controlBucket.Arn, + /// ["Sid"] = "statement1", /// }, /// }, - /// ["version"] = "2012-10-17", + /// ["Version"] = "2012-10-17", /// }), /// }); /// diff --git a/sdk/dotnet/S3Control/ObjectLambdaAccessPointPolicy.cs b/sdk/dotnet/S3Control/ObjectLambdaAccessPointPolicy.cs index ac3aa91ffce..867cb81f762 100644 --- a/sdk/dotnet/S3Control/ObjectLambdaAccessPointPolicy.cs +++ b/sdk/dotnet/S3Control/ObjectLambdaAccessPointPolicy.cs @@ -66,18 +66,18 @@ namespace Pulumi.Aws.S3Control /// Name = exampleObjectLambdaAccessPoint.Name, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2008-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2008-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["effect"] = "Allow", - /// ["action"] = "s3-object-lambda:GetObject", - /// ["principal"] = new Dictionary<string, object?> + /// ["Effect"] = "Allow", + /// ["Action"] = "s3-object-lambda:GetObject", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = current.AccountId, /// }, - /// ["resource"] = exampleObjectLambdaAccessPoint.Arn, + /// ["Resource"] = exampleObjectLambdaAccessPoint.Arn, /// }, /// }, /// })), diff --git a/sdk/dotnet/Sagemaker/CodeRepository.cs b/sdk/dotnet/Sagemaker/CodeRepository.cs index 50fc9054cfb..61259c291a1 100644 --- a/sdk/dotnet/Sagemaker/CodeRepository.cs +++ b/sdk/dotnet/Sagemaker/CodeRepository.cs @@ -73,6 +73,12 @@ namespace Pulumi.Aws.Sagemaker /// RepositoryUrl = "https://github.com/github/docs.git", /// SecretArn = example.Arn, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleSecretVersion, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Sagemaker/Pipeline.cs b/sdk/dotnet/Sagemaker/Pipeline.cs index 729f2754eb8..3ba8447b2ec 100644 --- a/sdk/dotnet/Sagemaker/Pipeline.cs +++ b/sdk/dotnet/Sagemaker/Pipeline.cs @@ -33,16 +33,16 @@ namespace Pulumi.Aws.Sagemaker /// RoleArn = exampleAwsIamRole.Arn, /// PipelineDefinition = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2020-12-01", - /// ["steps"] = new[] + /// ["Version"] = "2020-12-01", + /// ["Steps"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["name"] = "Test", - /// ["type"] = "Fail", - /// ["arguments"] = new Dictionary<string, object?> + /// ["Name"] = "Test", + /// ["Type"] = "Fail", + /// ["Arguments"] = new Dictionary<string, object?> /// { - /// ["errorMessage"] = "test", + /// ["ErrorMessage"] = "test", /// }, /// }, /// }, diff --git a/sdk/dotnet/Scheduler/Schedule.cs b/sdk/dotnet/Scheduler/Schedule.cs index 6462afac2e3..172842fa5dd 100644 --- a/sdk/dotnet/Scheduler/Schedule.cs +++ b/sdk/dotnet/Scheduler/Schedule.cs @@ -77,8 +77,8 @@ namespace Pulumi.Aws.Scheduler /// RoleArn = exampleAwsIamRole.Arn, /// Input = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["messageBody"] = "Greetings, programs!", - /// ["queueUrl"] = example.Url, + /// ["MessageBody"] = "Greetings, programs!", + /// ["QueueUrl"] = example.Url, /// })), /// }, /// }); diff --git a/sdk/dotnet/SecurityHub/ActionTarget.cs b/sdk/dotnet/SecurityHub/ActionTarget.cs index a78d875e4cb..733d1612a32 100644 --- a/sdk/dotnet/SecurityHub/ActionTarget.cs +++ b/sdk/dotnet/SecurityHub/ActionTarget.cs @@ -30,6 +30,12 @@ namespace Pulumi.Aws.SecurityHub /// Name = "Send notification to chat", /// Identifier = "SendToChat", /// Description = "This is custom action sends selected findings to chat", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SecurityHub/ConfigurationPolicy.cs b/sdk/dotnet/SecurityHub/ConfigurationPolicy.cs index 675d9add381..6659b1fac48 100644 --- a/sdk/dotnet/SecurityHub/ConfigurationPolicy.cs +++ b/sdk/dotnet/SecurityHub/ConfigurationPolicy.cs @@ -40,6 +40,12 @@ namespace Pulumi.Aws.SecurityHub /// { /// ConfigurationType = "CENTRAL", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// var exampleConfigurationPolicy = new Aws.SecurityHub.ConfigurationPolicy("example", new() @@ -59,6 +65,12 @@ namespace Pulumi.Aws.SecurityHub /// DisabledControlIdentifiers = new() { }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleOrganizationConfiguration, + /// }, /// }); /// /// }); @@ -85,6 +97,12 @@ namespace Pulumi.Aws.SecurityHub /// ServiceEnabled = false, /// EnabledStandardArns = new() { }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); @@ -167,6 +185,12 @@ namespace Pulumi.Aws.SecurityHub /// }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SecurityHub/ConfigurationPolicyAssociation.cs b/sdk/dotnet/SecurityHub/ConfigurationPolicyAssociation.cs index fecd0c9de41..0643033a222 100644 --- a/sdk/dotnet/SecurityHub/ConfigurationPolicyAssociation.cs +++ b/sdk/dotnet/SecurityHub/ConfigurationPolicyAssociation.cs @@ -38,6 +38,12 @@ namespace Pulumi.Aws.SecurityHub /// { /// ConfigurationType = "CENTRAL", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// var exampleConfigurationPolicy = new Aws.SecurityHub.ConfigurationPolicy("example", new() @@ -57,6 +63,12 @@ namespace Pulumi.Aws.SecurityHub /// DisabledControlIdentifiers = new() { }, /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleOrganizationConfiguration, + /// }, /// }); /// /// var accountExample = new Aws.SecurityHub.ConfigurationPolicyAssociation("account_example", new() diff --git a/sdk/dotnet/SecurityHub/FindingAggregator.cs b/sdk/dotnet/SecurityHub/FindingAggregator.cs index 804eaf16da6..3626952d15d 100644 --- a/sdk/dotnet/SecurityHub/FindingAggregator.cs +++ b/sdk/dotnet/SecurityHub/FindingAggregator.cs @@ -32,6 +32,12 @@ namespace Pulumi.Aws.SecurityHub /// var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator("example", new() /// { /// LinkingMode = "ALL_REGIONS", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); @@ -61,6 +67,12 @@ namespace Pulumi.Aws.SecurityHub /// "eu-west-1", /// "eu-west-2", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); @@ -90,6 +102,12 @@ namespace Pulumi.Aws.SecurityHub /// "eu-west-1", /// "eu-west-2", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SecurityHub/Insight.cs b/sdk/dotnet/SecurityHub/Insight.cs index 785bc1e0851..5c14ce3c17c 100644 --- a/sdk/dotnet/SecurityHub/Insight.cs +++ b/sdk/dotnet/SecurityHub/Insight.cs @@ -47,6 +47,12 @@ namespace Pulumi.Aws.SecurityHub /// }, /// GroupByAttribute = "AwsAccountId", /// Name = "example-insight", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); @@ -84,6 +90,12 @@ namespace Pulumi.Aws.SecurityHub /// }, /// GroupByAttribute = "CreatedAt", /// Name = "example-insight", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); @@ -117,6 +129,12 @@ namespace Pulumi.Aws.SecurityHub /// }, /// GroupByAttribute = "NetworkDestinationIpV4", /// Name = "example-insight", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); @@ -150,6 +168,12 @@ namespace Pulumi.Aws.SecurityHub /// }, /// GroupByAttribute = "Confidence", /// Name = "example-insight", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); @@ -185,6 +209,12 @@ namespace Pulumi.Aws.SecurityHub /// }, /// GroupByAttribute = "ResourceTags", /// Name = "example-insight", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SecurityHub/InviteAccepter.cs b/sdk/dotnet/SecurityHub/InviteAccepter.cs index 845a513eda4..7b591cbdd74 100644 --- a/sdk/dotnet/SecurityHub/InviteAccepter.cs +++ b/sdk/dotnet/SecurityHub/InviteAccepter.cs @@ -39,6 +39,12 @@ namespace Pulumi.Aws.SecurityHub /// var inviteeInviteAccepter = new Aws.SecurityHub.InviteAccepter("invitee", new() /// { /// MasterId = exampleMember.MasterId, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// invitee, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SecurityHub/Member.cs b/sdk/dotnet/SecurityHub/Member.cs index 3de517288ea..ed2bef11b78 100644 --- a/sdk/dotnet/SecurityHub/Member.cs +++ b/sdk/dotnet/SecurityHub/Member.cs @@ -30,6 +30,12 @@ namespace Pulumi.Aws.SecurityHub /// AccountId = "123456789012", /// Email = "example@example.com", /// Invite = true, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SecurityHub/OrganizationAdminAccount.cs b/sdk/dotnet/SecurityHub/OrganizationAdminAccount.cs index 0b392a56f50..26d7c8369a9 100644 --- a/sdk/dotnet/SecurityHub/OrganizationAdminAccount.cs +++ b/sdk/dotnet/SecurityHub/OrganizationAdminAccount.cs @@ -37,6 +37,12 @@ namespace Pulumi.Aws.SecurityHub /// var exampleOrganizationAdminAccount = new Aws.SecurityHub.OrganizationAdminAccount("example", new() /// { /// AdminAccountId = "123456789012", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// // Auto enable security hub in organization member accounts diff --git a/sdk/dotnet/SecurityHub/OrganizationConfiguration.cs b/sdk/dotnet/SecurityHub/OrganizationConfiguration.cs index 214e0a66335..c8d4a3e565e 100644 --- a/sdk/dotnet/SecurityHub/OrganizationConfiguration.cs +++ b/sdk/dotnet/SecurityHub/OrganizationConfiguration.cs @@ -45,6 +45,12 @@ namespace Pulumi.Aws.SecurityHub /// var exampleOrganizationAdminAccount = new Aws.SecurityHub.OrganizationAdminAccount("example", new() /// { /// AdminAccountId = "123456789012", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration("example", new() @@ -70,11 +76,23 @@ namespace Pulumi.Aws.SecurityHub /// var example = new Aws.SecurityHub.OrganizationAdminAccount("example", new() /// { /// AdminAccountId = "123456789012", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsOrganizationsOrganization, + /// }, /// }); /// /// var exampleFindingAggregator = new Aws.SecurityHub.FindingAggregator("example", new() /// { /// LinkingMode = "ALL_REGIONS", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// var exampleOrganizationConfiguration = new Aws.SecurityHub.OrganizationConfiguration("example", new() @@ -85,6 +103,12 @@ namespace Pulumi.Aws.SecurityHub /// { /// ConfigurationType = "CENTRAL", /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleFindingAggregator, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SecurityHub/ProductSubscription.cs b/sdk/dotnet/SecurityHub/ProductSubscription.cs index a7a46243be8..84568ef52d4 100644 --- a/sdk/dotnet/SecurityHub/ProductSubscription.cs +++ b/sdk/dotnet/SecurityHub/ProductSubscription.cs @@ -30,6 +30,12 @@ namespace Pulumi.Aws.SecurityHub /// var exampleProductSubscription = new Aws.SecurityHub.ProductSubscription("example", new() /// { /// ProductArn = $"arn:aws:securityhub:{current.Apply(getRegionResult => getRegionResult.Name)}:733251395267:product/alertlogic/althreatmanagement", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SecurityHub/StandardsControl.cs b/sdk/dotnet/SecurityHub/StandardsControl.cs index a3b38283c91..8f68024fa37 100644 --- a/sdk/dotnet/SecurityHub/StandardsControl.cs +++ b/sdk/dotnet/SecurityHub/StandardsControl.cs @@ -32,6 +32,12 @@ namespace Pulumi.Aws.SecurityHub /// var cisAwsFoundationsBenchmark = new Aws.SecurityHub.StandardsSubscription("cis_aws_foundations_benchmark", new() /// { /// StandardsArn = "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// var ensureIamPasswordPolicyPreventsPasswordReuse = new Aws.SecurityHub.StandardsControl("ensure_iam_password_policy_prevents_password_reuse", new() @@ -39,6 +45,12 @@ namespace Pulumi.Aws.SecurityHub /// StandardsControlArn = "arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10", /// ControlStatus = "DISABLED", /// DisabledReason = "We handle password policies within Okta", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// cisAwsFoundationsBenchmark, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SecurityHub/StandardsSubscription.cs b/sdk/dotnet/SecurityHub/StandardsSubscription.cs index ecaa646ff5e..153e43d2c45 100644 --- a/sdk/dotnet/SecurityHub/StandardsSubscription.cs +++ b/sdk/dotnet/SecurityHub/StandardsSubscription.cs @@ -30,11 +30,23 @@ namespace Pulumi.Aws.SecurityHub /// var cis = new Aws.SecurityHub.StandardsSubscription("cis", new() /// { /// StandardsArn = "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// var pci321 = new Aws.SecurityHub.StandardsSubscription("pci_321", new() /// { /// StandardsArn = $"arn:aws:securityhub:{current.Apply(getRegionResult => getRegionResult.Name)}::standards/pci-dss/v/3.2.1", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// example, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Ses/DomainIdentityVerification.cs b/sdk/dotnet/Ses/DomainIdentityVerification.cs index 698dc798579..0160587670c 100644 --- a/sdk/dotnet/Ses/DomainIdentityVerification.cs +++ b/sdk/dotnet/Ses/DomainIdentityVerification.cs @@ -49,6 +49,12 @@ namespace Pulumi.Aws.Ses /// var exampleVerification = new Aws.Ses.DomainIdentityVerification("example_verification", new() /// { /// Domain = example.Id, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAmazonsesVerificationRecord, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Shield/DrtAccessRoleArnAssociation.cs b/sdk/dotnet/Shield/DrtAccessRoleArnAssociation.cs index 96b4f90632d..c40d92a4ab7 100644 --- a/sdk/dotnet/Shield/DrtAccessRoleArnAssociation.cs +++ b/sdk/dotnet/Shield/DrtAccessRoleArnAssociation.cs @@ -32,8 +32,8 @@ namespace Pulumi.Aws.Shield /// Name = awsShieldDrtAccessRoleArn, /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { diff --git a/sdk/dotnet/Shield/ProactiveEngagement.cs b/sdk/dotnet/Shield/ProactiveEngagement.cs index ecfba9cafdc..4c006685b97 100644 --- a/sdk/dotnet/Shield/ProactiveEngagement.cs +++ b/sdk/dotnet/Shield/ProactiveEngagement.cs @@ -32,8 +32,8 @@ namespace Pulumi.Aws.Shield /// Name = awsShieldDrtAccessRoleArn, /// AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { @@ -85,6 +85,12 @@ namespace Pulumi.Aws.Shield /// PhoneNumber = "+12358132134", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// testAwsShieldDrtAccessRoleArnAssociation, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Shield/ProtectionGroup.cs b/sdk/dotnet/Shield/ProtectionGroup.cs index 39856726ac8..3ce631b094e 100644 --- a/sdk/dotnet/Shield/ProtectionGroup.cs +++ b/sdk/dotnet/Shield/ProtectionGroup.cs @@ -85,6 +85,12 @@ namespace Pulumi.Aws.Shield /// return $"arn:aws:ec2:{current.Apply(getRegionResult => getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId)}:eip-allocation/{id}"; /// }), /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleProtection, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Ssm/Activation.cs b/sdk/dotnet/Ssm/Activation.cs index 38637025ab8..ac22203dd87 100644 --- a/sdk/dotnet/Ssm/Activation.cs +++ b/sdk/dotnet/Ssm/Activation.cs @@ -67,6 +67,12 @@ namespace Pulumi.Aws.Ssm /// Description = "Test", /// IamRole = testRole.Id, /// RegistrationLimit = 5, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// testAttach, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Ssm/ContactsRotation.cs b/sdk/dotnet/Ssm/ContactsRotation.cs index 85df52f7305..f08dad5da3f 100644 --- a/sdk/dotnet/Ssm/ContactsRotation.cs +++ b/sdk/dotnet/Ssm/ContactsRotation.cs @@ -44,6 +44,12 @@ namespace Pulumi.Aws.Ssm /// }, /// }, /// TimeZoneId = "Australia/Sydney", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsSsmincidentsReplicationSet, + /// }, /// }); /// /// }); @@ -124,6 +130,12 @@ namespace Pulumi.Aws.Ssm /// { "key1", "tag1" }, /// { "key2", "tag2" }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsSsmincidentsReplicationSet, + /// }, /// }); /// /// }); @@ -175,6 +187,12 @@ namespace Pulumi.Aws.Ssm /// }, /// }, /// TimeZoneId = "Australia/Sydney", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsSsmincidentsReplicationSet, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SsmContacts/Contact.cs b/sdk/dotnet/SsmContacts/Contact.cs index 95101484106..337c48728e5 100644 --- a/sdk/dotnet/SsmContacts/Contact.cs +++ b/sdk/dotnet/SsmContacts/Contact.cs @@ -29,6 +29,12 @@ namespace Pulumi.Aws.SsmContacts /// { /// Alias = "alias", /// Type = "PERSONAL", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsSsmincidentsReplicationSet, + /// }, /// }); /// /// }); @@ -55,6 +61,12 @@ namespace Pulumi.Aws.SsmContacts /// { /// { "key", "value" }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsSsmincidentsReplicationSet, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/SsmIncidents/ResponsePlan.cs b/sdk/dotnet/SsmIncidents/ResponsePlan.cs index 9ff17343c94..34bcb6a0719 100644 --- a/sdk/dotnet/SsmIncidents/ResponsePlan.cs +++ b/sdk/dotnet/SsmIncidents/ResponsePlan.cs @@ -37,6 +37,12 @@ namespace Pulumi.Aws.SsmIncidents /// { /// { "key", "value" }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsSsmincidentsReplicationSet, + /// }, /// }); /// /// }); @@ -142,6 +148,12 @@ namespace Pulumi.Aws.SsmIncidents /// { /// { "key", "value" }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// exampleAwsSsmincidentsReplicationSet, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/StorageGateway/FileSystemAssociation.cs b/sdk/dotnet/StorageGateway/FileSystemAssociation.cs index 70ed2159798..7db2795c1bd 100644 --- a/sdk/dotnet/StorageGateway/FileSystemAssociation.cs +++ b/sdk/dotnet/StorageGateway/FileSystemAssociation.cs @@ -64,6 +64,13 @@ namespace Pulumi.Aws.StorageGateway /// testAwsSecurityGroup.Id, /// }, /// SubnetId = testAwsSubnet[0].Id, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// testAwsRoute, + /// testAwsVpcDhcpOptionsAssociation, + /// }, /// }); /// /// var testGateway = new Aws.StorageGateway.Gateway("test", new() diff --git a/sdk/dotnet/Transcribe/LanguageModel.cs b/sdk/dotnet/Transcribe/LanguageModel.cs index 12fc090e281..dd4e6c07f6d 100644 --- a/sdk/dotnet/Transcribe/LanguageModel.cs +++ b/sdk/dotnet/Transcribe/LanguageModel.cs @@ -65,18 +65,18 @@ namespace Pulumi.Aws.Transcribe /// Role = exampleRole.Id, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "s3:GetObject", /// "s3:ListBucket", /// }, - /// ["effect"] = "Allow", - /// ["resource"] = new[] + /// ["Effect"] = "Allow", + /// ["Resource"] = new[] /// { /// "*", /// }, diff --git a/sdk/dotnet/Transcribe/MedicalVocabulary.cs b/sdk/dotnet/Transcribe/MedicalVocabulary.cs index 5a124c221d1..45ac6704720 100644 --- a/sdk/dotnet/Transcribe/MedicalVocabulary.cs +++ b/sdk/dotnet/Transcribe/MedicalVocabulary.cs @@ -53,6 +53,12 @@ namespace Pulumi.Aws.Transcribe /// { "tag1", "value1" }, /// { "tag2", "value3" }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// @object, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Transcribe/Vocabulary.cs b/sdk/dotnet/Transcribe/Vocabulary.cs index 9ec5e08f5f4..242f12b1735 100644 --- a/sdk/dotnet/Transcribe/Vocabulary.cs +++ b/sdk/dotnet/Transcribe/Vocabulary.cs @@ -53,6 +53,12 @@ namespace Pulumi.Aws.Transcribe /// { "tag1", "value1" }, /// { "tag2", "value3" }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// @object, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/VpcLattice/AuthPolicy.cs b/sdk/dotnet/VpcLattice/AuthPolicy.cs index c2622d17cd0..babe2b5ff93 100644 --- a/sdk/dotnet/VpcLattice/AuthPolicy.cs +++ b/sdk/dotnet/VpcLattice/AuthPolicy.cs @@ -38,18 +38,18 @@ namespace Pulumi.Aws.VpcLattice /// ResourceIdentifier = example.Arn, /// Policy = JsonSerializer.Serialize(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["action"] = "*", - /// ["effect"] = "Allow", - /// ["principal"] = "*", - /// ["resource"] = "*", - /// ["condition"] = new Dictionary<string, object?> + /// ["Action"] = "*", + /// ["Effect"] = "Allow", + /// ["Principal"] = "*", + /// ["Resource"] = "*", + /// ["Condition"] = new Dictionary<string, object?> /// { - /// ["stringNotEqualsIgnoreCase"] = new Dictionary<string, object?> + /// ["StringNotEqualsIgnoreCase"] = new Dictionary<string, object?> /// { /// ["aws:PrincipalType"] = "anonymous", /// }, diff --git a/sdk/dotnet/VpcLattice/ResourcePolicy.cs b/sdk/dotnet/VpcLattice/ResourcePolicy.cs index 4dc30294460..c5267dcde01 100644 --- a/sdk/dotnet/VpcLattice/ResourcePolicy.cs +++ b/sdk/dotnet/VpcLattice/ResourcePolicy.cs @@ -40,14 +40,14 @@ namespace Pulumi.Aws.VpcLattice /// ResourceArn = example.Arn, /// Policy = Output.JsonSerialize(Output.Create(new Dictionary<string, object?> /// { - /// ["version"] = "2012-10-17", - /// ["statement"] = new[] + /// ["Version"] = "2012-10-17", + /// ["Statement"] = new[] /// { /// new Dictionary<string, object?> /// { - /// ["sid"] = "test-pol-principals-6", - /// ["effect"] = "Allow", - /// ["principal"] = new Dictionary<string, object?> + /// ["Sid"] = "test-pol-principals-6", + /// ["Effect"] = "Allow", + /// ["Principal"] = new Dictionary<string, object?> /// { /// ["AWS"] = Output.Tuple(currentGetPartition, current).Apply(values => /// { @@ -56,13 +56,13 @@ namespace Pulumi.Aws.VpcLattice /// return $"arn:{currentGetPartition.Apply(getPartitionResult => getPartitionResult.Partition)}:iam::{current.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId)}:root"; /// }), /// }, - /// ["action"] = new[] + /// ["Action"] = new[] /// { /// "vpc-lattice:CreateServiceNetworkVpcAssociation", /// "vpc-lattice:CreateServiceNetworkServiceAssociation", /// "vpc-lattice:GetServiceNetwork", /// }, - /// ["resource"] = example.Arn, + /// ["Resource"] = example.Arn, /// }, /// }, /// })), diff --git a/sdk/dotnet/Waf/RateBasedRule.cs b/sdk/dotnet/Waf/RateBasedRule.cs index f360613e614..4b458f8a3e7 100644 --- a/sdk/dotnet/Waf/RateBasedRule.cs +++ b/sdk/dotnet/Waf/RateBasedRule.cs @@ -51,6 +51,12 @@ namespace Pulumi.Aws.Waf /// Type = "IPMatch", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// ipset, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Waf/Rule.cs b/sdk/dotnet/Waf/Rule.cs index 0286f361a15..9f722d2de94 100644 --- a/sdk/dotnet/Waf/Rule.cs +++ b/sdk/dotnet/Waf/Rule.cs @@ -49,6 +49,12 @@ namespace Pulumi.Aws.Waf /// Type = "IPMatch", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// ipset, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Waf/WebAcl.cs b/sdk/dotnet/Waf/WebAcl.cs index d825bc1817c..23972a968be 100644 --- a/sdk/dotnet/Waf/WebAcl.cs +++ b/sdk/dotnet/Waf/WebAcl.cs @@ -51,6 +51,12 @@ namespace Pulumi.Aws.Waf /// Type = "IPMatch", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// ipset, + /// }, /// }); /// /// var wafAcl = new Aws.Waf.WebAcl("waf_acl", new() @@ -74,6 +80,13 @@ namespace Pulumi.Aws.Waf /// Type = "REGULAR", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// ipset, + /// wafrule, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/WafRegional/RateBasedRule.cs b/sdk/dotnet/WafRegional/RateBasedRule.cs index fff4b5bca40..718fa16782e 100644 --- a/sdk/dotnet/WafRegional/RateBasedRule.cs +++ b/sdk/dotnet/WafRegional/RateBasedRule.cs @@ -51,6 +51,12 @@ namespace Pulumi.Aws.WafRegional /// Type = "IPMatch", /// }, /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// ipset, + /// }, /// }); /// /// }); diff --git a/sdk/dotnet/Workspaces/Directory.cs b/sdk/dotnet/Workspaces/Directory.cs index 8d5c8384f9b..9cabc6ca5f4 100644 --- a/sdk/dotnet/Workspaces/Directory.cs +++ b/sdk/dotnet/Workspaces/Directory.cs @@ -60,6 +60,49 @@ namespace Pulumi.Aws.Workspaces /// }, /// }); /// + /// var workspaces = Aws.Iam.GetPolicyDocument.Invoke(new() + /// { + /// Statements = new[] + /// { + /// new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs + /// { + /// Actions = new[] + /// { + /// "sts:AssumeRole", + /// }, + /// Principals = new[] + /// { + /// new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs + /// { + /// Type = "Service", + /// Identifiers = new[] + /// { + /// "workspaces.amazonaws.com", + /// }, + /// }, + /// }, + /// }, + /// }, + /// }); + /// + /// var workspacesDefault = new Aws.Iam.Role("workspaces_default", new() + /// { + /// Name = "workspaces_DefaultRole", + /// AssumeRolePolicy = workspaces.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json), + /// }); + /// + /// var workspacesDefaultServiceAccess = new Aws.Iam.RolePolicyAttachment("workspaces_default_service_access", new() + /// { + /// Role = workspacesDefault.Name, + /// PolicyArn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess", + /// }); + /// + /// var workspacesDefaultSelfServiceAccess = new Aws.Iam.RolePolicyAttachment("workspaces_default_self_service_access", new() + /// { + /// Role = workspacesDefault.Name, + /// PolicyArn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess", + /// }); + /// /// var exampleC = new Aws.Ec2.Subnet("example_c", new() /// { /// VpcId = exampleVpc.Id, @@ -113,51 +156,15 @@ namespace Pulumi.Aws.Workspaces /// EnableMaintenanceMode = true, /// UserEnabledAsLocalAdministrator = true, /// }, - /// }); - /// - /// var workspaces = Aws.Iam.GetPolicyDocument.Invoke(new() + /// }, new CustomResourceOptions /// { - /// Statements = new[] + /// DependsOn = /// { - /// new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs - /// { - /// Actions = new[] - /// { - /// "sts:AssumeRole", - /// }, - /// Principals = new[] - /// { - /// new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs - /// { - /// Type = "Service", - /// Identifiers = new[] - /// { - /// "workspaces.amazonaws.com", - /// }, - /// }, - /// }, - /// }, + /// workspacesDefaultServiceAccess, + /// workspacesDefaultSelfServiceAccess, /// }, /// }); /// - /// var workspacesDefault = new Aws.Iam.Role("workspaces_default", new() - /// { - /// Name = "workspaces_DefaultRole", - /// AssumeRolePolicy = workspaces.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json), - /// }); - /// - /// var workspacesDefaultServiceAccess = new Aws.Iam.RolePolicyAttachment("workspaces_default_service_access", new() - /// { - /// Role = workspacesDefault.Name, - /// PolicyArn = "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess", - /// }); - /// - /// var workspacesDefaultSelfServiceAccess = new Aws.Iam.RolePolicyAttachment("workspaces_default_self_service_access", new() - /// { - /// Role = workspacesDefault.Name, - /// PolicyArn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess", - /// }); - /// /// }); /// ``` /// <!--End PulumiCodeChooser --> diff --git a/sdk/go/aws/accessanalyzer/analyzer.go b/sdk/go/aws/accessanalyzer/analyzer.go index 3196ff56b7c..ab466c620a3 100644 --- a/sdk/go/aws/accessanalyzer/analyzer.go +++ b/sdk/go/aws/accessanalyzer/analyzer.go @@ -60,7 +60,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ +// example, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ // AwsServiceAccessPrincipals: pulumi.StringArray{ // pulumi.String("access-analyzer.amazonaws.com"), // }, @@ -71,7 +71,9 @@ import ( // _, err = accessanalyzer.NewAnalyzer(ctx, "example", &accessanalyzer.AnalyzerArgs{ // AnalyzerName: pulumi.String("example"), // Type: pulumi.String("ORGANIZATION"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/acmpca/certificateAuthority.go b/sdk/go/aws/acmpca/certificateAuthority.go index 9490cec03ad..55e33b4ec7e 100644 --- a/sdk/go/aws/acmpca/certificateAuthority.go +++ b/sdk/go/aws/acmpca/certificateAuthority.go @@ -140,7 +140,7 @@ import ( // }, // }, // }, nil) -// _, err = s3.NewBucketPolicy(ctx, "example", &s3.BucketPolicyArgs{ +// exampleBucketPolicy, err := s3.NewBucketPolicy(ctx, "example", &s3.BucketPolicyArgs{ // Bucket: example.ID(), // Policy: acmpcaBucketAccess.ApplyT(func(acmpcaBucketAccess iam.GetPolicyDocumentResult) (*string, error) { // return &acmpcaBucketAccess.Json, nil @@ -166,7 +166,9 @@ import ( // S3ObjectAcl: pulumi.String("BUCKET_OWNER_FULL_CONTROL"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleBucketPolicy, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/alb/targetGroupAttachment.go b/sdk/go/aws/alb/targetGroupAttachment.go index 8634fdff55c..7ea90694674 100644 --- a/sdk/go/aws/alb/targetGroupAttachment.go +++ b/sdk/go/aws/alb/targetGroupAttachment.go @@ -84,7 +84,7 @@ import ( // if err != nil { // return err // } -// _, err = lambda.NewPermission(ctx, "with_lb", &lambda.PermissionArgs{ +// withLb, err := lambda.NewPermission(ctx, "with_lb", &lambda.PermissionArgs{ // StatementId: pulumi.String("AllowExecutionFromlb"), // Action: pulumi.String("lambda:InvokeFunction"), // Function: testFunction.Name, @@ -97,7 +97,9 @@ import ( // _, err = lb.NewTargetGroupAttachment(ctx, "test", &lb.TargetGroupAttachmentArgs{ // TargetGroupArn: test.Arn, // TargetId: testFunction.Arn, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// withLb, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/apigateway/documentationVersion.go b/sdk/go/aws/apigateway/documentationVersion.go index 6be74798924..04a05dea695 100644 --- a/sdk/go/aws/apigateway/documentationVersion.go +++ b/sdk/go/aws/apigateway/documentationVersion.go @@ -35,15 +35,7 @@ import ( // if err != nil { // return err // } -// _, err = apigateway.NewDocumentationVersion(ctx, "example", &apigateway.DocumentationVersionArgs{ -// Version: pulumi.String("example_version"), -// RestApiId: exampleRestApi.ID(), -// Description: pulumi.String("Example description"), -// }) -// if err != nil { -// return err -// } -// _, err = apigateway.NewDocumentationPart(ctx, "example", &apigateway.DocumentationPartArgs{ +// exampleDocumentationPart, err := apigateway.NewDocumentationPart(ctx, "example", &apigateway.DocumentationPartArgs{ // Location: &apigateway.DocumentationPartLocationArgs{ // Type: pulumi.String("API"), // }, @@ -53,6 +45,16 @@ import ( // if err != nil { // return err // } +// _, err = apigateway.NewDocumentationVersion(ctx, "example", &apigateway.DocumentationVersionArgs{ +// Version: pulumi.String("example_version"), +// RestApiId: exampleRestApi.ID(), +// Description: pulumi.String("Example description"), +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleDocumentationPart, +// })) +// if err != nil { +// return err +// } // return nil // }) // } diff --git a/sdk/go/aws/apigateway/methodResponse.go b/sdk/go/aws/apigateway/methodResponse.go index df4166b5d45..3ed88e503fe 100644 --- a/sdk/go/aws/apigateway/methodResponse.go +++ b/sdk/go/aws/apigateway/methodResponse.go @@ -135,7 +135,7 @@ import ( // "title": "MyDemoResponse", // "type": "object", // "properties": map[string]interface{}{ -// "message": map[string]interface{}{ +// "Message": map[string]interface{}{ // "type": "string", // }, // }, diff --git a/sdk/go/aws/apigateway/stage.go b/sdk/go/aws/apigateway/stage.go index 10aa3b93370..13bd573f90b 100644 --- a/sdk/go/aws/apigateway/stage.go +++ b/sdk/go/aws/apigateway/stage.go @@ -140,13 +140,7 @@ import ( // if err != nil { // return err // } -// _, err = apigateway.NewStage(ctx, "example", &apigateway.StageArgs{ -// StageName: pulumi.String(stageName), -// }) -// if err != nil { -// return err -// } -// _, err = cloudwatch.NewLogGroup(ctx, "example", &cloudwatch.LogGroupArgs{ +// exampleLogGroup, err := cloudwatch.NewLogGroup(ctx, "example", &cloudwatch.LogGroupArgs{ // Name: example.ID().ApplyT(func(id string) (string, error) { // return fmt.Sprintf("API-Gateway-Execution-Logs_%v/%v", id, stageName), nil // }).(pulumi.StringOutput), @@ -155,6 +149,14 @@ import ( // if err != nil { // return err // } +// _, err = apigateway.NewStage(ctx, "example", &apigateway.StageArgs{ +// StageName: pulumi.String(stageName), +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleLogGroup, +// })) +// if err != nil { +// return err +// } // return nil // }) // } diff --git a/sdk/go/aws/appflow/connectorProfile.go b/sdk/go/aws/appflow/connectorProfile.go index 88d6239230c..4c6d87907dd 100644 --- a/sdk/go/aws/appflow/connectorProfile.go +++ b/sdk/go/aws/appflow/connectorProfile.go @@ -46,14 +46,14 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "ec2.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "ec2.amazonaws.com", // }, // }, // }, diff --git a/sdk/go/aws/applicationinsights/application.go b/sdk/go/aws/applicationinsights/application.go index fb011005707..28a5c5e7c3f 100644 --- a/sdk/go/aws/applicationinsights/application.go +++ b/sdk/go/aws/applicationinsights/application.go @@ -33,13 +33,13 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "resourceTypeFilters": []string{ +// "ResourceTypeFilters": []string{ // "AWS::EC2::Instance", // }, -// "tagFilters": []map[string]interface{}{ +// "TagFilters": []map[string]interface{}{ // map[string]interface{}{ -// "key": "Stage", -// "values": []string{ +// "Key": "Stage", +// "Values": []string{ // "Test", // }, // }, diff --git a/sdk/go/aws/batch/computeEnvironment.go b/sdk/go/aws/batch/computeEnvironment.go index d3810c5cfad..c3a107ae979 100644 --- a/sdk/go/aws/batch/computeEnvironment.go +++ b/sdk/go/aws/batch/computeEnvironment.go @@ -109,7 +109,7 @@ import ( // if err != nil { // return err // } -// _, err = iam.NewRolePolicyAttachment(ctx, "aws_batch_service_role", &iam.RolePolicyAttachmentArgs{ +// awsBatchServiceRoleRolePolicyAttachment, err := iam.NewRolePolicyAttachment(ctx, "aws_batch_service_role", &iam.RolePolicyAttachmentArgs{ // Role: awsBatchServiceRole.Name, // PolicyArn: pulumi.String("arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole"), // }) @@ -172,7 +172,9 @@ import ( // }, // ServiceRole: awsBatchServiceRole.Arn, // Type: pulumi.String("MANAGED"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// awsBatchServiceRoleRolePolicyAttachment, +// })) // if err != nil { // return err // } @@ -210,9 +212,11 @@ import ( // }, // Type: pulumi.String("FARGATE"), // }, -// ServiceRole: pulumi.Any(awsBatchServiceRole.Arn), +// ServiceRole: pulumi.Any(awsBatchServiceRoleAwsIamRole.Arn), // Type: pulumi.String("MANAGED"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// awsBatchServiceRole, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/cfg/configurationAggregator.go b/sdk/go/aws/cfg/configurationAggregator.go index 9ca7a369189..23620ba991a 100644 --- a/sdk/go/aws/cfg/configurationAggregator.go +++ b/sdk/go/aws/cfg/configurationAggregator.go @@ -95,20 +95,22 @@ import ( // if err != nil { // return err // } +// organizationRolePolicyAttachment, err := iam.NewRolePolicyAttachment(ctx, "organization", &iam.RolePolicyAttachmentArgs{ +// Role: organizationRole.Name, +// PolicyArn: pulumi.String("arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations"), +// }) +// if err != nil { +// return err +// } // _, err = cfg.NewConfigurationAggregator(ctx, "organization", &cfg.ConfigurationAggregatorArgs{ // Name: pulumi.String("example"), // OrganizationAggregationSource: &cfg.ConfigurationAggregatorOrganizationAggregationSourceArgs{ // AllRegions: pulumi.Bool(true), // RoleArn: organizationRole.Arn, // }, -// }) -// if err != nil { -// return err -// } -// _, err = iam.NewRolePolicyAttachment(ctx, "organization", &iam.RolePolicyAttachmentArgs{ -// Role: organizationRole.Name, -// PolicyArn: pulumi.String("arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// organizationRolePolicyAttachment, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/cfg/conformancePack.go b/sdk/go/aws/cfg/conformancePack.go index 411233026e9..46df66b5b4e 100644 --- a/sdk/go/aws/cfg/conformancePack.go +++ b/sdk/go/aws/cfg/conformancePack.go @@ -61,7 +61,9 @@ import ( // // `), // -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsConfigConfigurationRecorder, +// })) // if err != nil { // return err // } @@ -121,7 +123,9 @@ import ( // key := _args[1].(string) // return fmt.Sprintf("s3://%v/%v", bucket, key), nil // }).(pulumi.StringOutput), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsConfigConfigurationRecorder, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/cfg/deliveryChannel.go b/sdk/go/aws/cfg/deliveryChannel.go index 3d6234db468..cba914bbcb0 100644 --- a/sdk/go/aws/cfg/deliveryChannel.go +++ b/sdk/go/aws/cfg/deliveryChannel.go @@ -42,13 +42,6 @@ import ( // if err != nil { // return err // } -// _, err = cfg.NewDeliveryChannel(ctx, "foo", &cfg.DeliveryChannelArgs{ -// Name: pulumi.String("example"), -// S3BucketName: b.Bucket, -// }) -// if err != nil { -// return err -// } // assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ // Statements: []iam.GetPolicyDocumentStatement{ // { @@ -77,13 +70,22 @@ import ( // if err != nil { // return err // } -// _, err = cfg.NewRecorder(ctx, "foo", &cfg.RecorderArgs{ +// fooRecorder, err := cfg.NewRecorder(ctx, "foo", &cfg.RecorderArgs{ // Name: pulumi.String("example"), // RoleArn: r.Arn, // }) // if err != nil { // return err // } +// _, err = cfg.NewDeliveryChannel(ctx, "foo", &cfg.DeliveryChannelArgs{ +// Name: pulumi.String("example"), +// S3BucketName: b.Bucket, +// }, pulumi.DependsOn([]pulumi.Resource{ +// fooRecorder, +// })) +// if err != nil { +// return err +// } // p := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{ // Statements: iam.GetPolicyDocumentStatementArray{ // &iam.GetPolicyDocumentStatementArgs{ diff --git a/sdk/go/aws/cfg/organizationConformancePack.go b/sdk/go/aws/cfg/organizationConformancePack.go index da8bc32669d..822f46c12d9 100644 --- a/sdk/go/aws/cfg/organizationConformancePack.go +++ b/sdk/go/aws/cfg/organizationConformancePack.go @@ -33,7 +33,16 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := cfg.NewOrganizationConformancePack(ctx, "example", &cfg.OrganizationConformancePackArgs{ +// exampleOrganization, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ +// AwsServiceAccessPrincipals: pulumi.StringArray{ +// pulumi.String("config-multiaccountsetup.amazonaws.com"), +// }, +// FeatureSet: pulumi.String("ALL"), +// }) +// if err != nil { +// return err +// } +// _, err = cfg.NewOrganizationConformancePack(ctx, "example", &cfg.OrganizationConformancePackArgs{ // Name: pulumi.String("example"), // InputParameters: cfg.OrganizationConformancePackInputParameterArray{ // &cfg.OrganizationConformancePackInputParameterArgs{ @@ -57,16 +66,10 @@ import ( // // `), // -// }) -// if err != nil { -// return err -// } -// _, err = organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ -// AwsServiceAccessPrincipals: pulumi.StringArray{ -// pulumi.String("config-multiaccountsetup.amazonaws.com"), -// }, -// FeatureSet: pulumi.String("ALL"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsConfigConfigurationRecorder, +// exampleOrganization, +// })) // if err != nil { // return err // } @@ -96,6 +99,15 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { +// exampleOrganization, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ +// AwsServiceAccessPrincipals: pulumi.StringArray{ +// pulumi.String("config-multiaccountsetup.amazonaws.com"), +// }, +// FeatureSet: pulumi.String("ALL"), +// }) +// if err != nil { +// return err +// } // exampleBucketV2, err := s3.NewBucketV2(ctx, "example", &s3.BucketV2Args{ // Bucket: pulumi.String("example"), // }) @@ -127,16 +139,10 @@ import ( // key := _args[1].(string) // return fmt.Sprintf("s3://%v/%v", bucket, key), nil // }).(pulumi.StringOutput), -// }) -// if err != nil { -// return err -// } -// _, err = organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ -// AwsServiceAccessPrincipals: pulumi.StringArray{ -// pulumi.String("config-multiaccountsetup.amazonaws.com"), -// }, -// FeatureSet: pulumi.String("ALL"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsConfigConfigurationRecorder, +// exampleOrganization, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/cfg/organizationCustomRule.go b/sdk/go/aws/cfg/organizationCustomRule.go index 717e7c044ec..8e06c876e4c 100644 --- a/sdk/go/aws/cfg/organizationCustomRule.go +++ b/sdk/go/aws/cfg/organizationCustomRule.go @@ -35,7 +35,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := lambda.NewPermission(ctx, "example", &lambda.PermissionArgs{ +// example, err := lambda.NewPermission(ctx, "example", &lambda.PermissionArgs{ // Action: pulumi.String("lambda:InvokeFunction"), // Function: pulumi.Any(exampleAwsLambdaFunction.Arn), // Principal: pulumi.String("config.amazonaws.com"), @@ -44,7 +44,7 @@ import ( // if err != nil { // return err // } -// _, err = organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ +// exampleOrganization, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ // AwsServiceAccessPrincipals: pulumi.StringArray{ // pulumi.String("config-multiaccountsetup.amazonaws.com"), // }, @@ -59,7 +59,10 @@ import ( // TriggerTypes: pulumi.StringArray{ // pulumi.String("ConfigurationItemChangeNotification"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// exampleOrganization, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/cfg/organizationManagedRule.go b/sdk/go/aws/cfg/organizationManagedRule.go index d3f06377166..6cdf9e3defe 100644 --- a/sdk/go/aws/cfg/organizationManagedRule.go +++ b/sdk/go/aws/cfg/organizationManagedRule.go @@ -34,7 +34,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ +// example, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ // AwsServiceAccessPrincipals: pulumi.StringArray{ // pulumi.String("config-multiaccountsetup.amazonaws.com"), // }, @@ -46,7 +46,9 @@ import ( // _, err = cfg.NewOrganizationManagedRule(ctx, "example", &cfg.OrganizationManagedRuleArgs{ // Name: pulumi.String("example"), // RuleIdentifier: pulumi.String("IAM_PASSWORD_POLICY"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/cfg/recorderStatus.go b/sdk/go/aws/cfg/recorderStatus.go index a655b77b46c..14ac73a4907 100644 --- a/sdk/go/aws/cfg/recorderStatus.go +++ b/sdk/go/aws/cfg/recorderStatus.go @@ -35,6 +35,19 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { +// b, err := s3.NewBucketV2(ctx, "b", &s3.BucketV2Args{ +// Bucket: pulumi.String("awsconfig-example"), +// }) +// if err != nil { +// return err +// } +// fooDeliveryChannel, err := cfg.NewDeliveryChannel(ctx, "foo", &cfg.DeliveryChannelArgs{ +// Name: pulumi.String("example"), +// S3BucketName: b.Bucket, +// }) +// if err != nil { +// return err +// } // assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ // Statements: []iam.GetPolicyDocumentStatement{ // { @@ -73,7 +86,9 @@ import ( // _, err = cfg.NewRecorderStatus(ctx, "foo", &cfg.RecorderStatusArgs{ // Name: fooRecorder.Name, // IsEnabled: pulumi.Bool(true), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// fooDeliveryChannel, +// })) // if err != nil { // return err // } @@ -84,19 +99,6 @@ import ( // if err != nil { // return err // } -// b, err := s3.NewBucketV2(ctx, "b", &s3.BucketV2Args{ -// Bucket: pulumi.String("awsconfig-example"), -// }) -// if err != nil { -// return err -// } -// _, err = cfg.NewDeliveryChannel(ctx, "foo", &cfg.DeliveryChannelArgs{ -// Name: pulumi.String("example"), -// S3BucketName: b.Bucket, -// }) -// if err != nil { -// return err -// } // p := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{ // Statements: iam.GetPolicyDocumentStatementArray{ // &iam.GetPolicyDocumentStatementArgs{ diff --git a/sdk/go/aws/cfg/rule.go b/sdk/go/aws/cfg/rule.go index c54202c1dd8..b3b55daabf3 100644 --- a/sdk/go/aws/cfg/rule.go +++ b/sdk/go/aws/cfg/rule.go @@ -36,16 +36,6 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := cfg.NewRule(ctx, "r", &cfg.RuleArgs{ -// Name: pulumi.String("example"), -// Source: &cfg.RuleSourceArgs{ -// Owner: pulumi.String("AWS"), -// SourceIdentifier: pulumi.String("S3_BUCKET_VERSIONING_ENABLED"), -// }, -// }) -// if err != nil { -// return err -// } // assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ // Statements: []iam.GetPolicyDocumentStatement{ // { @@ -74,13 +64,25 @@ import ( // if err != nil { // return err // } -// _, err = cfg.NewRecorder(ctx, "foo", &cfg.RecorderArgs{ +// foo, err := cfg.NewRecorder(ctx, "foo", &cfg.RecorderArgs{ // Name: pulumi.String("example"), // RoleArn: rRole.Arn, // }) // if err != nil { // return err // } +// _, err = cfg.NewRule(ctx, "r", &cfg.RuleArgs{ +// Name: pulumi.String("example"), +// Source: &cfg.RuleSourceArgs{ +// Owner: pulumi.String("AWS"), +// SourceIdentifier: pulumi.String("S3_BUCKET_VERSIONING_ENABLED"), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// foo, +// })) +// if err != nil { +// return err +// } // p, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ // Statements: []iam.GetPolicyDocumentStatement{ // { @@ -130,7 +132,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := cfg.NewRecorder(ctx, "example", nil) +// example, err := cfg.NewRecorder(ctx, "example", nil) // if err != nil { // return err // } @@ -138,7 +140,7 @@ import ( // if err != nil { // return err // } -// _, err = lambda.NewPermission(ctx, "example", &lambda.PermissionArgs{ +// examplePermission, err := lambda.NewPermission(ctx, "example", &lambda.PermissionArgs{ // Action: pulumi.String("lambda:InvokeFunction"), // Function: exampleFunction.Arn, // Principal: pulumi.String("config.amazonaws.com"), @@ -152,7 +154,10 @@ import ( // Owner: pulumi.String("CUSTOM_LAMBDA"), // SourceIdentifier: exampleFunction.Arn, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// examplePermission, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/chime/voiceConnectorTerminationCredentials.go b/sdk/go/aws/chime/voiceConnectorTerminationCredentials.go index d66a690de22..fd505b471a2 100644 --- a/sdk/go/aws/chime/voiceConnectorTerminationCredentials.go +++ b/sdk/go/aws/chime/voiceConnectorTerminationCredentials.go @@ -38,7 +38,7 @@ import ( // if err != nil { // return err // } -// _, err = chime.NewVoiceConnectorTermination(ctx, "default", &chime.VoiceConnectorTerminationArgs{ +// defaultVoiceConnectorTermination, err := chime.NewVoiceConnectorTermination(ctx, "default", &chime.VoiceConnectorTerminationArgs{ // Disabled: pulumi.Bool(true), // CpsLimit: pulumi.Int(1), // CidrAllowLists: pulumi.StringArray{ @@ -61,7 +61,9 @@ import ( // Password: pulumi.String("test!"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// defaultVoiceConnectorTermination, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/cloudcontrol/resource.go b/sdk/go/aws/cloudcontrol/resource.go index c24caa4e01b..b7fca20af23 100644 --- a/sdk/go/aws/cloudcontrol/resource.go +++ b/sdk/go/aws/cloudcontrol/resource.go @@ -32,11 +32,11 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "clusterName": "example", -// "tags": []map[string]interface{}{ +// "ClusterName": "example", +// "Tags": []map[string]interface{}{ // map[string]interface{}{ -// "key": "CostCenter", -// "value": "IT", +// "Key": "CostCenter", +// "Value": "IT", // }, // }, // }) diff --git a/sdk/go/aws/cloudformation/stack.go b/sdk/go/aws/cloudformation/stack.go index fbf51f521d6..e30a3c728a2 100644 --- a/sdk/go/aws/cloudformation/stack.go +++ b/sdk/go/aws/cloudformation/stack.go @@ -31,24 +31,24 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "parameters": map[string]interface{}{ -// "vPCCidr": map[string]interface{}{ -// "type": "String", -// "default": "10.0.0.0/16", -// "description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", +// "Parameters": map[string]interface{}{ +// "VPCCidr": map[string]interface{}{ +// "Type": "String", +// "Default": "10.0.0.0/16", +// "Description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", // }, // }, -// "resources": map[string]interface{}{ +// "Resources": map[string]interface{}{ // "myVpc": map[string]interface{}{ -// "type": "AWS::EC2::VPC", -// "properties": map[string]interface{}{ -// "cidrBlock": map[string]interface{}{ +// "Type": "AWS::EC2::VPC", +// "Properties": map[string]interface{}{ +// "CidrBlock": map[string]interface{}{ // "Ref": "VPCCidr", // }, -// "tags": []map[string]interface{}{ +// "Tags": []map[string]interface{}{ // map[string]interface{}{ -// "key": "Name", -// "value": "Primary_CF_VPC", +// "Key": "Name", +// "Value": "Primary_CF_VPC", // }, // }, // }, diff --git a/sdk/go/aws/cloudformation/stackSet.go b/sdk/go/aws/cloudformation/stackSet.go index 300b46b69c8..22b71f9a17f 100644 --- a/sdk/go/aws/cloudformation/stackSet.go +++ b/sdk/go/aws/cloudformation/stackSet.go @@ -65,24 +65,24 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "parameters": map[string]interface{}{ -// "vPCCidr": map[string]interface{}{ -// "type": "String", -// "default": "10.0.0.0/16", -// "description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", +// "Parameters": map[string]interface{}{ +// "VPCCidr": map[string]interface{}{ +// "Type": "String", +// "Default": "10.0.0.0/16", +// "Description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", // }, // }, -// "resources": map[string]interface{}{ +// "Resources": map[string]interface{}{ // "myVpc": map[string]interface{}{ -// "type": "AWS::EC2::VPC", -// "properties": map[string]interface{}{ -// "cidrBlock": map[string]interface{}{ -// "ref": "VPCCidr", +// "Type": "AWS::EC2::VPC", +// "Properties": map[string]interface{}{ +// "CidrBlock": map[string]interface{}{ +// "Ref": "VPCCidr", // }, -// "tags": []map[string]interface{}{ +// "Tags": []map[string]interface{}{ // map[string]interface{}{ -// "key": "Name", -// "value": "Primary_CF_VPC", +// "Key": "Name", +// "Value": "Primary_CF_VPC", // }, // }, // }, diff --git a/sdk/go/aws/cloudfront/realtimeLogConfig.go b/sdk/go/aws/cloudfront/realtimeLogConfig.go index cc73820e158..634f9ff14fc 100644 --- a/sdk/go/aws/cloudfront/realtimeLogConfig.go +++ b/sdk/go/aws/cloudfront/realtimeLogConfig.go @@ -76,7 +76,7 @@ import ( // if err != nil { // return err // } -// _, err = iam.NewRolePolicy(ctx, "example", &iam.RolePolicyArgs{ +// exampleRolePolicy, err := iam.NewRolePolicy(ctx, "example", &iam.RolePolicyArgs{ // Name: pulumi.String("cloudfront-realtime-log-config-example"), // Role: exampleRole.ID(), // Policy: pulumi.String(example.Json), @@ -98,7 +98,9 @@ import ( // StreamArn: pulumi.Any(exampleAwsKinesisStream.Arn), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleRolePolicy, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/cloudtrail/trail.go b/sdk/go/aws/cloudtrail/trail.go index 0e53d3c4fff..7e48a70160d 100644 --- a/sdk/go/aws/cloudtrail/trail.go +++ b/sdk/go/aws/cloudtrail/trail.go @@ -50,15 +50,6 @@ import ( // if err != nil { // return err // } -// _, err = cloudtrail.NewTrail(ctx, "example", &cloudtrail.TrailArgs{ -// Name: pulumi.String("example"), -// S3BucketName: exampleBucketV2.ID(), -// S3KeyPrefix: pulumi.String("prefix"), -// IncludeGlobalServiceEvents: pulumi.Bool(false), -// }) -// if err != nil { -// return err -// } // current, err := aws.GetCallerIdentity(ctx, nil, nil) // if err != nil { // return err @@ -138,7 +129,7 @@ import ( // }, // }, // }, nil) -// _, err = s3.NewBucketPolicy(ctx, "example", &s3.BucketPolicyArgs{ +// exampleBucketPolicy, err := s3.NewBucketPolicy(ctx, "example", &s3.BucketPolicyArgs{ // Bucket: exampleBucketV2.ID(), // Policy: example.ApplyT(func(example iam.GetPolicyDocumentResult) (*string, error) { // return &example.Json, nil @@ -147,6 +138,17 @@ import ( // if err != nil { // return err // } +// _, err = cloudtrail.NewTrail(ctx, "example", &cloudtrail.TrailArgs{ +// Name: pulumi.String("example"), +// S3BucketName: exampleBucketV2.ID(), +// S3KeyPrefix: pulumi.String("prefix"), +// IncludeGlobalServiceEvents: pulumi.Bool(false), +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleBucketPolicy, +// })) +// if err != nil { +// return err +// } // return nil // }) // } diff --git a/sdk/go/aws/cloudwatch/logDataProtectionPolicy.go b/sdk/go/aws/cloudwatch/logDataProtectionPolicy.go index 521a6f78554..ac754f2d8d1 100644 --- a/sdk/go/aws/cloudwatch/logDataProtectionPolicy.go +++ b/sdk/go/aws/cloudwatch/logDataProtectionPolicy.go @@ -51,32 +51,32 @@ import ( // PolicyDocument: exampleBucketV2.Bucket.ApplyT(func(bucket string) (pulumi.String, error) { // var _zero pulumi.String // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "name": "Example", -// "version": "2021-06-01", -// "statement": []interface{}{ +// "Name": "Example", +// "Version": "2021-06-01", +// "Statement": []interface{}{ // map[string]interface{}{ -// "sid": "Audit", -// "dataIdentifier": []string{ +// "Sid": "Audit", +// "DataIdentifier": []string{ // "arn:aws:dataprotection::aws:data-identifier/EmailAddress", // }, -// "operation": map[string]interface{}{ -// "audit": map[string]interface{}{ -// "findingsDestination": map[string]interface{}{ +// "Operation": map[string]interface{}{ +// "Audit": map[string]interface{}{ +// "FindingsDestination": map[string]interface{}{ // "S3": map[string]interface{}{ -// "bucket": bucket, +// "Bucket": bucket, // }, // }, // }, // }, // }, // map[string]interface{}{ -// "sid": "Redact", -// "dataIdentifier": []string{ +// "Sid": "Redact", +// "DataIdentifier": []string{ // "arn:aws:dataprotection::aws:data-identifier/EmailAddress", // }, -// "operation": map[string]interface{}{ -// "deidentify": map[string]interface{}{ -// "maskConfig": nil, +// "Operation": map[string]interface{}{ +// "Deidentify": map[string]interface{}{ +// "MaskConfig": nil, // }, // }, // }, diff --git a/sdk/go/aws/codebuild/resourcePolicy.go b/sdk/go/aws/codebuild/resourcePolicy.go index 02beb7e01c0..b44e31ab409 100644 --- a/sdk/go/aws/codebuild/resourcePolicy.go +++ b/sdk/go/aws/codebuild/resourcePolicy.go @@ -56,22 +56,22 @@ import ( // Policy: example.Arn.ApplyT(func(arn string) (pulumi.String, error) { // var _zero pulumi.String // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "id": "default", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Id": "default", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "sid": "default", -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Sid": "default", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": fmt.Sprintf("arn:%v:iam::%v:root", current.Partition, currentGetCallerIdentity.AccountId), // }, -// "action": []string{ +// "Action": []string{ // "codebuild:BatchGetReportGroups", // "codebuild:BatchGetReports", // "codebuild:ListReportsForReportGroup", // "codebuild:DescribeTestCases", // }, -// "resource": arn, +// "Resource": arn, // }, // }, // }) diff --git a/sdk/go/aws/codecommit/approvalRuleTemplate.go b/sdk/go/aws/codecommit/approvalRuleTemplate.go index 2f1eaa98e26..397ad6cf05c 100644 --- a/sdk/go/aws/codecommit/approvalRuleTemplate.go +++ b/sdk/go/aws/codecommit/approvalRuleTemplate.go @@ -32,15 +32,15 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2018-11-08", -// "destinationReferences": []string{ +// "Version": "2018-11-08", +// "DestinationReferences": []string{ // "refs/heads/master", // }, -// "statements": []map[string]interface{}{ +// "Statements": []map[string]interface{}{ // map[string]interface{}{ -// "type": "Approvers", -// "numberOfApprovalsNeeded": 2, -// "approvalPoolMembers": []string{ +// "Type": "Approvers", +// "NumberOfApprovalsNeeded": 2, +// "ApprovalPoolMembers": []string{ // "arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*", // }, // }, diff --git a/sdk/go/aws/cognito/managedUserPoolClient.go b/sdk/go/aws/cognito/managedUserPoolClient.go index fed6256148d..dfefb8c15be 100644 --- a/sdk/go/aws/cognito/managedUserPoolClient.go +++ b/sdk/go/aws/cognito/managedUserPoolClient.go @@ -46,13 +46,6 @@ import ( // if err != nil { // return err // } -// _, err = cognito.NewManagedUserPoolClient(ctx, "example", &cognito.ManagedUserPoolClientArgs{ -// NamePrefix: pulumi.String("AmazonOpenSearchService-example"), -// UserPoolId: exampleUserPool.ID(), -// }) -// if err != nil { -// return err -// } // exampleIdentityPool, err := cognito.NewIdentityPool(ctx, "example", &cognito.IdentityPoolArgs{ // IdentityPoolName: pulumi.String("example"), // }) @@ -93,7 +86,14 @@ import ( // if err != nil { // return err // } -// _, err = opensearch.NewDomain(ctx, "example", &opensearch.DomainArgs{ +// exampleRolePolicyAttachment, err := iam.NewRolePolicyAttachment(ctx, "example", &iam.RolePolicyAttachmentArgs{ +// Role: exampleRole.Name, +// PolicyArn: pulumi.String(fmt.Sprintf("arn:%v:iam::aws:policy/AmazonESCognitoAccess", current.Partition)), +// }) +// if err != nil { +// return err +// } +// exampleDomain, err := opensearch.NewDomain(ctx, "example", &opensearch.DomainArgs{ // DomainName: pulumi.String("example"), // CognitoOptions: &opensearch.DomainCognitoOptionsArgs{ // Enabled: pulumi.Bool(true), @@ -105,14 +105,19 @@ import ( // EbsEnabled: pulumi.Bool(true), // VolumeSize: pulumi.Int(10), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsCognitoUserPoolDomain, +// exampleRolePolicyAttachment, +// })) // if err != nil { // return err // } -// _, err = iam.NewRolePolicyAttachment(ctx, "example", &iam.RolePolicyAttachmentArgs{ -// Role: exampleRole.Name, -// PolicyArn: pulumi.String(fmt.Sprintf("arn:%v:iam::aws:policy/AmazonESCognitoAccess", current.Partition)), -// }) +// _, err = cognito.NewManagedUserPoolClient(ctx, "example", &cognito.ManagedUserPoolClientArgs{ +// NamePrefix: pulumi.String("AmazonOpenSearchService-example"), +// UserPoolId: exampleUserPool.ID(), +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleDomain, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/comprehend/documentClassifier.go b/sdk/go/aws/comprehend/documentClassifier.go index ba40f394c91..a95a4490b65 100644 --- a/sdk/go/aws/comprehend/documentClassifier.go +++ b/sdk/go/aws/comprehend/documentClassifier.go @@ -47,7 +47,9 @@ import ( // return fmt.Sprintf("s3://%v/%v", test.Bucket, id), nil // }).(pulumi.StringOutput), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsIamRolePolicy, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/comprehend/entityRecognizer.go b/sdk/go/aws/comprehend/entityRecognizer.go index fd068a8c370..adf639939b4 100644 --- a/sdk/go/aws/comprehend/entityRecognizer.go +++ b/sdk/go/aws/comprehend/entityRecognizer.go @@ -66,7 +66,9 @@ import ( // }).(pulumi.StringOutput), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsIamRolePolicy, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/connect/contactFlow.go b/sdk/go/aws/connect/contactFlow.go index 7cea132571d..6179eaf4ccb 100644 --- a/sdk/go/aws/connect/contactFlow.go +++ b/sdk/go/aws/connect/contactFlow.go @@ -41,26 +41,26 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2019-10-30", -// "startAction": "12345678-1234-1234-1234-123456789012", -// "actions": []interface{}{ +// "Version": "2019-10-30", +// "StartAction": "12345678-1234-1234-1234-123456789012", +// "Actions": []interface{}{ // map[string]interface{}{ -// "identifier": "12345678-1234-1234-1234-123456789012", -// "type": "MessageParticipant", -// "transitions": map[string]interface{}{ -// "nextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", -// "errors": []interface{}{}, -// "conditions": []interface{}{}, +// "Identifier": "12345678-1234-1234-1234-123456789012", +// "Type": "MessageParticipant", +// "Transitions": map[string]interface{}{ +// "NextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", +// "Errors": []interface{}{}, +// "Conditions": []interface{}{}, // }, -// "parameters": map[string]interface{}{ -// "text": "Thanks for calling the sample flow!", +// "Parameters": map[string]interface{}{ +// "Text": "Thanks for calling the sample flow!", // }, // }, // map[string]interface{}{ -// "identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", -// "type": "DisconnectParticipant", -// "transitions": nil, -// "parameters": nil, +// "Identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", +// "Type": "DisconnectParticipant", +// "Transitions": nil, +// "Parameters": nil, // }, // }, // }) diff --git a/sdk/go/aws/connect/contactFlowModule.go b/sdk/go/aws/connect/contactFlowModule.go index 92d7bd112a2..f5cdabf9946 100644 --- a/sdk/go/aws/connect/contactFlowModule.go +++ b/sdk/go/aws/connect/contactFlowModule.go @@ -41,41 +41,41 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2019-10-30", -// "startAction": "12345678-1234-1234-1234-123456789012", -// "actions": []interface{}{ +// "Version": "2019-10-30", +// "StartAction": "12345678-1234-1234-1234-123456789012", +// "Actions": []interface{}{ // map[string]interface{}{ -// "identifier": "12345678-1234-1234-1234-123456789012", -// "parameters": map[string]interface{}{ -// "text": "Hello contact flow module", +// "Identifier": "12345678-1234-1234-1234-123456789012", +// "Parameters": map[string]interface{}{ +// "Text": "Hello contact flow module", // }, -// "transitions": map[string]interface{}{ -// "nextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", -// "errors": []interface{}{}, -// "conditions": []interface{}{}, +// "Transitions": map[string]interface{}{ +// "NextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", +// "Errors": []interface{}{}, +// "Conditions": []interface{}{}, // }, -// "type": "MessageParticipant", +// "Type": "MessageParticipant", // }, // map[string]interface{}{ -// "identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", -// "type": "DisconnectParticipant", -// "parameters": nil, -// "transitions": nil, +// "Identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", +// "Type": "DisconnectParticipant", +// "Parameters": nil, +// "Transitions": nil, // }, // }, -// "settings": map[string]interface{}{ -// "inputParameters": []interface{}{}, -// "outputParameters": []interface{}{}, -// "transitions": []map[string]interface{}{ +// "Settings": map[string]interface{}{ +// "InputParameters": []interface{}{}, +// "OutputParameters": []interface{}{}, +// "Transitions": []map[string]interface{}{ // map[string]interface{}{ -// "displayName": "Success", -// "referenceName": "Success", -// "description": "", +// "DisplayName": "Success", +// "ReferenceName": "Success", +// "Description": "", // }, // map[string]interface{}{ -// "displayName": "Error", -// "referenceName": "Error", -// "description": "", +// "DisplayName": "Error", +// "ReferenceName": "Error", +// "Description": "", // }, // }, // }, diff --git a/sdk/go/aws/costexplorer/anomalyMonitor.go b/sdk/go/aws/costexplorer/anomalyMonitor.go index 84e100008dd..284e49a8b3c 100644 --- a/sdk/go/aws/costexplorer/anomalyMonitor.go +++ b/sdk/go/aws/costexplorer/anomalyMonitor.go @@ -66,15 +66,15 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "and": nil, -// "costCategories": nil, -// "dimensions": nil, -// "not": nil, -// "or": nil, -// "tags": map[string]interface{}{ -// "key": "CostCenter", -// "matchOptions": nil, -// "values": []string{ +// "And": nil, +// "CostCategories": nil, +// "Dimensions": nil, +// "Not": nil, +// "Or": nil, +// "Tags": map[string]interface{}{ +// "Key": "CostCenter", +// "MatchOptions": nil, +// "Values": []string{ // "10000", // }, // }, diff --git a/sdk/go/aws/costexplorer/anomalySubscription.go b/sdk/go/aws/costexplorer/anomalySubscription.go index 37c215ff1f6..6a4ed45efa2 100644 --- a/sdk/go/aws/costexplorer/anomalySubscription.go +++ b/sdk/go/aws/costexplorer/anomalySubscription.go @@ -290,7 +290,9 @@ import ( // Address: costAnomalyUpdates.Arn, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// _default, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/customerprofiles/domain.go b/sdk/go/aws/customerprofiles/domain.go index dd7091cc43a..2b74966b00c 100644 --- a/sdk/go/aws/customerprofiles/domain.go +++ b/sdk/go/aws/customerprofiles/domain.go @@ -66,17 +66,17 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "sid": "Customer Profiles SQS policy", -// "effect": "Allow", -// "action": []string{ +// "Sid": "Customer Profiles SQS policy", +// "Effect": "Allow", +// "Action": []string{ // "sqs:SendMessage", // }, -// "resource": "*", -// "principal": map[string]interface{}{ -// "service": "profile.amazonaws.com", +// "Resource": "*", +// "Principal": map[string]interface{}{ +// "Service": "profile.amazonaws.com", // }, // }, // }, @@ -113,22 +113,22 @@ import ( // exampleBucketV2Arn1 := _args[1].(string) // var _zero string // tmpJSON1, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "sid": "Customer Profiles S3 policy", -// "effect": "Allow", -// "action": []string{ +// "Sid": "Customer Profiles S3 policy", +// "Effect": "Allow", +// "Action": []string{ // "s3:GetObject", // "s3:PutObject", // "s3:ListBucket", // }, -// "resource": []string{ +// "Resource": []string{ // exampleBucketV2Arn, // fmt.Sprintf("%v/*", exampleBucketV2Arn1), // }, -// "principal": map[string]interface{}{ -// "service": "profile.amazonaws.com", +// "Principal": map[string]interface{}{ +// "Service": "profile.amazonaws.com", // }, // }, // }, diff --git a/sdk/go/aws/detective/invitationAccepter.go b/sdk/go/aws/detective/invitationAccepter.go index abb16137d4b..a5886f9fb68 100644 --- a/sdk/go/aws/detective/invitationAccepter.go +++ b/sdk/go/aws/detective/invitationAccepter.go @@ -33,7 +33,7 @@ import ( // if err != nil { // return err // } -// _, err = detective.NewMember(ctx, "primary", &detective.MemberArgs{ +// primaryMember, err := detective.NewMember(ctx, "primary", &detective.MemberArgs{ // AccountId: pulumi.String("ACCOUNT ID"), // EmailAddress: pulumi.String("EMAIL"), // GraphArn: primary.ID(), @@ -44,7 +44,9 @@ import ( // } // _, err = detective.NewInvitationAccepter(ctx, "member", &detective.InvitationAccepterArgs{ // GraphArn: primary.GraphArn, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// primaryMember, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/detective/organizationAdminAccount.go b/sdk/go/aws/detective/organizationAdminAccount.go index f6b6dbb565a..8adefe0c175 100644 --- a/sdk/go/aws/detective/organizationAdminAccount.go +++ b/sdk/go/aws/detective/organizationAdminAccount.go @@ -30,7 +30,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ +// example, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ // AwsServiceAccessPrincipals: pulumi.StringArray{ // pulumi.String("detective.amazonaws.com"), // }, @@ -41,7 +41,9 @@ import ( // } // _, err = detective.NewOrganizationAdminAccount(ctx, "example", &detective.OrganizationAdminAccountArgs{ // AccountId: pulumi.String("123456789012"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/directconnect/hostedPrivateVirtualInterfaceAccepter.go b/sdk/go/aws/directconnect/hostedPrivateVirtualInterfaceAccepter.go index 1772682cf75..3904f3c653e 100644 --- a/sdk/go/aws/directconnect/hostedPrivateVirtualInterfaceAccepter.go +++ b/sdk/go/aws/directconnect/hostedPrivateVirtualInterfaceAccepter.go @@ -36,6 +36,11 @@ import ( // if err != nil { // return err // } +// // Accepter's side of the VIF. +// vpnGw, err := ec2.NewVpnGateway(ctx, "vpn_gw", nil) +// if err != nil { +// return err +// } // // Creator's side of the VIF // creator, err := directconnect.NewHostedPrivateVirtualInterface(ctx, "creator", &directconnect.HostedPrivateVirtualInterfaceArgs{ // ConnectionId: pulumi.String("dxcon-zzzzzzzz"), @@ -44,12 +49,9 @@ import ( // Vlan: pulumi.Int(4094), // AddressFamily: pulumi.String("ipv4"), // BgpAsn: pulumi.Int(65352), -// }) -// if err != nil { -// return err -// } -// // Accepter's side of the VIF. -// vpnGw, err := ec2.NewVpnGateway(ctx, "vpn_gw", nil) +// }, pulumi.DependsOn([]pulumi.Resource{ +// vpnGw, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/directconnect/hostedTransitVirtualInterfaceAcceptor.go b/sdk/go/aws/directconnect/hostedTransitVirtualInterfaceAcceptor.go index 6e1c84c4dc9..64207b0cea6 100644 --- a/sdk/go/aws/directconnect/hostedTransitVirtualInterfaceAcceptor.go +++ b/sdk/go/aws/directconnect/hostedTransitVirtualInterfaceAcceptor.go @@ -37,6 +37,14 @@ import ( // if err != nil { // return err // } +// // Accepter's side of the VIF. +// example, err := directconnect.NewGateway(ctx, "example", &directconnect.GatewayArgs{ +// Name: pulumi.String("tf-dxg-example"), +// AmazonSideAsn: pulumi.String("64512"), +// }) +// if err != nil { +// return err +// } // // Creator's side of the VIF // creator, err := directconnect.NewHostedTransitVirtualInterface(ctx, "creator", &directconnect.HostedTransitVirtualInterfaceArgs{ // ConnectionId: pulumi.String("dxcon-zzzzzzzz"), @@ -45,15 +53,9 @@ import ( // Vlan: pulumi.Int(4094), // AddressFamily: pulumi.String("ipv4"), // BgpAsn: pulumi.Int(65352), -// }) -// if err != nil { -// return err -// } -// // Accepter's side of the VIF. -// example, err := directconnect.NewGateway(ctx, "example", &directconnect.GatewayArgs{ -// Name: pulumi.String("tf-dxg-example"), -// AmazonSideAsn: pulumi.String("64512"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/dms/replicationInstance.go b/sdk/go/aws/dms/replicationInstance.go index 9d9919e74fb..1b309fbbe5c 100644 --- a/sdk/go/aws/dms/replicationInstance.go +++ b/sdk/go/aws/dms/replicationInstance.go @@ -120,7 +120,11 @@ import ( // VpcSecurityGroupIds: pulumi.StringArray{ // pulumi.String("sg-12345678"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// dms_access_for_endpoint_AmazonDMSRedshiftS3Role, +// dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole, +// dms_vpc_role_AmazonDMSVPCManagementRole, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/dms/replicationSubnetGroup.go b/sdk/go/aws/dms/replicationSubnetGroup.go index 9b09a5d3191..465c5682461 100644 --- a/sdk/go/aws/dms/replicationSubnetGroup.go +++ b/sdk/go/aws/dms/replicationSubnetGroup.go @@ -76,14 +76,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "effect": "Allow", -// "principal": map[string]interface{}{ -// "service": "dms.amazonaws.com", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ +// "Service": "dms.amazonaws.com", // }, -// "action": "sts:AssumeRole", +// "Action": "sts:AssumeRole", // }, // }, // }) @@ -99,7 +99,7 @@ import ( // if err != nil { // return err // } -// _, err = iam.NewRolePolicyAttachment(ctx, "example", &iam.RolePolicyAttachmentArgs{ +// example, err := iam.NewRolePolicyAttachment(ctx, "example", &iam.RolePolicyAttachmentArgs{ // Role: dms_vpc_role.Name, // PolicyArn: pulumi.String("arn:aws:iam::aws:policy/service-role/AmazonDMSVPCManagementRole"), // }) @@ -116,7 +116,9 @@ import ( // Tags: pulumi.StringMap{ // "Name": pulumi.String("example-id"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/dms/s3endpoint.go b/sdk/go/aws/dms/s3endpoint.go index 8f5a846ad37..c5725aa5c65 100644 --- a/sdk/go/aws/dms/s3endpoint.go +++ b/sdk/go/aws/dms/s3endpoint.go @@ -42,7 +42,9 @@ import ( // EndpointType: pulumi.String("target"), // BucketName: pulumi.String("beckut_name"), // ServiceAccessRoleArn: pulumi.Any(exampleAwsIamRole.Arn), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsIamRolePolicy, +// })) // if err != nil { // return err // } @@ -118,7 +120,9 @@ import ( // UseCsvNoSupValue: pulumi.Bool(false), // UseTaskStartTimeForFullLoadTimestamp: pulumi.Bool(true), // GlueCatalogGeneration: pulumi.Bool(true), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsIamRolePolicy, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/docdb/globalCluster.go b/sdk/go/aws/docdb/globalCluster.go index 304120693a6..16676bfea83 100644 --- a/sdk/go/aws/docdb/globalCluster.go +++ b/sdk/go/aws/docdb/globalCluster.go @@ -53,7 +53,7 @@ import ( // if err != nil { // return err // } -// _, err = docdb.NewClusterInstance(ctx, "primary", &docdb.ClusterInstanceArgs{ +// primaryClusterInstance, err := docdb.NewClusterInstance(ctx, "primary", &docdb.ClusterInstanceArgs{ // Engine: example.Engine, // Identifier: pulumi.String("test-primary-cluster-instance"), // ClusterIdentifier: primary.ID(), @@ -68,7 +68,9 @@ import ( // ClusterIdentifier: pulumi.String("test-secondary-cluster"), // GlobalClusterIdentifier: example.ID(), // DbSubnetGroupName: pulumi.String("default"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// primary, +// })) // if err != nil { // return err // } @@ -77,7 +79,9 @@ import ( // Identifier: pulumi.String("test-secondary-cluster-instance"), // ClusterIdentifier: secondary.ID(), // InstanceClass: pulumi.String("db.r5.large"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// primaryClusterInstance, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/dynamodb/globalTable.go b/sdk/go/aws/dynamodb/globalTable.go index 71c89f71ba2..d54f5191d88 100644 --- a/sdk/go/aws/dynamodb/globalTable.go +++ b/sdk/go/aws/dynamodb/globalTable.go @@ -77,7 +77,10 @@ import ( // RegionName: pulumi.String("us-west-2"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// us_east_1, +// us_west_2, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ec2/eip.go b/sdk/go/aws/ec2/eip.go index c9f60f87a2a..15fedf4707a 100644 --- a/sdk/go/aws/ec2/eip.go +++ b/sdk/go/aws/ec2/eip.go @@ -118,7 +118,7 @@ import ( // if err != nil { // return err // } -// _, err = ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ +// gw, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ // VpcId: _default.ID(), // }) // if err != nil { @@ -128,7 +128,9 @@ import ( // VpcId: _default.ID(), // CidrBlock: pulumi.String("10.0.0.0/24"), // MapPublicIpOnLaunch: pulumi.Bool(true), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// gw, +// })) // if err != nil { // return err // } @@ -145,7 +147,9 @@ import ( // Domain: pulumi.String("vpc"), // Instance: foo.ID(), // AssociateWithPrivateIp: pulumi.String("10.0.0.12"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// gw, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ec2/internetGateway.go b/sdk/go/aws/ec2/internetGateway.go index f6247dabe8a..9756bbe57d2 100644 --- a/sdk/go/aws/ec2/internetGateway.go +++ b/sdk/go/aws/ec2/internetGateway.go @@ -73,13 +73,15 @@ type InternetGateway struct { // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { - // _, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ + // gw, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ // VpcId: pulumi.Any(main.Id), // }) // if err != nil { // return err // } - // _, err = ec2.NewInstance(ctx, "foo", nil) + // _, err = ec2.NewInstance(ctx, "foo", nil, pulumi.DependsOn([]pulumi.Resource{ + // gw, + // })) // if err != nil { // return err // } @@ -146,13 +148,15 @@ type internetGatewayState struct { // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { - // _, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ + // gw, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ // VpcId: pulumi.Any(main.Id), // }) // if err != nil { // return err // } - // _, err = ec2.NewInstance(ctx, "foo", nil) + // _, err = ec2.NewInstance(ctx, "foo", nil, pulumi.DependsOn([]pulumi.Resource{ + // gw, + // })) // if err != nil { // return err // } @@ -190,13 +194,15 @@ type InternetGatewayState struct { // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { - // _, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ + // gw, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ // VpcId: pulumi.Any(main.Id), // }) // if err != nil { // return err // } - // _, err = ec2.NewInstance(ctx, "foo", nil) + // _, err = ec2.NewInstance(ctx, "foo", nil, pulumi.DependsOn([]pulumi.Resource{ + // gw, + // })) // if err != nil { // return err // } @@ -234,13 +240,15 @@ type internetGatewayArgs struct { // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { - // _, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ + // gw, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ // VpcId: pulumi.Any(main.Id), // }) // if err != nil { // return err // } - // _, err = ec2.NewInstance(ctx, "foo", nil) + // _, err = ec2.NewInstance(ctx, "foo", nil, pulumi.DependsOn([]pulumi.Resource{ + // gw, + // })) // if err != nil { // return err // } @@ -271,13 +279,15 @@ type InternetGatewayArgs struct { // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { - // _, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ + // gw, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ // VpcId: pulumi.Any(main.Id), // }) // if err != nil { // return err // } - // _, err = ec2.NewInstance(ctx, "foo", nil) + // _, err = ec2.NewInstance(ctx, "foo", nil, pulumi.DependsOn([]pulumi.Resource{ + // gw, + // })) // if err != nil { // return err // } @@ -405,13 +415,15 @@ func (o InternetGatewayOutput) OwnerId() pulumi.StringOutput { // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ +// gw, err := ec2.NewInternetGateway(ctx, "gw", &ec2.InternetGatewayArgs{ // VpcId: pulumi.Any(main.Id), // }) // if err != nil { // return err // } -// _, err = ec2.NewInstance(ctx, "foo", nil) +// _, err = ec2.NewInstance(ctx, "foo", nil, pulumi.DependsOn([]pulumi.Resource{ +// gw, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ec2/natGateway.go b/sdk/go/aws/ec2/natGateway.go index d122e862963..7d165d3b701 100644 --- a/sdk/go/aws/ec2/natGateway.go +++ b/sdk/go/aws/ec2/natGateway.go @@ -37,7 +37,9 @@ import ( // Tags: pulumi.StringMap{ // "Name": pulumi.String("gw NAT"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsInternetGateway, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ec2/spotFleetRequest.go b/sdk/go/aws/ec2/spotFleetRequest.go index 625f02e1e9a..f31e627e3ed 100644 --- a/sdk/go/aws/ec2/spotFleetRequest.go +++ b/sdk/go/aws/ec2/spotFleetRequest.go @@ -118,7 +118,9 @@ import ( // }, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// test_attach, +// })) // if err != nil { // return err // } @@ -239,7 +241,9 @@ import ( // }, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// test_attach, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ec2/vpc.go b/sdk/go/aws/ec2/vpc.go index bc655c79c93..168457c287b 100644 --- a/sdk/go/aws/ec2/vpc.go +++ b/sdk/go/aws/ec2/vpc.go @@ -113,7 +113,7 @@ import ( // if err != nil { // return err // } -// _, err = ec2.NewVpcIpamPoolCidr(ctx, "test", &ec2.VpcIpamPoolCidrArgs{ +// testVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, "test", &ec2.VpcIpamPoolCidrArgs{ // IpamPoolId: testVpcIpamPool.ID(), // Cidr: pulumi.String("172.20.0.0/16"), // }) @@ -123,7 +123,9 @@ import ( // _, err = ec2.NewVpc(ctx, "test", &ec2.VpcArgs{ // Ipv4IpamPoolId: testVpcIpamPool.ID(), // Ipv4NetmaskLength: pulumi.Int(28), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// testVpcIpamPoolCidr, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ec2/vpcIpamPoolCidrAllocation.go b/sdk/go/aws/ec2/vpcIpamPoolCidrAllocation.go index 91a1f66f4f2..4bc7c444cdf 100644 --- a/sdk/go/aws/ec2/vpcIpamPoolCidrAllocation.go +++ b/sdk/go/aws/ec2/vpcIpamPoolCidrAllocation.go @@ -54,17 +54,19 @@ import ( // if err != nil { // return err // } -// _, err = ec2.NewVpcIpamPoolCidrAllocation(ctx, "example", &ec2.VpcIpamPoolCidrAllocationArgs{ +// exampleVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, "example", &ec2.VpcIpamPoolCidrArgs{ // IpamPoolId: exampleVpcIpamPool.ID(), -// Cidr: pulumi.String("172.20.0.0/24"), +// Cidr: pulumi.String("172.20.0.0/16"), // }) // if err != nil { // return err // } -// _, err = ec2.NewVpcIpamPoolCidr(ctx, "example", &ec2.VpcIpamPoolCidrArgs{ +// _, err = ec2.NewVpcIpamPoolCidrAllocation(ctx, "example", &ec2.VpcIpamPoolCidrAllocationArgs{ // IpamPoolId: exampleVpcIpamPool.ID(), -// Cidr: pulumi.String("172.20.0.0/16"), -// }) +// Cidr: pulumi.String("172.20.0.0/24"), +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleVpcIpamPoolCidr, +// })) // if err != nil { // return err // } @@ -113,20 +115,22 @@ import ( // if err != nil { // return err // } +// exampleVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, "example", &ec2.VpcIpamPoolCidrArgs{ +// IpamPoolId: exampleVpcIpamPool.ID(), +// Cidr: pulumi.String("172.20.0.0/16"), +// }) +// if err != nil { +// return err +// } // _, err = ec2.NewVpcIpamPoolCidrAllocation(ctx, "example", &ec2.VpcIpamPoolCidrAllocationArgs{ // IpamPoolId: exampleVpcIpamPool.ID(), // NetmaskLength: pulumi.Int(28), // DisallowedCidrs: pulumi.StringArray{ // pulumi.String("172.20.0.0/28"), // }, -// }) -// if err != nil { -// return err -// } -// _, err = ec2.NewVpcIpamPoolCidr(ctx, "example", &ec2.VpcIpamPoolCidrArgs{ -// IpamPoolId: exampleVpcIpamPool.ID(), -// Cidr: pulumi.String("172.20.0.0/16"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleVpcIpamPoolCidr, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ec2/vpcIpamPreviewNextCidr.go b/sdk/go/aws/ec2/vpcIpamPreviewNextCidr.go index 3a940f63005..fd72151d3a8 100644 --- a/sdk/go/aws/ec2/vpcIpamPreviewNextCidr.go +++ b/sdk/go/aws/ec2/vpcIpamPreviewNextCidr.go @@ -54,20 +54,22 @@ import ( // if err != nil { // return err // } +// exampleVpcIpamPoolCidr, err := ec2.NewVpcIpamPoolCidr(ctx, "example", &ec2.VpcIpamPoolCidrArgs{ +// IpamPoolId: exampleVpcIpamPool.ID(), +// Cidr: pulumi.String("172.20.0.0/16"), +// }) +// if err != nil { +// return err +// } // _, err = ec2.NewVpcIpamPreviewNextCidr(ctx, "example", &ec2.VpcIpamPreviewNextCidrArgs{ // IpamPoolId: exampleVpcIpamPool.ID(), // NetmaskLength: pulumi.Int(28), // DisallowedCidrs: pulumi.StringArray{ // pulumi.String("172.2.0.0/32"), // }, -// }) -// if err != nil { -// return err -// } -// _, err = ec2.NewVpcIpamPoolCidr(ctx, "example", &ec2.VpcIpamPoolCidrArgs{ -// IpamPoolId: exampleVpcIpamPool.ID(), -// Cidr: pulumi.String("172.20.0.0/16"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleVpcIpamPoolCidr, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ecr/registryPolicy.go b/sdk/go/aws/ecr/registryPolicy.go index 4d08624133b..58e4e6c0ba2 100644 --- a/sdk/go/aws/ecr/registryPolicy.go +++ b/sdk/go/aws/ecr/registryPolicy.go @@ -48,18 +48,18 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "sid": "testpolicy", -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Sid": "testpolicy", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": fmt.Sprintf("arn:%v:iam::%v:root", currentGetPartition.Partition, current.AccountId), // }, -// "action": []string{ +// "Action": []string{ // "ecr:ReplicateImage", // }, -// "resource": []string{ +// "Resource": []string{ // fmt.Sprintf("arn:%v:ecr:%v:%v:repository/*", currentGetPartition.Partition, currentGetRegion.Name, current.AccountId), // }, // }, diff --git a/sdk/go/aws/ecs/service.go b/sdk/go/aws/ecs/service.go index b9552ee7108..ea8d6c81dbd 100644 --- a/sdk/go/aws/ecs/service.go +++ b/sdk/go/aws/ecs/service.go @@ -46,7 +46,7 @@ import ( // }, // LoadBalancers: ecs.ServiceLoadBalancerArray{ // &ecs.ServiceLoadBalancerArgs{ -// TargetGroupArn: pulumi.Any(foo.Arn), +// TargetGroupArn: pulumi.Any(fooAwsLbTargetGroup.Arn), // ContainerName: pulumi.String("mongo"), // ContainerPort: pulumi.Int(8080), // }, @@ -57,7 +57,9 @@ import ( // Expression: pulumi.String("attribute:ecs.availability-zone in [us-west-2a, us-west-2b]"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// foo, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/eks/cluster.go b/sdk/go/aws/eks/cluster.go index c701a004c2a..250bdb730ce 100644 --- a/sdk/go/aws/eks/cluster.go +++ b/sdk/go/aws/eks/cluster.go @@ -40,7 +40,10 @@ import ( // example2.Id, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example_AmazonEKSClusterPolicy, +// example_AmazonEKSVPCResourceController, +// })) // if err != nil { // return err // } @@ -149,20 +152,22 @@ import ( // if param := cfg.Get("clusterName"); param != "" { // clusterName = param // } -// _, err := eks.NewCluster(ctx, "example", &eks.ClusterArgs{ +// exampleLogGroup, err := cloudwatch.NewLogGroup(ctx, "example", &cloudwatch.LogGroupArgs{ +// Name: pulumi.String(fmt.Sprintf("/aws/eks/%v/cluster", clusterName)), +// RetentionInDays: pulumi.Int(7), +// }) +// if err != nil { +// return err +// } +// _, err = eks.NewCluster(ctx, "example", &eks.ClusterArgs{ // EnabledClusterLogTypes: pulumi.StringArray{ // pulumi.String("api"), // pulumi.String("audit"), // }, // Name: pulumi.String(clusterName), -// }) -// if err != nil { -// return err -// } -// _, err = cloudwatch.NewLogGroup(ctx, "example", &cloudwatch.LogGroupArgs{ -// Name: pulumi.String(fmt.Sprintf("/aws/eks/%v/cluster", clusterName)), -// RetentionInDays: pulumi.Int(7), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleLogGroup, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/eks/fargateProfile.go b/sdk/go/aws/eks/fargateProfile.go index cee4a5115d5..6110f9a6529 100644 --- a/sdk/go/aws/eks/fargateProfile.go +++ b/sdk/go/aws/eks/fargateProfile.go @@ -77,16 +77,16 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "statement": []map[string]interface{}{ +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "principal": map[string]interface{}{ -// "service": "eks-fargate-pods.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ +// "Service": "eks-fargate-pods.amazonaws.com", // }, // }, // }, -// "version": "2012-10-17", +// "Version": "2012-10-17", // }) // if err != nil { // return err diff --git a/sdk/go/aws/eks/nodeGroup.go b/sdk/go/aws/eks/nodeGroup.go index b38b7d6ad7c..8037a941748 100644 --- a/sdk/go/aws/eks/nodeGroup.go +++ b/sdk/go/aws/eks/nodeGroup.go @@ -45,7 +45,11 @@ import ( // UpdateConfig: &eks.NodeGroupUpdateConfigArgs{ // MaxUnavailable: pulumi.Int(1), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example_AmazonEKSWorkerNodePolicy, +// example_AmazonEKSCNIPolicy, +// example_AmazonEC2ContainerRegistryReadOnly, +// })) // if err != nil { // return err // } @@ -112,16 +116,16 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "statement": []map[string]interface{}{ +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "principal": map[string]interface{}{ -// "service": "ec2.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ +// "Service": "ec2.amazonaws.com", // }, // }, // }, -// "version": "2012-10-17", +// "Version": "2012-10-17", // }) // if err != nil { // return err diff --git a/sdk/go/aws/elasticsearch/domain.go b/sdk/go/aws/elasticsearch/domain.go index 99c93fc943a..710f287f889 100644 --- a/sdk/go/aws/elasticsearch/domain.go +++ b/sdk/go/aws/elasticsearch/domain.go @@ -264,7 +264,7 @@ import ( // if err != nil { // return err // } -// _, err = iam.NewServiceLinkedRole(ctx, "es", &iam.ServiceLinkedRoleArgs{ +// esServiceLinkedRole, err := iam.NewServiceLinkedRole(ctx, "es", &iam.ServiceLinkedRoleArgs{ // AwsServiceName: pulumi.String("opensearchservice.amazonaws.com"), // }) // if err != nil { @@ -306,7 +306,9 @@ import ( // Tags: pulumi.StringMap{ // "Domain": pulumi.String("TestDomain"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// esServiceLinkedRole, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/finspace/kxUser.go b/sdk/go/aws/finspace/kxUser.go index d66d8978698..c22f45194e2 100644 --- a/sdk/go/aws/finspace/kxUser.go +++ b/sdk/go/aws/finspace/kxUser.go @@ -50,14 +50,14 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "ec2.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "ec2.amazonaws.com", // }, // }, // }, diff --git a/sdk/go/aws/gamelift/gameServerGroup.go b/sdk/go/aws/gamelift/gameServerGroup.go index d364e4ed961..48ae2076cb3 100644 --- a/sdk/go/aws/gamelift/gameServerGroup.go +++ b/sdk/go/aws/gamelift/gameServerGroup.go @@ -45,7 +45,9 @@ import ( // MaxSize: pulumi.Int(1), // MinSize: pulumi.Int(1), // RoleArn: pulumi.Any(exampleAwsIamRole.Arn), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsIamRolePolicyAttachment, +// })) // if err != nil { // return err // } @@ -105,7 +107,9 @@ import ( // pulumi.String("subnet-12345678"), // pulumi.String("subnet-23456789"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsIamRolePolicyAttachment, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/glue/crawler.go b/sdk/go/aws/glue/crawler.go index d532b94f056..a9db7f28ae8 100644 --- a/sdk/go/aws/glue/crawler.go +++ b/sdk/go/aws/glue/crawler.go @@ -229,15 +229,15 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "grouping": map[string]interface{}{ -// "tableGroupingPolicy": "CombineCompatibleSchemas", +// "Grouping": map[string]interface{}{ +// "TableGroupingPolicy": "CombineCompatibleSchemas", // }, -// "crawlerOutput": map[string]interface{}{ -// "partitions": map[string]interface{}{ -// "addOrUpdateBehavior": "InheritFromTable", +// "CrawlerOutput": map[string]interface{}{ +// "Partitions": map[string]interface{}{ +// "AddOrUpdateBehavior": "InheritFromTable", // }, // }, -// "version": 1, +// "Version": 1, // }) // if err != nil { // return err diff --git a/sdk/go/aws/glue/mltransform.go b/sdk/go/aws/glue/mltransform.go index 770afdd9063..224ad3ceb88 100644 --- a/sdk/go/aws/glue/mltransform.go +++ b/sdk/go/aws/glue/mltransform.go @@ -127,7 +127,9 @@ import ( // PrimaryKeyColumnName: pulumi.String("my_column_1"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// testAwsIamRolePolicyAttachment, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/grafana/licenseAssociation.go b/sdk/go/aws/grafana/licenseAssociation.go index 7c7fdcdd9e6..e89c6cef5e6 100644 --- a/sdk/go/aws/grafana/licenseAssociation.go +++ b/sdk/go/aws/grafana/licenseAssociation.go @@ -35,14 +35,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "grafana.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "grafana.amazonaws.com", // }, // }, // }, diff --git a/sdk/go/aws/grafana/roleAssociation.go b/sdk/go/aws/grafana/roleAssociation.go index 844d7138e90..ec547825cd8 100644 --- a/sdk/go/aws/grafana/roleAssociation.go +++ b/sdk/go/aws/grafana/roleAssociation.go @@ -35,14 +35,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "grafana.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "grafana.amazonaws.com", // }, // }, // }, diff --git a/sdk/go/aws/grafana/workspace.go b/sdk/go/aws/grafana/workspace.go index 4eac11fcbf9..ac5adeac170 100644 --- a/sdk/go/aws/grafana/workspace.go +++ b/sdk/go/aws/grafana/workspace.go @@ -35,14 +35,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "grafana.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "grafana.amazonaws.com", // }, // }, // }, diff --git a/sdk/go/aws/grafana/workspaceSamlConfiguration.go b/sdk/go/aws/grafana/workspaceSamlConfiguration.go index a1bfce38584..9426b372d48 100644 --- a/sdk/go/aws/grafana/workspaceSamlConfiguration.go +++ b/sdk/go/aws/grafana/workspaceSamlConfiguration.go @@ -35,14 +35,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "grafana.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "grafana.amazonaws.com", // }, // }, // }, diff --git a/sdk/go/aws/guardduty/inviteAccepter.go b/sdk/go/aws/guardduty/inviteAccepter.go index 7ab4e405e2a..edf42ed6de9 100644 --- a/sdk/go/aws/guardduty/inviteAccepter.go +++ b/sdk/go/aws/guardduty/inviteAccepter.go @@ -37,14 +37,7 @@ import ( // if err != nil { // return err // } -// _, err = guardduty.NewInviteAccepter(ctx, "member", &guardduty.InviteAccepterArgs{ -// DetectorId: memberDetector.ID(), -// MasterAccountId: primary.AccountId, -// }) -// if err != nil { -// return err -// } -// _, err = guardduty.NewMember(ctx, "member", &guardduty.MemberArgs{ +// memberMember, err := guardduty.NewMember(ctx, "member", &guardduty.MemberArgs{ // AccountId: memberDetector.AccountId, // DetectorId: primary.ID(), // Email: pulumi.String("required@example.com"), @@ -53,6 +46,15 @@ import ( // if err != nil { // return err // } +// _, err = guardduty.NewInviteAccepter(ctx, "member", &guardduty.InviteAccepterArgs{ +// DetectorId: memberDetector.ID(), +// MasterAccountId: primary.AccountId, +// }, pulumi.DependsOn([]pulumi.Resource{ +// memberMember, +// })) +// if err != nil { +// return err +// } // return nil // }) // } diff --git a/sdk/go/aws/guardduty/organizationAdminAccount.go b/sdk/go/aws/guardduty/organizationAdminAccount.go index 3b791892c30..1f64cdfb8ec 100644 --- a/sdk/go/aws/guardduty/organizationAdminAccount.go +++ b/sdk/go/aws/guardduty/organizationAdminAccount.go @@ -30,7 +30,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ +// example, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ // AwsServiceAccessPrincipals: pulumi.StringArray{ // pulumi.String("guardduty.amazonaws.com"), // }, @@ -45,7 +45,9 @@ import ( // } // _, err = guardduty.NewOrganizationAdminAccount(ctx, "example", &guardduty.OrganizationAdminAccountArgs{ // AdminAccountId: pulumi.String("123456789012"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/guardduty/publishingDestination.go b/sdk/go/aws/guardduty/publishingDestination.go index 15ba81b39d8..d8aea4d2176 100644 --- a/sdk/go/aws/guardduty/publishingDestination.go +++ b/sdk/go/aws/guardduty/publishingDestination.go @@ -144,7 +144,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketPolicy(ctx, "gd_bucket_policy", &s3.BucketPolicyArgs{ +// gdBucketPolicy, err := s3.NewBucketPolicy(ctx, "gd_bucket_policy", &s3.BucketPolicyArgs{ // Bucket: gdBucket.ID(), // Policy: bucketPol.ApplyT(func(bucketPol iam.GetPolicyDocumentResult) (*string, error) { // return &bucketPol.Json, nil @@ -165,7 +165,9 @@ import ( // DetectorId: testGd.ID(), // DestinationArn: gdBucket.Arn, // KmsKeyArn: gdKey.Arn, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// gdBucketPolicy, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/iam/getPrincipalPolicySimulation.go b/sdk/go/aws/iam/getPrincipalPolicySimulation.go index 942772ce644..3ff05b0037e 100644 --- a/sdk/go/aws/iam/getPrincipalPolicySimulation.go +++ b/sdk/go/aws/iam/getPrincipalPolicySimulation.go @@ -80,7 +80,9 @@ import ( // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := s3.NewBucketObject(ctx, "example", &s3.BucketObjectArgs{ // Bucket: pulumi.Any("my-test-bucket"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// s3ObjectAccess, +// })) // if err != nil { // return err // } @@ -135,12 +137,12 @@ import ( // Policy: exampleBucketV2.Arn.ApplyT(func(arn string) (pulumi.String, error) { // var _zero pulumi.String // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "s3:GetObject", -// "effect": "Allow", -// "resource": arn, +// "Action": "s3:GetObject", +// "Effect": "Allow", +// "Resource": arn, // }, // }, // }) @@ -161,15 +163,15 @@ import ( // exampleBucketV2Arn1 := _args[1].(string) // var _zero string // tmpJSON1, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "s3:*", -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Action": "s3:*", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": current.AccountId, // }, -// "resource": []string{ +// "Resource": []string{ // exampleBucketV2Arn, // fmt.Sprintf("%v/*", exampleBucketV2Arn1), // }, diff --git a/sdk/go/aws/iam/groupPolicy.go b/sdk/go/aws/iam/groupPolicy.go index 60570234369..a729755dc47 100644 --- a/sdk/go/aws/iam/groupPolicy.go +++ b/sdk/go/aws/iam/groupPolicy.go @@ -41,14 +41,14 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "ec2:Describe*", // }, -// "effect": "Allow", -// "resource": "*", +// "Effect": "Allow", +// "Resource": "*", // }, // }, // }) diff --git a/sdk/go/aws/iam/policy.go b/sdk/go/aws/iam/policy.go index abe230a6393..c62f1c7f6f9 100644 --- a/sdk/go/aws/iam/policy.go +++ b/sdk/go/aws/iam/policy.go @@ -34,14 +34,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "ec2:Describe*", // }, -// "effect": "Allow", -// "resource": "*", +// "Effect": "Allow", +// "Resource": "*", // }, // }, // }) diff --git a/sdk/go/aws/iam/role.go b/sdk/go/aws/iam/role.go index 6e24407d8fd..e19edd969e1 100644 --- a/sdk/go/aws/iam/role.go +++ b/sdk/go/aws/iam/role.go @@ -40,14 +40,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "ec2.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "ec2.amazonaws.com", // }, // }, // }, @@ -158,14 +158,14 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "ec2:Describe*", // }, -// "effect": "Allow", -// "resource": "*", +// "Effect": "Allow", +// "Resource": "*", // }, // }, // }) @@ -251,14 +251,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "ec2:Describe*", // }, -// "effect": "Allow", -// "resource": "*", +// "Effect": "Allow", +// "Resource": "*", // }, // }, // }) @@ -274,16 +274,16 @@ import ( // return err // } // tmpJSON1, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "s3:ListAllMyBuckets", // "s3:ListBucket", // "s3:HeadBucket", // }, -// "effect": "Allow", -// "resource": "*", +// "Effect": "Allow", +// "Resource": "*", // }, // }, // }) diff --git a/sdk/go/aws/iam/rolePolicy.go b/sdk/go/aws/iam/rolePolicy.go index 13923e00c13..fd0aece1cf9 100644 --- a/sdk/go/aws/iam/rolePolicy.go +++ b/sdk/go/aws/iam/rolePolicy.go @@ -36,14 +36,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "ec2.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "ec2.amazonaws.com", // }, // }, // }, @@ -60,14 +60,14 @@ import ( // return err // } // tmpJSON1, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "ec2:Describe*", // }, -// "effect": "Allow", -// "resource": "*", +// "Effect": "Allow", +// "Resource": "*", // }, // }, // }) diff --git a/sdk/go/aws/iam/userPolicy.go b/sdk/go/aws/iam/userPolicy.go index 1b3315f5d14..c8094027bd2 100644 --- a/sdk/go/aws/iam/userPolicy.go +++ b/sdk/go/aws/iam/userPolicy.go @@ -41,14 +41,14 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "ec2:Describe*", // }, -// "effect": "Allow", -// "resource": "*", +// "Effect": "Allow", +// "Resource": "*", // }, // }, // }) diff --git a/sdk/go/aws/iot/policy.go b/sdk/go/aws/iot/policy.go index a37a34fb17c..f9553e58204 100644 --- a/sdk/go/aws/iot/policy.go +++ b/sdk/go/aws/iot/policy.go @@ -34,14 +34,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "iot:*", // }, -// "effect": "Allow", -// "resource": "*", +// "Effect": "Allow", +// "Resource": "*", // }, // }, // }) diff --git a/sdk/go/aws/iot/provisioningTemplate.go b/sdk/go/aws/iot/provisioningTemplate.go index 37e9679a296..d201e057674 100644 --- a/sdk/go/aws/iot/provisioningTemplate.go +++ b/sdk/go/aws/iot/provisioningTemplate.go @@ -97,26 +97,26 @@ import ( // TemplateBody: devicePolicyPolicy.Name.ApplyT(func(name string) (pulumi.String, error) { // var _zero pulumi.String // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "parameters": map[string]interface{}{ -// "serialNumber": map[string]interface{}{ -// "type": "String", +// "Parameters": map[string]interface{}{ +// "SerialNumber": map[string]interface{}{ +// "Type": "String", // }, // }, -// "resources": map[string]interface{}{ +// "Resources": map[string]interface{}{ // "certificate": map[string]interface{}{ -// "properties": map[string]interface{}{ -// "certificateId": map[string]interface{}{ -// "ref": "AWS::IoT::Certificate::Id", +// "Properties": map[string]interface{}{ +// "CertificateId": map[string]interface{}{ +// "Ref": "AWS::IoT::Certificate::Id", // }, -// "status": "Active", +// "Status": "Active", // }, -// "type": "AWS::IoT::Certificate", +// "Type": "AWS::IoT::Certificate", // }, // "policy": map[string]interface{}{ -// "properties": map[string]interface{}{ -// "policyName": name, +// "Properties": map[string]interface{}{ +// "PolicyName": name, // }, -// "type": "AWS::IoT::Policy", +// "Type": "AWS::IoT::Policy", // }, // }, // }) diff --git a/sdk/go/aws/kendra/dataSource.go b/sdk/go/aws/kendra/dataSource.go index ad208dc80ce..ebe06c6b4b0 100644 --- a/sdk/go/aws/kendra/dataSource.go +++ b/sdk/go/aws/kendra/dataSource.go @@ -348,7 +348,9 @@ import ( // }, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsSecretsmanagerSecretVersion, +// })) // if err != nil { // return err // } @@ -524,7 +526,9 @@ import ( // }, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsSecretsmanagerSecretVersion, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/kinesis/firehoseDeliveryStream.go b/sdk/go/aws/kinesis/firehoseDeliveryStream.go index f3707bf4d67..6b2690c7de3 100644 --- a/sdk/go/aws/kinesis/firehoseDeliveryStream.go +++ b/sdk/go/aws/kinesis/firehoseDeliveryStream.go @@ -525,7 +525,9 @@ import ( // RoleArn: pulumi.Any(firehose.Arn), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// firehose_elasticsearchRolePolicy, +// })) // if err != nil { // return err // } @@ -710,7 +712,9 @@ import ( // RoleArn: pulumi.Any(firehose.Arn), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// firehose_opensearch, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/kms/keyPolicy.go b/sdk/go/aws/kms/keyPolicy.go index e8bca71d314..cdd6f1acb93 100644 --- a/sdk/go/aws/kms/keyPolicy.go +++ b/sdk/go/aws/kms/keyPolicy.go @@ -38,19 +38,19 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "id": "example", -// "statement": []map[string]interface{}{ +// "Id": "example", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "kms:*", -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Action": "kms:*", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": "*", // }, -// "resource": "*", -// "sid": "Enable IAM User Permissions", +// "Resource": "*", +// "Sid": "Enable IAM User Permissions", // }, // }, -// "version": "2012-10-17", +// "Version": "2012-10-17", // }) // if err != nil { // return err diff --git a/sdk/go/aws/lambda/eventSourceMapping.go b/sdk/go/aws/lambda/eventSourceMapping.go index 6097874c9d4..fa83ea8e853 100644 --- a/sdk/go/aws/lambda/eventSourceMapping.go +++ b/sdk/go/aws/lambda/eventSourceMapping.go @@ -211,7 +211,7 @@ import ( // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ // "body": map[string]interface{}{ -// "temperature": []map[string]interface{}{ +// "Temperature": []map[string]interface{}{ // map[string]interface{}{ // "numeric": []interface{}{ // ">", @@ -221,7 +221,7 @@ import ( // }, // }, // }, -// "location": []string{ +// "Location": []string{ // "New York", // }, // }, diff --git a/sdk/go/aws/lambda/function.go b/sdk/go/aws/lambda/function.go index 5ef9ccde49d..2170a9ba445 100644 --- a/sdk/go/aws/lambda/function.go +++ b/sdk/go/aws/lambda/function.go @@ -227,6 +227,17 @@ import ( // if err != nil { // return err // } +// // Mount target connects the file system to the subnet +// alpha, err := efs.NewMountTarget(ctx, "alpha", &efs.MountTargetArgs{ +// FileSystemId: efsForLambda.ID(), +// SubnetId: pulumi.Any(subnetForLambda.Id), +// SecurityGroups: pulumi.StringArray{ +// sgForLambda.Id, +// }, +// }) +// if err != nil { +// return err +// } // // EFS access point used by lambda file system // accessPointForLambda, err := efs.NewAccessPoint(ctx, "access_point_for_lambda", &efs.AccessPointArgs{ // FileSystemId: efsForLambda.ID(), @@ -260,18 +271,9 @@ import ( // sgForLambda.Id, // }, // }, -// }) -// if err != nil { -// return err -// } -// // Mount target connects the file system to the subnet -// _, err = efs.NewMountTarget(ctx, "alpha", &efs.MountTargetArgs{ -// FileSystemId: efsForLambda.ID(), -// SubnetId: pulumi.Any(subnetForLambda.Id), -// SecurityGroups: pulumi.StringArray{ -// sgForLambda.Id, -// }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// alpha, +// })) // if err != nil { // return err // } @@ -313,18 +315,9 @@ import ( // if param := cfg.Get("lambdaFunctionName"); param != "" { // lambdaFunctionName = param // } -// _, err := lambda.NewFunction(ctx, "test_lambda", &lambda.FunctionArgs{ -// Name: pulumi.String(lambdaFunctionName), -// LoggingConfig: &lambda.FunctionLoggingConfigArgs{ -// LogFormat: pulumi.String("Text"), -// }, -// }) -// if err != nil { -// return err -// } // // This is to optionally manage the CloudWatch Log Group for the Lambda Function. // // If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below. -// _, err = cloudwatch.NewLogGroup(ctx, "example", &cloudwatch.LogGroupArgs{ +// example, err := cloudwatch.NewLogGroup(ctx, "example", &cloudwatch.LogGroupArgs{ // Name: pulumi.String(fmt.Sprintf("/aws/lambda/%v", lambdaFunctionName)), // RetentionInDays: pulumi.Int(14), // }) @@ -359,13 +352,25 @@ import ( // if err != nil { // return err // } -// _, err = iam.NewRolePolicyAttachment(ctx, "lambda_logs", &iam.RolePolicyAttachmentArgs{ +// lambdaLogs, err := iam.NewRolePolicyAttachment(ctx, "lambda_logs", &iam.RolePolicyAttachmentArgs{ // Role: pulumi.Any(iamForLambda.Name), // PolicyArn: lambdaLoggingPolicy.Arn, // }) // if err != nil { // return err // } +// _, err = lambda.NewFunction(ctx, "test_lambda", &lambda.FunctionArgs{ +// Name: pulumi.String(lambdaFunctionName), +// LoggingConfig: &lambda.FunctionLoggingConfigArgs{ +// LogFormat: pulumi.String("Text"), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// lambdaLogs, +// example, +// })) +// if err != nil { +// return err +// } // return nil // }) // } diff --git a/sdk/go/aws/lambda/permission.go b/sdk/go/aws/lambda/permission.go index 76fac985aa6..1d82814a439 100644 --- a/sdk/go/aws/lambda/permission.go +++ b/sdk/go/aws/lambda/permission.go @@ -35,14 +35,14 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "lambda.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "lambda.amazonaws.com", // }, // }, // }, @@ -121,14 +121,14 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "lambda.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "lambda.amazonaws.com", // }, // }, // }, @@ -286,7 +286,7 @@ import ( // if err != nil { // return err // } -// _, err = lambda.NewPermission(ctx, "logging", &lambda.PermissionArgs{ +// logging, err := lambda.NewPermission(ctx, "logging", &lambda.PermissionArgs{ // Action: pulumi.String("lambda:InvokeFunction"), // Function: loggingFunction.Name, // Principal: pulumi.String("logs.eu-west-1.amazonaws.com"), @@ -302,7 +302,9 @@ import ( // FilterPattern: pulumi.String(""), // LogGroup: _default.Name, // Name: pulumi.String("logging_default"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// logging, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/lb/targetGroupAttachment.go b/sdk/go/aws/lb/targetGroupAttachment.go index 215558c98c0..7843d44b16c 100644 --- a/sdk/go/aws/lb/targetGroupAttachment.go +++ b/sdk/go/aws/lb/targetGroupAttachment.go @@ -84,7 +84,7 @@ import ( // if err != nil { // return err // } -// _, err = lambda.NewPermission(ctx, "with_lb", &lambda.PermissionArgs{ +// withLb, err := lambda.NewPermission(ctx, "with_lb", &lambda.PermissionArgs{ // StatementId: pulumi.String("AllowExecutionFromlb"), // Action: pulumi.String("lambda:InvokeFunction"), // Function: testFunction.Name, @@ -97,7 +97,9 @@ import ( // _, err = lb.NewTargetGroupAttachment(ctx, "test", &lb.TargetGroupAttachmentArgs{ // TargetGroupArn: test.Arn, // TargetId: testFunction.Arn, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// withLb, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/lightsail/distribution.go b/sdk/go/aws/lightsail/distribution.go index fc5f8851e17..3dead6dc299 100644 --- a/sdk/go/aws/lightsail/distribution.go +++ b/sdk/go/aws/lightsail/distribution.go @@ -124,7 +124,7 @@ import ( // if err != nil { // return err // } -// _, err = lightsail.NewStaticIpAttachment(ctx, "test", &lightsail.StaticIpAttachmentArgs{ +// test, err := lightsail.NewStaticIpAttachment(ctx, "test", &lightsail.StaticIpAttachmentArgs{ // StaticIpName: testStaticIp.Name, // InstanceName: testInstance.Name, // }) @@ -141,7 +141,9 @@ import ( // DefaultCacheBehavior: &lightsail.DistributionDefaultCacheBehaviorArgs{ // Behavior: pulumi.String("cache"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// test, +// })) // if err != nil { // return err // } @@ -204,7 +206,7 @@ import ( // if err != nil { // return err // } -// _, err = lightsail.NewLbAttachment(ctx, "test", &lightsail.LbAttachmentArgs{ +// testLbAttachment, err := lightsail.NewLbAttachment(ctx, "test", &lightsail.LbAttachmentArgs{ // LbName: test.Name, // InstanceName: testInstance.Name, // }) @@ -221,7 +223,9 @@ import ( // DefaultCacheBehavior: &lightsail.DistributionDefaultCacheBehaviorArgs{ // Behavior: pulumi.String("cache"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// testLbAttachment, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/macie/customDataIdentifier.go b/sdk/go/aws/macie/customDataIdentifier.go index ad1a456124b..6ae2962549b 100644 --- a/sdk/go/aws/macie/customDataIdentifier.go +++ b/sdk/go/aws/macie/customDataIdentifier.go @@ -44,7 +44,9 @@ import ( // IgnoreWords: pulumi.StringArray{ // pulumi.String("ignore"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// test, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/macie/findingsFilter.go b/sdk/go/aws/macie/findingsFilter.go index f68466311e2..1e0824515f4 100644 --- a/sdk/go/aws/macie/findingsFilter.go +++ b/sdk/go/aws/macie/findingsFilter.go @@ -49,7 +49,9 @@ import ( // }, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// testAwsMacie2Account, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/macie2/classificationExportConfiguration.go b/sdk/go/aws/macie2/classificationExportConfiguration.go index d41176265f1..6edb1ff71e8 100644 --- a/sdk/go/aws/macie2/classificationExportConfiguration.go +++ b/sdk/go/aws/macie2/classificationExportConfiguration.go @@ -28,7 +28,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := macie2.NewAccount(ctx, "example", nil) +// example, err := macie2.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -38,7 +38,9 @@ import ( // KeyPrefix: pulumi.String("exampleprefix/"), // KmsKeyArn: pulumi.Any(exampleAwsKmsKey.Arn), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/macie2/classificationJob.go b/sdk/go/aws/macie2/classificationJob.go index 638dbd1e41c..cf0994b6bce 100644 --- a/sdk/go/aws/macie2/classificationJob.go +++ b/sdk/go/aws/macie2/classificationJob.go @@ -29,7 +29,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := macie2.NewAccount(ctx, "test", nil) +// test, err := macie2.NewAccount(ctx, "test", nil) // if err != nil { // return err // } @@ -46,7 +46,9 @@ import ( // }, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// test, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/macie2/invitationAccepter.go b/sdk/go/aws/macie2/invitationAccepter.go index 882dbe1a141..f8b58fcce61 100644 --- a/sdk/go/aws/macie2/invitationAccepter.go +++ b/sdk/go/aws/macie2/invitationAccepter.go @@ -29,7 +29,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := macie2.NewAccount(ctx, "primary", nil) +// primary, err := macie2.NewAccount(ctx, "primary", nil) // if err != nil { // return err // } @@ -37,18 +37,22 @@ import ( // if err != nil { // return err // } -// _, err = macie2.NewMember(ctx, "primary", &macie2.MemberArgs{ +// primaryMember, err := macie2.NewMember(ctx, "primary", &macie2.MemberArgs{ // AccountId: pulumi.String("ACCOUNT ID"), // Email: pulumi.String("EMAIL"), // Invite: pulumi.Bool(true), // InvitationMessage: pulumi.String("Message of the invite"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// primary, +// })) // if err != nil { // return err // } // _, err = macie2.NewInvitationAccepter(ctx, "member", &macie2.InvitationAccepterArgs{ // AdministratorAccountId: pulumi.String("ADMINISTRATOR ACCOUNT ID"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// primaryMember, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/macie2/member.go b/sdk/go/aws/macie2/member.go index 40a8f5bbf46..022c28588b5 100644 --- a/sdk/go/aws/macie2/member.go +++ b/sdk/go/aws/macie2/member.go @@ -29,7 +29,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := macie2.NewAccount(ctx, "example", nil) +// example, err := macie2.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -39,7 +39,9 @@ import ( // Invite: pulumi.Bool(true), // InvitationMessage: pulumi.String("Message of the invitation"), // InvitationDisableEmailNotification: pulumi.Bool(true), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/macie2/organizationAdminAccount.go b/sdk/go/aws/macie2/organizationAdminAccount.go index 91154d4bb96..bd421c6f629 100644 --- a/sdk/go/aws/macie2/organizationAdminAccount.go +++ b/sdk/go/aws/macie2/organizationAdminAccount.go @@ -29,13 +29,15 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := macie2.NewAccount(ctx, "example", nil) +// example, err := macie2.NewAccount(ctx, "example", nil) // if err != nil { // return err // } // _, err = macie2.NewOrganizationAdminAccount(ctx, "example", &macie2.OrganizationAdminAccountArgs{ // AdminAccountId: pulumi.String("ID OF THE ADMIN ACCOUNT"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/msk/clusterPolicy.go b/sdk/go/aws/msk/clusterPolicy.go index 414e9227405..d183771f03a 100644 --- a/sdk/go/aws/msk/clusterPolicy.go +++ b/sdk/go/aws/msk/clusterPolicy.go @@ -44,21 +44,21 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "sid": "ExampleMskClusterPolicy", -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Sid": "ExampleMskClusterPolicy", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": fmt.Sprintf("arn:%v:iam::%v:root", currentGetPartition.Partition, current.AccountId), // }, -// "action": []string{ +// "Action": []string{ // "kafka:Describe*", // "kafka:Get*", // "kafka:CreateVpcConnection", // "kafka:GetBootstrapBrokers", // }, -// "resource": exampleAwsMskCluster.Arn, +// "Resource": exampleAwsMskCluster.Arn, // }, // }, // }) diff --git a/sdk/go/aws/msk/scramSecretAssociation.go b/sdk/go/aws/msk/scramSecretAssociation.go index 37e8ca0ab3f..d7db5dc7464 100644 --- a/sdk/go/aws/msk/scramSecretAssociation.go +++ b/sdk/go/aws/msk/scramSecretAssociation.go @@ -68,15 +68,6 @@ import ( // if err != nil { // return err // } -// _, err = msk.NewScramSecretAssociation(ctx, "example", &msk.ScramSecretAssociationArgs{ -// ClusterArn: exampleCluster.Arn, -// SecretArnLists: pulumi.StringArray{ -// exampleSecret.Arn, -// }, -// }) -// if err != nil { -// return err -// } // tmpJSON0, err := json.Marshal(map[string]interface{}{ // "username": "user", // "password": "pass", @@ -85,13 +76,24 @@ import ( // return err // } // json0 := string(tmpJSON0) -// _, err = secretsmanager.NewSecretVersion(ctx, "example", &secretsmanager.SecretVersionArgs{ +// exampleSecretVersion, err := secretsmanager.NewSecretVersion(ctx, "example", &secretsmanager.SecretVersionArgs{ // SecretId: exampleSecret.ID(), // SecretString: pulumi.String(json0), // }) // if err != nil { // return err // } +// _, err = msk.NewScramSecretAssociation(ctx, "example", &msk.ScramSecretAssociationArgs{ +// ClusterArn: exampleCluster.Arn, +// SecretArnLists: pulumi.StringArray{ +// exampleSecret.Arn, +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleSecretVersion, +// })) +// if err != nil { +// return err +// } // example := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{ // Statements: iam.GetPolicyDocumentStatementArray{ // &iam.GetPolicyDocumentStatementArgs{ diff --git a/sdk/go/aws/neptune/globalCluster.go b/sdk/go/aws/neptune/globalCluster.go index c090ac333aa..40705953adc 100644 --- a/sdk/go/aws/neptune/globalCluster.go +++ b/sdk/go/aws/neptune/globalCluster.go @@ -51,7 +51,7 @@ import ( // if err != nil { // return err // } -// _, err = neptune.NewClusterInstance(ctx, "primary", &neptune.ClusterInstanceArgs{ +// primaryClusterInstance, err := neptune.NewClusterInstance(ctx, "primary", &neptune.ClusterInstanceArgs{ // Engine: example.Engine, // EngineVersion: example.EngineVersion, // Identifier: pulumi.String("test-primary-cluster-instance"), @@ -79,7 +79,9 @@ import ( // ClusterIdentifier: secondary.ID(), // InstanceClass: pulumi.String("db.r5.large"), // NeptuneSubnetGroupName: pulumi.String("default"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// primaryClusterInstance, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/networkfirewall/resourcePolicy.go b/sdk/go/aws/networkfirewall/resourcePolicy.go index 33fb45bd6e9..c3b57448152 100644 --- a/sdk/go/aws/networkfirewall/resourcePolicy.go +++ b/sdk/go/aws/networkfirewall/resourcePolicy.go @@ -34,22 +34,22 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "statement": []map[string]interface{}{ +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "network-firewall:ListFirewallPolicies", // "network-firewall:CreateFirewall", // "network-firewall:UpdateFirewall", // "network-firewall:AssociateFirewallPolicy", // }, -// "effect": "Allow", -// "resource": exampleAwsNetworkfirewallFirewallPolicy.Arn, -// "principal": map[string]interface{}{ +// "Effect": "Allow", +// "Resource": exampleAwsNetworkfirewallFirewallPolicy.Arn, +// "Principal": map[string]interface{}{ // "AWS": "arn:aws:iam::123456789012:root", // }, // }, // }, -// "version": "2012-10-17", +// "Version": "2012-10-17", // }) // if err != nil { // return err @@ -87,21 +87,21 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "statement": []map[string]interface{}{ +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "network-firewall:ListRuleGroups", // "network-firewall:CreateFirewallPolicy", // "network-firewall:UpdateFirewallPolicy", // }, -// "effect": "Allow", -// "resource": exampleAwsNetworkfirewallRuleGroup.Arn, -// "principal": map[string]interface{}{ +// "Effect": "Allow", +// "Resource": exampleAwsNetworkfirewallRuleGroup.Arn, +// "Principal": map[string]interface{}{ // "AWS": "arn:aws:iam::123456789012:root", // }, // }, // }, -// "version": "2012-10-17", +// "Version": "2012-10-17", // }) // if err != nil { // return err diff --git a/sdk/go/aws/networkmanager/connectAttachment.go b/sdk/go/aws/networkmanager/connectAttachment.go index 0af11496fdd..f4b1f88afc7 100644 --- a/sdk/go/aws/networkmanager/connectAttachment.go +++ b/sdk/go/aws/networkmanager/connectAttachment.go @@ -106,7 +106,9 @@ import ( // Options: &networkmanager.ConnectAttachmentOptionsArgs{ // Protocol: pulumi.String("GRE"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// test, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/networkmanager/connectPeer.go b/sdk/go/aws/networkmanager/connectPeer.go index fd35b6b4a26..6399be9d6ee 100644 --- a/sdk/go/aws/networkmanager/connectPeer.go +++ b/sdk/go/aws/networkmanager/connectPeer.go @@ -119,11 +119,13 @@ import ( // Options: &networkmanager.ConnectAttachmentOptionsArgs{ // Protocol: pulumi.String("GRE"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// test, +// })) // if err != nil { // return err // } -// _, err = networkmanager.NewAttachmentAccepter(ctx, "example2", &networkmanager.AttachmentAccepterArgs{ +// example2, err := networkmanager.NewAttachmentAccepter(ctx, "example2", &networkmanager.AttachmentAccepterArgs{ // AttachmentId: exampleConnectAttachment.ID(), // AttachmentType: exampleConnectAttachment.AttachmentType, // }) @@ -139,7 +141,9 @@ import ( // InsideCidrBlocks: pulumi.StringArray{ // pulumi.String("172.16.0.0/16"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example2, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/networkmanager/customerGatewayAssociation.go b/sdk/go/aws/networkmanager/customerGatewayAssociation.go index cbc162acee9..994e784511a 100644 --- a/sdk/go/aws/networkmanager/customerGatewayAssociation.go +++ b/sdk/go/aws/networkmanager/customerGatewayAssociation.go @@ -63,7 +63,7 @@ import ( // if err != nil { // return err // } -// _, err = ec2.NewVpnConnection(ctx, "example", &ec2.VpnConnectionArgs{ +// exampleVpnConnection, err := ec2.NewVpnConnection(ctx, "example", &ec2.VpnConnectionArgs{ // CustomerGatewayId: exampleCustomerGateway.ID(), // TransitGatewayId: exampleTransitGateway.ID(), // Type: exampleCustomerGateway.Type, @@ -72,10 +72,12 @@ import ( // if err != nil { // return err // } -// _, err = networkmanager.NewTransitGatewayRegistration(ctx, "example", &networkmanager.TransitGatewayRegistrationArgs{ +// exampleTransitGatewayRegistration, err := networkmanager.NewTransitGatewayRegistration(ctx, "example", &networkmanager.TransitGatewayRegistrationArgs{ // GlobalNetworkId: example.ID(), // TransitGatewayArn: exampleTransitGateway.Arn, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleVpnConnection, +// })) // if err != nil { // return err // } @@ -83,7 +85,9 @@ import ( // GlobalNetworkId: example.ID(), // CustomerGatewayArn: exampleCustomerGateway.Arn, // DeviceId: exampleDevice.ID(), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleTransitGatewayRegistration, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/oam/sinkPolicy.go b/sdk/go/aws/oam/sinkPolicy.go index 24c2724f44a..5e730af5ee7 100644 --- a/sdk/go/aws/oam/sinkPolicy.go +++ b/sdk/go/aws/oam/sinkPolicy.go @@ -40,22 +40,22 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "oam:CreateLink", // "oam:UpdateLink", // }, -// "effect": "Allow", -// "resource": "*", -// "principal": map[string]interface{}{ +// "Effect": "Allow", +// "Resource": "*", +// "Principal": map[string]interface{}{ // "AWS": []string{ // "1111111111111", // "222222222222", // }, // }, -// "condition": map[string]interface{}{ +// "Condition": map[string]interface{}{ // "ForAllValues:StringEquals": map[string]interface{}{ // "oam:ResourceTypes": []string{ // "AWS::CloudWatch::Metric", diff --git a/sdk/go/aws/opensearch/domain.go b/sdk/go/aws/opensearch/domain.go index fd2ccdb707a..832560e9ddb 100644 --- a/sdk/go/aws/opensearch/domain.go +++ b/sdk/go/aws/opensearch/domain.go @@ -299,7 +299,7 @@ import ( // if err != nil { // return err // } -// _, err = iam.NewServiceLinkedRole(ctx, "example", &iam.ServiceLinkedRoleArgs{ +// exampleServiceLinkedRole, err := iam.NewServiceLinkedRole(ctx, "example", &iam.ServiceLinkedRoleArgs{ // AwsServiceName: pulumi.String("opensearchservice.amazonaws.com"), // }) // if err != nil { @@ -352,7 +352,9 @@ import ( // Tags: pulumi.StringMap{ // "Domain": pulumi.String("TestDomain"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleServiceLinkedRole, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/opensearch/serverlessAccessPolicy.go b/sdk/go/aws/opensearch/serverlessAccessPolicy.go index b80446bc2e9..8f83420eac1 100644 --- a/sdk/go/aws/opensearch/serverlessAccessPolicy.go +++ b/sdk/go/aws/opensearch/serverlessAccessPolicy.go @@ -40,27 +40,27 @@ import ( // } // tmpJSON0, err := json.Marshal([]map[string]interface{}{ // map[string]interface{}{ -// "rules": []map[string]interface{}{ +// "Rules": []map[string]interface{}{ // map[string]interface{}{ -// "resourceType": "index", -// "resource": []string{ +// "ResourceType": "index", +// "Resource": []string{ // "index/example-collection/*", // }, -// "permission": []string{ +// "Permission": []string{ // "aoss:*", // }, // }, // map[string]interface{}{ -// "resourceType": "collection", -// "resource": []string{ +// "ResourceType": "collection", +// "Resource": []string{ // "collection/example-collection", // }, -// "permission": []string{ +// "Permission": []string{ // "aoss:*", // }, // }, // }, -// "principal": []*string{ +// "Principal": []*string{ // current.Arn, // }, // }, @@ -109,28 +109,28 @@ import ( // } // tmpJSON0, err := json.Marshal([]map[string]interface{}{ // map[string]interface{}{ -// "rules": []interface{}{ +// "Rules": []interface{}{ // map[string]interface{}{ -// "resourceType": "index", -// "resource": []string{ +// "ResourceType": "index", +// "Resource": []string{ // "index/example-collection/*", // }, -// "permission": []string{ +// "Permission": []string{ // "aoss:DescribeIndex", // "aoss:ReadDocument", // }, // }, // map[string]interface{}{ -// "resourceType": "collection", -// "resource": []string{ +// "ResourceType": "collection", +// "Resource": []string{ // "collection/example-collection", // }, -// "permission": []string{ +// "Permission": []string{ // "aoss:DescribeCollectionItems", // }, // }, // }, -// "principal": []*string{ +// "Principal": []*string{ // current.Arn, // }, // }, @@ -174,27 +174,27 @@ import ( // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal([]map[string]interface{}{ // map[string]interface{}{ -// "rules": []map[string]interface{}{ +// "Rules": []map[string]interface{}{ // map[string]interface{}{ -// "resourceType": "index", -// "resource": []string{ +// "ResourceType": "index", +// "Resource": []string{ // "index/example-collection/*", // }, -// "permission": []string{ +// "Permission": []string{ // "aoss:*", // }, // }, // map[string]interface{}{ -// "resourceType": "collection", -// "resource": []string{ +// "ResourceType": "collection", +// "Resource": []string{ // "collection/example-collection", // }, -// "permission": []string{ +// "Permission": []string{ // "aoss:*", // }, // }, // }, -// "principal": []string{ +// "Principal": []string{ // "saml/123456789012/myprovider/user/Annie", // "saml/123456789012/anotherprovider/group/Accounting", // }, diff --git a/sdk/go/aws/opensearch/serverlessCollection.go b/sdk/go/aws/opensearch/serverlessCollection.go index 706beea533c..746867dda00 100644 --- a/sdk/go/aws/opensearch/serverlessCollection.go +++ b/sdk/go/aws/opensearch/serverlessCollection.go @@ -51,7 +51,7 @@ import ( // return err // } // json0 := string(tmpJSON0) -// _, err = opensearch.NewServerlessSecurityPolicy(ctx, "example", &opensearch.ServerlessSecurityPolicyArgs{ +// example, err := opensearch.NewServerlessSecurityPolicy(ctx, "example", &opensearch.ServerlessSecurityPolicyArgs{ // Name: pulumi.String("example"), // Type: pulumi.String("encryption"), // Policy: pulumi.String(json0), @@ -61,7 +61,9 @@ import ( // } // _, err = opensearch.NewServerlessCollection(ctx, "example", &opensearch.ServerlessCollectionArgs{ // Name: pulumi.String("example"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/opensearch/serverlessSecurityPolicy.go b/sdk/go/aws/opensearch/serverlessSecurityPolicy.go index 4a03c78e0ee..b418399c8da 100644 --- a/sdk/go/aws/opensearch/serverlessSecurityPolicy.go +++ b/sdk/go/aws/opensearch/serverlessSecurityPolicy.go @@ -36,15 +36,15 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "rules": []map[string]interface{}{ +// "Rules": []map[string]interface{}{ // map[string]interface{}{ -// "resource": []string{ +// "Resource": []string{ // "collection/example-collection", // }, -// "resourceType": "collection", +// "ResourceType": "collection", // }, // }, -// "aWSOwnedKey": true, +// "AWSOwnedKey": true, // }) // if err != nil { // return err @@ -84,15 +84,15 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "rules": []map[string]interface{}{ +// "Rules": []map[string]interface{}{ // map[string]interface{}{ -// "resource": []string{ +// "Resource": []string{ // "collection/example*", // }, -// "resourceType": "collection", +// "ResourceType": "collection", // }, // }, -// "aWSOwnedKey": true, +// "AWSOwnedKey": true, // }) // if err != nil { // return err @@ -132,16 +132,16 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "rules": []map[string]interface{}{ +// "Rules": []map[string]interface{}{ // map[string]interface{}{ -// "resource": []string{ +// "Resource": []string{ // "collection/customer-managed-key-collection", // }, -// "resourceType": "collection", +// "ResourceType": "collection", // }, // }, -// "aWSOwnedKey": false, -// "kmsARN": "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36", +// "AWSOwnedKey": false, +// "KmsARN": "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36", // }) // if err != nil { // return err @@ -184,22 +184,22 @@ import ( // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal([]map[string]interface{}{ // map[string]interface{}{ -// "description": "Public access to collection and Dashboards endpoint for example collection", -// "rules": []map[string]interface{}{ +// "Description": "Public access to collection and Dashboards endpoint for example collection", +// "Rules": []map[string]interface{}{ // map[string]interface{}{ -// "resourceType": "collection", -// "resource": []string{ +// "ResourceType": "collection", +// "Resource": []string{ // "collection/example-collection", // }, // }, // map[string]interface{}{ -// "resourceType": "dashboard", -// "resource": []string{ +// "ResourceType": "dashboard", +// "Resource": []string{ // "collection/example-collection", // }, // }, // }, -// "allowFromPublic": true, +// "AllowFromPublic": true, // }, // }) // if err != nil { @@ -241,23 +241,23 @@ import ( // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal([]map[string]interface{}{ // map[string]interface{}{ -// "description": "VPC access to collection and Dashboards endpoint for example collection", -// "rules": []map[string]interface{}{ +// "Description": "VPC access to collection and Dashboards endpoint for example collection", +// "Rules": []map[string]interface{}{ // map[string]interface{}{ -// "resourceType": "collection", -// "resource": []string{ +// "ResourceType": "collection", +// "Resource": []string{ // "collection/example-collection", // }, // }, // map[string]interface{}{ -// "resourceType": "dashboard", -// "resource": []string{ +// "ResourceType": "dashboard", +// "Resource": []string{ // "collection/example-collection", // }, // }, // }, -// "allowFromPublic": false, -// "sourceVPCEs": []string{ +// "AllowFromPublic": false, +// "SourceVPCEs": []string{ // "vpce-050f79086ee71ac05", // }, // }, diff --git a/sdk/go/aws/opensearchingest/pipeline.go b/sdk/go/aws/opensearchingest/pipeline.go index b5490fb77f6..0030f9cd5a3 100644 --- a/sdk/go/aws/opensearchingest/pipeline.go +++ b/sdk/go/aws/opensearchingest/pipeline.go @@ -41,14 +41,14 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "osis-pipelines.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "osis-pipelines.amazonaws.com", // }, // }, // }, diff --git a/sdk/go/aws/pipes/pipe.go b/sdk/go/aws/pipes/pipe.go index 5cc1200c769..cacab8ff8a5 100644 --- a/sdk/go/aws/pipes/pipe.go +++ b/sdk/go/aws/pipes/pipe.go @@ -47,15 +47,15 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": map[string]interface{}{ -// "effect": "Allow", -// "action": "sts:AssumeRole", -// "principal": map[string]interface{}{ -// "service": "pipes.amazonaws.com", +// "Version": "2012-10-17", +// "Statement": map[string]interface{}{ +// "Effect": "Allow", +// "Action": "sts:AssumeRole", +// "Principal": map[string]interface{}{ +// "Service": "pipes.amazonaws.com", // }, -// "condition": map[string]interface{}{ -// "stringEquals": map[string]interface{}{ +// "Condition": map[string]interface{}{ +// "StringEquals": map[string]interface{}{ // "aws:SourceAccount": main.AccountId, // }, // }, @@ -75,21 +75,21 @@ import ( // if err != nil { // return err // } -// _, err = iam.NewRolePolicy(ctx, "source", &iam.RolePolicyArgs{ +// source, err := iam.NewRolePolicy(ctx, "source", &iam.RolePolicyArgs{ // Role: example.ID(), // Policy: sourceQueue.Arn.ApplyT(func(arn string) (pulumi.String, error) { // var _zero pulumi.String // tmpJSON1, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "effect": "Allow", -// "action": []string{ +// "Effect": "Allow", +// "Action": []string{ // "sqs:DeleteMessage", // "sqs:GetQueueAttributes", // "sqs:ReceiveMessage", // }, -// "resource": []string{ +// "Resource": []string{ // arn, // }, // }, @@ -109,19 +109,19 @@ import ( // if err != nil { // return err // } -// _, err = iam.NewRolePolicy(ctx, "target", &iam.RolePolicyArgs{ +// target, err := iam.NewRolePolicy(ctx, "target", &iam.RolePolicyArgs{ // Role: example.ID(), // Policy: targetQueue.Arn.ApplyT(func(arn string) (pulumi.String, error) { // var _zero pulumi.String // tmpJSON2, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "effect": "Allow", -// "action": []string{ +// "Effect": "Allow", +// "Action": []string{ // "sqs:SendMessage", // }, -// "resource": []string{ +// "Resource": []string{ // arn, // }, // }, @@ -142,7 +142,10 @@ import ( // RoleArn: example.Arn, // Source: sourceQueue.Arn, // Target: targetQueue.Arn, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// source, +// target, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/quicksight/vpcConnection.go b/sdk/go/aws/quicksight/vpcConnection.go index e286fe48356..4de33b511fe 100644 --- a/sdk/go/aws/quicksight/vpcConnection.go +++ b/sdk/go/aws/quicksight/vpcConnection.go @@ -35,13 +35,13 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "effect": "Allow", -// "action": "sts:AssumeRole", -// "principal": map[string]interface{}{ -// "service": "quicksight.amazonaws.com", +// "Effect": "Allow", +// "Action": "sts:AssumeRole", +// "Principal": map[string]interface{}{ +// "Service": "quicksight.amazonaws.com", // }, // }, // }, @@ -51,18 +51,18 @@ import ( // } // json0 := string(tmpJSON0) // tmpJSON1, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "effect": "Allow", -// "action": []string{ +// "Effect": "Allow", +// "Action": []string{ // "ec2:CreateNetworkInterface", // "ec2:ModifyNetworkInterfaceAttribute", // "ec2:DeleteNetworkInterface", // "ec2:DescribeSubnets", // "ec2:DescribeSecurityGroups", // }, -// "resource": []string{ +// "Resource": []string{ // "*", // }, // }, diff --git a/sdk/go/aws/rds/clusterActivityStream.go b/sdk/go/aws/rds/clusterActivityStream.go index ecb58efc50e..f9c1e4bd3d4 100644 --- a/sdk/go/aws/rds/clusterActivityStream.go +++ b/sdk/go/aws/rds/clusterActivityStream.go @@ -54,7 +54,7 @@ import ( // if err != nil { // return err // } -// _, err = rds.NewClusterInstance(ctx, "default", &rds.ClusterInstanceArgs{ +// defaultClusterInstance, err := rds.NewClusterInstance(ctx, "default", &rds.ClusterInstanceArgs{ // Identifier: pulumi.String("aurora-instance-demo"), // ClusterIdentifier: _default.ClusterIdentifier, // Engine: _default.Engine, @@ -73,7 +73,9 @@ import ( // ResourceArn: _default.Arn, // Mode: pulumi.String("async"), // KmsKeyId: defaultKey.KeyId, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// defaultClusterInstance, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/rds/exportTask.go b/sdk/go/aws/rds/exportTask.go index 1f51bc6c69e..f7b4565ce09 100644 --- a/sdk/go/aws/rds/exportTask.go +++ b/sdk/go/aws/rds/exportTask.go @@ -84,14 +84,14 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "sts:AssumeRole", -// "effect": "Allow", -// "sid": "", -// "principal": map[string]interface{}{ -// "service": "export.rds.amazonaws.com", +// "Action": "sts:AssumeRole", +// "Effect": "Allow", +// "Sid": "", +// "Principal": map[string]interface{}{ +// "Service": "export.rds.amazonaws.com", // }, // }, // }, diff --git a/sdk/go/aws/rds/globalCluster.go b/sdk/go/aws/rds/globalCluster.go index 4281504b318..33832e0ec04 100644 --- a/sdk/go/aws/rds/globalCluster.go +++ b/sdk/go/aws/rds/globalCluster.go @@ -55,7 +55,7 @@ import ( // if err != nil { // return err // } -// _, err = rds.NewClusterInstance(ctx, "primary", &rds.ClusterInstanceArgs{ +// primaryClusterInstance, err := rds.NewClusterInstance(ctx, "primary", &rds.ClusterInstanceArgs{ // Engine: example.Engine, // EngineVersion: example.EngineVersion, // Identifier: pulumi.String("test-primary-cluster-instance"), @@ -72,7 +72,9 @@ import ( // ClusterIdentifier: pulumi.String("test-secondary-cluster"), // GlobalClusterIdentifier: example.ID(), // DbSubnetGroupName: pulumi.String("default"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// primaryClusterInstance, +// })) // if err != nil { // return err // } @@ -131,7 +133,7 @@ import ( // if err != nil { // return err // } -// _, err = rds.NewClusterInstance(ctx, "primary", &rds.ClusterInstanceArgs{ +// primaryClusterInstance, err := rds.NewClusterInstance(ctx, "primary", &rds.ClusterInstanceArgs{ // Engine: example.Engine, // EngineVersion: example.EngineVersion, // Identifier: pulumi.String("test-primary-cluster-instance"), @@ -149,7 +151,9 @@ import ( // GlobalClusterIdentifier: example.ID(), // SkipFinalSnapshot: pulumi.Bool(true), // DbSubnetGroupName: pulumi.String("default"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// primaryClusterInstance, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/redshift/authenticationProfile.go b/sdk/go/aws/redshift/authenticationProfile.go index 210f37db741..f77d1f6de17 100644 --- a/sdk/go/aws/redshift/authenticationProfile.go +++ b/sdk/go/aws/redshift/authenticationProfile.go @@ -32,9 +32,9 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "allowDBUserOverride": "1", -// "clientID": "ExampleClientID", -// "appID": "example", +// "AllowDBUserOverride": "1", +// "Client_ID": "ExampleClientID", +// "App_ID": "example", // }) // if err != nil { // return err diff --git a/sdk/go/aws/redshift/resourcePolicy.go b/sdk/go/aws/redshift/resourcePolicy.go index 6aff9b4e461..b1c6f73cb08 100644 --- a/sdk/go/aws/redshift/resourcePolicy.go +++ b/sdk/go/aws/redshift/resourcePolicy.go @@ -32,16 +32,16 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": "arn:aws:iam::12345678901:root", // }, -// "action": "redshift:CreateInboundIntegration", -// "resource": exampleAwsRedshiftCluster.ClusterNamespaceArn, -// "sid": "", +// "Action": "redshift:CreateInboundIntegration", +// "Resource": exampleAwsRedshiftCluster.ClusterNamespaceArn, +// "Sid": "", // }, // }, // }) diff --git a/sdk/go/aws/redshiftserverless/resourcePolicy.go b/sdk/go/aws/redshiftserverless/resourcePolicy.go index ba7177e87e1..99c437e16dc 100644 --- a/sdk/go/aws/redshiftserverless/resourcePolicy.go +++ b/sdk/go/aws/redshiftserverless/resourcePolicy.go @@ -32,19 +32,19 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": []string{ // "12345678901", // }, // }, -// "action": []string{ +// "Action": []string{ // "redshift-serverless:RestoreFromSnapshot", // }, -// "sid": "", +// "Sid": "", // }, // }, // }) diff --git a/sdk/go/aws/resourceexplorer/view.go b/sdk/go/aws/resourceexplorer/view.go index 3ffde968932..e160cc53a3b 100644 --- a/sdk/go/aws/resourceexplorer/view.go +++ b/sdk/go/aws/resourceexplorer/view.go @@ -28,7 +28,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := resourceexplorer.NewIndex(ctx, "example", &resourceexplorer.IndexArgs{ +// example, err := resourceexplorer.NewIndex(ctx, "example", &resourceexplorer.IndexArgs{ // Type: pulumi.String("LOCAL"), // }) // if err != nil { @@ -44,7 +44,9 @@ import ( // Name: pulumi.String("tags"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/rolesanywhere/profile.go b/sdk/go/aws/rolesanywhere/profile.go index 2b898ab1096..607f1f29946 100644 --- a/sdk/go/aws/rolesanywhere/profile.go +++ b/sdk/go/aws/rolesanywhere/profile.go @@ -33,19 +33,19 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "sts:AssumeRole", // "sts:TagSession", // "sts:SetSourceIdentity", // }, -// "principal": map[string]interface{}{ -// "service": "rolesanywhere.amazonaws.com", +// "Principal": map[string]interface{}{ +// "Service": "rolesanywhere.amazonaws.com", // }, -// "effect": "Allow", -// "sid": "", +// "Effect": "Allow", +// "Sid": "", // }, // }, // }) diff --git a/sdk/go/aws/rolesanywhere/trustAnchor.go b/sdk/go/aws/rolesanywhere/trustAnchor.go index 9e6e8ffde95..e85e160641d 100644 --- a/sdk/go/aws/rolesanywhere/trustAnchor.go +++ b/sdk/go/aws/rolesanywhere/trustAnchor.go @@ -64,7 +64,7 @@ import ( // if err != nil { // return err // } -// _, err = acmpca.NewCertificateAuthorityCertificate(ctx, "example", &acmpca.CertificateAuthorityCertificateArgs{ +// exampleCertificateAuthorityCertificate, err := acmpca.NewCertificateAuthorityCertificate(ctx, "example", &acmpca.CertificateAuthorityCertificateArgs{ // CertificateAuthorityArn: example.Arn, // Certificate: pulumi.Any(exampleAwsAcmpcaCertificate.Certificate), // CertificateChain: pulumi.Any(exampleAwsAcmpcaCertificate.CertificateChain), @@ -80,7 +80,9 @@ import ( // }, // SourceType: pulumi.String("AWS_ACM_PCA"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleCertificateAuthorityCertificate, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/route53/hostedZoneDnsSec.go b/sdk/go/aws/route53/hostedZoneDnsSec.go index 8fcc03efd69..7b6230b1fa9 100644 --- a/sdk/go/aws/route53/hostedZoneDnsSec.go +++ b/sdk/go/aws/route53/hostedZoneDnsSec.go @@ -43,32 +43,32 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "statement": []interface{}{ +// "Statement": []interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "kms:DescribeKey", // "kms:GetPublicKey", // "kms:Sign", // "kms:Verify", // }, -// "effect": "Allow", -// "principal": map[string]interface{}{ -// "service": "dnssec-route53.amazonaws.com", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ +// "Service": "dnssec-route53.amazonaws.com", // }, -// "resource": "*", -// "sid": "Allow Route 53 DNSSEC Service", +// "Resource": "*", +// "Sid": "Allow Route 53 DNSSEC Service", // }, // map[string]interface{}{ -// "action": "kms:*", -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Action": "kms:*", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": fmt.Sprintf("arn:aws:iam::%v:root", current.AccountId), // }, -// "resource": "*", -// "sid": "Enable IAM User Permissions", +// "Resource": "*", +// "Sid": "Enable IAM User Permissions", // }, // }, -// "version": "2012-10-17", +// "Version": "2012-10-17", // }) // if err != nil { // return err @@ -99,7 +99,9 @@ import ( // } // _, err = route53.NewHostedZoneDnsSec(ctx, "example", &route53.HostedZoneDnsSecArgs{ // HostedZoneId: exampleKeySigningKey.HostedZoneId, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleKeySigningKey, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/route53/keySigningKey.go b/sdk/go/aws/route53/keySigningKey.go index 926b78d77dd..7d429b58ba7 100644 --- a/sdk/go/aws/route53/keySigningKey.go +++ b/sdk/go/aws/route53/keySigningKey.go @@ -39,53 +39,53 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "statement": []interface{}{ +// "Statement": []interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "kms:DescribeKey", // "kms:GetPublicKey", // "kms:Sign", // }, -// "effect": "Allow", -// "principal": map[string]interface{}{ -// "service": "dnssec-route53.amazonaws.com", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ +// "Service": "dnssec-route53.amazonaws.com", // }, -// "sid": "Allow Route 53 DNSSEC Service", -// "resource": "*", -// "condition": map[string]interface{}{ -// "stringEquals": map[string]interface{}{ +// "Sid": "Allow Route 53 DNSSEC Service", +// "Resource": "*", +// "Condition": map[string]interface{}{ +// "StringEquals": map[string]interface{}{ // "aws:SourceAccount": current.AccountId, // }, -// "arnLike": map[string]interface{}{ +// "ArnLike": map[string]interface{}{ // "aws:SourceArn": "arn:aws:route53:::hostedzone/*", // }, // }, // }, // map[string]interface{}{ -// "action": "kms:CreateGrant", -// "effect": "Allow", -// "principal": map[string]interface{}{ -// "service": "dnssec-route53.amazonaws.com", +// "Action": "kms:CreateGrant", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ +// "Service": "dnssec-route53.amazonaws.com", // }, -// "sid": "Allow Route 53 DNSSEC Service to CreateGrant", -// "resource": "*", -// "condition": map[string]interface{}{ -// "bool": map[string]interface{}{ +// "Sid": "Allow Route 53 DNSSEC Service to CreateGrant", +// "Resource": "*", +// "Condition": map[string]interface{}{ +// "Bool": map[string]interface{}{ // "kms:GrantIsForAWSResource": "true", // }, // }, // }, // map[string]interface{}{ -// "action": "kms:*", -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Action": "kms:*", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": fmt.Sprintf("arn:aws:iam::%v:root", current.AccountId), // }, -// "resource": "*", -// "sid": "Enable IAM User Permissions", +// "Resource": "*", +// "Sid": "Enable IAM User Permissions", // }, // }, -// "version": "2012-10-17", +// "Version": "2012-10-17", // }) // if err != nil { // return err @@ -116,7 +116,9 @@ import ( // } // _, err = route53.NewHostedZoneDnsSec(ctx, "example", &route53.HostedZoneDnsSecArgs{ // HostedZoneId: exampleKeySigningKey.HostedZoneId, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleKeySigningKey, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/route53/queryLog.go b/sdk/go/aws/route53/queryLog.go index c1bbe970303..0a169a3bf61 100644 --- a/sdk/go/aws/route53/queryLog.go +++ b/sdk/go/aws/route53/queryLog.go @@ -91,7 +91,9 @@ import ( // _, err = route53.NewQueryLog(ctx, "example_com", &route53.QueryLogArgs{ // CloudwatchLogGroupArn: awsRoute53ExampleCom.Arn, // ZoneId: exampleCom.ZoneId, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// route53_query_logging_policyLogResourcePolicy, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/route53domains/delegationSignerRecord.go b/sdk/go/aws/route53domains/delegationSignerRecord.go index 40b1b41c63d..a3bd40a71d3 100644 --- a/sdk/go/aws/route53domains/delegationSignerRecord.go +++ b/sdk/go/aws/route53domains/delegationSignerRecord.go @@ -42,53 +42,53 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "statement": []interface{}{ +// "Statement": []interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "kms:DescribeKey", // "kms:GetPublicKey", // "kms:Sign", // }, -// "effect": "Allow", -// "principal": map[string]interface{}{ -// "service": "dnssec-route53.amazonaws.com", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ +// "Service": "dnssec-route53.amazonaws.com", // }, -// "sid": "Allow Route 53 DNSSEC Service", -// "resource": "*", -// "condition": map[string]interface{}{ -// "stringEquals": map[string]interface{}{ +// "Sid": "Allow Route 53 DNSSEC Service", +// "Resource": "*", +// "Condition": map[string]interface{}{ +// "StringEquals": map[string]interface{}{ // "aws:SourceAccount": current.AccountId, // }, -// "arnLike": map[string]interface{}{ +// "ArnLike": map[string]interface{}{ // "aws:SourceArn": "arn:aws:route53:::hostedzone/*", // }, // }, // }, // map[string]interface{}{ -// "action": "kms:CreateGrant", -// "effect": "Allow", -// "principal": map[string]interface{}{ -// "service": "dnssec-route53.amazonaws.com", +// "Action": "kms:CreateGrant", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ +// "Service": "dnssec-route53.amazonaws.com", // }, -// "sid": "Allow Route 53 DNSSEC Service to CreateGrant", -// "resource": "*", -// "condition": map[string]interface{}{ -// "bool": map[string]interface{}{ +// "Sid": "Allow Route 53 DNSSEC Service to CreateGrant", +// "Resource": "*", +// "Condition": map[string]interface{}{ +// "Bool": map[string]interface{}{ // "kms:GrantIsForAWSResource": "true", // }, // }, // }, // map[string]interface{}{ -// "action": "kms:*", -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Action": "kms:*", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": fmt.Sprintf("arn:aws:iam::%v:root", current.AccountId), // }, -// "resource": "*", -// "sid": "Enable IAM User Permissions", +// "Resource": "*", +// "Sid": "Enable IAM User Permissions", // }, // }, -// "version": "2012-10-17", +// "Version": "2012-10-17", // }) // if err != nil { // return err @@ -119,7 +119,9 @@ import ( // } // _, err = route53.NewHostedZoneDnsSec(ctx, "example", &route53.HostedZoneDnsSecArgs{ // HostedZoneId: exampleKeySigningKey.HostedZoneId, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleKeySigningKey, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/s3/bucketAclV2.go b/sdk/go/aws/s3/bucketAclV2.go index e4a8294d946..1f1b0e944de 100644 --- a/sdk/go/aws/s3/bucketAclV2.go +++ b/sdk/go/aws/s3/bucketAclV2.go @@ -41,7 +41,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketOwnershipControls(ctx, "example", &s3.BucketOwnershipControlsArgs{ +// exampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, "example", &s3.BucketOwnershipControlsArgs{ // Bucket: example.ID(), // Rule: &s3.BucketOwnershipControlsRuleArgs{ // ObjectOwnership: pulumi.String("BucketOwnerPreferred"), @@ -53,7 +53,9 @@ import ( // _, err = s3.NewBucketAclV2(ctx, "example", &s3.BucketAclV2Args{ // Bucket: example.ID(), // Acl: pulumi.String("private"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleBucketOwnershipControls, +// })) // if err != nil { // return err // } @@ -88,7 +90,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketOwnershipControls(ctx, "example", &s3.BucketOwnershipControlsArgs{ +// exampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, "example", &s3.BucketOwnershipControlsArgs{ // Bucket: example.ID(), // Rule: &s3.BucketOwnershipControlsRuleArgs{ // ObjectOwnership: pulumi.String("BucketOwnerPreferred"), @@ -97,7 +99,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketPublicAccessBlock(ctx, "example", &s3.BucketPublicAccessBlockArgs{ +// exampleBucketPublicAccessBlock, err := s3.NewBucketPublicAccessBlock(ctx, "example", &s3.BucketPublicAccessBlockArgs{ // Bucket: example.ID(), // BlockPublicAcls: pulumi.Bool(false), // BlockPublicPolicy: pulumi.Bool(false), @@ -110,7 +112,10 @@ import ( // _, err = s3.NewBucketAclV2(ctx, "example", &s3.BucketAclV2Args{ // Bucket: example.ID(), // Acl: pulumi.String("public-read"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleBucketOwnershipControls, +// exampleBucketPublicAccessBlock, +// })) // if err != nil { // return err // } @@ -146,7 +151,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketOwnershipControls(ctx, "example", &s3.BucketOwnershipControlsArgs{ +// exampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, "example", &s3.BucketOwnershipControlsArgs{ // Bucket: example.ID(), // Rule: &s3.BucketOwnershipControlsRuleArgs{ // ObjectOwnership: pulumi.String("BucketOwnerPreferred"), @@ -178,7 +183,9 @@ import ( // Id: pulumi.String(current.Id), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleBucketOwnershipControls, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/s3/bucketLifecycleConfigurationV2.go b/sdk/go/aws/s3/bucketLifecycleConfigurationV2.go index 6b9a2b27f47..b1b6abb9322 100644 --- a/sdk/go/aws/s3/bucketLifecycleConfigurationV2.go +++ b/sdk/go/aws/s3/bucketLifecycleConfigurationV2.go @@ -489,7 +489,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketVersioningV2(ctx, "versioning", &s3.BucketVersioningV2Args{ +// versioning, err := s3.NewBucketVersioningV2(ctx, "versioning", &s3.BucketVersioningV2Args{ // Bucket: versioningBucket.ID(), // VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{ // Status: pulumi.String("Enabled"), @@ -522,7 +522,9 @@ import ( // Status: pulumi.String("Enabled"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// versioning, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/s3/bucketNotification.go b/sdk/go/aws/s3/bucketNotification.go index 274e2c46492..aab6fca61d8 100644 --- a/sdk/go/aws/s3/bucketNotification.go +++ b/sdk/go/aws/s3/bucketNotification.go @@ -249,7 +249,7 @@ import ( // if err != nil { // return err // } -// _, err = lambda.NewPermission(ctx, "allow_bucket", &lambda.PermissionArgs{ +// allowBucket, err := lambda.NewPermission(ctx, "allow_bucket", &lambda.PermissionArgs{ // StatementId: pulumi.String("AllowExecutionFromS3Bucket"), // Action: pulumi.String("lambda:InvokeFunction"), // Function: _func.Arn, @@ -271,7 +271,9 @@ import ( // FilterSuffix: pulumi.String(".log"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// allowBucket, +// })) // if err != nil { // return err // } @@ -343,7 +345,7 @@ import ( // if err != nil { // return err // } -// _, err = lambda.NewPermission(ctx, "allow_bucket1", &lambda.PermissionArgs{ +// allowBucket1, err := lambda.NewPermission(ctx, "allow_bucket1", &lambda.PermissionArgs{ // StatementId: pulumi.String("AllowExecutionFromS3Bucket1"), // Action: pulumi.String("lambda:InvokeFunction"), // Function: func1.Arn, @@ -362,7 +364,7 @@ import ( // if err != nil { // return err // } -// _, err = lambda.NewPermission(ctx, "allow_bucket2", &lambda.PermissionArgs{ +// allowBucket2, err := lambda.NewPermission(ctx, "allow_bucket2", &lambda.PermissionArgs{ // StatementId: pulumi.String("AllowExecutionFromS3Bucket2"), // Action: pulumi.String("lambda:InvokeFunction"), // Function: func2.Arn, @@ -392,7 +394,10 @@ import ( // FilterSuffix: pulumi.String(".log"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// allowBucket1, +// allowBucket2, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/s3/bucketObject.go b/sdk/go/aws/s3/bucketObject.go index 7326eba971e..1d9d7a16f80 100644 --- a/sdk/go/aws/s3/bucketObject.go +++ b/sdk/go/aws/s3/bucketObject.go @@ -223,7 +223,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketVersioningV2(ctx, "example", &s3.BucketVersioningV2Args{ +// exampleBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "example", &s3.BucketVersioningV2Args{ // Bucket: examplebucket.ID(), // VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{ // Status: pulumi.String("Enabled"), @@ -240,7 +240,9 @@ import ( // ObjectLockMode: pulumi.String("GOVERNANCE"), // ObjectLockRetainUntilDate: pulumi.String("2021-12-31T23:59:60Z"), // ForceDestroy: pulumi.Bool(true), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleBucketVersioningV2, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/s3/bucketObjectv2.go b/sdk/go/aws/s3/bucketObjectv2.go index b30c3d20a6e..bd7e0d6f44c 100644 --- a/sdk/go/aws/s3/bucketObjectv2.go +++ b/sdk/go/aws/s3/bucketObjectv2.go @@ -223,7 +223,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketVersioningV2(ctx, "example", &s3.BucketVersioningV2Args{ +// exampleBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "example", &s3.BucketVersioningV2Args{ // Bucket: examplebucket.ID(), // VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{ // Status: pulumi.String("Enabled"), @@ -240,7 +240,9 @@ import ( // ObjectLockMode: pulumi.String("GOVERNANCE"), // ObjectLockRetainUntilDate: pulumi.String("2021-12-31T23:59:60Z"), // ForceDestroy: pulumi.Bool(true), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleBucketVersioningV2, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/s3/bucketReplicationConfig.go b/sdk/go/aws/s3/bucketReplicationConfig.go index e4f51ba64c8..185435811a8 100644 --- a/sdk/go/aws/s3/bucketReplicationConfig.go +++ b/sdk/go/aws/s3/bucketReplicationConfig.go @@ -150,7 +150,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketVersioningV2(ctx, "source", &s3.BucketVersioningV2Args{ +// sourceBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "source", &s3.BucketVersioningV2Args{ // Bucket: source.ID(), // VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{ // Status: pulumi.String("Enabled"), @@ -175,7 +175,9 @@ import ( // }, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// sourceBucketVersioningV2, +// })) // if err != nil { // return err // } @@ -208,7 +210,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketVersioningV2(ctx, "east", &s3.BucketVersioningV2Args{ +// eastBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "east", &s3.BucketVersioningV2Args{ // Bucket: east.ID(), // VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{ // Status: pulumi.String("Enabled"), @@ -223,7 +225,7 @@ import ( // if err != nil { // return err // } -// _, err = s3.NewBucketVersioningV2(ctx, "west", &s3.BucketVersioningV2Args{ +// westBucketVersioningV2, err := s3.NewBucketVersioningV2(ctx, "west", &s3.BucketVersioningV2Args{ // Bucket: west.ID(), // VersioningConfiguration: &s3.BucketVersioningV2VersioningConfigurationArgs{ // Status: pulumi.String("Enabled"), @@ -248,7 +250,9 @@ import ( // }, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// eastBucketVersioningV2, +// })) // if err != nil { // return err // } @@ -268,7 +272,9 @@ import ( // }, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// westBucketVersioningV2, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/s3control/accessGrant.go b/sdk/go/aws/s3control/accessGrant.go index df154cec201..f15b950393a 100644 --- a/sdk/go/aws/s3control/accessGrant.go +++ b/sdk/go/aws/s3control/accessGrant.go @@ -33,14 +33,16 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := s3control.NewAccessGrantsInstance(ctx, "example", nil) +// example, err := s3control.NewAccessGrantsInstance(ctx, "example", nil) // if err != nil { // return err // } // exampleAccessGrantsLocation, err := s3control.NewAccessGrantsLocation(ctx, "example", &s3control.AccessGrantsLocationArgs{ // IamRoleArn: pulumi.Any(exampleAwsIamRole.Arn), // LocationScope: pulumi.String(fmt.Sprintf("s3://%v/prefixA*", exampleAwsS3Bucket.Bucket)), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/s3control/accessGrantsLocation.go b/sdk/go/aws/s3control/accessGrantsLocation.go index d9464bd3bad..fcd9be60b13 100644 --- a/sdk/go/aws/s3control/accessGrantsLocation.go +++ b/sdk/go/aws/s3control/accessGrantsLocation.go @@ -32,14 +32,16 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := s3control.NewAccessGrantsInstance(ctx, "example", nil) +// example, err := s3control.NewAccessGrantsInstance(ctx, "example", nil) // if err != nil { // return err // } // _, err = s3control.NewAccessGrantsLocation(ctx, "example", &s3control.AccessGrantsLocationArgs{ // IamRoleArn: pulumi.Any(exampleAwsIamRole.Arn), // LocationScope: pulumi.String("s3://"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/s3control/accessPointPolicy.go b/sdk/go/aws/s3control/accessPointPolicy.go index 66f6d3e109a..5c5e5138d12 100644 --- a/sdk/go/aws/s3control/accessPointPolicy.go +++ b/sdk/go/aws/s3control/accessPointPolicy.go @@ -59,15 +59,15 @@ import ( // Policy: exampleAccessPoint.Arn.ApplyT(func(arn string) (pulumi.String, error) { // var _zero pulumi.String // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2008-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2008-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "effect": "Allow", -// "action": "s3:GetObjectTagging", -// "principal": map[string]interface{}{ +// "Effect": "Allow", +// "Action": "s3:GetObjectTagging", +// "Principal": map[string]interface{}{ // "AWS": "*", // }, -// "resource": fmt.Sprintf("%v/object/*", arn), +// "Resource": fmt.Sprintf("%v/object/*", arn), // }, // }, // }) diff --git a/sdk/go/aws/s3control/bucketPolicy.go b/sdk/go/aws/s3control/bucketPolicy.go index d79eb5b5108..daf488d9956 100644 --- a/sdk/go/aws/s3control/bucketPolicy.go +++ b/sdk/go/aws/s3control/bucketPolicy.go @@ -34,19 +34,19 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "id": "testBucketPolicy", -// "statement": []map[string]interface{}{ +// "Id": "testBucketPolicy", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "s3-outposts:PutBucketLifecycleConfiguration", -// "effect": "Deny", -// "principal": map[string]interface{}{ +// "Action": "s3-outposts:PutBucketLifecycleConfiguration", +// "Effect": "Deny", +// "Principal": map[string]interface{}{ // "AWS": "*", // }, -// "resource": exampleAwsS3controlBucket.Arn, -// "sid": "statement1", +// "Resource": exampleAwsS3controlBucket.Arn, +// "Sid": "statement1", // }, // }, -// "version": "2012-10-17", +// "Version": "2012-10-17", // }) // if err != nil { // return err diff --git a/sdk/go/aws/s3control/objectLambdaAccessPointPolicy.go b/sdk/go/aws/s3control/objectLambdaAccessPointPolicy.go index 6b0418d4de7..dba9952c30e 100644 --- a/sdk/go/aws/s3control/objectLambdaAccessPointPolicy.go +++ b/sdk/go/aws/s3control/objectLambdaAccessPointPolicy.go @@ -71,15 +71,15 @@ import ( // Policy: exampleObjectLambdaAccessPoint.Arn.ApplyT(func(arn string) (pulumi.String, error) { // var _zero pulumi.String // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2008-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2008-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "effect": "Allow", -// "action": "s3-object-lambda:GetObject", -// "principal": map[string]interface{}{ +// "Effect": "Allow", +// "Action": "s3-object-lambda:GetObject", +// "Principal": map[string]interface{}{ // "AWS": current.AccountId, // }, -// "resource": arn, +// "Resource": arn, // }, // }, // }) diff --git a/sdk/go/aws/sagemaker/codeRepository.go b/sdk/go/aws/sagemaker/codeRepository.go index 09f8b76fc45..9c29152684e 100644 --- a/sdk/go/aws/sagemaker/codeRepository.go +++ b/sdk/go/aws/sagemaker/codeRepository.go @@ -79,7 +79,7 @@ import ( // return err // } // json0 := string(tmpJSON0) -// _, err = secretsmanager.NewSecretVersion(ctx, "example", &secretsmanager.SecretVersionArgs{ +// exampleSecretVersion, err := secretsmanager.NewSecretVersion(ctx, "example", &secretsmanager.SecretVersionArgs{ // SecretId: example.ID(), // SecretString: pulumi.String(json0), // }) @@ -92,7 +92,9 @@ import ( // RepositoryUrl: pulumi.String("https://github.com/github/docs.git"), // SecretArn: example.Arn, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleSecretVersion, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/sagemaker/pipeline.go b/sdk/go/aws/sagemaker/pipeline.go index 36f64450e85..a8fd02e16ea 100644 --- a/sdk/go/aws/sagemaker/pipeline.go +++ b/sdk/go/aws/sagemaker/pipeline.go @@ -34,13 +34,13 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2020-12-01", -// "steps": []map[string]interface{}{ +// "Version": "2020-12-01", +// "Steps": []map[string]interface{}{ // map[string]interface{}{ -// "name": "Test", -// "type": "Fail", -// "arguments": map[string]interface{}{ -// "errorMessage": "test", +// "Name": "Test", +// "Type": "Fail", +// "Arguments": map[string]interface{}{ +// "ErrorMessage": "test", // }, // }, // }, diff --git a/sdk/go/aws/scheduler/schedule.go b/sdk/go/aws/scheduler/schedule.go index ab99e9c117a..22df00a2f94 100644 --- a/sdk/go/aws/scheduler/schedule.go +++ b/sdk/go/aws/scheduler/schedule.go @@ -91,8 +91,8 @@ import ( // Input: example.Url.ApplyT(func(url string) (pulumi.String, error) { // var _zero pulumi.String // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "messageBody": "Greetings, programs!", -// "queueUrl": url, +// "MessageBody": "Greetings, programs!", +// "QueueUrl": url, // }) // if err != nil { // return _zero, err diff --git a/sdk/go/aws/securityhub/actionTarget.go b/sdk/go/aws/securityhub/actionTarget.go index 77efd270124..4776b7fe9b0 100644 --- a/sdk/go/aws/securityhub/actionTarget.go +++ b/sdk/go/aws/securityhub/actionTarget.go @@ -29,7 +29,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -37,7 +37,9 @@ import ( // Name: pulumi.String("Send notification to chat"), // Identifier: pulumi.String("SendToChat"), // Description: pulumi.String("This is custom action sends selected findings to chat"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/configurationPolicy.go b/sdk/go/aws/securityhub/configurationPolicy.go index babade3f985..9b76df5fc78 100644 --- a/sdk/go/aws/securityhub/configurationPolicy.go +++ b/sdk/go/aws/securityhub/configurationPolicy.go @@ -33,19 +33,21 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewFindingAggregator(ctx, "example", &securityhub.FindingAggregatorArgs{ +// example, err := securityhub.NewFindingAggregator(ctx, "example", &securityhub.FindingAggregatorArgs{ // LinkingMode: pulumi.String("ALL_REGIONS"), // }) // if err != nil { // return err // } -// _, err = securityhub.NewOrganizationConfiguration(ctx, "example", &securityhub.OrganizationConfigurationArgs{ +// exampleOrganizationConfiguration, err := securityhub.NewOrganizationConfiguration(ctx, "example", &securityhub.OrganizationConfigurationArgs{ // AutoEnable: pulumi.Bool(false), // AutoEnableStandards: pulumi.String("NONE"), // OrganizationConfiguration: &securityhub.OrganizationConfigurationOrganizationConfigurationArgs{ // ConfigurationType: pulumi.String("CENTRAL"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -62,7 +64,9 @@ import ( // DisabledControlIdentifiers: pulumi.StringArray{}, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleOrganizationConfiguration, +// })) // if err != nil { // return err // } @@ -95,7 +99,9 @@ import ( // ServiceEnabled: pulumi.Bool(false), // EnabledStandardArns: pulumi.StringArray{}, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -170,7 +176,9 @@ import ( // }, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/configurationPolicyAssociation.go b/sdk/go/aws/securityhub/configurationPolicyAssociation.go index 1778c92eed8..383528b0662 100644 --- a/sdk/go/aws/securityhub/configurationPolicyAssociation.go +++ b/sdk/go/aws/securityhub/configurationPolicyAssociation.go @@ -31,19 +31,21 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewFindingAggregator(ctx, "example", &securityhub.FindingAggregatorArgs{ +// example, err := securityhub.NewFindingAggregator(ctx, "example", &securityhub.FindingAggregatorArgs{ // LinkingMode: pulumi.String("ALL_REGIONS"), // }) // if err != nil { // return err // } -// _, err = securityhub.NewOrganizationConfiguration(ctx, "example", &securityhub.OrganizationConfigurationArgs{ +// exampleOrganizationConfiguration, err := securityhub.NewOrganizationConfiguration(ctx, "example", &securityhub.OrganizationConfigurationArgs{ // AutoEnable: pulumi.Bool(false), // AutoEnableStandards: pulumi.String("NONE"), // OrganizationConfiguration: &securityhub.OrganizationConfigurationOrganizationConfigurationArgs{ // ConfigurationType: pulumi.String("CENTRAL"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -60,7 +62,9 @@ import ( // DisabledControlIdentifiers: pulumi.StringArray{}, // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleOrganizationConfiguration, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/findingAggregator.go b/sdk/go/aws/securityhub/findingAggregator.go index 0b3d6ae4093..92002e2b52c 100644 --- a/sdk/go/aws/securityhub/findingAggregator.go +++ b/sdk/go/aws/securityhub/findingAggregator.go @@ -33,13 +33,15 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } // _, err = securityhub.NewFindingAggregator(ctx, "example", &securityhub.FindingAggregatorArgs{ // LinkingMode: pulumi.String("ALL_REGIONS"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -67,7 +69,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -77,7 +79,9 @@ import ( // pulumi.String("eu-west-1"), // pulumi.String("eu-west-2"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -105,7 +109,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -115,7 +119,9 @@ import ( // pulumi.String("eu-west-1"), // pulumi.String("eu-west-2"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/insight.go b/sdk/go/aws/securityhub/insight.go index 4c890c90c34..b93119636f1 100644 --- a/sdk/go/aws/securityhub/insight.go +++ b/sdk/go/aws/securityhub/insight.go @@ -31,7 +31,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -50,7 +50,9 @@ import ( // }, // GroupByAttribute: pulumi.String("AwsAccountId"), // Name: pulumi.String("example-insight"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -76,7 +78,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -93,7 +95,9 @@ import ( // }, // GroupByAttribute: pulumi.String("CreatedAt"), // Name: pulumi.String("example-insight"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -119,7 +123,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -133,7 +137,9 @@ import ( // }, // GroupByAttribute: pulumi.String("NetworkDestinationIpV4"), // Name: pulumi.String("example-insight"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -159,7 +165,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -173,7 +179,9 @@ import ( // }, // GroupByAttribute: pulumi.String("Confidence"), // Name: pulumi.String("example-insight"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -199,7 +207,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -215,7 +223,9 @@ import ( // }, // GroupByAttribute: pulumi.String("ResourceTags"), // Name: pulumi.String("example-insight"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/inviteAccepter.go b/sdk/go/aws/securityhub/inviteAccepter.go index 26e6a4ee9e4..26b98f7c2bb 100644 --- a/sdk/go/aws/securityhub/inviteAccepter.go +++ b/sdk/go/aws/securityhub/inviteAccepter.go @@ -43,13 +43,15 @@ import ( // if err != nil { // return err // } -// _, err = securityhub.NewAccount(ctx, "invitee", nil) +// invitee, err := securityhub.NewAccount(ctx, "invitee", nil) // if err != nil { // return err // } // _, err = securityhub.NewInviteAccepter(ctx, "invitee", &securityhub.InviteAccepterArgs{ // MasterId: exampleMember.MasterId, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// invitee, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/member.go b/sdk/go/aws/securityhub/member.go index c8cb421b06a..eff4ed8d02e 100644 --- a/sdk/go/aws/securityhub/member.go +++ b/sdk/go/aws/securityhub/member.go @@ -29,7 +29,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -37,7 +37,9 @@ import ( // AccountId: pulumi.String("123456789012"), // Email: pulumi.String("example@example.com"), // Invite: pulumi.Bool(true), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/organizationAdminAccount.go b/sdk/go/aws/securityhub/organizationAdminAccount.go index 3a4e6d4713d..c16090122f7 100644 --- a/sdk/go/aws/securityhub/organizationAdminAccount.go +++ b/sdk/go/aws/securityhub/organizationAdminAccount.go @@ -30,7 +30,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ +// example, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ // AwsServiceAccessPrincipals: pulumi.StringArray{ // pulumi.String("securityhub.amazonaws.com"), // }, @@ -45,7 +45,9 @@ import ( // } // _, err = securityhub.NewOrganizationAdminAccount(ctx, "example", &securityhub.OrganizationAdminAccountArgs{ // AdminAccountId: pulumi.String("123456789012"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/organizationConfiguration.go b/sdk/go/aws/securityhub/organizationConfiguration.go index ab1cd60e711..69e6ee76925 100644 --- a/sdk/go/aws/securityhub/organizationConfiguration.go +++ b/sdk/go/aws/securityhub/organizationConfiguration.go @@ -40,7 +40,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ +// example, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{ // AwsServiceAccessPrincipals: pulumi.StringArray{ // pulumi.String("securityhub.amazonaws.com"), // }, @@ -51,7 +51,9 @@ import ( // } // _, err = securityhub.NewOrganizationAdminAccount(ctx, "example", &securityhub.OrganizationAdminAccountArgs{ // AdminAccountId: pulumi.String("123456789012"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -83,15 +85,19 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewOrganizationAdminAccount(ctx, "example", &securityhub.OrganizationAdminAccountArgs{ +// example, err := securityhub.NewOrganizationAdminAccount(ctx, "example", &securityhub.OrganizationAdminAccountArgs{ // AdminAccountId: pulumi.String("123456789012"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsOrganizationsOrganization, +// })) // if err != nil { // return err // } -// _, err = securityhub.NewFindingAggregator(ctx, "example", &securityhub.FindingAggregatorArgs{ +// exampleFindingAggregator, err := securityhub.NewFindingAggregator(ctx, "example", &securityhub.FindingAggregatorArgs{ // LinkingMode: pulumi.String("ALL_REGIONS"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -101,7 +107,9 @@ import ( // OrganizationConfiguration: &securityhub.OrganizationConfigurationOrganizationConfigurationArgs{ // ConfigurationType: pulumi.String("CENTRAL"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleFindingAggregator, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/productSubscription.go b/sdk/go/aws/securityhub/productSubscription.go index 59a61cda9bf..9d3930aa64e 100644 --- a/sdk/go/aws/securityhub/productSubscription.go +++ b/sdk/go/aws/securityhub/productSubscription.go @@ -32,7 +32,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -42,7 +42,9 @@ import ( // } // _, err = securityhub.NewProductSubscription(ctx, "example", &securityhub.ProductSubscriptionArgs{ // ProductArn: pulumi.String(fmt.Sprintf("arn:aws:securityhub:%v:733251395267:product/alertlogic/althreatmanagement", current.Name)), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/standardsControl.go b/sdk/go/aws/securityhub/standardsControl.go index 26d5a052595..c2d341f26cb 100644 --- a/sdk/go/aws/securityhub/standardsControl.go +++ b/sdk/go/aws/securityhub/standardsControl.go @@ -33,13 +33,15 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } -// _, err = securityhub.NewStandardsSubscription(ctx, "cis_aws_foundations_benchmark", &securityhub.StandardsSubscriptionArgs{ +// cisAwsFoundationsBenchmark, err := securityhub.NewStandardsSubscription(ctx, "cis_aws_foundations_benchmark", &securityhub.StandardsSubscriptionArgs{ // StandardsArn: pulumi.String("arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } @@ -47,7 +49,9 @@ import ( // StandardsControlArn: pulumi.String("arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10"), // ControlStatus: pulumi.String("DISABLED"), // DisabledReason: pulumi.String("We handle password policies within Okta"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// cisAwsFoundationsBenchmark, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/securityhub/standardsSubscription.go b/sdk/go/aws/securityhub/standardsSubscription.go index baeb3be512d..8cb094f135e 100644 --- a/sdk/go/aws/securityhub/standardsSubscription.go +++ b/sdk/go/aws/securityhub/standardsSubscription.go @@ -32,7 +32,7 @@ import ( // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { -// _, err := securityhub.NewAccount(ctx, "example", nil) +// example, err := securityhub.NewAccount(ctx, "example", nil) // if err != nil { // return err // } @@ -42,13 +42,17 @@ import ( // } // _, err = securityhub.NewStandardsSubscription(ctx, "cis", &securityhub.StandardsSubscriptionArgs{ // StandardsArn: pulumi.String("arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } // _, err = securityhub.NewStandardsSubscription(ctx, "pci_321", &securityhub.StandardsSubscriptionArgs{ // StandardsArn: pulumi.String(fmt.Sprintf("arn:aws:securityhub:%v::standards/pci-dss/v/3.2.1", current.Name)), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// example, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ses/domainIdentityVerification.go b/sdk/go/aws/ses/domainIdentityVerification.go index bd7a3b25b04..bed9be97841 100644 --- a/sdk/go/aws/ses/domainIdentityVerification.go +++ b/sdk/go/aws/ses/domainIdentityVerification.go @@ -44,7 +44,7 @@ import ( // if err != nil { // return err // } -// _, err = route53.NewRecord(ctx, "example_amazonses_verification_record", &route53.RecordArgs{ +// exampleAmazonsesVerificationRecord, err := route53.NewRecord(ctx, "example_amazonses_verification_record", &route53.RecordArgs{ // ZoneId: pulumi.Any(exampleAwsRoute53Zone.ZoneId), // Name: example.ID().ApplyT(func(id string) (string, error) { // return fmt.Sprintf("_amazonses.%v", id), nil @@ -60,7 +60,9 @@ import ( // } // _, err = ses.NewDomainIdentityVerification(ctx, "example_verification", &ses.DomainIdentityVerificationArgs{ // Domain: example.ID(), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAmazonsesVerificationRecord, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/shield/drtAccessRoleArnAssociation.go b/sdk/go/aws/shield/drtAccessRoleArnAssociation.go index 5bfa535eba7..dae4e66685a 100644 --- a/sdk/go/aws/shield/drtAccessRoleArnAssociation.go +++ b/sdk/go/aws/shield/drtAccessRoleArnAssociation.go @@ -36,8 +36,8 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ // "Sid": "", // "Effect": "Allow", diff --git a/sdk/go/aws/shield/proactiveEngagement.go b/sdk/go/aws/shield/proactiveEngagement.go index 03253c0a066..821979d7b2e 100644 --- a/sdk/go/aws/shield/proactiveEngagement.go +++ b/sdk/go/aws/shield/proactiveEngagement.go @@ -36,8 +36,8 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ // "Sid": "", // "Effect": "Allow", @@ -94,7 +94,9 @@ import ( // PhoneNumber: pulumi.String("+12358132134"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// testAwsShieldDrtAccessRoleArnAssociation, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/shield/protectionGroup.go b/sdk/go/aws/shield/protectionGroup.go index 10c1fb14e70..04406a1ddf3 100644 --- a/sdk/go/aws/shield/protectionGroup.go +++ b/sdk/go/aws/shield/protectionGroup.go @@ -81,7 +81,7 @@ import ( // if err != nil { // return err // } -// _, err = shield.NewProtection(ctx, "example", &shield.ProtectionArgs{ +// exampleProtection, err := shield.NewProtection(ctx, "example", &shield.ProtectionArgs{ // Name: pulumi.String("example"), // ResourceArn: example.ID().ApplyT(func(id string) (string, error) { // return fmt.Sprintf("arn:aws:ec2:%v:%v:eip-allocation/%v", current.Name, currentGetCallerIdentity.AccountId, id), nil @@ -99,7 +99,9 @@ import ( // return fmt.Sprintf("arn:aws:ec2:%v:%v:eip-allocation/%v", current.Name, currentGetCallerIdentity.AccountId, id), nil // }).(pulumi.StringOutput), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleProtection, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ssm/activation.go b/sdk/go/aws/ssm/activation.go index c2048101662..34b092d16b8 100644 --- a/sdk/go/aws/ssm/activation.go +++ b/sdk/go/aws/ssm/activation.go @@ -58,7 +58,7 @@ import ( // if err != nil { // return err // } -// _, err = iam.NewRolePolicyAttachment(ctx, "test_attach", &iam.RolePolicyAttachmentArgs{ +// testAttach, err := iam.NewRolePolicyAttachment(ctx, "test_attach", &iam.RolePolicyAttachmentArgs{ // Role: testRole.Name, // PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"), // }) @@ -70,7 +70,9 @@ import ( // Description: pulumi.String("Test"), // IamRole: testRole.ID(), // RegistrationLimit: pulumi.Int(5), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// testAttach, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ssm/contactsRotation.go b/sdk/go/aws/ssm/contactsRotation.go index 27774707616..1f6816230c2 100644 --- a/sdk/go/aws/ssm/contactsRotation.go +++ b/sdk/go/aws/ssm/contactsRotation.go @@ -45,7 +45,9 @@ import ( // }, // }, // TimeZoneId: pulumi.String("Australia/Sydney"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsSsmincidentsReplicationSet, +// })) // if err != nil { // return err // } @@ -119,7 +121,9 @@ import ( // "key1": pulumi.String("tag1"), // "key2": pulumi.String("tag2"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsSsmincidentsReplicationSet, +// })) // if err != nil { // return err // } @@ -171,7 +175,9 @@ import ( // }, // }, // TimeZoneId: pulumi.String("Australia/Sydney"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsSsmincidentsReplicationSet, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ssmcontacts/contact.go b/sdk/go/aws/ssmcontacts/contact.go index a862e00c509..6b93592084d 100644 --- a/sdk/go/aws/ssmcontacts/contact.go +++ b/sdk/go/aws/ssmcontacts/contact.go @@ -34,7 +34,9 @@ import ( // _, err := ssmcontacts.NewContact(ctx, "example", &ssmcontacts.ContactArgs{ // Alias: pulumi.String("alias"), // Type: pulumi.String("PERSONAL"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsSsmincidentsReplicationSet, +// })) // if err != nil { // return err // } @@ -67,7 +69,9 @@ import ( // Tags: pulumi.StringMap{ // "key": pulumi.String("value"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsSsmincidentsReplicationSet, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/ssmincidents/responsePlan.go b/sdk/go/aws/ssmincidents/responsePlan.go index f39098fe774..1a46ddf3bbc 100644 --- a/sdk/go/aws/ssmincidents/responsePlan.go +++ b/sdk/go/aws/ssmincidents/responsePlan.go @@ -40,7 +40,9 @@ import ( // Tags: pulumi.StringMap{ // "key": pulumi.String("value"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsSsmincidentsReplicationSet, +// })) // if err != nil { // return err // } @@ -133,7 +135,9 @@ import ( // Tags: pulumi.StringMap{ // "key": pulumi.String("value"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleAwsSsmincidentsReplicationSet, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/storagegateway/fileSystemAssociation.go b/sdk/go/aws/storagegateway/fileSystemAssociation.go index afe784aed4a..1e56a295c20 100644 --- a/sdk/go/aws/storagegateway/fileSystemAssociation.go +++ b/sdk/go/aws/storagegateway/fileSystemAssociation.go @@ -80,7 +80,10 @@ import ( // testAwsSecurityGroup.Id, // }, // SubnetId: pulumi.Any(testAwsSubnet[0].Id), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// testAwsRoute, +// testAwsVpcDhcpOptionsAssociation, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/transcribe/languageModel.go b/sdk/go/aws/transcribe/languageModel.go index 13341d671bd..ce6abcbe5c4 100644 --- a/sdk/go/aws/transcribe/languageModel.go +++ b/sdk/go/aws/transcribe/languageModel.go @@ -66,15 +66,15 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": []string{ +// "Action": []string{ // "s3:GetObject", // "s3:ListBucket", // }, -// "effect": "Allow", -// "resource": []string{ +// "Effect": "Allow", +// "Resource": []string{ // "*", // }, // }, diff --git a/sdk/go/aws/transcribe/medicalVocabulary.go b/sdk/go/aws/transcribe/medicalVocabulary.go index 74ff6fe4dd5..b631ab160e9 100644 --- a/sdk/go/aws/transcribe/medicalVocabulary.go +++ b/sdk/go/aws/transcribe/medicalVocabulary.go @@ -61,7 +61,9 @@ import ( // "tag1": pulumi.String("value1"), // "tag2": pulumi.String("value3"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// object, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/transcribe/vocabulary.go b/sdk/go/aws/transcribe/vocabulary.go index c768f2e01a3..b5fb95643d7 100644 --- a/sdk/go/aws/transcribe/vocabulary.go +++ b/sdk/go/aws/transcribe/vocabulary.go @@ -61,7 +61,9 @@ import ( // "tag1": pulumi.String("value1"), // "tag2": pulumi.String("value3"), // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// object, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/vpclattice/authPolicy.go b/sdk/go/aws/vpclattice/authPolicy.go index 7d4dfb4f027..7d622bced75 100644 --- a/sdk/go/aws/vpclattice/authPolicy.go +++ b/sdk/go/aws/vpclattice/authPolicy.go @@ -42,15 +42,15 @@ import ( // return err // } // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "action": "*", -// "effect": "Allow", -// "principal": "*", -// "resource": "*", -// "condition": map[string]interface{}{ -// "stringNotEqualsIgnoreCase": map[string]interface{}{ +// "Action": "*", +// "Effect": "Allow", +// "Principal": "*", +// "Resource": "*", +// "Condition": map[string]interface{}{ +// "StringNotEqualsIgnoreCase": map[string]interface{}{ // "aws:PrincipalType": "anonymous", // }, // }, diff --git a/sdk/go/aws/vpclattice/resourcePolicy.go b/sdk/go/aws/vpclattice/resourcePolicy.go index 97a2150bf80..5b6a249164f 100644 --- a/sdk/go/aws/vpclattice/resourcePolicy.go +++ b/sdk/go/aws/vpclattice/resourcePolicy.go @@ -54,20 +54,20 @@ import ( // Policy: example.Arn.ApplyT(func(arn string) (pulumi.String, error) { // var _zero pulumi.String // tmpJSON0, err := json.Marshal(map[string]interface{}{ -// "version": "2012-10-17", -// "statement": []map[string]interface{}{ +// "Version": "2012-10-17", +// "Statement": []map[string]interface{}{ // map[string]interface{}{ -// "sid": "test-pol-principals-6", -// "effect": "Allow", -// "principal": map[string]interface{}{ +// "Sid": "test-pol-principals-6", +// "Effect": "Allow", +// "Principal": map[string]interface{}{ // "AWS": fmt.Sprintf("arn:%v:iam::%v:root", currentGetPartition.Partition, current.AccountId), // }, -// "action": []string{ +// "Action": []string{ // "vpc-lattice:CreateServiceNetworkVpcAssociation", // "vpc-lattice:CreateServiceNetworkServiceAssociation", // "vpc-lattice:GetServiceNetwork", // }, -// "resource": arn, +// "Resource": arn, // }, // }, // }) diff --git a/sdk/go/aws/waf/rateBasedRule.go b/sdk/go/aws/waf/rateBasedRule.go index b9e31a27b93..d37095fcdff 100644 --- a/sdk/go/aws/waf/rateBasedRule.go +++ b/sdk/go/aws/waf/rateBasedRule.go @@ -53,7 +53,9 @@ import ( // Type: pulumi.String("IPMatch"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// ipset, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/waf/rule.go b/sdk/go/aws/waf/rule.go index e9a2edb2d6e..2a589efe262 100644 --- a/sdk/go/aws/waf/rule.go +++ b/sdk/go/aws/waf/rule.go @@ -51,7 +51,9 @@ import ( // Type: pulumi.String("IPMatch"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// ipset, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/waf/webAcl.go b/sdk/go/aws/waf/webAcl.go index dd2361a867d..616a6c19c09 100644 --- a/sdk/go/aws/waf/webAcl.go +++ b/sdk/go/aws/waf/webAcl.go @@ -53,7 +53,9 @@ import ( // Type: pulumi.String("IPMatch"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// ipset, +// })) // if err != nil { // return err // } @@ -73,7 +75,10 @@ import ( // Type: pulumi.String("REGULAR"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// ipset, +// wafrule, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/wafregional/rateBasedRule.go b/sdk/go/aws/wafregional/rateBasedRule.go index a6cbbe48721..b13acbd65e4 100644 --- a/sdk/go/aws/wafregional/rateBasedRule.go +++ b/sdk/go/aws/wafregional/rateBasedRule.go @@ -53,7 +53,9 @@ import ( // Type: pulumi.String("IPMatch"), // }, // }, -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// ipset, +// })) // if err != nil { // return err // } diff --git a/sdk/go/aws/workspaces/directory.go b/sdk/go/aws/workspaces/directory.go index 3d1b174b67b..c23f40198e5 100644 --- a/sdk/go/aws/workspaces/directory.go +++ b/sdk/go/aws/workspaces/directory.go @@ -71,6 +71,47 @@ import ( // if err != nil { // return err // } +// workspaces, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ +// Statements: []iam.GetPolicyDocumentStatement{ +// { +// Actions: []string{ +// "sts:AssumeRole", +// }, +// Principals: []iam.GetPolicyDocumentStatementPrincipal{ +// { +// Type: "Service", +// Identifiers: []string{ +// "workspaces.amazonaws.com", +// }, +// }, +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// workspacesDefault, err := iam.NewRole(ctx, "workspaces_default", &iam.RoleArgs{ +// Name: pulumi.String("workspaces_DefaultRole"), +// AssumeRolePolicy: pulumi.String(workspaces.Json), +// }) +// if err != nil { +// return err +// } +// workspacesDefaultServiceAccess, err := iam.NewRolePolicyAttachment(ctx, "workspaces_default_service_access", &iam.RolePolicyAttachmentArgs{ +// Role: workspacesDefault.Name, +// PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess"), +// }) +// if err != nil { +// return err +// } +// workspacesDefaultSelfServiceAccess, err := iam.NewRolePolicyAttachment(ctx, "workspaces_default_self_service_access", &iam.RolePolicyAttachmentArgs{ +// Role: workspacesDefault.Name, +// PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess"), +// }) +// if err != nil { +// return err +// } // exampleC, err := ec2.NewSubnet(ctx, "example_c", &ec2.SubnetArgs{ // VpcId: exampleVpc.ID(), // AvailabilityZone: pulumi.String("us-east-1c"), @@ -120,48 +161,10 @@ import ( // EnableMaintenanceMode: pulumi.Bool(true), // UserEnabledAsLocalAdministrator: pulumi.Bool(true), // }, -// }) -// if err != nil { -// return err -// } -// workspaces, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{ -// Statements: []iam.GetPolicyDocumentStatement{ -// { -// Actions: []string{ -// "sts:AssumeRole", -// }, -// Principals: []iam.GetPolicyDocumentStatementPrincipal{ -// { -// Type: "Service", -// Identifiers: []string{ -// "workspaces.amazonaws.com", -// }, -// }, -// }, -// }, -// }, -// }, nil) -// if err != nil { -// return err -// } -// workspacesDefault, err := iam.NewRole(ctx, "workspaces_default", &iam.RoleArgs{ -// Name: pulumi.String("workspaces_DefaultRole"), -// AssumeRolePolicy: pulumi.String(workspaces.Json), -// }) -// if err != nil { -// return err -// } -// _, err = iam.NewRolePolicyAttachment(ctx, "workspaces_default_service_access", &iam.RolePolicyAttachmentArgs{ -// Role: workspacesDefault.Name, -// PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess"), -// }) -// if err != nil { -// return err -// } -// _, err = iam.NewRolePolicyAttachment(ctx, "workspaces_default_self_service_access", &iam.RolePolicyAttachmentArgs{ -// Role: workspacesDefault.Name, -// PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess"), -// }) +// }, pulumi.DependsOn([]pulumi.Resource{ +// workspacesDefaultServiceAccess, +// workspacesDefaultSelfServiceAccess, +// })) // if err != nil { // return err // } diff --git a/sdk/java/src/main/java/com/pulumi/aws/accessanalyzer/Analyzer.java b/sdk/java/src/main/java/com/pulumi/aws/accessanalyzer/Analyzer.java index 98cb45586f4..4ce27597c88 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/accessanalyzer/Analyzer.java +++ b/sdk/java/src/main/java/com/pulumi/aws/accessanalyzer/Analyzer.java @@ -67,6 +67,7 @@ * import com.pulumi.aws.organizations.OrganizationArgs; * import com.pulumi.aws.accessanalyzer.Analyzer; * import com.pulumi.aws.accessanalyzer.AnalyzerArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -87,7 +88,9 @@ * var exampleAnalyzer = new Analyzer("exampleAnalyzer", AnalyzerArgs.builder() * .analyzerName("example") * .type("ORGANIZATION") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/acmpca/CertificateAuthority.java b/sdk/java/src/main/java/com/pulumi/aws/acmpca/CertificateAuthority.java index f4b042429e8..62bc7a9dc6d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/acmpca/CertificateAuthority.java +++ b/sdk/java/src/main/java/com/pulumi/aws/acmpca/CertificateAuthority.java @@ -131,6 +131,7 @@ * import com.pulumi.aws.acmpca.inputs.CertificateAuthorityCertificateAuthorityConfigurationSubjectArgs; * import com.pulumi.aws.acmpca.inputs.CertificateAuthorityRevocationConfigurationArgs; * import com.pulumi.aws.acmpca.inputs.CertificateAuthorityRevocationConfigurationCrlConfigurationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -188,7 +189,9 @@ * .s3ObjectAcl("BUCKET_OWNER_FULL_CONTROL") * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleBucketPolicy) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/alb/TargetGroupAttachment.java b/sdk/java/src/main/java/com/pulumi/aws/alb/TargetGroupAttachment.java index 40353ef1128..b9459bee58f 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/alb/TargetGroupAttachment.java +++ b/sdk/java/src/main/java/com/pulumi/aws/alb/TargetGroupAttachment.java @@ -81,6 +81,7 @@ * import com.pulumi.aws.lambda.PermissionArgs; * import com.pulumi.aws.lb.TargetGroupAttachment; * import com.pulumi.aws.lb.TargetGroupAttachmentArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -112,7 +113,9 @@ * var testTargetGroupAttachment = new TargetGroupAttachment("testTargetGroupAttachment", TargetGroupAttachmentArgs.builder() * .targetGroupArn(test.arn()) * .targetId(testFunction.arn()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(withLb) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/apigateway/DocumentationVersion.java b/sdk/java/src/main/java/com/pulumi/aws/apigateway/DocumentationVersion.java index f6b4a915330..6bce13123d0 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/apigateway/DocumentationVersion.java +++ b/sdk/java/src/main/java/com/pulumi/aws/apigateway/DocumentationVersion.java @@ -28,11 +28,12 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.apigateway.RestApi; * import com.pulumi.aws.apigateway.RestApiArgs; - * import com.pulumi.aws.apigateway.DocumentationVersion; - * import com.pulumi.aws.apigateway.DocumentationVersionArgs; * import com.pulumi.aws.apigateway.DocumentationPart; * import com.pulumi.aws.apigateway.DocumentationPartArgs; * import com.pulumi.aws.apigateway.inputs.DocumentationPartLocationArgs; + * import com.pulumi.aws.apigateway.DocumentationVersion; + * import com.pulumi.aws.apigateway.DocumentationVersionArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -50,12 +51,6 @@ * .name("example_api") * .build()); * - * var example = new DocumentationVersion("example", DocumentationVersionArgs.builder() - * .version("example_version") - * .restApiId(exampleRestApi.id()) - * .description("Example description") - * .build()); - * * var exampleDocumentationPart = new DocumentationPart("exampleDocumentationPart", DocumentationPartArgs.builder() * .location(DocumentationPartLocationArgs.builder() * .type("API") @@ -64,6 +59,14 @@ * .restApiId(exampleRestApi.id()) * .build()); * + * var example = new DocumentationVersion("example", DocumentationVersionArgs.builder() + * .version("example_version") + * .restApiId(exampleRestApi.id()) + * .description("Example description") + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleDocumentationPart) + * .build()); + * * } * } * ``` diff --git a/sdk/java/src/main/java/com/pulumi/aws/apigateway/MethodResponse.java b/sdk/java/src/main/java/com/pulumi/aws/apigateway/MethodResponse.java index d9c0fa15d9f..8c2891420fe 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/apigateway/MethodResponse.java +++ b/sdk/java/src/main/java/com/pulumi/aws/apigateway/MethodResponse.java @@ -161,7 +161,7 @@ * jsonProperty("title", "MyDemoResponse"), * jsonProperty("type", "object"), * jsonProperty("properties", jsonObject( - * jsonProperty("message", jsonObject( + * jsonProperty("Message", jsonObject( * jsonProperty("type", "string") * )) * )) diff --git a/sdk/java/src/main/java/com/pulumi/aws/apigateway/Stage.java b/sdk/java/src/main/java/com/pulumi/aws/apigateway/Stage.java index 33f96db71e6..81036e37032 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/apigateway/Stage.java +++ b/sdk/java/src/main/java/com/pulumi/aws/apigateway/Stage.java @@ -115,10 +115,11 @@ * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.aws.apigateway.RestApi; - * import com.pulumi.aws.apigateway.Stage; - * import com.pulumi.aws.apigateway.StageArgs; * import com.pulumi.aws.cloudwatch.LogGroup; * import com.pulumi.aws.cloudwatch.LogGroupArgs; + * import com.pulumi.aws.apigateway.Stage; + * import com.pulumi.aws.apigateway.StageArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -136,15 +137,17 @@ * final var stageName = config.get("stageName").orElse("example"); * var example = new RestApi("example"); * - * var exampleStage = new Stage("exampleStage", StageArgs.builder() - * .stageName(stageName) - * .build()); - * * var exampleLogGroup = new LogGroup("exampleLogGroup", LogGroupArgs.builder() * .name(example.id().applyValue(id -> String.format("API-Gateway-Execution-Logs_%s/%s", id,stageName))) * .retentionInDays(7) * .build()); * + * var exampleStage = new Stage("exampleStage", StageArgs.builder() + * .stageName(stageName) + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleLogGroup) + * .build()); + * * } * } * ``` diff --git a/sdk/java/src/main/java/com/pulumi/aws/appflow/ConnectorProfile.java b/sdk/java/src/main/java/com/pulumi/aws/appflow/ConnectorProfile.java index 60f4fa9898f..6901d1e5160 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/appflow/ConnectorProfile.java +++ b/sdk/java/src/main/java/com/pulumi/aws/appflow/ConnectorProfile.java @@ -69,13 +69,13 @@ * .managedPolicyArns(test.arn()) * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "ec2.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "ec2.amazonaws.com") * )) * ))) * ))) diff --git a/sdk/java/src/main/java/com/pulumi/aws/applicationinsights/Application.java b/sdk/java/src/main/java/com/pulumi/aws/applicationinsights/Application.java index 2cb999ce8a9..ab5ad0bbfbb 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/applicationinsights/Application.java +++ b/sdk/java/src/main/java/com/pulumi/aws/applicationinsights/Application.java @@ -52,10 +52,10 @@ * .resourceQuery(GroupResourceQueryArgs.builder() * .query(serializeJson( * jsonObject( - * jsonProperty("resourceTypeFilters", jsonArray("AWS::EC2::Instance")), - * jsonProperty("tagFilters", jsonArray(jsonObject( - * jsonProperty("key", "Stage"), - * jsonProperty("values", jsonArray("Test")) + * jsonProperty("ResourceTypeFilters", jsonArray("AWS::EC2::Instance")), + * jsonProperty("TagFilters", jsonArray(jsonObject( + * jsonProperty("Key", "Stage"), + * jsonProperty("Values", jsonArray("Test")) * ))) * ))) * .build()) diff --git a/sdk/java/src/main/java/com/pulumi/aws/batch/ComputeEnvironment.java b/sdk/java/src/main/java/com/pulumi/aws/batch/ComputeEnvironment.java index b8889bc8356..9457e865522 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/batch/ComputeEnvironment.java +++ b/sdk/java/src/main/java/com/pulumi/aws/batch/ComputeEnvironment.java @@ -58,6 +58,7 @@ * import com.pulumi.aws.batch.ComputeEnvironment; * import com.pulumi.aws.batch.ComputeEnvironmentArgs; * import com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -156,7 +157,9 @@ * .build()) * .serviceRole(awsBatchServiceRole.arn()) * .type("MANAGED") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(awsBatchServiceRoleRolePolicyAttachment) + * .build()); * * } * } @@ -175,6 +178,7 @@ * import com.pulumi.aws.batch.ComputeEnvironment; * import com.pulumi.aws.batch.ComputeEnvironmentArgs; * import com.pulumi.aws.batch.inputs.ComputeEnvironmentComputeResourcesArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -196,9 +200,11 @@ * .subnets(sampleAwsSubnet.id()) * .type("FARGATE") * .build()) - * .serviceRole(awsBatchServiceRole.arn()) + * .serviceRole(awsBatchServiceRoleAwsIamRole.arn()) * .type("MANAGED") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(awsBatchServiceRole) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/bedrockmodel/InvocationLoggingConfiguration.java b/sdk/java/src/main/java/com/pulumi/aws/bedrockmodel/InvocationLoggingConfiguration.java index d7b7cd37b61..b98ec670b8d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/bedrockmodel/InvocationLoggingConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/aws/bedrockmodel/InvocationLoggingConfiguration.java @@ -38,6 +38,7 @@ * import com.pulumi.aws.s3.BucketPolicyArgs; * import com.pulumi.aws.bedrockmodel.InvocationLoggingConfiguration; * import com.pulumi.aws.bedrockmodel.InvocationLoggingConfigurationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -99,7 +100,9 @@ * .keyPrefix("bedrock") * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleBucketPolicy) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/cfg/ConfigurationAggregator.java b/sdk/java/src/main/java/com/pulumi/aws/cfg/ConfigurationAggregator.java index 83181dddcda..7af2d3105e7 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cfg/ConfigurationAggregator.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cfg/ConfigurationAggregator.java @@ -73,11 +73,12 @@ * import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs; * import com.pulumi.aws.iam.Role; * import com.pulumi.aws.iam.RoleArgs; + * import com.pulumi.aws.iam.RolePolicyAttachment; + * import com.pulumi.aws.iam.RolePolicyAttachmentArgs; * import com.pulumi.aws.cfg.ConfigurationAggregator; * import com.pulumi.aws.cfg.ConfigurationAggregatorArgs; * import com.pulumi.aws.cfg.inputs.ConfigurationAggregatorOrganizationAggregationSourceArgs; - * import com.pulumi.aws.iam.RolePolicyAttachment; - * import com.pulumi.aws.iam.RolePolicyAttachmentArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -107,18 +108,20 @@ * .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())) * .build()); * + * var organizationRolePolicyAttachment = new RolePolicyAttachment("organizationRolePolicyAttachment", RolePolicyAttachmentArgs.builder() + * .role(organizationRole.name()) + * .policyArn("arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations") + * .build()); + * * var organization = new ConfigurationAggregator("organization", ConfigurationAggregatorArgs.builder() * .name("example") * .organizationAggregationSource(ConfigurationAggregatorOrganizationAggregationSourceArgs.builder() * .allRegions(true) * .roleArn(organizationRole.arn()) * .build()) - * .build()); - * - * var organizationRolePolicyAttachment = new RolePolicyAttachment("organizationRolePolicyAttachment", RolePolicyAttachmentArgs.builder() - * .role(organizationRole.name()) - * .policyArn("arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(organizationRolePolicyAttachment) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/cfg/ConformancePack.java b/sdk/java/src/main/java/com/pulumi/aws/cfg/ConformancePack.java index d0d3b4c3cfa..63643503ba5 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cfg/ConformancePack.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cfg/ConformancePack.java @@ -40,6 +40,7 @@ * import com.pulumi.aws.cfg.ConformancePack; * import com.pulumi.aws.cfg.ConformancePackArgs; * import com.pulumi.aws.cfg.inputs.ConformancePackInputParameterArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -72,7 +73,9 @@ * SourceIdentifier: IAM_PASSWORD_POLICY * Type: AWS::Config::ConfigRule * """) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsConfigConfigurationRecorder) + * .build()); * * } * } @@ -94,6 +97,7 @@ * import com.pulumi.aws.s3.BucketObjectv2Args; * import com.pulumi.aws.cfg.ConformancePack; * import com.pulumi.aws.cfg.ConformancePackArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -133,7 +137,9 @@ * var key = values.t2; * return String.format("s3://%s/%s", bucket,key); * })) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsConfigConfigurationRecorder) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/cfg/DeliveryChannel.java b/sdk/java/src/main/java/com/pulumi/aws/cfg/DeliveryChannel.java index a752c3188f7..becfde5b367 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cfg/DeliveryChannel.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cfg/DeliveryChannel.java @@ -31,16 +31,17 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.s3.BucketV2; * import com.pulumi.aws.s3.BucketV2Args; - * import com.pulumi.aws.cfg.DeliveryChannel; - * import com.pulumi.aws.cfg.DeliveryChannelArgs; * import com.pulumi.aws.iam.IamFunctions; * import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs; * import com.pulumi.aws.iam.Role; * import com.pulumi.aws.iam.RoleArgs; * import com.pulumi.aws.cfg.Recorder; * import com.pulumi.aws.cfg.RecorderArgs; + * import com.pulumi.aws.cfg.DeliveryChannel; + * import com.pulumi.aws.cfg.DeliveryChannelArgs; * import com.pulumi.aws.iam.RolePolicy; * import com.pulumi.aws.iam.RolePolicyArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -59,11 +60,6 @@ * .forceDestroy(true) * .build()); * - * var foo = new DeliveryChannel("foo", DeliveryChannelArgs.builder() - * .name("example") - * .s3BucketName(b.bucket()) - * .build()); - * * final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder() * .statements(GetPolicyDocumentStatementArgs.builder() * .effect("Allow") @@ -85,6 +81,13 @@ * .roleArn(r.arn()) * .build()); * + * var foo = new DeliveryChannel("foo", DeliveryChannelArgs.builder() + * .name("example") + * .s3BucketName(b.bucket()) + * .build(), CustomResourceOptions.builder() + * .dependsOn(fooRecorder) + * .build()); + * * final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder() * .statements(GetPolicyDocumentStatementArgs.builder() * .effect("Allow") diff --git a/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationConformancePack.java b/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationConformancePack.java index 32b66ca3ee7..69b32f4dd36 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationConformancePack.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationConformancePack.java @@ -32,11 +32,12 @@ * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; + * import com.pulumi.aws.organizations.Organization; + * import com.pulumi.aws.organizations.OrganizationArgs; * import com.pulumi.aws.cfg.OrganizationConformancePack; * import com.pulumi.aws.cfg.OrganizationConformancePackArgs; * import com.pulumi.aws.cfg.inputs.OrganizationConformancePackInputParameterArgs; - * import com.pulumi.aws.organizations.Organization; - * import com.pulumi.aws.organizations.OrganizationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -50,6 +51,11 @@ * } * * public static void stack(Context ctx) { + * var exampleOrganization = new Organization("exampleOrganization", OrganizationArgs.builder() + * .awsServiceAccessPrincipals("config-multiaccountsetup.amazonaws.com") + * .featureSet("ALL") + * .build()); + * * var example = new OrganizationConformancePack("example", OrganizationConformancePackArgs.builder() * .name("example") * .inputParameters(OrganizationConformancePackInputParameterArgs.builder() @@ -69,12 +75,11 @@ * SourceIdentifier: IAM_PASSWORD_POLICY * Type: AWS::Config::ConfigRule * """) - * .build()); - * - * var exampleOrganization = new Organization("exampleOrganization", OrganizationArgs.builder() - * .awsServiceAccessPrincipals("config-multiaccountsetup.amazonaws.com") - * .featureSet("ALL") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * exampleAwsConfigConfigurationRecorder, + * exampleOrganization) + * .build()); * * } * } @@ -90,14 +95,15 @@ * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; + * import com.pulumi.aws.organizations.Organization; + * import com.pulumi.aws.organizations.OrganizationArgs; * import com.pulumi.aws.s3.BucketV2; * import com.pulumi.aws.s3.BucketV2Args; * import com.pulumi.aws.s3.BucketObjectv2; * import com.pulumi.aws.s3.BucketObjectv2Args; * import com.pulumi.aws.cfg.OrganizationConformancePack; * import com.pulumi.aws.cfg.OrganizationConformancePackArgs; - * import com.pulumi.aws.organizations.Organization; - * import com.pulumi.aws.organizations.OrganizationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -111,6 +117,11 @@ * } * * public static void stack(Context ctx) { + * var exampleOrganization = new Organization("exampleOrganization", OrganizationArgs.builder() + * .awsServiceAccessPrincipals("config-multiaccountsetup.amazonaws.com") + * .featureSet("ALL") + * .build()); + * * var exampleBucketV2 = new BucketV2("exampleBucketV2", BucketV2Args.builder() * .bucket("example") * .build()); @@ -137,12 +148,11 @@ * var key = values.t2; * return String.format("s3://%s/%s", bucket,key); * })) - * .build()); - * - * var exampleOrganization = new Organization("exampleOrganization", OrganizationArgs.builder() - * .awsServiceAccessPrincipals("config-multiaccountsetup.amazonaws.com") - * .featureSet("ALL") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * exampleAwsConfigConfigurationRecorder, + * exampleOrganization) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationCustomRule.java b/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationCustomRule.java index e366455fd00..60856d8872a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationCustomRule.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationCustomRule.java @@ -37,6 +37,7 @@ * import com.pulumi.aws.organizations.OrganizationArgs; * import com.pulumi.aws.cfg.OrganizationCustomRule; * import com.pulumi.aws.cfg.OrganizationCustomRuleArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -66,7 +67,11 @@ * .lambdaFunctionArn(exampleAwsLambdaFunction.arn()) * .name("example") * .triggerTypes("ConfigurationItemChangeNotification") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * example, + * exampleOrganization) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationManagedRule.java b/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationManagedRule.java index 469e2c5d054..d6e8a55361c 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationManagedRule.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cfg/OrganizationManagedRule.java @@ -35,6 +35,7 @@ * import com.pulumi.aws.organizations.OrganizationArgs; * import com.pulumi.aws.cfg.OrganizationManagedRule; * import com.pulumi.aws.cfg.OrganizationManagedRuleArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -56,7 +57,9 @@ * var exampleOrganizationManagedRule = new OrganizationManagedRule("exampleOrganizationManagedRule", OrganizationManagedRuleArgs.builder() * .name("example") * .ruleIdentifier("IAM_PASSWORD_POLICY") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/cfg/RecorderStatus.java b/sdk/java/src/main/java/com/pulumi/aws/cfg/RecorderStatus.java index 69f4a5bdb3f..9afeb03eb4d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cfg/RecorderStatus.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cfg/RecorderStatus.java @@ -28,6 +28,10 @@ * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; + * import com.pulumi.aws.s3.BucketV2; + * import com.pulumi.aws.s3.BucketV2Args; + * import com.pulumi.aws.cfg.DeliveryChannel; + * import com.pulumi.aws.cfg.DeliveryChannelArgs; * import com.pulumi.aws.iam.IamFunctions; * import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs; * import com.pulumi.aws.iam.Role; @@ -38,12 +42,9 @@ * import com.pulumi.aws.cfg.RecorderStatusArgs; * import com.pulumi.aws.iam.RolePolicyAttachment; * import com.pulumi.aws.iam.RolePolicyAttachmentArgs; - * import com.pulumi.aws.s3.BucketV2; - * import com.pulumi.aws.s3.BucketV2Args; - * import com.pulumi.aws.cfg.DeliveryChannel; - * import com.pulumi.aws.cfg.DeliveryChannelArgs; * import com.pulumi.aws.iam.RolePolicy; * import com.pulumi.aws.iam.RolePolicyArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -57,6 +58,15 @@ * } * * public static void stack(Context ctx) { + * var b = new BucketV2("b", BucketV2Args.builder() + * .bucket("awsconfig-example") + * .build()); + * + * var fooDeliveryChannel = new DeliveryChannel("fooDeliveryChannel", DeliveryChannelArgs.builder() + * .name("example") + * .s3BucketName(b.bucket()) + * .build()); + * * final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder() * .statements(GetPolicyDocumentStatementArgs.builder() * .effect("Allow") @@ -81,22 +91,15 @@ * var foo = new RecorderStatus("foo", RecorderStatusArgs.builder() * .name(fooRecorder.name()) * .isEnabled(true) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(fooDeliveryChannel) + * .build()); * * var a = new RolePolicyAttachment("a", RolePolicyAttachmentArgs.builder() * .role(r.name()) * .policyArn("arn:aws:iam::aws:policy/service-role/AWS_ConfigRole") * .build()); * - * var b = new BucketV2("b", BucketV2Args.builder() - * .bucket("awsconfig-example") - * .build()); - * - * var fooDeliveryChannel = new DeliveryChannel("fooDeliveryChannel", DeliveryChannelArgs.builder() - * .name("example") - * .s3BucketName(b.bucket()) - * .build()); - * * final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder() * .statements(GetPolicyDocumentStatementArgs.builder() * .effect("Allow") diff --git a/sdk/java/src/main/java/com/pulumi/aws/cfg/Rule.java b/sdk/java/src/main/java/com/pulumi/aws/cfg/Rule.java index ff00d219783..48205e23232 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cfg/Rule.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cfg/Rule.java @@ -37,17 +37,18 @@ * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; - * import com.pulumi.aws.cfg.Rule; - * import com.pulumi.aws.cfg.RuleArgs; - * import com.pulumi.aws.cfg.inputs.RuleSourceArgs; * import com.pulumi.aws.iam.IamFunctions; * import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs; * import com.pulumi.aws.iam.Role; * import com.pulumi.aws.iam.RoleArgs; * import com.pulumi.aws.cfg.Recorder; * import com.pulumi.aws.cfg.RecorderArgs; + * import com.pulumi.aws.cfg.Rule; + * import com.pulumi.aws.cfg.RuleArgs; + * import com.pulumi.aws.cfg.inputs.RuleSourceArgs; * import com.pulumi.aws.iam.RolePolicy; * import com.pulumi.aws.iam.RolePolicyArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -61,14 +62,6 @@ * } * * public static void stack(Context ctx) { - * var r = new Rule("r", RuleArgs.builder() - * .name("example") - * .source(RuleSourceArgs.builder() - * .owner("AWS") - * .sourceIdentifier("S3_BUCKET_VERSIONING_ENABLED") - * .build()) - * .build()); - * * final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder() * .statements(GetPolicyDocumentStatementArgs.builder() * .effect("Allow") @@ -90,6 +83,16 @@ * .roleArn(rRole.arn()) * .build()); * + * var r = new Rule("r", RuleArgs.builder() + * .name("example") + * .source(RuleSourceArgs.builder() + * .owner("AWS") + * .sourceIdentifier("S3_BUCKET_VERSIONING_ENABLED") + * .build()) + * .build(), CustomResourceOptions.builder() + * .dependsOn(foo) + * .build()); + * * final var p = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder() * .statements(GetPolicyDocumentStatementArgs.builder() * .effect("Allow") @@ -127,6 +130,7 @@ * import com.pulumi.aws.cfg.Rule; * import com.pulumi.aws.cfg.RuleArgs; * import com.pulumi.aws.cfg.inputs.RuleSourceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -156,7 +160,11 @@ * .owner("CUSTOM_LAMBDA") * .sourceIdentifier(exampleFunction.arn()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * example, + * examplePermission) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/chime/VoiceConnectorTerminationCredentials.java b/sdk/java/src/main/java/com/pulumi/aws/chime/VoiceConnectorTerminationCredentials.java index beaaec80b13..73232ecf12b 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/chime/VoiceConnectorTerminationCredentials.java +++ b/sdk/java/src/main/java/com/pulumi/aws/chime/VoiceConnectorTerminationCredentials.java @@ -36,6 +36,7 @@ * import com.pulumi.aws.chime.VoiceConnectorTerminationCredentials; * import com.pulumi.aws.chime.VoiceConnectorTerminationCredentialsArgs; * import com.pulumi.aws.chime.inputs.VoiceConnectorTerminationCredentialsCredentialArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -70,7 +71,9 @@ * .username("test") * .password("test!") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(defaultVoiceConnectorTermination) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/cloudcontrol/Resource.java b/sdk/java/src/main/java/com/pulumi/aws/cloudcontrol/Resource.java index 2424f68eb80..bdafc7862e3 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cloudcontrol/Resource.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cloudcontrol/Resource.java @@ -47,10 +47,10 @@ * .typeName("AWS::ECS::Cluster") * .desiredState(serializeJson( * jsonObject( - * jsonProperty("clusterName", "example"), - * jsonProperty("tags", jsonArray(jsonObject( - * jsonProperty("key", "CostCenter"), - * jsonProperty("value", "IT") + * jsonProperty("ClusterName", "example"), + * jsonProperty("Tags", jsonArray(jsonObject( + * jsonProperty("Key", "CostCenter"), + * jsonProperty("Value", "IT") * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/cloudformation/Stack.java b/sdk/java/src/main/java/com/pulumi/aws/cloudformation/Stack.java index 3fc7af01ce3..6840089b49d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cloudformation/Stack.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cloudformation/Stack.java @@ -51,23 +51,23 @@ * .parameters(Map.of("VPCCidr", "10.0.0.0/16")) * .templateBody(serializeJson( * jsonObject( - * jsonProperty("parameters", jsonObject( - * jsonProperty("vPCCidr", jsonObject( - * jsonProperty("type", "String"), - * jsonProperty("default", "10.0.0.0/16"), - * jsonProperty("description", "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.") + * jsonProperty("Parameters", jsonObject( + * jsonProperty("VPCCidr", jsonObject( + * jsonProperty("Type", "String"), + * jsonProperty("Default", "10.0.0.0/16"), + * jsonProperty("Description", "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.") * )) * )), - * jsonProperty("resources", jsonObject( + * jsonProperty("Resources", jsonObject( * jsonProperty("myVpc", jsonObject( - * jsonProperty("type", "AWS::EC2::VPC"), - * jsonProperty("properties", jsonObject( - * jsonProperty("cidrBlock", jsonObject( + * jsonProperty("Type", "AWS::EC2::VPC"), + * jsonProperty("Properties", jsonObject( + * jsonProperty("CidrBlock", jsonObject( * jsonProperty("Ref", "VPCCidr") * )), - * jsonProperty("tags", jsonArray(jsonObject( - * jsonProperty("key", "Name"), - * jsonProperty("value", "Primary_CF_VPC") + * jsonProperty("Tags", jsonArray(jsonObject( + * jsonProperty("Key", "Name"), + * jsonProperty("Value", "Primary_CF_VPC") * ))) * )) * )) diff --git a/sdk/java/src/main/java/com/pulumi/aws/cloudformation/StackSet.java b/sdk/java/src/main/java/com/pulumi/aws/cloudformation/StackSet.java index 8ff1ee8ba37..a3a5d0572f4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cloudformation/StackSet.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cloudformation/StackSet.java @@ -79,23 +79,23 @@ * .parameters(Map.of("VPCCidr", "10.0.0.0/16")) * .templateBody(serializeJson( * jsonObject( - * jsonProperty("parameters", jsonObject( - * jsonProperty("vPCCidr", jsonObject( - * jsonProperty("type", "String"), - * jsonProperty("default", "10.0.0.0/16"), - * jsonProperty("description", "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.") + * jsonProperty("Parameters", jsonObject( + * jsonProperty("VPCCidr", jsonObject( + * jsonProperty("Type", "String"), + * jsonProperty("Default", "10.0.0.0/16"), + * jsonProperty("Description", "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.") * )) * )), - * jsonProperty("resources", jsonObject( + * jsonProperty("Resources", jsonObject( * jsonProperty("myVpc", jsonObject( - * jsonProperty("type", "AWS::EC2::VPC"), - * jsonProperty("properties", jsonObject( - * jsonProperty("cidrBlock", jsonObject( - * jsonProperty("ref", "VPCCidr") + * jsonProperty("Type", "AWS::EC2::VPC"), + * jsonProperty("Properties", jsonObject( + * jsonProperty("CidrBlock", jsonObject( + * jsonProperty("Ref", "VPCCidr") * )), - * jsonProperty("tags", jsonArray(jsonObject( - * jsonProperty("key", "Name"), - * jsonProperty("value", "Primary_CF_VPC") + * jsonProperty("Tags", jsonArray(jsonObject( + * jsonProperty("Key", "Name"), + * jsonProperty("Value", "Primary_CF_VPC") * ))) * )) * )) diff --git a/sdk/java/src/main/java/com/pulumi/aws/cloudfront/RealtimeLogConfig.java b/sdk/java/src/main/java/com/pulumi/aws/cloudfront/RealtimeLogConfig.java index 1444218ac2e..e9b07aad5f0 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cloudfront/RealtimeLogConfig.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cloudfront/RealtimeLogConfig.java @@ -38,6 +38,7 @@ * import com.pulumi.aws.cloudfront.RealtimeLogConfigArgs; * import com.pulumi.aws.cloudfront.inputs.RealtimeLogConfigEndpointArgs; * import com.pulumi.aws.cloudfront.inputs.RealtimeLogConfigEndpointKinesisStreamConfigArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -98,7 +99,9 @@ * .streamArn(exampleAwsKinesisStream.arn()) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleRolePolicy) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/cloudtrail/Trail.java b/sdk/java/src/main/java/com/pulumi/aws/cloudtrail/Trail.java index 5f5384f98bd..7a8f2b9326c 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cloudtrail/Trail.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cloudtrail/Trail.java @@ -43,8 +43,6 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.s3.BucketV2; * import com.pulumi.aws.s3.BucketV2Args; - * import com.pulumi.aws.cloudtrail.Trail; - * import com.pulumi.aws.cloudtrail.TrailArgs; * import com.pulumi.aws.AwsFunctions; * import com.pulumi.aws.inputs.GetCallerIdentityArgs; * import com.pulumi.aws.inputs.GetPartitionArgs; @@ -53,6 +51,9 @@ * import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs; * import com.pulumi.aws.s3.BucketPolicy; * import com.pulumi.aws.s3.BucketPolicyArgs; + * import com.pulumi.aws.cloudtrail.Trail; + * import com.pulumi.aws.cloudtrail.TrailArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -71,13 +72,6 @@ * .forceDestroy(true) * .build()); * - * var exampleTrail = new Trail("exampleTrail", TrailArgs.builder() - * .name("example") - * .s3BucketName(exampleBucketV2.id()) - * .s3KeyPrefix("prefix") - * .includeGlobalServiceEvents(false) - * .build()); - * * final var current = AwsFunctions.getCallerIdentity(); * * final var currentGetPartition = AwsFunctions.getPartition(); @@ -129,6 +123,15 @@ * .policy(example.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(example -> example.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))) * .build()); * + * var exampleTrail = new Trail("exampleTrail", TrailArgs.builder() + * .name("example") + * .s3BucketName(exampleBucketV2.id()) + * .s3KeyPrefix("prefix") + * .includeGlobalServiceEvents(false) + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleBucketPolicy) + * .build()); + * * } * } * ``` diff --git a/sdk/java/src/main/java/com/pulumi/aws/cloudwatch/LogDataProtectionPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/cloudwatch/LogDataProtectionPolicy.java index f4a4d72d8ed..2e40e8ff86e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cloudwatch/LogDataProtectionPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cloudwatch/LogDataProtectionPolicy.java @@ -59,28 +59,28 @@ * .logGroupName(example.name()) * .policyDocument(exampleBucketV2.bucket().applyValue(bucket -> serializeJson( * jsonObject( - * jsonProperty("name", "Example"), - * jsonProperty("version", "2021-06-01"), - * jsonProperty("statement", jsonArray( + * jsonProperty("Name", "Example"), + * jsonProperty("Version", "2021-06-01"), + * jsonProperty("Statement", jsonArray( * jsonObject( - * jsonProperty("sid", "Audit"), - * jsonProperty("dataIdentifier", jsonArray("arn:aws:dataprotection::aws:data-identifier/EmailAddress")), - * jsonProperty("operation", jsonObject( - * jsonProperty("audit", jsonObject( - * jsonProperty("findingsDestination", jsonObject( + * jsonProperty("Sid", "Audit"), + * jsonProperty("DataIdentifier", jsonArray("arn:aws:dataprotection::aws:data-identifier/EmailAddress")), + * jsonProperty("Operation", jsonObject( + * jsonProperty("Audit", jsonObject( + * jsonProperty("FindingsDestination", jsonObject( * jsonProperty("S3", jsonObject( - * jsonProperty("bucket", bucket) + * jsonProperty("Bucket", bucket) * )) * )) * )) * )) * ), * jsonObject( - * jsonProperty("sid", "Redact"), - * jsonProperty("dataIdentifier", jsonArray("arn:aws:dataprotection::aws:data-identifier/EmailAddress")), - * jsonProperty("operation", jsonObject( - * jsonProperty("deidentify", jsonObject( - * jsonProperty("maskConfig", jsonObject( + * jsonProperty("Sid", "Redact"), + * jsonProperty("DataIdentifier", jsonArray("arn:aws:dataprotection::aws:data-identifier/EmailAddress")), + * jsonProperty("Operation", jsonObject( + * jsonProperty("Deidentify", jsonObject( + * jsonProperty("MaskConfig", jsonObject( * * )) * )) diff --git a/sdk/java/src/main/java/com/pulumi/aws/codebuild/ResourcePolicy.java b/sdk/java/src/main/java/com/pulumi/aws/codebuild/ResourcePolicy.java index f0a1ec33fea..f6590684cfa 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/codebuild/ResourcePolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/codebuild/ResourcePolicy.java @@ -63,21 +63,21 @@ * .resourceArn(example.arn()) * .policy(example.arn().applyValue(arn -> serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("id", "default"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("sid", "default"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Id", "default"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Sid", "default"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", String.format("arn:%s:iam::%s:root", current.applyValue(getPartitionResult -> getPartitionResult.partition()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()))) * )), - * jsonProperty("action", jsonArray( + * jsonProperty("Action", jsonArray( * "codebuild:BatchGetReportGroups", * "codebuild:BatchGetReports", * "codebuild:ListReportsForReportGroup", * "codebuild:DescribeTestCases" * )), - * jsonProperty("resource", arn) + * jsonProperty("Resource", arn) * ))) * )))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/codecommit/ApprovalRuleTemplate.java b/sdk/java/src/main/java/com/pulumi/aws/codecommit/ApprovalRuleTemplate.java index 0f5cbe561cf..7ebf5ce86cb 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/codecommit/ApprovalRuleTemplate.java +++ b/sdk/java/src/main/java/com/pulumi/aws/codecommit/ApprovalRuleTemplate.java @@ -47,12 +47,12 @@ * .description("This is an example approval rule template") * .content(serializeJson( * jsonObject( - * jsonProperty("version", "2018-11-08"), - * jsonProperty("destinationReferences", jsonArray("refs/heads/master")), - * jsonProperty("statements", jsonArray(jsonObject( - * jsonProperty("type", "Approvers"), - * jsonProperty("numberOfApprovalsNeeded", 2), - * jsonProperty("approvalPoolMembers", jsonArray("arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*")) + * jsonProperty("Version", "2018-11-08"), + * jsonProperty("DestinationReferences", jsonArray("refs/heads/master")), + * jsonProperty("Statements", jsonArray(jsonObject( + * jsonProperty("Type", "Approvers"), + * jsonProperty("NumberOfApprovalsNeeded", 2), + * jsonProperty("ApprovalPoolMembers", jsonArray("arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*")) * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClient.java b/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClient.java index c4402f1e50d..8d6cc590c2f 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClient.java +++ b/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClient.java @@ -39,8 +39,6 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.cognito.UserPool; * import com.pulumi.aws.cognito.UserPoolArgs; - * import com.pulumi.aws.cognito.ManagedUserPoolClient; - * import com.pulumi.aws.cognito.ManagedUserPoolClientArgs; * import com.pulumi.aws.cognito.IdentityPool; * import com.pulumi.aws.cognito.IdentityPoolArgs; * import com.pulumi.aws.AwsFunctions; @@ -49,12 +47,15 @@ * import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs; * import com.pulumi.aws.iam.Role; * import com.pulumi.aws.iam.RoleArgs; + * import com.pulumi.aws.iam.RolePolicyAttachment; + * import com.pulumi.aws.iam.RolePolicyAttachmentArgs; * import com.pulumi.aws.opensearch.Domain; * import com.pulumi.aws.opensearch.DomainArgs; * import com.pulumi.aws.opensearch.inputs.DomainCognitoOptionsArgs; * import com.pulumi.aws.opensearch.inputs.DomainEbsOptionsArgs; - * import com.pulumi.aws.iam.RolePolicyAttachment; - * import com.pulumi.aws.iam.RolePolicyAttachmentArgs; + * import com.pulumi.aws.cognito.ManagedUserPoolClient; + * import com.pulumi.aws.cognito.ManagedUserPoolClientArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -72,11 +73,6 @@ * .name("example") * .build()); * - * var exampleManagedUserPoolClient = new ManagedUserPoolClient("exampleManagedUserPoolClient", ManagedUserPoolClientArgs.builder() - * .namePrefix("AmazonOpenSearchService-example") - * .userPoolId(exampleUserPool.id()) - * .build()); - * * var exampleIdentityPool = new IdentityPool("exampleIdentityPool", IdentityPoolArgs.builder() * .identityPoolName("example") * .build()); @@ -101,6 +97,11 @@ * .assumeRolePolicy(example.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())) * .build()); * + * var exampleRolePolicyAttachment = new RolePolicyAttachment("exampleRolePolicyAttachment", RolePolicyAttachmentArgs.builder() + * .role(exampleRole.name()) + * .policyArn(String.format("arn:%s:iam::aws:policy/AmazonESCognitoAccess", current.applyValue(getPartitionResult -> getPartitionResult.partition()))) + * .build()); + * * var exampleDomain = new Domain("exampleDomain", DomainArgs.builder() * .domainName("example") * .cognitoOptions(DomainCognitoOptionsArgs.builder() @@ -113,12 +114,18 @@ * .ebsEnabled(true) * .volumeSize(10) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * exampleAwsCognitoUserPoolDomain, + * exampleRolePolicyAttachment) + * .build()); * - * var exampleRolePolicyAttachment = new RolePolicyAttachment("exampleRolePolicyAttachment", RolePolicyAttachmentArgs.builder() - * .role(exampleRole.name()) - * .policyArn(String.format("arn:%s:iam::aws:policy/AmazonESCognitoAccess", current.applyValue(getPartitionResult -> getPartitionResult.partition()))) - * .build()); + * var exampleManagedUserPoolClient = new ManagedUserPoolClient("exampleManagedUserPoolClient", ManagedUserPoolClientArgs.builder() + * .namePrefix("AmazonOpenSearchService-example") + * .userPoolId(exampleUserPool.id()) + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleDomain) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/comprehend/DocumentClassifier.java b/sdk/java/src/main/java/com/pulumi/aws/comprehend/DocumentClassifier.java index e61860f87e8..56aeef24879 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/comprehend/DocumentClassifier.java +++ b/sdk/java/src/main/java/com/pulumi/aws/comprehend/DocumentClassifier.java @@ -36,6 +36,7 @@ * import com.pulumi.aws.comprehend.DocumentClassifier; * import com.pulumi.aws.comprehend.DocumentClassifierArgs; * import com.pulumi.aws.comprehend.inputs.DocumentClassifierInputDataConfigArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -58,7 +59,9 @@ * .inputDataConfig(DocumentClassifierInputDataConfigArgs.builder() * .s3Uri(documents.id().applyValue(id -> String.format("s3://%s/%s", test.bucket(),id))) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsIamRolePolicy) + * .build()); * * var entities = new BucketObjectv2("entities"); * diff --git a/sdk/java/src/main/java/com/pulumi/aws/comprehend/EntityRecognizer.java b/sdk/java/src/main/java/com/pulumi/aws/comprehend/EntityRecognizer.java index 51eddc10683..58495346f03 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/comprehend/EntityRecognizer.java +++ b/sdk/java/src/main/java/com/pulumi/aws/comprehend/EntityRecognizer.java @@ -37,6 +37,7 @@ * import com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigArgs; * import com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigDocumentsArgs; * import com.pulumi.aws.comprehend.inputs.EntityRecognizerInputDataConfigEntityListArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -73,7 +74,9 @@ * .s3Uri(entities.id().applyValue(id -> String.format("s3://%s/%s", entitiesAwsS3Bucket.bucket(),id))) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsIamRolePolicy) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/connect/ContactFlow.java b/sdk/java/src/main/java/com/pulumi/aws/connect/ContactFlow.java index 5e07ef4524f..3e5d5c24639 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/connect/ContactFlow.java +++ b/sdk/java/src/main/java/com/pulumi/aws/connect/ContactFlow.java @@ -59,30 +59,30 @@ * .type("CONTACT_FLOW") * .content(serializeJson( * jsonObject( - * jsonProperty("version", "2019-10-30"), - * jsonProperty("startAction", "12345678-1234-1234-1234-123456789012"), - * jsonProperty("actions", jsonArray( + * jsonProperty("Version", "2019-10-30"), + * jsonProperty("StartAction", "12345678-1234-1234-1234-123456789012"), + * jsonProperty("Actions", jsonArray( * jsonObject( - * jsonProperty("identifier", "12345678-1234-1234-1234-123456789012"), - * jsonProperty("type", "MessageParticipant"), - * jsonProperty("transitions", jsonObject( - * jsonProperty("nextAction", "abcdef-abcd-abcd-abcd-abcdefghijkl"), - * jsonProperty("errors", jsonArray( + * jsonProperty("Identifier", "12345678-1234-1234-1234-123456789012"), + * jsonProperty("Type", "MessageParticipant"), + * jsonProperty("Transitions", jsonObject( + * jsonProperty("NextAction", "abcdef-abcd-abcd-abcd-abcdefghijkl"), + * jsonProperty("Errors", jsonArray( * )), - * jsonProperty("conditions", jsonArray( + * jsonProperty("Conditions", jsonArray( * )) * )), - * jsonProperty("parameters", jsonObject( - * jsonProperty("text", "Thanks for calling the sample flow!") + * jsonProperty("Parameters", jsonObject( + * jsonProperty("Text", "Thanks for calling the sample flow!") * )) * ), * jsonObject( - * jsonProperty("identifier", "abcdef-abcd-abcd-abcd-abcdefghijkl"), - * jsonProperty("type", "DisconnectParticipant"), - * jsonProperty("transitions", jsonObject( + * jsonProperty("Identifier", "abcdef-abcd-abcd-abcd-abcdefghijkl"), + * jsonProperty("Type", "DisconnectParticipant"), + * jsonProperty("Transitions", jsonObject( * * )), - * jsonProperty("parameters", jsonObject( + * jsonProperty("Parameters", jsonObject( * * )) * ) diff --git a/sdk/java/src/main/java/com/pulumi/aws/connect/ContactFlowModule.java b/sdk/java/src/main/java/com/pulumi/aws/connect/ContactFlowModule.java index 2d70f8e9ee2..4889c178a66 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/connect/ContactFlowModule.java +++ b/sdk/java/src/main/java/com/pulumi/aws/connect/ContactFlowModule.java @@ -58,49 +58,49 @@ * .description("Example Contact Flow Module Description") * .content(serializeJson( * jsonObject( - * jsonProperty("version", "2019-10-30"), - * jsonProperty("startAction", "12345678-1234-1234-1234-123456789012"), - * jsonProperty("actions", jsonArray( + * jsonProperty("Version", "2019-10-30"), + * jsonProperty("StartAction", "12345678-1234-1234-1234-123456789012"), + * jsonProperty("Actions", jsonArray( * jsonObject( - * jsonProperty("identifier", "12345678-1234-1234-1234-123456789012"), - * jsonProperty("parameters", jsonObject( - * jsonProperty("text", "Hello contact flow module") + * jsonProperty("Identifier", "12345678-1234-1234-1234-123456789012"), + * jsonProperty("Parameters", jsonObject( + * jsonProperty("Text", "Hello contact flow module") * )), - * jsonProperty("transitions", jsonObject( - * jsonProperty("nextAction", "abcdef-abcd-abcd-abcd-abcdefghijkl"), - * jsonProperty("errors", jsonArray( + * jsonProperty("Transitions", jsonObject( + * jsonProperty("NextAction", "abcdef-abcd-abcd-abcd-abcdefghijkl"), + * jsonProperty("Errors", jsonArray( * )), - * jsonProperty("conditions", jsonArray( + * jsonProperty("Conditions", jsonArray( * )) * )), - * jsonProperty("type", "MessageParticipant") + * jsonProperty("Type", "MessageParticipant") * ), * jsonObject( - * jsonProperty("identifier", "abcdef-abcd-abcd-abcd-abcdefghijkl"), - * jsonProperty("type", "DisconnectParticipant"), - * jsonProperty("parameters", jsonObject( + * jsonProperty("Identifier", "abcdef-abcd-abcd-abcd-abcdefghijkl"), + * jsonProperty("Type", "DisconnectParticipant"), + * jsonProperty("Parameters", jsonObject( * * )), - * jsonProperty("transitions", jsonObject( + * jsonProperty("Transitions", jsonObject( * * )) * ) * )), - * jsonProperty("settings", jsonObject( - * jsonProperty("inputParameters", jsonArray( + * jsonProperty("Settings", jsonObject( + * jsonProperty("InputParameters", jsonArray( * )), - * jsonProperty("outputParameters", jsonArray( + * jsonProperty("OutputParameters", jsonArray( * )), - * jsonProperty("transitions", jsonArray( + * jsonProperty("Transitions", jsonArray( * jsonObject( - * jsonProperty("displayName", "Success"), - * jsonProperty("referenceName", "Success"), - * jsonProperty("description", "") + * jsonProperty("DisplayName", "Success"), + * jsonProperty("ReferenceName", "Success"), + * jsonProperty("Description", "") * ), * jsonObject( - * jsonProperty("displayName", "Error"), - * jsonProperty("referenceName", "Error"), - * jsonProperty("description", "") + * jsonProperty("DisplayName", "Error"), + * jsonProperty("ReferenceName", "Error"), + * jsonProperty("Description", "") * ) * )) * )) diff --git a/sdk/java/src/main/java/com/pulumi/aws/costexplorer/AnomalyMonitor.java b/sdk/java/src/main/java/com/pulumi/aws/costexplorer/AnomalyMonitor.java index c8b63afda9f..a0165459120 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/costexplorer/AnomalyMonitor.java +++ b/sdk/java/src/main/java/com/pulumi/aws/costexplorer/AnomalyMonitor.java @@ -87,15 +87,15 @@ * .monitorType("CUSTOM") * .monitorSpecification(serializeJson( * jsonObject( - * jsonProperty("and", null), - * jsonProperty("costCategories", null), - * jsonProperty("dimensions", null), - * jsonProperty("not", null), - * jsonProperty("or", null), - * jsonProperty("tags", jsonObject( - * jsonProperty("key", "CostCenter"), - * jsonProperty("matchOptions", null), - * jsonProperty("values", jsonArray("10000")) + * jsonProperty("And", null), + * jsonProperty("CostCategories", null), + * jsonProperty("Dimensions", null), + * jsonProperty("Not", null), + * jsonProperty("Or", null), + * jsonProperty("Tags", jsonObject( + * jsonProperty("Key", "CostCenter"), + * jsonProperty("MatchOptions", null), + * jsonProperty("Values", jsonArray("10000")) * )) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/costexplorer/AnomalySubscription.java b/sdk/java/src/main/java/com/pulumi/aws/costexplorer/AnomalySubscription.java index 49363cc8e66..b2f7c64cca4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/costexplorer/AnomalySubscription.java +++ b/sdk/java/src/main/java/com/pulumi/aws/costexplorer/AnomalySubscription.java @@ -200,6 +200,7 @@ * import com.pulumi.aws.costexplorer.AnomalySubscription; * import com.pulumi.aws.costexplorer.AnomalySubscriptionArgs; * import com.pulumi.aws.costexplorer.inputs.AnomalySubscriptionSubscriberArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -275,7 +276,9 @@ * .type("SNS") * .address(costAnomalyUpdates.arn()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(default_) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/customerprofiles/Domain.java b/sdk/java/src/main/java/com/pulumi/aws/customerprofiles/Domain.java index 240371952b6..5ea857fbec9 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/customerprofiles/Domain.java +++ b/sdk/java/src/main/java/com/pulumi/aws/customerprofiles/Domain.java @@ -92,14 +92,14 @@ * .name("example") * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("sid", "Customer Profiles SQS policy"), - * jsonProperty("effect", "Allow"), - * jsonProperty("action", jsonArray("sqs:SendMessage")), - * jsonProperty("resource", "*"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "profile.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Sid", "Customer Profiles SQS policy"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Action", jsonArray("sqs:SendMessage")), + * jsonProperty("Resource", "*"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "profile.amazonaws.com") * )) * ))) * ))) @@ -122,21 +122,21 @@ * var exampleBucketV2Arn1 = values.t2; * return serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("sid", "Customer Profiles S3 policy"), - * jsonProperty("effect", "Allow"), - * jsonProperty("action", jsonArray( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Sid", "Customer Profiles S3 policy"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Action", jsonArray( * "s3:GetObject", * "s3:PutObject", * "s3:ListBucket" * )), - * jsonProperty("resource", jsonArray( + * jsonProperty("Resource", jsonArray( * exampleBucketV2Arn, * String.format("%s/*", exampleBucketV2Arn1) * )), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "profile.amazonaws.com") + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "profile.amazonaws.com") * )) * ))) * )); diff --git a/sdk/java/src/main/java/com/pulumi/aws/detective/InvitationAccepter.java b/sdk/java/src/main/java/com/pulumi/aws/detective/InvitationAccepter.java index 76b0e6163c5..a701bc74a67 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/detective/InvitationAccepter.java +++ b/sdk/java/src/main/java/com/pulumi/aws/detective/InvitationAccepter.java @@ -30,6 +30,7 @@ * import com.pulumi.aws.detective.MemberArgs; * import com.pulumi.aws.detective.InvitationAccepter; * import com.pulumi.aws.detective.InvitationAccepterArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -54,7 +55,9 @@ * * var member = new InvitationAccepter("member", InvitationAccepterArgs.builder() * .graphArn(primary.graphArn()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(primaryMember) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/detective/OrganizationAdminAccount.java b/sdk/java/src/main/java/com/pulumi/aws/detective/OrganizationAdminAccount.java index b07ebf135ae..9935427aeff 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/detective/OrganizationAdminAccount.java +++ b/sdk/java/src/main/java/com/pulumi/aws/detective/OrganizationAdminAccount.java @@ -29,6 +29,7 @@ * import com.pulumi.aws.organizations.OrganizationArgs; * import com.pulumi.aws.detective.OrganizationAdminAccount; * import com.pulumi.aws.detective.OrganizationAdminAccountArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -49,7 +50,9 @@ * * var exampleOrganizationAdminAccount = new OrganizationAdminAccount("exampleOrganizationAdminAccount", OrganizationAdminAccountArgs.builder() * .accountId("123456789012") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/directconnect/HostedPrivateVirtualInterfaceAccepter.java b/sdk/java/src/main/java/com/pulumi/aws/directconnect/HostedPrivateVirtualInterfaceAccepter.java index 7ab3373ca90..fa5ad77dd48 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/directconnect/HostedPrivateVirtualInterfaceAccepter.java +++ b/sdk/java/src/main/java/com/pulumi/aws/directconnect/HostedPrivateVirtualInterfaceAccepter.java @@ -30,11 +30,12 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.AwsFunctions; * import com.pulumi.aws.inputs.GetCallerIdentityArgs; + * import com.pulumi.aws.ec2.VpnGateway; * import com.pulumi.aws.directconnect.HostedPrivateVirtualInterface; * import com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceArgs; - * import com.pulumi.aws.ec2.VpnGateway; * import com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceAccepter; * import com.pulumi.aws.directconnect.HostedPrivateVirtualInterfaceAccepterArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -50,6 +51,9 @@ * public static void stack(Context ctx) { * final var accepter = AwsFunctions.getCallerIdentity(); * + * // Accepter's side of the VIF. + * var vpnGw = new VpnGateway("vpnGw"); + * * // Creator's side of the VIF * var creator = new HostedPrivateVirtualInterface("creator", HostedPrivateVirtualInterfaceArgs.builder() * .connectionId("dxcon-zzzzzzzz") @@ -58,10 +62,9 @@ * .vlan(4094) * .addressFamily("ipv4") * .bgpAsn(65352) - * .build()); - * - * // Accepter's side of the VIF. - * var vpnGw = new VpnGateway("vpnGw"); + * .build(), CustomResourceOptions.builder() + * .dependsOn(vpnGw) + * .build()); * * var accepterHostedPrivateVirtualInterfaceAccepter = new HostedPrivateVirtualInterfaceAccepter("accepterHostedPrivateVirtualInterfaceAccepter", HostedPrivateVirtualInterfaceAccepterArgs.builder() * .virtualInterfaceId(creator.id()) diff --git a/sdk/java/src/main/java/com/pulumi/aws/directconnect/HostedTransitVirtualInterfaceAcceptor.java b/sdk/java/src/main/java/com/pulumi/aws/directconnect/HostedTransitVirtualInterfaceAcceptor.java index 987e796dc6f..fe323d8bd71 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/directconnect/HostedTransitVirtualInterfaceAcceptor.java +++ b/sdk/java/src/main/java/com/pulumi/aws/directconnect/HostedTransitVirtualInterfaceAcceptor.java @@ -32,12 +32,13 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.AwsFunctions; * import com.pulumi.aws.inputs.GetCallerIdentityArgs; - * import com.pulumi.aws.directconnect.HostedTransitVirtualInterface; - * import com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceArgs; * import com.pulumi.aws.directconnect.Gateway; * import com.pulumi.aws.directconnect.GatewayArgs; + * import com.pulumi.aws.directconnect.HostedTransitVirtualInterface; + * import com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceArgs; * import com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceAcceptor; * import com.pulumi.aws.directconnect.HostedTransitVirtualInterfaceAcceptorArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -53,6 +54,12 @@ * public static void stack(Context ctx) { * final var accepter = AwsFunctions.getCallerIdentity(); * + * // Accepter's side of the VIF. + * var example = new Gateway("example", GatewayArgs.builder() + * .name("tf-dxg-example") + * .amazonSideAsn(64512) + * .build()); + * * // Creator's side of the VIF * var creator = new HostedTransitVirtualInterface("creator", HostedTransitVirtualInterfaceArgs.builder() * .connectionId("dxcon-zzzzzzzz") @@ -61,13 +68,9 @@ * .vlan(4094) * .addressFamily("ipv4") * .bgpAsn(65352) - * .build()); - * - * // Accepter's side of the VIF. - * var example = new Gateway("example", GatewayArgs.builder() - * .name("tf-dxg-example") - * .amazonSideAsn(64512) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * var accepterHostedTransitVirtualInterfaceAcceptor = new HostedTransitVirtualInterfaceAcceptor("accepterHostedTransitVirtualInterfaceAcceptor", HostedTransitVirtualInterfaceAcceptorArgs.builder() * .virtualInterfaceId(creator.id()) diff --git a/sdk/java/src/main/java/com/pulumi/aws/dms/ReplicationInstance.java b/sdk/java/src/main/java/com/pulumi/aws/dms/ReplicationInstance.java index 4e2ee993bdc..ffc5a9b7158 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/dms/ReplicationInstance.java +++ b/sdk/java/src/main/java/com/pulumi/aws/dms/ReplicationInstance.java @@ -40,6 +40,7 @@ * import com.pulumi.aws.iam.RolePolicyAttachmentArgs; * import com.pulumi.aws.dms.ReplicationInstance; * import com.pulumi.aws.dms.ReplicationInstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -115,7 +116,12 @@ * .replicationSubnetGroupId(test_dms_replication_subnet_group_tf.id()) * .tags(Map.of("Name", "test")) * .vpcSecurityGroupIds("sg-12345678") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * dms_access_for_endpoint_AmazonDMSRedshiftS3Role, + * dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole, + * dms_vpc_role_AmazonDMSVPCManagementRole) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/dms/ReplicationSubnetGroup.java b/sdk/java/src/main/java/com/pulumi/aws/dms/ReplicationSubnetGroup.java index d3fa93f1d76..b7c4c59908d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/dms/ReplicationSubnetGroup.java +++ b/sdk/java/src/main/java/com/pulumi/aws/dms/ReplicationSubnetGroup.java @@ -80,6 +80,7 @@ * import com.pulumi.aws.dms.ReplicationSubnetGroup; * import com.pulumi.aws.dms.ReplicationSubnetGroupArgs; * import static com.pulumi.codegen.internal.Serialization.*; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -98,13 +99,13 @@ * .description("Allows DMS to manage VPC") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "dms.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "dms.amazonaws.com") * )), - * jsonProperty("action", "sts:AssumeRole") + * jsonProperty("Action", "sts:AssumeRole") * ))) * ))) * .build()); @@ -121,7 +122,9 @@ * "subnet-12345678", * "subnet-12345679") * .tags(Map.of("Name", "example-id")) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/dms/S3Endpoint.java b/sdk/java/src/main/java/com/pulumi/aws/dms/S3Endpoint.java index bd93f6b35b9..ef701b2a9f1 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/dms/S3Endpoint.java +++ b/sdk/java/src/main/java/com/pulumi/aws/dms/S3Endpoint.java @@ -39,6 +39,7 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.dms.S3Endpoint; * import com.pulumi.aws.dms.S3EndpointArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -57,7 +58,9 @@ * .endpointType("target") * .bucketName("beckut_name") * .serviceAccessRoleArn(exampleAwsIamRole.arn()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsIamRolePolicy) + * .build()); * * } * } @@ -75,6 +78,7 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.dms.S3Endpoint; * import com.pulumi.aws.dms.S3EndpointArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -138,7 +142,9 @@ * .useCsvNoSupValue(false) * .useTaskStartTimeForFullLoadTimestamp(true) * .glueCatalogGeneration(true) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsIamRolePolicy) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/docdb/GlobalCluster.java b/sdk/java/src/main/java/com/pulumi/aws/docdb/GlobalCluster.java index 7d06d7c627d..bc155a80ba8 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/docdb/GlobalCluster.java +++ b/sdk/java/src/main/java/com/pulumi/aws/docdb/GlobalCluster.java @@ -39,6 +39,7 @@ * import com.pulumi.aws.docdb.ClusterArgs; * import com.pulumi.aws.docdb.ClusterInstance; * import com.pulumi.aws.docdb.ClusterInstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -81,14 +82,18 @@ * .clusterIdentifier("test-secondary-cluster") * .globalClusterIdentifier(example.id()) * .dbSubnetGroupName("default") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(primary) + * .build()); * * var secondaryClusterInstance = new ClusterInstance("secondaryClusterInstance", ClusterInstanceArgs.builder() * .engine(example.engine()) * .identifier("test-secondary-cluster-instance") * .clusterIdentifier(secondary.id()) * .instanceClass("db.r5.large") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(primaryClusterInstance) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/dynamodb/GlobalTable.java b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/GlobalTable.java index e000df0e130..2c7c939b897 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/dynamodb/GlobalTable.java +++ b/sdk/java/src/main/java/com/pulumi/aws/dynamodb/GlobalTable.java @@ -37,6 +37,7 @@ * import com.pulumi.aws.dynamodb.GlobalTable; * import com.pulumi.aws.dynamodb.GlobalTableArgs; * import com.pulumi.aws.dynamodb.inputs.GlobalTableReplicaArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -85,7 +86,11 @@ * GlobalTableReplicaArgs.builder() * .regionName("us-west-2") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * us_east_1, + * us_west_2) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/Eip.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/Eip.java index 906879ce4f2..0165f7ed5df 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/Eip.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/Eip.java @@ -128,6 +128,7 @@ * import com.pulumi.aws.ec2.InstanceArgs; * import com.pulumi.aws.ec2.Eip; * import com.pulumi.aws.ec2.EipArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -154,7 +155,9 @@ * .vpcId(default_.id()) * .cidrBlock("10.0.0.0/24") * .mapPublicIpOnLaunch(true) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * var foo = new Instance("foo", InstanceArgs.builder() * .ami("ami-5189a661") @@ -167,7 +170,9 @@ * .domain("vpc") * .instance(foo.id()) * .associateWithPrivateIp("10.0.0.12") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/InternetGateway.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/InternetGateway.java index da1be2d4b2e..67a522d97af 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/InternetGateway.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/InternetGateway.java @@ -106,6 +106,8 @@ public Output ownerId() { * import com.pulumi.aws.ec2.InternetGateway; * import com.pulumi.aws.ec2.InternetGatewayArgs; * import com.pulumi.aws.ec2.Instance; + * import com.pulumi.aws.ec2.InstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -123,7 +125,9 @@ public Output ownerId() { * .vpcId(main.id()) * .build()); * - * var foo = new Instance("foo"); + * var foo = new Instance("foo", InstanceArgs.Empty, CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } @@ -149,6 +153,8 @@ public Output ownerId() { * import com.pulumi.aws.ec2.InternetGateway; * import com.pulumi.aws.ec2.InternetGatewayArgs; * import com.pulumi.aws.ec2.Instance; + * import com.pulumi.aws.ec2.InstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -166,7 +172,9 @@ public Output ownerId() { * .vpcId(main.id()) * .build()); * - * var foo = new Instance("foo"); + * var foo = new Instance("foo", InstanceArgs.Empty, CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/InternetGatewayArgs.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/InternetGatewayArgs.java index f344314bfbc..5f97e6e27b6 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/InternetGatewayArgs.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/InternetGatewayArgs.java @@ -31,6 +31,8 @@ public final class InternetGatewayArgs extends com.pulumi.resources.ResourceArgs * import com.pulumi.aws.ec2.InternetGateway; * import com.pulumi.aws.ec2.InternetGatewayArgs; * import com.pulumi.aws.ec2.Instance; + * import com.pulumi.aws.ec2.InstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -48,7 +50,9 @@ public final class InternetGatewayArgs extends com.pulumi.resources.ResourceArgs * .vpcId(main.id()) * .build()); * - * var foo = new Instance("foo"); + * var foo = new Instance("foo", InstanceArgs.Empty, CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } @@ -74,6 +78,8 @@ public final class InternetGatewayArgs extends com.pulumi.resources.ResourceArgs * import com.pulumi.aws.ec2.InternetGateway; * import com.pulumi.aws.ec2.InternetGatewayArgs; * import com.pulumi.aws.ec2.Instance; + * import com.pulumi.aws.ec2.InstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -91,7 +97,9 @@ public final class InternetGatewayArgs extends com.pulumi.resources.ResourceArgs * .vpcId(main.id()) * .build()); * - * var foo = new Instance("foo"); + * var foo = new Instance("foo", InstanceArgs.Empty, CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } @@ -158,6 +166,8 @@ public Builder(InternetGatewayArgs defaults) { * import com.pulumi.aws.ec2.InternetGateway; * import com.pulumi.aws.ec2.InternetGatewayArgs; * import com.pulumi.aws.ec2.Instance; + * import com.pulumi.aws.ec2.InstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -175,7 +185,9 @@ public Builder(InternetGatewayArgs defaults) { * .vpcId(main.id()) * .build()); * - * var foo = new Instance("foo"); + * var foo = new Instance("foo", InstanceArgs.Empty, CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } @@ -205,6 +217,8 @@ public Builder tags(@Nullable Output> tags) { * import com.pulumi.aws.ec2.InternetGateway; * import com.pulumi.aws.ec2.InternetGatewayArgs; * import com.pulumi.aws.ec2.Instance; + * import com.pulumi.aws.ec2.InstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -222,7 +236,9 @@ public Builder tags(@Nullable Output> tags) { * .vpcId(main.id()) * .build()); * - * var foo = new Instance("foo"); + * var foo = new Instance("foo", InstanceArgs.Empty, CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/NatGateway.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/NatGateway.java index 736cce4c401..708b7180164 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/NatGateway.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/NatGateway.java @@ -33,6 +33,7 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.ec2.NatGateway; * import com.pulumi.aws.ec2.NatGatewayArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -50,7 +51,9 @@ * .allocationId(exampleAwsEip.id()) * .subnetId(exampleAwsSubnet.id()) * .tags(Map.of("Name", "gw NAT")) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsInternetGateway) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/SpotFleetRequest.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/SpotFleetRequest.java index d5f916c435e..fc5254a9aab 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/SpotFleetRequest.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/SpotFleetRequest.java @@ -107,6 +107,7 @@ * import com.pulumi.aws.ec2.SpotFleetRequestArgs; * import com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigArgs; * import com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -138,7 +139,9 @@ * .version(foo.latestVersion()) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(test_attach) + * .build()); * * } * } @@ -220,6 +223,7 @@ * import com.pulumi.aws.ec2.SpotFleetRequestArgs; * import com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigArgs; * import com.pulumi.aws.ec2.inputs.SpotFleetRequestLaunchTemplateConfigLaunchTemplateSpecificationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -268,7 +272,9 @@ * .subnetId(example.applyValue(getSubnetsResult -> getSubnetsResult.ids()[2])) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(test_attach) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/Vpc.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/Vpc.java index 5d4b04308ec..3499964cc8e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/Vpc.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/Vpc.java @@ -110,6 +110,7 @@ * import com.pulumi.aws.ec2.VpcIpamPoolCidrArgs; * import com.pulumi.aws.ec2.Vpc; * import com.pulumi.aws.ec2.VpcArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -145,7 +146,9 @@ * var testVpc = new Vpc("testVpc", VpcArgs.builder() * .ipv4IpamPoolId(testVpcIpamPool.id()) * .ipv4NetmaskLength(28) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(testVpcIpamPoolCidr) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/VpcIpamPoolCidrAllocation.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/VpcIpamPoolCidrAllocation.java index 6f2f3fbb05c..104fc85dcb5 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/VpcIpamPoolCidrAllocation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/VpcIpamPoolCidrAllocation.java @@ -37,10 +37,11 @@ * import com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs; * import com.pulumi.aws.ec2.VpcIpamPool; * import com.pulumi.aws.ec2.VpcIpamPoolArgs; - * import com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation; - * import com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs; * import com.pulumi.aws.ec2.VpcIpamPoolCidr; * import com.pulumi.aws.ec2.VpcIpamPoolCidrArgs; + * import com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation; + * import com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -68,16 +69,18 @@ * .locale(current.applyValue(getRegionResult -> getRegionResult.name())) * .build()); * - * var example = new VpcIpamPoolCidrAllocation("example", VpcIpamPoolCidrAllocationArgs.builder() - * .ipamPoolId(exampleVpcIpamPool.id()) - * .cidr("172.20.0.0/24") - * .build()); - * * var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr("exampleVpcIpamPoolCidr", VpcIpamPoolCidrArgs.builder() * .ipamPoolId(exampleVpcIpamPool.id()) * .cidr("172.20.0.0/16") * .build()); * + * var example = new VpcIpamPoolCidrAllocation("example", VpcIpamPoolCidrAllocationArgs.builder() + * .ipamPoolId(exampleVpcIpamPool.id()) + * .cidr("172.20.0.0/24") + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleVpcIpamPoolCidr) + * .build()); + * * } * } * ``` @@ -99,10 +102,11 @@ * import com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs; * import com.pulumi.aws.ec2.VpcIpamPool; * import com.pulumi.aws.ec2.VpcIpamPoolArgs; - * import com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation; - * import com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs; * import com.pulumi.aws.ec2.VpcIpamPoolCidr; * import com.pulumi.aws.ec2.VpcIpamPoolCidrArgs; + * import com.pulumi.aws.ec2.VpcIpamPoolCidrAllocation; + * import com.pulumi.aws.ec2.VpcIpamPoolCidrAllocationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -130,17 +134,19 @@ * .locale(current.applyValue(getRegionResult -> getRegionResult.name())) * .build()); * - * var example = new VpcIpamPoolCidrAllocation("example", VpcIpamPoolCidrAllocationArgs.builder() - * .ipamPoolId(exampleVpcIpamPool.id()) - * .netmaskLength(28) - * .disallowedCidrs("172.20.0.0/28") - * .build()); - * * var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr("exampleVpcIpamPoolCidr", VpcIpamPoolCidrArgs.builder() * .ipamPoolId(exampleVpcIpamPool.id()) * .cidr("172.20.0.0/16") * .build()); * + * var example = new VpcIpamPoolCidrAllocation("example", VpcIpamPoolCidrAllocationArgs.builder() + * .ipamPoolId(exampleVpcIpamPool.id()) + * .netmaskLength(28) + * .disallowedCidrs("172.20.0.0/28") + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleVpcIpamPoolCidr) + * .build()); + * * } * } * ``` diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/VpcIpamPreviewNextCidr.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/VpcIpamPreviewNextCidr.java index 70a506271b2..1ff5674d4cb 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/VpcIpamPreviewNextCidr.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/VpcIpamPreviewNextCidr.java @@ -37,10 +37,11 @@ * import com.pulumi.aws.ec2.inputs.VpcIpamOperatingRegionArgs; * import com.pulumi.aws.ec2.VpcIpamPool; * import com.pulumi.aws.ec2.VpcIpamPoolArgs; - * import com.pulumi.aws.ec2.VpcIpamPreviewNextCidr; - * import com.pulumi.aws.ec2.VpcIpamPreviewNextCidrArgs; * import com.pulumi.aws.ec2.VpcIpamPoolCidr; * import com.pulumi.aws.ec2.VpcIpamPoolCidrArgs; + * import com.pulumi.aws.ec2.VpcIpamPreviewNextCidr; + * import com.pulumi.aws.ec2.VpcIpamPreviewNextCidrArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -68,17 +69,19 @@ * .locale(current.applyValue(getRegionResult -> getRegionResult.name())) * .build()); * - * var example = new VpcIpamPreviewNextCidr("example", VpcIpamPreviewNextCidrArgs.builder() - * .ipamPoolId(exampleVpcIpamPool.id()) - * .netmaskLength(28) - * .disallowedCidrs("172.2.0.0/32") - * .build()); - * * var exampleVpcIpamPoolCidr = new VpcIpamPoolCidr("exampleVpcIpamPoolCidr", VpcIpamPoolCidrArgs.builder() * .ipamPoolId(exampleVpcIpamPool.id()) * .cidr("172.20.0.0/16") * .build()); * + * var example = new VpcIpamPreviewNextCidr("example", VpcIpamPreviewNextCidrArgs.builder() + * .ipamPoolId(exampleVpcIpamPool.id()) + * .netmaskLength(28) + * .disallowedCidrs("172.2.0.0/32") + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleVpcIpamPoolCidr) + * .build()); + * * } * } * ``` diff --git a/sdk/java/src/main/java/com/pulumi/aws/ec2/inputs/InternetGatewayState.java b/sdk/java/src/main/java/com/pulumi/aws/ec2/inputs/InternetGatewayState.java index a8d793f37c6..d9e960061dd 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ec2/inputs/InternetGatewayState.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ec2/inputs/InternetGatewayState.java @@ -61,6 +61,8 @@ public Optional> ownerId() { * import com.pulumi.aws.ec2.InternetGateway; * import com.pulumi.aws.ec2.InternetGatewayArgs; * import com.pulumi.aws.ec2.Instance; + * import com.pulumi.aws.ec2.InstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -78,7 +80,9 @@ public Optional> ownerId() { * .vpcId(main.id()) * .build()); * - * var foo = new Instance("foo"); + * var foo = new Instance("foo", InstanceArgs.Empty, CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } @@ -104,6 +108,8 @@ public Optional> ownerId() { * import com.pulumi.aws.ec2.InternetGateway; * import com.pulumi.aws.ec2.InternetGatewayArgs; * import com.pulumi.aws.ec2.Instance; + * import com.pulumi.aws.ec2.InstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -121,7 +127,9 @@ public Optional> ownerId() { * .vpcId(main.id()) * .build()); * - * var foo = new Instance("foo"); + * var foo = new Instance("foo", InstanceArgs.Empty, CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } @@ -256,6 +264,8 @@ public Builder ownerId(String ownerId) { * import com.pulumi.aws.ec2.InternetGateway; * import com.pulumi.aws.ec2.InternetGatewayArgs; * import com.pulumi.aws.ec2.Instance; + * import com.pulumi.aws.ec2.InstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -273,7 +283,9 @@ public Builder ownerId(String ownerId) { * .vpcId(main.id()) * .build()); * - * var foo = new Instance("foo"); + * var foo = new Instance("foo", InstanceArgs.Empty, CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } @@ -303,6 +315,8 @@ public Builder tags(@Nullable Output> tags) { * import com.pulumi.aws.ec2.InternetGateway; * import com.pulumi.aws.ec2.InternetGatewayArgs; * import com.pulumi.aws.ec2.Instance; + * import com.pulumi.aws.ec2.InstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -320,7 +334,9 @@ public Builder tags(@Nullable Output> tags) { * .vpcId(main.id()) * .build()); * - * var foo = new Instance("foo"); + * var foo = new Instance("foo", InstanceArgs.Empty, CustomResourceOptions.builder() + * .dependsOn(gw) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ecr/RegistryPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/ecr/RegistryPolicy.java index 3135d4046eb..c6aa0641070 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ecr/RegistryPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ecr/RegistryPolicy.java @@ -56,15 +56,15 @@ * var example = new RegistryPolicy("example", RegistryPolicyArgs.builder() * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("sid", "testpolicy"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Sid", "testpolicy"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", String.format("arn:%s:iam::%s:root", currentGetPartition.applyValue(getPartitionResult -> getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()))) * )), - * jsonProperty("action", jsonArray("ecr:ReplicateImage")), - * jsonProperty("resource", jsonArray(String.format("arn:%s:ecr:%s:%s:repository/*", currentGetPartition.applyValue(getPartitionResult -> getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -> getRegionResult.name()),current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())))) + * jsonProperty("Action", jsonArray("ecr:ReplicateImage")), + * jsonProperty("Resource", jsonArray(String.format("arn:%s:ecr:%s:%s:repository/*", currentGetPartition.applyValue(getPartitionResult -> getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -> getRegionResult.name()),current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())))) * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/ecs/Service.java b/sdk/java/src/main/java/com/pulumi/aws/ecs/Service.java index d974be318eb..8023fcab2a4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ecs/Service.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ecs/Service.java @@ -49,6 +49,7 @@ * import com.pulumi.aws.ecs.inputs.ServiceOrderedPlacementStrategyArgs; * import com.pulumi.aws.ecs.inputs.ServiceLoadBalancerArgs; * import com.pulumi.aws.ecs.inputs.ServicePlacementConstraintArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -73,7 +74,7 @@ * .field("cpu") * .build()) * .loadBalancers(ServiceLoadBalancerArgs.builder() - * .targetGroupArn(foo.arn()) + * .targetGroupArn(fooAwsLbTargetGroup.arn()) * .containerName("mongo") * .containerPort(8080) * .build()) @@ -81,7 +82,9 @@ * .type("memberOf") * .expression("attribute:ecs.availability-zone in [us-west-2a, us-west-2b]") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(foo) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/eks/Cluster.java b/sdk/java/src/main/java/com/pulumi/aws/eks/Cluster.java index a0bc94607f8..ce40c6630af 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/eks/Cluster.java +++ b/sdk/java/src/main/java/com/pulumi/aws/eks/Cluster.java @@ -40,6 +40,7 @@ * import com.pulumi.aws.eks.Cluster; * import com.pulumi.aws.eks.ClusterArgs; * import com.pulumi.aws.eks.inputs.ClusterVpcConfigArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -61,7 +62,11 @@ * example1.id(), * example2.id()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * example_AmazonEKSClusterPolicy, + * example_AmazonEKSVPCResourceController) + * .build()); * * ctx.export("endpoint", example.endpoint()); * ctx.export("kubeconfig-certificate-authority-data", example.certificateAuthority().applyValue(certificateAuthority -> certificateAuthority.data())); @@ -144,10 +149,11 @@ * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; - * import com.pulumi.aws.eks.Cluster; - * import com.pulumi.aws.eks.ClusterArgs; * import com.pulumi.aws.cloudwatch.LogGroup; * import com.pulumi.aws.cloudwatch.LogGroupArgs; + * import com.pulumi.aws.eks.Cluster; + * import com.pulumi.aws.eks.ClusterArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -163,17 +169,19 @@ * public static void stack(Context ctx) { * final var config = ctx.config(); * final var clusterName = config.get("clusterName").orElse("example"); + * var exampleLogGroup = new LogGroup("exampleLogGroup", LogGroupArgs.builder() + * .name(String.format("/aws/eks/%s/cluster", clusterName)) + * .retentionInDays(7) + * .build()); + * * var example = new Cluster("example", ClusterArgs.builder() * .enabledClusterLogTypes( * "api", * "audit") * .name(clusterName) - * .build()); - * - * var exampleLogGroup = new LogGroup("exampleLogGroup", LogGroupArgs.builder() - * .name(String.format("/aws/eks/%s/cluster", clusterName)) - * .retentionInDays(7) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleLogGroup) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/eks/FargateProfile.java b/sdk/java/src/main/java/com/pulumi/aws/eks/FargateProfile.java index eb456719cd1..6201e1bf00b 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/eks/FargateProfile.java +++ b/sdk/java/src/main/java/com/pulumi/aws/eks/FargateProfile.java @@ -91,14 +91,14 @@ * .name("eks-fargate-profile-example") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "eks-fargate-pods.amazonaws.com") + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "eks-fargate-pods.amazonaws.com") * )) * ))), - * jsonProperty("version", "2012-10-17") + * jsonProperty("Version", "2012-10-17") * ))) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/aws/eks/NodeGroup.java b/sdk/java/src/main/java/com/pulumi/aws/eks/NodeGroup.java index b2b8deca05b..f3d56316440 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/eks/NodeGroup.java +++ b/sdk/java/src/main/java/com/pulumi/aws/eks/NodeGroup.java @@ -40,6 +40,7 @@ * import com.pulumi.aws.eks.NodeGroupArgs; * import com.pulumi.aws.eks.inputs.NodeGroupScalingConfigArgs; * import com.pulumi.aws.eks.inputs.NodeGroupUpdateConfigArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -66,7 +67,12 @@ * .updateConfig(NodeGroupUpdateConfigArgs.builder() * .maxUnavailable(1) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * example_AmazonEKSWorkerNodePolicy, + * example_AmazonEKSCNIPolicy, + * example_AmazonEC2ContainerRegistryReadOnly) + * .build()); * * } * } @@ -142,14 +148,14 @@ * .name("eks-node-group-example") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "ec2.amazonaws.com") + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "ec2.amazonaws.com") * )) * ))), - * jsonProperty("version", "2012-10-17") + * jsonProperty("Version", "2012-10-17") * ))) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/aws/elasticsearch/Domain.java b/sdk/java/src/main/java/com/pulumi/aws/elasticsearch/Domain.java index a3c703c1621..d8cbc5156d2 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/elasticsearch/Domain.java +++ b/sdk/java/src/main/java/com/pulumi/aws/elasticsearch/Domain.java @@ -222,6 +222,7 @@ * import com.pulumi.aws.elasticsearch.DomainArgs; * import com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs; * import com.pulumi.aws.elasticsearch.inputs.DomainVpcOptionsArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -298,7 +299,9 @@ * } * ", current.applyValue(getRegionResult -> getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()),domain)) * .tags(Map.of("Domain", "TestDomain")) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(esServiceLinkedRole) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/finspace/KxUser.java b/sdk/java/src/main/java/com/pulumi/aws/finspace/KxUser.java index aad580dae4f..36e6a0d7552 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/finspace/KxUser.java +++ b/sdk/java/src/main/java/com/pulumi/aws/finspace/KxUser.java @@ -65,13 +65,13 @@ * .name("example-role") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "ec2.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "ec2.amazonaws.com") * )) * ))) * ))) diff --git a/sdk/java/src/main/java/com/pulumi/aws/gamelift/GameServerGroup.java b/sdk/java/src/main/java/com/pulumi/aws/gamelift/GameServerGroup.java index be301c4b1a3..23715aaab83 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/gamelift/GameServerGroup.java +++ b/sdk/java/src/main/java/com/pulumi/aws/gamelift/GameServerGroup.java @@ -36,6 +36,7 @@ * import com.pulumi.aws.gamelift.GameServerGroupArgs; * import com.pulumi.aws.gamelift.inputs.GameServerGroupInstanceDefinitionArgs; * import com.pulumi.aws.gamelift.inputs.GameServerGroupLaunchTemplateArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -64,7 +65,9 @@ * .maxSize(1) * .minSize(1) * .roleArn(exampleAwsIamRole.arn()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsIamRolePolicyAttachment) + * .build()); * * } * } @@ -86,6 +89,7 @@ * import com.pulumi.aws.gamelift.inputs.GameServerGroupAutoScalingPolicyTargetTrackingConfigurationArgs; * import com.pulumi.aws.gamelift.inputs.GameServerGroupInstanceDefinitionArgs; * import com.pulumi.aws.gamelift.inputs.GameServerGroupLaunchTemplateArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -129,7 +133,9 @@ * .vpcSubnets( * "subnet-12345678", * "subnet-23456789") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsIamRolePolicyAttachment) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/glue/Crawler.java b/sdk/java/src/main/java/com/pulumi/aws/glue/Crawler.java index a10e12942c4..7ab5a1cdd1a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/glue/Crawler.java +++ b/sdk/java/src/main/java/com/pulumi/aws/glue/Crawler.java @@ -277,15 +277,15 @@ * .tags(tags) * .configuration(serializeJson( * jsonObject( - * jsonProperty("grouping", jsonObject( - * jsonProperty("tableGroupingPolicy", "CombineCompatibleSchemas") + * jsonProperty("Grouping", jsonObject( + * jsonProperty("TableGroupingPolicy", "CombineCompatibleSchemas") * )), - * jsonProperty("crawlerOutput", jsonObject( - * jsonProperty("partitions", jsonObject( - * jsonProperty("addOrUpdateBehavior", "InheritFromTable") + * jsonProperty("CrawlerOutput", jsonObject( + * jsonProperty("Partitions", jsonObject( + * jsonProperty("AddOrUpdateBehavior", "InheritFromTable") * )) * )), - * jsonProperty("version", 1) + * jsonProperty("Version", 1) * ))) * .s3Targets(CrawlerS3TargetArgs.builder() * .path(String.format("s3://%s", dataLakeBucket.bucket())) diff --git a/sdk/java/src/main/java/com/pulumi/aws/glue/MLTransform.java b/sdk/java/src/main/java/com/pulumi/aws/glue/MLTransform.java index f6a7d6a01b6..e1da816c25d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/glue/MLTransform.java +++ b/sdk/java/src/main/java/com/pulumi/aws/glue/MLTransform.java @@ -46,6 +46,7 @@ * import com.pulumi.aws.glue.inputs.MLTransformInputRecordTableArgs; * import com.pulumi.aws.glue.inputs.MLTransformParametersArgs; * import com.pulumi.aws.glue.inputs.MLTransformParametersFindMatchesParametersArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -133,7 +134,9 @@ * .primaryKeyColumnName("my_column_1") * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(testAwsIamRolePolicyAttachment) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/grafana/LicenseAssociation.java b/sdk/java/src/main/java/com/pulumi/aws/grafana/LicenseAssociation.java index 73fb228c10b..83715310b12 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/grafana/LicenseAssociation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/grafana/LicenseAssociation.java @@ -51,13 +51,13 @@ * .name("grafana-assume") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "grafana.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "grafana.amazonaws.com") * )) * ))) * ))) diff --git a/sdk/java/src/main/java/com/pulumi/aws/grafana/RoleAssociation.java b/sdk/java/src/main/java/com/pulumi/aws/grafana/RoleAssociation.java index 078cb002d86..b289c29bc76 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/grafana/RoleAssociation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/grafana/RoleAssociation.java @@ -53,13 +53,13 @@ * .name("grafana-assume") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "grafana.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "grafana.amazonaws.com") * )) * ))) * ))) diff --git a/sdk/java/src/main/java/com/pulumi/aws/grafana/Workspace.java b/sdk/java/src/main/java/com/pulumi/aws/grafana/Workspace.java index eed8a935dd3..3df9be840a4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/grafana/Workspace.java +++ b/sdk/java/src/main/java/com/pulumi/aws/grafana/Workspace.java @@ -54,13 +54,13 @@ * .name("grafana-assume") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "grafana.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "grafana.amazonaws.com") * )) * ))) * ))) diff --git a/sdk/java/src/main/java/com/pulumi/aws/grafana/WorkspaceSamlConfiguration.java b/sdk/java/src/main/java/com/pulumi/aws/grafana/WorkspaceSamlConfiguration.java index 5a674cd9769..93910b30d5e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/grafana/WorkspaceSamlConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/aws/grafana/WorkspaceSamlConfiguration.java @@ -54,13 +54,13 @@ * .name("grafana-assume") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "grafana.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "grafana.amazonaws.com") * )) * ))) * ))) diff --git a/sdk/java/src/main/java/com/pulumi/aws/guardduty/InviteAccepter.java b/sdk/java/src/main/java/com/pulumi/aws/guardduty/InviteAccepter.java index d1921585ccc..2fcf75e57d7 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/guardduty/InviteAccepter.java +++ b/sdk/java/src/main/java/com/pulumi/aws/guardduty/InviteAccepter.java @@ -26,10 +26,11 @@ * import com.pulumi.Pulumi; * import com.pulumi.core.Output; * import com.pulumi.aws.guardduty.Detector; - * import com.pulumi.aws.guardduty.InviteAccepter; - * import com.pulumi.aws.guardduty.InviteAccepterArgs; * import com.pulumi.aws.guardduty.Member; * import com.pulumi.aws.guardduty.MemberArgs; + * import com.pulumi.aws.guardduty.InviteAccepter; + * import com.pulumi.aws.guardduty.InviteAccepterArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -47,11 +48,6 @@ * * var memberDetector = new Detector("memberDetector"); * - * var member = new InviteAccepter("member", InviteAccepterArgs.builder() - * .detectorId(memberDetector.id()) - * .masterAccountId(primary.accountId()) - * .build()); - * * var memberMember = new Member("memberMember", MemberArgs.builder() * .accountId(memberDetector.accountId()) * .detectorId(primary.id()) @@ -59,6 +55,13 @@ * .invite(true) * .build()); * + * var member = new InviteAccepter("member", InviteAccepterArgs.builder() + * .detectorId(memberDetector.id()) + * .masterAccountId(primary.accountId()) + * .build(), CustomResourceOptions.builder() + * .dependsOn(memberMember) + * .build()); + * * } * } * ``` diff --git a/sdk/java/src/main/java/com/pulumi/aws/guardduty/OrganizationAdminAccount.java b/sdk/java/src/main/java/com/pulumi/aws/guardduty/OrganizationAdminAccount.java index 43e0f67c53e..4ac5ab8010a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/guardduty/OrganizationAdminAccount.java +++ b/sdk/java/src/main/java/com/pulumi/aws/guardduty/OrganizationAdminAccount.java @@ -30,6 +30,7 @@ * import com.pulumi.aws.guardduty.Detector; * import com.pulumi.aws.guardduty.OrganizationAdminAccount; * import com.pulumi.aws.guardduty.OrganizationAdminAccountArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -52,7 +53,9 @@ * * var exampleOrganizationAdminAccount = new OrganizationAdminAccount("exampleOrganizationAdminAccount", OrganizationAdminAccountArgs.builder() * .adminAccountId("123456789012") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/guardduty/PublishingDestination.java b/sdk/java/src/main/java/com/pulumi/aws/guardduty/PublishingDestination.java index bd071a64d1f..387bfb307e4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/guardduty/PublishingDestination.java +++ b/sdk/java/src/main/java/com/pulumi/aws/guardduty/PublishingDestination.java @@ -43,6 +43,7 @@ * import com.pulumi.aws.kms.KeyArgs; * import com.pulumi.aws.guardduty.PublishingDestination; * import com.pulumi.aws.guardduty.PublishingDestinationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -133,7 +134,9 @@ * .detectorId(testGd.id()) * .destinationArn(gdBucket.arn()) * .kmsKeyArn(gdKey.arn()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(gdBucketPolicy) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/iam/GroupPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/iam/GroupPolicy.java index 00c76125b79..2b6a5d48b7c 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/iam/GroupPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/iam/GroupPolicy.java @@ -55,11 +55,11 @@ * .group(myDevelopers.name()) * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray("ec2:Describe*")), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", "*") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray("ec2:Describe*")), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", "*") * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/iam/IamFunctions.java b/sdk/java/src/main/java/com/pulumi/aws/iam/IamFunctions.java index 20349870d31..1472161f36a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/iam/IamFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/aws/iam/IamFunctions.java @@ -4892,6 +4892,7 @@ public static CompletableFuture getPolicyDocumentPlain( * import com.pulumi.core.Output; * import com.pulumi.aws.s3.BucketObject; * import com.pulumi.aws.s3.BucketObjectArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -4907,7 +4908,9 @@ public static CompletableFuture getPolicyDocumentPlain( * public static void stack(Context ctx) { * var example = new BucketObject("example", BucketObjectArgs.builder() * .bucket("my-test-bucket") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(s3ObjectAccess) + * .build()); * * } * } @@ -4966,11 +4969,11 @@ public static CompletableFuture getPolicyDocumentPlain( * .user(example.name()) * .policy(exampleBucketV2.arn().applyValue(arn -> serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "s3:GetObject"), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", arn) + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "s3:GetObject"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", arn) * ))) * )))) * .build()); @@ -4982,14 +4985,14 @@ public static CompletableFuture getPolicyDocumentPlain( * var exampleBucketV2Arn1 = values.t2; * return serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "s3:*"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "s3:*"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())) * )), - * jsonProperty("resource", jsonArray( + * jsonProperty("Resource", jsonArray( * exampleBucketV2Arn, * String.format("%s/*", exampleBucketV2Arn1) * )) @@ -5081,6 +5084,7 @@ public static Output getPrincipalPolic * import com.pulumi.core.Output; * import com.pulumi.aws.s3.BucketObject; * import com.pulumi.aws.s3.BucketObjectArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -5096,7 +5100,9 @@ public static Output getPrincipalPolic * public static void stack(Context ctx) { * var example = new BucketObject("example", BucketObjectArgs.builder() * .bucket("my-test-bucket") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(s3ObjectAccess) + * .build()); * * } * } @@ -5155,11 +5161,11 @@ public static Output getPrincipalPolic * .user(example.name()) * .policy(exampleBucketV2.arn().applyValue(arn -> serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "s3:GetObject"), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", arn) + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "s3:GetObject"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", arn) * ))) * )))) * .build()); @@ -5171,14 +5177,14 @@ public static Output getPrincipalPolic * var exampleBucketV2Arn1 = values.t2; * return serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "s3:*"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "s3:*"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())) * )), - * jsonProperty("resource", jsonArray( + * jsonProperty("Resource", jsonArray( * exampleBucketV2Arn, * String.format("%s/*", exampleBucketV2Arn1) * )) @@ -5270,6 +5276,7 @@ public static CompletableFuture getPri * import com.pulumi.core.Output; * import com.pulumi.aws.s3.BucketObject; * import com.pulumi.aws.s3.BucketObjectArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -5285,7 +5292,9 @@ public static CompletableFuture getPri * public static void stack(Context ctx) { * var example = new BucketObject("example", BucketObjectArgs.builder() * .bucket("my-test-bucket") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(s3ObjectAccess) + * .build()); * * } * } @@ -5344,11 +5353,11 @@ public static CompletableFuture getPri * .user(example.name()) * .policy(exampleBucketV2.arn().applyValue(arn -> serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "s3:GetObject"), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", arn) + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "s3:GetObject"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", arn) * ))) * )))) * .build()); @@ -5360,14 +5369,14 @@ public static CompletableFuture getPri * var exampleBucketV2Arn1 = values.t2; * return serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "s3:*"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "s3:*"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())) * )), - * jsonProperty("resource", jsonArray( + * jsonProperty("Resource", jsonArray( * exampleBucketV2Arn, * String.format("%s/*", exampleBucketV2Arn1) * )) @@ -5459,6 +5468,7 @@ public static Output getPrincipalPolic * import com.pulumi.core.Output; * import com.pulumi.aws.s3.BucketObject; * import com.pulumi.aws.s3.BucketObjectArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -5474,7 +5484,9 @@ public static Output getPrincipalPolic * public static void stack(Context ctx) { * var example = new BucketObject("example", BucketObjectArgs.builder() * .bucket("my-test-bucket") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(s3ObjectAccess) + * .build()); * * } * } @@ -5533,11 +5545,11 @@ public static Output getPrincipalPolic * .user(example.name()) * .policy(exampleBucketV2.arn().applyValue(arn -> serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "s3:GetObject"), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", arn) + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "s3:GetObject"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", arn) * ))) * )))) * .build()); @@ -5549,14 +5561,14 @@ public static Output getPrincipalPolic * var exampleBucketV2Arn1 = values.t2; * return serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "s3:*"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "s3:*"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())) * )), - * jsonProperty("resource", jsonArray( + * jsonProperty("Resource", jsonArray( * exampleBucketV2Arn, * String.format("%s/*", exampleBucketV2Arn1) * )) diff --git a/sdk/java/src/main/java/com/pulumi/aws/iam/Policy.java b/sdk/java/src/main/java/com/pulumi/aws/iam/Policy.java index 6b5cf15a6bd..dd90441b083 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/iam/Policy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/iam/Policy.java @@ -51,11 +51,11 @@ * .description("My test policy") * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray("ec2:Describe*")), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", "*") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray("ec2:Describe*")), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", "*") * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/iam/Role.java b/sdk/java/src/main/java/com/pulumi/aws/iam/Role.java index e5c92a79fa8..b6955e5a5d5 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/iam/Role.java +++ b/sdk/java/src/main/java/com/pulumi/aws/iam/Role.java @@ -59,13 +59,13 @@ * .name("test_role") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "ec2.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "ec2.amazonaws.com") * )) * ))) * ))) @@ -169,11 +169,11 @@ * .name("my_inline_policy") * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray("ec2:Describe*")), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", "*") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray("ec2:Describe*")), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", "*") * ))) * ))) * .build(), @@ -259,11 +259,11 @@ * .name("policy-618033") * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray("ec2:Describe*")), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", "*") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray("ec2:Describe*")), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", "*") * ))) * ))) * .build()); @@ -272,15 +272,15 @@ * .name("policy-381966") * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray( * "s3:ListAllMyBuckets", * "s3:ListBucket", * "s3:HeadBucket" * )), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", "*") + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", "*") * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/iam/RolePolicy.java b/sdk/java/src/main/java/com/pulumi/aws/iam/RolePolicy.java index 6eadd2a3238..51f014f64ea 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/iam/RolePolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/iam/RolePolicy.java @@ -51,13 +51,13 @@ * .name("test_role") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "ec2.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "ec2.amazonaws.com") * )) * ))) * ))) @@ -68,11 +68,11 @@ * .role(testRole.id()) * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray("ec2:Describe*")), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", "*") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray("ec2:Describe*")), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", "*") * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/iam/UserPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/iam/UserPolicy.java index 110473ad3b5..2af87e0c9f8 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/iam/UserPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/iam/UserPolicy.java @@ -57,11 +57,11 @@ * .user(lb.name()) * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray("ec2:Describe*")), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", "*") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray("ec2:Describe*")), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", "*") * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/iot/Policy.java b/sdk/java/src/main/java/com/pulumi/aws/iot/Policy.java index 9c19835be00..83b5e8c73ff 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/iot/Policy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/iot/Policy.java @@ -49,11 +49,11 @@ * .name("PubSubToAnyTopic") * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray("iot:*")), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", "*") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray("iot:*")), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", "*") * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/iot/ProvisioningTemplate.java b/sdk/java/src/main/java/com/pulumi/aws/iot/ProvisioningTemplate.java index 7d6fbdd5b10..0c63d3ad6d4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/iot/ProvisioningTemplate.java +++ b/sdk/java/src/main/java/com/pulumi/aws/iot/ProvisioningTemplate.java @@ -94,26 +94,26 @@ * .enabled(true) * .templateBody(devicePolicyPolicy.name().applyValue(name -> serializeJson( * jsonObject( - * jsonProperty("parameters", jsonObject( - * jsonProperty("serialNumber", jsonObject( - * jsonProperty("type", "String") + * jsonProperty("Parameters", jsonObject( + * jsonProperty("SerialNumber", jsonObject( + * jsonProperty("Type", "String") * )) * )), - * jsonProperty("resources", jsonObject( + * jsonProperty("Resources", jsonObject( * jsonProperty("certificate", jsonObject( - * jsonProperty("properties", jsonObject( - * jsonProperty("certificateId", jsonObject( - * jsonProperty("ref", "AWS::IoT::Certificate::Id") + * jsonProperty("Properties", jsonObject( + * jsonProperty("CertificateId", jsonObject( + * jsonProperty("Ref", "AWS::IoT::Certificate::Id") * )), - * jsonProperty("status", "Active") + * jsonProperty("Status", "Active") * )), - * jsonProperty("type", "AWS::IoT::Certificate") + * jsonProperty("Type", "AWS::IoT::Certificate") * )), * jsonProperty("policy", jsonObject( - * jsonProperty("properties", jsonObject( - * jsonProperty("policyName", name) + * jsonProperty("Properties", jsonObject( + * jsonProperty("PolicyName", name) * )), - * jsonProperty("type", "AWS::IoT::Policy") + * jsonProperty("Type", "AWS::IoT::Policy") * )) * )) * )))) diff --git a/sdk/java/src/main/java/com/pulumi/aws/kendra/DataSource.java b/sdk/java/src/main/java/com/pulumi/aws/kendra/DataSource.java index 9c49c69fb9d..4acacefc503 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/kendra/DataSource.java +++ b/sdk/java/src/main/java/com/pulumi/aws/kendra/DataSource.java @@ -369,6 +369,7 @@ * import com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationAuthenticationConfigurationArgs; * import com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs; * import com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -403,7 +404,9 @@ * .build()) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsSecretsmanagerSecretVersion) + * .build()); * * } * } @@ -576,6 +579,7 @@ * import com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationProxyConfigurationArgs; * import com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsArgs; * import com.pulumi.aws.kendra.inputs.DataSourceConfigurationWebCrawlerConfigurationUrlsSeedUrlConfigurationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -608,7 +612,9 @@ * .build()) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsSecretsmanagerSecretVersion) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/kinesis/FirehoseDeliveryStream.java b/sdk/java/src/main/java/com/pulumi/aws/kinesis/FirehoseDeliveryStream.java index ebb21487132..b89747d05df 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/kinesis/FirehoseDeliveryStream.java +++ b/sdk/java/src/main/java/com/pulumi/aws/kinesis/FirehoseDeliveryStream.java @@ -446,6 +446,7 @@ * import com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationArgs; * import com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationS3ConfigurationArgs; * import com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamElasticsearchConfigurationVpcConfigArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -528,7 +529,9 @@ * .roleArn(firehose.arn()) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(firehose_elasticsearchRolePolicy) + * .build()); * * } * } @@ -621,6 +624,7 @@ * import com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationArgs; * import com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationS3ConfigurationArgs; * import com.pulumi.aws.kinesis.inputs.FirehoseDeliveryStreamOpensearchConfigurationVpcConfigArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -714,7 +718,9 @@ * .roleArn(firehose.arn()) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(firehose_opensearch) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/kms/KeyPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/kms/KeyPolicy.java index 385e0b95cd7..297e9a5e5a6 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/kms/KeyPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/kms/KeyPolicy.java @@ -53,17 +53,17 @@ * .keyId(example.id()) * .policy(serializeJson( * jsonObject( - * jsonProperty("id", "example"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "kms:*"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Id", "example"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "kms:*"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", "*") * )), - * jsonProperty("resource", "*"), - * jsonProperty("sid", "Enable IAM User Permissions") + * jsonProperty("Resource", "*"), + * jsonProperty("Sid", "Enable IAM User Permissions") * ))), - * jsonProperty("version", "2012-10-17") + * jsonProperty("Version", "2012-10-17") * ))) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/aws/lambda/EventSourceMapping.java b/sdk/java/src/main/java/com/pulumi/aws/lambda/EventSourceMapping.java index fa41bf6cab9..fffad9da3c1 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/lambda/EventSourceMapping.java +++ b/sdk/java/src/main/java/com/pulumi/aws/lambda/EventSourceMapping.java @@ -260,7 +260,7 @@ * .pattern(serializeJson( * jsonObject( * jsonProperty("body", jsonObject( - * jsonProperty("temperature", jsonArray(jsonObject( + * jsonProperty("Temperature", jsonArray(jsonObject( * jsonProperty("numeric", jsonArray( * ">", * 0, @@ -268,7 +268,7 @@ * 100 * )) * ))), - * jsonProperty("location", jsonArray("New York")) + * jsonProperty("Location", jsonArray("New York")) * )) * ))) * .build()) diff --git a/sdk/java/src/main/java/com/pulumi/aws/lambda/Function.java b/sdk/java/src/main/java/com/pulumi/aws/lambda/Function.java index 79549cecdb4..c5fdf88d42f 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/lambda/Function.java +++ b/sdk/java/src/main/java/com/pulumi/aws/lambda/Function.java @@ -225,6 +225,8 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.efs.FileSystem; * import com.pulumi.aws.efs.FileSystemArgs; + * import com.pulumi.aws.efs.MountTarget; + * import com.pulumi.aws.efs.MountTargetArgs; * import com.pulumi.aws.efs.AccessPoint; * import com.pulumi.aws.efs.AccessPointArgs; * import com.pulumi.aws.efs.inputs.AccessPointRootDirectoryArgs; @@ -234,8 +236,7 @@ * import com.pulumi.aws.lambda.FunctionArgs; * import com.pulumi.aws.lambda.inputs.FunctionFileSystemConfigArgs; * import com.pulumi.aws.lambda.inputs.FunctionVpcConfigArgs; - * import com.pulumi.aws.efs.MountTarget; - * import com.pulumi.aws.efs.MountTargetArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -254,6 +255,13 @@ * .tags(Map.of("Name", "efs_for_lambda")) * .build()); * + * // Mount target connects the file system to the subnet + * var alpha = new MountTarget("alpha", MountTargetArgs.builder() + * .fileSystemId(efsForLambda.id()) + * .subnetId(subnetForLambda.id()) + * .securityGroups(sgForLambda.id()) + * .build()); + * * // EFS access point used by lambda file system * var accessPointForLambda = new AccessPoint("accessPointForLambda", AccessPointArgs.builder() * .fileSystemId(efsForLambda.id()) @@ -281,14 +289,9 @@ * .subnetIds(subnetForLambda.id()) * .securityGroupIds(sgForLambda.id()) * .build()) - * .build()); - * - * // Mount target connects the file system to the subnet - * var alpha = new MountTarget("alpha", MountTargetArgs.builder() - * .fileSystemId(efsForLambda.id()) - * .subnetId(subnetForLambda.id()) - * .securityGroups(sgForLambda.id()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(alpha) + * .build()); * * } * } @@ -310,9 +313,6 @@ * import com.pulumi.Context; * import com.pulumi.Pulumi; * import com.pulumi.core.Output; - * import com.pulumi.aws.lambda.Function; - * import com.pulumi.aws.lambda.FunctionArgs; - * import com.pulumi.aws.lambda.inputs.FunctionLoggingConfigArgs; * import com.pulumi.aws.cloudwatch.LogGroup; * import com.pulumi.aws.cloudwatch.LogGroupArgs; * import com.pulumi.aws.iam.IamFunctions; @@ -321,6 +321,10 @@ * import com.pulumi.aws.iam.PolicyArgs; * import com.pulumi.aws.iam.RolePolicyAttachment; * import com.pulumi.aws.iam.RolePolicyAttachmentArgs; + * import com.pulumi.aws.lambda.Function; + * import com.pulumi.aws.lambda.FunctionArgs; + * import com.pulumi.aws.lambda.inputs.FunctionLoggingConfigArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -336,13 +340,6 @@ * public static void stack(Context ctx) { * final var config = ctx.config(); * final var lambdaFunctionName = config.get("lambdaFunctionName").orElse("lambda_function_name"); - * var testLambda = new Function("testLambda", FunctionArgs.builder() - * .name(lambdaFunctionName) - * .loggingConfig(FunctionLoggingConfigArgs.builder() - * .logFormat("Text") - * .build()) - * .build()); - * * // This is to optionally manage the CloudWatch Log Group for the Lambda Function. * // If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below. * var example = new LogGroup("example", LogGroupArgs.builder() @@ -374,6 +371,17 @@ * .policyArn(lambdaLoggingPolicy.arn()) * .build()); * + * var testLambda = new Function("testLambda", FunctionArgs.builder() + * .name(lambdaFunctionName) + * .loggingConfig(FunctionLoggingConfigArgs.builder() + * .logFormat("Text") + * .build()) + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * lambdaLogs, + * example) + * .build()); + * * } * } * ``` diff --git a/sdk/java/src/main/java/com/pulumi/aws/lambda/Permission.java b/sdk/java/src/main/java/com/pulumi/aws/lambda/Permission.java index 5e8378ef1c2..9bc9397965f 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/lambda/Permission.java +++ b/sdk/java/src/main/java/com/pulumi/aws/lambda/Permission.java @@ -55,13 +55,13 @@ * .name("iam_for_lambda") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "lambda.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "lambda.amazonaws.com") * )) * ))) * ))) @@ -138,13 +138,13 @@ * .name("iam_for_lambda_with_sns") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "lambda.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "lambda.amazonaws.com") * )) * ))) * ))) @@ -242,6 +242,7 @@ * import com.pulumi.aws.lambda.PermissionArgs; * import com.pulumi.aws.cloudwatch.LogSubscriptionFilter; * import com.pulumi.aws.cloudwatch.LogSubscriptionFilterArgs; + * import com.pulumi.resources.CustomResourceOptions; * import com.pulumi.asset.FileArchive; * import java.util.List; * import java.util.ArrayList; @@ -296,7 +297,9 @@ * .filterPattern("") * .logGroup(default_.name()) * .name("logging_default") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(logging) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/lb/TargetGroupAttachment.java b/sdk/java/src/main/java/com/pulumi/aws/lb/TargetGroupAttachment.java index 09543968c28..3278f1682c0 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/lb/TargetGroupAttachment.java +++ b/sdk/java/src/main/java/com/pulumi/aws/lb/TargetGroupAttachment.java @@ -81,6 +81,7 @@ * import com.pulumi.aws.lambda.PermissionArgs; * import com.pulumi.aws.lb.TargetGroupAttachment; * import com.pulumi.aws.lb.TargetGroupAttachmentArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -112,7 +113,9 @@ * var testTargetGroupAttachment = new TargetGroupAttachment("testTargetGroupAttachment", TargetGroupAttachmentArgs.builder() * .targetGroupArn(test.arn()) * .targetId(testFunction.arn()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(withLb) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/lightsail/Distribution.java b/sdk/java/src/main/java/com/pulumi/aws/lightsail/Distribution.java index 1236b68abbb..642c0e18a23 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/lightsail/Distribution.java +++ b/sdk/java/src/main/java/com/pulumi/aws/lightsail/Distribution.java @@ -122,6 +122,7 @@ * import com.pulumi.aws.lightsail.DistributionArgs; * import com.pulumi.aws.lightsail.inputs.DistributionOriginArgs; * import com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -169,7 +170,9 @@ * .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder() * .behavior("cache") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(test) + * .build()); * * } * } @@ -199,6 +202,7 @@ * import com.pulumi.aws.lightsail.DistributionArgs; * import com.pulumi.aws.lightsail.inputs.DistributionOriginArgs; * import com.pulumi.aws.lightsail.inputs.DistributionDefaultCacheBehaviorArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -249,7 +253,9 @@ * .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder() * .behavior("cache") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(testLbAttachment) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/macie/CustomDataIdentifier.java b/sdk/java/src/main/java/com/pulumi/aws/macie/CustomDataIdentifier.java index 046b43334ce..925e485aa4e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/macie/CustomDataIdentifier.java +++ b/sdk/java/src/main/java/com/pulumi/aws/macie/CustomDataIdentifier.java @@ -32,6 +32,7 @@ * import com.pulumi.aws.macie2.Account; * import com.pulumi.aws.macie.CustomDataIdentifier; * import com.pulumi.aws.macie.CustomDataIdentifierArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -54,7 +55,9 @@ * .maximumMatchDistance(10) * .keywords("keyword") * .ignoreWords("ignore") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(test) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/macie/FindingsFilter.java b/sdk/java/src/main/java/com/pulumi/aws/macie/FindingsFilter.java index 9584a2ef19f..98cc43d4022 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/macie/FindingsFilter.java +++ b/sdk/java/src/main/java/com/pulumi/aws/macie/FindingsFilter.java @@ -33,6 +33,7 @@ * import com.pulumi.aws.macie.FindingsFilter; * import com.pulumi.aws.macie.FindingsFilterArgs; * import com.pulumi.aws.macie.inputs.FindingsFilterFindingCriteriaArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -59,7 +60,9 @@ * .eqs(current.name()) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(testAwsMacie2Account) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/macie2/ClassificationExportConfiguration.java b/sdk/java/src/main/java/com/pulumi/aws/macie2/ClassificationExportConfiguration.java index d87ac48a502..ba0bde80472 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/macie2/ClassificationExportConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/aws/macie2/ClassificationExportConfiguration.java @@ -30,6 +30,7 @@ * import com.pulumi.aws.macie2.ClassificationExportConfiguration; * import com.pulumi.aws.macie2.ClassificationExportConfigurationArgs; * import com.pulumi.aws.macie2.inputs.ClassificationExportConfigurationS3DestinationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -51,7 +52,9 @@ * .keyPrefix("exampleprefix/") * .kmsKeyArn(exampleAwsKmsKey.arn()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/macie2/ClassificationJob.java b/sdk/java/src/main/java/com/pulumi/aws/macie2/ClassificationJob.java index b0ca2afaa59..121c56c748a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/macie2/ClassificationJob.java +++ b/sdk/java/src/main/java/com/pulumi/aws/macie2/ClassificationJob.java @@ -37,6 +37,7 @@ * import com.pulumi.aws.macie2.ClassificationJob; * import com.pulumi.aws.macie2.ClassificationJobArgs; * import com.pulumi.aws.macie2.inputs.ClassificationJobS3JobDefinitionArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -61,7 +62,9 @@ * .buckets("S3 BUCKET NAME") * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(test) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/macie2/InvitationAccepter.java b/sdk/java/src/main/java/com/pulumi/aws/macie2/InvitationAccepter.java index dd5a2a2f0a0..2aa9852ebdd 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/macie2/InvitationAccepter.java +++ b/sdk/java/src/main/java/com/pulumi/aws/macie2/InvitationAccepter.java @@ -30,6 +30,7 @@ * import com.pulumi.aws.macie2.MemberArgs; * import com.pulumi.aws.macie2.InvitationAccepter; * import com.pulumi.aws.macie2.InvitationAccepterArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -52,11 +53,15 @@ * .email("EMAIL") * .invite(true) * .invitationMessage("Message of the invite") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(primary) + * .build()); * * var memberInvitationAccepter = new InvitationAccepter("memberInvitationAccepter", InvitationAccepterArgs.builder() * .administratorAccountId("ADMINISTRATOR ACCOUNT ID") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(primaryMember) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/macie2/Member.java b/sdk/java/src/main/java/com/pulumi/aws/macie2/Member.java index 7bdcc0708cc..f3cfa64e730 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/macie2/Member.java +++ b/sdk/java/src/main/java/com/pulumi/aws/macie2/Member.java @@ -31,6 +31,7 @@ * import com.pulumi.aws.macie2.Account; * import com.pulumi.aws.macie2.Member; * import com.pulumi.aws.macie2.MemberArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -52,7 +53,9 @@ * .invite(true) * .invitationMessage("Message of the invitation") * .invitationDisableEmailNotification(true) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/macie2/OrganizationAdminAccount.java b/sdk/java/src/main/java/com/pulumi/aws/macie2/OrganizationAdminAccount.java index a5863b5a744..f418180e6a4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/macie2/OrganizationAdminAccount.java +++ b/sdk/java/src/main/java/com/pulumi/aws/macie2/OrganizationAdminAccount.java @@ -28,6 +28,7 @@ * import com.pulumi.aws.macie2.Account; * import com.pulumi.aws.macie2.OrganizationAdminAccount; * import com.pulumi.aws.macie2.OrganizationAdminAccountArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -45,7 +46,9 @@ * * var exampleOrganizationAdminAccount = new OrganizationAdminAccount("exampleOrganizationAdminAccount", OrganizationAdminAccountArgs.builder() * .adminAccountId("ID OF THE ADMIN ACCOUNT") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/msk/ClusterPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/msk/ClusterPolicy.java index 928595c49fd..77ad4c27c4b 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/msk/ClusterPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/msk/ClusterPolicy.java @@ -54,20 +54,20 @@ * .clusterArn(exampleAwsMskCluster.arn()) * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("sid", "ExampleMskClusterPolicy"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Sid", "ExampleMskClusterPolicy"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", String.format("arn:%s:iam::%s:root", currentGetPartition.applyValue(getPartitionResult -> getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()))) * )), - * jsonProperty("action", jsonArray( + * jsonProperty("Action", jsonArray( * "kafka:Describe*", * "kafka:Get*", * "kafka:CreateVpcConnection", * "kafka:GetBootstrapBrokers" * )), - * jsonProperty("resource", exampleAwsMskCluster.arn()) + * jsonProperty("Resource", exampleAwsMskCluster.arn()) * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/msk/ScramSecretAssociation.java b/sdk/java/src/main/java/com/pulumi/aws/msk/ScramSecretAssociation.java index 0645227afea..7007f6e35b6 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/msk/ScramSecretAssociation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/msk/ScramSecretAssociation.java @@ -44,15 +44,16 @@ * import com.pulumi.aws.kms.KeyArgs; * import com.pulumi.aws.secretsmanager.Secret; * import com.pulumi.aws.secretsmanager.SecretArgs; - * import com.pulumi.aws.msk.ScramSecretAssociation; - * import com.pulumi.aws.msk.ScramSecretAssociationArgs; * import com.pulumi.aws.secretsmanager.SecretVersion; * import com.pulumi.aws.secretsmanager.SecretVersionArgs; + * import com.pulumi.aws.msk.ScramSecretAssociation; + * import com.pulumi.aws.msk.ScramSecretAssociationArgs; * import com.pulumi.aws.iam.IamFunctions; * import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs; * import com.pulumi.aws.secretsmanager.SecretPolicy; * import com.pulumi.aws.secretsmanager.SecretPolicyArgs; * import static com.pulumi.codegen.internal.Serialization.*; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -84,11 +85,6 @@ * .kmsKeyId(exampleKey.keyId()) * .build()); * - * var exampleScramSecretAssociation = new ScramSecretAssociation("exampleScramSecretAssociation", ScramSecretAssociationArgs.builder() - * .clusterArn(exampleCluster.arn()) - * .secretArnLists(exampleSecret.arn()) - * .build()); - * * var exampleSecretVersion = new SecretVersion("exampleSecretVersion", SecretVersionArgs.builder() * .secretId(exampleSecret.id()) * .secretString(serializeJson( @@ -98,6 +94,13 @@ * ))) * .build()); * + * var exampleScramSecretAssociation = new ScramSecretAssociation("exampleScramSecretAssociation", ScramSecretAssociationArgs.builder() + * .clusterArn(exampleCluster.arn()) + * .secretArnLists(exampleSecret.arn()) + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleSecretVersion) + * .build()); + * * final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder() * .statements(GetPolicyDocumentStatementArgs.builder() * .sid("AWSKafkaResourcePolicy") diff --git a/sdk/java/src/main/java/com/pulumi/aws/neptune/GlobalCluster.java b/sdk/java/src/main/java/com/pulumi/aws/neptune/GlobalCluster.java index 19e54e0b1ae..d1359e21d37 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/neptune/GlobalCluster.java +++ b/sdk/java/src/main/java/com/pulumi/aws/neptune/GlobalCluster.java @@ -39,6 +39,7 @@ * import com.pulumi.aws.neptune.ClusterArgs; * import com.pulumi.aws.neptune.ClusterInstance; * import com.pulumi.aws.neptune.ClusterInstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -90,7 +91,9 @@ * .clusterIdentifier(secondary.id()) * .instanceClass("db.r5.large") * .neptuneSubnetGroupName("default") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(primaryClusterInstance) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/networkfirewall/ResourcePolicy.java b/sdk/java/src/main/java/com/pulumi/aws/networkfirewall/ResourcePolicy.java index 4225b967013..8d5a583b5f0 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/networkfirewall/ResourcePolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/networkfirewall/ResourcePolicy.java @@ -47,20 +47,20 @@ * .resourceArn(exampleAwsNetworkfirewallFirewallPolicy.arn()) * .policy(serializeJson( * jsonObject( - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray( + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray( * "network-firewall:ListFirewallPolicies", * "network-firewall:CreateFirewall", * "network-firewall:UpdateFirewall", * "network-firewall:AssociateFirewallPolicy" * )), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", exampleAwsNetworkfirewallFirewallPolicy.arn()), - * jsonProperty("principal", jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", exampleAwsNetworkfirewallFirewallPolicy.arn()), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", "arn:aws:iam::123456789012:root") * )) * ))), - * jsonProperty("version", "2012-10-17") + * jsonProperty("Version", "2012-10-17") * ))) * .build()); * @@ -98,19 +98,19 @@ * .resourceArn(exampleAwsNetworkfirewallRuleGroup.arn()) * .policy(serializeJson( * jsonObject( - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray( + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray( * "network-firewall:ListRuleGroups", * "network-firewall:CreateFirewallPolicy", * "network-firewall:UpdateFirewallPolicy" * )), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", exampleAwsNetworkfirewallRuleGroup.arn()), - * jsonProperty("principal", jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", exampleAwsNetworkfirewallRuleGroup.arn()), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", "arn:aws:iam::123456789012:root") * )) * ))), - * jsonProperty("version", "2012-10-17") + * jsonProperty("Version", "2012-10-17") * ))) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/aws/networkmanager/ConnectAttachment.java b/sdk/java/src/main/java/com/pulumi/aws/networkmanager/ConnectAttachment.java index 6042280fcc7..455de566d02 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/networkmanager/ConnectAttachment.java +++ b/sdk/java/src/main/java/com/pulumi/aws/networkmanager/ConnectAttachment.java @@ -85,6 +85,7 @@ * import com.pulumi.aws.networkmanager.ConnectAttachment; * import com.pulumi.aws.networkmanager.ConnectAttachmentArgs; * import com.pulumi.aws.networkmanager.inputs.ConnectAttachmentOptionsArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -116,7 +117,9 @@ * .options(ConnectAttachmentOptionsArgs.builder() * .protocol("GRE") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(test) + * .build()); * * var example2 = new AttachmentAccepter("example2", AttachmentAccepterArgs.builder() * .attachmentId(exampleConnectAttachment.id()) diff --git a/sdk/java/src/main/java/com/pulumi/aws/networkmanager/ConnectPeer.java b/sdk/java/src/main/java/com/pulumi/aws/networkmanager/ConnectPeer.java index 058f3b6a35c..2558dcaa5cc 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/networkmanager/ConnectPeer.java +++ b/sdk/java/src/main/java/com/pulumi/aws/networkmanager/ConnectPeer.java @@ -101,6 +101,7 @@ * import com.pulumi.aws.networkmanager.ConnectPeer; * import com.pulumi.aws.networkmanager.ConnectPeerArgs; * import com.pulumi.aws.networkmanager.inputs.ConnectPeerBgpOptionsArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -132,7 +133,9 @@ * .options(ConnectAttachmentOptionsArgs.builder() * .protocol("GRE") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(test) + * .build()); * * var example2 = new AttachmentAccepter("example2", AttachmentAccepterArgs.builder() * .attachmentId(exampleConnectAttachment.id()) @@ -146,7 +149,9 @@ * .peerAsn(65500) * .build()) * .insideCidrBlocks("172.16.0.0/16") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example2) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/networkmanager/CustomerGatewayAssociation.java b/sdk/java/src/main/java/com/pulumi/aws/networkmanager/CustomerGatewayAssociation.java index 87d56900c53..4fb31d54c8e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/networkmanager/CustomerGatewayAssociation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/networkmanager/CustomerGatewayAssociation.java @@ -42,6 +42,7 @@ * import com.pulumi.aws.networkmanager.TransitGatewayRegistrationArgs; * import com.pulumi.aws.networkmanager.CustomerGatewayAssociation; * import com.pulumi.aws.networkmanager.CustomerGatewayAssociationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -86,13 +87,17 @@ * var exampleTransitGatewayRegistration = new TransitGatewayRegistration("exampleTransitGatewayRegistration", TransitGatewayRegistrationArgs.builder() * .globalNetworkId(example.id()) * .transitGatewayArn(exampleTransitGateway.arn()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleVpnConnection) + * .build()); * * var exampleCustomerGatewayAssociation = new CustomerGatewayAssociation("exampleCustomerGatewayAssociation", CustomerGatewayAssociationArgs.builder() * .globalNetworkId(example.id()) * .customerGatewayArn(exampleCustomerGateway.arn()) * .deviceId(exampleDevice.id()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleTransitGatewayRegistration) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/oam/SinkPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/oam/SinkPolicy.java index c805d06ba5c..82f0507a0c2 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/oam/SinkPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/oam/SinkPolicy.java @@ -53,21 +53,21 @@ * .sinkIdentifier(example.id()) * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray( * "oam:CreateLink", * "oam:UpdateLink" * )), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", "*"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", "*"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", jsonArray( * "1111111111111", * "222222222222" * )) * )), - * jsonProperty("condition", jsonObject( + * jsonProperty("Condition", jsonObject( * jsonProperty("ForAllValues:StringEquals", jsonObject( * jsonProperty("oam:ResourceTypes", jsonArray( * "AWS::CloudWatch::Metric", diff --git a/sdk/java/src/main/java/com/pulumi/aws/opensearch/Domain.java b/sdk/java/src/main/java/com/pulumi/aws/opensearch/Domain.java index f1ffddf8da6..c70d4594f41 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/opensearch/Domain.java +++ b/sdk/java/src/main/java/com/pulumi/aws/opensearch/Domain.java @@ -247,6 +247,7 @@ * import com.pulumi.aws.opensearch.DomainArgs; * import com.pulumi.aws.opensearch.inputs.DomainClusterConfigArgs; * import com.pulumi.aws.opensearch.inputs.DomainVpcOptionsArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -323,7 +324,9 @@ * .advancedOptions(Map.of("rest.action.multi.allow_explicit_index", "true")) * .accessPolicies(exampleGetPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())) * .tags(Map.of("Domain", "TestDomain")) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleServiceLinkedRole) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessAccessPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessAccessPolicy.java index 49e9972c277..77f84ad3bf0 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessAccessPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessAccessPolicy.java @@ -54,19 +54,19 @@ * .description("read and write permissions") * .policy(serializeJson( * jsonArray(jsonObject( - * jsonProperty("rules", jsonArray( + * jsonProperty("Rules", jsonArray( * jsonObject( - * jsonProperty("resourceType", "index"), - * jsonProperty("resource", jsonArray("index/example-collection/*")), - * jsonProperty("permission", jsonArray("aoss:*")) + * jsonProperty("ResourceType", "index"), + * jsonProperty("Resource", jsonArray("index/example-collection/*")), + * jsonProperty("Permission", jsonArray("aoss:*")) * ), * jsonObject( - * jsonProperty("resourceType", "collection"), - * jsonProperty("resource", jsonArray("collection/example-collection")), - * jsonProperty("permission", jsonArray("aoss:*")) + * jsonProperty("ResourceType", "collection"), + * jsonProperty("Resource", jsonArray("collection/example-collection")), + * jsonProperty("Permission", jsonArray("aoss:*")) * ) * )), - * jsonProperty("principal", jsonArray(current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.arn()))) + * jsonProperty("Principal", jsonArray(current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.arn()))) * )))) * .build()); * @@ -110,22 +110,22 @@ * .description("read-only permissions") * .policy(serializeJson( * jsonArray(jsonObject( - * jsonProperty("rules", jsonArray( + * jsonProperty("Rules", jsonArray( * jsonObject( - * jsonProperty("resourceType", "index"), - * jsonProperty("resource", jsonArray("index/example-collection/*")), - * jsonProperty("permission", jsonArray( + * jsonProperty("ResourceType", "index"), + * jsonProperty("Resource", jsonArray("index/example-collection/*")), + * jsonProperty("Permission", jsonArray( * "aoss:DescribeIndex", * "aoss:ReadDocument" * )) * ), * jsonObject( - * jsonProperty("resourceType", "collection"), - * jsonProperty("resource", jsonArray("collection/example-collection")), - * jsonProperty("permission", jsonArray("aoss:DescribeCollectionItems")) + * jsonProperty("ResourceType", "collection"), + * jsonProperty("Resource", jsonArray("collection/example-collection")), + * jsonProperty("Permission", jsonArray("aoss:DescribeCollectionItems")) * ) * )), - * jsonProperty("principal", jsonArray(current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.arn()))) + * jsonProperty("Principal", jsonArray(current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.arn()))) * )))) * .build()); * @@ -165,19 +165,19 @@ * .description("saml permissions") * .policy(serializeJson( * jsonArray(jsonObject( - * jsonProperty("rules", jsonArray( + * jsonProperty("Rules", jsonArray( * jsonObject( - * jsonProperty("resourceType", "index"), - * jsonProperty("resource", jsonArray("index/example-collection/*")), - * jsonProperty("permission", jsonArray("aoss:*")) + * jsonProperty("ResourceType", "index"), + * jsonProperty("Resource", jsonArray("index/example-collection/*")), + * jsonProperty("Permission", jsonArray("aoss:*")) * ), * jsonObject( - * jsonProperty("resourceType", "collection"), - * jsonProperty("resource", jsonArray("collection/example-collection")), - * jsonProperty("permission", jsonArray("aoss:*")) + * jsonProperty("ResourceType", "collection"), + * jsonProperty("Resource", jsonArray("collection/example-collection")), + * jsonProperty("Permission", jsonArray("aoss:*")) * ) * )), - * jsonProperty("principal", jsonArray( + * jsonProperty("Principal", jsonArray( * "saml/123456789012/myprovider/user/Annie", * "saml/123456789012/anotherprovider/group/Accounting" * )) diff --git a/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessCollection.java b/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessCollection.java index 9bbfe4ff435..cdf27e0e25f 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessCollection.java +++ b/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessCollection.java @@ -39,6 +39,7 @@ * import com.pulumi.aws.opensearch.ServerlessCollection; * import com.pulumi.aws.opensearch.ServerlessCollectionArgs; * import static com.pulumi.codegen.internal.Serialization.*; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -67,7 +68,9 @@ * * var exampleServerlessCollection = new ServerlessCollection("exampleServerlessCollection", ServerlessCollectionArgs.builder() * .name("example") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessSecurityPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessSecurityPolicy.java index 15405a94f16..f15acdd4e95 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessSecurityPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/opensearch/ServerlessSecurityPolicy.java @@ -52,11 +52,11 @@ * .description("encryption security policy for example-collection") * .policy(serializeJson( * jsonObject( - * jsonProperty("rules", jsonArray(jsonObject( - * jsonProperty("resource", jsonArray("collection/example-collection")), - * jsonProperty("resourceType", "collection") + * jsonProperty("Rules", jsonArray(jsonObject( + * jsonProperty("Resource", jsonArray("collection/example-collection")), + * jsonProperty("ResourceType", "collection") * ))), - * jsonProperty("aWSOwnedKey", true) + * jsonProperty("AWSOwnedKey", true) * ))) * .build()); * @@ -96,11 +96,11 @@ * .description("encryption security policy for collections that begin with \"example\"") * .policy(serializeJson( * jsonObject( - * jsonProperty("rules", jsonArray(jsonObject( - * jsonProperty("resource", jsonArray("collection/example*")), - * jsonProperty("resourceType", "collection") + * jsonProperty("Rules", jsonArray(jsonObject( + * jsonProperty("Resource", jsonArray("collection/example*")), + * jsonProperty("ResourceType", "collection") * ))), - * jsonProperty("aWSOwnedKey", true) + * jsonProperty("AWSOwnedKey", true) * ))) * .build()); * @@ -140,12 +140,12 @@ * .description("encryption security policy using customer KMS key") * .policy(serializeJson( * jsonObject( - * jsonProperty("rules", jsonArray(jsonObject( - * jsonProperty("resource", jsonArray("collection/customer-managed-key-collection")), - * jsonProperty("resourceType", "collection") + * jsonProperty("Rules", jsonArray(jsonObject( + * jsonProperty("Resource", jsonArray("collection/customer-managed-key-collection")), + * jsonProperty("ResourceType", "collection") * ))), - * jsonProperty("aWSOwnedKey", false), - * jsonProperty("kmsARN", "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36") + * jsonProperty("AWSOwnedKey", false), + * jsonProperty("KmsARN", "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36") * ))) * .build()); * @@ -187,18 +187,18 @@ * .description("Public access") * .policy(serializeJson( * jsonArray(jsonObject( - * jsonProperty("description", "Public access to collection and Dashboards endpoint for example collection"), - * jsonProperty("rules", jsonArray( + * jsonProperty("Description", "Public access to collection and Dashboards endpoint for example collection"), + * jsonProperty("Rules", jsonArray( * jsonObject( - * jsonProperty("resourceType", "collection"), - * jsonProperty("resource", jsonArray("collection/example-collection")) + * jsonProperty("ResourceType", "collection"), + * jsonProperty("Resource", jsonArray("collection/example-collection")) * ), * jsonObject( - * jsonProperty("resourceType", "dashboard"), - * jsonProperty("resource", jsonArray("collection/example-collection")) + * jsonProperty("ResourceType", "dashboard"), + * jsonProperty("Resource", jsonArray("collection/example-collection")) * ) * )), - * jsonProperty("allowFromPublic", true) + * jsonProperty("AllowFromPublic", true) * )))) * .build()); * @@ -238,19 +238,19 @@ * .description("VPC access") * .policy(serializeJson( * jsonArray(jsonObject( - * jsonProperty("description", "VPC access to collection and Dashboards endpoint for example collection"), - * jsonProperty("rules", jsonArray( + * jsonProperty("Description", "VPC access to collection and Dashboards endpoint for example collection"), + * jsonProperty("Rules", jsonArray( * jsonObject( - * jsonProperty("resourceType", "collection"), - * jsonProperty("resource", jsonArray("collection/example-collection")) + * jsonProperty("ResourceType", "collection"), + * jsonProperty("Resource", jsonArray("collection/example-collection")) * ), * jsonObject( - * jsonProperty("resourceType", "dashboard"), - * jsonProperty("resource", jsonArray("collection/example-collection")) + * jsonProperty("ResourceType", "dashboard"), + * jsonProperty("Resource", jsonArray("collection/example-collection")) * ) * )), - * jsonProperty("allowFromPublic", false), - * jsonProperty("sourceVPCEs", jsonArray("vpce-050f79086ee71ac05")) + * jsonProperty("AllowFromPublic", false), + * jsonProperty("SourceVPCEs", jsonArray("vpce-050f79086ee71ac05")) * )))) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/aws/opensearchingest/Pipeline.java b/sdk/java/src/main/java/com/pulumi/aws/opensearchingest/Pipeline.java index c093dfe0459..9289c86c583 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/opensearchingest/Pipeline.java +++ b/sdk/java/src/main/java/com/pulumi/aws/opensearchingest/Pipeline.java @@ -61,13 +61,13 @@ * var example = new Role("example", RoleArgs.builder() * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "osis-pipelines.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "osis-pipelines.amazonaws.com") * )) * ))) * ))) diff --git a/sdk/java/src/main/java/com/pulumi/aws/pipes/Pipe.java b/sdk/java/src/main/java/com/pulumi/aws/pipes/Pipe.java index 25cfd088b89..999a36726e4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/pipes/Pipe.java +++ b/sdk/java/src/main/java/com/pulumi/aws/pipes/Pipe.java @@ -48,6 +48,7 @@ * import com.pulumi.aws.pipes.Pipe; * import com.pulumi.aws.pipes.PipeArgs; * import static com.pulumi.codegen.internal.Serialization.*; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -66,15 +67,15 @@ * var example = new Role("example", RoleArgs.builder() * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonObject( - * jsonProperty("effect", "Allow"), - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "pipes.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "pipes.amazonaws.com") * )), - * jsonProperty("condition", jsonObject( - * jsonProperty("stringEquals", jsonObject( + * jsonProperty("Condition", jsonObject( + * jsonProperty("StringEquals", jsonObject( * jsonProperty("aws:SourceAccount", main.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())) * )) * )) @@ -88,15 +89,15 @@ * .role(example.id()) * .policy(sourceQueue.arn().applyValue(arn -> serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("effect", "Allow"), - * jsonProperty("action", jsonArray( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Action", jsonArray( * "sqs:DeleteMessage", * "sqs:GetQueueAttributes", * "sqs:ReceiveMessage" * )), - * jsonProperty("resource", jsonArray(arn)) + * jsonProperty("Resource", jsonArray(arn)) * ))) * )))) * .build()); @@ -107,11 +108,11 @@ * .role(example.id()) * .policy(targetQueue.arn().applyValue(arn -> serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("effect", "Allow"), - * jsonProperty("action", jsonArray("sqs:SendMessage")), - * jsonProperty("resource", jsonArray(arn)) + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Action", jsonArray("sqs:SendMessage")), + * jsonProperty("Resource", jsonArray(arn)) * ))) * )))) * .build()); @@ -121,7 +122,11 @@ * .roleArn(example.arn()) * .source(sourceQueue.arn()) * .target(targetQueue.arn()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * source, + * target) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/quicksight/VpcConnection.java b/sdk/java/src/main/java/com/pulumi/aws/quicksight/VpcConnection.java index 13d1e462c65..68bcaf5575e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/quicksight/VpcConnection.java +++ b/sdk/java/src/main/java/com/pulumi/aws/quicksight/VpcConnection.java @@ -53,12 +53,12 @@ * var vpcConnectionRole = new Role("vpcConnectionRole", RoleArgs.builder() * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("effect", "Allow"), - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "quicksight.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "quicksight.amazonaws.com") * )) * ))) * ))) @@ -66,17 +66,17 @@ * .name("QuickSightVPCConnectionRolePolicy") * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("effect", "Allow"), - * jsonProperty("action", jsonArray( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Action", jsonArray( * "ec2:CreateNetworkInterface", * "ec2:ModifyNetworkInterfaceAttribute", * "ec2:DeleteNetworkInterface", * "ec2:DescribeSubnets", * "ec2:DescribeSecurityGroups" * )), - * jsonProperty("resource", jsonArray("*")) + * jsonProperty("Resource", jsonArray("*")) * ))) * ))) * .build()) diff --git a/sdk/java/src/main/java/com/pulumi/aws/rds/ClusterActivityStream.java b/sdk/java/src/main/java/com/pulumi/aws/rds/ClusterActivityStream.java index ff3bc25ca66..4553dcf6c35 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/rds/ClusterActivityStream.java +++ b/sdk/java/src/main/java/com/pulumi/aws/rds/ClusterActivityStream.java @@ -43,6 +43,7 @@ * import com.pulumi.aws.kms.KeyArgs; * import com.pulumi.aws.rds.ClusterActivityStream; * import com.pulumi.aws.rds.ClusterActivityStreamArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -84,7 +85,9 @@ * .resourceArn(default_.arn()) * .mode("async") * .kmsKeyId(defaultKey.keyId()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(defaultClusterInstance) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/rds/ExportTask.java b/sdk/java/src/main/java/com/pulumi/aws/rds/ExportTask.java index f2a53146a8e..9b762fa7c33 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/rds/ExportTask.java +++ b/sdk/java/src/main/java/com/pulumi/aws/rds/ExportTask.java @@ -116,13 +116,13 @@ * .name("example") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "sts:AssumeRole"), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", ""), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "export.rds.amazonaws.com") + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "sts:AssumeRole"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", ""), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "export.rds.amazonaws.com") * )) * ))) * ))) diff --git a/sdk/java/src/main/java/com/pulumi/aws/rds/GlobalCluster.java b/sdk/java/src/main/java/com/pulumi/aws/rds/GlobalCluster.java index 134b86572fe..81419a1b0e8 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/rds/GlobalCluster.java +++ b/sdk/java/src/main/java/com/pulumi/aws/rds/GlobalCluster.java @@ -39,6 +39,7 @@ * import com.pulumi.aws.rds.ClusterArgs; * import com.pulumi.aws.rds.ClusterInstance; * import com.pulumi.aws.rds.ClusterInstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -85,7 +86,9 @@ * .clusterIdentifier("test-secondary-cluster") * .globalClusterIdentifier(example.id()) * .dbSubnetGroupName("default") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(primaryClusterInstance) + * .build()); * * var secondaryClusterInstance = new ClusterInstance("secondaryClusterInstance", ClusterInstanceArgs.builder() * .engine(example.engine()) @@ -116,6 +119,7 @@ * import com.pulumi.aws.rds.ClusterArgs; * import com.pulumi.aws.rds.ClusterInstance; * import com.pulumi.aws.rds.ClusterInstanceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -163,7 +167,9 @@ * .globalClusterIdentifier(example.id()) * .skipFinalSnapshot(true) * .dbSubnetGroupName("default") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(primaryClusterInstance) + * .build()); * * var secondaryClusterInstance = new ClusterInstance("secondaryClusterInstance", ClusterInstanceArgs.builder() * .engine(example.engine()) diff --git a/sdk/java/src/main/java/com/pulumi/aws/redshift/AuthenticationProfile.java b/sdk/java/src/main/java/com/pulumi/aws/redshift/AuthenticationProfile.java index 951926580c1..bd00a4b6d45 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/redshift/AuthenticationProfile.java +++ b/sdk/java/src/main/java/com/pulumi/aws/redshift/AuthenticationProfile.java @@ -45,9 +45,9 @@ * .authenticationProfileName("example") * .authenticationProfileContent(serializeJson( * jsonObject( - * jsonProperty("allowDBUserOverride", "1"), - * jsonProperty("clientID", "ExampleClientID"), - * jsonProperty("appID", "example") + * jsonProperty("AllowDBUserOverride", "1"), + * jsonProperty("Client_ID", "ExampleClientID"), + * jsonProperty("App_ID", "example") * ))) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/aws/redshift/ClusterSnapshot.java b/sdk/java/src/main/java/com/pulumi/aws/redshift/ClusterSnapshot.java index f0190faef5c..4c09e86fb10 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/redshift/ClusterSnapshot.java +++ b/sdk/java/src/main/java/com/pulumi/aws/redshift/ClusterSnapshot.java @@ -48,9 +48,9 @@ * .clusterSnapshotName("example") * .clusterSnapshotContent(serializeJson( * jsonObject( - * jsonProperty("allowDBUserOverride", "1"), - * jsonProperty("clientID", "ExampleClientID"), - * jsonProperty("appID", "example") + * jsonProperty("AllowDBUserOverride", "1"), + * jsonProperty("Client_ID", "ExampleClientID"), + * jsonProperty("App_ID", "example") * ))) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/aws/redshift/ResourcePolicy.java b/sdk/java/src/main/java/com/pulumi/aws/redshift/ResourcePolicy.java index 48b8b2ba2d7..85dfeaed6fa 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/redshift/ResourcePolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/redshift/ResourcePolicy.java @@ -45,15 +45,15 @@ * .resourceArn(exampleAwsRedshiftCluster.clusterNamespaceArn()) * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", "arn:aws:iam::12345678901:root") * )), - * jsonProperty("action", "redshift:CreateInboundIntegration"), - * jsonProperty("resource", exampleAwsRedshiftCluster.clusterNamespaceArn()), - * jsonProperty("sid", "") + * jsonProperty("Action", "redshift:CreateInboundIntegration"), + * jsonProperty("Resource", exampleAwsRedshiftCluster.clusterNamespaceArn()), + * jsonProperty("Sid", "") * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/redshiftserverless/ResourcePolicy.java b/sdk/java/src/main/java/com/pulumi/aws/redshiftserverless/ResourcePolicy.java index 9c7944212f3..1ea6001c796 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/redshiftserverless/ResourcePolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/redshiftserverless/ResourcePolicy.java @@ -45,14 +45,14 @@ * .resourceArn(exampleAwsRedshiftserverlessSnapshot.arn()) * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", jsonArray("12345678901")) * )), - * jsonProperty("action", jsonArray("redshift-serverless:RestoreFromSnapshot")), - * jsonProperty("sid", "") + * jsonProperty("Action", jsonArray("redshift-serverless:RestoreFromSnapshot")), + * jsonProperty("Sid", "") * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/resourceexplorer/View.java b/sdk/java/src/main/java/com/pulumi/aws/resourceexplorer/View.java index 220cff93a4d..2034e168458 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/resourceexplorer/View.java +++ b/sdk/java/src/main/java/com/pulumi/aws/resourceexplorer/View.java @@ -37,6 +37,7 @@ * import com.pulumi.aws.resourceexplorer.ViewArgs; * import com.pulumi.aws.resourceexplorer.inputs.ViewFiltersArgs; * import com.pulumi.aws.resourceexplorer.inputs.ViewIncludedPropertyArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -62,7 +63,9 @@ * .includedProperties(ViewIncludedPropertyArgs.builder() * .name("tags") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/rolesanywhere/Profile.java b/sdk/java/src/main/java/com/pulumi/aws/rolesanywhere/Profile.java index 624d64e6a8e..8dd32e54a6d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/rolesanywhere/Profile.java +++ b/sdk/java/src/main/java/com/pulumi/aws/rolesanywhere/Profile.java @@ -53,18 +53,18 @@ * .path("/") * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray( * "sts:AssumeRole", * "sts:TagSession", * "sts:SetSourceIdentity" * )), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "rolesanywhere.amazonaws.com") + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "rolesanywhere.amazonaws.com") * )), - * jsonProperty("effect", "Allow"), - * jsonProperty("sid", "") + * jsonProperty("Effect", "Allow"), + * jsonProperty("Sid", "") * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/rolesanywhere/TrustAnchor.java b/sdk/java/src/main/java/com/pulumi/aws/rolesanywhere/TrustAnchor.java index 69caef6beff..df806867992 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/rolesanywhere/TrustAnchor.java +++ b/sdk/java/src/main/java/com/pulumi/aws/rolesanywhere/TrustAnchor.java @@ -44,6 +44,7 @@ * import com.pulumi.aws.rolesanywhere.TrustAnchorArgs; * import com.pulumi.aws.rolesanywhere.inputs.TrustAnchorSourceArgs; * import com.pulumi.aws.rolesanywhere.inputs.TrustAnchorSourceSourceDataArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -96,7 +97,9 @@ * .build()) * .sourceType("AWS_ACM_PCA") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleCertificateAuthorityCertificate) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/route53/HostedZoneDnsSec.java b/sdk/java/src/main/java/com/pulumi/aws/route53/HostedZoneDnsSec.java index 34a185ee2b9..c257e9f76f9 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/route53/HostedZoneDnsSec.java +++ b/sdk/java/src/main/java/com/pulumi/aws/route53/HostedZoneDnsSec.java @@ -41,6 +41,7 @@ * import com.pulumi.aws.route53.HostedZoneDnsSec; * import com.pulumi.aws.route53.HostedZoneDnsSecArgs; * import static com.pulumi.codegen.internal.Serialization.*; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -62,32 +63,32 @@ * .keyUsage("SIGN_VERIFY") * .policy(serializeJson( * jsonObject( - * jsonProperty("statement", jsonArray( + * jsonProperty("Statement", jsonArray( * jsonObject( - * jsonProperty("action", jsonArray( + * jsonProperty("Action", jsonArray( * "kms:DescribeKey", * "kms:GetPublicKey", * "kms:Sign", * "kms:Verify" * )), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "dnssec-route53.amazonaws.com") + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "dnssec-route53.amazonaws.com") * )), - * jsonProperty("resource", "*"), - * jsonProperty("sid", "Allow Route 53 DNSSEC Service") + * jsonProperty("Resource", "*"), + * jsonProperty("Sid", "Allow Route 53 DNSSEC Service") * ), * jsonObject( - * jsonProperty("action", "kms:*"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Action", "kms:*"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", String.format("arn:aws:iam::%s:root", current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()))) * )), - * jsonProperty("resource", "*"), - * jsonProperty("sid", "Enable IAM User Permissions") + * jsonProperty("Resource", "*"), + * jsonProperty("Sid", "Enable IAM User Permissions") * ) * )), - * jsonProperty("version", "2012-10-17") + * jsonProperty("Version", "2012-10-17") * ))) * .build()); * @@ -103,7 +104,9 @@ * * var exampleHostedZoneDnsSec = new HostedZoneDnsSec("exampleHostedZoneDnsSec", HostedZoneDnsSecArgs.builder() * .hostedZoneId(exampleKeySigningKey.hostedZoneId()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleKeySigningKey) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/route53/KeySigningKey.java b/sdk/java/src/main/java/com/pulumi/aws/route53/KeySigningKey.java index d00e5fca5c9..c82166fcb43 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/route53/KeySigningKey.java +++ b/sdk/java/src/main/java/com/pulumi/aws/route53/KeySigningKey.java @@ -38,6 +38,7 @@ * import com.pulumi.aws.route53.HostedZoneDnsSec; * import com.pulumi.aws.route53.HostedZoneDnsSecArgs; * import static com.pulumi.codegen.internal.Serialization.*; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -59,53 +60,53 @@ * .keyUsage("SIGN_VERIFY") * .policy(serializeJson( * jsonObject( - * jsonProperty("statement", jsonArray( + * jsonProperty("Statement", jsonArray( * jsonObject( - * jsonProperty("action", jsonArray( + * jsonProperty("Action", jsonArray( * "kms:DescribeKey", * "kms:GetPublicKey", * "kms:Sign" * )), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "dnssec-route53.amazonaws.com") + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "dnssec-route53.amazonaws.com") * )), - * jsonProperty("sid", "Allow Route 53 DNSSEC Service"), - * jsonProperty("resource", "*"), - * jsonProperty("condition", jsonObject( - * jsonProperty("stringEquals", jsonObject( + * jsonProperty("Sid", "Allow Route 53 DNSSEC Service"), + * jsonProperty("Resource", "*"), + * jsonProperty("Condition", jsonObject( + * jsonProperty("StringEquals", jsonObject( * jsonProperty("aws:SourceAccount", current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())) * )), - * jsonProperty("arnLike", jsonObject( + * jsonProperty("ArnLike", jsonObject( * jsonProperty("aws:SourceArn", "arn:aws:route53:::hostedzone/*") * )) * )) * ), * jsonObject( - * jsonProperty("action", "kms:CreateGrant"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "dnssec-route53.amazonaws.com") + * jsonProperty("Action", "kms:CreateGrant"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "dnssec-route53.amazonaws.com") * )), - * jsonProperty("sid", "Allow Route 53 DNSSEC Service to CreateGrant"), - * jsonProperty("resource", "*"), - * jsonProperty("condition", jsonObject( - * jsonProperty("bool", jsonObject( + * jsonProperty("Sid", "Allow Route 53 DNSSEC Service to CreateGrant"), + * jsonProperty("Resource", "*"), + * jsonProperty("Condition", jsonObject( + * jsonProperty("Bool", jsonObject( * jsonProperty("kms:GrantIsForAWSResource", "true") * )) * )) * ), * jsonObject( - * jsonProperty("action", "kms:*"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Action", "kms:*"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", String.format("arn:aws:iam::%s:root", current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()))) * )), - * jsonProperty("resource", "*"), - * jsonProperty("sid", "Enable IAM User Permissions") + * jsonProperty("Resource", "*"), + * jsonProperty("Sid", "Enable IAM User Permissions") * ) * )), - * jsonProperty("version", "2012-10-17") + * jsonProperty("Version", "2012-10-17") * ))) * .build()); * @@ -121,7 +122,9 @@ * * var exampleHostedZoneDnsSec = new HostedZoneDnsSec("exampleHostedZoneDnsSec", HostedZoneDnsSecArgs.builder() * .hostedZoneId(exampleKeySigningKey.hostedZoneId()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleKeySigningKey) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/route53/QueryLog.java b/sdk/java/src/main/java/com/pulumi/aws/route53/QueryLog.java index 8903dea3ef9..48a41d3a613 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/route53/QueryLog.java +++ b/sdk/java/src/main/java/com/pulumi/aws/route53/QueryLog.java @@ -41,6 +41,7 @@ * import com.pulumi.aws.cloudwatch.LogResourcePolicyArgs; * import com.pulumi.aws.route53.QueryLog; * import com.pulumi.aws.route53.QueryLogArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -87,7 +88,9 @@ * var exampleComQueryLog = new QueryLog("exampleComQueryLog", QueryLogArgs.builder() * .cloudwatchLogGroupArn(awsRoute53ExampleCom.arn()) * .zoneId(exampleCom.zoneId()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(route53_query_logging_policyLogResourcePolicy) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/route53domains/DelegationSignerRecord.java b/sdk/java/src/main/java/com/pulumi/aws/route53domains/DelegationSignerRecord.java index eb4ea8257bb..17ecb2dcaaa 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/route53domains/DelegationSignerRecord.java +++ b/sdk/java/src/main/java/com/pulumi/aws/route53domains/DelegationSignerRecord.java @@ -44,6 +44,7 @@ * import com.pulumi.aws.route53domains.DelegationSignerRecordArgs; * import com.pulumi.aws.route53domains.inputs.DelegationSignerRecordSigningAttributesArgs; * import static com.pulumi.codegen.internal.Serialization.*; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -65,53 +66,53 @@ * .keyUsage("SIGN_VERIFY") * .policy(serializeJson( * jsonObject( - * jsonProperty("statement", jsonArray( + * jsonProperty("Statement", jsonArray( * jsonObject( - * jsonProperty("action", jsonArray( + * jsonProperty("Action", jsonArray( * "kms:DescribeKey", * "kms:GetPublicKey", * "kms:Sign" * )), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "dnssec-route53.amazonaws.com") + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "dnssec-route53.amazonaws.com") * )), - * jsonProperty("sid", "Allow Route 53 DNSSEC Service"), - * jsonProperty("resource", "*"), - * jsonProperty("condition", jsonObject( - * jsonProperty("stringEquals", jsonObject( + * jsonProperty("Sid", "Allow Route 53 DNSSEC Service"), + * jsonProperty("Resource", "*"), + * jsonProperty("Condition", jsonObject( + * jsonProperty("StringEquals", jsonObject( * jsonProperty("aws:SourceAccount", current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())) * )), - * jsonProperty("arnLike", jsonObject( + * jsonProperty("ArnLike", jsonObject( * jsonProperty("aws:SourceArn", "arn:aws:route53:::hostedzone/*") * )) * )) * ), * jsonObject( - * jsonProperty("action", "kms:CreateGrant"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( - * jsonProperty("service", "dnssec-route53.amazonaws.com") + * jsonProperty("Action", "kms:CreateGrant"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( + * jsonProperty("Service", "dnssec-route53.amazonaws.com") * )), - * jsonProperty("sid", "Allow Route 53 DNSSEC Service to CreateGrant"), - * jsonProperty("resource", "*"), - * jsonProperty("condition", jsonObject( - * jsonProperty("bool", jsonObject( + * jsonProperty("Sid", "Allow Route 53 DNSSEC Service to CreateGrant"), + * jsonProperty("Resource", "*"), + * jsonProperty("Condition", jsonObject( + * jsonProperty("Bool", jsonObject( * jsonProperty("kms:GrantIsForAWSResource", "true") * )) * )) * ), * jsonObject( - * jsonProperty("action", "kms:*"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Action", "kms:*"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", String.format("arn:aws:iam::%s:root", current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()))) * )), - * jsonProperty("resource", "*"), - * jsonProperty("sid", "Enable IAM User Permissions") + * jsonProperty("Resource", "*"), + * jsonProperty("Sid", "Enable IAM User Permissions") * ) * )), - * jsonProperty("version", "2012-10-17") + * jsonProperty("Version", "2012-10-17") * ))) * .build()); * @@ -127,7 +128,9 @@ * * var exampleHostedZoneDnsSec = new HostedZoneDnsSec("exampleHostedZoneDnsSec", HostedZoneDnsSecArgs.builder() * .hostedZoneId(exampleKeySigningKey.hostedZoneId()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleKeySigningKey) + * .build()); * * var exampleDelegationSignerRecord = new DelegationSignerRecord("exampleDelegationSignerRecord", DelegationSignerRecordArgs.builder() * .domainName("example.com") diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketAclV2.java b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketAclV2.java index 9c7bb7beaa9..e44ca1b57d1 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketAclV2.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketAclV2.java @@ -40,6 +40,7 @@ * import com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs; * import com.pulumi.aws.s3.BucketAclV2; * import com.pulumi.aws.s3.BucketAclV2Args; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -67,7 +68,9 @@ * var exampleBucketAclV2 = new BucketAclV2("exampleBucketAclV2", BucketAclV2Args.builder() * .bucket(example.id()) * .acl("private") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleBucketOwnershipControls) + * .build()); * * } * } @@ -95,6 +98,7 @@ * import com.pulumi.aws.s3.BucketPublicAccessBlockArgs; * import com.pulumi.aws.s3.BucketAclV2; * import com.pulumi.aws.s3.BucketAclV2Args; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -130,7 +134,11 @@ * var exampleBucketAclV2 = new BucketAclV2("exampleBucketAclV2", BucketAclV2Args.builder() * .bucket(example.id()) * .acl("public-read") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * exampleBucketOwnershipControls, + * exampleBucketPublicAccessBlock) + * .build()); * * } * } @@ -156,6 +164,7 @@ * import com.pulumi.aws.s3.BucketAclV2Args; * import com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyArgs; * import com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyOwnerArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -204,7 +213,9 @@ * .id(current.applyValue(getCanonicalUserIdResult -> getCanonicalUserIdResult.id())) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleBucketOwnershipControls) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketLifecycleConfigurationV2.java b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketLifecycleConfigurationV2.java index 50b84b22ee7..3a4cfc30d55 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketLifecycleConfigurationV2.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketLifecycleConfigurationV2.java @@ -481,6 +481,7 @@ * import com.pulumi.aws.s3.BucketVersioningV2Args; * import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs; * import com.pulumi.aws.s3.inputs.BucketLifecycleConfigurationV2RuleNoncurrentVersionExpirationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -580,7 +581,9 @@ * .build()) * .status("Enabled") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(versioning) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketNotification.java b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketNotification.java index db155509514..9dd888bb5de 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketNotification.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketNotification.java @@ -192,6 +192,7 @@ * import com.pulumi.aws.s3.BucketNotification; * import com.pulumi.aws.s3.BucketNotificationArgs; * import com.pulumi.aws.s3.inputs.BucketNotificationLambdaFunctionArgs; + * import com.pulumi.resources.CustomResourceOptions; * import com.pulumi.asset.FileArchive; * import java.util.List; * import java.util.ArrayList; @@ -250,7 +251,9 @@ * .filterPrefix("AWSLogs/") * .filterSuffix(".log") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(allowBucket) + * .build()); * * } * } @@ -279,6 +282,7 @@ * import com.pulumi.aws.s3.BucketNotification; * import com.pulumi.aws.s3.BucketNotificationArgs; * import com.pulumi.aws.s3.inputs.BucketNotificationLambdaFunctionArgs; + * import com.pulumi.resources.CustomResourceOptions; * import com.pulumi.asset.FileArchive; * import java.util.List; * import java.util.ArrayList; @@ -359,7 +363,11 @@ * .filterPrefix("OtherLogs/") * .filterSuffix(".log") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * allowBucket1, + * allowBucket2) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketObject.java b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketObject.java index 095544e7564..49ee06687fa 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketObject.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketObject.java @@ -236,6 +236,7 @@ * import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs; * import com.pulumi.aws.s3.BucketObject; * import com.pulumi.aws.s3.BucketObjectArgs; + * import com.pulumi.resources.CustomResourceOptions; * import com.pulumi.asset.FileAsset; * import java.util.List; * import java.util.ArrayList; @@ -275,7 +276,9 @@ * .objectLockMode("GOVERNANCE") * .objectLockRetainUntilDate("2021-12-31T23:59:60Z") * .forceDestroy(true) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleBucketVersioningV2) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketObjectv2.java b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketObjectv2.java index 2f246ad139c..466da34e366 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketObjectv2.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketObjectv2.java @@ -239,6 +239,7 @@ * import com.pulumi.aws.s3.inputs.BucketVersioningV2VersioningConfigurationArgs; * import com.pulumi.aws.s3.BucketObjectv2; * import com.pulumi.aws.s3.BucketObjectv2Args; + * import com.pulumi.resources.CustomResourceOptions; * import com.pulumi.asset.FileAsset; * import java.util.List; * import java.util.ArrayList; @@ -278,7 +279,9 @@ * .objectLockMode("GOVERNANCE") * .objectLockRetainUntilDate("2021-12-31T23:59:60Z") * .forceDestroy(true) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleBucketVersioningV2) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketReplicationConfig.java b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketReplicationConfig.java index af63bb3bb62..fb6c321f3a8 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3/BucketReplicationConfig.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3/BucketReplicationConfig.java @@ -54,6 +54,7 @@ * import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs; * import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs; * import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -161,7 +162,9 @@ * .storageClass("STANDARD") * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(sourceBucketVersioningV2) + * .build()); * * } * } @@ -187,6 +190,7 @@ * import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleArgs; * import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleFilterArgs; * import com.pulumi.aws.s3.inputs.BucketReplicationConfigRuleDestinationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -237,7 +241,9 @@ * .storageClass("STANDARD") * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(eastBucketVersioningV2) + * .build()); * * var westToEast = new BucketReplicationConfig("westToEast", BucketReplicationConfigArgs.builder() * .role(westReplication.arn()) @@ -253,7 +259,9 @@ * .storageClass("STANDARD") * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(westBucketVersioningV2) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessGrant.java b/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessGrant.java index 1090a90af8a..f1c5cfaf8ee 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessGrant.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessGrant.java @@ -38,6 +38,7 @@ * import com.pulumi.aws.s3control.AccessGrantArgs; * import com.pulumi.aws.s3control.inputs.AccessGrantAccessGrantsLocationConfigurationArgs; * import com.pulumi.aws.s3control.inputs.AccessGrantGranteeArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -56,7 +57,9 @@ * var exampleAccessGrantsLocation = new AccessGrantsLocation("exampleAccessGrantsLocation", AccessGrantsLocationArgs.builder() * .iamRoleArn(exampleAwsIamRole.arn()) * .locationScope(String.format("s3://%s/prefixA*", exampleAwsS3Bucket.bucket())) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * var exampleAccessGrant = new AccessGrant("exampleAccessGrant", AccessGrantArgs.builder() * .accessGrantsLocationId(exampleAccessGrantsLocation.accessGrantsLocationId()) diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessGrantsLocation.java b/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessGrantsLocation.java index d837d7df9b4..a5b0cdfb773 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessGrantsLocation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessGrantsLocation.java @@ -33,6 +33,7 @@ * import com.pulumi.aws.s3control.AccessGrantsInstance; * import com.pulumi.aws.s3control.AccessGrantsLocation; * import com.pulumi.aws.s3control.AccessGrantsLocationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -51,7 +52,9 @@ * var exampleAccessGrantsLocation = new AccessGrantsLocation("exampleAccessGrantsLocation", AccessGrantsLocationArgs.builder() * .iamRoleArn(exampleAwsIamRole.arn()) * .locationScope("s3://") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessPointPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessPointPolicy.java index b83eca77654..4fc4f8c58c0 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessPointPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3control/AccessPointPolicy.java @@ -68,14 +68,14 @@ * .accessPointArn(exampleAccessPoint.arn()) * .policy(exampleAccessPoint.arn().applyValue(arn -> serializeJson( * jsonObject( - * jsonProperty("version", "2008-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("effect", "Allow"), - * jsonProperty("action", "s3:GetObjectTagging"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2008-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Action", "s3:GetObjectTagging"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", "*") * )), - * jsonProperty("resource", String.format("%s/object/*", arn)) + * jsonProperty("Resource", String.format("%s/object/*", arn)) * ))) * )))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3control/BucketPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/s3control/BucketPolicy.java index 7c46a38700d..2b76a3d332d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3control/BucketPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3control/BucketPolicy.java @@ -47,17 +47,17 @@ * .bucket(exampleAwsS3controlBucket.arn()) * .policy(serializeJson( * jsonObject( - * jsonProperty("id", "testBucketPolicy"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "s3-outposts:PutBucketLifecycleConfiguration"), - * jsonProperty("effect", "Deny"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Id", "testBucketPolicy"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "s3-outposts:PutBucketLifecycleConfiguration"), + * jsonProperty("Effect", "Deny"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", "*") * )), - * jsonProperty("resource", exampleAwsS3controlBucket.arn()), - * jsonProperty("sid", "statement1") + * jsonProperty("Resource", exampleAwsS3controlBucket.arn()), + * jsonProperty("Sid", "statement1") * ))), - * jsonProperty("version", "2012-10-17") + * jsonProperty("Version", "2012-10-17") * ))) * .build()); * diff --git a/sdk/java/src/main/java/com/pulumi/aws/s3control/ObjectLambdaAccessPointPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/s3control/ObjectLambdaAccessPointPolicy.java index 9f17b75c407..32718eb7af3 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/s3control/ObjectLambdaAccessPointPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/s3control/ObjectLambdaAccessPointPolicy.java @@ -77,14 +77,14 @@ * .name(exampleObjectLambdaAccessPoint.name()) * .policy(exampleObjectLambdaAccessPoint.arn().applyValue(arn -> serializeJson( * jsonObject( - * jsonProperty("version", "2008-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("effect", "Allow"), - * jsonProperty("action", "s3-object-lambda:GetObject"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2008-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Effect", "Allow"), + * jsonProperty("Action", "s3-object-lambda:GetObject"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", current.accountId()) * )), - * jsonProperty("resource", arn) + * jsonProperty("Resource", arn) * ))) * )))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/CodeRepository.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/CodeRepository.java index 8dac3a1dc63..963d461844e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/CodeRepository.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/CodeRepository.java @@ -75,6 +75,7 @@ * import com.pulumi.aws.sagemaker.CodeRepositoryArgs; * import com.pulumi.aws.sagemaker.inputs.CodeRepositoryGitConfigArgs; * import static com.pulumi.codegen.internal.Serialization.*; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -107,7 +108,9 @@ * .repositoryUrl("https://github.com/github/docs.git") * .secretArn(example.arn()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleSecretVersion) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/Pipeline.java b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/Pipeline.java index 5d9b07f778e..891f3c75778 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/sagemaker/Pipeline.java +++ b/sdk/java/src/main/java/com/pulumi/aws/sagemaker/Pipeline.java @@ -53,12 +53,12 @@ * .roleArn(exampleAwsIamRole.arn()) * .pipelineDefinition(serializeJson( * jsonObject( - * jsonProperty("version", "2020-12-01"), - * jsonProperty("steps", jsonArray(jsonObject( - * jsonProperty("name", "Test"), - * jsonProperty("type", "Fail"), - * jsonProperty("arguments", jsonObject( - * jsonProperty("errorMessage", "test") + * jsonProperty("Version", "2020-12-01"), + * jsonProperty("Steps", jsonArray(jsonObject( + * jsonProperty("Name", "Test"), + * jsonProperty("Type", "Fail"), + * jsonProperty("Arguments", jsonObject( + * jsonProperty("ErrorMessage", "test") * )) * ))) * ))) diff --git a/sdk/java/src/main/java/com/pulumi/aws/scheduler/Schedule.java b/sdk/java/src/main/java/com/pulumi/aws/scheduler/Schedule.java index 8e6668072ce..d8c35159a21 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/scheduler/Schedule.java +++ b/sdk/java/src/main/java/com/pulumi/aws/scheduler/Schedule.java @@ -110,8 +110,8 @@ * .roleArn(exampleAwsIamRole.arn()) * .input(example.url().applyValue(url -> serializeJson( * jsonObject( - * jsonProperty("messageBody", "Greetings, programs!"), - * jsonProperty("queueUrl", url) + * jsonProperty("MessageBody", "Greetings, programs!"), + * jsonProperty("QueueUrl", url) * )))) * .build()) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/ActionTarget.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/ActionTarget.java index 8b23c5f7815..e284694a2ab 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/ActionTarget.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/ActionTarget.java @@ -28,6 +28,7 @@ * import com.pulumi.aws.securityhub.Account; * import com.pulumi.aws.securityhub.ActionTarget; * import com.pulumi.aws.securityhub.ActionTargetArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -47,7 +48,9 @@ * .name("Send notification to chat") * .identifier("SendToChat") * .description("This is custom action sends selected findings to chat") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/ConfigurationPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/ConfigurationPolicy.java index c935c542420..747a20e6c9a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/ConfigurationPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/ConfigurationPolicy.java @@ -40,6 +40,7 @@ * import com.pulumi.aws.securityhub.ConfigurationPolicyArgs; * import com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs; * import com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -63,7 +64,9 @@ * .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder() * .configurationType("CENTRAL") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * var exampleConfigurationPolicy = new ConfigurationPolicy("exampleConfigurationPolicy", ConfigurationPolicyArgs.builder() * .name("Example") @@ -77,7 +80,9 @@ * .disabledControlIdentifiers() * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleOrganizationConfiguration) + * .build()); * * } * } @@ -96,6 +101,7 @@ * import com.pulumi.aws.securityhub.ConfigurationPolicy; * import com.pulumi.aws.securityhub.ConfigurationPolicyArgs; * import com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -116,7 +122,9 @@ * .serviceEnabled(false) * .enabledStandardArns() * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } @@ -136,6 +144,7 @@ * import com.pulumi.aws.securityhub.ConfigurationPolicyArgs; * import com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicyArgs; * import com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -192,7 +201,9 @@ * .build()) * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/ConfigurationPolicyAssociation.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/ConfigurationPolicyAssociation.java index bfda2f6b3b0..457ad7b0aa8 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/ConfigurationPolicyAssociation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/ConfigurationPolicyAssociation.java @@ -38,6 +38,7 @@ * import com.pulumi.aws.securityhub.inputs.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs; * import com.pulumi.aws.securityhub.ConfigurationPolicyAssociation; * import com.pulumi.aws.securityhub.ConfigurationPolicyAssociationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -61,7 +62,9 @@ * .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder() * .configurationType("CENTRAL") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * var exampleConfigurationPolicy = new ConfigurationPolicy("exampleConfigurationPolicy", ConfigurationPolicyArgs.builder() * .name("Example") @@ -75,7 +78,9 @@ * .disabledControlIdentifiers() * .build()) * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleOrganizationConfiguration) + * .build()); * * var accountExample = new ConfigurationPolicyAssociation("accountExample", ConfigurationPolicyAssociationArgs.builder() * .targetId("123456789012") diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/FindingAggregator.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/FindingAggregator.java index 0256fb63ea2..d5c7205b6f4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/FindingAggregator.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/FindingAggregator.java @@ -34,6 +34,7 @@ * import com.pulumi.aws.securityhub.Account; * import com.pulumi.aws.securityhub.FindingAggregator; * import com.pulumi.aws.securityhub.FindingAggregatorArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -51,7 +52,9 @@ * * var exampleFindingAggregator = new FindingAggregator("exampleFindingAggregator", FindingAggregatorArgs.builder() * .linkingMode("ALL_REGIONS") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } @@ -72,6 +75,7 @@ * import com.pulumi.aws.securityhub.Account; * import com.pulumi.aws.securityhub.FindingAggregator; * import com.pulumi.aws.securityhub.FindingAggregatorArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -92,7 +96,9 @@ * .specifiedRegions( * "eu-west-1", * "eu-west-2") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } @@ -113,6 +119,7 @@ * import com.pulumi.aws.securityhub.Account; * import com.pulumi.aws.securityhub.FindingAggregator; * import com.pulumi.aws.securityhub.FindingAggregatorArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -133,7 +140,9 @@ * .specifiedRegions( * "eu-west-1", * "eu-west-2") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/Insight.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/Insight.java index 7e66956ff6c..92082e3728e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/Insight.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/Insight.java @@ -32,6 +32,7 @@ * import com.pulumi.aws.securityhub.Insight; * import com.pulumi.aws.securityhub.InsightArgs; * import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -61,7 +62,9 @@ * .build()) * .groupByAttribute("AwsAccountId") * .name("example-insight") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } @@ -81,6 +84,7 @@ * import com.pulumi.aws.securityhub.Insight; * import com.pulumi.aws.securityhub.InsightArgs; * import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -107,7 +111,9 @@ * .build()) * .groupByAttribute("CreatedAt") * .name("example-insight") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } @@ -127,6 +133,7 @@ * import com.pulumi.aws.securityhub.Insight; * import com.pulumi.aws.securityhub.InsightArgs; * import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -150,7 +157,9 @@ * .build()) * .groupByAttribute("NetworkDestinationIpV4") * .name("example-insight") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } @@ -170,6 +179,7 @@ * import com.pulumi.aws.securityhub.Insight; * import com.pulumi.aws.securityhub.InsightArgs; * import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -193,7 +203,9 @@ * .build()) * .groupByAttribute("Confidence") * .name("example-insight") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } @@ -213,6 +225,7 @@ * import com.pulumi.aws.securityhub.Insight; * import com.pulumi.aws.securityhub.InsightArgs; * import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -238,7 +251,9 @@ * .build()) * .groupByAttribute("ResourceTags") * .name("example-insight") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/InviteAccepter.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/InviteAccepter.java index f2d11265797..a515692183f 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/InviteAccepter.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/InviteAccepter.java @@ -32,6 +32,7 @@ * import com.pulumi.aws.securityhub.MemberArgs; * import com.pulumi.aws.securityhub.InviteAccepter; * import com.pulumi.aws.securityhub.InviteAccepterArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -57,7 +58,9 @@ * * var inviteeInviteAccepter = new InviteAccepter("inviteeInviteAccepter", InviteAccepterArgs.builder() * .masterId(exampleMember.masterId()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(invitee) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/Member.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/Member.java index c3ad2be4d9a..d1cf34d5e64 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/Member.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/Member.java @@ -30,6 +30,7 @@ * import com.pulumi.aws.securityhub.Account; * import com.pulumi.aws.securityhub.Member; * import com.pulumi.aws.securityhub.MemberArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -49,7 +50,9 @@ * .accountId("123456789012") * .email("example@example.com") * .invite(true) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/OrganizationAdminAccount.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/OrganizationAdminAccount.java index e5c4f18f15d..4b9ba5333bb 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/OrganizationAdminAccount.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/OrganizationAdminAccount.java @@ -32,6 +32,7 @@ * import com.pulumi.aws.securityhub.OrganizationAdminAccountArgs; * import com.pulumi.aws.securityhub.OrganizationConfiguration; * import com.pulumi.aws.securityhub.OrganizationConfigurationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -54,7 +55,9 @@ * * var exampleOrganizationAdminAccount = new OrganizationAdminAccount("exampleOrganizationAdminAccount", OrganizationAdminAccountArgs.builder() * .adminAccountId("123456789012") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * // Auto enable security hub in organization member accounts * var exampleOrganizationConfiguration = new OrganizationConfiguration("exampleOrganizationConfiguration", OrganizationConfigurationArgs.builder() diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/OrganizationConfiguration.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/OrganizationConfiguration.java index e248225e825..761a04cf708 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/OrganizationConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/OrganizationConfiguration.java @@ -43,6 +43,7 @@ * import com.pulumi.aws.securityhub.OrganizationAdminAccountArgs; * import com.pulumi.aws.securityhub.OrganizationConfiguration; * import com.pulumi.aws.securityhub.OrganizationConfigurationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -63,7 +64,9 @@ * * var exampleOrganizationAdminAccount = new OrganizationAdminAccount("exampleOrganizationAdminAccount", OrganizationAdminAccountArgs.builder() * .adminAccountId("123456789012") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * var exampleOrganizationConfiguration = new OrganizationConfiguration("exampleOrganizationConfiguration", OrganizationConfigurationArgs.builder() * .autoEnable(true) @@ -90,6 +93,7 @@ * import com.pulumi.aws.securityhub.OrganizationConfiguration; * import com.pulumi.aws.securityhub.OrganizationConfigurationArgs; * import com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -105,11 +109,15 @@ * public static void stack(Context ctx) { * var example = new OrganizationAdminAccount("example", OrganizationAdminAccountArgs.builder() * .adminAccountId("123456789012") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsOrganizationsOrganization) + * .build()); * * var exampleFindingAggregator = new FindingAggregator("exampleFindingAggregator", FindingAggregatorArgs.builder() * .linkingMode("ALL_REGIONS") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * var exampleOrganizationConfiguration = new OrganizationConfiguration("exampleOrganizationConfiguration", OrganizationConfigurationArgs.builder() * .autoEnable(false) @@ -117,7 +125,9 @@ * .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder() * .configurationType("CENTRAL") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleFindingAggregator) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/ProductSubscription.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/ProductSubscription.java index 91caca445e6..1a3135eefc3 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/ProductSubscription.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/ProductSubscription.java @@ -30,6 +30,7 @@ * import com.pulumi.aws.inputs.GetRegionArgs; * import com.pulumi.aws.securityhub.ProductSubscription; * import com.pulumi.aws.securityhub.ProductSubscriptionArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -49,7 +50,9 @@ * * var exampleProductSubscription = new ProductSubscription("exampleProductSubscription", ProductSubscriptionArgs.builder() * .productArn(String.format("arn:aws:securityhub:%s:733251395267:product/alertlogic/althreatmanagement", current.applyValue(getRegionResult -> getRegionResult.name()))) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/StandardsControl.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/StandardsControl.java index 93743a38172..702a1fef9b9 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/StandardsControl.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/StandardsControl.java @@ -35,6 +35,7 @@ * import com.pulumi.aws.securityhub.StandardsSubscriptionArgs; * import com.pulumi.aws.securityhub.StandardsControl; * import com.pulumi.aws.securityhub.StandardsControlArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -52,13 +53,17 @@ * * var cisAwsFoundationsBenchmark = new StandardsSubscription("cisAwsFoundationsBenchmark", StandardsSubscriptionArgs.builder() * .standardsArn("arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * var ensureIamPasswordPolicyPreventsPasswordReuse = new StandardsControl("ensureIamPasswordPolicyPreventsPasswordReuse", StandardsControlArgs.builder() * .standardsControlArn("arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10") * .controlStatus("DISABLED") * .disabledReason("We handle password policies within Okta") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(cisAwsFoundationsBenchmark) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/securityhub/StandardsSubscription.java b/sdk/java/src/main/java/com/pulumi/aws/securityhub/StandardsSubscription.java index abda194d63d..a66ea3bf958 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/securityhub/StandardsSubscription.java +++ b/sdk/java/src/main/java/com/pulumi/aws/securityhub/StandardsSubscription.java @@ -30,6 +30,7 @@ * import com.pulumi.aws.inputs.GetRegionArgs; * import com.pulumi.aws.securityhub.StandardsSubscription; * import com.pulumi.aws.securityhub.StandardsSubscriptionArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -49,11 +50,15 @@ * * var cis = new StandardsSubscription("cis", StandardsSubscriptionArgs.builder() * .standardsArn("arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * var pci321 = new StandardsSubscription("pci321", StandardsSubscriptionArgs.builder() * .standardsArn(String.format("arn:aws:securityhub:%s::standards/pci-dss/v/3.2.1", current.applyValue(getRegionResult -> getRegionResult.name()))) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(example) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ses/DomainIdentityVerification.java b/sdk/java/src/main/java/com/pulumi/aws/ses/DomainIdentityVerification.java index d56f47f6bcf..574e19cd65e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ses/DomainIdentityVerification.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ses/DomainIdentityVerification.java @@ -37,6 +37,7 @@ * import com.pulumi.aws.route53.RecordArgs; * import com.pulumi.aws.ses.DomainIdentityVerification; * import com.pulumi.aws.ses.DomainIdentityVerificationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -64,7 +65,9 @@ * * var exampleVerification = new DomainIdentityVerification("exampleVerification", DomainIdentityVerificationArgs.builder() * .domain(example.id()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAmazonsesVerificationRecord) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/shield/DrtAccessRoleArnAssociation.java b/sdk/java/src/main/java/com/pulumi/aws/shield/DrtAccessRoleArnAssociation.java index bb6ddccd52d..13e3e2d817a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/shield/DrtAccessRoleArnAssociation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/shield/DrtAccessRoleArnAssociation.java @@ -54,8 +54,8 @@ * .name(awsShieldDrtAccessRoleArn) * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( * jsonProperty("Sid", ""), * jsonProperty("Effect", "Allow"), * jsonProperty("Principal", jsonObject( diff --git a/sdk/java/src/main/java/com/pulumi/aws/shield/ProactiveEngagement.java b/sdk/java/src/main/java/com/pulumi/aws/shield/ProactiveEngagement.java index f3c921d696d..4721919941d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/shield/ProactiveEngagement.java +++ b/sdk/java/src/main/java/com/pulumi/aws/shield/ProactiveEngagement.java @@ -43,6 +43,7 @@ * import com.pulumi.aws.shield.ProactiveEngagementArgs; * import com.pulumi.aws.shield.inputs.ProactiveEngagementEmergencyContactArgs; * import static com.pulumi.codegen.internal.Serialization.*; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -60,8 +61,8 @@ * .name(awsShieldDrtAccessRoleArn) * .assumeRolePolicy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( * jsonProperty("Sid", ""), * jsonProperty("Effect", "Allow"), * jsonProperty("Principal", jsonObject( @@ -100,7 +101,9 @@ * .emailAddress("test2@company.com") * .phoneNumber("+12358132134") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(testAwsShieldDrtAccessRoleArnAssociation) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/shield/ProtectionGroup.java b/sdk/java/src/main/java/com/pulumi/aws/shield/ProtectionGroup.java index 51a140c4721..3b3c9f412e4 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/shield/ProtectionGroup.java +++ b/sdk/java/src/main/java/com/pulumi/aws/shield/ProtectionGroup.java @@ -76,6 +76,7 @@ * import com.pulumi.aws.shield.ProtectionArgs; * import com.pulumi.aws.shield.ProtectionGroup; * import com.pulumi.aws.shield.ProtectionGroupArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -107,7 +108,9 @@ * .aggregation("MEAN") * .pattern("ARBITRARY") * .members(example.id().applyValue(id -> String.format("arn:aws:ec2:%s:%s:eip-allocation/%s", current.applyValue(getRegionResult -> getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()),id))) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleProtection) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ssm/Activation.java b/sdk/java/src/main/java/com/pulumi/aws/ssm/Activation.java index 07473615337..a54eae4fee3 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ssm/Activation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ssm/Activation.java @@ -37,6 +37,7 @@ * import com.pulumi.aws.iam.RolePolicyAttachmentArgs; * import com.pulumi.aws.ssm.Activation; * import com.pulumi.aws.ssm.ActivationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -76,7 +77,9 @@ * .description("Test") * .iamRole(testRole.id()) * .registrationLimit("5") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(testAttach) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ssm/ContactsRotation.java b/sdk/java/src/main/java/com/pulumi/aws/ssm/ContactsRotation.java index 39e41f11b92..32791a67262 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ssm/ContactsRotation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ssm/ContactsRotation.java @@ -32,6 +32,7 @@ * import com.pulumi.aws.ssm.ContactsRotation; * import com.pulumi.aws.ssm.ContactsRotationArgs; * import com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -57,7 +58,9 @@ * .build()) * .build()) * .timeZoneId("Australia/Sydney") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsSsmincidentsReplicationSet) + * .build()); * * } * } @@ -76,6 +79,7 @@ * import com.pulumi.aws.ssm.ContactsRotation; * import com.pulumi.aws.ssm.ContactsRotationArgs; * import com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -130,7 +134,9 @@ * Map.entry("key1", "tag1"), * Map.entry("key2", "tag2") * )) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsSsmincidentsReplicationSet) + * .build()); * * } * } @@ -149,6 +155,7 @@ * import com.pulumi.aws.ssm.ContactsRotation; * import com.pulumi.aws.ssm.ContactsRotationArgs; * import com.pulumi.aws.ssm.inputs.ContactsRotationRecurrenceArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -185,7 +192,9 @@ * .build()) * .build()) * .timeZoneId("Australia/Sydney") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsSsmincidentsReplicationSet) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ssmcontacts/Contact.java b/sdk/java/src/main/java/com/pulumi/aws/ssmcontacts/Contact.java index 4b90be39334..6038ff7fc0d 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ssmcontacts/Contact.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ssmcontacts/Contact.java @@ -31,6 +31,7 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.ssmcontacts.Contact; * import com.pulumi.aws.ssmcontacts.ContactArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -47,7 +48,9 @@ * var example = new Contact("example", ContactArgs.builder() * .alias("alias") * .type("PERSONAL") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsSsmincidentsReplicationSet) + * .build()); * * } * } @@ -65,6 +68,7 @@ * import com.pulumi.core.Output; * import com.pulumi.aws.ssmcontacts.Contact; * import com.pulumi.aws.ssmcontacts.ContactArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -83,7 +87,9 @@ * .displayName("displayName") * .type("ESCALATION") * .tags(Map.of("key", "value")) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsSsmincidentsReplicationSet) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/ssmincidents/ResponsePlan.java b/sdk/java/src/main/java/com/pulumi/aws/ssmincidents/ResponsePlan.java index 43fb55eb454..9849fcbc44c 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/ssmincidents/ResponsePlan.java +++ b/sdk/java/src/main/java/com/pulumi/aws/ssmincidents/ResponsePlan.java @@ -36,6 +36,7 @@ * import com.pulumi.aws.ssmincidents.ResponsePlan; * import com.pulumi.aws.ssmincidents.ResponsePlanArgs; * import com.pulumi.aws.ssmincidents.inputs.ResponsePlanIncidentTemplateArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -56,7 +57,9 @@ * .impact("3") * .build()) * .tags(Map.of("key", "value")) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsSsmincidentsReplicationSet) + * .build()); * * } * } @@ -77,6 +80,7 @@ * import com.pulumi.aws.ssmincidents.inputs.ResponsePlanIncidentTemplateArgs; * import com.pulumi.aws.ssmincidents.inputs.ResponsePlanActionArgs; * import com.pulumi.aws.ssmincidents.inputs.ResponsePlanIntegrationArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -140,7 +144,9 @@ * .build()) * .build()) * .tags(Map.of("key", "value")) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleAwsSsmincidentsReplicationSet) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/storagegateway/FileSystemAssociation.java b/sdk/java/src/main/java/com/pulumi/aws/storagegateway/FileSystemAssociation.java index 69527302e66..275941c8d6e 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/storagegateway/FileSystemAssociation.java +++ b/sdk/java/src/main/java/com/pulumi/aws/storagegateway/FileSystemAssociation.java @@ -80,6 +80,7 @@ * import com.pulumi.aws.storagegateway.FileSystemAssociation; * import com.pulumi.aws.storagegateway.FileSystemAssociationArgs; * import com.pulumi.aws.storagegateway.inputs.FileSystemAssociationCacheAttributesArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -103,7 +104,11 @@ * .instanceType(available.instanceType()) * .vpcSecurityGroupIds(testAwsSecurityGroup.id()) * .subnetId(testAwsSubnet[0].id()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * testAwsRoute, + * testAwsVpcDhcpOptionsAssociation) + * .build()); * * var testGateway = new Gateway("testGateway", GatewayArgs.builder() * .gatewayIpAddress(test.publicIp()) diff --git a/sdk/java/src/main/java/com/pulumi/aws/transcribe/LanguageModel.java b/sdk/java/src/main/java/com/pulumi/aws/transcribe/LanguageModel.java index 1fd259b516e..554b6755d50 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/transcribe/LanguageModel.java +++ b/sdk/java/src/main/java/com/pulumi/aws/transcribe/LanguageModel.java @@ -80,14 +80,14 @@ * .role(exampleRole.id()) * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", jsonArray( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", jsonArray( * "s3:GetObject", * "s3:ListBucket" * )), - * jsonProperty("effect", "Allow"), - * jsonProperty("resource", jsonArray("*")) + * jsonProperty("Effect", "Allow"), + * jsonProperty("Resource", jsonArray("*")) * ))) * ))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/transcribe/MedicalVocabulary.java b/sdk/java/src/main/java/com/pulumi/aws/transcribe/MedicalVocabulary.java index 576bd2df51f..55cf074ce79 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/transcribe/MedicalVocabulary.java +++ b/sdk/java/src/main/java/com/pulumi/aws/transcribe/MedicalVocabulary.java @@ -35,6 +35,7 @@ * import com.pulumi.aws.s3.BucketObjectv2Args; * import com.pulumi.aws.transcribe.MedicalVocabulary; * import com.pulumi.aws.transcribe.MedicalVocabularyArgs; + * import com.pulumi.resources.CustomResourceOptions; * import com.pulumi.asset.FileAsset; * import java.util.List; * import java.util.ArrayList; @@ -72,7 +73,9 @@ * Map.entry("tag1", "value1"), * Map.entry("tag2", "value3") * )) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(object) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/transcribe/Vocabulary.java b/sdk/java/src/main/java/com/pulumi/aws/transcribe/Vocabulary.java index 5d50fc609c3..724374b485c 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/transcribe/Vocabulary.java +++ b/sdk/java/src/main/java/com/pulumi/aws/transcribe/Vocabulary.java @@ -36,6 +36,7 @@ * import com.pulumi.aws.s3.BucketObjectv2Args; * import com.pulumi.aws.transcribe.Vocabulary; * import com.pulumi.aws.transcribe.VocabularyArgs; + * import com.pulumi.resources.CustomResourceOptions; * import com.pulumi.asset.FileAsset; * import java.util.List; * import java.util.ArrayList; @@ -73,7 +74,9 @@ * Map.entry("tag1", "value1"), * Map.entry("tag2", "value3") * )) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(object) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/AuthPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/AuthPolicy.java index c1dce54f071..38c7db7db71 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/AuthPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/AuthPolicy.java @@ -56,14 +56,14 @@ * .resourceIdentifier(example.arn()) * .policy(serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("action", "*"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", "*"), - * jsonProperty("resource", "*"), - * jsonProperty("condition", jsonObject( - * jsonProperty("stringNotEqualsIgnoreCase", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Action", "*"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", "*"), + * jsonProperty("Resource", "*"), + * jsonProperty("Condition", jsonObject( + * jsonProperty("StringNotEqualsIgnoreCase", jsonObject( * jsonProperty("aws:PrincipalType", "anonymous") * )) * )) diff --git a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourcePolicy.java b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourcePolicy.java index 41757184d9e..ad26470e5b1 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourcePolicy.java +++ b/sdk/java/src/main/java/com/pulumi/aws/vpclattice/ResourcePolicy.java @@ -60,19 +60,19 @@ * .resourceArn(example.arn()) * .policy(example.arn().applyValue(arn -> serializeJson( * jsonObject( - * jsonProperty("version", "2012-10-17"), - * jsonProperty("statement", jsonArray(jsonObject( - * jsonProperty("sid", "test-pol-principals-6"), - * jsonProperty("effect", "Allow"), - * jsonProperty("principal", jsonObject( + * jsonProperty("Version", "2012-10-17"), + * jsonProperty("Statement", jsonArray(jsonObject( + * jsonProperty("Sid", "test-pol-principals-6"), + * jsonProperty("Effect", "Allow"), + * jsonProperty("Principal", jsonObject( * jsonProperty("AWS", String.format("arn:%s:iam::%s:root", currentGetPartition.applyValue(getPartitionResult -> getPartitionResult.partition()),current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()))) * )), - * jsonProperty("action", jsonArray( + * jsonProperty("Action", jsonArray( * "vpc-lattice:CreateServiceNetworkVpcAssociation", * "vpc-lattice:CreateServiceNetworkServiceAssociation", * "vpc-lattice:GetServiceNetwork" * )), - * jsonProperty("resource", arn) + * jsonProperty("Resource", arn) * ))) * )))) * .build()); diff --git a/sdk/java/src/main/java/com/pulumi/aws/waf/RateBasedRule.java b/sdk/java/src/main/java/com/pulumi/aws/waf/RateBasedRule.java index 7e8c99428cc..7eae517087c 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/waf/RateBasedRule.java +++ b/sdk/java/src/main/java/com/pulumi/aws/waf/RateBasedRule.java @@ -36,6 +36,7 @@ * import com.pulumi.aws.waf.RateBasedRule; * import com.pulumi.aws.waf.RateBasedRuleArgs; * import com.pulumi.aws.waf.inputs.RateBasedRulePredicateArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -67,7 +68,9 @@ * .negated(false) * .type("IPMatch") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(ipset) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/waf/Rule.java b/sdk/java/src/main/java/com/pulumi/aws/waf/Rule.java index d0e5246d159..b031b30e114 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/waf/Rule.java +++ b/sdk/java/src/main/java/com/pulumi/aws/waf/Rule.java @@ -35,6 +35,7 @@ * import com.pulumi.aws.waf.Rule; * import com.pulumi.aws.waf.RuleArgs; * import com.pulumi.aws.waf.inputs.RulePredicateArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -64,7 +65,9 @@ * .negated(false) * .type("IPMatch") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(ipset) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/waf/WebAcl.java b/sdk/java/src/main/java/com/pulumi/aws/waf/WebAcl.java index e02af4f6ad6..4469a135d6a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/waf/WebAcl.java +++ b/sdk/java/src/main/java/com/pulumi/aws/waf/WebAcl.java @@ -44,6 +44,7 @@ * import com.pulumi.aws.waf.inputs.WebAclDefaultActionArgs; * import com.pulumi.aws.waf.inputs.WebAclRuleArgs; * import com.pulumi.aws.waf.inputs.WebAclRuleActionArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -73,7 +74,9 @@ * .negated(false) * .type("IPMatch") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(ipset) + * .build()); * * var wafAcl = new WebAcl("wafAcl", WebAclArgs.builder() * .name("tfWebACL") @@ -89,7 +92,11 @@ * .ruleId(wafrule.id()) * .type("REGULAR") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * ipset, + * wafrule) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/wafregional/RateBasedRule.java b/sdk/java/src/main/java/com/pulumi/aws/wafregional/RateBasedRule.java index 3b8e4600f07..b9df145d17a 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/wafregional/RateBasedRule.java +++ b/sdk/java/src/main/java/com/pulumi/aws/wafregional/RateBasedRule.java @@ -36,6 +36,7 @@ * import com.pulumi.aws.wafregional.RateBasedRule; * import com.pulumi.aws.wafregional.RateBasedRuleArgs; * import com.pulumi.aws.wafregional.inputs.RateBasedRulePredicateArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -67,7 +68,9 @@ * .negated(false) * .type("IPMatch") * .build()) - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn(ipset) + * .build()); * * } * } diff --git a/sdk/java/src/main/java/com/pulumi/aws/workspaces/Directory.java b/sdk/java/src/main/java/com/pulumi/aws/workspaces/Directory.java index 2665907b97f..92cccc534ea 100644 --- a/sdk/java/src/main/java/com/pulumi/aws/workspaces/Directory.java +++ b/sdk/java/src/main/java/com/pulumi/aws/workspaces/Directory.java @@ -40,17 +40,18 @@ * import com.pulumi.aws.directoryservice.Directory; * import com.pulumi.aws.directoryservice.DirectoryArgs; * import com.pulumi.aws.directoryservice.inputs.DirectoryVpcSettingsArgs; - * import com.pulumi.aws.workspaces.Directory; - * import com.pulumi.aws.workspaces.DirectoryArgs; - * import com.pulumi.aws.workspaces.inputs.DirectorySelfServicePermissionsArgs; - * import com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceAccessPropertiesArgs; - * import com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceCreationPropertiesArgs; * import com.pulumi.aws.iam.IamFunctions; * import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs; * import com.pulumi.aws.iam.Role; * import com.pulumi.aws.iam.RoleArgs; * import com.pulumi.aws.iam.RolePolicyAttachment; * import com.pulumi.aws.iam.RolePolicyAttachmentArgs; + * import com.pulumi.aws.workspaces.Directory; + * import com.pulumi.aws.workspaces.DirectoryArgs; + * import com.pulumi.aws.workspaces.inputs.DirectorySelfServicePermissionsArgs; + * import com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceAccessPropertiesArgs; + * import com.pulumi.aws.workspaces.inputs.DirectoryWorkspaceCreationPropertiesArgs; + * import com.pulumi.resources.CustomResourceOptions; * import java.util.List; * import java.util.ArrayList; * import java.util.Map; @@ -92,6 +93,31 @@ * .build()) * .build()); * + * final var workspaces = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder() + * .statements(GetPolicyDocumentStatementArgs.builder() + * .actions("sts:AssumeRole") + * .principals(GetPolicyDocumentStatementPrincipalArgs.builder() + * .type("Service") + * .identifiers("workspaces.amazonaws.com") + * .build()) + * .build()) + * .build()); + * + * var workspacesDefault = new Role("workspacesDefault", RoleArgs.builder() + * .name("workspaces_DefaultRole") + * .assumeRolePolicy(workspaces.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())) + * .build()); + * + * var workspacesDefaultServiceAccess = new RolePolicyAttachment("workspacesDefaultServiceAccess", RolePolicyAttachmentArgs.builder() + * .role(workspacesDefault.name()) + * .policyArn("arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess") + * .build()); + * + * var workspacesDefaultSelfServiceAccess = new RolePolicyAttachment("workspacesDefaultSelfServiceAccess", RolePolicyAttachmentArgs.builder() + * .role(workspacesDefault.name()) + * .policyArn("arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess") + * .build()); + * * var exampleC = new Subnet("exampleC", SubnetArgs.builder() * .vpcId(exampleVpc.id()) * .availabilityZone("us-east-1c") @@ -134,32 +160,11 @@ * .enableMaintenanceMode(true) * .userEnabledAsLocalAdministrator(true) * .build()) - * .build()); - * - * final var workspaces = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder() - * .statements(GetPolicyDocumentStatementArgs.builder() - * .actions("sts:AssumeRole") - * .principals(GetPolicyDocumentStatementPrincipalArgs.builder() - * .type("Service") - * .identifiers("workspaces.amazonaws.com") - * .build()) - * .build()) - * .build()); - * - * var workspacesDefault = new Role("workspacesDefault", RoleArgs.builder() - * .name("workspaces_DefaultRole") - * .assumeRolePolicy(workspaces.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())) - * .build()); - * - * var workspacesDefaultServiceAccess = new RolePolicyAttachment("workspacesDefaultServiceAccess", RolePolicyAttachmentArgs.builder() - * .role(workspacesDefault.name()) - * .policyArn("arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess") - * .build()); - * - * var workspacesDefaultSelfServiceAccess = new RolePolicyAttachment("workspacesDefaultSelfServiceAccess", RolePolicyAttachmentArgs.builder() - * .role(workspacesDefault.name()) - * .policyArn("arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess") - * .build()); + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * workspacesDefaultServiceAccess, + * workspacesDefaultSelfServiceAccess) + * .build()); * * } * } diff --git a/sdk/nodejs/accessanalyzer/analyzer.ts b/sdk/nodejs/accessanalyzer/analyzer.ts index b640160852a..ec65b1e97af 100644 --- a/sdk/nodejs/accessanalyzer/analyzer.ts +++ b/sdk/nodejs/accessanalyzer/analyzer.ts @@ -34,6 +34,8 @@ import * as utilities from "../utilities"; * const exampleAnalyzer = new aws.accessanalyzer.Analyzer("example", { * analyzerName: "example", * type: "ORGANIZATION", + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/acmpca/certificateAuthority.ts b/sdk/nodejs/acmpca/certificateAuthority.ts index 1fe090868d4..04c60599f36 100644 --- a/sdk/nodejs/acmpca/certificateAuthority.ts +++ b/sdk/nodejs/acmpca/certificateAuthority.ts @@ -104,6 +104,8 @@ import * as utilities from "../utilities"; * s3ObjectAcl: "BUCKET_OWNER_FULL_CONTROL", * }, * }, + * }, { + * dependsOn: [exampleBucketPolicy], * }); * ``` * diff --git a/sdk/nodejs/alb/targetGroupAttachment.ts b/sdk/nodejs/alb/targetGroupAttachment.ts index 70e16e56fa5..709d2bd14ee 100644 --- a/sdk/nodejs/alb/targetGroupAttachment.ts +++ b/sdk/nodejs/alb/targetGroupAttachment.ts @@ -50,6 +50,8 @@ import * as utilities from "../utilities"; * const testTargetGroupAttachment = new aws.lb.TargetGroupAttachment("test", { * targetGroupArn: test.arn, * targetId: testFunction.arn, + * }, { + * dependsOn: [withLb], * }); * ``` * diff --git a/sdk/nodejs/apigateway/documentationVersion.ts b/sdk/nodejs/apigateway/documentationVersion.ts index 35a97517512..81d7ccb09f6 100644 --- a/sdk/nodejs/apigateway/documentationVersion.ts +++ b/sdk/nodejs/apigateway/documentationVersion.ts @@ -15,11 +15,6 @@ import * as utilities from "../utilities"; * import * as aws from "@pulumi/aws"; * * const exampleRestApi = new aws.apigateway.RestApi("example", {name: "example_api"}); - * const example = new aws.apigateway.DocumentationVersion("example", { - * version: "example_version", - * restApiId: exampleRestApi.id, - * description: "Example description", - * }); * const exampleDocumentationPart = new aws.apigateway.DocumentationPart("example", { * location: { * type: "API", @@ -27,6 +22,13 @@ import * as utilities from "../utilities"; * properties: "{\"description\":\"Example\"}", * restApiId: exampleRestApi.id, * }); + * const example = new aws.apigateway.DocumentationVersion("example", { + * version: "example_version", + * restApiId: exampleRestApi.id, + * description: "Example description", + * }, { + * dependsOn: [exampleDocumentationPart], + * }); * ``` * * diff --git a/sdk/nodejs/apigateway/methodResponse.ts b/sdk/nodejs/apigateway/methodResponse.ts index cce0b3b72f6..9524c609478 100644 --- a/sdk/nodejs/apigateway/methodResponse.ts +++ b/sdk/nodejs/apigateway/methodResponse.ts @@ -86,7 +86,7 @@ import {RestApi} from "./index"; * title: "MyDemoResponse", * type: "object", * properties: { - * message: { + * Message: { * type: "string", * }, * }, diff --git a/sdk/nodejs/apigateway/stage.ts b/sdk/nodejs/apigateway/stage.ts index 62b07af3d7b..af4e5ed4b98 100644 --- a/sdk/nodejs/apigateway/stage.ts +++ b/sdk/nodejs/apigateway/stage.ts @@ -79,11 +79,13 @@ import {Deployment, RestApi} from "./index"; * const config = new pulumi.Config(); * const stageName = config.get("stageName") || "example"; * const example = new aws.apigateway.RestApi("example", {}); - * const exampleStage = new aws.apigateway.Stage("example", {stageName: stageName}); * const exampleLogGroup = new aws.cloudwatch.LogGroup("example", { * name: pulumi.interpolate`API-Gateway-Execution-Logs_${example.id}/${stageName}`, * retentionInDays: 7, * }); + * const exampleStage = new aws.apigateway.Stage("example", {stageName: stageName}, { + * dependsOn: [exampleLogGroup], + * }); * ``` * * diff --git a/sdk/nodejs/appflow/connectorProfile.ts b/sdk/nodejs/appflow/connectorProfile.ts index 78b95eb91d3..d19a383b7ea 100644 --- a/sdk/nodejs/appflow/connectorProfile.ts +++ b/sdk/nodejs/appflow/connectorProfile.ts @@ -28,13 +28,13 @@ import * as utilities from "../utilities"; * name: "example_role", * managedPolicyArns: [test.arn], * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "ec2.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "ec2.amazonaws.com", * }, * }], * }), diff --git a/sdk/nodejs/applicationinsights/application.ts b/sdk/nodejs/applicationinsights/application.ts index 0fff4ac4e83..3b22fa811e1 100644 --- a/sdk/nodejs/applicationinsights/application.ts +++ b/sdk/nodejs/applicationinsights/application.ts @@ -18,10 +18,10 @@ import * as utilities from "../utilities"; * name: "example", * resourceQuery: { * query: JSON.stringify({ - * resourceTypeFilters: ["AWS::EC2::Instance"], - * tagFilters: [{ - * key: "Stage", - * values: ["Test"], + * ResourceTypeFilters: ["AWS::EC2::Instance"], + * TagFilters: [{ + * Key: "Stage", + * Values: ["Test"], * }], * }), * }, diff --git a/sdk/nodejs/batch/computeEnvironment.ts b/sdk/nodejs/batch/computeEnvironment.ts index 81cd7b4298d..5465045d4ab 100644 --- a/sdk/nodejs/batch/computeEnvironment.ts +++ b/sdk/nodejs/batch/computeEnvironment.ts @@ -97,6 +97,8 @@ import * as utilities from "../utilities"; * }, * serviceRole: awsBatchServiceRole.arn, * type: "MANAGED", + * }, { + * dependsOn: [awsBatchServiceRoleRolePolicyAttachment], * }); * ``` * @@ -116,8 +118,10 @@ import * as utilities from "../utilities"; * subnets: [sampleAwsSubnet.id], * type: "FARGATE", * }, - * serviceRole: awsBatchServiceRole.arn, + * serviceRole: awsBatchServiceRoleAwsIamRole.arn, * type: "MANAGED", + * }, { + * dependsOn: [awsBatchServiceRole], * }); * ``` * diff --git a/sdk/nodejs/cfg/configurationAggregator.ts b/sdk/nodejs/cfg/configurationAggregator.ts index 9a42266b796..b1ae84d77b9 100644 --- a/sdk/nodejs/cfg/configurationAggregator.ts +++ b/sdk/nodejs/cfg/configurationAggregator.ts @@ -50,16 +50,18 @@ import * as utilities from "../utilities"; * name: "example", * assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json), * }); + * const organizationRolePolicyAttachment = new aws.iam.RolePolicyAttachment("organization", { + * role: organizationRole.name, + * policyArn: "arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations", + * }); * const organization = new aws.cfg.ConfigurationAggregator("organization", { * name: "example", * organizationAggregationSource: { * allRegions: true, * roleArn: organizationRole.arn, * }, - * }); - * const organizationRolePolicyAttachment = new aws.iam.RolePolicyAttachment("organization", { - * role: organizationRole.name, - * policyArn: "arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations", + * }, { + * dependsOn: [organizationRolePolicyAttachment], * }); * ``` * diff --git a/sdk/nodejs/cfg/conformancePack.ts b/sdk/nodejs/cfg/conformancePack.ts index ba2125f2079..bf3d203db5f 100644 --- a/sdk/nodejs/cfg/conformancePack.ts +++ b/sdk/nodejs/cfg/conformancePack.ts @@ -44,6 +44,8 @@ import * as utilities from "../utilities"; * SourceIdentifier: IAM_PASSWORD_POLICY * Type: AWS::Config::ConfigRule * `, + * }, { + * dependsOn: [exampleAwsConfigConfigurationRecorder], * }); * ``` * @@ -72,6 +74,8 @@ import * as utilities from "../utilities"; * const example = new aws.cfg.ConformancePack("example", { * name: "example", * templateS3Uri: pulumi.interpolate`s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}`, + * }, { + * dependsOn: [exampleAwsConfigConfigurationRecorder], * }); * ``` * diff --git a/sdk/nodejs/cfg/deliveryChannel.ts b/sdk/nodejs/cfg/deliveryChannel.ts index ffb9fce96a4..3f2622b1662 100644 --- a/sdk/nodejs/cfg/deliveryChannel.ts +++ b/sdk/nodejs/cfg/deliveryChannel.ts @@ -23,10 +23,6 @@ import * as utilities from "../utilities"; * bucket: "example-awsconfig", * forceDestroy: true, * }); - * const foo = new aws.cfg.DeliveryChannel("foo", { - * name: "example", - * s3BucketName: b.bucket, - * }); * const assumeRole = aws.iam.getPolicyDocument({ * statements: [{ * effect: "Allow", @@ -45,6 +41,12 @@ import * as utilities from "../utilities"; * name: "example", * roleArn: r.arn, * }); + * const foo = new aws.cfg.DeliveryChannel("foo", { + * name: "example", + * s3BucketName: b.bucket, + * }, { + * dependsOn: [fooRecorder], + * }); * const p = aws.iam.getPolicyDocumentOutput({ * statements: [{ * effect: "Allow", diff --git a/sdk/nodejs/cfg/organizationConformancePack.ts b/sdk/nodejs/cfg/organizationConformancePack.ts index 88b74393af1..7d3961709be 100644 --- a/sdk/nodejs/cfg/organizationConformancePack.ts +++ b/sdk/nodejs/cfg/organizationConformancePack.ts @@ -21,6 +21,10 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * + * const exampleOrganization = new aws.organizations.Organization("example", { + * awsServiceAccessPrincipals: ["config-multiaccountsetup.amazonaws.com"], + * featureSet: "ALL", + * }); * const example = new aws.cfg.OrganizationConformancePack("example", { * name: "example", * inputParameters: [{ @@ -39,10 +43,11 @@ import * as utilities from "../utilities"; * SourceIdentifier: IAM_PASSWORD_POLICY * Type: AWS::Config::ConfigRule * `, - * }); - * const exampleOrganization = new aws.organizations.Organization("example", { - * awsServiceAccessPrincipals: ["config-multiaccountsetup.amazonaws.com"], - * featureSet: "ALL", + * }, { + * dependsOn: [ + * exampleAwsConfigConfigurationRecorder, + * exampleOrganization, + * ], * }); * ``` * @@ -54,6 +59,10 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * + * const exampleOrganization = new aws.organizations.Organization("example", { + * awsServiceAccessPrincipals: ["config-multiaccountsetup.amazonaws.com"], + * featureSet: "ALL", + * }); * const exampleBucketV2 = new aws.s3.BucketV2("example", {bucket: "example"}); * const exampleBucketObjectv2 = new aws.s3.BucketObjectv2("example", { * bucket: exampleBucketV2.id, @@ -71,10 +80,11 @@ import * as utilities from "../utilities"; * const example = new aws.cfg.OrganizationConformancePack("example", { * name: "example", * templateS3Uri: pulumi.interpolate`s3://${exampleBucketV2.bucket}/${exampleBucketObjectv2.key}`, - * }); - * const exampleOrganization = new aws.organizations.Organization("example", { - * awsServiceAccessPrincipals: ["config-multiaccountsetup.amazonaws.com"], - * featureSet: "ALL", + * }, { + * dependsOn: [ + * exampleAwsConfigConfigurationRecorder, + * exampleOrganization, + * ], * }); * ``` * diff --git a/sdk/nodejs/cfg/organizationCustomRule.ts b/sdk/nodejs/cfg/organizationCustomRule.ts index 295dbaa8443..3c48cb0a754 100644 --- a/sdk/nodejs/cfg/organizationCustomRule.ts +++ b/sdk/nodejs/cfg/organizationCustomRule.ts @@ -32,6 +32,11 @@ import * as utilities from "../utilities"; * lambdaFunctionArn: exampleAwsLambdaFunction.arn, * name: "example", * triggerTypes: ["ConfigurationItemChangeNotification"], + * }, { + * dependsOn: [ + * example, + * exampleOrganization, + * ], * }); * ``` * diff --git a/sdk/nodejs/cfg/organizationManagedRule.ts b/sdk/nodejs/cfg/organizationManagedRule.ts index 08681487e3e..862da7f2d31 100644 --- a/sdk/nodejs/cfg/organizationManagedRule.ts +++ b/sdk/nodejs/cfg/organizationManagedRule.ts @@ -25,6 +25,8 @@ import * as utilities from "../utilities"; * const exampleOrganizationManagedRule = new aws.cfg.OrganizationManagedRule("example", { * name: "example", * ruleIdentifier: "IAM_PASSWORD_POLICY", + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/cfg/recorderStatus.ts b/sdk/nodejs/cfg/recorderStatus.ts index a8f076c59eb..2f6f28e26a8 100644 --- a/sdk/nodejs/cfg/recorderStatus.ts +++ b/sdk/nodejs/cfg/recorderStatus.ts @@ -16,6 +16,11 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * + * const b = new aws.s3.BucketV2("b", {bucket: "awsconfig-example"}); + * const fooDeliveryChannel = new aws.cfg.DeliveryChannel("foo", { + * name: "example", + * s3BucketName: b.bucket, + * }); * const assumeRole = aws.iam.getPolicyDocument({ * statements: [{ * effect: "Allow", @@ -37,16 +42,13 @@ import * as utilities from "../utilities"; * const foo = new aws.cfg.RecorderStatus("foo", { * name: fooRecorder.name, * isEnabled: true, + * }, { + * dependsOn: [fooDeliveryChannel], * }); * const a = new aws.iam.RolePolicyAttachment("a", { * role: r.name, * policyArn: "arn:aws:iam::aws:policy/service-role/AWS_ConfigRole", * }); - * const b = new aws.s3.BucketV2("b", {bucket: "awsconfig-example"}); - * const fooDeliveryChannel = new aws.cfg.DeliveryChannel("foo", { - * name: "example", - * s3BucketName: b.bucket, - * }); * const p = aws.iam.getPolicyDocumentOutput({ * statements: [{ * effect: "Allow", diff --git a/sdk/nodejs/cfg/rule.ts b/sdk/nodejs/cfg/rule.ts index 6a37d157eab..8a47542e2d7 100644 --- a/sdk/nodejs/cfg/rule.ts +++ b/sdk/nodejs/cfg/rule.ts @@ -23,13 +23,6 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * - * const r = new aws.cfg.Rule("r", { - * name: "example", - * source: { - * owner: "AWS", - * sourceIdentifier: "S3_BUCKET_VERSIONING_ENABLED", - * }, - * }); * const assumeRole = aws.iam.getPolicyDocument({ * statements: [{ * effect: "Allow", @@ -48,6 +41,15 @@ import * as utilities from "../utilities"; * name: "example", * roleArn: rRole.arn, * }); + * const r = new aws.cfg.Rule("r", { + * name: "example", + * source: { + * owner: "AWS", + * sourceIdentifier: "S3_BUCKET_VERSIONING_ENABLED", + * }, + * }, { + * dependsOn: [foo], + * }); * const p = aws.iam.getPolicyDocument({ * statements: [{ * effect: "Allow", @@ -83,7 +85,12 @@ import * as utilities from "../utilities"; * const exampleRule = new aws.cfg.Rule("example", {source: { * owner: "CUSTOM_LAMBDA", * sourceIdentifier: exampleFunction.arn, - * }}); + * }}, { + * dependsOn: [ + * example, + * examplePermission, + * ], + * }); * ``` * * diff --git a/sdk/nodejs/chime/voiceConnectorTerminationCredentials.ts b/sdk/nodejs/chime/voiceConnectorTerminationCredentials.ts index 684e3dacab0..2a918270251 100644 --- a/sdk/nodejs/chime/voiceConnectorTerminationCredentials.ts +++ b/sdk/nodejs/chime/voiceConnectorTerminationCredentials.ts @@ -39,6 +39,8 @@ import * as utilities from "../utilities"; * username: "test", * password: "test!", * }], + * }, { + * dependsOn: [defaultVoiceConnectorTermination], * }); * ``` * diff --git a/sdk/nodejs/cloudcontrol/resource.ts b/sdk/nodejs/cloudcontrol/resource.ts index c8d19aaf863..7b10ab77e58 100644 --- a/sdk/nodejs/cloudcontrol/resource.ts +++ b/sdk/nodejs/cloudcontrol/resource.ts @@ -17,10 +17,10 @@ import * as utilities from "../utilities"; * const example = new aws.cloudcontrol.Resource("example", { * typeName: "AWS::ECS::Cluster", * desiredState: JSON.stringify({ - * clusterName: "example", - * tags: [{ - * key: "CostCenter", - * value: "IT", + * ClusterName: "example", + * Tags: [{ + * Key: "CostCenter", + * Value: "IT", * }], * }), * }); diff --git a/sdk/nodejs/cloudformation/stack.ts b/sdk/nodejs/cloudformation/stack.ts index d511ea7aa2f..0cf1cfb2141 100644 --- a/sdk/nodejs/cloudformation/stack.ts +++ b/sdk/nodejs/cloudformation/stack.ts @@ -20,23 +20,23 @@ import * as utilities from "../utilities"; * VPCCidr: "10.0.0.0/16", * }, * templateBody: JSON.stringify({ - * parameters: { - * vPCCidr: { - * type: "String", - * "default": "10.0.0.0/16", - * description: "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", + * Parameters: { + * VPCCidr: { + * Type: "String", + * Default: "10.0.0.0/16", + * Description: "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", * }, * }, - * resources: { + * Resources: { * myVpc: { - * type: "AWS::EC2::VPC", - * properties: { - * cidrBlock: { + * Type: "AWS::EC2::VPC", + * Properties: { + * CidrBlock: { * Ref: "VPCCidr", * }, - * tags: [{ - * key: "Name", - * value: "Primary_CF_VPC", + * Tags: [{ + * Key: "Name", + * Value: "Primary_CF_VPC", * }], * }, * }, diff --git a/sdk/nodejs/cloudformation/stackSet.ts b/sdk/nodejs/cloudformation/stackSet.ts index 343a5a5d584..b024a18b1e0 100644 --- a/sdk/nodejs/cloudformation/stackSet.ts +++ b/sdk/nodejs/cloudformation/stackSet.ts @@ -42,23 +42,23 @@ import * as utilities from "../utilities"; * VPCCidr: "10.0.0.0/16", * }, * templateBody: JSON.stringify({ - * parameters: { - * vPCCidr: { - * type: "String", - * "default": "10.0.0.0/16", - * description: "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", + * Parameters: { + * VPCCidr: { + * Type: "String", + * Default: "10.0.0.0/16", + * Description: "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", * }, * }, - * resources: { + * Resources: { * myVpc: { - * type: "AWS::EC2::VPC", - * properties: { - * cidrBlock: { - * ref: "VPCCidr", + * Type: "AWS::EC2::VPC", + * Properties: { + * CidrBlock: { + * Ref: "VPCCidr", * }, - * tags: [{ - * key: "Name", - * value: "Primary_CF_VPC", + * Tags: [{ + * Key: "Name", + * Value: "Primary_CF_VPC", * }], * }, * }, diff --git a/sdk/nodejs/cloudfront/realtimeLogConfig.ts b/sdk/nodejs/cloudfront/realtimeLogConfig.ts index 3d1c8b38fb8..bf3bb591b74 100644 --- a/sdk/nodejs/cloudfront/realtimeLogConfig.ts +++ b/sdk/nodejs/cloudfront/realtimeLogConfig.ts @@ -62,6 +62,8 @@ import * as utilities from "../utilities"; * streamArn: exampleAwsKinesisStream.arn, * }, * }, + * }, { + * dependsOn: [exampleRolePolicy], * }); * ``` * diff --git a/sdk/nodejs/cloudtrail/trail.ts b/sdk/nodejs/cloudtrail/trail.ts index 13abfc6de0c..f293858e2bb 100644 --- a/sdk/nodejs/cloudtrail/trail.ts +++ b/sdk/nodejs/cloudtrail/trail.ts @@ -30,12 +30,6 @@ import * as utilities from "../utilities"; * bucket: "my-test-trail", * forceDestroy: true, * }); - * const exampleTrail = new aws.cloudtrail.Trail("example", { - * name: "example", - * s3BucketName: exampleBucketV2.id, - * s3KeyPrefix: "prefix", - * includeGlobalServiceEvents: false, - * }); * const current = aws.getCallerIdentity({}); * const currentGetPartition = aws.getPartition({}); * const currentGetRegion = aws.getRegion({}); @@ -84,6 +78,14 @@ import * as utilities from "../utilities"; * bucket: exampleBucketV2.id, * policy: example.apply(example => example.json), * }); + * const exampleTrail = new aws.cloudtrail.Trail("example", { + * name: "example", + * s3BucketName: exampleBucketV2.id, + * s3KeyPrefix: "prefix", + * includeGlobalServiceEvents: false, + * }, { + * dependsOn: [exampleBucketPolicy], + * }); * ``` * * diff --git a/sdk/nodejs/cloudwatch/logDataProtectionPolicy.ts b/sdk/nodejs/cloudwatch/logDataProtectionPolicy.ts index 258c23a2a81..8321a4db196 100644 --- a/sdk/nodejs/cloudwatch/logDataProtectionPolicy.ts +++ b/sdk/nodejs/cloudwatch/logDataProtectionPolicy.ts @@ -21,28 +21,28 @@ import * as utilities from "../utilities"; * const exampleLogDataProtectionPolicy = new aws.cloudwatch.LogDataProtectionPolicy("example", { * logGroupName: example.name, * policyDocument: pulumi.jsonStringify({ - * name: "Example", - * version: "2021-06-01", - * statement: [ + * Name: "Example", + * Version: "2021-06-01", + * Statement: [ * { - * sid: "Audit", - * dataIdentifier: ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], - * operation: { - * audit: { - * findingsDestination: { + * Sid: "Audit", + * DataIdentifier: ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], + * Operation: { + * Audit: { + * FindingsDestination: { * S3: { - * bucket: exampleBucketV2.bucket, + * Bucket: exampleBucketV2.bucket, * }, * }, * }, * }, * }, * { - * sid: "Redact", - * dataIdentifier: ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], - * operation: { - * deidentify: { - * maskConfig: {}, + * Sid: "Redact", + * DataIdentifier: ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], + * Operation: { + * Deidentify: { + * MaskConfig: {}, * }, * }, * }, diff --git a/sdk/nodejs/codebuild/resourcePolicy.ts b/sdk/nodejs/codebuild/resourcePolicy.ts index c01c0c3ac6b..1ca472d41cb 100644 --- a/sdk/nodejs/codebuild/resourcePolicy.ts +++ b/sdk/nodejs/codebuild/resourcePolicy.ts @@ -26,21 +26,21 @@ import * as utilities from "../utilities"; * const exampleResourcePolicy = new aws.codebuild.ResourcePolicy("example", { * resourceArn: example.arn, * policy: pulumi.jsonStringify({ - * version: "2012-10-17", - * id: "default", - * statement: [{ - * sid: "default", - * effect: "Allow", - * principal: { + * Version: "2012-10-17", + * Id: "default", + * Statement: [{ + * Sid: "default", + * Effect: "Allow", + * Principal: { * AWS: Promise.all([current, currentGetCallerIdentity]).then(([current, currentGetCallerIdentity]) => `arn:${current.partition}:iam::${currentGetCallerIdentity.accountId}:root`), * }, - * action: [ + * Action: [ * "codebuild:BatchGetReportGroups", * "codebuild:BatchGetReports", * "codebuild:ListReportsForReportGroup", * "codebuild:DescribeTestCases", * ], - * resource: example.arn, + * Resource: example.arn, * }], * }), * }); diff --git a/sdk/nodejs/codecommit/approvalRuleTemplate.ts b/sdk/nodejs/codecommit/approvalRuleTemplate.ts index 0a6885e94ee..19902ef3a39 100644 --- a/sdk/nodejs/codecommit/approvalRuleTemplate.ts +++ b/sdk/nodejs/codecommit/approvalRuleTemplate.ts @@ -18,12 +18,12 @@ import * as utilities from "../utilities"; * name: "MyExampleApprovalRuleTemplate", * description: "This is an example approval rule template", * content: JSON.stringify({ - * version: "2018-11-08", - * destinationReferences: ["refs/heads/master"], - * statements: [{ - * type: "Approvers", - * numberOfApprovalsNeeded: 2, - * approvalPoolMembers: ["arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*"], + * Version: "2018-11-08", + * DestinationReferences: ["refs/heads/master"], + * Statements: [{ + * Type: "Approvers", + * NumberOfApprovalsNeeded: 2, + * ApprovalPoolMembers: ["arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*"], * }], * }), * }); diff --git a/sdk/nodejs/cognito/managedUserPoolClient.ts b/sdk/nodejs/cognito/managedUserPoolClient.ts index e7f1e98a135..680a865a6e5 100644 --- a/sdk/nodejs/cognito/managedUserPoolClient.ts +++ b/sdk/nodejs/cognito/managedUserPoolClient.ts @@ -24,10 +24,6 @@ import * as utilities from "../utilities"; * import * as aws from "@pulumi/aws"; * * const exampleUserPool = new aws.cognito.UserPool("example", {name: "example"}); - * const exampleManagedUserPoolClient = new aws.cognito.ManagedUserPoolClient("example", { - * namePrefix: "AmazonOpenSearchService-example", - * userPoolId: exampleUserPool.id, - * }); * const exampleIdentityPool = new aws.cognito.IdentityPool("example", {identityPoolName: "example"}); * const current = aws.getPartition({}); * const example = current.then(current => aws.iam.getPolicyDocument({ @@ -46,6 +42,10 @@ import * as utilities from "../utilities"; * path: "/service-role/", * assumeRolePolicy: example.then(example => example.json), * }); + * const exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment("example", { + * role: exampleRole.name, + * policyArn: current.then(current => `arn:${current.partition}:iam::aws:policy/AmazonESCognitoAccess`), + * }); * const exampleDomain = new aws.opensearch.Domain("example", { * domainName: "example", * cognitoOptions: { @@ -58,10 +58,17 @@ import * as utilities from "../utilities"; * ebsEnabled: true, * volumeSize: 10, * }, + * }, { + * dependsOn: [ + * exampleAwsCognitoUserPoolDomain, + * exampleRolePolicyAttachment, + * ], * }); - * const exampleRolePolicyAttachment = new aws.iam.RolePolicyAttachment("example", { - * role: exampleRole.name, - * policyArn: current.then(current => `arn:${current.partition}:iam::aws:policy/AmazonESCognitoAccess`), + * const exampleManagedUserPoolClient = new aws.cognito.ManagedUserPoolClient("example", { + * namePrefix: "AmazonOpenSearchService-example", + * userPoolId: exampleUserPool.id, + * }, { + * dependsOn: [exampleDomain], * }); * ``` * diff --git a/sdk/nodejs/comprehend/documentClassifier.ts b/sdk/nodejs/comprehend/documentClassifier.ts index d64ebf685b0..89f5e6e78bb 100644 --- a/sdk/nodejs/comprehend/documentClassifier.ts +++ b/sdk/nodejs/comprehend/documentClassifier.ts @@ -27,6 +27,8 @@ import * as utilities from "../utilities"; * inputDataConfig: { * s3Uri: pulumi.interpolate`s3://${test.bucket}/${documents.id}`, * }, + * }, { + * dependsOn: [exampleAwsIamRolePolicy], * }); * const entities = new aws.s3.BucketObjectv2("entities", {}); * ``` diff --git a/sdk/nodejs/comprehend/entityRecognizer.ts b/sdk/nodejs/comprehend/entityRecognizer.ts index b8f04f62632..92fddb6cdf1 100644 --- a/sdk/nodejs/comprehend/entityRecognizer.ts +++ b/sdk/nodejs/comprehend/entityRecognizer.ts @@ -41,6 +41,8 @@ import * as utilities from "../utilities"; * s3Uri: pulumi.interpolate`s3://${entitiesAwsS3Bucket.bucket}/${entities.id}`, * }, * }, + * }, { + * dependsOn: [exampleAwsIamRolePolicy], * }); * ``` * diff --git a/sdk/nodejs/connect/contactFlow.ts b/sdk/nodejs/connect/contactFlow.ts index fd5fcc6ba16..a78a981fb4d 100644 --- a/sdk/nodejs/connect/contactFlow.ts +++ b/sdk/nodejs/connect/contactFlow.ts @@ -29,26 +29,26 @@ import * as utilities from "../utilities"; * description: "Test Contact Flow Description", * type: "CONTACT_FLOW", * content: JSON.stringify({ - * version: "2019-10-30", - * startAction: "12345678-1234-1234-1234-123456789012", - * actions: [ + * Version: "2019-10-30", + * StartAction: "12345678-1234-1234-1234-123456789012", + * Actions: [ * { - * identifier: "12345678-1234-1234-1234-123456789012", - * type: "MessageParticipant", - * transitions: { - * nextAction: "abcdef-abcd-abcd-abcd-abcdefghijkl", - * errors: [], - * conditions: [], + * Identifier: "12345678-1234-1234-1234-123456789012", + * Type: "MessageParticipant", + * Transitions: { + * NextAction: "abcdef-abcd-abcd-abcd-abcdefghijkl", + * Errors: [], + * Conditions: [], * }, - * parameters: { - * text: "Thanks for calling the sample flow!", + * Parameters: { + * Text: "Thanks for calling the sample flow!", * }, * }, * { - * identifier: "abcdef-abcd-abcd-abcd-abcdefghijkl", - * type: "DisconnectParticipant", - * transitions: {}, - * parameters: {}, + * Identifier: "abcdef-abcd-abcd-abcd-abcdefghijkl", + * Type: "DisconnectParticipant", + * Transitions: {}, + * Parameters: {}, * }, * ], * }), diff --git a/sdk/nodejs/connect/contactFlowModule.ts b/sdk/nodejs/connect/contactFlowModule.ts index fdc82ebf36d..1b5d02699e6 100644 --- a/sdk/nodejs/connect/contactFlowModule.ts +++ b/sdk/nodejs/connect/contactFlowModule.ts @@ -28,41 +28,41 @@ import * as utilities from "../utilities"; * name: "Example", * description: "Example Contact Flow Module Description", * content: JSON.stringify({ - * version: "2019-10-30", - * startAction: "12345678-1234-1234-1234-123456789012", - * actions: [ + * Version: "2019-10-30", + * StartAction: "12345678-1234-1234-1234-123456789012", + * Actions: [ * { - * identifier: "12345678-1234-1234-1234-123456789012", - * parameters: { - * text: "Hello contact flow module", + * Identifier: "12345678-1234-1234-1234-123456789012", + * Parameters: { + * Text: "Hello contact flow module", * }, - * transitions: { - * nextAction: "abcdef-abcd-abcd-abcd-abcdefghijkl", - * errors: [], - * conditions: [], + * Transitions: { + * NextAction: "abcdef-abcd-abcd-abcd-abcdefghijkl", + * Errors: [], + * Conditions: [], * }, - * type: "MessageParticipant", + * Type: "MessageParticipant", * }, * { - * identifier: "abcdef-abcd-abcd-abcd-abcdefghijkl", - * type: "DisconnectParticipant", - * parameters: {}, - * transitions: {}, + * Identifier: "abcdef-abcd-abcd-abcd-abcdefghijkl", + * Type: "DisconnectParticipant", + * Parameters: {}, + * Transitions: {}, * }, * ], - * settings: { - * inputParameters: [], - * outputParameters: [], - * transitions: [ + * Settings: { + * InputParameters: [], + * OutputParameters: [], + * Transitions: [ * { - * displayName: "Success", - * referenceName: "Success", - * description: "", + * DisplayName: "Success", + * ReferenceName: "Success", + * Description: "", * }, * { - * displayName: "Error", - * referenceName: "Error", - * description: "", + * DisplayName: "Error", + * ReferenceName: "Error", + * Description: "", * }, * ], * }, diff --git a/sdk/nodejs/costexplorer/anomalyMonitor.ts b/sdk/nodejs/costexplorer/anomalyMonitor.ts index 5d83aec4d1c..f8d4790d4ec 100644 --- a/sdk/nodejs/costexplorer/anomalyMonitor.ts +++ b/sdk/nodejs/costexplorer/anomalyMonitor.ts @@ -37,15 +37,15 @@ import * as utilities from "../utilities"; * name: "AWSCustomAnomalyMonitor", * monitorType: "CUSTOM", * monitorSpecification: JSON.stringify({ - * and: undefined, - * costCategories: undefined, - * dimensions: undefined, - * not: undefined, - * or: undefined, - * tags: { - * key: "CostCenter", - * matchOptions: undefined, - * values: ["10000"], + * And: undefined, + * CostCategories: undefined, + * Dimensions: undefined, + * Not: undefined, + * Or: undefined, + * Tags: { + * Key: "CostCenter", + * MatchOptions: undefined, + * Values: ["10000"], * }, * }), * }); diff --git a/sdk/nodejs/costexplorer/anomalySubscription.ts b/sdk/nodejs/costexplorer/anomalySubscription.ts index fcec65336a9..3da16b2fad4 100644 --- a/sdk/nodejs/costexplorer/anomalySubscription.ts +++ b/sdk/nodejs/costexplorer/anomalySubscription.ts @@ -166,6 +166,8 @@ import * as utilities from "../utilities"; * type: "SNS", * address: costAnomalyUpdates.arn, * }], + * }, { + * dependsOn: [_default], * }); * ``` * diff --git a/sdk/nodejs/customerprofiles/domain.ts b/sdk/nodejs/customerprofiles/domain.ts index ca073b4a7c7..73ac1b3c06b 100644 --- a/sdk/nodejs/customerprofiles/domain.ts +++ b/sdk/nodejs/customerprofiles/domain.ts @@ -32,14 +32,14 @@ import * as utilities from "../utilities"; * const example = new aws.sqs.Queue("example", { * name: "example", * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * sid: "Customer Profiles SQS policy", - * effect: "Allow", - * action: ["sqs:SendMessage"], - * resource: "*", - * principal: { - * service: "profile.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Sid: "Customer Profiles SQS policy", + * Effect: "Allow", + * Action: ["sqs:SendMessage"], + * Resource: "*", + * Principal: { + * Service: "profile.amazonaws.com", * }, * }], * }), @@ -55,21 +55,21 @@ import * as utilities from "../utilities"; * const exampleBucketPolicy = new aws.s3.BucketPolicy("example", { * bucket: exampleBucketV2.id, * policy: pulumi.jsonStringify({ - * version: "2012-10-17", - * statement: [{ - * sid: "Customer Profiles S3 policy", - * effect: "Allow", - * action: [ + * Version: "2012-10-17", + * Statement: [{ + * Sid: "Customer Profiles S3 policy", + * Effect: "Allow", + * Action: [ * "s3:GetObject", * "s3:PutObject", * "s3:ListBucket", * ], - * resource: [ + * Resource: [ * exampleBucketV2.arn, * pulumi.interpolate`${exampleBucketV2.arn}/*`, * ], - * principal: { - * service: "profile.amazonaws.com", + * Principal: { + * Service: "profile.amazonaws.com", * }, * }], * }), diff --git a/sdk/nodejs/detective/invitationAccepter.ts b/sdk/nodejs/detective/invitationAccepter.ts index e8b54784196..d1c6f10b960 100644 --- a/sdk/nodejs/detective/invitationAccepter.ts +++ b/sdk/nodejs/detective/invitationAccepter.ts @@ -21,7 +21,9 @@ import * as utilities from "../utilities"; * graphArn: primary.id, * message: "Message of the invite", * }); - * const member = new aws.detective.InvitationAccepter("member", {graphArn: primary.graphArn}); + * const member = new aws.detective.InvitationAccepter("member", {graphArn: primary.graphArn}, { + * dependsOn: [primaryMember], + * }); * ``` * * diff --git a/sdk/nodejs/detective/organizationAdminAccount.ts b/sdk/nodejs/detective/organizationAdminAccount.ts index 7f0edc0cc5d..cdd8ae81789 100644 --- a/sdk/nodejs/detective/organizationAdminAccount.ts +++ b/sdk/nodejs/detective/organizationAdminAccount.ts @@ -18,7 +18,9 @@ import * as utilities from "../utilities"; * awsServiceAccessPrincipals: ["detective.amazonaws.com"], * featureSet: "ALL", * }); - * const exampleOrganizationAdminAccount = new aws.detective.OrganizationAdminAccount("example", {accountId: "123456789012"}); + * const exampleOrganizationAdminAccount = new aws.detective.OrganizationAdminAccount("example", {accountId: "123456789012"}, { + * dependsOn: [example], + * }); * ``` * * diff --git a/sdk/nodejs/directconnect/hostedPrivateVirtualInterfaceAccepter.ts b/sdk/nodejs/directconnect/hostedPrivateVirtualInterfaceAccepter.ts index b217117e900..f578862498d 100644 --- a/sdk/nodejs/directconnect/hostedPrivateVirtualInterfaceAccepter.ts +++ b/sdk/nodejs/directconnect/hostedPrivateVirtualInterfaceAccepter.ts @@ -16,6 +16,8 @@ import * as utilities from "../utilities"; * import * as aws from "@pulumi/aws"; * * const accepter = aws.getCallerIdentity({}); + * // Accepter's side of the VIF. + * const vpnGw = new aws.ec2.VpnGateway("vpn_gw", {}); * // Creator's side of the VIF * const creator = new aws.directconnect.HostedPrivateVirtualInterface("creator", { * connectionId: "dxcon-zzzzzzzz", @@ -24,9 +26,9 @@ import * as utilities from "../utilities"; * vlan: 4094, * addressFamily: "ipv4", * bgpAsn: 65352, + * }, { + * dependsOn: [vpnGw], * }); - * // Accepter's side of the VIF. - * const vpnGw = new aws.ec2.VpnGateway("vpn_gw", {}); * const accepterHostedPrivateVirtualInterfaceAccepter = new aws.directconnect.HostedPrivateVirtualInterfaceAccepter("accepter", { * virtualInterfaceId: creator.id, * vpnGatewayId: vpnGw.id, diff --git a/sdk/nodejs/directconnect/hostedTransitVirtualInterfaceAcceptor.ts b/sdk/nodejs/directconnect/hostedTransitVirtualInterfaceAcceptor.ts index 4da8a87aa55..34e50223784 100644 --- a/sdk/nodejs/directconnect/hostedTransitVirtualInterfaceAcceptor.ts +++ b/sdk/nodejs/directconnect/hostedTransitVirtualInterfaceAcceptor.ts @@ -18,6 +18,11 @@ import * as utilities from "../utilities"; * import * as aws from "@pulumi/aws"; * * const accepter = aws.getCallerIdentity({}); + * // Accepter's side of the VIF. + * const example = new aws.directconnect.Gateway("example", { + * name: "tf-dxg-example", + * amazonSideAsn: "64512", + * }); * // Creator's side of the VIF * const creator = new aws.directconnect.HostedTransitVirtualInterface("creator", { * connectionId: "dxcon-zzzzzzzz", @@ -26,11 +31,8 @@ import * as utilities from "../utilities"; * vlan: 4094, * addressFamily: "ipv4", * bgpAsn: 65352, - * }); - * // Accepter's side of the VIF. - * const example = new aws.directconnect.Gateway("example", { - * name: "tf-dxg-example", - * amazonSideAsn: "64512", + * }, { + * dependsOn: [example], * }); * const accepterHostedTransitVirtualInterfaceAcceptor = new aws.directconnect.HostedTransitVirtualInterfaceAcceptor("accepter", { * virtualInterfaceId: creator.id, diff --git a/sdk/nodejs/dms/replicationInstance.ts b/sdk/nodejs/dms/replicationInstance.ts index 8e1b7e89acc..7a95cb81e7f 100644 --- a/sdk/nodejs/dms/replicationInstance.ts +++ b/sdk/nodejs/dms/replicationInstance.ts @@ -73,6 +73,12 @@ import * as utilities from "../utilities"; * Name: "test", * }, * vpcSecurityGroupIds: ["sg-12345678"], + * }, { + * dependsOn: [ + * dms_access_for_endpoint_AmazonDMSRedshiftS3Role, + * dms_cloudwatch_logs_role_AmazonDMSCloudWatchLogsRole, + * dms_vpc_role_AmazonDMSVPCManagementRole, + * ], * }); * ``` * diff --git a/sdk/nodejs/dms/replicationSubnetGroup.ts b/sdk/nodejs/dms/replicationSubnetGroup.ts index 2b0f2275b4c..09d8d67f5bf 100644 --- a/sdk/nodejs/dms/replicationSubnetGroup.ts +++ b/sdk/nodejs/dms/replicationSubnetGroup.ts @@ -46,13 +46,13 @@ import * as utilities from "../utilities"; * name: "dms-vpc-role", * description: "Allows DMS to manage VPC", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * effect: "Allow", - * principal: { - * service: "dms.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Effect: "Allow", + * Principal: { + * Service: "dms.amazonaws.com", * }, - * action: "sts:AssumeRole", + * Action: "sts:AssumeRole", * }], * }), * }); @@ -70,6 +70,8 @@ import * as utilities from "../utilities"; * tags: { * Name: "example-id", * }, + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/dms/s3endpoint.ts b/sdk/nodejs/dms/s3endpoint.ts index aed9aece582..90b13e017dd 100644 --- a/sdk/nodejs/dms/s3endpoint.ts +++ b/sdk/nodejs/dms/s3endpoint.ts @@ -27,6 +27,8 @@ import * as utilities from "../utilities"; * endpointType: "target", * bucketName: "beckut_name", * serviceAccessRoleArn: exampleAwsIamRole.arn, + * }, { + * dependsOn: [exampleAwsIamRolePolicy], * }); * ``` * @@ -88,6 +90,8 @@ import * as utilities from "../utilities"; * useCsvNoSupValue: false, * useTaskStartTimeForFullLoadTimestamp: true, * glueCatalogGeneration: true, + * }, { + * dependsOn: [exampleAwsIamRolePolicy], * }); * ``` * diff --git a/sdk/nodejs/docdb/globalCluster.ts b/sdk/nodejs/docdb/globalCluster.ts index f99b478e4b2..85b1499861e 100644 --- a/sdk/nodejs/docdb/globalCluster.ts +++ b/sdk/nodejs/docdb/globalCluster.ts @@ -47,12 +47,16 @@ import * as utilities from "../utilities"; * clusterIdentifier: "test-secondary-cluster", * globalClusterIdentifier: example.id, * dbSubnetGroupName: "default", + * }, { + * dependsOn: [primary], * }); * const secondaryClusterInstance = new aws.docdb.ClusterInstance("secondary", { * engine: example.engine, * identifier: "test-secondary-cluster-instance", * clusterIdentifier: secondary.id, * instanceClass: "db.r5.large", + * }, { + * dependsOn: [primaryClusterInstance], * }); * ``` * diff --git a/sdk/nodejs/dynamodb/globalTable.ts b/sdk/nodejs/dynamodb/globalTable.ts index cad03ebfed2..420960b8fda 100644 --- a/sdk/nodejs/dynamodb/globalTable.ts +++ b/sdk/nodejs/dynamodb/globalTable.ts @@ -55,6 +55,11 @@ import * as utilities from "../utilities"; * regionName: "us-west-2", * }, * ], + * }, { + * dependsOn: [ + * us_east_1, + * us_west_2, + * ], * }); * ``` * diff --git a/sdk/nodejs/ec2/eip.ts b/sdk/nodejs/ec2/eip.ts index d6c46c602ab..d1e7bec1266 100644 --- a/sdk/nodejs/ec2/eip.ts +++ b/sdk/nodejs/ec2/eip.ts @@ -70,6 +70,8 @@ import * as utilities from "../utilities"; * vpcId: _default.id, * cidrBlock: "10.0.0.0/24", * mapPublicIpOnLaunch: true, + * }, { + * dependsOn: [gw], * }); * const foo = new aws.ec2.Instance("foo", { * ami: "ami-5189a661", @@ -81,6 +83,8 @@ import * as utilities from "../utilities"; * domain: "vpc", * instance: foo.id, * associateWithPrivateIp: "10.0.0.12", + * }, { + * dependsOn: [gw], * }); * ``` * diff --git a/sdk/nodejs/ec2/internetGateway.ts b/sdk/nodejs/ec2/internetGateway.ts index 15568596def..67e3b33567e 100644 --- a/sdk/nodejs/ec2/internetGateway.ts +++ b/sdk/nodejs/ec2/internetGateway.ts @@ -78,7 +78,9 @@ export class InternetGateway extends pulumi.CustomResource { * import * as aws from "@pulumi/aws"; * * const gw = new aws.ec2.InternetGateway("gw", {vpcId: main.id}); - * const foo = new aws.ec2.Instance("foo", {}); + * const foo = new aws.ec2.Instance("foo", {}, { + * dependsOn: [gw], + * }); * ``` * */ @@ -148,7 +150,9 @@ export interface InternetGatewayState { * import * as aws from "@pulumi/aws"; * * const gw = new aws.ec2.InternetGateway("gw", {vpcId: main.id}); - * const foo = new aws.ec2.Instance("foo", {}); + * const foo = new aws.ec2.Instance("foo", {}, { + * dependsOn: [gw], + * }); * ``` * */ @@ -180,7 +184,9 @@ export interface InternetGatewayArgs { * import * as aws from "@pulumi/aws"; * * const gw = new aws.ec2.InternetGateway("gw", {vpcId: main.id}); - * const foo = new aws.ec2.Instance("foo", {}); + * const foo = new aws.ec2.Instance("foo", {}, { + * dependsOn: [gw], + * }); * ``` * */ diff --git a/sdk/nodejs/ec2/natGateway.ts b/sdk/nodejs/ec2/natGateway.ts index cb88ba48319..8847d202008 100644 --- a/sdk/nodejs/ec2/natGateway.ts +++ b/sdk/nodejs/ec2/natGateway.ts @@ -22,6 +22,8 @@ import * as utilities from "../utilities"; * tags: { * Name: "gw NAT", * }, + * }, { + * dependsOn: [exampleAwsInternetGateway], * }); * ``` * diff --git a/sdk/nodejs/ec2/spotFleetRequest.ts b/sdk/nodejs/ec2/spotFleetRequest.ts index 808134fd7b0..1d531d596bc 100644 --- a/sdk/nodejs/ec2/spotFleetRequest.ts +++ b/sdk/nodejs/ec2/spotFleetRequest.ts @@ -84,6 +84,8 @@ import * as utilities from "../utilities"; * version: foo.latestVersion, * }, * }], + * }, { + * dependsOn: [test_attach], * }); * ``` * @@ -200,6 +202,8 @@ import * as utilities from "../utilities"; * }, * ], * }], + * }, { + * dependsOn: [test_attach], * }); * ``` * diff --git a/sdk/nodejs/ec2/vpc.ts b/sdk/nodejs/ec2/vpc.ts index 72fc2e18ed3..db433d14773 100644 --- a/sdk/nodejs/ec2/vpc.ts +++ b/sdk/nodejs/ec2/vpc.ts @@ -60,6 +60,8 @@ import * as utilities from "../utilities"; * const testVpc = new aws.ec2.Vpc("test", { * ipv4IpamPoolId: testVpcIpamPool.id, * ipv4NetmaskLength: 28, + * }, { + * dependsOn: [testVpcIpamPoolCidr], * }); * ``` * diff --git a/sdk/nodejs/ec2/vpcIpamPoolCidrAllocation.ts b/sdk/nodejs/ec2/vpcIpamPoolCidrAllocation.ts index 40070c79b3a..1007d2348b0 100644 --- a/sdk/nodejs/ec2/vpcIpamPoolCidrAllocation.ts +++ b/sdk/nodejs/ec2/vpcIpamPoolCidrAllocation.ts @@ -25,14 +25,16 @@ import * as utilities from "../utilities"; * ipamScopeId: exampleVpcIpam.privateDefaultScopeId, * locale: current.then(current => current.name), * }); - * const example = new aws.ec2.VpcIpamPoolCidrAllocation("example", { - * ipamPoolId: exampleVpcIpamPool.id, - * cidr: "172.20.0.0/24", - * }); * const exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr("example", { * ipamPoolId: exampleVpcIpamPool.id, * cidr: "172.20.0.0/16", * }); + * const example = new aws.ec2.VpcIpamPoolCidrAllocation("example", { + * ipamPoolId: exampleVpcIpamPool.id, + * cidr: "172.20.0.0/24", + * }, { + * dependsOn: [exampleVpcIpamPoolCidr], + * }); * ``` * * @@ -52,14 +54,16 @@ import * as utilities from "../utilities"; * ipamScopeId: exampleVpcIpam.privateDefaultScopeId, * locale: current.then(current => current.name), * }); + * const exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr("example", { + * ipamPoolId: exampleVpcIpamPool.id, + * cidr: "172.20.0.0/16", + * }); * const example = new aws.ec2.VpcIpamPoolCidrAllocation("example", { * ipamPoolId: exampleVpcIpamPool.id, * netmaskLength: 28, * disallowedCidrs: ["172.20.0.0/28"], - * }); - * const exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr("example", { - * ipamPoolId: exampleVpcIpamPool.id, - * cidr: "172.20.0.0/16", + * }, { + * dependsOn: [exampleVpcIpamPoolCidr], * }); * ``` * diff --git a/sdk/nodejs/ec2/vpcIpamPreviewNextCidr.ts b/sdk/nodejs/ec2/vpcIpamPreviewNextCidr.ts index 975fac41abc..6f13e6b7a64 100644 --- a/sdk/nodejs/ec2/vpcIpamPreviewNextCidr.ts +++ b/sdk/nodejs/ec2/vpcIpamPreviewNextCidr.ts @@ -25,14 +25,16 @@ import * as utilities from "../utilities"; * ipamScopeId: exampleVpcIpam.privateDefaultScopeId, * locale: current.then(current => current.name), * }); + * const exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr("example", { + * ipamPoolId: exampleVpcIpamPool.id, + * cidr: "172.20.0.0/16", + * }); * const example = new aws.ec2.VpcIpamPreviewNextCidr("example", { * ipamPoolId: exampleVpcIpamPool.id, * netmaskLength: 28, * disallowedCidrs: ["172.2.0.0/32"], - * }); - * const exampleVpcIpamPoolCidr = new aws.ec2.VpcIpamPoolCidr("example", { - * ipamPoolId: exampleVpcIpamPool.id, - * cidr: "172.20.0.0/16", + * }, { + * dependsOn: [exampleVpcIpamPoolCidr], * }); * ``` * diff --git a/sdk/nodejs/ecr/registryPolicy.ts b/sdk/nodejs/ecr/registryPolicy.ts index 8b0f0795ee5..40166722cdb 100644 --- a/sdk/nodejs/ecr/registryPolicy.ts +++ b/sdk/nodejs/ecr/registryPolicy.ts @@ -22,15 +22,15 @@ import {PolicyDocument} from "../iam"; * const currentGetRegion = aws.getRegion({}); * const currentGetPartition = aws.getPartition({}); * const example = new aws.ecr.RegistryPolicy("example", {policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * sid: "testpolicy", - * effect: "Allow", - * principal: { + * Version: "2012-10-17", + * Statement: [{ + * Sid: "testpolicy", + * Effect: "Allow", + * Principal: { * AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) => `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`), * }, - * action: ["ecr:ReplicateImage"], - * resource: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) => `arn:${currentGetPartition.partition}:ecr:${currentGetRegion.name}:${current.accountId}:repository/*`)], + * Action: ["ecr:ReplicateImage"], + * Resource: [Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) => `arn:${currentGetPartition.partition}:ecr:${currentGetRegion.name}:${current.accountId}:repository/*`)], * }], * })}); * ``` diff --git a/sdk/nodejs/ecs/service.ts b/sdk/nodejs/ecs/service.ts index d2abe0b307c..54a348be47f 100644 --- a/sdk/nodejs/ecs/service.ts +++ b/sdk/nodejs/ecs/service.ts @@ -32,7 +32,7 @@ import * as utilities from "../utilities"; * field: "cpu", * }], * loadBalancers: [{ - * targetGroupArn: foo.arn, + * targetGroupArn: fooAwsLbTargetGroup.arn, * containerName: "mongo", * containerPort: 8080, * }], @@ -40,6 +40,8 @@ import * as utilities from "../utilities"; * type: "memberOf", * expression: "attribute:ecs.availability-zone in [us-west-2a, us-west-2b]", * }], + * }, { + * dependsOn: [foo], * }); * ``` * diff --git a/sdk/nodejs/eks/cluster.ts b/sdk/nodejs/eks/cluster.ts index 3240b5fc0fc..b5e4eae4ad1 100644 --- a/sdk/nodejs/eks/cluster.ts +++ b/sdk/nodejs/eks/cluster.ts @@ -29,6 +29,11 @@ import * as utilities from "../utilities"; * example2.id, * ], * }, + * }, { + * dependsOn: [ + * example_AmazonEKSClusterPolicy, + * example_AmazonEKSVPCResourceController, + * ], * }); * return { * endpoint: example.endpoint, @@ -85,16 +90,18 @@ import * as utilities from "../utilities"; * * const config = new pulumi.Config(); * const clusterName = config.get("clusterName") || "example"; + * const exampleLogGroup = new aws.cloudwatch.LogGroup("example", { + * name: `/aws/eks/${clusterName}/cluster`, + * retentionInDays: 7, + * }); * const example = new aws.eks.Cluster("example", { * enabledClusterLogTypes: [ * "api", * "audit", * ], * name: clusterName, - * }); - * const exampleLogGroup = new aws.cloudwatch.LogGroup("example", { - * name: `/aws/eks/${clusterName}/cluster`, - * retentionInDays: 7, + * }, { + * dependsOn: [exampleLogGroup], * }); * ``` * diff --git a/sdk/nodejs/eks/fargateProfile.ts b/sdk/nodejs/eks/fargateProfile.ts index 03215e3bea7..fd60b041523 100644 --- a/sdk/nodejs/eks/fargateProfile.ts +++ b/sdk/nodejs/eks/fargateProfile.ts @@ -39,14 +39,14 @@ import * as utilities from "../utilities"; * const example = new aws.iam.Role("example", { * name: "eks-fargate-profile-example", * assumeRolePolicy: JSON.stringify({ - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * principal: { - * service: "eks-fargate-pods.amazonaws.com", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Principal: { + * Service: "eks-fargate-pods.amazonaws.com", * }, * }], - * version: "2012-10-17", + * Version: "2012-10-17", * }), * }); * const example_AmazonEKSFargatePodExecutionRolePolicy = new aws.iam.RolePolicyAttachment("example-AmazonEKSFargatePodExecutionRolePolicy", { diff --git a/sdk/nodejs/eks/nodeGroup.ts b/sdk/nodejs/eks/nodeGroup.ts index 649d566b75f..1c390e1df2c 100644 --- a/sdk/nodejs/eks/nodeGroup.ts +++ b/sdk/nodejs/eks/nodeGroup.ts @@ -30,6 +30,12 @@ import * as utilities from "../utilities"; * updateConfig: { * maxUnavailable: 1, * }, + * }, { + * dependsOn: [ + * example_AmazonEKSWorkerNodePolicy, + * example_AmazonEKSCNIPolicy, + * example_AmazonEC2ContainerRegistryReadOnly, + * ], * }); * ``` * @@ -59,14 +65,14 @@ import * as utilities from "../utilities"; * const example = new aws.iam.Role("example", { * name: "eks-node-group-example", * assumeRolePolicy: JSON.stringify({ - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * principal: { - * service: "ec2.amazonaws.com", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Principal: { + * Service: "ec2.amazonaws.com", * }, * }], - * version: "2012-10-17", + * Version: "2012-10-17", * }), * }); * const example_AmazonEKSWorkerNodePolicy = new aws.iam.RolePolicyAttachment("example-AmazonEKSWorkerNodePolicy", { diff --git a/sdk/nodejs/elasticsearch/domain.ts b/sdk/nodejs/elasticsearch/domain.ts index eda91155583..07b092b79b2 100644 --- a/sdk/nodejs/elasticsearch/domain.ts +++ b/sdk/nodejs/elasticsearch/domain.ts @@ -172,6 +172,8 @@ import {PolicyDocument} from "../iam"; * tags: { * Domain: "TestDomain", * }, + * }, { + * dependsOn: [esServiceLinkedRole], * }); * ``` * diff --git a/sdk/nodejs/finspace/kxUser.ts b/sdk/nodejs/finspace/kxUser.ts index a5c0e948f1a..aa77e9c6dfc 100644 --- a/sdk/nodejs/finspace/kxUser.ts +++ b/sdk/nodejs/finspace/kxUser.ts @@ -27,13 +27,13 @@ import * as utilities from "../utilities"; * const exampleRole = new aws.iam.Role("example", { * name: "example-role", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "ec2.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "ec2.amazonaws.com", * }, * }], * }), diff --git a/sdk/nodejs/gamelift/gameServerGroup.ts b/sdk/nodejs/gamelift/gameServerGroup.ts index 50c16291ba1..13499f739c1 100644 --- a/sdk/nodejs/gamelift/gameServerGroup.ts +++ b/sdk/nodejs/gamelift/gameServerGroup.ts @@ -33,6 +33,8 @@ import * as utilities from "../utilities"; * maxSize: 1, * minSize: 1, * roleArn: exampleAwsIamRole.arn, + * }, { + * dependsOn: [exampleAwsIamRolePolicyAttachment], * }); * ``` * @@ -78,6 +80,8 @@ import * as utilities from "../utilities"; * "subnet-12345678", * "subnet-23456789", * ], + * }, { + * dependsOn: [exampleAwsIamRolePolicyAttachment], * }); * ``` * diff --git a/sdk/nodejs/glue/crawler.ts b/sdk/nodejs/glue/crawler.ts index 0925ae7db67..671972e2d8e 100644 --- a/sdk/nodejs/glue/crawler.ts +++ b/sdk/nodejs/glue/crawler.ts @@ -129,15 +129,15 @@ import * as utilities from "../utilities"; * role: glueRole.arn, * tags: tags, * configuration: JSON.stringify({ - * grouping: { - * tableGroupingPolicy: "CombineCompatibleSchemas", + * Grouping: { + * TableGroupingPolicy: "CombineCompatibleSchemas", * }, - * crawlerOutput: { - * partitions: { - * addOrUpdateBehavior: "InheritFromTable", + * CrawlerOutput: { + * Partitions: { + * AddOrUpdateBehavior: "InheritFromTable", * }, * }, - * version: 1, + * Version: 1, * }), * s3Targets: [{ * path: `s3://${dataLakeBucket.bucket}`, diff --git a/sdk/nodejs/glue/mltransform.ts b/sdk/nodejs/glue/mltransform.ts index 15f2aa4be92..fc077d67a03 100644 --- a/sdk/nodejs/glue/mltransform.ts +++ b/sdk/nodejs/glue/mltransform.ts @@ -97,6 +97,8 @@ import * as utilities from "../utilities"; * primaryKeyColumnName: "my_column_1", * }, * }, + * }, { + * dependsOn: [testAwsIamRolePolicyAttachment], * }); * ``` * diff --git a/sdk/nodejs/grafana/licenseAssociation.ts b/sdk/nodejs/grafana/licenseAssociation.ts index 930c2debc84..5e4ca4f796c 100644 --- a/sdk/nodejs/grafana/licenseAssociation.ts +++ b/sdk/nodejs/grafana/licenseAssociation.ts @@ -19,13 +19,13 @@ import * as utilities from "../utilities"; * const assume = new aws.iam.Role("assume", { * name: "grafana-assume", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "grafana.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "grafana.amazonaws.com", * }, * }], * }), diff --git a/sdk/nodejs/grafana/roleAssociation.ts b/sdk/nodejs/grafana/roleAssociation.ts index b5c74a1fe4b..617424215be 100644 --- a/sdk/nodejs/grafana/roleAssociation.ts +++ b/sdk/nodejs/grafana/roleAssociation.ts @@ -19,13 +19,13 @@ import * as utilities from "../utilities"; * const assume = new aws.iam.Role("assume", { * name: "grafana-assume", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "grafana.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "grafana.amazonaws.com", * }, * }], * }), diff --git a/sdk/nodejs/grafana/workspace.ts b/sdk/nodejs/grafana/workspace.ts index 76355c6cce2..39314364ce2 100644 --- a/sdk/nodejs/grafana/workspace.ts +++ b/sdk/nodejs/grafana/workspace.ts @@ -22,13 +22,13 @@ import * as utilities from "../utilities"; * const assume = new aws.iam.Role("assume", { * name: "grafana-assume", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "grafana.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "grafana.amazonaws.com", * }, * }], * }), diff --git a/sdk/nodejs/grafana/workspaceSamlConfiguration.ts b/sdk/nodejs/grafana/workspaceSamlConfiguration.ts index 724d9a7fda9..92005e354eb 100644 --- a/sdk/nodejs/grafana/workspaceSamlConfiguration.ts +++ b/sdk/nodejs/grafana/workspaceSamlConfiguration.ts @@ -19,13 +19,13 @@ import * as utilities from "../utilities"; * const assume = new aws.iam.Role("assume", { * name: "grafana-assume", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "grafana.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "grafana.amazonaws.com", * }, * }], * }), diff --git a/sdk/nodejs/guardduty/inviteAccepter.ts b/sdk/nodejs/guardduty/inviteAccepter.ts index 369413c5476..812960f1e2d 100644 --- a/sdk/nodejs/guardduty/inviteAccepter.ts +++ b/sdk/nodejs/guardduty/inviteAccepter.ts @@ -16,16 +16,18 @@ import * as utilities from "../utilities"; * * const primary = new aws.guardduty.Detector("primary", {}); * const memberDetector = new aws.guardduty.Detector("member", {}); - * const member = new aws.guardduty.InviteAccepter("member", { - * detectorId: memberDetector.id, - * masterAccountId: primary.accountId, - * }); * const memberMember = new aws.guardduty.Member("member", { * accountId: memberDetector.accountId, * detectorId: primary.id, * email: "required@example.com", * invite: true, * }); + * const member = new aws.guardduty.InviteAccepter("member", { + * detectorId: memberDetector.id, + * masterAccountId: primary.accountId, + * }, { + * dependsOn: [memberMember], + * }); * ``` * * diff --git a/sdk/nodejs/guardduty/organizationAdminAccount.ts b/sdk/nodejs/guardduty/organizationAdminAccount.ts index b039172ab83..e226b5fa34e 100644 --- a/sdk/nodejs/guardduty/organizationAdminAccount.ts +++ b/sdk/nodejs/guardduty/organizationAdminAccount.ts @@ -19,7 +19,9 @@ import * as utilities from "../utilities"; * featureSet: "ALL", * }); * const exampleDetector = new aws.guardduty.Detector("example", {}); - * const exampleOrganizationAdminAccount = new aws.guardduty.OrganizationAdminAccount("example", {adminAccountId: "123456789012"}); + * const exampleOrganizationAdminAccount = new aws.guardduty.OrganizationAdminAccount("example", {adminAccountId: "123456789012"}, { + * dependsOn: [example], + * }); * ``` * * diff --git a/sdk/nodejs/guardduty/publishingDestination.ts b/sdk/nodejs/guardduty/publishingDestination.ts index 06a3c5e680a..221682e8485 100644 --- a/sdk/nodejs/guardduty/publishingDestination.ts +++ b/sdk/nodejs/guardduty/publishingDestination.ts @@ -82,6 +82,8 @@ import * as utilities from "../utilities"; * detectorId: testGd.id, * destinationArn: gdBucket.arn, * kmsKeyArn: gdKey.arn, + * }, { + * dependsOn: [gdBucketPolicy], * }); * ``` * diff --git a/sdk/nodejs/iam/getPrincipalPolicySimulation.ts b/sdk/nodejs/iam/getPrincipalPolicySimulation.ts index 6f3a4526bb3..914b6603304 100644 --- a/sdk/nodejs/iam/getPrincipalPolicySimulation.ts +++ b/sdk/nodejs/iam/getPrincipalPolicySimulation.ts @@ -46,7 +46,9 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * - * const example = new aws.s3.BucketObject("example", {bucket: "my-test-bucket"}); + * const example = new aws.s3.BucketObject("example", {bucket: "my-test-bucket"}, { + * dependsOn: [s3ObjectAccess], + * }); * ``` * * @@ -66,25 +68,25 @@ import * as utilities from "../utilities"; * name: "example_s3_access", * user: example.name, * policy: pulumi.jsonStringify({ - * version: "2012-10-17", - * statement: [{ - * action: "s3:GetObject", - * effect: "Allow", - * resource: exampleBucketV2.arn, + * Version: "2012-10-17", + * Statement: [{ + * Action: "s3:GetObject", + * Effect: "Allow", + * Resource: exampleBucketV2.arn, * }], * }), * }); * const accountAccess = new aws.s3.BucketPolicy("account_access", { * bucket: exampleBucketV2.bucket, * policy: pulumi.jsonStringify({ - * version: "2012-10-17", - * statement: [{ - * action: "s3:*", - * effect: "Allow", - * principal: { + * Version: "2012-10-17", + * Statement: [{ + * Action: "s3:*", + * Effect: "Allow", + * Principal: { * AWS: current.then(current => current.accountId), * }, - * resource: [ + * Resource: [ * exampleBucketV2.arn, * pulumi.interpolate`${exampleBucketV2.arn}/*`, * ], @@ -242,7 +244,9 @@ export interface GetPrincipalPolicySimulationResult { * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * - * const example = new aws.s3.BucketObject("example", {bucket: "my-test-bucket"}); + * const example = new aws.s3.BucketObject("example", {bucket: "my-test-bucket"}, { + * dependsOn: [s3ObjectAccess], + * }); * ``` * * @@ -262,25 +266,25 @@ export interface GetPrincipalPolicySimulationResult { * name: "example_s3_access", * user: example.name, * policy: pulumi.jsonStringify({ - * version: "2012-10-17", - * statement: [{ - * action: "s3:GetObject", - * effect: "Allow", - * resource: exampleBucketV2.arn, + * Version: "2012-10-17", + * Statement: [{ + * Action: "s3:GetObject", + * Effect: "Allow", + * Resource: exampleBucketV2.arn, * }], * }), * }); * const accountAccess = new aws.s3.BucketPolicy("account_access", { * bucket: exampleBucketV2.bucket, * policy: pulumi.jsonStringify({ - * version: "2012-10-17", - * statement: [{ - * action: "s3:*", - * effect: "Allow", - * principal: { + * Version: "2012-10-17", + * Statement: [{ + * Action: "s3:*", + * Effect: "Allow", + * Principal: { * AWS: current.then(current => current.accountId), * }, - * resource: [ + * Resource: [ * exampleBucketV2.arn, * pulumi.interpolate`${exampleBucketV2.arn}/*`, * ], diff --git a/sdk/nodejs/iam/groupPolicy.ts b/sdk/nodejs/iam/groupPolicy.ts index 599e6aa1ca8..5307836cb8e 100644 --- a/sdk/nodejs/iam/groupPolicy.ts +++ b/sdk/nodejs/iam/groupPolicy.ts @@ -26,11 +26,11 @@ import {PolicyDocument} from "./index"; * name: "my_developer_policy", * group: myDevelopers.name, * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: ["ec2:Describe*"], - * effect: "Allow", - * resource: "*", + * Version: "2012-10-17", + * Statement: [{ + * Action: ["ec2:Describe*"], + * Effect: "Allow", + * Resource: "*", * }], * }), * }); diff --git a/sdk/nodejs/iam/policy.ts b/sdk/nodejs/iam/policy.ts index b6565a86d4e..46ee212da34 100644 --- a/sdk/nodejs/iam/policy.ts +++ b/sdk/nodejs/iam/policy.ts @@ -23,11 +23,11 @@ import {PolicyDocument} from "./index"; * path: "/", * description: "My test policy", * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: ["ec2:Describe*"], - * effect: "Allow", - * resource: "*", + * Version: "2012-10-17", + * Statement: [{ + * Action: ["ec2:Describe*"], + * Effect: "Allow", + * Resource: "*", * }], * }), * }); diff --git a/sdk/nodejs/iam/role.ts b/sdk/nodejs/iam/role.ts index e5719e82d42..47e2e777ce8 100644 --- a/sdk/nodejs/iam/role.ts +++ b/sdk/nodejs/iam/role.ts @@ -30,13 +30,13 @@ import {PolicyDocument} from "./index"; * const testRole = new aws.iam.Role("test_role", { * name: "test_role", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "ec2.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "ec2.amazonaws.com", * }, * }], * }), @@ -93,11 +93,11 @@ import {PolicyDocument} from "./index"; * { * name: "my_inline_policy", * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: ["ec2:Describe*"], - * effect: "Allow", - * resource: "*", + * Version: "2012-10-17", + * Statement: [{ + * Action: ["ec2:Describe*"], + * Effect: "Allow", + * Resource: "*", * }], * }), * }, @@ -139,26 +139,26 @@ import {PolicyDocument} from "./index"; * const policyOne = new aws.iam.Policy("policy_one", { * name: "policy-618033", * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: ["ec2:Describe*"], - * effect: "Allow", - * resource: "*", + * Version: "2012-10-17", + * Statement: [{ + * Action: ["ec2:Describe*"], + * Effect: "Allow", + * Resource: "*", * }], * }), * }); * const policyTwo = new aws.iam.Policy("policy_two", { * name: "policy-381966", * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: [ + * Version: "2012-10-17", + * Statement: [{ + * Action: [ * "s3:ListAllMyBuckets", * "s3:ListBucket", * "s3:HeadBucket", * ], - * effect: "Allow", - * resource: "*", + * Effect: "Allow", + * Resource: "*", * }], * }), * }); diff --git a/sdk/nodejs/iam/rolePolicy.ts b/sdk/nodejs/iam/rolePolicy.ts index 6ebc3a68885..d1b6ddb6b75 100644 --- a/sdk/nodejs/iam/rolePolicy.ts +++ b/sdk/nodejs/iam/rolePolicy.ts @@ -23,13 +23,13 @@ import {PolicyDocument, Role} from "./index"; * const testRole = new aws.iam.Role("test_role", { * name: "test_role", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "ec2.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "ec2.amazonaws.com", * }, * }], * }), @@ -38,11 +38,11 @@ import {PolicyDocument, Role} from "./index"; * name: "test_policy", * role: testRole.id, * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: ["ec2:Describe*"], - * effect: "Allow", - * resource: "*", + * Version: "2012-10-17", + * Statement: [{ + * Action: ["ec2:Describe*"], + * Effect: "Allow", + * Resource: "*", * }], * }), * }); diff --git a/sdk/nodejs/iam/userPolicy.ts b/sdk/nodejs/iam/userPolicy.ts index 5b36d168e83..fc59ea5055d 100644 --- a/sdk/nodejs/iam/userPolicy.ts +++ b/sdk/nodejs/iam/userPolicy.ts @@ -26,11 +26,11 @@ import {PolicyDocument} from "./index"; * name: "test", * user: lb.name, * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: ["ec2:Describe*"], - * effect: "Allow", - * resource: "*", + * Version: "2012-10-17", + * Statement: [{ + * Action: ["ec2:Describe*"], + * Effect: "Allow", + * Resource: "*", * }], * }), * }); diff --git a/sdk/nodejs/iot/policy.ts b/sdk/nodejs/iot/policy.ts index d6fe9a1d9c0..274c8b4d3ce 100644 --- a/sdk/nodejs/iot/policy.ts +++ b/sdk/nodejs/iot/policy.ts @@ -19,11 +19,11 @@ import * as utilities from "../utilities"; * const pubsub = new aws.iot.Policy("pubsub", { * name: "PubSubToAnyTopic", * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: ["iot:*"], - * effect: "Allow", - * resource: "*", + * Version: "2012-10-17", + * Statement: [{ + * Action: ["iot:*"], + * Effect: "Allow", + * Resource: "*", * }], * }), * }); diff --git a/sdk/nodejs/iot/provisioningTemplate.ts b/sdk/nodejs/iot/provisioningTemplate.ts index 21d2489a9fa..cf8e698b3da 100644 --- a/sdk/nodejs/iot/provisioningTemplate.ts +++ b/sdk/nodejs/iot/provisioningTemplate.ts @@ -51,26 +51,26 @@ import * as utilities from "../utilities"; * provisioningRoleArn: iotFleetProvisioning.arn, * enabled: true, * templateBody: pulumi.jsonStringify({ - * parameters: { - * serialNumber: { - * type: "String", + * Parameters: { + * SerialNumber: { + * Type: "String", * }, * }, - * resources: { + * Resources: { * certificate: { - * properties: { - * certificateId: { - * ref: "AWS::IoT::Certificate::Id", + * Properties: { + * CertificateId: { + * Ref: "AWS::IoT::Certificate::Id", * }, - * status: "Active", + * Status: "Active", * }, - * type: "AWS::IoT::Certificate", + * Type: "AWS::IoT::Certificate", * }, * policy: { - * properties: { - * policyName: devicePolicyPolicy.name, + * Properties: { + * PolicyName: devicePolicyPolicy.name, * }, - * type: "AWS::IoT::Policy", + * Type: "AWS::IoT::Policy", * }, * }, * }), diff --git a/sdk/nodejs/kendra/dataSource.ts b/sdk/nodejs/kendra/dataSource.ts index c83e28a1dd9..065ce2cd263 100644 --- a/sdk/nodejs/kendra/dataSource.ts +++ b/sdk/nodejs/kendra/dataSource.ts @@ -213,6 +213,8 @@ import * as utilities from "../utilities"; * }, * }, * }, + * }, { + * dependsOn: [exampleAwsSecretsmanagerSecretVersion], * }); * ``` * @@ -321,6 +323,8 @@ import * as utilities from "../utilities"; * }, * }, * }, + * }, { + * dependsOn: [exampleAwsSecretsmanagerSecretVersion], * }); * ``` * diff --git a/sdk/nodejs/kinesis/firehoseDeliveryStream.ts b/sdk/nodejs/kinesis/firehoseDeliveryStream.ts index d811fabff0c..910762d4f6e 100644 --- a/sdk/nodejs/kinesis/firehoseDeliveryStream.ts +++ b/sdk/nodejs/kinesis/firehoseDeliveryStream.ts @@ -340,6 +340,8 @@ import * as utilities from "../utilities"; * roleArn: firehose.arn, * }, * }, + * }, { + * dependsOn: [firehose_elasticsearchRolePolicy], * }); * ``` * @@ -463,6 +465,8 @@ import * as utilities from "../utilities"; * roleArn: firehose.arn, * }, * }, + * }, { + * dependsOn: [firehose_opensearch], * }); * ``` * diff --git a/sdk/nodejs/kms/keyPolicy.ts b/sdk/nodejs/kms/keyPolicy.ts index 33dbd0cf0ba..195c1e21fd6 100644 --- a/sdk/nodejs/kms/keyPolicy.ts +++ b/sdk/nodejs/kms/keyPolicy.ts @@ -18,17 +18,17 @@ import * as utilities from "../utilities"; * const exampleKeyPolicy = new aws.kms.KeyPolicy("example", { * keyId: example.id, * policy: JSON.stringify({ - * id: "example", - * statement: [{ - * action: "kms:*", - * effect: "Allow", - * principal: { + * Id: "example", + * Statement: [{ + * Action: "kms:*", + * Effect: "Allow", + * Principal: { * AWS: "*", * }, - * resource: "*", - * sid: "Enable IAM User Permissions", + * Resource: "*", + * Sid: "Enable IAM User Permissions", * }], - * version: "2012-10-17", + * Version: "2012-10-17", * }), * }); * ``` diff --git a/sdk/nodejs/lambda/eventSourceMapping.ts b/sdk/nodejs/lambda/eventSourceMapping.ts index 8642a29cea4..57cf7ea9a68 100644 --- a/sdk/nodejs/lambda/eventSourceMapping.ts +++ b/sdk/nodejs/lambda/eventSourceMapping.ts @@ -123,7 +123,7 @@ import * as utilities from "../utilities"; * filters: [{ * pattern: JSON.stringify({ * body: { - * temperature: [{ + * Temperature: [{ * numeric: [ * ">", * 0, @@ -131,7 +131,7 @@ import * as utilities from "../utilities"; * 100, * ], * }], - * location: ["New York"], + * Location: ["New York"], * }, * }), * }], diff --git a/sdk/nodejs/lambda/function.ts b/sdk/nodejs/lambda/function.ts index 548abc2a9c7..c393ef7bba8 100644 --- a/sdk/nodejs/lambda/function.ts +++ b/sdk/nodejs/lambda/function.ts @@ -126,6 +126,12 @@ import {ARN} from ".."; * const efsForLambda = new aws.efs.FileSystem("efs_for_lambda", {tags: { * Name: "efs_for_lambda", * }}); + * // Mount target connects the file system to the subnet + * const alpha = new aws.efs.MountTarget("alpha", { + * fileSystemId: efsForLambda.id, + * subnetId: subnetForLambda.id, + * securityGroups: [sgForLambda.id], + * }); * // EFS access point used by lambda file system * const accessPointForLambda = new aws.efs.AccessPoint("access_point_for_lambda", { * fileSystemId: efsForLambda.id, @@ -152,12 +158,8 @@ import {ARN} from ".."; * subnetIds: [subnetForLambda.id], * securityGroupIds: [sgForLambda.id], * }, - * }); - * // Mount target connects the file system to the subnet - * const alpha = new aws.efs.MountTarget("alpha", { - * fileSystemId: efsForLambda.id, - * subnetId: subnetForLambda.id, - * securityGroups: [sgForLambda.id], + * }, { + * dependsOn: [alpha], * }); * ``` * @@ -177,12 +179,6 @@ import {ARN} from ".."; * * const config = new pulumi.Config(); * const lambdaFunctionName = config.get("lambdaFunctionName") || "lambda_function_name"; - * const testLambda = new aws.lambda.Function("test_lambda", { - * name: lambdaFunctionName, - * loggingConfig: { - * logFormat: "Text", - * }, - * }); * // This is to optionally manage the CloudWatch Log Group for the Lambda Function. * // If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below. * const example = new aws.cloudwatch.LogGroup("example", { @@ -211,6 +207,17 @@ import {ARN} from ".."; * role: iamForLambda.name, * policyArn: lambdaLoggingPolicy.arn, * }); + * const testLambda = new aws.lambda.Function("test_lambda", { + * name: lambdaFunctionName, + * loggingConfig: { + * logFormat: "Text", + * }, + * }, { + * dependsOn: [ + * lambdaLogs, + * example, + * ], + * }); * ``` * * diff --git a/sdk/nodejs/lambda/permission.ts b/sdk/nodejs/lambda/permission.ts index b441d6be59d..3a9764118f3 100644 --- a/sdk/nodejs/lambda/permission.ts +++ b/sdk/nodejs/lambda/permission.ts @@ -21,13 +21,13 @@ import {Function} from "./index"; * const iamForLambda = new aws.iam.Role("iam_for_lambda", { * name: "iam_for_lambda", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "lambda.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "lambda.amazonaws.com", * }, * }], * }), @@ -67,13 +67,13 @@ import {Function} from "./index"; * const defaultRole = new aws.iam.Role("default", { * name: "iam_for_lambda_with_sns", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "lambda.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "lambda.amazonaws.com", * }, * }], * }), @@ -161,6 +161,8 @@ import {Function} from "./index"; * filterPattern: "", * logGroup: _default.name, * name: "logging_default", + * }, { + * dependsOn: [logging], * }); * ``` * diff --git a/sdk/nodejs/lb/targetGroupAttachment.ts b/sdk/nodejs/lb/targetGroupAttachment.ts index 21d1f90e8e6..2535f183f9c 100644 --- a/sdk/nodejs/lb/targetGroupAttachment.ts +++ b/sdk/nodejs/lb/targetGroupAttachment.ts @@ -50,6 +50,8 @@ import * as utilities from "../utilities"; * const testTargetGroupAttachment = new aws.lb.TargetGroupAttachment("test", { * targetGroupArn: test.arn, * targetId: testFunction.arn, + * }, { + * dependsOn: [withLb], * }); * ``` * diff --git a/sdk/nodejs/lightsail/distribution.ts b/sdk/nodejs/lightsail/distribution.ts index ab8baa548ee..73c19adfe1a 100644 --- a/sdk/nodejs/lightsail/distribution.ts +++ b/sdk/nodejs/lightsail/distribution.ts @@ -92,6 +92,8 @@ import * as utilities from "../utilities"; * defaultCacheBehavior: { * behavior: "cache", * }, + * }, { + * dependsOn: [test], * }); * ``` * @@ -140,6 +142,8 @@ import * as utilities from "../utilities"; * defaultCacheBehavior: { * behavior: "cache", * }, + * }, { + * dependsOn: [testLbAttachment], * }); * ``` * diff --git a/sdk/nodejs/macie/customDataIdentifier.ts b/sdk/nodejs/macie/customDataIdentifier.ts index 93e78ca05d9..9e69eecf952 100644 --- a/sdk/nodejs/macie/customDataIdentifier.ts +++ b/sdk/nodejs/macie/customDataIdentifier.ts @@ -22,6 +22,8 @@ import * as utilities from "../utilities"; * maximumMatchDistance: 10, * keywords: ["keyword"], * ignoreWords: ["ignore"], + * }, { + * dependsOn: [test], * }); * ``` * diff --git a/sdk/nodejs/macie/findingsFilter.ts b/sdk/nodejs/macie/findingsFilter.ts index 52035dd8fa4..f36149b4ca2 100644 --- a/sdk/nodejs/macie/findingsFilter.ts +++ b/sdk/nodejs/macie/findingsFilter.ts @@ -29,6 +29,8 @@ import * as utilities from "../utilities"; * eqs: [current.name], * }], * }, + * }, { + * dependsOn: [testAwsMacie2Account], * }); * ``` * diff --git a/sdk/nodejs/macie2/classificationExportConfiguration.ts b/sdk/nodejs/macie2/classificationExportConfiguration.ts index 67e2e131cba..5abcc5d660b 100644 --- a/sdk/nodejs/macie2/classificationExportConfiguration.ts +++ b/sdk/nodejs/macie2/classificationExportConfiguration.ts @@ -22,7 +22,9 @@ import * as utilities from "../utilities"; * bucketName: exampleAwsS3Bucket.bucket, * keyPrefix: "exampleprefix/", * kmsKeyArn: exampleAwsKmsKey.arn, - * }}); + * }}, { + * dependsOn: [example], + * }); * ``` * * diff --git a/sdk/nodejs/macie2/classificationJob.ts b/sdk/nodejs/macie2/classificationJob.ts index 3bde41c5b29..d2fa45e4ef0 100644 --- a/sdk/nodejs/macie2/classificationJob.ts +++ b/sdk/nodejs/macie2/classificationJob.ts @@ -27,6 +27,8 @@ import * as utilities from "../utilities"; * buckets: ["S3 BUCKET NAME"], * }], * }, + * }, { + * dependsOn: [test], * }); * ``` * diff --git a/sdk/nodejs/macie2/invitationAccepter.ts b/sdk/nodejs/macie2/invitationAccepter.ts index 5caab489b2e..b23009049d5 100644 --- a/sdk/nodejs/macie2/invitationAccepter.ts +++ b/sdk/nodejs/macie2/invitationAccepter.ts @@ -21,8 +21,12 @@ import * as utilities from "../utilities"; * email: "EMAIL", * invite: true, * invitationMessage: "Message of the invite", + * }, { + * dependsOn: [primary], + * }); + * const memberInvitationAccepter = new aws.macie2.InvitationAccepter("member", {administratorAccountId: "ADMINISTRATOR ACCOUNT ID"}, { + * dependsOn: [primaryMember], * }); - * const memberInvitationAccepter = new aws.macie2.InvitationAccepter("member", {administratorAccountId: "ADMINISTRATOR ACCOUNT ID"}); * ``` * * diff --git a/sdk/nodejs/macie2/member.ts b/sdk/nodejs/macie2/member.ts index b802f88f484..30eee4e3a36 100644 --- a/sdk/nodejs/macie2/member.ts +++ b/sdk/nodejs/macie2/member.ts @@ -21,6 +21,8 @@ import * as utilities from "../utilities"; * invite: true, * invitationMessage: "Message of the invitation", * invitationDisableEmailNotification: true, + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/macie2/organizationAdminAccount.ts b/sdk/nodejs/macie2/organizationAdminAccount.ts index a279c69cfa9..4cd258f0a79 100644 --- a/sdk/nodejs/macie2/organizationAdminAccount.ts +++ b/sdk/nodejs/macie2/organizationAdminAccount.ts @@ -15,7 +15,9 @@ import * as utilities from "../utilities"; * import * as aws from "@pulumi/aws"; * * const example = new aws.macie2.Account("example", {}); - * const exampleOrganizationAdminAccount = new aws.macie2.OrganizationAdminAccount("example", {adminAccountId: "ID OF THE ADMIN ACCOUNT"}); + * const exampleOrganizationAdminAccount = new aws.macie2.OrganizationAdminAccount("example", {adminAccountId: "ID OF THE ADMIN ACCOUNT"}, { + * dependsOn: [example], + * }); * ``` * * diff --git a/sdk/nodejs/msk/clusterPolicy.ts b/sdk/nodejs/msk/clusterPolicy.ts index 8da7705d31b..0874b51d075 100644 --- a/sdk/nodejs/msk/clusterPolicy.ts +++ b/sdk/nodejs/msk/clusterPolicy.ts @@ -21,20 +21,20 @@ import * as utilities from "../utilities"; * const example = new aws.msk.ClusterPolicy("example", { * clusterArn: exampleAwsMskCluster.arn, * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * sid: "ExampleMskClusterPolicy", - * effect: "Allow", - * principal: { + * Version: "2012-10-17", + * Statement: [{ + * Sid: "ExampleMskClusterPolicy", + * Effect: "Allow", + * Principal: { * AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) => `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`), * }, - * action: [ + * Action: [ * "kafka:Describe*", * "kafka:Get*", * "kafka:CreateVpcConnection", * "kafka:GetBootstrapBrokers", * ], - * resource: exampleAwsMskCluster.arn, + * Resource: exampleAwsMskCluster.arn, * }], * }), * }); diff --git a/sdk/nodejs/msk/scramSecretAssociation.ts b/sdk/nodejs/msk/scramSecretAssociation.ts index 0d16a4e3b04..ab0c123981d 100644 --- a/sdk/nodejs/msk/scramSecretAssociation.ts +++ b/sdk/nodejs/msk/scramSecretAssociation.ts @@ -37,10 +37,6 @@ import * as utilities from "../utilities"; * name: "AmazonMSK_example", * kmsKeyId: exampleKey.keyId, * }); - * const exampleScramSecretAssociation = new aws.msk.ScramSecretAssociation("example", { - * clusterArn: exampleCluster.arn, - * secretArnLists: [exampleSecret.arn], - * }); * const exampleSecretVersion = new aws.secretsmanager.SecretVersion("example", { * secretId: exampleSecret.id, * secretString: JSON.stringify({ @@ -48,6 +44,12 @@ import * as utilities from "../utilities"; * password: "pass", * }), * }); + * const exampleScramSecretAssociation = new aws.msk.ScramSecretAssociation("example", { + * clusterArn: exampleCluster.arn, + * secretArnLists: [exampleSecret.arn], + * }, { + * dependsOn: [exampleSecretVersion], + * }); * const example = aws.iam.getPolicyDocumentOutput({ * statements: [{ * sid: "AWSKafkaResourcePolicy", diff --git a/sdk/nodejs/neptune/globalCluster.ts b/sdk/nodejs/neptune/globalCluster.ts index 01cb1c3b375..aa217c6d7b5 100644 --- a/sdk/nodejs/neptune/globalCluster.ts +++ b/sdk/nodejs/neptune/globalCluster.ts @@ -55,6 +55,8 @@ import * as utilities from "../utilities"; * clusterIdentifier: secondary.id, * instanceClass: "db.r5.large", * neptuneSubnetGroupName: "default", + * }, { + * dependsOn: [primaryClusterInstance], * }); * ``` * diff --git a/sdk/nodejs/networkfirewall/resourcePolicy.ts b/sdk/nodejs/networkfirewall/resourcePolicy.ts index 8eb1d8031d8..0f4667e69fd 100644 --- a/sdk/nodejs/networkfirewall/resourcePolicy.ts +++ b/sdk/nodejs/networkfirewall/resourcePolicy.ts @@ -19,20 +19,20 @@ import * as utilities from "../utilities"; * const example = new aws.networkfirewall.ResourcePolicy("example", { * resourceArn: exampleAwsNetworkfirewallFirewallPolicy.arn, * policy: JSON.stringify({ - * statement: [{ - * action: [ + * Statement: [{ + * Action: [ * "network-firewall:ListFirewallPolicies", * "network-firewall:CreateFirewall", * "network-firewall:UpdateFirewall", * "network-firewall:AssociateFirewallPolicy", * ], - * effect: "Allow", - * resource: exampleAwsNetworkfirewallFirewallPolicy.arn, - * principal: { + * Effect: "Allow", + * Resource: exampleAwsNetworkfirewallFirewallPolicy.arn, + * Principal: { * AWS: "arn:aws:iam::123456789012:root", * }, * }], - * version: "2012-10-17", + * Version: "2012-10-17", * }), * }); * ``` @@ -48,19 +48,19 @@ import * as utilities from "../utilities"; * const example = new aws.networkfirewall.ResourcePolicy("example", { * resourceArn: exampleAwsNetworkfirewallRuleGroup.arn, * policy: JSON.stringify({ - * statement: [{ - * action: [ + * Statement: [{ + * Action: [ * "network-firewall:ListRuleGroups", * "network-firewall:CreateFirewallPolicy", * "network-firewall:UpdateFirewallPolicy", * ], - * effect: "Allow", - * resource: exampleAwsNetworkfirewallRuleGroup.arn, - * principal: { + * Effect: "Allow", + * Resource: exampleAwsNetworkfirewallRuleGroup.arn, + * Principal: { * AWS: "arn:aws:iam::123456789012:root", * }, * }], - * version: "2012-10-17", + * Version: "2012-10-17", * }), * }); * ``` diff --git a/sdk/nodejs/networkmanager/connectAttachment.ts b/sdk/nodejs/networkmanager/connectAttachment.ts index 0a34b4c9d25..88743793c8d 100644 --- a/sdk/nodejs/networkmanager/connectAttachment.ts +++ b/sdk/nodejs/networkmanager/connectAttachment.ts @@ -58,6 +58,8 @@ import * as utilities from "../utilities"; * options: { * protocol: "GRE", * }, + * }, { + * dependsOn: [test], * }); * const example2 = new aws.networkmanager.AttachmentAccepter("example2", { * attachmentId: exampleConnectAttachment.id, diff --git a/sdk/nodejs/networkmanager/connectPeer.ts b/sdk/nodejs/networkmanager/connectPeer.ts index 471d36fa1bc..a23c8bbb6e9 100644 --- a/sdk/nodejs/networkmanager/connectPeer.ts +++ b/sdk/nodejs/networkmanager/connectPeer.ts @@ -66,6 +66,8 @@ import * as utilities from "../utilities"; * options: { * protocol: "GRE", * }, + * }, { + * dependsOn: [test], * }); * const example2 = new aws.networkmanager.AttachmentAccepter("example2", { * attachmentId: exampleConnectAttachment.id, @@ -78,6 +80,8 @@ import * as utilities from "../utilities"; * peerAsn: 65500, * }, * insideCidrBlocks: ["172.16.0.0/16"], + * }, { + * dependsOn: [example2], * }); * ``` * diff --git a/sdk/nodejs/networkmanager/customerGatewayAssociation.ts b/sdk/nodejs/networkmanager/customerGatewayAssociation.ts index d933c326391..d6132446460 100644 --- a/sdk/nodejs/networkmanager/customerGatewayAssociation.ts +++ b/sdk/nodejs/networkmanager/customerGatewayAssociation.ts @@ -36,11 +36,15 @@ import * as utilities from "../utilities"; * const exampleTransitGatewayRegistration = new aws.networkmanager.TransitGatewayRegistration("example", { * globalNetworkId: example.id, * transitGatewayArn: exampleTransitGateway.arn, + * }, { + * dependsOn: [exampleVpnConnection], * }); * const exampleCustomerGatewayAssociation = new aws.networkmanager.CustomerGatewayAssociation("example", { * globalNetworkId: example.id, * customerGatewayArn: exampleCustomerGateway.arn, * deviceId: exampleDevice.id, + * }, { + * dependsOn: [exampleTransitGatewayRegistration], * }); * ``` * diff --git a/sdk/nodejs/oam/sinkPolicy.ts b/sdk/nodejs/oam/sinkPolicy.ts index d6c30a96c41..a2dfafbaf9d 100644 --- a/sdk/nodejs/oam/sinkPolicy.ts +++ b/sdk/nodejs/oam/sinkPolicy.ts @@ -20,21 +20,21 @@ import * as utilities from "../utilities"; * const exampleSinkPolicy = new aws.oam.SinkPolicy("example", { * sinkIdentifier: example.id, * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: [ + * Version: "2012-10-17", + * Statement: [{ + * Action: [ * "oam:CreateLink", * "oam:UpdateLink", * ], - * effect: "Allow", - * resource: "*", - * principal: { + * Effect: "Allow", + * Resource: "*", + * Principal: { * AWS: [ * "1111111111111", * "222222222222", * ], * }, - * condition: { + * Condition: { * "ForAllValues:StringEquals": { * "oam:ResourceTypes": [ * "AWS::CloudWatch::Metric", diff --git a/sdk/nodejs/opensearch/domain.ts b/sdk/nodejs/opensearch/domain.ts index 2a3b746031a..5d429a0a2ac 100644 --- a/sdk/nodejs/opensearch/domain.ts +++ b/sdk/nodejs/opensearch/domain.ts @@ -189,6 +189,8 @@ import * as utilities from "../utilities"; * tags: { * Domain: "TestDomain", * }, + * }, { + * dependsOn: [exampleServiceLinkedRole], * }); * ``` * diff --git a/sdk/nodejs/opensearch/serverlessAccessPolicy.ts b/sdk/nodejs/opensearch/serverlessAccessPolicy.ts index 6d0c6547250..2622427877b 100644 --- a/sdk/nodejs/opensearch/serverlessAccessPolicy.ts +++ b/sdk/nodejs/opensearch/serverlessAccessPolicy.ts @@ -22,19 +22,19 @@ import * as utilities from "../utilities"; * type: "data", * description: "read and write permissions", * policy: JSON.stringify([{ - * rules: [ + * Rules: [ * { - * resourceType: "index", - * resource: ["index/example-collection/*"], - * permission: ["aoss:*"], + * ResourceType: "index", + * Resource: ["index/example-collection/*"], + * Permission: ["aoss:*"], * }, * { - * resourceType: "collection", - * resource: ["collection/example-collection"], - * permission: ["aoss:*"], + * ResourceType: "collection", + * Resource: ["collection/example-collection"], + * Permission: ["aoss:*"], * }, * ], - * principal: [current.then(current => current.arn)], + * Principal: [current.then(current => current.arn)], * }]), * }); * ``` @@ -53,22 +53,22 @@ import * as utilities from "../utilities"; * type: "data", * description: "read-only permissions", * policy: JSON.stringify([{ - * rules: [ + * Rules: [ * { - * resourceType: "index", - * resource: ["index/example-collection/*"], - * permission: [ + * ResourceType: "index", + * Resource: ["index/example-collection/*"], + * Permission: [ * "aoss:DescribeIndex", * "aoss:ReadDocument", * ], * }, * { - * resourceType: "collection", - * resource: ["collection/example-collection"], - * permission: ["aoss:DescribeCollectionItems"], + * ResourceType: "collection", + * Resource: ["collection/example-collection"], + * Permission: ["aoss:DescribeCollectionItems"], * }, * ], - * principal: [current.then(current => current.arn)], + * Principal: [current.then(current => current.arn)], * }]), * }); * ``` @@ -86,19 +86,19 @@ import * as utilities from "../utilities"; * type: "data", * description: "saml permissions", * policy: JSON.stringify([{ - * rules: [ + * Rules: [ * { - * resourceType: "index", - * resource: ["index/example-collection/*"], - * permission: ["aoss:*"], + * ResourceType: "index", + * Resource: ["index/example-collection/*"], + * Permission: ["aoss:*"], * }, * { - * resourceType: "collection", - * resource: ["collection/example-collection"], - * permission: ["aoss:*"], + * ResourceType: "collection", + * Resource: ["collection/example-collection"], + * Permission: ["aoss:*"], * }, * ], - * principal: [ + * Principal: [ * "saml/123456789012/myprovider/user/Annie", * "saml/123456789012/anotherprovider/group/Accounting", * ], diff --git a/sdk/nodejs/opensearch/serverlessCollection.ts b/sdk/nodejs/opensearch/serverlessCollection.ts index c3e8672474e..9fa2b327739 100644 --- a/sdk/nodejs/opensearch/serverlessCollection.ts +++ b/sdk/nodejs/opensearch/serverlessCollection.ts @@ -34,7 +34,9 @@ import * as utilities from "../utilities"; * AWSOwnedKey: true, * }), * }); - * const exampleServerlessCollection = new aws.opensearch.ServerlessCollection("example", {name: "example"}); + * const exampleServerlessCollection = new aws.opensearch.ServerlessCollection("example", {name: "example"}, { + * dependsOn: [example], + * }); * ``` * * diff --git a/sdk/nodejs/opensearch/serverlessSecurityPolicy.ts b/sdk/nodejs/opensearch/serverlessSecurityPolicy.ts index e80d2c2cb5b..1f0c718cb67 100644 --- a/sdk/nodejs/opensearch/serverlessSecurityPolicy.ts +++ b/sdk/nodejs/opensearch/serverlessSecurityPolicy.ts @@ -23,11 +23,11 @@ import * as utilities from "../utilities"; * type: "encryption", * description: "encryption security policy for example-collection", * policy: JSON.stringify({ - * rules: [{ - * resource: ["collection/example-collection"], - * resourceType: "collection", + * Rules: [{ + * Resource: ["collection/example-collection"], + * ResourceType: "collection", * }], - * aWSOwnedKey: true, + * AWSOwnedKey: true, * }), * }); * ``` @@ -45,11 +45,11 @@ import * as utilities from "../utilities"; * type: "encryption", * description: "encryption security policy for collections that begin with \"example\"", * policy: JSON.stringify({ - * rules: [{ - * resource: ["collection/example*"], - * resourceType: "collection", + * Rules: [{ + * Resource: ["collection/example*"], + * ResourceType: "collection", * }], - * aWSOwnedKey: true, + * AWSOwnedKey: true, * }), * }); * ``` @@ -67,12 +67,12 @@ import * as utilities from "../utilities"; * type: "encryption", * description: "encryption security policy using customer KMS key", * policy: JSON.stringify({ - * rules: [{ - * resource: ["collection/customer-managed-key-collection"], - * resourceType: "collection", + * Rules: [{ + * Resource: ["collection/customer-managed-key-collection"], + * ResourceType: "collection", * }], - * aWSOwnedKey: false, - * kmsARN: "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36", + * AWSOwnedKey: false, + * KmsARN: "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36", * }), * }); * ``` @@ -92,18 +92,18 @@ import * as utilities from "../utilities"; * type: "network", * description: "Public access", * policy: JSON.stringify([{ - * description: "Public access to collection and Dashboards endpoint for example collection", - * rules: [ + * Description: "Public access to collection and Dashboards endpoint for example collection", + * Rules: [ * { - * resourceType: "collection", - * resource: ["collection/example-collection"], + * ResourceType: "collection", + * Resource: ["collection/example-collection"], * }, * { - * resourceType: "dashboard", - * resource: ["collection/example-collection"], + * ResourceType: "dashboard", + * Resource: ["collection/example-collection"], * }, * ], - * allowFromPublic: true, + * AllowFromPublic: true, * }]), * }); * ``` @@ -121,19 +121,19 @@ import * as utilities from "../utilities"; * type: "network", * description: "VPC access", * policy: JSON.stringify([{ - * description: "VPC access to collection and Dashboards endpoint for example collection", - * rules: [ + * Description: "VPC access to collection and Dashboards endpoint for example collection", + * Rules: [ * { - * resourceType: "collection", - * resource: ["collection/example-collection"], + * ResourceType: "collection", + * Resource: ["collection/example-collection"], * }, * { - * resourceType: "dashboard", - * resource: ["collection/example-collection"], + * ResourceType: "dashboard", + * Resource: ["collection/example-collection"], * }, * ], - * allowFromPublic: false, - * sourceVPCEs: ["vpce-050f79086ee71ac05"], + * AllowFromPublic: false, + * SourceVPCEs: ["vpce-050f79086ee71ac05"], * }]), * }); * ``` diff --git a/sdk/nodejs/opensearchingest/pipeline.ts b/sdk/nodejs/opensearchingest/pipeline.ts index eac78727d83..e9d49b452d1 100644 --- a/sdk/nodejs/opensearchingest/pipeline.ts +++ b/sdk/nodejs/opensearchingest/pipeline.ts @@ -21,13 +21,13 @@ import * as utilities from "../utilities"; * * const current = aws.getRegion({}); * const example = new aws.iam.Role("example", {assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "osis-pipelines.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "osis-pipelines.amazonaws.com", * }, * }], * })}); diff --git a/sdk/nodejs/pipes/pipe.ts b/sdk/nodejs/pipes/pipe.ts index e4effc8fbf1..d52d7eb87dc 100644 --- a/sdk/nodejs/pipes/pipe.ts +++ b/sdk/nodejs/pipes/pipe.ts @@ -27,15 +27,15 @@ import * as utilities from "../utilities"; * * const main = aws.getCallerIdentity({}); * const example = new aws.iam.Role("example", {assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: { - * effect: "Allow", - * action: "sts:AssumeRole", - * principal: { - * service: "pipes.amazonaws.com", + * Version: "2012-10-17", + * Statement: { + * Effect: "Allow", + * Action: "sts:AssumeRole", + * Principal: { + * Service: "pipes.amazonaws.com", * }, - * condition: { - * stringEquals: { + * Condition: { + * StringEquals: { * "aws:SourceAccount": main.then(main => main.accountId), * }, * }, @@ -45,15 +45,15 @@ import * as utilities from "../utilities"; * const source = new aws.iam.RolePolicy("source", { * role: example.id, * policy: pulumi.jsonStringify({ - * version: "2012-10-17", - * statement: [{ - * effect: "Allow", - * action: [ + * Version: "2012-10-17", + * Statement: [{ + * Effect: "Allow", + * Action: [ * "sqs:DeleteMessage", * "sqs:GetQueueAttributes", * "sqs:ReceiveMessage", * ], - * resource: [sourceQueue.arn], + * Resource: [sourceQueue.arn], * }], * }), * }); @@ -61,11 +61,11 @@ import * as utilities from "../utilities"; * const target = new aws.iam.RolePolicy("target", { * role: example.id, * policy: pulumi.jsonStringify({ - * version: "2012-10-17", - * statement: [{ - * effect: "Allow", - * action: ["sqs:SendMessage"], - * resource: [targetQueue.arn], + * Version: "2012-10-17", + * Statement: [{ + * Effect: "Allow", + * Action: ["sqs:SendMessage"], + * Resource: [targetQueue.arn], * }], * }), * }); @@ -74,6 +74,11 @@ import * as utilities from "../utilities"; * roleArn: example.arn, * source: sourceQueue.arn, * target: targetQueue.arn, + * }, { + * dependsOn: [ + * source, + * target, + * ], * }); * ``` * diff --git a/sdk/nodejs/quicksight/vpcConnection.ts b/sdk/nodejs/quicksight/vpcConnection.ts index c5135b22e5b..4ae5c3e76a7 100644 --- a/sdk/nodejs/quicksight/vpcConnection.ts +++ b/sdk/nodejs/quicksight/vpcConnection.ts @@ -21,29 +21,29 @@ import * as utilities from "../utilities"; * * const vpcConnectionRole = new aws.iam.Role("vpc_connection_role", { * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * effect: "Allow", - * action: "sts:AssumeRole", - * principal: { - * service: "quicksight.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Effect: "Allow", + * Action: "sts:AssumeRole", + * Principal: { + * Service: "quicksight.amazonaws.com", * }, * }], * }), * inlinePolicies: [{ * name: "QuickSightVPCConnectionRolePolicy", * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * effect: "Allow", - * action: [ + * Version: "2012-10-17", + * Statement: [{ + * Effect: "Allow", + * Action: [ * "ec2:CreateNetworkInterface", * "ec2:ModifyNetworkInterfaceAttribute", * "ec2:DeleteNetworkInterface", * "ec2:DescribeSubnets", * "ec2:DescribeSecurityGroups", * ], - * resource: ["*"], + * Resource: ["*"], * }], * }), * }], diff --git a/sdk/nodejs/rds/clusterActivityStream.ts b/sdk/nodejs/rds/clusterActivityStream.ts index 5bc1c2334bb..aa75a9fb682 100644 --- a/sdk/nodejs/rds/clusterActivityStream.ts +++ b/sdk/nodejs/rds/clusterActivityStream.ts @@ -46,6 +46,8 @@ import * as utilities from "../utilities"; * resourceArn: _default.arn, * mode: "async", * kmsKeyId: defaultKey.keyId, + * }, { + * dependsOn: [defaultClusterInstance], * }); * ``` * diff --git a/sdk/nodejs/rds/exportTask.ts b/sdk/nodejs/rds/exportTask.ts index 3d7e86956b0..32f4a786569 100644 --- a/sdk/nodejs/rds/exportTask.ts +++ b/sdk/nodejs/rds/exportTask.ts @@ -47,13 +47,13 @@ import * as utilities from "../utilities"; * const exampleRole = new aws.iam.Role("example", { * name: "example", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "sts:AssumeRole", - * effect: "Allow", - * sid: "", - * principal: { - * service: "export.rds.amazonaws.com", + * Version: "2012-10-17", + * Statement: [{ + * Action: "sts:AssumeRole", + * Effect: "Allow", + * Sid: "", + * Principal: { + * Service: "export.rds.amazonaws.com", * }, * }], * }), diff --git a/sdk/nodejs/rds/globalCluster.ts b/sdk/nodejs/rds/globalCluster.ts index 383bec8a25b..0381b1cd692 100644 --- a/sdk/nodejs/rds/globalCluster.ts +++ b/sdk/nodejs/rds/globalCluster.ts @@ -51,6 +51,8 @@ import * as utilities from "../utilities"; * clusterIdentifier: "test-secondary-cluster", * globalClusterIdentifier: example.id, * dbSubnetGroupName: "default", + * }, { + * dependsOn: [primaryClusterInstance], * }); * const secondaryClusterInstance = new aws.rds.ClusterInstance("secondary", { * engine: example.engine, @@ -101,6 +103,8 @@ import * as utilities from "../utilities"; * globalClusterIdentifier: example.id, * skipFinalSnapshot: true, * dbSubnetGroupName: "default", + * }, { + * dependsOn: [primaryClusterInstance], * }); * const secondaryClusterInstance = new aws.rds.ClusterInstance("secondary", { * engine: example.engine, diff --git a/sdk/nodejs/redshift/authenticationProfile.ts b/sdk/nodejs/redshift/authenticationProfile.ts index cf4c9819d58..afa9ceb6d4d 100644 --- a/sdk/nodejs/redshift/authenticationProfile.ts +++ b/sdk/nodejs/redshift/authenticationProfile.ts @@ -17,9 +17,9 @@ import * as utilities from "../utilities"; * const example = new aws.redshift.AuthenticationProfile("example", { * authenticationProfileName: "example", * authenticationProfileContent: JSON.stringify({ - * allowDBUserOverride: "1", - * clientID: "ExampleClientID", - * appID: "example", + * AllowDBUserOverride: "1", + * Client_ID: "ExampleClientID", + * App_ID: "example", * }), * }); * ``` diff --git a/sdk/nodejs/redshift/resourcePolicy.ts b/sdk/nodejs/redshift/resourcePolicy.ts index 2a3ac1f5146..93107915919 100644 --- a/sdk/nodejs/redshift/resourcePolicy.ts +++ b/sdk/nodejs/redshift/resourcePolicy.ts @@ -17,15 +17,15 @@ import * as utilities from "../utilities"; * const example = new aws.redshift.ResourcePolicy("example", { * resourceArn: exampleAwsRedshiftCluster.clusterNamespaceArn, * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * effect: "Allow", - * principal: { + * Version: "2012-10-17", + * Statement: [{ + * Effect: "Allow", + * Principal: { * AWS: "arn:aws:iam::12345678901:root", * }, - * action: "redshift:CreateInboundIntegration", - * resource: exampleAwsRedshiftCluster.clusterNamespaceArn, - * sid: "", + * Action: "redshift:CreateInboundIntegration", + * Resource: exampleAwsRedshiftCluster.clusterNamespaceArn, + * Sid: "", * }], * }), * }); diff --git a/sdk/nodejs/redshiftserverless/resourcePolicy.ts b/sdk/nodejs/redshiftserverless/resourcePolicy.ts index 34214b852ab..5a12a90cb87 100644 --- a/sdk/nodejs/redshiftserverless/resourcePolicy.ts +++ b/sdk/nodejs/redshiftserverless/resourcePolicy.ts @@ -17,14 +17,14 @@ import * as utilities from "../utilities"; * const example = new aws.redshiftserverless.ResourcePolicy("example", { * resourceArn: exampleAwsRedshiftserverlessSnapshot.arn, * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * effect: "Allow", - * principal: { + * Version: "2012-10-17", + * Statement: [{ + * Effect: "Allow", + * Principal: { * AWS: ["12345678901"], * }, - * action: ["redshift-serverless:RestoreFromSnapshot"], - * sid: "", + * Action: ["redshift-serverless:RestoreFromSnapshot"], + * Sid: "", * }], * }), * }); diff --git a/sdk/nodejs/resourceexplorer/view.ts b/sdk/nodejs/resourceexplorer/view.ts index 3a9c77d0ed3..908f56618e1 100644 --- a/sdk/nodejs/resourceexplorer/view.ts +++ b/sdk/nodejs/resourceexplorer/view.ts @@ -26,6 +26,8 @@ import * as utilities from "../utilities"; * includedProperties: [{ * name: "tags", * }], + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/rolesanywhere/profile.ts b/sdk/nodejs/rolesanywhere/profile.ts index fd1007a10e7..096f5590e4f 100644 --- a/sdk/nodejs/rolesanywhere/profile.ts +++ b/sdk/nodejs/rolesanywhere/profile.ts @@ -18,18 +18,18 @@ import * as utilities from "../utilities"; * name: "test", * path: "/", * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: [ + * Version: "2012-10-17", + * Statement: [{ + * Action: [ * "sts:AssumeRole", * "sts:TagSession", * "sts:SetSourceIdentity", * ], - * principal: { - * service: "rolesanywhere.amazonaws.com", + * Principal: { + * Service: "rolesanywhere.amazonaws.com", * }, - * effect: "Allow", - * sid: "", + * Effect: "Allow", + * Sid: "", * }], * }), * }); diff --git a/sdk/nodejs/rolesanywhere/trustAnchor.ts b/sdk/nodejs/rolesanywhere/trustAnchor.ts index 2e2a64c232b..64229f1a3e5 100644 --- a/sdk/nodejs/rolesanywhere/trustAnchor.ts +++ b/sdk/nodejs/rolesanywhere/trustAnchor.ts @@ -52,6 +52,8 @@ import * as utilities from "../utilities"; * }, * sourceType: "AWS_ACM_PCA", * }, + * }, { + * dependsOn: [exampleCertificateAuthorityCertificate], * }); * ``` * diff --git a/sdk/nodejs/route53/hostedZoneDnsSec.ts b/sdk/nodejs/route53/hostedZoneDnsSec.ts index dd4cc607a00..e304ecb06da 100644 --- a/sdk/nodejs/route53/hostedZoneDnsSec.ts +++ b/sdk/nodejs/route53/hostedZoneDnsSec.ts @@ -24,32 +24,32 @@ import * as utilities from "../utilities"; * deletionWindowInDays: 7, * keyUsage: "SIGN_VERIFY", * policy: JSON.stringify({ - * statement: [ + * Statement: [ * { - * action: [ + * Action: [ * "kms:DescribeKey", * "kms:GetPublicKey", * "kms:Sign", * "kms:Verify", * ], - * effect: "Allow", - * principal: { - * service: "dnssec-route53.amazonaws.com", + * Effect: "Allow", + * Principal: { + * Service: "dnssec-route53.amazonaws.com", * }, - * resource: "*", - * sid: "Allow Route 53 DNSSEC Service", + * Resource: "*", + * Sid: "Allow Route 53 DNSSEC Service", * }, * { - * action: "kms:*", - * effect: "Allow", - * principal: { + * Action: "kms:*", + * Effect: "Allow", + * Principal: { * AWS: current.then(current => `arn:aws:iam::${current.accountId}:root`), * }, - * resource: "*", - * sid: "Enable IAM User Permissions", + * Resource: "*", + * Sid: "Enable IAM User Permissions", * }, * ], - * version: "2012-10-17", + * Version: "2012-10-17", * }), * }); * const exampleZone = new aws.route53.Zone("example", {name: "example.com"}); @@ -58,7 +58,9 @@ import * as utilities from "../utilities"; * keyManagementServiceArn: example.arn, * name: "example", * }); - * const exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec("example", {hostedZoneId: exampleKeySigningKey.hostedZoneId}); + * const exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec("example", {hostedZoneId: exampleKeySigningKey.hostedZoneId}, { + * dependsOn: [exampleKeySigningKey], + * }); * ``` * * diff --git a/sdk/nodejs/route53/keySigningKey.ts b/sdk/nodejs/route53/keySigningKey.ts index 549ba9d32f7..25f1b9b0c5a 100644 --- a/sdk/nodejs/route53/keySigningKey.ts +++ b/sdk/nodejs/route53/keySigningKey.ts @@ -20,53 +20,53 @@ import * as utilities from "../utilities"; * deletionWindowInDays: 7, * keyUsage: "SIGN_VERIFY", * policy: JSON.stringify({ - * statement: [ + * Statement: [ * { - * action: [ + * Action: [ * "kms:DescribeKey", * "kms:GetPublicKey", * "kms:Sign", * ], - * effect: "Allow", - * principal: { - * service: "dnssec-route53.amazonaws.com", + * Effect: "Allow", + * Principal: { + * Service: "dnssec-route53.amazonaws.com", * }, - * sid: "Allow Route 53 DNSSEC Service", - * resource: "*", - * condition: { - * stringEquals: { + * Sid: "Allow Route 53 DNSSEC Service", + * Resource: "*", + * Condition: { + * StringEquals: { * "aws:SourceAccount": current.then(current => current.accountId), * }, - * arnLike: { + * ArnLike: { * "aws:SourceArn": "arn:aws:route53:::hostedzone/*", * }, * }, * }, * { - * action: "kms:CreateGrant", - * effect: "Allow", - * principal: { - * service: "dnssec-route53.amazonaws.com", + * Action: "kms:CreateGrant", + * Effect: "Allow", + * Principal: { + * Service: "dnssec-route53.amazonaws.com", * }, - * sid: "Allow Route 53 DNSSEC Service to CreateGrant", - * resource: "*", - * condition: { - * bool: { + * Sid: "Allow Route 53 DNSSEC Service to CreateGrant", + * Resource: "*", + * Condition: { + * Bool: { * "kms:GrantIsForAWSResource": "true", * }, * }, * }, * { - * action: "kms:*", - * effect: "Allow", - * principal: { + * Action: "kms:*", + * Effect: "Allow", + * Principal: { * AWS: current.then(current => `arn:aws:iam::${current.accountId}:root`), * }, - * resource: "*", - * sid: "Enable IAM User Permissions", + * Resource: "*", + * Sid: "Enable IAM User Permissions", * }, * ], - * version: "2012-10-17", + * Version: "2012-10-17", * }), * }); * const exampleZone = new aws.route53.Zone("example", {name: "example.com"}); @@ -75,7 +75,9 @@ import * as utilities from "../utilities"; * keyManagementServiceArn: testAwsKmsKey.arn, * name: "example", * }); - * const exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec("example", {hostedZoneId: exampleKeySigningKey.hostedZoneId}); + * const exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec("example", {hostedZoneId: exampleKeySigningKey.hostedZoneId}, { + * dependsOn: [exampleKeySigningKey], + * }); * ``` * * diff --git a/sdk/nodejs/route53/queryLog.ts b/sdk/nodejs/route53/queryLog.ts index 024a0c298e2..0cd5d5a5225 100644 --- a/sdk/nodejs/route53/queryLog.ts +++ b/sdk/nodejs/route53/queryLog.ts @@ -48,6 +48,8 @@ import * as utilities from "../utilities"; * const exampleComQueryLog = new aws.route53.QueryLog("example_com", { * cloudwatchLogGroupArn: awsRoute53ExampleCom.arn, * zoneId: exampleCom.zoneId, + * }, { + * dependsOn: [route53_query_logging_policyLogResourcePolicy], * }); * ``` * diff --git a/sdk/nodejs/route53domains/delegationSignerRecord.ts b/sdk/nodejs/route53domains/delegationSignerRecord.ts index beb1db984b1..7d786447613 100644 --- a/sdk/nodejs/route53domains/delegationSignerRecord.ts +++ b/sdk/nodejs/route53domains/delegationSignerRecord.ts @@ -25,53 +25,53 @@ import * as utilities from "../utilities"; * deletionWindowInDays: 7, * keyUsage: "SIGN_VERIFY", * policy: JSON.stringify({ - * statement: [ + * Statement: [ * { - * action: [ + * Action: [ * "kms:DescribeKey", * "kms:GetPublicKey", * "kms:Sign", * ], - * effect: "Allow", - * principal: { - * service: "dnssec-route53.amazonaws.com", + * Effect: "Allow", + * Principal: { + * Service: "dnssec-route53.amazonaws.com", * }, - * sid: "Allow Route 53 DNSSEC Service", - * resource: "*", - * condition: { - * stringEquals: { + * Sid: "Allow Route 53 DNSSEC Service", + * Resource: "*", + * Condition: { + * StringEquals: { * "aws:SourceAccount": current.then(current => current.accountId), * }, - * arnLike: { + * ArnLike: { * "aws:SourceArn": "arn:aws:route53:::hostedzone/*", * }, * }, * }, * { - * action: "kms:CreateGrant", - * effect: "Allow", - * principal: { - * service: "dnssec-route53.amazonaws.com", + * Action: "kms:CreateGrant", + * Effect: "Allow", + * Principal: { + * Service: "dnssec-route53.amazonaws.com", * }, - * sid: "Allow Route 53 DNSSEC Service to CreateGrant", - * resource: "*", - * condition: { - * bool: { + * Sid: "Allow Route 53 DNSSEC Service to CreateGrant", + * Resource: "*", + * Condition: { + * Bool: { * "kms:GrantIsForAWSResource": "true", * }, * }, * }, * { - * action: "kms:*", - * effect: "Allow", - * principal: { + * Action: "kms:*", + * Effect: "Allow", + * Principal: { * AWS: current.then(current => `arn:aws:iam::${current.accountId}:root`), * }, - * resource: "*", - * sid: "Enable IAM User Permissions", + * Resource: "*", + * Sid: "Enable IAM User Permissions", * }, * ], - * version: "2012-10-17", + * Version: "2012-10-17", * }), * }); * const exampleZone = new aws.route53.Zone("example", {name: "example.com"}); @@ -80,7 +80,9 @@ import * as utilities from "../utilities"; * keyManagementServiceArn: testAwsKmsKey.arn, * name: "example", * }); - * const exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec("example", {hostedZoneId: exampleKeySigningKey.hostedZoneId}); + * const exampleHostedZoneDnsSec = new aws.route53.HostedZoneDnsSec("example", {hostedZoneId: exampleKeySigningKey.hostedZoneId}, { + * dependsOn: [exampleKeySigningKey], + * }); * const exampleDelegationSignerRecord = new aws.route53domains.DelegationSignerRecord("example", { * domainName: "example.com", * signingAttributes: { diff --git a/sdk/nodejs/s3/bucketAclV2.ts b/sdk/nodejs/s3/bucketAclV2.ts index d74359a1998..5dec86fe56b 100644 --- a/sdk/nodejs/s3/bucketAclV2.ts +++ b/sdk/nodejs/s3/bucketAclV2.ts @@ -33,6 +33,8 @@ import * as utilities from "../utilities"; * const exampleBucketAclV2 = new aws.s3.BucketAclV2("example", { * bucket: example.id, * acl: "private", + * }, { + * dependsOn: [exampleBucketOwnershipControls], * }); * ``` * @@ -64,6 +66,11 @@ import * as utilities from "../utilities"; * const exampleBucketAclV2 = new aws.s3.BucketAclV2("example", { * bucket: example.id, * acl: "public-read", + * }, { + * dependsOn: [ + * exampleBucketOwnershipControls, + * exampleBucketPublicAccessBlock, + * ], * }); * ``` * @@ -106,6 +113,8 @@ import * as utilities from "../utilities"; * id: current.then(current => current.id), * }, * }, + * }, { + * dependsOn: [exampleBucketOwnershipControls], * }); * ``` * diff --git a/sdk/nodejs/s3/bucketLifecycleConfigurationV2.ts b/sdk/nodejs/s3/bucketLifecycleConfigurationV2.ts index 470792bc21e..34bd2c3a128 100644 --- a/sdk/nodejs/s3/bucketLifecycleConfigurationV2.ts +++ b/sdk/nodejs/s3/bucketLifecycleConfigurationV2.ts @@ -335,6 +335,8 @@ import * as utilities from "../utilities"; * ], * status: "Enabled", * }], + * }, { + * dependsOn: [versioning], * }); * ``` * diff --git a/sdk/nodejs/s3/bucketNotification.ts b/sdk/nodejs/s3/bucketNotification.ts index cb5db294dfc..eb6172c98c0 100644 --- a/sdk/nodejs/s3/bucketNotification.ts +++ b/sdk/nodejs/s3/bucketNotification.ts @@ -138,6 +138,8 @@ import * as utilities from "../utilities"; * filterPrefix: "AWSLogs/", * filterSuffix: ".log", * }], + * }, { + * dependsOn: [allowBucket], * }); * ``` * @@ -207,6 +209,11 @@ import * as utilities from "../utilities"; * filterSuffix: ".log", * }, * ], + * }, { + * dependsOn: [ + * allowBucket1, + * allowBucket2, + * ], * }); * ``` * diff --git a/sdk/nodejs/s3/bucketObject.ts b/sdk/nodejs/s3/bucketObject.ts index 070fb4fdf96..ee1428220a6 100644 --- a/sdk/nodejs/s3/bucketObject.ts +++ b/sdk/nodejs/s3/bucketObject.ts @@ -126,6 +126,8 @@ import {Bucket} from "./index"; * objectLockMode: "GOVERNANCE", * objectLockRetainUntilDate: "2021-12-31T23:59:60Z", * forceDestroy: true, + * }, { + * dependsOn: [exampleBucketVersioningV2], * }); * ``` * diff --git a/sdk/nodejs/s3/bucketObjectv2.ts b/sdk/nodejs/s3/bucketObjectv2.ts index 9506eb405f1..52286fa04c2 100644 --- a/sdk/nodejs/s3/bucketObjectv2.ts +++ b/sdk/nodejs/s3/bucketObjectv2.ts @@ -129,6 +129,8 @@ import {Bucket} from "./index"; * objectLockMode: "GOVERNANCE", * objectLockRetainUntilDate: "2021-12-31T23:59:60Z", * forceDestroy: true, + * }, { + * dependsOn: [exampleBucketVersioningV2], * }); * ``` * diff --git a/sdk/nodejs/s3/bucketReplicationConfig.ts b/sdk/nodejs/s3/bucketReplicationConfig.ts index 8c0b7b39a00..75d9841df99 100644 --- a/sdk/nodejs/s3/bucketReplicationConfig.ts +++ b/sdk/nodejs/s3/bucketReplicationConfig.ts @@ -107,6 +107,8 @@ import * as utilities from "../utilities"; * storageClass: "STANDARD", * }, * }], + * }, { + * dependsOn: [sourceBucketVersioningV2], * }); * ``` * @@ -147,6 +149,8 @@ import * as utilities from "../utilities"; * storageClass: "STANDARD", * }, * }], + * }, { + * dependsOn: [eastBucketVersioningV2], * }); * const westToEast = new aws.s3.BucketReplicationConfig("west_to_east", { * role: westReplication.arn, @@ -162,6 +166,8 @@ import * as utilities from "../utilities"; * storageClass: "STANDARD", * }, * }], + * }, { + * dependsOn: [westBucketVersioningV2], * }); * ``` * diff --git a/sdk/nodejs/s3control/accessGrant.ts b/sdk/nodejs/s3control/accessGrant.ts index f42c44469ef..c32c76b3a55 100644 --- a/sdk/nodejs/s3control/accessGrant.ts +++ b/sdk/nodejs/s3control/accessGrant.ts @@ -23,6 +23,8 @@ import * as utilities from "../utilities"; * const exampleAccessGrantsLocation = new aws.s3control.AccessGrantsLocation("example", { * iamRoleArn: exampleAwsIamRole.arn, * locationScope: `s3://${exampleAwsS3Bucket.bucket}/prefixA*`, + * }, { + * dependsOn: [example], * }); * const exampleAccessGrant = new aws.s3control.AccessGrant("example", { * accessGrantsLocationId: exampleAccessGrantsLocation.accessGrantsLocationId, diff --git a/sdk/nodejs/s3control/accessGrantsLocation.ts b/sdk/nodejs/s3control/accessGrantsLocation.ts index 36d1025e29f..80493c33a4a 100644 --- a/sdk/nodejs/s3control/accessGrantsLocation.ts +++ b/sdk/nodejs/s3control/accessGrantsLocation.ts @@ -21,6 +21,8 @@ import * as utilities from "../utilities"; * const exampleAccessGrantsLocation = new aws.s3control.AccessGrantsLocation("example", { * iamRoleArn: exampleAwsIamRole.arn, * locationScope: "s3://", + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/s3control/accessPointPolicy.ts b/sdk/nodejs/s3control/accessPointPolicy.ts index 38a9b4fa88b..d56ebb11c1d 100644 --- a/sdk/nodejs/s3control/accessPointPolicy.ts +++ b/sdk/nodejs/s3control/accessPointPolicy.ts @@ -30,14 +30,14 @@ import * as utilities from "../utilities"; * const exampleAccessPointPolicy = new aws.s3control.AccessPointPolicy("example", { * accessPointArn: exampleAccessPoint.arn, * policy: pulumi.jsonStringify({ - * version: "2008-10-17", - * statement: [{ - * effect: "Allow", - * action: "s3:GetObjectTagging", - * principal: { + * Version: "2008-10-17", + * Statement: [{ + * Effect: "Allow", + * Action: "s3:GetObjectTagging", + * Principal: { * AWS: "*", * }, - * resource: pulumi.interpolate`${exampleAccessPoint.arn}/object/*`, + * Resource: pulumi.interpolate`${exampleAccessPoint.arn}/object/*`, * }], * }), * }); diff --git a/sdk/nodejs/s3control/bucketPolicy.ts b/sdk/nodejs/s3control/bucketPolicy.ts index 6708702caff..85a40678f96 100644 --- a/sdk/nodejs/s3control/bucketPolicy.ts +++ b/sdk/nodejs/s3control/bucketPolicy.ts @@ -19,17 +19,17 @@ import * as utilities from "../utilities"; * const example = new aws.s3control.BucketPolicy("example", { * bucket: exampleAwsS3controlBucket.arn, * policy: JSON.stringify({ - * id: "testBucketPolicy", - * statement: [{ - * action: "s3-outposts:PutBucketLifecycleConfiguration", - * effect: "Deny", - * principal: { + * Id: "testBucketPolicy", + * Statement: [{ + * Action: "s3-outposts:PutBucketLifecycleConfiguration", + * Effect: "Deny", + * Principal: { * AWS: "*", * }, - * resource: exampleAwsS3controlBucket.arn, - * sid: "statement1", + * Resource: exampleAwsS3controlBucket.arn, + * Sid: "statement1", * }], - * version: "2012-10-17", + * Version: "2012-10-17", * }), * }); * ``` diff --git a/sdk/nodejs/s3control/objectLambdaAccessPointPolicy.ts b/sdk/nodejs/s3control/objectLambdaAccessPointPolicy.ts index 5beb61e74b5..0d3827b0054 100644 --- a/sdk/nodejs/s3control/objectLambdaAccessPointPolicy.ts +++ b/sdk/nodejs/s3control/objectLambdaAccessPointPolicy.ts @@ -36,14 +36,14 @@ import * as utilities from "../utilities"; * const exampleObjectLambdaAccessPointPolicy = new aws.s3control.ObjectLambdaAccessPointPolicy("example", { * name: exampleObjectLambdaAccessPoint.name, * policy: pulumi.jsonStringify({ - * version: "2008-10-17", - * statement: [{ - * effect: "Allow", - * action: "s3-object-lambda:GetObject", - * principal: { + * Version: "2008-10-17", + * Statement: [{ + * Effect: "Allow", + * Action: "s3-object-lambda:GetObject", + * Principal: { * AWS: current.accountId, * }, - * resource: exampleObjectLambdaAccessPoint.arn, + * Resource: exampleObjectLambdaAccessPoint.arn, * }], * }), * }); diff --git a/sdk/nodejs/sagemaker/codeRepository.ts b/sdk/nodejs/sagemaker/codeRepository.ts index c73ebac2de5..9f9234175e3 100644 --- a/sdk/nodejs/sagemaker/codeRepository.ts +++ b/sdk/nodejs/sagemaker/codeRepository.ts @@ -49,6 +49,8 @@ import * as utilities from "../utilities"; * repositoryUrl: "https://github.com/github/docs.git", * secretArn: example.arn, * }, + * }, { + * dependsOn: [exampleSecretVersion], * }); * ``` * diff --git a/sdk/nodejs/sagemaker/pipeline.ts b/sdk/nodejs/sagemaker/pipeline.ts index f3f2ab66948..513bddd056d 100644 --- a/sdk/nodejs/sagemaker/pipeline.ts +++ b/sdk/nodejs/sagemaker/pipeline.ts @@ -24,12 +24,12 @@ import * as utilities from "../utilities"; * pipelineDisplayName: "example", * roleArn: exampleAwsIamRole.arn, * pipelineDefinition: JSON.stringify({ - * version: "2020-12-01", - * steps: [{ - * name: "Test", - * type: "Fail", - * arguments: { - * errorMessage: "test", + * Version: "2020-12-01", + * Steps: [{ + * Name: "Test", + * Type: "Fail", + * Arguments: { + * ErrorMessage: "test", * }, * }], * }), diff --git a/sdk/nodejs/scheduler/schedule.ts b/sdk/nodejs/scheduler/schedule.ts index 8a52f65d852..9fba8f95c1f 100644 --- a/sdk/nodejs/scheduler/schedule.ts +++ b/sdk/nodejs/scheduler/schedule.ts @@ -56,8 +56,8 @@ import * as utilities from "../utilities"; * arn: "arn:aws:scheduler:::aws-sdk:sqs:sendMessage", * roleArn: exampleAwsIamRole.arn, * input: pulumi.jsonStringify({ - * messageBody: "Greetings, programs!", - * queueUrl: example.url, + * MessageBody: "Greetings, programs!", + * QueueUrl: example.url, * }), * }, * }); diff --git a/sdk/nodejs/securityhub/actionTarget.ts b/sdk/nodejs/securityhub/actionTarget.ts index dec489f7620..56c30a9cf75 100644 --- a/sdk/nodejs/securityhub/actionTarget.ts +++ b/sdk/nodejs/securityhub/actionTarget.ts @@ -19,6 +19,8 @@ import * as utilities from "../utilities"; * name: "Send notification to chat", * identifier: "SendToChat", * description: "This is custom action sends selected findings to chat", + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/securityhub/configurationPolicy.ts b/sdk/nodejs/securityhub/configurationPolicy.ts index 2082306520d..61e64f06391 100644 --- a/sdk/nodejs/securityhub/configurationPolicy.ts +++ b/sdk/nodejs/securityhub/configurationPolicy.ts @@ -28,6 +28,8 @@ import * as utilities from "../utilities"; * organizationConfiguration: { * configurationType: "CENTRAL", * }, + * }, { + * dependsOn: [example], * }); * const exampleConfigurationPolicy = new aws.securityhub.ConfigurationPolicy("example", { * name: "Example", @@ -42,6 +44,8 @@ import * as utilities from "../utilities"; * disabledControlIdentifiers: [], * }, * }, + * }, { + * dependsOn: [exampleOrganizationConfiguration], * }); * ``` * @@ -60,6 +64,8 @@ import * as utilities from "../utilities"; * serviceEnabled: false, * enabledStandardArns: [], * }, + * }, { + * dependsOn: [example], * }); * ``` * @@ -118,6 +124,8 @@ import * as utilities from "../utilities"; * ], * }, * }, + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/securityhub/configurationPolicyAssociation.ts b/sdk/nodejs/securityhub/configurationPolicyAssociation.ts index 6e865f301d3..757921cc6dd 100644 --- a/sdk/nodejs/securityhub/configurationPolicyAssociation.ts +++ b/sdk/nodejs/securityhub/configurationPolicyAssociation.ts @@ -23,6 +23,8 @@ import * as utilities from "../utilities"; * organizationConfiguration: { * configurationType: "CENTRAL", * }, + * }, { + * dependsOn: [example], * }); * const exampleConfigurationPolicy = new aws.securityhub.ConfigurationPolicy("example", { * name: "Example", @@ -37,6 +39,8 @@ import * as utilities from "../utilities"; * disabledControlIdentifiers: [], * }, * }, + * }, { + * dependsOn: [exampleOrganizationConfiguration], * }); * const accountExample = new aws.securityhub.ConfigurationPolicyAssociation("account_example", { * targetId: "123456789012", diff --git a/sdk/nodejs/securityhub/findingAggregator.ts b/sdk/nodejs/securityhub/findingAggregator.ts index 6d9182d2c24..6b7de532fa9 100644 --- a/sdk/nodejs/securityhub/findingAggregator.ts +++ b/sdk/nodejs/securityhub/findingAggregator.ts @@ -19,7 +19,9 @@ import * as utilities from "../utilities"; * import * as aws from "@pulumi/aws"; * * const example = new aws.securityhub.Account("example", {}); - * const exampleFindingAggregator = new aws.securityhub.FindingAggregator("example", {linkingMode: "ALL_REGIONS"}); + * const exampleFindingAggregator = new aws.securityhub.FindingAggregator("example", {linkingMode: "ALL_REGIONS"}, { + * dependsOn: [example], + * }); * ``` * * @@ -39,6 +41,8 @@ import * as utilities from "../utilities"; * "eu-west-1", * "eu-west-2", * ], + * }, { + * dependsOn: [example], * }); * ``` * @@ -59,6 +63,8 @@ import * as utilities from "../utilities"; * "eu-west-1", * "eu-west-2", * ], + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/securityhub/insight.ts b/sdk/nodejs/securityhub/insight.ts index bfdac7d822e..e80f648ad3f 100644 --- a/sdk/nodejs/securityhub/insight.ts +++ b/sdk/nodejs/securityhub/insight.ts @@ -35,6 +35,8 @@ import * as utilities from "../utilities"; * }, * groupByAttribute: "AwsAccountId", * name: "example-insight", + * }, { + * dependsOn: [example], * }); * ``` * @@ -58,6 +60,8 @@ import * as utilities from "../utilities"; * }, * groupByAttribute: "CreatedAt", * name: "example-insight", + * }, { + * dependsOn: [example], * }); * ``` * @@ -78,6 +82,8 @@ import * as utilities from "../utilities"; * }, * groupByAttribute: "NetworkDestinationIpV4", * name: "example-insight", + * }, { + * dependsOn: [example], * }); * ``` * @@ -98,6 +104,8 @@ import * as utilities from "../utilities"; * }, * groupByAttribute: "Confidence", * name: "example-insight", + * }, { + * dependsOn: [example], * }); * ``` * @@ -120,6 +128,8 @@ import * as utilities from "../utilities"; * }, * groupByAttribute: "ResourceTags", * name: "example-insight", + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/securityhub/inviteAccepter.ts b/sdk/nodejs/securityhub/inviteAccepter.ts index 1970c204df3..32f17da4a16 100644 --- a/sdk/nodejs/securityhub/inviteAccepter.ts +++ b/sdk/nodejs/securityhub/inviteAccepter.ts @@ -23,7 +23,9 @@ import * as utilities from "../utilities"; * invite: true, * }); * const invitee = new aws.securityhub.Account("invitee", {}); - * const inviteeInviteAccepter = new aws.securityhub.InviteAccepter("invitee", {masterId: exampleMember.masterId}); + * const inviteeInviteAccepter = new aws.securityhub.InviteAccepter("invitee", {masterId: exampleMember.masterId}, { + * dependsOn: [invitee], + * }); * ``` * * diff --git a/sdk/nodejs/securityhub/member.ts b/sdk/nodejs/securityhub/member.ts index 8735fa78197..6f8a1fb45da 100644 --- a/sdk/nodejs/securityhub/member.ts +++ b/sdk/nodejs/securityhub/member.ts @@ -19,6 +19,8 @@ import * as utilities from "../utilities"; * accountId: "123456789012", * email: "example@example.com", * invite: true, + * }, { + * dependsOn: [example], * }); * ``` * diff --git a/sdk/nodejs/securityhub/organizationAdminAccount.ts b/sdk/nodejs/securityhub/organizationAdminAccount.ts index a67cf9d1f79..412629c2404 100644 --- a/sdk/nodejs/securityhub/organizationAdminAccount.ts +++ b/sdk/nodejs/securityhub/organizationAdminAccount.ts @@ -19,7 +19,9 @@ import * as utilities from "../utilities"; * featureSet: "ALL", * }); * const exampleAccount = new aws.securityhub.Account("example", {}); - * const exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount("example", {adminAccountId: "123456789012"}); + * const exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount("example", {adminAccountId: "123456789012"}, { + * dependsOn: [example], + * }); * // Auto enable security hub in organization member accounts * const exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration("example", {autoEnable: true}); * ``` diff --git a/sdk/nodejs/securityhub/organizationConfiguration.ts b/sdk/nodejs/securityhub/organizationConfiguration.ts index d063231c5a7..f3b110d5943 100644 --- a/sdk/nodejs/securityhub/organizationConfiguration.ts +++ b/sdk/nodejs/securityhub/organizationConfiguration.ts @@ -31,7 +31,9 @@ import * as utilities from "../utilities"; * awsServiceAccessPrincipals: ["securityhub.amazonaws.com"], * featureSet: "ALL", * }); - * const exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount("example", {adminAccountId: "123456789012"}); + * const exampleOrganizationAdminAccount = new aws.securityhub.OrganizationAdminAccount("example", {adminAccountId: "123456789012"}, { + * dependsOn: [example], + * }); * const exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration("example", {autoEnable: true}); * ``` * @@ -43,14 +45,20 @@ import * as utilities from "../utilities"; * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * - * const example = new aws.securityhub.OrganizationAdminAccount("example", {adminAccountId: "123456789012"}); - * const exampleFindingAggregator = new aws.securityhub.FindingAggregator("example", {linkingMode: "ALL_REGIONS"}); + * const example = new aws.securityhub.OrganizationAdminAccount("example", {adminAccountId: "123456789012"}, { + * dependsOn: [exampleAwsOrganizationsOrganization], + * }); + * const exampleFindingAggregator = new aws.securityhub.FindingAggregator("example", {linkingMode: "ALL_REGIONS"}, { + * dependsOn: [example], + * }); * const exampleOrganizationConfiguration = new aws.securityhub.OrganizationConfiguration("example", { * autoEnable: false, * autoEnableStandards: "NONE", * organizationConfiguration: { * configurationType: "CENTRAL", * }, + * }, { + * dependsOn: [exampleFindingAggregator], * }); * ``` * diff --git a/sdk/nodejs/securityhub/productSubscription.ts b/sdk/nodejs/securityhub/productSubscription.ts index f375b3f5f99..88769888ffd 100644 --- a/sdk/nodejs/securityhub/productSubscription.ts +++ b/sdk/nodejs/securityhub/productSubscription.ts @@ -16,7 +16,9 @@ import * as utilities from "../utilities"; * * const example = new aws.securityhub.Account("example", {}); * const current = aws.getRegion({}); - * const exampleProductSubscription = new aws.securityhub.ProductSubscription("example", {productArn: current.then(current => `arn:aws:securityhub:${current.name}:733251395267:product/alertlogic/althreatmanagement`)}); + * const exampleProductSubscription = new aws.securityhub.ProductSubscription("example", {productArn: current.then(current => `arn:aws:securityhub:${current.name}:733251395267:product/alertlogic/althreatmanagement`)}, { + * dependsOn: [example], + * }); * ``` * * diff --git a/sdk/nodejs/securityhub/standardsControl.ts b/sdk/nodejs/securityhub/standardsControl.ts index 307df6112cd..4ea912cad30 100644 --- a/sdk/nodejs/securityhub/standardsControl.ts +++ b/sdk/nodejs/securityhub/standardsControl.ts @@ -19,11 +19,15 @@ import * as utilities from "../utilities"; * import * as aws from "@pulumi/aws"; * * const example = new aws.securityhub.Account("example", {}); - * const cisAwsFoundationsBenchmark = new aws.securityhub.StandardsSubscription("cis_aws_foundations_benchmark", {standardsArn: "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"}); + * const cisAwsFoundationsBenchmark = new aws.securityhub.StandardsSubscription("cis_aws_foundations_benchmark", {standardsArn: "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"}, { + * dependsOn: [example], + * }); * const ensureIamPasswordPolicyPreventsPasswordReuse = new aws.securityhub.StandardsControl("ensure_iam_password_policy_prevents_password_reuse", { * standardsControlArn: "arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10", * controlStatus: "DISABLED", * disabledReason: "We handle password policies within Okta", + * }, { + * dependsOn: [cisAwsFoundationsBenchmark], * }); * ``` * diff --git a/sdk/nodejs/securityhub/standardsSubscription.ts b/sdk/nodejs/securityhub/standardsSubscription.ts index 369f640c0b6..2834c7efafa 100644 --- a/sdk/nodejs/securityhub/standardsSubscription.ts +++ b/sdk/nodejs/securityhub/standardsSubscription.ts @@ -16,8 +16,12 @@ import * as utilities from "../utilities"; * * const example = new aws.securityhub.Account("example", {}); * const current = aws.getRegion({}); - * const cis = new aws.securityhub.StandardsSubscription("cis", {standardsArn: "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"}); - * const pci321 = new aws.securityhub.StandardsSubscription("pci_321", {standardsArn: current.then(current => `arn:aws:securityhub:${current.name}::standards/pci-dss/v/3.2.1`)}); + * const cis = new aws.securityhub.StandardsSubscription("cis", {standardsArn: "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"}, { + * dependsOn: [example], + * }); + * const pci321 = new aws.securityhub.StandardsSubscription("pci_321", {standardsArn: current.then(current => `arn:aws:securityhub:${current.name}::standards/pci-dss/v/3.2.1`)}, { + * dependsOn: [example], + * }); * ``` * * diff --git a/sdk/nodejs/ses/domainIdentityVerification.ts b/sdk/nodejs/ses/domainIdentityVerification.ts index c60df82c182..b7ee2f9db8d 100644 --- a/sdk/nodejs/ses/domainIdentityVerification.ts +++ b/sdk/nodejs/ses/domainIdentityVerification.ts @@ -28,7 +28,9 @@ import * as utilities from "../utilities"; * ttl: 600, * records: [example.verificationToken], * }); - * const exampleVerification = new aws.ses.DomainIdentityVerification("example_verification", {domain: example.id}); + * const exampleVerification = new aws.ses.DomainIdentityVerification("example_verification", {domain: example.id}, { + * dependsOn: [exampleAmazonsesVerificationRecord], + * }); * ``` * */ diff --git a/sdk/nodejs/shield/drtAccessRoleArnAssociation.ts b/sdk/nodejs/shield/drtAccessRoleArnAssociation.ts index da6d13f6b6f..b363dd3a917 100644 --- a/sdk/nodejs/shield/drtAccessRoleArnAssociation.ts +++ b/sdk/nodejs/shield/drtAccessRoleArnAssociation.ts @@ -23,8 +23,8 @@ import * as utilities from "../utilities"; * const test = new aws.iam.Role("test", { * name: awsShieldDrtAccessRoleArn, * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ + * Version: "2012-10-17", + * Statement: [{ * Sid: "", * Effect: "Allow", * Principal: { diff --git a/sdk/nodejs/shield/proactiveEngagement.ts b/sdk/nodejs/shield/proactiveEngagement.ts index bdb1472bac1..42f16b31639 100644 --- a/sdk/nodejs/shield/proactiveEngagement.ts +++ b/sdk/nodejs/shield/proactiveEngagement.ts @@ -23,8 +23,8 @@ import * as utilities from "../utilities"; * const example = new aws.iam.Role("example", { * name: awsShieldDrtAccessRoleArn, * assumeRolePolicy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ + * Version: "2012-10-17", + * Statement: [{ * Sid: "", * Effect: "Allow", * Principal: { @@ -58,6 +58,8 @@ import * as utilities from "../utilities"; * phoneNumber: "+12358132134", * }, * ], + * }, { + * dependsOn: [testAwsShieldDrtAccessRoleArnAssociation], * }); * ``` * diff --git a/sdk/nodejs/shield/protectionGroup.ts b/sdk/nodejs/shield/protectionGroup.ts index 878622ce6d5..b72f22e8599 100644 --- a/sdk/nodejs/shield/protectionGroup.ts +++ b/sdk/nodejs/shield/protectionGroup.ts @@ -45,6 +45,8 @@ import * as utilities from "../utilities"; * aggregation: "MEAN", * pattern: "ARBITRARY", * members: [pulumi.all([current, currentGetCallerIdentity, example.id]).apply(([current, currentGetCallerIdentity, id]) => `arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`)], + * }, { + * dependsOn: [exampleProtection], * }); * ``` * diff --git a/sdk/nodejs/ssm/activation.ts b/sdk/nodejs/ssm/activation.ts index 00cb4d3c301..8b576859cb8 100644 --- a/sdk/nodejs/ssm/activation.ts +++ b/sdk/nodejs/ssm/activation.ts @@ -37,6 +37,8 @@ import * as utilities from "../utilities"; * description: "Test", * iamRole: testRole.id, * registrationLimit: 5, + * }, { + * dependsOn: [testAttach], * }); * ``` * diff --git a/sdk/nodejs/ssm/contactsRotation.ts b/sdk/nodejs/ssm/contactsRotation.ts index 287fffa925a..670ec9edd01 100644 --- a/sdk/nodejs/ssm/contactsRotation.ts +++ b/sdk/nodejs/ssm/contactsRotation.ts @@ -29,6 +29,8 @@ import * as utilities from "../utilities"; * }], * }, * timeZoneId: "Australia/Sydney", + * }, { + * dependsOn: [exampleAwsSsmincidentsReplicationSet], * }); * ``` * @@ -82,6 +84,8 @@ import * as utilities from "../utilities"; * key1: "tag1", * key2: "tag2", * }, + * }, { + * dependsOn: [exampleAwsSsmincidentsReplicationSet], * }); * ``` * @@ -117,6 +121,8 @@ import * as utilities from "../utilities"; * ], * }, * timeZoneId: "Australia/Sydney", + * }, { + * dependsOn: [exampleAwsSsmincidentsReplicationSet], * }); * ``` * diff --git a/sdk/nodejs/ssmcontacts/contact.ts b/sdk/nodejs/ssmcontacts/contact.ts index 99c44043956..c37a9eff27a 100644 --- a/sdk/nodejs/ssmcontacts/contact.ts +++ b/sdk/nodejs/ssmcontacts/contact.ts @@ -19,6 +19,8 @@ import * as utilities from "../utilities"; * const example = new aws.ssmcontacts.Contact("example", { * alias: "alias", * type: "PERSONAL", + * }, { + * dependsOn: [exampleAwsSsmincidentsReplicationSet], * }); * ``` * @@ -37,6 +39,8 @@ import * as utilities from "../utilities"; * tags: { * key: "value", * }, + * }, { + * dependsOn: [exampleAwsSsmincidentsReplicationSet], * }); * ``` * diff --git a/sdk/nodejs/ssmincidents/responsePlan.ts b/sdk/nodejs/ssmincidents/responsePlan.ts index b72aecfb6e9..6b30405ba60 100644 --- a/sdk/nodejs/ssmincidents/responsePlan.ts +++ b/sdk/nodejs/ssmincidents/responsePlan.ts @@ -28,6 +28,8 @@ import * as utilities from "../utilities"; * tags: { * key: "value", * }, + * }, { + * dependsOn: [exampleAwsSsmincidentsReplicationSet], * }); * ``` * @@ -96,6 +98,8 @@ import * as utilities from "../utilities"; * tags: { * key: "value", * }, + * }, { + * dependsOn: [exampleAwsSsmincidentsReplicationSet], * }); * ``` * diff --git a/sdk/nodejs/storagegateway/fileSystemAssociation.ts b/sdk/nodejs/storagegateway/fileSystemAssociation.ts index 67766274901..23f768c09db 100644 --- a/sdk/nodejs/storagegateway/fileSystemAssociation.ts +++ b/sdk/nodejs/storagegateway/fileSystemAssociation.ts @@ -45,6 +45,11 @@ import * as utilities from "../utilities"; * instanceType: aws.ec2.InstanceType[available.instanceType], * vpcSecurityGroupIds: [testAwsSecurityGroup.id], * subnetId: testAwsSubnet[0].id, + * }, { + * dependsOn: [ + * testAwsRoute, + * testAwsVpcDhcpOptionsAssociation, + * ], * }); * const testGateway = new aws.storagegateway.Gateway("test", { * gatewayIpAddress: test.publicIp, diff --git a/sdk/nodejs/transcribe/languageModel.ts b/sdk/nodejs/transcribe/languageModel.ts index d7bffe02b02..fdfda84595f 100644 --- a/sdk/nodejs/transcribe/languageModel.ts +++ b/sdk/nodejs/transcribe/languageModel.ts @@ -38,14 +38,14 @@ import * as utilities from "../utilities"; * name: "example", * role: exampleRole.id, * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: [ + * Version: "2012-10-17", + * Statement: [{ + * Action: [ * "s3:GetObject", * "s3:ListBucket", * ], - * effect: "Allow", - * resource: ["*"], + * Effect: "Allow", + * Resource: ["*"], * }], * }), * }); diff --git a/sdk/nodejs/transcribe/medicalVocabulary.ts b/sdk/nodejs/transcribe/medicalVocabulary.ts index a4be021ce46..915dab3ab63 100644 --- a/sdk/nodejs/transcribe/medicalVocabulary.ts +++ b/sdk/nodejs/transcribe/medicalVocabulary.ts @@ -33,6 +33,8 @@ import * as utilities from "../utilities"; * tag1: "value1", * tag2: "value3", * }, + * }, { + * dependsOn: [object], * }); * ``` * diff --git a/sdk/nodejs/transcribe/vocabulary.ts b/sdk/nodejs/transcribe/vocabulary.ts index 116b3fe4666..7542bbb1dd7 100644 --- a/sdk/nodejs/transcribe/vocabulary.ts +++ b/sdk/nodejs/transcribe/vocabulary.ts @@ -33,6 +33,8 @@ import * as utilities from "../utilities"; * tag1: "value1", * tag2: "value3", * }, + * }, { + * dependsOn: [object], * }); * ``` * diff --git a/sdk/nodejs/vpclattice/authPolicy.ts b/sdk/nodejs/vpclattice/authPolicy.ts index 0ce8ddbc3ea..cb7356f80cf 100644 --- a/sdk/nodejs/vpclattice/authPolicy.ts +++ b/sdk/nodejs/vpclattice/authPolicy.ts @@ -24,14 +24,14 @@ import * as utilities from "../utilities"; * const exampleAuthPolicy = new aws.vpclattice.AuthPolicy("example", { * resourceIdentifier: example.arn, * policy: JSON.stringify({ - * version: "2012-10-17", - * statement: [{ - * action: "*", - * effect: "Allow", - * principal: "*", - * resource: "*", - * condition: { - * stringNotEqualsIgnoreCase: { + * Version: "2012-10-17", + * Statement: [{ + * Action: "*", + * Effect: "Allow", + * Principal: "*", + * Resource: "*", + * Condition: { + * StringNotEqualsIgnoreCase: { * "aws:PrincipalType": "anonymous", * }, * }, diff --git a/sdk/nodejs/vpclattice/resourcePolicy.ts b/sdk/nodejs/vpclattice/resourcePolicy.ts index 3155e2d1cde..ac9e816f9aa 100644 --- a/sdk/nodejs/vpclattice/resourcePolicy.ts +++ b/sdk/nodejs/vpclattice/resourcePolicy.ts @@ -22,19 +22,19 @@ import * as utilities from "../utilities"; * const exampleResourcePolicy = new aws.vpclattice.ResourcePolicy("example", { * resourceArn: example.arn, * policy: pulumi.jsonStringify({ - * version: "2012-10-17", - * statement: [{ - * sid: "test-pol-principals-6", - * effect: "Allow", - * principal: { + * Version: "2012-10-17", + * Statement: [{ + * Sid: "test-pol-principals-6", + * Effect: "Allow", + * Principal: { * AWS: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) => `arn:${currentGetPartition.partition}:iam::${current.accountId}:root`), * }, - * action: [ + * Action: [ * "vpc-lattice:CreateServiceNetworkVpcAssociation", * "vpc-lattice:CreateServiceNetworkServiceAssociation", * "vpc-lattice:GetServiceNetwork", * ], - * resource: example.arn, + * Resource: example.arn, * }], * }), * }); diff --git a/sdk/nodejs/waf/rateBasedRule.ts b/sdk/nodejs/waf/rateBasedRule.ts index 7ecb470b114..c63224e148c 100644 --- a/sdk/nodejs/waf/rateBasedRule.ts +++ b/sdk/nodejs/waf/rateBasedRule.ts @@ -34,6 +34,8 @@ import * as utilities from "../utilities"; * negated: false, * type: "IPMatch", * }], + * }, { + * dependsOn: [ipset], * }); * ``` * diff --git a/sdk/nodejs/waf/rule.ts b/sdk/nodejs/waf/rule.ts index 70193bb0d94..cc628ff26c7 100644 --- a/sdk/nodejs/waf/rule.ts +++ b/sdk/nodejs/waf/rule.ts @@ -32,6 +32,8 @@ import * as utilities from "../utilities"; * negated: false, * type: "IPMatch", * }], + * }, { + * dependsOn: [ipset], * }); * ``` * diff --git a/sdk/nodejs/waf/webAcl.ts b/sdk/nodejs/waf/webAcl.ts index acfa3fbf4c2..fab151c5f00 100644 --- a/sdk/nodejs/waf/webAcl.ts +++ b/sdk/nodejs/waf/webAcl.ts @@ -34,6 +34,8 @@ import * as utilities from "../utilities"; * negated: false, * type: "IPMatch", * }], + * }, { + * dependsOn: [ipset], * }); * const wafAcl = new aws.waf.WebAcl("waf_acl", { * name: "tfWebACL", @@ -49,6 +51,11 @@ import * as utilities from "../utilities"; * ruleId: wafrule.id, * type: "REGULAR", * }], + * }, { + * dependsOn: [ + * ipset, + * wafrule, + * ], * }); * ``` * diff --git a/sdk/nodejs/wafregional/rateBasedRule.ts b/sdk/nodejs/wafregional/rateBasedRule.ts index 5de49e65867..b169a48b2ff 100644 --- a/sdk/nodejs/wafregional/rateBasedRule.ts +++ b/sdk/nodejs/wafregional/rateBasedRule.ts @@ -34,6 +34,8 @@ import * as utilities from "../utilities"; * negated: false, * type: "IPMatch", * }], + * }, { + * dependsOn: [ipset], * }); * ``` * diff --git a/sdk/nodejs/workspaces/directory.ts b/sdk/nodejs/workspaces/directory.ts index e8a6dcb69aa..34e3707ab33 100644 --- a/sdk/nodejs/workspaces/directory.ts +++ b/sdk/nodejs/workspaces/directory.ts @@ -42,6 +42,27 @@ import * as utilities from "../utilities"; * ], * }, * }); + * const workspaces = aws.iam.getPolicyDocument({ + * statements: [{ + * actions: ["sts:AssumeRole"], + * principals: [{ + * type: "Service", + * identifiers: ["workspaces.amazonaws.com"], + * }], + * }], + * }); + * const workspacesDefault = new aws.iam.Role("workspaces_default", { + * name: "workspaces_DefaultRole", + * assumeRolePolicy: workspaces.then(workspaces => workspaces.json), + * }); + * const workspacesDefaultServiceAccess = new aws.iam.RolePolicyAttachment("workspaces_default_service_access", { + * role: workspacesDefault.name, + * policyArn: "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess", + * }); + * const workspacesDefaultSelfServiceAccess = new aws.iam.RolePolicyAttachment("workspaces_default_self_service_access", { + * role: workspacesDefault.name, + * policyArn: "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess", + * }); * const exampleC = new aws.ec2.Subnet("example_c", { * vpcId: exampleVpc.id, * availabilityZone: "us-east-1c", @@ -85,27 +106,11 @@ import * as utilities from "../utilities"; * enableMaintenanceMode: true, * userEnabledAsLocalAdministrator: true, * }, - * }); - * const workspaces = aws.iam.getPolicyDocument({ - * statements: [{ - * actions: ["sts:AssumeRole"], - * principals: [{ - * type: "Service", - * identifiers: ["workspaces.amazonaws.com"], - * }], - * }], - * }); - * const workspacesDefault = new aws.iam.Role("workspaces_default", { - * name: "workspaces_DefaultRole", - * assumeRolePolicy: workspaces.then(workspaces => workspaces.json), - * }); - * const workspacesDefaultServiceAccess = new aws.iam.RolePolicyAttachment("workspaces_default_service_access", { - * role: workspacesDefault.name, - * policyArn: "arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess", - * }); - * const workspacesDefaultSelfServiceAccess = new aws.iam.RolePolicyAttachment("workspaces_default_self_service_access", { - * role: workspacesDefault.name, - * policyArn: "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess", + * }, { + * dependsOn: [ + * workspacesDefaultServiceAccess, + * workspacesDefaultSelfServiceAccess, + * ], * }); * ``` * diff --git a/sdk/python/pulumi_aws/accessanalyzer/analyzer.py b/sdk/python/pulumi_aws/accessanalyzer/analyzer.py index 8cc1159ad05..14f59dcf876 100644 --- a/sdk/python/pulumi_aws/accessanalyzer/analyzer.py +++ b/sdk/python/pulumi_aws/accessanalyzer/analyzer.py @@ -238,7 +238,8 @@ def __init__(__self__, example = aws.organizations.Organization("example", aws_service_access_principals=["access-analyzer.amazonaws.com"]) example_analyzer = aws.accessanalyzer.Analyzer("example", analyzer_name="example", - type="ORGANIZATION") + type="ORGANIZATION", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -291,7 +292,8 @@ def __init__(__self__, example = aws.organizations.Organization("example", aws_service_access_principals=["access-analyzer.amazonaws.com"]) example_analyzer = aws.accessanalyzer.Analyzer("example", analyzer_name="example", - type="ORGANIZATION") + type="ORGANIZATION", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/acmpca/certificate_authority.py b/sdk/python/pulumi_aws/acmpca/certificate_authority.py index 7e2acd78d0d..bcd5e4c99e1 100644 --- a/sdk/python/pulumi_aws/acmpca/certificate_authority.py +++ b/sdk/python/pulumi_aws/acmpca/certificate_authority.py @@ -522,7 +522,8 @@ def __init__(__self__, s3_bucket_name=example.id, s3_object_acl="BUCKET_OWNER_FULL_CONTROL", ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_bucket_policy])) ``` @@ -641,7 +642,8 @@ def __init__(__self__, s3_bucket_name=example.id, s3_object_acl="BUCKET_OWNER_FULL_CONTROL", ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_bucket_policy])) ``` diff --git a/sdk/python/pulumi_aws/alb/target_group_attachment.py b/sdk/python/pulumi_aws/alb/target_group_attachment.py index 7773c99f506..6235ab5abd7 100644 --- a/sdk/python/pulumi_aws/alb/target_group_attachment.py +++ b/sdk/python/pulumi_aws/alb/target_group_attachment.py @@ -213,7 +213,8 @@ def __init__(__self__, source_arn=test.arn) test_target_group_attachment = aws.lb.TargetGroupAttachment("test", target_group_arn=test.arn, - target_id=test_function.arn) + target_id=test_function.arn, + opts=pulumi.ResourceOptions(depends_on=[with_lb])) ``` @@ -301,7 +302,8 @@ def __init__(__self__, source_arn=test.arn) test_target_group_attachment = aws.lb.TargetGroupAttachment("test", target_group_arn=test.arn, - target_id=test_function.arn) + target_id=test_function.arn, + opts=pulumi.ResourceOptions(depends_on=[with_lb])) ``` diff --git a/sdk/python/pulumi_aws/apigateway/documentation_version.py b/sdk/python/pulumi_aws/apigateway/documentation_version.py index 05b860b4450..782a6f28f93 100644 --- a/sdk/python/pulumi_aws/apigateway/documentation_version.py +++ b/sdk/python/pulumi_aws/apigateway/documentation_version.py @@ -141,16 +141,17 @@ def __init__(__self__, import pulumi_aws as aws example_rest_api = aws.apigateway.RestApi("example", name="example_api") - example = aws.apigateway.DocumentationVersion("example", - version="example_version", - rest_api_id=example_rest_api.id, - description="Example description") example_documentation_part = aws.apigateway.DocumentationPart("example", location=aws.apigateway.DocumentationPartLocationArgs( type="API", ), properties="{\\"description\\":\\"Example\\"}", rest_api_id=example_rest_api.id) + example = aws.apigateway.DocumentationVersion("example", + version="example_version", + rest_api_id=example_rest_api.id, + description="Example description", + opts=pulumi.ResourceOptions(depends_on=[example_documentation_part])) ``` @@ -185,16 +186,17 @@ def __init__(__self__, import pulumi_aws as aws example_rest_api = aws.apigateway.RestApi("example", name="example_api") - example = aws.apigateway.DocumentationVersion("example", - version="example_version", - rest_api_id=example_rest_api.id, - description="Example description") example_documentation_part = aws.apigateway.DocumentationPart("example", location=aws.apigateway.DocumentationPartLocationArgs( type="API", ), properties="{\\"description\\":\\"Example\\"}", rest_api_id=example_rest_api.id) + example = aws.apigateway.DocumentationVersion("example", + version="example_version", + rest_api_id=example_rest_api.id, + description="Example description", + opts=pulumi.ResourceOptions(depends_on=[example_documentation_part])) ``` diff --git a/sdk/python/pulumi_aws/apigateway/method_response.py b/sdk/python/pulumi_aws/apigateway/method_response.py index beea2ab47cc..93bdd85025b 100644 --- a/sdk/python/pulumi_aws/apigateway/method_response.py +++ b/sdk/python/pulumi_aws/apigateway/method_response.py @@ -307,7 +307,7 @@ def __init__(__self__, "title": "MyDemoResponse", "type": "object", "properties": { - "message": { + "Message": { "type": "string", }, }, @@ -424,7 +424,7 @@ def __init__(__self__, "title": "MyDemoResponse", "type": "object", "properties": { - "message": { + "Message": { "type": "string", }, }, diff --git a/sdk/python/pulumi_aws/apigateway/stage.py b/sdk/python/pulumi_aws/apigateway/stage.py index 41dfedea7fb..9251a36d5a2 100644 --- a/sdk/python/pulumi_aws/apigateway/stage.py +++ b/sdk/python/pulumi_aws/apigateway/stage.py @@ -620,10 +620,11 @@ def __init__(__self__, if stage_name is None: stage_name = "example" example = aws.apigateway.RestApi("example") - example_stage = aws.apigateway.Stage("example", stage_name=stage_name) example_log_group = aws.cloudwatch.LogGroup("example", name=example.id.apply(lambda id: f"API-Gateway-Execution-Logs_{id}/{stage_name}"), retention_in_days=7) + example_stage = aws.apigateway.Stage("example", stage_name=stage_name, + opts=pulumi.ResourceOptions(depends_on=[example_log_group])) ``` @@ -724,10 +725,11 @@ def __init__(__self__, if stage_name is None: stage_name = "example" example = aws.apigateway.RestApi("example") - example_stage = aws.apigateway.Stage("example", stage_name=stage_name) example_log_group = aws.cloudwatch.LogGroup("example", name=example.id.apply(lambda id: f"API-Gateway-Execution-Logs_{id}/{stage_name}"), retention_in_days=7) + example_stage = aws.apigateway.Stage("example", stage_name=stage_name, + opts=pulumi.ResourceOptions(depends_on=[example_log_group])) ``` diff --git a/sdk/python/pulumi_aws/appflow/connector_profile.py b/sdk/python/pulumi_aws/appflow/connector_profile.py index 9467e378afe..8cb7a858016 100644 --- a/sdk/python/pulumi_aws/appflow/connector_profile.py +++ b/sdk/python/pulumi_aws/appflow/connector_profile.py @@ -274,13 +274,13 @@ def __init__(__self__, name="example_role", managed_policy_arns=[test["arn"]], assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "ec2.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "ec2.amazonaws.com", }, }], })) @@ -356,13 +356,13 @@ def __init__(__self__, name="example_role", managed_policy_arns=[test["arn"]], assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "ec2.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "ec2.amazonaws.com", }, }], })) diff --git a/sdk/python/pulumi_aws/applicationinsights/application.py b/sdk/python/pulumi_aws/applicationinsights/application.py index 35a5fa379a9..8b8956803fe 100644 --- a/sdk/python/pulumi_aws/applicationinsights/application.py +++ b/sdk/python/pulumi_aws/applicationinsights/application.py @@ -357,10 +357,10 @@ def __init__(__self__, name="example", resource_query=aws.resourcegroups.GroupResourceQueryArgs( query=json.dumps({ - "resourceTypeFilters": ["AWS::EC2::Instance"], - "tagFilters": [{ - "key": "Stage", - "values": ["Test"], + "ResourceTypeFilters": ["AWS::EC2::Instance"], + "TagFilters": [{ + "Key": "Stage", + "Values": ["Test"], }], }), )) @@ -410,10 +410,10 @@ def __init__(__self__, name="example", resource_query=aws.resourcegroups.GroupResourceQueryArgs( query=json.dumps({ - "resourceTypeFilters": ["AWS::EC2::Instance"], - "tagFilters": [{ - "key": "Stage", - "values": ["Test"], + "ResourceTypeFilters": ["AWS::EC2::Instance"], + "TagFilters": [{ + "Key": "Stage", + "Values": ["Test"], }], }), )) diff --git a/sdk/python/pulumi_aws/batch/compute_environment.py b/sdk/python/pulumi_aws/batch/compute_environment.py index 133d07ebfba..3c29cf7f3b1 100644 --- a/sdk/python/pulumi_aws/batch/compute_environment.py +++ b/sdk/python/pulumi_aws/batch/compute_environment.py @@ -494,7 +494,8 @@ def __init__(__self__, type="EC2", ), service_role=aws_batch_service_role.arn, - type="MANAGED") + type="MANAGED", + opts=pulumi.ResourceOptions(depends_on=[aws_batch_service_role_role_policy_attachment])) ``` @@ -513,8 +514,9 @@ def __init__(__self__, subnets=[sample_aws_subnet["id"]], type="FARGATE", ), - service_role=aws_batch_service_role["arn"], - type="MANAGED") + service_role=aws_batch_service_role_aws_iam_role["arn"], + type="MANAGED", + opts=pulumi.ResourceOptions(depends_on=[aws_batch_service_role])) ``` @@ -648,7 +650,8 @@ def __init__(__self__, type="EC2", ), service_role=aws_batch_service_role.arn, - type="MANAGED") + type="MANAGED", + opts=pulumi.ResourceOptions(depends_on=[aws_batch_service_role_role_policy_attachment])) ``` @@ -667,8 +670,9 @@ def __init__(__self__, subnets=[sample_aws_subnet["id"]], type="FARGATE", ), - service_role=aws_batch_service_role["arn"], - type="MANAGED") + service_role=aws_batch_service_role_aws_iam_role["arn"], + type="MANAGED", + opts=pulumi.ResourceOptions(depends_on=[aws_batch_service_role])) ``` diff --git a/sdk/python/pulumi_aws/cfg/configuration_aggregator.py b/sdk/python/pulumi_aws/cfg/configuration_aggregator.py index 93d9b4e9a22..50b4554a569 100644 --- a/sdk/python/pulumi_aws/cfg/configuration_aggregator.py +++ b/sdk/python/pulumi_aws/cfg/configuration_aggregator.py @@ -252,15 +252,16 @@ def __init__(__self__, organization_role = aws.iam.Role("organization", name="example", assume_role_policy=assume_role.json) + organization_role_policy_attachment = aws.iam.RolePolicyAttachment("organization", + role=organization_role.name, + policy_arn="arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations") organization = aws.cfg.ConfigurationAggregator("organization", name="example", organization_aggregation_source=aws.cfg.ConfigurationAggregatorOrganizationAggregationSourceArgs( all_regions=True, role_arn=organization_role.arn, - )) - organization_role_policy_attachment = aws.iam.RolePolicyAttachment("organization", - role=organization_role.name, - policy_arn="arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations") + ), + opts=pulumi.ResourceOptions(depends_on=[organization_role_policy_attachment])) ``` @@ -326,15 +327,16 @@ def __init__(__self__, organization_role = aws.iam.Role("organization", name="example", assume_role_policy=assume_role.json) + organization_role_policy_attachment = aws.iam.RolePolicyAttachment("organization", + role=organization_role.name, + policy_arn="arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations") organization = aws.cfg.ConfigurationAggregator("organization", name="example", organization_aggregation_source=aws.cfg.ConfigurationAggregatorOrganizationAggregationSourceArgs( all_regions=True, role_arn=organization_role.arn, - )) - organization_role_policy_attachment = aws.iam.RolePolicyAttachment("organization", - role=organization_role.name, - policy_arn="arn:aws:iam::aws:policy/service-role/AWSConfigRoleForOrganizations") + ), + opts=pulumi.ResourceOptions(depends_on=[organization_role_policy_attachment])) ``` diff --git a/sdk/python/pulumi_aws/cfg/conformance_pack.py b/sdk/python/pulumi_aws/cfg/conformance_pack.py index 3d912f04624..8db9dd38f88 100644 --- a/sdk/python/pulumi_aws/cfg/conformance_pack.py +++ b/sdk/python/pulumi_aws/cfg/conformance_pack.py @@ -285,7 +285,8 @@ def __init__(__self__, Owner: AWS SourceIdentifier: IAM_PASSWORD_POLICY Type: AWS::Config::ConfigRule - \"\"\") + \"\"\", + opts=pulumi.ResourceOptions(depends_on=[example_aws_config_configuration_recorder])) ``` @@ -311,7 +312,8 @@ def __init__(__self__, \"\"\") example = aws.cfg.ConformancePack("example", name="example", - template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f"s3://{bucket}/{key}")) + template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f"s3://{bucket}/{key}"), + opts=pulumi.ResourceOptions(depends_on=[example_aws_config_configuration_recorder])) ``` @@ -374,7 +376,8 @@ def __init__(__self__, Owner: AWS SourceIdentifier: IAM_PASSWORD_POLICY Type: AWS::Config::ConfigRule - \"\"\") + \"\"\", + opts=pulumi.ResourceOptions(depends_on=[example_aws_config_configuration_recorder])) ``` @@ -400,7 +403,8 @@ def __init__(__self__, \"\"\") example = aws.cfg.ConformancePack("example", name="example", - template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f"s3://{bucket}/{key}")) + template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f"s3://{bucket}/{key}"), + opts=pulumi.ResourceOptions(depends_on=[example_aws_config_configuration_recorder])) ``` diff --git a/sdk/python/pulumi_aws/cfg/delivery_channel.py b/sdk/python/pulumi_aws/cfg/delivery_channel.py index 0ffcbec46f6..81cefb2b014 100644 --- a/sdk/python/pulumi_aws/cfg/delivery_channel.py +++ b/sdk/python/pulumi_aws/cfg/delivery_channel.py @@ -247,9 +247,6 @@ def __init__(__self__, b = aws.s3.BucketV2("b", bucket="example-awsconfig", force_destroy=True) - foo = aws.cfg.DeliveryChannel("foo", - name="example", - s3_bucket_name=b.bucket) assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs( @@ -264,6 +261,10 @@ def __init__(__self__, foo_recorder = aws.cfg.Recorder("foo", name="example", role_arn=r.arn) + foo = aws.cfg.DeliveryChannel("foo", + name="example", + s3_bucket_name=b.bucket, + opts=pulumi.ResourceOptions(depends_on=[foo_recorder])) p = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", actions=["s3:*"], @@ -317,9 +318,6 @@ def __init__(__self__, b = aws.s3.BucketV2("b", bucket="example-awsconfig", force_destroy=True) - foo = aws.cfg.DeliveryChannel("foo", - name="example", - s3_bucket_name=b.bucket) assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs( @@ -334,6 +332,10 @@ def __init__(__self__, foo_recorder = aws.cfg.Recorder("foo", name="example", role_arn=r.arn) + foo = aws.cfg.DeliveryChannel("foo", + name="example", + s3_bucket_name=b.bucket, + opts=pulumi.ResourceOptions(depends_on=[foo_recorder])) p = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", actions=["s3:*"], diff --git a/sdk/python/pulumi_aws/cfg/organization_conformance_pack.py b/sdk/python/pulumi_aws/cfg/organization_conformance_pack.py index ebeb512ca66..ed2534a2047 100644 --- a/sdk/python/pulumi_aws/cfg/organization_conformance_pack.py +++ b/sdk/python/pulumi_aws/cfg/organization_conformance_pack.py @@ -296,6 +296,9 @@ def __init__(__self__, import pulumi import pulumi_aws as aws + example_organization = aws.organizations.Organization("example", + aws_service_access_principals=["config-multiaccountsetup.amazonaws.com"], + feature_set="ALL") example = aws.cfg.OrganizationConformancePack("example", name="example", input_parameters=[aws.cfg.OrganizationConformancePackInputParameterArgs( @@ -313,10 +316,11 @@ def __init__(__self__, Owner: AWS SourceIdentifier: IAM_PASSWORD_POLICY Type: AWS::Config::ConfigRule - \"\"\") - example_organization = aws.organizations.Organization("example", - aws_service_access_principals=["config-multiaccountsetup.amazonaws.com"], - feature_set="ALL") + \"\"\", + opts=pulumi.ResourceOptions(depends_on=[ + example_aws_config_configuration_recorder, + example_organization, + ])) ``` @@ -327,6 +331,9 @@ def __init__(__self__, import pulumi import pulumi_aws as aws + example_organization = aws.organizations.Organization("example", + aws_service_access_principals=["config-multiaccountsetup.amazonaws.com"], + feature_set="ALL") example_bucket_v2 = aws.s3.BucketV2("example", bucket="example") example_bucket_objectv2 = aws.s3.BucketObjectv2("example", bucket=example_bucket_v2.id, @@ -342,10 +349,11 @@ def __init__(__self__, \"\"\") example = aws.cfg.OrganizationConformancePack("example", name="example", - template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f"s3://{bucket}/{key}")) - example_organization = aws.organizations.Organization("example", - aws_service_access_principals=["config-multiaccountsetup.amazonaws.com"], - feature_set="ALL") + template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f"s3://{bucket}/{key}"), + opts=pulumi.ResourceOptions(depends_on=[ + example_aws_config_configuration_recorder, + example_organization, + ])) ``` @@ -387,6 +395,9 @@ def __init__(__self__, import pulumi import pulumi_aws as aws + example_organization = aws.organizations.Organization("example", + aws_service_access_principals=["config-multiaccountsetup.amazonaws.com"], + feature_set="ALL") example = aws.cfg.OrganizationConformancePack("example", name="example", input_parameters=[aws.cfg.OrganizationConformancePackInputParameterArgs( @@ -404,10 +415,11 @@ def __init__(__self__, Owner: AWS SourceIdentifier: IAM_PASSWORD_POLICY Type: AWS::Config::ConfigRule - \"\"\") - example_organization = aws.organizations.Organization("example", - aws_service_access_principals=["config-multiaccountsetup.amazonaws.com"], - feature_set="ALL") + \"\"\", + opts=pulumi.ResourceOptions(depends_on=[ + example_aws_config_configuration_recorder, + example_organization, + ])) ``` @@ -418,6 +430,9 @@ def __init__(__self__, import pulumi import pulumi_aws as aws + example_organization = aws.organizations.Organization("example", + aws_service_access_principals=["config-multiaccountsetup.amazonaws.com"], + feature_set="ALL") example_bucket_v2 = aws.s3.BucketV2("example", bucket="example") example_bucket_objectv2 = aws.s3.BucketObjectv2("example", bucket=example_bucket_v2.id, @@ -433,10 +448,11 @@ def __init__(__self__, \"\"\") example = aws.cfg.OrganizationConformancePack("example", name="example", - template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f"s3://{bucket}/{key}")) - example_organization = aws.organizations.Organization("example", - aws_service_access_principals=["config-multiaccountsetup.amazonaws.com"], - feature_set="ALL") + template_s3_uri=pulumi.Output.all(example_bucket_v2.bucket, example_bucket_objectv2.key).apply(lambda bucket, key: f"s3://{bucket}/{key}"), + opts=pulumi.ResourceOptions(depends_on=[ + example_aws_config_configuration_recorder, + example_organization, + ])) ``` diff --git a/sdk/python/pulumi_aws/cfg/organization_custom_rule.py b/sdk/python/pulumi_aws/cfg/organization_custom_rule.py index f08c7951311..31f45f4a3bb 100644 --- a/sdk/python/pulumi_aws/cfg/organization_custom_rule.py +++ b/sdk/python/pulumi_aws/cfg/organization_custom_rule.py @@ -435,7 +435,11 @@ def __init__(__self__, example_organization_custom_rule = aws.cfg.OrganizationCustomRule("example", lambda_function_arn=example_aws_lambda_function["arn"], name="example", - trigger_types=["ConfigurationItemChangeNotification"]) + trigger_types=["ConfigurationItemChangeNotification"], + opts=pulumi.ResourceOptions(depends_on=[ + example, + example_organization, + ])) ``` @@ -492,7 +496,11 @@ def __init__(__self__, example_organization_custom_rule = aws.cfg.OrganizationCustomRule("example", lambda_function_arn=example_aws_lambda_function["arn"], name="example", - trigger_types=["ConfigurationItemChangeNotification"]) + trigger_types=["ConfigurationItemChangeNotification"], + opts=pulumi.ResourceOptions(depends_on=[ + example, + example_organization, + ])) ``` diff --git a/sdk/python/pulumi_aws/cfg/organization_managed_rule.py b/sdk/python/pulumi_aws/cfg/organization_managed_rule.py index 55eb6e3f805..24aef374797 100644 --- a/sdk/python/pulumi_aws/cfg/organization_managed_rule.py +++ b/sdk/python/pulumi_aws/cfg/organization_managed_rule.py @@ -397,7 +397,8 @@ def __init__(__self__, feature_set="ALL") example_organization_managed_rule = aws.cfg.OrganizationManagedRule("example", name="example", - rule_identifier="IAM_PASSWORD_POLICY") + rule_identifier="IAM_PASSWORD_POLICY", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -447,7 +448,8 @@ def __init__(__self__, feature_set="ALL") example_organization_managed_rule = aws.cfg.OrganizationManagedRule("example", name="example", - rule_identifier="IAM_PASSWORD_POLICY") + rule_identifier="IAM_PASSWORD_POLICY", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/cfg/recorder_status.py b/sdk/python/pulumi_aws/cfg/recorder_status.py index 77b738f04ec..eb61def635b 100644 --- a/sdk/python/pulumi_aws/cfg/recorder_status.py +++ b/sdk/python/pulumi_aws/cfg/recorder_status.py @@ -110,6 +110,10 @@ def __init__(__self__, import pulumi import pulumi_aws as aws + b = aws.s3.BucketV2("b", bucket="awsconfig-example") + foo_delivery_channel = aws.cfg.DeliveryChannel("foo", + name="example", + s3_bucket_name=b.bucket) assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs( @@ -126,14 +130,11 @@ def __init__(__self__, role_arn=r.arn) foo = aws.cfg.RecorderStatus("foo", name=foo_recorder.name, - is_enabled=True) + is_enabled=True, + opts=pulumi.ResourceOptions(depends_on=[foo_delivery_channel])) a = aws.iam.RolePolicyAttachment("a", role=r.name, policy_arn="arn:aws:iam::aws:policy/service-role/AWS_ConfigRole") - b = aws.s3.BucketV2("b", bucket="awsconfig-example") - foo_delivery_channel = aws.cfg.DeliveryChannel("foo", - name="example", - s3_bucket_name=b.bucket) p = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", actions=["s3:*"], @@ -180,6 +181,10 @@ def __init__(__self__, import pulumi import pulumi_aws as aws + b = aws.s3.BucketV2("b", bucket="awsconfig-example") + foo_delivery_channel = aws.cfg.DeliveryChannel("foo", + name="example", + s3_bucket_name=b.bucket) assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs( @@ -196,14 +201,11 @@ def __init__(__self__, role_arn=r.arn) foo = aws.cfg.RecorderStatus("foo", name=foo_recorder.name, - is_enabled=True) + is_enabled=True, + opts=pulumi.ResourceOptions(depends_on=[foo_delivery_channel])) a = aws.iam.RolePolicyAttachment("a", role=r.name, policy_arn="arn:aws:iam::aws:policy/service-role/AWS_ConfigRole") - b = aws.s3.BucketV2("b", bucket="awsconfig-example") - foo_delivery_channel = aws.cfg.DeliveryChannel("foo", - name="example", - s3_bucket_name=b.bucket) p = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", actions=["s3:*"], diff --git a/sdk/python/pulumi_aws/cfg/rule.py b/sdk/python/pulumi_aws/cfg/rule.py index ed07a661d01..576076aaf30 100644 --- a/sdk/python/pulumi_aws/cfg/rule.py +++ b/sdk/python/pulumi_aws/cfg/rule.py @@ -368,12 +368,6 @@ def __init__(__self__, import pulumi import pulumi_aws as aws - r = aws.cfg.Rule("r", - name="example", - source=aws.cfg.RuleSourceArgs( - owner="AWS", - source_identifier="S3_BUCKET_VERSIONING_ENABLED", - )) assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs( @@ -388,6 +382,13 @@ def __init__(__self__, foo = aws.cfg.Recorder("foo", name="example", role_arn=r_role.arn) + r = aws.cfg.Rule("r", + name="example", + source=aws.cfg.RuleSourceArgs( + owner="AWS", + source_identifier="S3_BUCKET_VERSIONING_ENABLED", + ), + opts=pulumi.ResourceOptions(depends_on=[foo])) p = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", actions=["config:Put*"], @@ -419,7 +420,11 @@ def __init__(__self__, example_rule = aws.cfg.Rule("example", source=aws.cfg.RuleSourceArgs( owner="CUSTOM_LAMBDA", source_identifier=example_function.arn, - )) + ), + opts=pulumi.ResourceOptions(depends_on=[ + example, + example_permission, + ])) ``` @@ -496,12 +501,6 @@ def __init__(__self__, import pulumi import pulumi_aws as aws - r = aws.cfg.Rule("r", - name="example", - source=aws.cfg.RuleSourceArgs( - owner="AWS", - source_identifier="S3_BUCKET_VERSIONING_ENABLED", - )) assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs( @@ -516,6 +515,13 @@ def __init__(__self__, foo = aws.cfg.Recorder("foo", name="example", role_arn=r_role.arn) + r = aws.cfg.Rule("r", + name="example", + source=aws.cfg.RuleSourceArgs( + owner="AWS", + source_identifier="S3_BUCKET_VERSIONING_ENABLED", + ), + opts=pulumi.ResourceOptions(depends_on=[foo])) p = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( effect="Allow", actions=["config:Put*"], @@ -547,7 +553,11 @@ def __init__(__self__, example_rule = aws.cfg.Rule("example", source=aws.cfg.RuleSourceArgs( owner="CUSTOM_LAMBDA", source_identifier=example_function.arn, - )) + ), + opts=pulumi.ResourceOptions(depends_on=[ + example, + example_permission, + ])) ``` diff --git a/sdk/python/pulumi_aws/chime/voice_connector_termination_credentials.py b/sdk/python/pulumi_aws/chime/voice_connector_termination_credentials.py index 10423d7d920..97ab7ddb04c 100644 --- a/sdk/python/pulumi_aws/chime/voice_connector_termination_credentials.py +++ b/sdk/python/pulumi_aws/chime/voice_connector_termination_credentials.py @@ -128,7 +128,8 @@ def __init__(__self__, credentials=[aws.chime.VoiceConnectorTerminationCredentialsCredentialArgs( username="test", password="test!", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[default_voice_connector_termination])) ``` @@ -180,7 +181,8 @@ def __init__(__self__, credentials=[aws.chime.VoiceConnectorTerminationCredentialsCredentialArgs( username="test", password="test!", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[default_voice_connector_termination])) ``` diff --git a/sdk/python/pulumi_aws/cloudcontrol/resource.py b/sdk/python/pulumi_aws/cloudcontrol/resource.py index bcccf819ee5..ac38eb73402 100644 --- a/sdk/python/pulumi_aws/cloudcontrol/resource.py +++ b/sdk/python/pulumi_aws/cloudcontrol/resource.py @@ -234,10 +234,10 @@ def __init__(__self__, example = aws.cloudcontrol.Resource("example", type_name="AWS::ECS::Cluster", desired_state=json.dumps({ - "clusterName": "example", - "tags": [{ - "key": "CostCenter", - "value": "IT", + "ClusterName": "example", + "Tags": [{ + "Key": "CostCenter", + "Value": "IT", }], })) ``` @@ -273,10 +273,10 @@ def __init__(__self__, example = aws.cloudcontrol.Resource("example", type_name="AWS::ECS::Cluster", desired_state=json.dumps({ - "clusterName": "example", - "tags": [{ - "key": "CostCenter", - "value": "IT", + "ClusterName": "example", + "Tags": [{ + "Key": "CostCenter", + "Value": "IT", }], })) ``` diff --git a/sdk/python/pulumi_aws/cloudformation/stack.py b/sdk/python/pulumi_aws/cloudformation/stack.py index fdc14f41ab4..9bda5802c05 100644 --- a/sdk/python/pulumi_aws/cloudformation/stack.py +++ b/sdk/python/pulumi_aws/cloudformation/stack.py @@ -537,23 +537,23 @@ def __init__(__self__, "VPCCidr": "10.0.0.0/16", }, template_body=json.dumps({ - "parameters": { - "vPCCidr": { - "type": "String", - "default": "10.0.0.0/16", - "description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", + "Parameters": { + "VPCCidr": { + "Type": "String", + "Default": "10.0.0.0/16", + "Description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", }, }, - "resources": { + "Resources": { "myVpc": { - "type": "AWS::EC2::VPC", - "properties": { - "cidrBlock": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": { "Ref": "VPCCidr", }, - "tags": [{ - "key": "Name", - "value": "Primary_CF_VPC", + "Tags": [{ + "Key": "Name", + "Value": "Primary_CF_VPC", }], }, }, @@ -614,23 +614,23 @@ def __init__(__self__, "VPCCidr": "10.0.0.0/16", }, template_body=json.dumps({ - "parameters": { - "vPCCidr": { - "type": "String", - "default": "10.0.0.0/16", - "description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", + "Parameters": { + "VPCCidr": { + "Type": "String", + "Default": "10.0.0.0/16", + "Description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", }, }, - "resources": { + "Resources": { "myVpc": { - "type": "AWS::EC2::VPC", - "properties": { - "cidrBlock": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": { "Ref": "VPCCidr", }, - "tags": [{ - "key": "Name", - "value": "Primary_CF_VPC", + "Tags": [{ + "Key": "Name", + "Value": "Primary_CF_VPC", }], }, }, diff --git a/sdk/python/pulumi_aws/cloudformation/stack_set.py b/sdk/python/pulumi_aws/cloudformation/stack_set.py index 8bec7bd9057..3bbe08f6143 100644 --- a/sdk/python/pulumi_aws/cloudformation/stack_set.py +++ b/sdk/python/pulumi_aws/cloudformation/stack_set.py @@ -584,23 +584,23 @@ def __init__(__self__, "VPCCidr": "10.0.0.0/16", }, template_body=json.dumps({ - "parameters": { - "vPCCidr": { - "type": "String", - "default": "10.0.0.0/16", - "description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", + "Parameters": { + "VPCCidr": { + "Type": "String", + "Default": "10.0.0.0/16", + "Description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", }, }, - "resources": { + "Resources": { "myVpc": { - "type": "AWS::EC2::VPC", - "properties": { - "cidrBlock": { - "ref": "VPCCidr", + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": { + "Ref": "VPCCidr", }, - "tags": [{ - "key": "Name", - "value": "Primary_CF_VPC", + "Tags": [{ + "Key": "Name", + "Value": "Primary_CF_VPC", }], }, }, @@ -689,23 +689,23 @@ def __init__(__self__, "VPCCidr": "10.0.0.0/16", }, template_body=json.dumps({ - "parameters": { - "vPCCidr": { - "type": "String", - "default": "10.0.0.0/16", - "description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", + "Parameters": { + "VPCCidr": { + "Type": "String", + "Default": "10.0.0.0/16", + "Description": "Enter the CIDR block for the VPC. Default is 10.0.0.0/16.", }, }, - "resources": { + "Resources": { "myVpc": { - "type": "AWS::EC2::VPC", - "properties": { - "cidrBlock": { - "ref": "VPCCidr", + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": { + "Ref": "VPCCidr", }, - "tags": [{ - "key": "Name", - "value": "Primary_CF_VPC", + "Tags": [{ + "Key": "Name", + "Value": "Primary_CF_VPC", }], }, }, diff --git a/sdk/python/pulumi_aws/cloudfront/realtime_log_config.py b/sdk/python/pulumi_aws/cloudfront/realtime_log_config.py index 586ec966f41..63f750765b0 100644 --- a/sdk/python/pulumi_aws/cloudfront/realtime_log_config.py +++ b/sdk/python/pulumi_aws/cloudfront/realtime_log_config.py @@ -228,7 +228,8 @@ def __init__(__self__, role_arn=example_role.arn, stream_arn=example_aws_kinesis_stream["arn"], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_role_policy])) ``` @@ -301,7 +302,8 @@ def __init__(__self__, role_arn=example_role.arn, stream_arn=example_aws_kinesis_stream["arn"], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_role_policy])) ``` diff --git a/sdk/python/pulumi_aws/cloudtrail/trail.py b/sdk/python/pulumi_aws/cloudtrail/trail.py index 44bd82c2e06..60e4ce3bf9b 100644 --- a/sdk/python/pulumi_aws/cloudtrail/trail.py +++ b/sdk/python/pulumi_aws/cloudtrail/trail.py @@ -646,11 +646,6 @@ def __init__(__self__, example_bucket_v2 = aws.s3.BucketV2("example", bucket="my-test-trail", force_destroy=True) - example_trail = aws.cloudtrail.Trail("example", - name="example", - s3_bucket_name=example_bucket_v2.id, - s3_key_prefix="prefix", - include_global_service_events=False) current = aws.get_caller_identity() current_get_partition = aws.get_partition() current_get_region = aws.get_region() @@ -696,6 +691,12 @@ def __init__(__self__, example_bucket_policy = aws.s3.BucketPolicy("example", bucket=example_bucket_v2.id, policy=example.json) + example_trail = aws.cloudtrail.Trail("example", + name="example", + s3_bucket_name=example_bucket_v2.id, + s3_key_prefix="prefix", + include_global_service_events=False, + opts=pulumi.ResourceOptions(depends_on=[example_bucket_policy])) ``` @@ -942,11 +943,6 @@ def __init__(__self__, example_bucket_v2 = aws.s3.BucketV2("example", bucket="my-test-trail", force_destroy=True) - example_trail = aws.cloudtrail.Trail("example", - name="example", - s3_bucket_name=example_bucket_v2.id, - s3_key_prefix="prefix", - include_global_service_events=False) current = aws.get_caller_identity() current_get_partition = aws.get_partition() current_get_region = aws.get_region() @@ -992,6 +988,12 @@ def __init__(__self__, example_bucket_policy = aws.s3.BucketPolicy("example", bucket=example_bucket_v2.id, policy=example.json) + example_trail = aws.cloudtrail.Trail("example", + name="example", + s3_bucket_name=example_bucket_v2.id, + s3_key_prefix="prefix", + include_global_service_events=False, + opts=pulumi.ResourceOptions(depends_on=[example_bucket_policy])) ``` diff --git a/sdk/python/pulumi_aws/cloudwatch/log_data_protection_policy.py b/sdk/python/pulumi_aws/cloudwatch/log_data_protection_policy.py index 0dd2529463a..45cea6dbba0 100644 --- a/sdk/python/pulumi_aws/cloudwatch/log_data_protection_policy.py +++ b/sdk/python/pulumi_aws/cloudwatch/log_data_protection_policy.py @@ -115,28 +115,28 @@ def __init__(__self__, example_log_data_protection_policy = aws.cloudwatch.LogDataProtectionPolicy("example", log_group_name=example.name, policy_document=pulumi.Output.json_dumps({ - "name": "Example", - "version": "2021-06-01", - "statement": [ + "Name": "Example", + "Version": "2021-06-01", + "Statement": [ { - "sid": "Audit", - "dataIdentifier": ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], - "operation": { - "audit": { - "findingsDestination": { + "Sid": "Audit", + "DataIdentifier": ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], + "Operation": { + "Audit": { + "FindingsDestination": { "S3": { - "bucket": example_bucket_v2.bucket, + "Bucket": example_bucket_v2.bucket, }, }, }, }, }, { - "sid": "Redact", - "dataIdentifier": ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], - "operation": { - "deidentify": { - "maskConfig": {}, + "Sid": "Redact", + "DataIdentifier": ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], + "Operation": { + "Deidentify": { + "MaskConfig": {}, }, }, }, @@ -182,28 +182,28 @@ def __init__(__self__, example_log_data_protection_policy = aws.cloudwatch.LogDataProtectionPolicy("example", log_group_name=example.name, policy_document=pulumi.Output.json_dumps({ - "name": "Example", - "version": "2021-06-01", - "statement": [ + "Name": "Example", + "Version": "2021-06-01", + "Statement": [ { - "sid": "Audit", - "dataIdentifier": ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], - "operation": { - "audit": { - "findingsDestination": { + "Sid": "Audit", + "DataIdentifier": ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], + "Operation": { + "Audit": { + "FindingsDestination": { "S3": { - "bucket": example_bucket_v2.bucket, + "Bucket": example_bucket_v2.bucket, }, }, }, }, }, { - "sid": "Redact", - "dataIdentifier": ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], - "operation": { - "deidentify": { - "maskConfig": {}, + "Sid": "Redact", + "DataIdentifier": ["arn:aws:dataprotection::aws:data-identifier/EmailAddress"], + "Operation": { + "Deidentify": { + "MaskConfig": {}, }, }, }, diff --git a/sdk/python/pulumi_aws/codebuild/resource_policy.py b/sdk/python/pulumi_aws/codebuild/resource_policy.py index f209beca046..b1df111c810 100644 --- a/sdk/python/pulumi_aws/codebuild/resource_policy.py +++ b/sdk/python/pulumi_aws/codebuild/resource_policy.py @@ -119,21 +119,21 @@ def __init__(__self__, example_resource_policy = aws.codebuild.ResourcePolicy("example", resource_arn=example.arn, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "id": "default", - "statement": [{ - "sid": "default", - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Id": "default", + "Statement": [{ + "Sid": "default", + "Effect": "Allow", + "Principal": { "AWS": f"arn:{current.partition}:iam::{current_get_caller_identity.account_id}:root", }, - "action": [ + "Action": [ "codebuild:BatchGetReportGroups", "codebuild:BatchGetReports", "codebuild:ListReportsForReportGroup", "codebuild:DescribeTestCases", ], - "resource": example.arn, + "Resource": example.arn, }], })) ``` @@ -180,21 +180,21 @@ def __init__(__self__, example_resource_policy = aws.codebuild.ResourcePolicy("example", resource_arn=example.arn, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "id": "default", - "statement": [{ - "sid": "default", - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Id": "default", + "Statement": [{ + "Sid": "default", + "Effect": "Allow", + "Principal": { "AWS": f"arn:{current.partition}:iam::{current_get_caller_identity.account_id}:root", }, - "action": [ + "Action": [ "codebuild:BatchGetReportGroups", "codebuild:BatchGetReports", "codebuild:ListReportsForReportGroup", "codebuild:DescribeTestCases", ], - "resource": example.arn, + "Resource": example.arn, }], })) ``` diff --git a/sdk/python/pulumi_aws/codecommit/approval_rule_template.py b/sdk/python/pulumi_aws/codecommit/approval_rule_template.py index 8065449c3bb..c85044ee63a 100644 --- a/sdk/python/pulumi_aws/codecommit/approval_rule_template.py +++ b/sdk/python/pulumi_aws/codecommit/approval_rule_template.py @@ -226,12 +226,12 @@ def __init__(__self__, name="MyExampleApprovalRuleTemplate", description="This is an example approval rule template", content=json.dumps({ - "version": "2018-11-08", - "destinationReferences": ["refs/heads/master"], - "statements": [{ - "type": "Approvers", - "numberOfApprovalsNeeded": 2, - "approvalPoolMembers": ["arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*"], + "Version": "2018-11-08", + "DestinationReferences": ["refs/heads/master"], + "Statements": [{ + "Type": "Approvers", + "NumberOfApprovalsNeeded": 2, + "ApprovalPoolMembers": ["arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*"], }], })) ``` @@ -272,12 +272,12 @@ def __init__(__self__, name="MyExampleApprovalRuleTemplate", description="This is an example approval rule template", content=json.dumps({ - "version": "2018-11-08", - "destinationReferences": ["refs/heads/master"], - "statements": [{ - "type": "Approvers", - "numberOfApprovalsNeeded": 2, - "approvalPoolMembers": ["arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*"], + "Version": "2018-11-08", + "DestinationReferences": ["refs/heads/master"], + "Statements": [{ + "Type": "Approvers", + "NumberOfApprovalsNeeded": 2, + "ApprovalPoolMembers": ["arn:aws:sts::123456789012:assumed-role/CodeCommitReview/*"], }], })) ``` diff --git a/sdk/python/pulumi_aws/cognito/managed_user_pool_client.py b/sdk/python/pulumi_aws/cognito/managed_user_pool_client.py index cb610598a3b..8a10a6d6345 100644 --- a/sdk/python/pulumi_aws/cognito/managed_user_pool_client.py +++ b/sdk/python/pulumi_aws/cognito/managed_user_pool_client.py @@ -817,9 +817,6 @@ def __init__(__self__, import pulumi_aws as aws example_user_pool = aws.cognito.UserPool("example", name="example") - example_managed_user_pool_client = aws.cognito.ManagedUserPoolClient("example", - name_prefix="AmazonOpenSearchService-example", - user_pool_id=example_user_pool.id) example_identity_pool = aws.cognito.IdentityPool("example", identity_pool_name="example") current = aws.get_partition() example = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( @@ -835,6 +832,9 @@ def __init__(__self__, name="example-role", path="/service-role/", assume_role_policy=example.json) + example_role_policy_attachment = aws.iam.RolePolicyAttachment("example", + role=example_role.name, + policy_arn=f"arn:{current.partition}:iam::aws:policy/AmazonESCognitoAccess") example_domain = aws.opensearch.Domain("example", domain_name="example", cognito_options=aws.opensearch.DomainCognitoOptionsArgs( @@ -846,10 +846,15 @@ def __init__(__self__, ebs_options=aws.opensearch.DomainEbsOptionsArgs( ebs_enabled=True, volume_size=10, - )) - example_role_policy_attachment = aws.iam.RolePolicyAttachment("example", - role=example_role.name, - policy_arn=f"arn:{current.partition}:iam::aws:policy/AmazonESCognitoAccess") + ), + opts=pulumi.ResourceOptions(depends_on=[ + example_aws_cognito_user_pool_domain, + example_role_policy_attachment, + ])) + example_managed_user_pool_client = aws.cognito.ManagedUserPoolClient("example", + name_prefix="AmazonOpenSearchService-example", + user_pool_id=example_user_pool.id, + opts=pulumi.ResourceOptions(depends_on=[example_domain])) ``` @@ -911,9 +916,6 @@ def __init__(__self__, import pulumi_aws as aws example_user_pool = aws.cognito.UserPool("example", name="example") - example_managed_user_pool_client = aws.cognito.ManagedUserPoolClient("example", - name_prefix="AmazonOpenSearchService-example", - user_pool_id=example_user_pool.id) example_identity_pool = aws.cognito.IdentityPool("example", identity_pool_name="example") current = aws.get_partition() example = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( @@ -929,6 +931,9 @@ def __init__(__self__, name="example-role", path="/service-role/", assume_role_policy=example.json) + example_role_policy_attachment = aws.iam.RolePolicyAttachment("example", + role=example_role.name, + policy_arn=f"arn:{current.partition}:iam::aws:policy/AmazonESCognitoAccess") example_domain = aws.opensearch.Domain("example", domain_name="example", cognito_options=aws.opensearch.DomainCognitoOptionsArgs( @@ -940,10 +945,15 @@ def __init__(__self__, ebs_options=aws.opensearch.DomainEbsOptionsArgs( ebs_enabled=True, volume_size=10, - )) - example_role_policy_attachment = aws.iam.RolePolicyAttachment("example", - role=example_role.name, - policy_arn=f"arn:{current.partition}:iam::aws:policy/AmazonESCognitoAccess") + ), + opts=pulumi.ResourceOptions(depends_on=[ + example_aws_cognito_user_pool_domain, + example_role_policy_attachment, + ])) + example_managed_user_pool_client = aws.cognito.ManagedUserPoolClient("example", + name_prefix="AmazonOpenSearchService-example", + user_pool_id=example_user_pool.id, + opts=pulumi.ResourceOptions(depends_on=[example_domain])) ``` diff --git a/sdk/python/pulumi_aws/comprehend/document_classifier.py b/sdk/python/pulumi_aws/comprehend/document_classifier.py index 31212e5152d..00faf88f7dc 100644 --- a/sdk/python/pulumi_aws/comprehend/document_classifier.py +++ b/sdk/python/pulumi_aws/comprehend/document_classifier.py @@ -569,7 +569,8 @@ def __init__(__self__, language_code="en", input_data_config=aws.comprehend.DocumentClassifierInputDataConfigArgs( s3_uri=documents.id.apply(lambda id: f"s3://{test['bucket']}/{id}"), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy])) entities = aws.s3.BucketObjectv2("entities") ``` @@ -643,7 +644,8 @@ def __init__(__self__, language_code="en", input_data_config=aws.comprehend.DocumentClassifierInputDataConfigArgs( s3_uri=documents.id.apply(lambda id: f"s3://{test['bucket']}/{id}"), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy])) entities = aws.s3.BucketObjectv2("entities") ``` diff --git a/sdk/python/pulumi_aws/comprehend/entity_recognizer.py b/sdk/python/pulumi_aws/comprehend/entity_recognizer.py index 7965793ad0c..aab4f55cecc 100644 --- a/sdk/python/pulumi_aws/comprehend/entity_recognizer.py +++ b/sdk/python/pulumi_aws/comprehend/entity_recognizer.py @@ -497,7 +497,8 @@ def __init__(__self__, entity_list=aws.comprehend.EntityRecognizerInputDataConfigEntityListArgs( s3_uri=entities.id.apply(lambda id: f"s3://{entities_aws_s3_bucket['bucket']}/{id}"), ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy])) ``` @@ -577,7 +578,8 @@ def __init__(__self__, entity_list=aws.comprehend.EntityRecognizerInputDataConfigEntityListArgs( s3_uri=entities.id.apply(lambda id: f"s3://{entities_aws_s3_bucket['bucket']}/{id}"), ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy])) ``` diff --git a/sdk/python/pulumi_aws/connect/contact_flow.py b/sdk/python/pulumi_aws/connect/contact_flow.py index 3ce578b92e1..3e37b767bf9 100644 --- a/sdk/python/pulumi_aws/connect/contact_flow.py +++ b/sdk/python/pulumi_aws/connect/contact_flow.py @@ -376,26 +376,26 @@ def __init__(__self__, description="Test Contact Flow Description", type="CONTACT_FLOW", content=json.dumps({ - "version": "2019-10-30", - "startAction": "12345678-1234-1234-1234-123456789012", - "actions": [ + "Version": "2019-10-30", + "StartAction": "12345678-1234-1234-1234-123456789012", + "Actions": [ { - "identifier": "12345678-1234-1234-1234-123456789012", - "type": "MessageParticipant", - "transitions": { - "nextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", - "errors": [], - "conditions": [], + "Identifier": "12345678-1234-1234-1234-123456789012", + "Type": "MessageParticipant", + "Transitions": { + "NextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", + "Errors": [], + "Conditions": [], }, - "parameters": { - "text": "Thanks for calling the sample flow!", + "Parameters": { + "Text": "Thanks for calling the sample flow!", }, }, { - "identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", - "type": "DisconnectParticipant", - "transitions": {}, - "parameters": {}, + "Identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", + "Type": "DisconnectParticipant", + "Transitions": {}, + "Parameters": {}, }, ], }), @@ -485,26 +485,26 @@ def __init__(__self__, description="Test Contact Flow Description", type="CONTACT_FLOW", content=json.dumps({ - "version": "2019-10-30", - "startAction": "12345678-1234-1234-1234-123456789012", - "actions": [ + "Version": "2019-10-30", + "StartAction": "12345678-1234-1234-1234-123456789012", + "Actions": [ { - "identifier": "12345678-1234-1234-1234-123456789012", - "type": "MessageParticipant", - "transitions": { - "nextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", - "errors": [], - "conditions": [], + "Identifier": "12345678-1234-1234-1234-123456789012", + "Type": "MessageParticipant", + "Transitions": { + "NextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", + "Errors": [], + "Conditions": [], }, - "parameters": { - "text": "Thanks for calling the sample flow!", + "Parameters": { + "Text": "Thanks for calling the sample flow!", }, }, { - "identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", - "type": "DisconnectParticipant", - "transitions": {}, - "parameters": {}, + "Identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", + "Type": "DisconnectParticipant", + "Transitions": {}, + "Parameters": {}, }, ], }), diff --git a/sdk/python/pulumi_aws/connect/contact_flow_module.py b/sdk/python/pulumi_aws/connect/contact_flow_module.py index 8ddf6775ff2..b1640fe3b59 100644 --- a/sdk/python/pulumi_aws/connect/contact_flow_module.py +++ b/sdk/python/pulumi_aws/connect/contact_flow_module.py @@ -342,41 +342,41 @@ def __init__(__self__, name="Example", description="Example Contact Flow Module Description", content=json.dumps({ - "version": "2019-10-30", - "startAction": "12345678-1234-1234-1234-123456789012", - "actions": [ + "Version": "2019-10-30", + "StartAction": "12345678-1234-1234-1234-123456789012", + "Actions": [ { - "identifier": "12345678-1234-1234-1234-123456789012", - "parameters": { - "text": "Hello contact flow module", + "Identifier": "12345678-1234-1234-1234-123456789012", + "Parameters": { + "Text": "Hello contact flow module", }, - "transitions": { - "nextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", - "errors": [], - "conditions": [], + "Transitions": { + "NextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", + "Errors": [], + "Conditions": [], }, - "type": "MessageParticipant", + "Type": "MessageParticipant", }, { - "identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", - "type": "DisconnectParticipant", - "parameters": {}, - "transitions": {}, + "Identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", + "Type": "DisconnectParticipant", + "Parameters": {}, + "Transitions": {}, }, ], - "settings": { - "inputParameters": [], - "outputParameters": [], - "transitions": [ + "Settings": { + "InputParameters": [], + "OutputParameters": [], + "Transitions": [ { - "displayName": "Success", - "referenceName": "Success", - "description": "", + "DisplayName": "Success", + "ReferenceName": "Success", + "Description": "", }, { - "displayName": "Error", - "referenceName": "Error", - "description": "", + "DisplayName": "Error", + "ReferenceName": "Error", + "Description": "", }, ], }, @@ -464,41 +464,41 @@ def __init__(__self__, name="Example", description="Example Contact Flow Module Description", content=json.dumps({ - "version": "2019-10-30", - "startAction": "12345678-1234-1234-1234-123456789012", - "actions": [ + "Version": "2019-10-30", + "StartAction": "12345678-1234-1234-1234-123456789012", + "Actions": [ { - "identifier": "12345678-1234-1234-1234-123456789012", - "parameters": { - "text": "Hello contact flow module", + "Identifier": "12345678-1234-1234-1234-123456789012", + "Parameters": { + "Text": "Hello contact flow module", }, - "transitions": { - "nextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", - "errors": [], - "conditions": [], + "Transitions": { + "NextAction": "abcdef-abcd-abcd-abcd-abcdefghijkl", + "Errors": [], + "Conditions": [], }, - "type": "MessageParticipant", + "Type": "MessageParticipant", }, { - "identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", - "type": "DisconnectParticipant", - "parameters": {}, - "transitions": {}, + "Identifier": "abcdef-abcd-abcd-abcd-abcdefghijkl", + "Type": "DisconnectParticipant", + "Parameters": {}, + "Transitions": {}, }, ], - "settings": { - "inputParameters": [], - "outputParameters": [], - "transitions": [ + "Settings": { + "InputParameters": [], + "OutputParameters": [], + "Transitions": [ { - "displayName": "Success", - "referenceName": "Success", - "description": "", + "DisplayName": "Success", + "ReferenceName": "Success", + "Description": "", }, { - "displayName": "Error", - "referenceName": "Error", - "description": "", + "DisplayName": "Error", + "ReferenceName": "Error", + "Description": "", }, ], }, diff --git a/sdk/python/pulumi_aws/costexplorer/anomaly_monitor.py b/sdk/python/pulumi_aws/costexplorer/anomaly_monitor.py index 7474bb89612..399746cea7d 100644 --- a/sdk/python/pulumi_aws/costexplorer/anomaly_monitor.py +++ b/sdk/python/pulumi_aws/costexplorer/anomaly_monitor.py @@ -268,15 +268,15 @@ def __init__(__self__, name="AWSCustomAnomalyMonitor", monitor_type="CUSTOM", monitor_specification=json.dumps({ - "and": None, - "costCategories": None, - "dimensions": None, - "not": None, - "or": None, - "tags": { - "key": "CostCenter", - "matchOptions": None, - "values": ["10000"], + "And": None, + "CostCategories": None, + "Dimensions": None, + "Not": None, + "Or": None, + "Tags": { + "Key": "CostCenter", + "MatchOptions": None, + "Values": ["10000"], }, })) ``` @@ -337,15 +337,15 @@ def __init__(__self__, name="AWSCustomAnomalyMonitor", monitor_type="CUSTOM", monitor_specification=json.dumps({ - "and": None, - "costCategories": None, - "dimensions": None, - "not": None, - "or": None, - "tags": { - "key": "CostCenter", - "matchOptions": None, - "values": ["10000"], + "And": None, + "CostCategories": None, + "Dimensions": None, + "Not": None, + "Or": None, + "Tags": { + "Key": "CostCenter", + "MatchOptions": None, + "Values": ["10000"], }, })) ``` diff --git a/sdk/python/pulumi_aws/costexplorer/anomaly_subscription.py b/sdk/python/pulumi_aws/costexplorer/anomaly_subscription.py index 5d3369cf273..aa169b6fd7e 100644 --- a/sdk/python/pulumi_aws/costexplorer/anomaly_subscription.py +++ b/sdk/python/pulumi_aws/costexplorer/anomaly_subscription.py @@ -451,7 +451,8 @@ def __init__(__self__, subscribers=[aws.costexplorer.AnomalySubscriptionSubscriberArgs( type="SNS", address=cost_anomaly_updates.arn, - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[default])) ``` @@ -629,7 +630,8 @@ def __init__(__self__, subscribers=[aws.costexplorer.AnomalySubscriptionSubscriberArgs( type="SNS", address=cost_anomaly_updates.arn, - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[default])) ``` diff --git a/sdk/python/pulumi_aws/customerprofiles/domain.py b/sdk/python/pulumi_aws/customerprofiles/domain.py index cc0af9b040b..bb163108f9a 100644 --- a/sdk/python/pulumi_aws/customerprofiles/domain.py +++ b/sdk/python/pulumi_aws/customerprofiles/domain.py @@ -336,14 +336,14 @@ def __init__(__self__, example = aws.sqs.Queue("example", name="example", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "sid": "Customer Profiles SQS policy", - "effect": "Allow", - "action": ["sqs:SendMessage"], - "resource": "*", - "principal": { - "service": "profile.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Sid": "Customer Profiles SQS policy", + "Effect": "Allow", + "Action": ["sqs:SendMessage"], + "Resource": "*", + "Principal": { + "Service": "profile.amazonaws.com", }, }], })) @@ -356,21 +356,21 @@ def __init__(__self__, example_bucket_policy = aws.s3.BucketPolicy("example", bucket=example_bucket_v2.id, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "sid": "Customer Profiles S3 policy", - "effect": "Allow", - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Sid": "Customer Profiles S3 policy", + "Effect": "Allow", + "Action": [ "s3:GetObject", "s3:PutObject", "s3:ListBucket", ], - "resource": [ + "Resource": [ example_bucket_v2.arn, example_bucket_v2.arn.apply(lambda arn: f"{arn}/*"), ], - "principal": { - "service": "profile.amazonaws.com", + "Principal": { + "Service": "profile.amazonaws.com", }, }], })) @@ -434,14 +434,14 @@ def __init__(__self__, example = aws.sqs.Queue("example", name="example", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "sid": "Customer Profiles SQS policy", - "effect": "Allow", - "action": ["sqs:SendMessage"], - "resource": "*", - "principal": { - "service": "profile.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Sid": "Customer Profiles SQS policy", + "Effect": "Allow", + "Action": ["sqs:SendMessage"], + "Resource": "*", + "Principal": { + "Service": "profile.amazonaws.com", }, }], })) @@ -454,21 +454,21 @@ def __init__(__self__, example_bucket_policy = aws.s3.BucketPolicy("example", bucket=example_bucket_v2.id, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "sid": "Customer Profiles S3 policy", - "effect": "Allow", - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Sid": "Customer Profiles S3 policy", + "Effect": "Allow", + "Action": [ "s3:GetObject", "s3:PutObject", "s3:ListBucket", ], - "resource": [ + "Resource": [ example_bucket_v2.arn, example_bucket_v2.arn.apply(lambda arn: f"{arn}/*"), ], - "principal": { - "service": "profile.amazonaws.com", + "Principal": { + "Service": "profile.amazonaws.com", }, }], })) diff --git a/sdk/python/pulumi_aws/detective/invitation_accepter.py b/sdk/python/pulumi_aws/detective/invitation_accepter.py index f8af40187c6..dd9d57afd1b 100644 --- a/sdk/python/pulumi_aws/detective/invitation_accepter.py +++ b/sdk/python/pulumi_aws/detective/invitation_accepter.py @@ -81,7 +81,8 @@ def __init__(__self__, email_address="EMAIL", graph_arn=primary.id, message="Message of the invite") - member = aws.detective.InvitationAccepter("member", graph_arn=primary.graph_arn) + member = aws.detective.InvitationAccepter("member", graph_arn=primary.graph_arn, + opts=pulumi.ResourceOptions(depends_on=[primary_member])) ``` @@ -119,7 +120,8 @@ def __init__(__self__, email_address="EMAIL", graph_arn=primary.id, message="Message of the invite") - member = aws.detective.InvitationAccepter("member", graph_arn=primary.graph_arn) + member = aws.detective.InvitationAccepter("member", graph_arn=primary.graph_arn, + opts=pulumi.ResourceOptions(depends_on=[primary_member])) ``` diff --git a/sdk/python/pulumi_aws/detective/organization_admin_account.py b/sdk/python/pulumi_aws/detective/organization_admin_account.py index b3fc37f5286..ca6fa89e8b1 100644 --- a/sdk/python/pulumi_aws/detective/organization_admin_account.py +++ b/sdk/python/pulumi_aws/detective/organization_admin_account.py @@ -78,7 +78,8 @@ def __init__(__self__, example = aws.organizations.Organization("example", aws_service_access_principals=["detective.amazonaws.com"], feature_set="ALL") - example_organization_admin_account = aws.detective.OrganizationAdminAccount("example", account_id="123456789012") + example_organization_admin_account = aws.detective.OrganizationAdminAccount("example", account_id="123456789012", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -113,7 +114,8 @@ def __init__(__self__, example = aws.organizations.Organization("example", aws_service_access_principals=["detective.amazonaws.com"], feature_set="ALL") - example_organization_admin_account = aws.detective.OrganizationAdminAccount("example", account_id="123456789012") + example_organization_admin_account = aws.detective.OrganizationAdminAccount("example", account_id="123456789012", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/directconnect/hosted_private_virtual_interface_accepter.py b/sdk/python/pulumi_aws/directconnect/hosted_private_virtual_interface_accepter.py index 51197eb3f5b..e0bc8960c75 100644 --- a/sdk/python/pulumi_aws/directconnect/hosted_private_virtual_interface_accepter.py +++ b/sdk/python/pulumi_aws/directconnect/hosted_private_virtual_interface_accepter.py @@ -214,6 +214,8 @@ def __init__(__self__, import pulumi_aws as aws accepter = aws.get_caller_identity() + # Accepter's side of the VIF. + vpn_gw = aws.ec2.VpnGateway("vpn_gw") # Creator's side of the VIF creator = aws.directconnect.HostedPrivateVirtualInterface("creator", connection_id="dxcon-zzzzzzzz", @@ -221,9 +223,8 @@ def __init__(__self__, name="vif-foo", vlan=4094, address_family="ipv4", - bgp_asn=65352) - # Accepter's side of the VIF. - vpn_gw = aws.ec2.VpnGateway("vpn_gw") + bgp_asn=65352, + opts=pulumi.ResourceOptions(depends_on=[vpn_gw])) accepter_hosted_private_virtual_interface_accepter = aws.directconnect.HostedPrivateVirtualInterfaceAccepter("accepter", virtual_interface_id=creator.id, vpn_gateway_id=vpn_gw.id, @@ -266,6 +267,8 @@ def __init__(__self__, import pulumi_aws as aws accepter = aws.get_caller_identity() + # Accepter's side of the VIF. + vpn_gw = aws.ec2.VpnGateway("vpn_gw") # Creator's side of the VIF creator = aws.directconnect.HostedPrivateVirtualInterface("creator", connection_id="dxcon-zzzzzzzz", @@ -273,9 +276,8 @@ def __init__(__self__, name="vif-foo", vlan=4094, address_family="ipv4", - bgp_asn=65352) - # Accepter's side of the VIF. - vpn_gw = aws.ec2.VpnGateway("vpn_gw") + bgp_asn=65352, + opts=pulumi.ResourceOptions(depends_on=[vpn_gw])) accepter_hosted_private_virtual_interface_accepter = aws.directconnect.HostedPrivateVirtualInterfaceAccepter("accepter", virtual_interface_id=creator.id, vpn_gateway_id=vpn_gw.id, diff --git a/sdk/python/pulumi_aws/directconnect/hosted_transit_virtual_interface_acceptor.py b/sdk/python/pulumi_aws/directconnect/hosted_transit_virtual_interface_acceptor.py index 9734a5aa332..81ebc949ace 100644 --- a/sdk/python/pulumi_aws/directconnect/hosted_transit_virtual_interface_acceptor.py +++ b/sdk/python/pulumi_aws/directconnect/hosted_transit_virtual_interface_acceptor.py @@ -182,6 +182,10 @@ def __init__(__self__, import pulumi_aws as aws accepter = aws.get_caller_identity() + # Accepter's side of the VIF. + example = aws.directconnect.Gateway("example", + name="tf-dxg-example", + amazon_side_asn="64512") # Creator's side of the VIF creator = aws.directconnect.HostedTransitVirtualInterface("creator", connection_id="dxcon-zzzzzzzz", @@ -189,11 +193,8 @@ def __init__(__self__, name="tf-transit-vif-example", vlan=4094, address_family="ipv4", - bgp_asn=65352) - # Accepter's side of the VIF. - example = aws.directconnect.Gateway("example", - name="tf-dxg-example", - amazon_side_asn="64512") + bgp_asn=65352, + opts=pulumi.ResourceOptions(depends_on=[example])) accepter_hosted_transit_virtual_interface_acceptor = aws.directconnect.HostedTransitVirtualInterfaceAcceptor("accepter", virtual_interface_id=creator.id, dx_gateway_id=example.id, @@ -237,6 +238,10 @@ def __init__(__self__, import pulumi_aws as aws accepter = aws.get_caller_identity() + # Accepter's side of the VIF. + example = aws.directconnect.Gateway("example", + name="tf-dxg-example", + amazon_side_asn="64512") # Creator's side of the VIF creator = aws.directconnect.HostedTransitVirtualInterface("creator", connection_id="dxcon-zzzzzzzz", @@ -244,11 +249,8 @@ def __init__(__self__, name="tf-transit-vif-example", vlan=4094, address_family="ipv4", - bgp_asn=65352) - # Accepter's side of the VIF. - example = aws.directconnect.Gateway("example", - name="tf-dxg-example", - amazon_side_asn="64512") + bgp_asn=65352, + opts=pulumi.ResourceOptions(depends_on=[example])) accepter_hosted_transit_virtual_interface_acceptor = aws.directconnect.HostedTransitVirtualInterfaceAcceptor("accepter", virtual_interface_id=creator.id, dx_gateway_id=example.id, diff --git a/sdk/python/pulumi_aws/dms/replication_instance.py b/sdk/python/pulumi_aws/dms/replication_instance.py index 471e08cb830..cf80463a514 100644 --- a/sdk/python/pulumi_aws/dms/replication_instance.py +++ b/sdk/python/pulumi_aws/dms/replication_instance.py @@ -729,7 +729,12 @@ def __init__(__self__, tags={ "Name": "test", }, - vpc_security_group_ids=["sg-12345678"]) + vpc_security_group_ids=["sg-12345678"], + opts=pulumi.ResourceOptions(depends_on=[ + dms_access_for_endpoint__amazon_dms_redshift_s3_role, + dms_cloudwatch_logs_role__amazon_dms_cloud_watch_logs_role, + dms_vpc_role__amazon_dmsvpc_management_role, + ])) ``` @@ -836,7 +841,12 @@ def __init__(__self__, tags={ "Name": "test", }, - vpc_security_group_ids=["sg-12345678"]) + vpc_security_group_ids=["sg-12345678"], + opts=pulumi.ResourceOptions(depends_on=[ + dms_access_for_endpoint__amazon_dms_redshift_s3_role, + dms_cloudwatch_logs_role__amazon_dms_cloud_watch_logs_role, + dms_vpc_role__amazon_dmsvpc_management_role, + ])) ``` diff --git a/sdk/python/pulumi_aws/dms/replication_subnet_group.py b/sdk/python/pulumi_aws/dms/replication_subnet_group.py index 76ae20e40f0..e29b87c3768 100644 --- a/sdk/python/pulumi_aws/dms/replication_subnet_group.py +++ b/sdk/python/pulumi_aws/dms/replication_subnet_group.py @@ -254,13 +254,13 @@ def __init__(__self__, name="dms-vpc-role", description="Allows DMS to manage VPC", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "principal": { - "service": "dms.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Principal": { + "Service": "dms.amazonaws.com", }, - "action": "sts:AssumeRole", + "Action": "sts:AssumeRole", }], })) example = aws.iam.RolePolicyAttachment("example", @@ -275,7 +275,8 @@ def __init__(__self__, ], tags={ "Name": "example-id", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -342,13 +343,13 @@ def __init__(__self__, name="dms-vpc-role", description="Allows DMS to manage VPC", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "principal": { - "service": "dms.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Principal": { + "Service": "dms.amazonaws.com", }, - "action": "sts:AssumeRole", + "Action": "sts:AssumeRole", }], })) example = aws.iam.RolePolicyAttachment("example", @@ -363,7 +364,8 @@ def __init__(__self__, ], tags={ "Name": "example-id", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/dms/s3_endpoint.py b/sdk/python/pulumi_aws/dms/s3_endpoint.py index 4dfdaf5d8fd..2412af51587 100644 --- a/sdk/python/pulumi_aws/dms/s3_endpoint.py +++ b/sdk/python/pulumi_aws/dms/s3_endpoint.py @@ -1729,7 +1729,8 @@ def __init__(__self__, endpoint_id="donnedtipi", endpoint_type="target", bucket_name="beckut_name", - service_access_role_arn=example_aws_iam_role["arn"]) + service_access_role_arn=example_aws_iam_role["arn"], + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy])) ``` @@ -1789,7 +1790,8 @@ def __init__(__self__, timestamp_column_name="tx_commit_time", use_csv_no_sup_value=False, use_task_start_time_for_full_load_timestamp=True, - glue_catalog_generation=True) + glue_catalog_generation=True, + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy])) ``` @@ -1882,7 +1884,8 @@ def __init__(__self__, endpoint_id="donnedtipi", endpoint_type="target", bucket_name="beckut_name", - service_access_role_arn=example_aws_iam_role["arn"]) + service_access_role_arn=example_aws_iam_role["arn"], + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy])) ``` @@ -1942,7 +1945,8 @@ def __init__(__self__, timestamp_column_name="tx_commit_time", use_csv_no_sup_value=False, use_task_start_time_for_full_load_timestamp=True, - glue_catalog_generation=True) + glue_catalog_generation=True, + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy])) ``` diff --git a/sdk/python/pulumi_aws/docdb/global_cluster.py b/sdk/python/pulumi_aws/docdb/global_cluster.py index b2be464d10a..41057ea2853 100644 --- a/sdk/python/pulumi_aws/docdb/global_cluster.py +++ b/sdk/python/pulumi_aws/docdb/global_cluster.py @@ -365,12 +365,14 @@ def __init__(__self__, engine_version=example.engine_version, cluster_identifier="test-secondary-cluster", global_cluster_identifier=example.id, - db_subnet_group_name="default") + db_subnet_group_name="default", + opts=pulumi.ResourceOptions(depends_on=[primary])) secondary_cluster_instance = aws.docdb.ClusterInstance("secondary", engine=example.engine, identifier="test-secondary-cluster-instance", cluster_identifier=secondary.id, - instance_class="db.r5.large") + instance_class="db.r5.large", + opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance])) ``` @@ -450,12 +452,14 @@ def __init__(__self__, engine_version=example.engine_version, cluster_identifier="test-secondary-cluster", global_cluster_identifier=example.id, - db_subnet_group_name="default") + db_subnet_group_name="default", + opts=pulumi.ResourceOptions(depends_on=[primary])) secondary_cluster_instance = aws.docdb.ClusterInstance("secondary", engine=example.engine, identifier="test-secondary-cluster-instance", cluster_identifier=secondary.id, - instance_class="db.r5.large") + instance_class="db.r5.large", + opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance])) ``` diff --git a/sdk/python/pulumi_aws/dynamodb/global_table.py b/sdk/python/pulumi_aws/dynamodb/global_table.py index eaa17fc6ac9..1c327a933a3 100644 --- a/sdk/python/pulumi_aws/dynamodb/global_table.py +++ b/sdk/python/pulumi_aws/dynamodb/global_table.py @@ -161,7 +161,11 @@ def __init__(__self__, aws.dynamodb.GlobalTableReplicaArgs( region_name="us-west-2", ), - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[ + us_east_1, + us_west_2, + ])) ``` @@ -229,7 +233,11 @@ def __init__(__self__, aws.dynamodb.GlobalTableReplicaArgs( region_name="us-west-2", ), - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[ + us_east_1, + us_west_2, + ])) ``` diff --git a/sdk/python/pulumi_aws/ec2/eip.py b/sdk/python/pulumi_aws/ec2/eip.py index 2a191862750..dc3d6a3189d 100644 --- a/sdk/python/pulumi_aws/ec2/eip.py +++ b/sdk/python/pulumi_aws/ec2/eip.py @@ -613,7 +613,8 @@ def __init__(__self__, my_test_subnet = aws.ec2.Subnet("my_test_subnet", vpc_id=default.id, cidr_block="10.0.0.0/24", - map_public_ip_on_launch=True) + map_public_ip_on_launch=True, + opts=pulumi.ResourceOptions(depends_on=[gw])) foo = aws.ec2.Instance("foo", ami="ami-5189a661", instance_type=aws.ec2.InstanceType.T2_MICRO, @@ -622,7 +623,8 @@ def __init__(__self__, bar = aws.ec2.Eip("bar", domain="vpc", instance=foo.id, - associate_with_private_ip="10.0.0.12") + associate_with_private_ip="10.0.0.12", + opts=pulumi.ResourceOptions(depends_on=[gw])) ``` @@ -733,7 +735,8 @@ def __init__(__self__, my_test_subnet = aws.ec2.Subnet("my_test_subnet", vpc_id=default.id, cidr_block="10.0.0.0/24", - map_public_ip_on_launch=True) + map_public_ip_on_launch=True, + opts=pulumi.ResourceOptions(depends_on=[gw])) foo = aws.ec2.Instance("foo", ami="ami-5189a661", instance_type=aws.ec2.InstanceType.T2_MICRO, @@ -742,7 +745,8 @@ def __init__(__self__, bar = aws.ec2.Eip("bar", domain="vpc", instance=foo.id, - associate_with_private_ip="10.0.0.12") + associate_with_private_ip="10.0.0.12", + opts=pulumi.ResourceOptions(depends_on=[gw])) ``` diff --git a/sdk/python/pulumi_aws/ec2/internet_gateway.py b/sdk/python/pulumi_aws/ec2/internet_gateway.py index 38bb70e32ed..1ed6b5d634f 100644 --- a/sdk/python/pulumi_aws/ec2/internet_gateway.py +++ b/sdk/python/pulumi_aws/ec2/internet_gateway.py @@ -28,7 +28,7 @@ def __init__(__self__, *, import pulumi_aws as aws gw = aws.ec2.InternetGateway("gw", vpc_id=main["id"]) - foo = aws.ec2.Instance("foo") + foo = aws.ec2.Instance("foo", opts=pulumi.ResourceOptions(depends_on=[gw])) ``` :param pulumi.Input[str] vpc_id: The VPC ID to create in. See the ec2.InternetGatewayAttachment resource for an alternate way to attach an Internet Gateway to a VPC. @@ -52,7 +52,7 @@ def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: import pulumi_aws as aws gw = aws.ec2.InternetGateway("gw", vpc_id=main["id"]) - foo = aws.ec2.Instance("foo") + foo = aws.ec2.Instance("foo", opts=pulumi.ResourceOptions(depends_on=[gw])) ``` """ @@ -97,7 +97,7 @@ def __init__(__self__, *, import pulumi_aws as aws gw = aws.ec2.InternetGateway("gw", vpc_id=main["id"]) - foo = aws.ec2.Instance("foo") + foo = aws.ec2.Instance("foo", opts=pulumi.ResourceOptions(depends_on=[gw])) ``` :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags_all: A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block. @@ -155,7 +155,7 @@ def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: import pulumi_aws as aws gw = aws.ec2.InternetGateway("gw", vpc_id=main["id"]) - foo = aws.ec2.Instance("foo") + foo = aws.ec2.Instance("foo", opts=pulumi.ResourceOptions(depends_on=[gw])) ``` """ @@ -239,7 +239,7 @@ def __init__(__self__, import pulumi_aws as aws gw = aws.ec2.InternetGateway("gw", vpc_id=main["id"]) - foo = aws.ec2.Instance("foo") + foo = aws.ec2.Instance("foo", opts=pulumi.ResourceOptions(depends_on=[gw])) ``` :param pulumi.Input[str] vpc_id: The VPC ID to create in. See the ec2.InternetGatewayAttachment resource for an alternate way to attach an Internet Gateway to a VPC. @@ -341,7 +341,7 @@ def get(resource_name: str, import pulumi_aws as aws gw = aws.ec2.InternetGateway("gw", vpc_id=main["id"]) - foo = aws.ec2.Instance("foo") + foo = aws.ec2.Instance("foo", opts=pulumi.ResourceOptions(depends_on=[gw])) ``` :param pulumi.Input[Mapping[str, pulumi.Input[str]]] tags_all: A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block. @@ -388,7 +388,7 @@ def tags(self) -> pulumi.Output[Optional[Mapping[str, str]]]: import pulumi_aws as aws gw = aws.ec2.InternetGateway("gw", vpc_id=main["id"]) - foo = aws.ec2.Instance("foo") + foo = aws.ec2.Instance("foo", opts=pulumi.ResourceOptions(depends_on=[gw])) ``` """ diff --git a/sdk/python/pulumi_aws/ec2/nat_gateway.py b/sdk/python/pulumi_aws/ec2/nat_gateway.py index db80c751bc9..bea7244dbab 100644 --- a/sdk/python/pulumi_aws/ec2/nat_gateway.py +++ b/sdk/python/pulumi_aws/ec2/nat_gateway.py @@ -383,7 +383,8 @@ def __init__(__self__, subnet_id=example_aws_subnet["id"], tags={ "Name": "gw NAT", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_aws_internet_gateway])) ``` @@ -471,7 +472,8 @@ def __init__(__self__, subnet_id=example_aws_subnet["id"], tags={ "Name": "gw NAT", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_aws_internet_gateway])) ``` diff --git a/sdk/python/pulumi_aws/ec2/spot_fleet_request.py b/sdk/python/pulumi_aws/ec2/spot_fleet_request.py index b6b7c5e4731..06ea478c252 100644 --- a/sdk/python/pulumi_aws/ec2/spot_fleet_request.py +++ b/sdk/python/pulumi_aws/ec2/spot_fleet_request.py @@ -1094,7 +1094,8 @@ def __init__(__self__, id=foo.id, version=foo.latest_version, ), - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[test_attach])) ``` @@ -1204,7 +1205,8 @@ def __init__(__self__, subnet_id=example.ids[2], ), ], - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[test_attach])) ``` @@ -1352,7 +1354,8 @@ def __init__(__self__, id=foo.id, version=foo.latest_version, ), - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[test_attach])) ``` @@ -1462,7 +1465,8 @@ def __init__(__self__, subnet_id=example.ids[2], ), ], - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[test_attach])) ``` diff --git a/sdk/python/pulumi_aws/ec2/vpc.py b/sdk/python/pulumi_aws/ec2/vpc.py index 5c59249dd89..915745b88b4 100644 --- a/sdk/python/pulumi_aws/ec2/vpc.py +++ b/sdk/python/pulumi_aws/ec2/vpc.py @@ -668,7 +668,8 @@ def __init__(__self__, cidr="172.20.0.0/16") test_vpc = aws.ec2.Vpc("test", ipv4_ipam_pool_id=test_vpc_ipam_pool.id, - ipv4_netmask_length=28) + ipv4_netmask_length=28, + opts=pulumi.ResourceOptions(depends_on=[test_vpc_ipam_pool_cidr])) ``` @@ -754,7 +755,8 @@ def __init__(__self__, cidr="172.20.0.0/16") test_vpc = aws.ec2.Vpc("test", ipv4_ipam_pool_id=test_vpc_ipam_pool.id, - ipv4_netmask_length=28) + ipv4_netmask_length=28, + opts=pulumi.ResourceOptions(depends_on=[test_vpc_ipam_pool_cidr])) ``` diff --git a/sdk/python/pulumi_aws/ec2/vpc_ipam_pool_cidr_allocation.py b/sdk/python/pulumi_aws/ec2/vpc_ipam_pool_cidr_allocation.py index 7c46727b61d..7a2fdc6dac4 100644 --- a/sdk/python/pulumi_aws/ec2/vpc_ipam_pool_cidr_allocation.py +++ b/sdk/python/pulumi_aws/ec2/vpc_ipam_pool_cidr_allocation.py @@ -277,12 +277,13 @@ def __init__(__self__, address_family="ipv4", ipam_scope_id=example_vpc_ipam.private_default_scope_id, locale=current.name) - example = aws.ec2.VpcIpamPoolCidrAllocation("example", - ipam_pool_id=example_vpc_ipam_pool.id, - cidr="172.20.0.0/24") example_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr("example", ipam_pool_id=example_vpc_ipam_pool.id, cidr="172.20.0.0/16") + example = aws.ec2.VpcIpamPoolCidrAllocation("example", + ipam_pool_id=example_vpc_ipam_pool.id, + cidr="172.20.0.0/24", + opts=pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr])) ``` @@ -301,13 +302,14 @@ def __init__(__self__, address_family="ipv4", ipam_scope_id=example_vpc_ipam.private_default_scope_id, locale=current.name) - example = aws.ec2.VpcIpamPoolCidrAllocation("example", - ipam_pool_id=example_vpc_ipam_pool.id, - netmask_length=28, - disallowed_cidrs=["172.20.0.0/28"]) example_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr("example", ipam_pool_id=example_vpc_ipam_pool.id, cidr="172.20.0.0/16") + example = aws.ec2.VpcIpamPoolCidrAllocation("example", + ipam_pool_id=example_vpc_ipam_pool.id, + netmask_length=28, + disallowed_cidrs=["172.20.0.0/28"], + opts=pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr])) ``` @@ -353,12 +355,13 @@ def __init__(__self__, address_family="ipv4", ipam_scope_id=example_vpc_ipam.private_default_scope_id, locale=current.name) - example = aws.ec2.VpcIpamPoolCidrAllocation("example", - ipam_pool_id=example_vpc_ipam_pool.id, - cidr="172.20.0.0/24") example_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr("example", ipam_pool_id=example_vpc_ipam_pool.id, cidr="172.20.0.0/16") + example = aws.ec2.VpcIpamPoolCidrAllocation("example", + ipam_pool_id=example_vpc_ipam_pool.id, + cidr="172.20.0.0/24", + opts=pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr])) ``` @@ -377,13 +380,14 @@ def __init__(__self__, address_family="ipv4", ipam_scope_id=example_vpc_ipam.private_default_scope_id, locale=current.name) - example = aws.ec2.VpcIpamPoolCidrAllocation("example", - ipam_pool_id=example_vpc_ipam_pool.id, - netmask_length=28, - disallowed_cidrs=["172.20.0.0/28"]) example_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr("example", ipam_pool_id=example_vpc_ipam_pool.id, cidr="172.20.0.0/16") + example = aws.ec2.VpcIpamPoolCidrAllocation("example", + ipam_pool_id=example_vpc_ipam_pool.id, + netmask_length=28, + disallowed_cidrs=["172.20.0.0/28"], + opts=pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr])) ``` diff --git a/sdk/python/pulumi_aws/ec2/vpc_ipam_preview_next_cidr.py b/sdk/python/pulumi_aws/ec2/vpc_ipam_preview_next_cidr.py index a1b0185f9e3..658cb20f959 100644 --- a/sdk/python/pulumi_aws/ec2/vpc_ipam_preview_next_cidr.py +++ b/sdk/python/pulumi_aws/ec2/vpc_ipam_preview_next_cidr.py @@ -167,13 +167,14 @@ def __init__(__self__, address_family="ipv4", ipam_scope_id=example_vpc_ipam.private_default_scope_id, locale=current.name) - example = aws.ec2.VpcIpamPreviewNextCidr("example", - ipam_pool_id=example_vpc_ipam_pool.id, - netmask_length=28, - disallowed_cidrs=["172.2.0.0/32"]) example_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr("example", ipam_pool_id=example_vpc_ipam_pool.id, cidr="172.20.0.0/16") + example = aws.ec2.VpcIpamPreviewNextCidr("example", + ipam_pool_id=example_vpc_ipam_pool.id, + netmask_length=28, + disallowed_cidrs=["172.2.0.0/32"], + opts=pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr])) ``` @@ -209,13 +210,14 @@ def __init__(__self__, address_family="ipv4", ipam_scope_id=example_vpc_ipam.private_default_scope_id, locale=current.name) - example = aws.ec2.VpcIpamPreviewNextCidr("example", - ipam_pool_id=example_vpc_ipam_pool.id, - netmask_length=28, - disallowed_cidrs=["172.2.0.0/32"]) example_vpc_ipam_pool_cidr = aws.ec2.VpcIpamPoolCidr("example", ipam_pool_id=example_vpc_ipam_pool.id, cidr="172.20.0.0/16") + example = aws.ec2.VpcIpamPreviewNextCidr("example", + ipam_pool_id=example_vpc_ipam_pool.id, + netmask_length=28, + disallowed_cidrs=["172.2.0.0/32"], + opts=pulumi.ResourceOptions(depends_on=[example_vpc_ipam_pool_cidr])) ``` diff --git a/sdk/python/pulumi_aws/ecr/registry_policy.py b/sdk/python/pulumi_aws/ecr/registry_policy.py index b279adf16a5..f856adbdab9 100644 --- a/sdk/python/pulumi_aws/ecr/registry_policy.py +++ b/sdk/python/pulumi_aws/ecr/registry_policy.py @@ -98,15 +98,15 @@ def __init__(__self__, current_get_region = aws.get_region() current_get_partition = aws.get_partition() example = aws.ecr.RegistryPolicy("example", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "sid": "testpolicy", - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Sid": "testpolicy", + "Effect": "Allow", + "Principal": { "AWS": f"arn:{current_get_partition.partition}:iam::{current.account_id}:root", }, - "action": ["ecr:ReplicateImage"], - "resource": [f"arn:{current_get_partition.partition}:ecr:{current_get_region.name}:{current.account_id}:repository/*"], + "Action": ["ecr:ReplicateImage"], + "Resource": [f"arn:{current_get_partition.partition}:ecr:{current_get_region.name}:{current.account_id}:repository/*"], }], })) ``` @@ -147,15 +147,15 @@ def __init__(__self__, current_get_region = aws.get_region() current_get_partition = aws.get_partition() example = aws.ecr.RegistryPolicy("example", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "sid": "testpolicy", - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Sid": "testpolicy", + "Effect": "Allow", + "Principal": { "AWS": f"arn:{current_get_partition.partition}:iam::{current.account_id}:root", }, - "action": ["ecr:ReplicateImage"], - "resource": [f"arn:{current_get_partition.partition}:ecr:{current_get_region.name}:{current.account_id}:repository/*"], + "Action": ["ecr:ReplicateImage"], + "Resource": [f"arn:{current_get_partition.partition}:ecr:{current_get_region.name}:{current.account_id}:repository/*"], }], })) ``` diff --git a/sdk/python/pulumi_aws/ecs/service.py b/sdk/python/pulumi_aws/ecs/service.py index 194122bd2cf..b3af8d1bdf3 100644 --- a/sdk/python/pulumi_aws/ecs/service.py +++ b/sdk/python/pulumi_aws/ecs/service.py @@ -1014,14 +1014,15 @@ def __init__(__self__, field="cpu", )], load_balancers=[aws.ecs.ServiceLoadBalancerArgs( - target_group_arn=foo["arn"], + target_group_arn=foo_aws_lb_target_group["arn"], container_name="mongo", container_port=8080, )], placement_constraints=[aws.ecs.ServicePlacementConstraintArgs( type="memberOf", expression="attribute:ecs.availability-zone in [us-west-2a, us-west-2b]", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[foo])) ``` @@ -1159,14 +1160,15 @@ def __init__(__self__, field="cpu", )], load_balancers=[aws.ecs.ServiceLoadBalancerArgs( - target_group_arn=foo["arn"], + target_group_arn=foo_aws_lb_target_group["arn"], container_name="mongo", container_port=8080, )], placement_constraints=[aws.ecs.ServicePlacementConstraintArgs( type="memberOf", expression="attribute:ecs.availability-zone in [us-west-2a, us-west-2b]", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[foo])) ``` diff --git a/sdk/python/pulumi_aws/eks/cluster.py b/sdk/python/pulumi_aws/eks/cluster.py index 19c3b9f799a..6826de4d4e5 100644 --- a/sdk/python/pulumi_aws/eks/cluster.py +++ b/sdk/python/pulumi_aws/eks/cluster.py @@ -580,7 +580,11 @@ def __init__(__self__, example1["id"], example2["id"], ], - )) + ), + opts=pulumi.ResourceOptions(depends_on=[ + example__amazon_eks_cluster_policy, + example__amazon_eksvpc_resource_controller, + ])) pulumi.export("endpoint", example.endpoint) pulumi.export("kubeconfig-certificate-authority-data", example.certificate_authority.data) ``` @@ -630,15 +634,16 @@ def __init__(__self__, cluster_name = config.get("clusterName") if cluster_name is None: cluster_name = "example" + example_log_group = aws.cloudwatch.LogGroup("example", + name=f"/aws/eks/{cluster_name}/cluster", + retention_in_days=7) example = aws.eks.Cluster("example", enabled_cluster_log_types=[ "api", "audit", ], - name=cluster_name) - example_log_group = aws.cloudwatch.LogGroup("example", - name=f"/aws/eks/{cluster_name}/cluster", - retention_in_days=7) + name=cluster_name, + opts=pulumi.ResourceOptions(depends_on=[example_log_group])) ``` @@ -781,7 +786,11 @@ def __init__(__self__, example1["id"], example2["id"], ], - )) + ), + opts=pulumi.ResourceOptions(depends_on=[ + example__amazon_eks_cluster_policy, + example__amazon_eksvpc_resource_controller, + ])) pulumi.export("endpoint", example.endpoint) pulumi.export("kubeconfig-certificate-authority-data", example.certificate_authority.data) ``` @@ -831,15 +840,16 @@ def __init__(__self__, cluster_name = config.get("clusterName") if cluster_name is None: cluster_name = "example" + example_log_group = aws.cloudwatch.LogGroup("example", + name=f"/aws/eks/{cluster_name}/cluster", + retention_in_days=7) example = aws.eks.Cluster("example", enabled_cluster_log_types=[ "api", "audit", ], - name=cluster_name) - example_log_group = aws.cloudwatch.LogGroup("example", - name=f"/aws/eks/{cluster_name}/cluster", - retention_in_days=7) + name=cluster_name, + opts=pulumi.ResourceOptions(depends_on=[example_log_group])) ``` diff --git a/sdk/python/pulumi_aws/eks/fargate_profile.py b/sdk/python/pulumi_aws/eks/fargate_profile.py index 3618b351736..549640ca967 100644 --- a/sdk/python/pulumi_aws/eks/fargate_profile.py +++ b/sdk/python/pulumi_aws/eks/fargate_profile.py @@ -324,14 +324,14 @@ def __init__(__self__, example = aws.iam.Role("example", name="eks-fargate-profile-example", assume_role_policy=json.dumps({ - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "principal": { - "service": "eks-fargate-pods.amazonaws.com", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "eks-fargate-pods.amazonaws.com", }, }], - "version": "2012-10-17", + "Version": "2012-10-17", })) example__amazon_eks_fargate_pod_execution_role_policy = aws.iam.RolePolicyAttachment("example-AmazonEKSFargatePodExecutionRolePolicy", policy_arn="arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy", @@ -396,14 +396,14 @@ def __init__(__self__, example = aws.iam.Role("example", name="eks-fargate-profile-example", assume_role_policy=json.dumps({ - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "principal": { - "service": "eks-fargate-pods.amazonaws.com", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "eks-fargate-pods.amazonaws.com", }, }], - "version": "2012-10-17", + "Version": "2012-10-17", })) example__amazon_eks_fargate_pod_execution_role_policy = aws.iam.RolePolicyAttachment("example-AmazonEKSFargatePodExecutionRolePolicy", policy_arn="arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy", diff --git a/sdk/python/pulumi_aws/eks/node_group.py b/sdk/python/pulumi_aws/eks/node_group.py index 31209b7faed..f97d84c3d16 100644 --- a/sdk/python/pulumi_aws/eks/node_group.py +++ b/sdk/python/pulumi_aws/eks/node_group.py @@ -758,7 +758,12 @@ def __init__(__self__, ), update_config=aws.eks.NodeGroupUpdateConfigArgs( max_unavailable=1, - )) + ), + opts=pulumi.ResourceOptions(depends_on=[ + example__amazon_eks_worker_node_policy, + example__amazon_ekscni_policy, + example__amazon_ec2_container_registry_read_only, + ])) ``` @@ -788,14 +793,14 @@ def __init__(__self__, example = aws.iam.Role("example", name="eks-node-group-example", assume_role_policy=json.dumps({ - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "principal": { - "service": "ec2.amazonaws.com", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com", }, }], - "version": "2012-10-17", + "Version": "2012-10-17", })) example__amazon_eks_worker_node_policy = aws.iam.RolePolicyAttachment("example-AmazonEKSWorkerNodePolicy", policy_arn="arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy", @@ -889,7 +894,12 @@ def __init__(__self__, ), update_config=aws.eks.NodeGroupUpdateConfigArgs( max_unavailable=1, - )) + ), + opts=pulumi.ResourceOptions(depends_on=[ + example__amazon_eks_worker_node_policy, + example__amazon_ekscni_policy, + example__amazon_ec2_container_registry_read_only, + ])) ``` @@ -919,14 +929,14 @@ def __init__(__self__, example = aws.iam.Role("example", name="eks-node-group-example", assume_role_policy=json.dumps({ - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "principal": { - "service": "ec2.amazonaws.com", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com", }, }], - "version": "2012-10-17", + "Version": "2012-10-17", })) example__amazon_eks_worker_node_policy = aws.iam.RolePolicyAttachment("example-AmazonEKSWorkerNodePolicy", policy_arn="arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy", diff --git a/sdk/python/pulumi_aws/elasticsearch/domain.py b/sdk/python/pulumi_aws/elasticsearch/domain.py index d2fad72a2f6..fff44e3a0ff 100644 --- a/sdk/python/pulumi_aws/elasticsearch/domain.py +++ b/sdk/python/pulumi_aws/elasticsearch/domain.py @@ -817,7 +817,8 @@ def __init__(__self__, \"\"\", tags={ "Domain": "TestDomain", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[es_service_linked_role])) ``` @@ -1012,7 +1013,8 @@ def __init__(__self__, \"\"\", tags={ "Domain": "TestDomain", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[es_service_linked_role])) ``` diff --git a/sdk/python/pulumi_aws/finspace/kx_user.py b/sdk/python/pulumi_aws/finspace/kx_user.py index b38f37c6036..4307153fe90 100644 --- a/sdk/python/pulumi_aws/finspace/kx_user.py +++ b/sdk/python/pulumi_aws/finspace/kx_user.py @@ -231,13 +231,13 @@ def __init__(__self__, example_role = aws.iam.Role("example", name="example-role", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "ec2.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "ec2.amazonaws.com", }, }], })) @@ -293,13 +293,13 @@ def __init__(__self__, example_role = aws.iam.Role("example", name="example-role", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "ec2.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "ec2.amazonaws.com", }, }], })) diff --git a/sdk/python/pulumi_aws/gamelift/game_server_group.py b/sdk/python/pulumi_aws/gamelift/game_server_group.py index 0c9595afecf..96cbc53087a 100644 --- a/sdk/python/pulumi_aws/gamelift/game_server_group.py +++ b/sdk/python/pulumi_aws/gamelift/game_server_group.py @@ -483,7 +483,8 @@ def __init__(__self__, ), max_size=1, min_size=1, - role_arn=example_aws_iam_role["arn"]) + role_arn=example_aws_iam_role["arn"], + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy_attachment])) ``` @@ -527,7 +528,8 @@ def __init__(__self__, vpc_subnets=[ "subnet-12345678", "subnet-23456789", - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy_attachment])) ``` @@ -619,7 +621,8 @@ def __init__(__self__, ), max_size=1, min_size=1, - role_arn=example_aws_iam_role["arn"]) + role_arn=example_aws_iam_role["arn"], + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy_attachment])) ``` @@ -663,7 +666,8 @@ def __init__(__self__, vpc_subnets=[ "subnet-12345678", "subnet-23456789", - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[example_aws_iam_role_policy_attachment])) ``` diff --git a/sdk/python/pulumi_aws/glue/crawler.py b/sdk/python/pulumi_aws/glue/crawler.py index 6ecaaa3defe..ab21761769d 100644 --- a/sdk/python/pulumi_aws/glue/crawler.py +++ b/sdk/python/pulumi_aws/glue/crawler.py @@ -915,15 +915,15 @@ def __init__(__self__, role=glue_role["arn"], tags=tags, configuration=json.dumps({ - "grouping": { - "tableGroupingPolicy": "CombineCompatibleSchemas", + "Grouping": { + "TableGroupingPolicy": "CombineCompatibleSchemas", }, - "crawlerOutput": { - "partitions": { - "addOrUpdateBehavior": "InheritFromTable", + "CrawlerOutput": { + "Partitions": { + "AddOrUpdateBehavior": "InheritFromTable", }, }, - "version": 1, + "Version": 1, }), s3_targets=[aws.glue.CrawlerS3TargetArgs( path=f"s3://{data_lake_bucket['bucket']}", @@ -1088,15 +1088,15 @@ def __init__(__self__, role=glue_role["arn"], tags=tags, configuration=json.dumps({ - "grouping": { - "tableGroupingPolicy": "CombineCompatibleSchemas", + "Grouping": { + "TableGroupingPolicy": "CombineCompatibleSchemas", }, - "crawlerOutput": { - "partitions": { - "addOrUpdateBehavior": "InheritFromTable", + "CrawlerOutput": { + "Partitions": { + "AddOrUpdateBehavior": "InheritFromTable", }, }, - "version": 1, + "Version": 1, }), s3_targets=[aws.glue.CrawlerS3TargetArgs( path=f"s3://{data_lake_bucket['bucket']}", diff --git a/sdk/python/pulumi_aws/glue/ml_transform.py b/sdk/python/pulumi_aws/glue/ml_transform.py index d0dc2e053e9..323b7a6b599 100644 --- a/sdk/python/pulumi_aws/glue/ml_transform.py +++ b/sdk/python/pulumi_aws/glue/ml_transform.py @@ -586,7 +586,8 @@ def __init__(__self__, find_matches_parameters=aws.glue.MLTransformParametersFindMatchesParametersArgs( primary_key_column_name="my_column_1", ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test_aws_iam_role_policy_attachment])) ``` @@ -707,7 +708,8 @@ def __init__(__self__, find_matches_parameters=aws.glue.MLTransformParametersFindMatchesParametersArgs( primary_key_column_name="my_column_1", ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test_aws_iam_role_policy_attachment])) ``` diff --git a/sdk/python/pulumi_aws/grafana/license_association.py b/sdk/python/pulumi_aws/grafana/license_association.py index 49e6107473e..fde3ddbcfc3 100644 --- a/sdk/python/pulumi_aws/grafana/license_association.py +++ b/sdk/python/pulumi_aws/grafana/license_association.py @@ -145,13 +145,13 @@ def __init__(__self__, assume = aws.iam.Role("assume", name="grafana-assume", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "grafana.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "grafana.amazonaws.com", }, }], })) @@ -201,13 +201,13 @@ def __init__(__self__, assume = aws.iam.Role("assume", name="grafana-assume", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "grafana.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "grafana.amazonaws.com", }, }], })) diff --git a/sdk/python/pulumi_aws/grafana/role_association.py b/sdk/python/pulumi_aws/grafana/role_association.py index 860a307a0f9..dd0b46e467e 100644 --- a/sdk/python/pulumi_aws/grafana/role_association.py +++ b/sdk/python/pulumi_aws/grafana/role_association.py @@ -187,13 +187,13 @@ def __init__(__self__, assume = aws.iam.Role("assume", name="grafana-assume", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "grafana.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "grafana.amazonaws.com", }, }], })) @@ -243,13 +243,13 @@ def __init__(__self__, assume = aws.iam.Role("assume", name="grafana-assume", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "grafana.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "grafana.amazonaws.com", }, }], })) diff --git a/sdk/python/pulumi_aws/grafana/workspace.py b/sdk/python/pulumi_aws/grafana/workspace.py index 07b0fff50b2..7909fb65e83 100644 --- a/sdk/python/pulumi_aws/grafana/workspace.py +++ b/sdk/python/pulumi_aws/grafana/workspace.py @@ -650,13 +650,13 @@ def __init__(__self__, assume = aws.iam.Role("assume", name="grafana-assume", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "grafana.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "grafana.amazonaws.com", }, }], })) @@ -719,13 +719,13 @@ def __init__(__self__, assume = aws.iam.Role("assume", name="grafana-assume", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "grafana.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "grafana.amazonaws.com", }, }], })) diff --git a/sdk/python/pulumi_aws/grafana/workspace_saml_configuration.py b/sdk/python/pulumi_aws/grafana/workspace_saml_configuration.py index 2708bedf6b9..eaa12604629 100644 --- a/sdk/python/pulumi_aws/grafana/workspace_saml_configuration.py +++ b/sdk/python/pulumi_aws/grafana/workspace_saml_configuration.py @@ -500,13 +500,13 @@ def __init__(__self__, assume = aws.iam.Role("assume", name="grafana-assume", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "grafana.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "grafana.amazonaws.com", }, }], })) @@ -570,13 +570,13 @@ def __init__(__self__, assume = aws.iam.Role("assume", name="grafana-assume", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "grafana.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "grafana.amazonaws.com", }, }], })) diff --git a/sdk/python/pulumi_aws/guardduty/invite_accepter.py b/sdk/python/pulumi_aws/guardduty/invite_accepter.py index c83a82d6a5e..bf8444115ae 100644 --- a/sdk/python/pulumi_aws/guardduty/invite_accepter.py +++ b/sdk/python/pulumi_aws/guardduty/invite_accepter.py @@ -109,14 +109,15 @@ def __init__(__self__, primary = aws.guardduty.Detector("primary") member_detector = aws.guardduty.Detector("member") - member = aws.guardduty.InviteAccepter("member", - detector_id=member_detector.id, - master_account_id=primary.account_id) member_member = aws.guardduty.Member("member", account_id=member_detector.account_id, detector_id=primary.id, email="required@example.com", invite=True) + member = aws.guardduty.InviteAccepter("member", + detector_id=member_detector.id, + master_account_id=primary.account_id, + opts=pulumi.ResourceOptions(depends_on=[member_member])) ``` @@ -151,14 +152,15 @@ def __init__(__self__, primary = aws.guardduty.Detector("primary") member_detector = aws.guardduty.Detector("member") - member = aws.guardduty.InviteAccepter("member", - detector_id=member_detector.id, - master_account_id=primary.account_id) member_member = aws.guardduty.Member("member", account_id=member_detector.account_id, detector_id=primary.id, email="required@example.com", invite=True) + member = aws.guardduty.InviteAccepter("member", + detector_id=member_detector.id, + master_account_id=primary.account_id, + opts=pulumi.ResourceOptions(depends_on=[member_member])) ``` diff --git a/sdk/python/pulumi_aws/guardduty/organization_admin_account.py b/sdk/python/pulumi_aws/guardduty/organization_admin_account.py index d92cd850215..106dda62448 100644 --- a/sdk/python/pulumi_aws/guardduty/organization_admin_account.py +++ b/sdk/python/pulumi_aws/guardduty/organization_admin_account.py @@ -79,7 +79,8 @@ def __init__(__self__, aws_service_access_principals=["guardduty.amazonaws.com"], feature_set="ALL") example_detector = aws.guardduty.Detector("example") - example_organization_admin_account = aws.guardduty.OrganizationAdminAccount("example", admin_account_id="123456789012") + example_organization_admin_account = aws.guardduty.OrganizationAdminAccount("example", admin_account_id="123456789012", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -115,7 +116,8 @@ def __init__(__self__, aws_service_access_principals=["guardduty.amazonaws.com"], feature_set="ALL") example_detector = aws.guardduty.Detector("example") - example_organization_admin_account = aws.guardduty.OrganizationAdminAccount("example", admin_account_id="123456789012") + example_organization_admin_account = aws.guardduty.OrganizationAdminAccount("example", admin_account_id="123456789012", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/guardduty/publishing_destination.py b/sdk/python/pulumi_aws/guardduty/publishing_destination.py index 7985290eaaf..40dd959086c 100644 --- a/sdk/python/pulumi_aws/guardduty/publishing_destination.py +++ b/sdk/python/pulumi_aws/guardduty/publishing_destination.py @@ -239,7 +239,8 @@ def __init__(__self__, test = aws.guardduty.PublishingDestination("test", detector_id=test_gd.id, destination_arn=gd_bucket.arn, - kms_key_arn=gd_key.arn) + kms_key_arn=gd_key.arn, + opts=pulumi.ResourceOptions(depends_on=[gd_bucket_policy])) ``` @@ -337,7 +338,8 @@ def __init__(__self__, test = aws.guardduty.PublishingDestination("test", detector_id=test_gd.id, destination_arn=gd_bucket.arn, - kms_key_arn=gd_key.arn) + kms_key_arn=gd_key.arn, + opts=pulumi.ResourceOptions(depends_on=[gd_bucket_policy])) ``` diff --git a/sdk/python/pulumi_aws/iam/get_principal_policy_simulation.py b/sdk/python/pulumi_aws/iam/get_principal_policy_simulation.py index 2251e205d41..f7cc5ded7f5 100644 --- a/sdk/python/pulumi_aws/iam/get_principal_policy_simulation.py +++ b/sdk/python/pulumi_aws/iam/get_principal_policy_simulation.py @@ -205,7 +205,8 @@ def get_principal_policy_simulation(action_names: Optional[Sequence[str]] = None import pulumi import pulumi_aws as aws - example = aws.s3.BucketObject("example", bucket="my-test-bucket") + example = aws.s3.BucketObject("example", bucket="my-test-bucket", + opts=pulumi.ResourceOptions(depends_on=[s3_object_access])) ``` @@ -226,24 +227,24 @@ def get_principal_policy_simulation(action_names: Optional[Sequence[str]] = None name="example_s3_access", user=example.name, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "s3:GetObject", - "effect": "Allow", - "resource": example_bucket_v2.arn, + "Version": "2012-10-17", + "Statement": [{ + "Action": "s3:GetObject", + "Effect": "Allow", + "Resource": example_bucket_v2.arn, }], })) account_access = aws.s3.BucketPolicy("account_access", bucket=example_bucket_v2.bucket, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "s3:*", - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Action": "s3:*", + "Effect": "Allow", + "Principal": { "AWS": current.account_id, }, - "resource": [ + "Resource": [ example_bucket_v2.arn, example_bucket_v2.arn.apply(lambda arn: f"{arn}/*"), ], @@ -363,7 +364,8 @@ def get_principal_policy_simulation_output(action_names: Optional[pulumi.Input[S import pulumi import pulumi_aws as aws - example = aws.s3.BucketObject("example", bucket="my-test-bucket") + example = aws.s3.BucketObject("example", bucket="my-test-bucket", + opts=pulumi.ResourceOptions(depends_on=[s3_object_access])) ``` @@ -384,24 +386,24 @@ def get_principal_policy_simulation_output(action_names: Optional[pulumi.Input[S name="example_s3_access", user=example.name, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "s3:GetObject", - "effect": "Allow", - "resource": example_bucket_v2.arn, + "Version": "2012-10-17", + "Statement": [{ + "Action": "s3:GetObject", + "Effect": "Allow", + "Resource": example_bucket_v2.arn, }], })) account_access = aws.s3.BucketPolicy("account_access", bucket=example_bucket_v2.bucket, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "s3:*", - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Action": "s3:*", + "Effect": "Allow", + "Principal": { "AWS": current.account_id, }, - "resource": [ + "Resource": [ example_bucket_v2.arn, example_bucket_v2.arn.apply(lambda arn: f"{arn}/*"), ], diff --git a/sdk/python/pulumi_aws/iam/group_policy.py b/sdk/python/pulumi_aws/iam/group_policy.py index 4ddbf4d8b02..31f3a6c9f32 100644 --- a/sdk/python/pulumi_aws/iam/group_policy.py +++ b/sdk/python/pulumi_aws/iam/group_policy.py @@ -191,11 +191,11 @@ def __init__(__self__, name="my_developer_policy", group=my_developers.name, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], })) ``` @@ -244,11 +244,11 @@ def __init__(__self__, name="my_developer_policy", group=my_developers.name, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], })) ``` diff --git a/sdk/python/pulumi_aws/iam/policy.py b/sdk/python/pulumi_aws/iam/policy.py index 6ee9fc402f8..145ec848237 100644 --- a/sdk/python/pulumi_aws/iam/policy.py +++ b/sdk/python/pulumi_aws/iam/policy.py @@ -302,11 +302,11 @@ def __init__(__self__, path="/", description="My test policy", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], })) ``` @@ -353,11 +353,11 @@ def __init__(__self__, path="/", description="My test policy", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], })) ``` diff --git a/sdk/python/pulumi_aws/iam/role.py b/sdk/python/pulumi_aws/iam/role.py index 14dd36927cf..29afbf6d6b5 100644 --- a/sdk/python/pulumi_aws/iam/role.py +++ b/sdk/python/pulumi_aws/iam/role.py @@ -497,13 +497,13 @@ def __init__(__self__, test_role = aws.iam.Role("test_role", name="test_role", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "ec2.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "ec2.amazonaws.com", }, }], }), @@ -555,11 +555,11 @@ def __init__(__self__, aws.iam.RoleInlinePolicyArgs( name="my_inline_policy", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], }), ), @@ -600,25 +600,25 @@ def __init__(__self__, policy_one = aws.iam.Policy("policy_one", name="policy-618033", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], })) policy_two = aws.iam.Policy("policy_two", name="policy-381966", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Action": [ "s3:ListAllMyBuckets", "s3:ListBucket", "s3:HeadBucket", ], - "effect": "Allow", - "resource": "*", + "Effect": "Allow", + "Resource": "*", }], })) example = aws.iam.Role("example", @@ -700,13 +700,13 @@ def __init__(__self__, test_role = aws.iam.Role("test_role", name="test_role", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "ec2.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "ec2.amazonaws.com", }, }], }), @@ -758,11 +758,11 @@ def __init__(__self__, aws.iam.RoleInlinePolicyArgs( name="my_inline_policy", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], }), ), @@ -803,25 +803,25 @@ def __init__(__self__, policy_one = aws.iam.Policy("policy_one", name="policy-618033", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], })) policy_two = aws.iam.Policy("policy_two", name="policy-381966", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Action": [ "s3:ListAllMyBuckets", "s3:ListBucket", "s3:HeadBucket", ], - "effect": "Allow", - "resource": "*", + "Effect": "Allow", + "Resource": "*", }], })) example = aws.iam.Role("example", diff --git a/sdk/python/pulumi_aws/iam/role_policy.py b/sdk/python/pulumi_aws/iam/role_policy.py index a749d0bfc48..4a1c74fefdc 100644 --- a/sdk/python/pulumi_aws/iam/role_policy.py +++ b/sdk/python/pulumi_aws/iam/role_policy.py @@ -189,13 +189,13 @@ def __init__(__self__, test_role = aws.iam.Role("test_role", name="test_role", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "ec2.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "ec2.amazonaws.com", }, }], })) @@ -203,11 +203,11 @@ def __init__(__self__, name="test_policy", role=test_role.id, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], })) ``` @@ -254,13 +254,13 @@ def __init__(__self__, test_role = aws.iam.Role("test_role", name="test_role", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "ec2.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "ec2.amazonaws.com", }, }], })) @@ -268,11 +268,11 @@ def __init__(__self__, name="test_policy", role=test_role.id, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], })) ``` diff --git a/sdk/python/pulumi_aws/iam/user_policy.py b/sdk/python/pulumi_aws/iam/user_policy.py index 6f160b46e1b..fe71b142da3 100644 --- a/sdk/python/pulumi_aws/iam/user_policy.py +++ b/sdk/python/pulumi_aws/iam/user_policy.py @@ -183,11 +183,11 @@ def __init__(__self__, name="test", user=lb.name, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], })) lb_access_key = aws.iam.AccessKey("lb", user=lb.name) @@ -235,11 +235,11 @@ def __init__(__self__, name="test", user=lb.name, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["ec2:Describe*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["ec2:Describe*"], + "Effect": "Allow", + "Resource": "*", }], })) lb_access_key = aws.iam.AccessKey("lb", user=lb.name) diff --git a/sdk/python/pulumi_aws/iot/policy.py b/sdk/python/pulumi_aws/iot/policy.py index c511dc65713..00404d82ab0 100644 --- a/sdk/python/pulumi_aws/iot/policy.py +++ b/sdk/python/pulumi_aws/iot/policy.py @@ -201,11 +201,11 @@ def __init__(__self__, pubsub = aws.iot.Policy("pubsub", name="PubSubToAnyTopic", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["iot:*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["iot:*"], + "Effect": "Allow", + "Resource": "*", }], })) ``` @@ -247,11 +247,11 @@ def __init__(__self__, pubsub = aws.iot.Policy("pubsub", name="PubSubToAnyTopic", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": ["iot:*"], - "effect": "Allow", - "resource": "*", + "Version": "2012-10-17", + "Statement": [{ + "Action": ["iot:*"], + "Effect": "Allow", + "Resource": "*", }], })) ``` diff --git a/sdk/python/pulumi_aws/iot/provisioning_template.py b/sdk/python/pulumi_aws/iot/provisioning_template.py index 9f39cca25af..21d6e4850b9 100644 --- a/sdk/python/pulumi_aws/iot/provisioning_template.py +++ b/sdk/python/pulumi_aws/iot/provisioning_template.py @@ -389,26 +389,26 @@ def __init__(__self__, provisioning_role_arn=iot_fleet_provisioning.arn, enabled=True, template_body=pulumi.Output.json_dumps({ - "parameters": { - "serialNumber": { - "type": "String", + "Parameters": { + "SerialNumber": { + "Type": "String", }, }, - "resources": { + "Resources": { "certificate": { - "properties": { - "certificateId": { - "ref": "AWS::IoT::Certificate::Id", + "Properties": { + "CertificateId": { + "Ref": "AWS::IoT::Certificate::Id", }, - "status": "Active", + "Status": "Active", }, - "type": "AWS::IoT::Certificate", + "Type": "AWS::IoT::Certificate", }, "policy": { - "properties": { - "policyName": device_policy_policy.name, + "Properties": { + "PolicyName": device_policy_policy.name, }, - "type": "AWS::IoT::Policy", + "Type": "AWS::IoT::Policy", }, }, })) @@ -478,26 +478,26 @@ def __init__(__self__, provisioning_role_arn=iot_fleet_provisioning.arn, enabled=True, template_body=pulumi.Output.json_dumps({ - "parameters": { - "serialNumber": { - "type": "String", + "Parameters": { + "SerialNumber": { + "Type": "String", }, }, - "resources": { + "Resources": { "certificate": { - "properties": { - "certificateId": { - "ref": "AWS::IoT::Certificate::Id", + "Properties": { + "CertificateId": { + "Ref": "AWS::IoT::Certificate::Id", }, - "status": "Active", + "Status": "Active", }, - "type": "AWS::IoT::Certificate", + "Type": "AWS::IoT::Certificate", }, "policy": { - "properties": { - "policyName": device_policy_policy.name, + "Properties": { + "PolicyName": device_policy_policy.name, }, - "type": "AWS::IoT::Policy", + "Type": "AWS::IoT::Policy", }, }, })) diff --git a/sdk/python/pulumi_aws/kendra/data_source.py b/sdk/python/pulumi_aws/kendra/data_source.py index 12bf546cf88..a0d6e91ab32 100644 --- a/sdk/python/pulumi_aws/kendra/data_source.py +++ b/sdk/python/pulumi_aws/kendra/data_source.py @@ -687,7 +687,8 @@ def __init__(__self__, ), ), ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_aws_secretsmanager_secret_version])) ``` @@ -791,7 +792,8 @@ def __init__(__self__, ), ), ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_aws_secretsmanager_secret_version])) ``` @@ -1048,7 +1050,8 @@ def __init__(__self__, ), ), ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_aws_secretsmanager_secret_version])) ``` @@ -1152,7 +1155,8 @@ def __init__(__self__, ), ), ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_aws_secretsmanager_secret_version])) ``` diff --git a/sdk/python/pulumi_aws/kinesis/firehose_delivery_stream.py b/sdk/python/pulumi_aws/kinesis/firehose_delivery_stream.py index 6bcfd5af09b..5ae9b7d8a44 100644 --- a/sdk/python/pulumi_aws/kinesis/firehose_delivery_stream.py +++ b/sdk/python/pulumi_aws/kinesis/firehose_delivery_stream.py @@ -898,7 +898,8 @@ def __init__(__self__, security_group_ids=[first["id"]], role_arn=firehose["arn"], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[firehose_elasticsearch_role_policy])) ``` @@ -1017,7 +1018,8 @@ def __init__(__self__, security_group_ids=[first["id"]], role_arn=firehose["arn"], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[firehose_opensearch])) ``` @@ -1475,7 +1477,8 @@ def __init__(__self__, security_group_ids=[first["id"]], role_arn=firehose["arn"], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[firehose_elasticsearch_role_policy])) ``` @@ -1594,7 +1597,8 @@ def __init__(__self__, security_group_ids=[first["id"]], role_arn=firehose["arn"], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[firehose_opensearch])) ``` diff --git a/sdk/python/pulumi_aws/kms/key_policy.py b/sdk/python/pulumi_aws/kms/key_policy.py index 5f8db9ac3e6..61132bfb4df 100644 --- a/sdk/python/pulumi_aws/kms/key_policy.py +++ b/sdk/python/pulumi_aws/kms/key_policy.py @@ -161,17 +161,17 @@ def __init__(__self__, example_key_policy = aws.kms.KeyPolicy("example", key_id=example.id, policy=json.dumps({ - "id": "example", - "statement": [{ - "action": "kms:*", - "effect": "Allow", - "principal": { + "Id": "example", + "Statement": [{ + "Action": "kms:*", + "Effect": "Allow", + "Principal": { "AWS": "*", }, - "resource": "*", - "sid": "Enable IAM User Permissions", + "Resource": "*", + "Sid": "Enable IAM User Permissions", }], - "version": "2012-10-17", + "Version": "2012-10-17", })) ``` @@ -215,17 +215,17 @@ def __init__(__self__, example_key_policy = aws.kms.KeyPolicy("example", key_id=example.id, policy=json.dumps({ - "id": "example", - "statement": [{ - "action": "kms:*", - "effect": "Allow", - "principal": { + "Id": "example", + "Statement": [{ + "Action": "kms:*", + "Effect": "Allow", + "Principal": { "AWS": "*", }, - "resource": "*", - "sid": "Enable IAM User Permissions", + "Resource": "*", + "Sid": "Enable IAM User Permissions", }], - "version": "2012-10-17", + "Version": "2012-10-17", })) ``` diff --git a/sdk/python/pulumi_aws/lambda_/event_source_mapping.py b/sdk/python/pulumi_aws/lambda_/event_source_mapping.py index f6f54e2ae5f..6cd6c4793cb 100644 --- a/sdk/python/pulumi_aws/lambda_/event_source_mapping.py +++ b/sdk/python/pulumi_aws/lambda_/event_source_mapping.py @@ -1001,7 +1001,7 @@ def __init__(__self__, filters=[aws.lambda_.EventSourceMappingFilterCriteriaFilterArgs( pattern=json.dumps({ "body": { - "temperature": [{ + "Temperature": [{ "numeric": [ ">", 0, @@ -1009,7 +1009,7 @@ def __init__(__self__, 100, ], }], - "location": ["New York"], + "Location": ["New York"], }, }), )], @@ -1215,7 +1215,7 @@ def __init__(__self__, filters=[aws.lambda_.EventSourceMappingFilterCriteriaFilterArgs( pattern=json.dumps({ "body": { - "temperature": [{ + "Temperature": [{ "numeric": [ ">", 0, @@ -1223,7 +1223,7 @@ def __init__(__self__, 100, ], }], - "location": ["New York"], + "Location": ["New York"], }, }), )], diff --git a/sdk/python/pulumi_aws/lambda_/function.py b/sdk/python/pulumi_aws/lambda_/function.py index 9b74e70d5c8..25644fc9656 100644 --- a/sdk/python/pulumi_aws/lambda_/function.py +++ b/sdk/python/pulumi_aws/lambda_/function.py @@ -1433,6 +1433,11 @@ def __init__(__self__, efs_for_lambda = aws.efs.FileSystem("efs_for_lambda", tags={ "Name": "efs_for_lambda", }) + # Mount target connects the file system to the subnet + alpha = aws.efs.MountTarget("alpha", + file_system_id=efs_for_lambda.id, + subnet_id=subnet_for_lambda["id"], + security_groups=[sg_for_lambda["id"]]) # EFS access point used by lambda file system access_point_for_lambda = aws.efs.AccessPoint("access_point_for_lambda", file_system_id=efs_for_lambda.id, @@ -1457,12 +1462,8 @@ def __init__(__self__, vpc_config=aws.lambda_.FunctionVpcConfigArgs( subnet_ids=[subnet_for_lambda["id"]], security_group_ids=[sg_for_lambda["id"]], - )) - # Mount target connects the file system to the subnet - alpha = aws.efs.MountTarget("alpha", - file_system_id=efs_for_lambda.id, - subnet_id=subnet_for_lambda["id"], - security_groups=[sg_for_lambda["id"]]) + ), + opts=pulumi.ResourceOptions(depends_on=[alpha])) ``` @@ -1483,11 +1484,6 @@ def __init__(__self__, lambda_function_name = config.get("lambdaFunctionName") if lambda_function_name is None: lambda_function_name = "lambda_function_name" - test_lambda = aws.lambda_.Function("test_lambda", - name=lambda_function_name, - logging_config=aws.lambda_.FunctionLoggingConfigArgs( - log_format="Text", - )) # This is to optionally manage the CloudWatch Log Group for the Lambda Function. # If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below. example = aws.cloudwatch.LogGroup("example", @@ -1511,6 +1507,15 @@ def __init__(__self__, lambda_logs = aws.iam.RolePolicyAttachment("lambda_logs", role=iam_for_lambda["name"], policy_arn=lambda_logging_policy.arn) + test_lambda = aws.lambda_.Function("test_lambda", + name=lambda_function_name, + logging_config=aws.lambda_.FunctionLoggingConfigArgs( + log_format="Text", + ), + opts=pulumi.ResourceOptions(depends_on=[ + lambda_logs, + example, + ])) ``` @@ -1681,6 +1686,11 @@ def __init__(__self__, efs_for_lambda = aws.efs.FileSystem("efs_for_lambda", tags={ "Name": "efs_for_lambda", }) + # Mount target connects the file system to the subnet + alpha = aws.efs.MountTarget("alpha", + file_system_id=efs_for_lambda.id, + subnet_id=subnet_for_lambda["id"], + security_groups=[sg_for_lambda["id"]]) # EFS access point used by lambda file system access_point_for_lambda = aws.efs.AccessPoint("access_point_for_lambda", file_system_id=efs_for_lambda.id, @@ -1705,12 +1715,8 @@ def __init__(__self__, vpc_config=aws.lambda_.FunctionVpcConfigArgs( subnet_ids=[subnet_for_lambda["id"]], security_group_ids=[sg_for_lambda["id"]], - )) - # Mount target connects the file system to the subnet - alpha = aws.efs.MountTarget("alpha", - file_system_id=efs_for_lambda.id, - subnet_id=subnet_for_lambda["id"], - security_groups=[sg_for_lambda["id"]]) + ), + opts=pulumi.ResourceOptions(depends_on=[alpha])) ``` @@ -1731,11 +1737,6 @@ def __init__(__self__, lambda_function_name = config.get("lambdaFunctionName") if lambda_function_name is None: lambda_function_name = "lambda_function_name" - test_lambda = aws.lambda_.Function("test_lambda", - name=lambda_function_name, - logging_config=aws.lambda_.FunctionLoggingConfigArgs( - log_format="Text", - )) # This is to optionally manage the CloudWatch Log Group for the Lambda Function. # If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below. example = aws.cloudwatch.LogGroup("example", @@ -1759,6 +1760,15 @@ def __init__(__self__, lambda_logs = aws.iam.RolePolicyAttachment("lambda_logs", role=iam_for_lambda["name"], policy_arn=lambda_logging_policy.arn) + test_lambda = aws.lambda_.Function("test_lambda", + name=lambda_function_name, + logging_config=aws.lambda_.FunctionLoggingConfigArgs( + log_format="Text", + ), + opts=pulumi.ResourceOptions(depends_on=[ + lambda_logs, + example, + ])) ``` diff --git a/sdk/python/pulumi_aws/lambda_/permission.py b/sdk/python/pulumi_aws/lambda_/permission.py index a52c0cae57b..06d574f507d 100644 --- a/sdk/python/pulumi_aws/lambda_/permission.py +++ b/sdk/python/pulumi_aws/lambda_/permission.py @@ -441,13 +441,13 @@ def __init__(__self__, iam_for_lambda = aws.iam.Role("iam_for_lambda", name="iam_for_lambda", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "lambda.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "lambda.amazonaws.com", }, }], })) @@ -484,13 +484,13 @@ def __init__(__self__, default_role = aws.iam.Role("default", name="iam_for_lambda_with_sns", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "lambda.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "lambda.amazonaws.com", }, }], })) @@ -566,7 +566,8 @@ def __init__(__self__, destination_arn=logging_function.arn, filter_pattern="", log_group=default.name, - name="logging_default") + name="logging_default", + opts=pulumi.ResourceOptions(depends_on=[logging])) ``` @@ -661,13 +662,13 @@ def __init__(__self__, iam_for_lambda = aws.iam.Role("iam_for_lambda", name="iam_for_lambda", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "lambda.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "lambda.amazonaws.com", }, }], })) @@ -704,13 +705,13 @@ def __init__(__self__, default_role = aws.iam.Role("default", name="iam_for_lambda_with_sns", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "lambda.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "lambda.amazonaws.com", }, }], })) @@ -786,7 +787,8 @@ def __init__(__self__, destination_arn=logging_function.arn, filter_pattern="", log_group=default.name, - name="logging_default") + name="logging_default", + opts=pulumi.ResourceOptions(depends_on=[logging])) ``` diff --git a/sdk/python/pulumi_aws/lb/target_group_attachment.py b/sdk/python/pulumi_aws/lb/target_group_attachment.py index 49514a2c341..5833d5a8f37 100644 --- a/sdk/python/pulumi_aws/lb/target_group_attachment.py +++ b/sdk/python/pulumi_aws/lb/target_group_attachment.py @@ -213,7 +213,8 @@ def __init__(__self__, source_arn=test.arn) test_target_group_attachment = aws.lb.TargetGroupAttachment("test", target_group_arn=test.arn, - target_id=test_function.arn) + target_id=test_function.arn, + opts=pulumi.ResourceOptions(depends_on=[with_lb])) ``` @@ -301,7 +302,8 @@ def __init__(__self__, source_arn=test.arn) test_target_group_attachment = aws.lb.TargetGroupAttachment("test", target_group_arn=test.arn, - target_id=test_function.arn) + target_id=test_function.arn, + opts=pulumi.ResourceOptions(depends_on=[with_lb])) ``` diff --git a/sdk/python/pulumi_aws/lightsail/distribution.py b/sdk/python/pulumi_aws/lightsail/distribution.py index ce62c99db18..70563b6507d 100644 --- a/sdk/python/pulumi_aws/lightsail/distribution.py +++ b/sdk/python/pulumi_aws/lightsail/distribution.py @@ -626,7 +626,8 @@ def __init__(__self__, ), default_cache_behavior=aws.lightsail.DistributionDefaultCacheBehaviorArgs( behavior="cache", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test])) ``` @@ -668,7 +669,8 @@ def __init__(__self__, ), default_cache_behavior=aws.lightsail.DistributionDefaultCacheBehaviorArgs( behavior="cache", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test_lb_attachment])) ``` @@ -782,7 +784,8 @@ def __init__(__self__, ), default_cache_behavior=aws.lightsail.DistributionDefaultCacheBehaviorArgs( behavior="cache", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test])) ``` @@ -824,7 +827,8 @@ def __init__(__self__, ), default_cache_behavior=aws.lightsail.DistributionDefaultCacheBehaviorArgs( behavior="cache", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test_lb_attachment])) ``` diff --git a/sdk/python/pulumi_aws/macie/custom_data_identifier.py b/sdk/python/pulumi_aws/macie/custom_data_identifier.py index 9f4612290ef..f6719d8c511 100644 --- a/sdk/python/pulumi_aws/macie/custom_data_identifier.py +++ b/sdk/python/pulumi_aws/macie/custom_data_identifier.py @@ -364,7 +364,8 @@ def __init__(__self__, description="DESCRIPTION", maximum_match_distance=10, keywords=["keyword"], - ignore_words=["ignore"]) + ignore_words=["ignore"], + opts=pulumi.ResourceOptions(depends_on=[test])) ``` @@ -410,7 +411,8 @@ def __init__(__self__, description="DESCRIPTION", maximum_match_distance=10, keywords=["keyword"], - ignore_words=["ignore"]) + ignore_words=["ignore"], + opts=pulumi.ResourceOptions(depends_on=[test])) ``` diff --git a/sdk/python/pulumi_aws/macie/findings_filter.py b/sdk/python/pulumi_aws/macie/findings_filter.py index 4c5ac31be0d..e2c6597569e 100644 --- a/sdk/python/pulumi_aws/macie/findings_filter.py +++ b/sdk/python/pulumi_aws/macie/findings_filter.py @@ -319,7 +319,8 @@ def __init__(__self__, field="region", eqs=[current["name"]], )], - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test_aws_macie2_account])) ``` @@ -368,7 +369,8 @@ def __init__(__self__, field="region", eqs=[current["name"]], )], - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test_aws_macie2_account])) ``` diff --git a/sdk/python/pulumi_aws/macie2/classification_export_configuration.py b/sdk/python/pulumi_aws/macie2/classification_export_configuration.py index 9415f201157..0aae8dae267 100644 --- a/sdk/python/pulumi_aws/macie2/classification_export_configuration.py +++ b/sdk/python/pulumi_aws/macie2/classification_export_configuration.py @@ -83,7 +83,8 @@ def __init__(__self__, bucket_name=example_aws_s3_bucket["bucket"], key_prefix="exampleprefix/", kms_key_arn=example_aws_kms_key["arn"], - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -120,7 +121,8 @@ def __init__(__self__, bucket_name=example_aws_s3_bucket["bucket"], key_prefix="exampleprefix/", kms_key_arn=example_aws_kms_key["arn"], - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/macie2/classification_job.py b/sdk/python/pulumi_aws/macie2/classification_job.py index af50bcda2a5..f77098d0069 100644 --- a/sdk/python/pulumi_aws/macie2/classification_job.py +++ b/sdk/python/pulumi_aws/macie2/classification_job.py @@ -489,7 +489,8 @@ def __init__(__self__, account_id="ACCOUNT ID", buckets=["S3 BUCKET NAME"], )], - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test])) ``` @@ -540,7 +541,8 @@ def __init__(__self__, account_id="ACCOUNT ID", buckets=["S3 BUCKET NAME"], )], - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test])) ``` diff --git a/sdk/python/pulumi_aws/macie2/invitation_accepter.py b/sdk/python/pulumi_aws/macie2/invitation_accepter.py index 4ee06c84704..6fc6352d62c 100644 --- a/sdk/python/pulumi_aws/macie2/invitation_accepter.py +++ b/sdk/python/pulumi_aws/macie2/invitation_accepter.py @@ -97,8 +97,10 @@ def __init__(__self__, account_id="ACCOUNT ID", email="EMAIL", invite=True, - invitation_message="Message of the invite") - member_invitation_accepter = aws.macie2.InvitationAccepter("member", administrator_account_id="ADMINISTRATOR ACCOUNT ID") + invitation_message="Message of the invite", + opts=pulumi.ResourceOptions(depends_on=[primary])) + member_invitation_accepter = aws.macie2.InvitationAccepter("member", administrator_account_id="ADMINISTRATOR ACCOUNT ID", + opts=pulumi.ResourceOptions(depends_on=[primary_member])) ``` @@ -136,8 +138,10 @@ def __init__(__self__, account_id="ACCOUNT ID", email="EMAIL", invite=True, - invitation_message="Message of the invite") - member_invitation_accepter = aws.macie2.InvitationAccepter("member", administrator_account_id="ADMINISTRATOR ACCOUNT ID") + invitation_message="Message of the invite", + opts=pulumi.ResourceOptions(depends_on=[primary])) + member_invitation_accepter = aws.macie2.InvitationAccepter("member", administrator_account_id="ADMINISTRATOR ACCOUNT ID", + opts=pulumi.ResourceOptions(depends_on=[primary_member])) ``` diff --git a/sdk/python/pulumi_aws/macie2/member.py b/sdk/python/pulumi_aws/macie2/member.py index 1784f30892b..4cc3b87211f 100644 --- a/sdk/python/pulumi_aws/macie2/member.py +++ b/sdk/python/pulumi_aws/macie2/member.py @@ -388,7 +388,8 @@ def __init__(__self__, email="EMAIL", invite=True, invitation_message="Message of the invitation", - invitation_disable_email_notification=True) + invitation_disable_email_notification=True, + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -432,7 +433,8 @@ def __init__(__self__, email="EMAIL", invite=True, invitation_message="Message of the invitation", - invitation_disable_email_notification=True) + invitation_disable_email_notification=True, + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/macie2/organization_admin_account.py b/sdk/python/pulumi_aws/macie2/organization_admin_account.py index 7dc7628d356..faa181d04a3 100644 --- a/sdk/python/pulumi_aws/macie2/organization_admin_account.py +++ b/sdk/python/pulumi_aws/macie2/organization_admin_account.py @@ -76,7 +76,8 @@ def __init__(__self__, import pulumi_aws as aws example = aws.macie2.Account("example") - example_organization_admin_account = aws.macie2.OrganizationAdminAccount("example", admin_account_id="ID OF THE ADMIN ACCOUNT") + example_organization_admin_account = aws.macie2.OrganizationAdminAccount("example", admin_account_id="ID OF THE ADMIN ACCOUNT", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -109,7 +110,8 @@ def __init__(__self__, import pulumi_aws as aws example = aws.macie2.Account("example") - example_organization_admin_account = aws.macie2.OrganizationAdminAccount("example", admin_account_id="ID OF THE ADMIN ACCOUNT") + example_organization_admin_account = aws.macie2.OrganizationAdminAccount("example", admin_account_id="ID OF THE ADMIN ACCOUNT", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/msk/cluster_policy.py b/sdk/python/pulumi_aws/msk/cluster_policy.py index 79221f2b18b..b9de1468811 100644 --- a/sdk/python/pulumi_aws/msk/cluster_policy.py +++ b/sdk/python/pulumi_aws/msk/cluster_policy.py @@ -127,20 +127,20 @@ def __init__(__self__, example = aws.msk.ClusterPolicy("example", cluster_arn=example_aws_msk_cluster["arn"], policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "sid": "ExampleMskClusterPolicy", - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Sid": "ExampleMskClusterPolicy", + "Effect": "Allow", + "Principal": { "AWS": f"arn:{current_get_partition.partition}:iam::{current.account_id}:root", }, - "action": [ + "Action": [ "kafka:Describe*", "kafka:Get*", "kafka:CreateVpcConnection", "kafka:GetBootstrapBrokers", ], - "resource": example_aws_msk_cluster["arn"], + "Resource": example_aws_msk_cluster["arn"], }], })) ``` @@ -183,20 +183,20 @@ def __init__(__self__, example = aws.msk.ClusterPolicy("example", cluster_arn=example_aws_msk_cluster["arn"], policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "sid": "ExampleMskClusterPolicy", - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Sid": "ExampleMskClusterPolicy", + "Effect": "Allow", + "Principal": { "AWS": f"arn:{current_get_partition.partition}:iam::{current.account_id}:root", }, - "action": [ + "Action": [ "kafka:Describe*", "kafka:Get*", "kafka:CreateVpcConnection", "kafka:GetBootstrapBrokers", ], - "resource": example_aws_msk_cluster["arn"], + "Resource": example_aws_msk_cluster["arn"], }], })) ``` diff --git a/sdk/python/pulumi_aws/msk/scram_secret_association.py b/sdk/python/pulumi_aws/msk/scram_secret_association.py index b56e27802c9..011cab56316 100644 --- a/sdk/python/pulumi_aws/msk/scram_secret_association.py +++ b/sdk/python/pulumi_aws/msk/scram_secret_association.py @@ -129,15 +129,16 @@ def __init__(__self__, example_secret = aws.secretsmanager.Secret("example", name="AmazonMSK_example", kms_key_id=example_key.key_id) - example_scram_secret_association = aws.msk.ScramSecretAssociation("example", - cluster_arn=example_cluster.arn, - secret_arn_lists=[example_secret.arn]) example_secret_version = aws.secretsmanager.SecretVersion("example", secret_id=example_secret.id, secret_string=json.dumps({ "username": "user", "password": "pass", })) + example_scram_secret_association = aws.msk.ScramSecretAssociation("example", + cluster_arn=example_cluster.arn, + secret_arn_lists=[example_secret.arn], + opts=pulumi.ResourceOptions(depends_on=[example_secret_version])) example = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs( sid="AWSKafkaResourcePolicy", effect="Allow", @@ -205,15 +206,16 @@ def __init__(__self__, example_secret = aws.secretsmanager.Secret("example", name="AmazonMSK_example", kms_key_id=example_key.key_id) - example_scram_secret_association = aws.msk.ScramSecretAssociation("example", - cluster_arn=example_cluster.arn, - secret_arn_lists=[example_secret.arn]) example_secret_version = aws.secretsmanager.SecretVersion("example", secret_id=example_secret.id, secret_string=json.dumps({ "username": "user", "password": "pass", })) + example_scram_secret_association = aws.msk.ScramSecretAssociation("example", + cluster_arn=example_cluster.arn, + secret_arn_lists=[example_secret.arn], + opts=pulumi.ResourceOptions(depends_on=[example_secret_version])) example = aws.iam.get_policy_document_output(statements=[aws.iam.GetPolicyDocumentStatementArgs( sid="AWSKafkaResourcePolicy", effect="Allow", diff --git a/sdk/python/pulumi_aws/neptune/global_cluster.py b/sdk/python/pulumi_aws/neptune/global_cluster.py index 5a66a46e6e0..66a5615a1de 100644 --- a/sdk/python/pulumi_aws/neptune/global_cluster.py +++ b/sdk/python/pulumi_aws/neptune/global_cluster.py @@ -339,7 +339,8 @@ def __init__(__self__, identifier="test-secondary-cluster-instance", cluster_identifier=secondary.id, instance_class="db.r5.large", - neptune_subnet_group_name="default") + neptune_subnet_group_name="default", + opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance])) ``` @@ -425,7 +426,8 @@ def __init__(__self__, identifier="test-secondary-cluster-instance", cluster_identifier=secondary.id, instance_class="db.r5.large", - neptune_subnet_group_name="default") + neptune_subnet_group_name="default", + opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance])) ``` diff --git a/sdk/python/pulumi_aws/networkfirewall/resource_policy.py b/sdk/python/pulumi_aws/networkfirewall/resource_policy.py index d35fef42115..9728d841686 100644 --- a/sdk/python/pulumi_aws/networkfirewall/resource_policy.py +++ b/sdk/python/pulumi_aws/networkfirewall/resource_policy.py @@ -113,20 +113,20 @@ def __init__(__self__, example = aws.networkfirewall.ResourcePolicy("example", resource_arn=example_aws_networkfirewall_firewall_policy["arn"], policy=json.dumps({ - "statement": [{ - "action": [ + "Statement": [{ + "Action": [ "network-firewall:ListFirewallPolicies", "network-firewall:CreateFirewall", "network-firewall:UpdateFirewall", "network-firewall:AssociateFirewallPolicy", ], - "effect": "Allow", - "resource": example_aws_networkfirewall_firewall_policy["arn"], - "principal": { + "Effect": "Allow", + "Resource": example_aws_networkfirewall_firewall_policy["arn"], + "Principal": { "AWS": "arn:aws:iam::123456789012:root", }, }], - "version": "2012-10-17", + "Version": "2012-10-17", })) ``` @@ -142,19 +142,19 @@ def __init__(__self__, example = aws.networkfirewall.ResourcePolicy("example", resource_arn=example_aws_networkfirewall_rule_group["arn"], policy=json.dumps({ - "statement": [{ - "action": [ + "Statement": [{ + "Action": [ "network-firewall:ListRuleGroups", "network-firewall:CreateFirewallPolicy", "network-firewall:UpdateFirewallPolicy", ], - "effect": "Allow", - "resource": example_aws_networkfirewall_rule_group["arn"], - "principal": { + "Effect": "Allow", + "Resource": example_aws_networkfirewall_rule_group["arn"], + "Principal": { "AWS": "arn:aws:iam::123456789012:root", }, }], - "version": "2012-10-17", + "Version": "2012-10-17", })) ``` @@ -193,20 +193,20 @@ def __init__(__self__, example = aws.networkfirewall.ResourcePolicy("example", resource_arn=example_aws_networkfirewall_firewall_policy["arn"], policy=json.dumps({ - "statement": [{ - "action": [ + "Statement": [{ + "Action": [ "network-firewall:ListFirewallPolicies", "network-firewall:CreateFirewall", "network-firewall:UpdateFirewall", "network-firewall:AssociateFirewallPolicy", ], - "effect": "Allow", - "resource": example_aws_networkfirewall_firewall_policy["arn"], - "principal": { + "Effect": "Allow", + "Resource": example_aws_networkfirewall_firewall_policy["arn"], + "Principal": { "AWS": "arn:aws:iam::123456789012:root", }, }], - "version": "2012-10-17", + "Version": "2012-10-17", })) ``` @@ -222,19 +222,19 @@ def __init__(__self__, example = aws.networkfirewall.ResourcePolicy("example", resource_arn=example_aws_networkfirewall_rule_group["arn"], policy=json.dumps({ - "statement": [{ - "action": [ + "Statement": [{ + "Action": [ "network-firewall:ListRuleGroups", "network-firewall:CreateFirewallPolicy", "network-firewall:UpdateFirewallPolicy", ], - "effect": "Allow", - "resource": example_aws_networkfirewall_rule_group["arn"], - "principal": { + "Effect": "Allow", + "Resource": example_aws_networkfirewall_rule_group["arn"], + "Principal": { "AWS": "arn:aws:iam::123456789012:root", }, }], - "version": "2012-10-17", + "Version": "2012-10-17", })) ``` diff --git a/sdk/python/pulumi_aws/networkmanager/connect_attachment.py b/sdk/python/pulumi_aws/networkmanager/connect_attachment.py index d9d1c8b456b..4568f2c2794 100644 --- a/sdk/python/pulumi_aws/networkmanager/connect_attachment.py +++ b/sdk/python/pulumi_aws/networkmanager/connect_attachment.py @@ -412,7 +412,8 @@ def __init__(__self__, edge_location=example.edge_location, options=aws.networkmanager.ConnectAttachmentOptionsArgs( protocol="GRE", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test])) example2 = aws.networkmanager.AttachmentAccepter("example2", attachment_id=example_connect_attachment.id, attachment_type=example_connect_attachment.attachment_type) @@ -489,7 +490,8 @@ def __init__(__self__, edge_location=example.edge_location, options=aws.networkmanager.ConnectAttachmentOptionsArgs( protocol="GRE", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test])) example2 = aws.networkmanager.AttachmentAccepter("example2", attachment_id=example_connect_attachment.id, attachment_type=example_connect_attachment.attachment_type) diff --git a/sdk/python/pulumi_aws/networkmanager/connect_peer.py b/sdk/python/pulumi_aws/networkmanager/connect_peer.py index 9b9d8629048..8cae5ef614d 100644 --- a/sdk/python/pulumi_aws/networkmanager/connect_peer.py +++ b/sdk/python/pulumi_aws/networkmanager/connect_peer.py @@ -451,7 +451,8 @@ def __init__(__self__, edge_location=example.edge_location, options=aws.networkmanager.ConnectAttachmentOptionsArgs( protocol="GRE", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test])) example2 = aws.networkmanager.AttachmentAccepter("example2", attachment_id=example_connect_attachment.id, attachment_type=example_connect_attachment.attachment_type) @@ -461,7 +462,8 @@ def __init__(__self__, bgp_options=aws.networkmanager.ConnectPeerBgpOptionsArgs( peer_asn=65500, ), - inside_cidr_blocks=["172.16.0.0/16"]) + inside_cidr_blocks=["172.16.0.0/16"], + opts=pulumi.ResourceOptions(depends_on=[example2])) ``` @@ -572,7 +574,8 @@ def __init__(__self__, edge_location=example.edge_location, options=aws.networkmanager.ConnectAttachmentOptionsArgs( protocol="GRE", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[test])) example2 = aws.networkmanager.AttachmentAccepter("example2", attachment_id=example_connect_attachment.id, attachment_type=example_connect_attachment.attachment_type) @@ -582,7 +585,8 @@ def __init__(__self__, bgp_options=aws.networkmanager.ConnectPeerBgpOptionsArgs( peer_asn=65500, ), - inside_cidr_blocks=["172.16.0.0/16"]) + inside_cidr_blocks=["172.16.0.0/16"], + opts=pulumi.ResourceOptions(depends_on=[example2])) ``` diff --git a/sdk/python/pulumi_aws/networkmanager/customer_gateway_association.py b/sdk/python/pulumi_aws/networkmanager/customer_gateway_association.py index 7eb1b0cf608..b508083483d 100644 --- a/sdk/python/pulumi_aws/networkmanager/customer_gateway_association.py +++ b/sdk/python/pulumi_aws/networkmanager/customer_gateway_association.py @@ -190,11 +190,13 @@ def __init__(__self__, static_routes_only=True) example_transit_gateway_registration = aws.networkmanager.TransitGatewayRegistration("example", global_network_id=example.id, - transit_gateway_arn=example_transit_gateway.arn) + transit_gateway_arn=example_transit_gateway.arn, + opts=pulumi.ResourceOptions(depends_on=[example_vpn_connection])) example_customer_gateway_association = aws.networkmanager.CustomerGatewayAssociation("example", global_network_id=example.id, customer_gateway_arn=example_customer_gateway.arn, - device_id=example_device.id) + device_id=example_device.id, + opts=pulumi.ResourceOptions(depends_on=[example_transit_gateway_registration])) ``` @@ -247,11 +249,13 @@ def __init__(__self__, static_routes_only=True) example_transit_gateway_registration = aws.networkmanager.TransitGatewayRegistration("example", global_network_id=example.id, - transit_gateway_arn=example_transit_gateway.arn) + transit_gateway_arn=example_transit_gateway.arn, + opts=pulumi.ResourceOptions(depends_on=[example_vpn_connection])) example_customer_gateway_association = aws.networkmanager.CustomerGatewayAssociation("example", global_network_id=example.id, customer_gateway_arn=example_customer_gateway.arn, - device_id=example_device.id) + device_id=example_device.id, + opts=pulumi.ResourceOptions(depends_on=[example_transit_gateway_registration])) ``` diff --git a/sdk/python/pulumi_aws/oam/sink_policy.py b/sdk/python/pulumi_aws/oam/sink_policy.py index eba8ed0d02c..8ecd579ca5b 100644 --- a/sdk/python/pulumi_aws/oam/sink_policy.py +++ b/sdk/python/pulumi_aws/oam/sink_policy.py @@ -146,21 +146,21 @@ def __init__(__self__, example_sink_policy = aws.oam.SinkPolicy("example", sink_identifier=example.id, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Action": [ "oam:CreateLink", "oam:UpdateLink", ], - "effect": "Allow", - "resource": "*", - "principal": { + "Effect": "Allow", + "Resource": "*", + "Principal": { "AWS": [ "1111111111111", "222222222222", ], }, - "condition": { + "Condition": { "ForAllValues:StringEquals": { "oam:ResourceTypes": [ "AWS::CloudWatch::Metric", @@ -209,21 +209,21 @@ def __init__(__self__, example_sink_policy = aws.oam.SinkPolicy("example", sink_identifier=example.id, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Action": [ "oam:CreateLink", "oam:UpdateLink", ], - "effect": "Allow", - "resource": "*", - "principal": { + "Effect": "Allow", + "Resource": "*", + "Principal": { "AWS": [ "1111111111111", "222222222222", ], }, - "condition": { + "Condition": { "ForAllValues:StringEquals": { "oam:ResourceTypes": [ "AWS::CloudWatch::Metric", diff --git a/sdk/python/pulumi_aws/opensearch/domain.py b/sdk/python/pulumi_aws/opensearch/domain.py index 43d52947465..69f45a901aa 100644 --- a/sdk/python/pulumi_aws/opensearch/domain.py +++ b/sdk/python/pulumi_aws/opensearch/domain.py @@ -928,7 +928,8 @@ def __init__(__self__, access_policies=example_get_policy_document.json, tags={ "Domain": "TestDomain", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_service_linked_role])) ``` @@ -1226,7 +1227,8 @@ def __init__(__self__, access_policies=example_get_policy_document.json, tags={ "Domain": "TestDomain", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_service_linked_role])) ``` diff --git a/sdk/python/pulumi_aws/opensearch/serverless_access_policy.py b/sdk/python/pulumi_aws/opensearch/serverless_access_policy.py index 6735a03de6e..49d8c5006ed 100644 --- a/sdk/python/pulumi_aws/opensearch/serverless_access_policy.py +++ b/sdk/python/pulumi_aws/opensearch/serverless_access_policy.py @@ -206,19 +206,19 @@ def __init__(__self__, type="data", description="read and write permissions", policy=json.dumps([{ - "rules": [ + "Rules": [ { - "resourceType": "index", - "resource": ["index/example-collection/*"], - "permission": ["aoss:*"], + "ResourceType": "index", + "Resource": ["index/example-collection/*"], + "Permission": ["aoss:*"], }, { - "resourceType": "collection", - "resource": ["collection/example-collection"], - "permission": ["aoss:*"], + "ResourceType": "collection", + "Resource": ["collection/example-collection"], + "Permission": ["aoss:*"], }, ], - "principal": [current.arn], + "Principal": [current.arn], }])) ``` @@ -237,22 +237,22 @@ def __init__(__self__, type="data", description="read-only permissions", policy=json.dumps([{ - "rules": [ + "Rules": [ { - "resourceType": "index", - "resource": ["index/example-collection/*"], - "permission": [ + "ResourceType": "index", + "Resource": ["index/example-collection/*"], + "Permission": [ "aoss:DescribeIndex", "aoss:ReadDocument", ], }, { - "resourceType": "collection", - "resource": ["collection/example-collection"], - "permission": ["aoss:DescribeCollectionItems"], + "ResourceType": "collection", + "Resource": ["collection/example-collection"], + "Permission": ["aoss:DescribeCollectionItems"], }, ], - "principal": [current.arn], + "Principal": [current.arn], }])) ``` @@ -270,19 +270,19 @@ def __init__(__self__, type="data", description="saml permissions", policy=json.dumps([{ - "rules": [ + "Rules": [ { - "resourceType": "index", - "resource": ["index/example-collection/*"], - "permission": ["aoss:*"], + "ResourceType": "index", + "Resource": ["index/example-collection/*"], + "Permission": ["aoss:*"], }, { - "resourceType": "collection", - "resource": ["collection/example-collection"], - "permission": ["aoss:*"], + "ResourceType": "collection", + "Resource": ["collection/example-collection"], + "Permission": ["aoss:*"], }, ], - "principal": [ + "Principal": [ "saml/123456789012/myprovider/user/Annie", "saml/123456789012/anotherprovider/group/Accounting", ], @@ -332,19 +332,19 @@ def __init__(__self__, type="data", description="read and write permissions", policy=json.dumps([{ - "rules": [ + "Rules": [ { - "resourceType": "index", - "resource": ["index/example-collection/*"], - "permission": ["aoss:*"], + "ResourceType": "index", + "Resource": ["index/example-collection/*"], + "Permission": ["aoss:*"], }, { - "resourceType": "collection", - "resource": ["collection/example-collection"], - "permission": ["aoss:*"], + "ResourceType": "collection", + "Resource": ["collection/example-collection"], + "Permission": ["aoss:*"], }, ], - "principal": [current.arn], + "Principal": [current.arn], }])) ``` @@ -363,22 +363,22 @@ def __init__(__self__, type="data", description="read-only permissions", policy=json.dumps([{ - "rules": [ + "Rules": [ { - "resourceType": "index", - "resource": ["index/example-collection/*"], - "permission": [ + "ResourceType": "index", + "Resource": ["index/example-collection/*"], + "Permission": [ "aoss:DescribeIndex", "aoss:ReadDocument", ], }, { - "resourceType": "collection", - "resource": ["collection/example-collection"], - "permission": ["aoss:DescribeCollectionItems"], + "ResourceType": "collection", + "Resource": ["collection/example-collection"], + "Permission": ["aoss:DescribeCollectionItems"], }, ], - "principal": [current.arn], + "Principal": [current.arn], }])) ``` @@ -396,19 +396,19 @@ def __init__(__self__, type="data", description="saml permissions", policy=json.dumps([{ - "rules": [ + "Rules": [ { - "resourceType": "index", - "resource": ["index/example-collection/*"], - "permission": ["aoss:*"], + "ResourceType": "index", + "Resource": ["index/example-collection/*"], + "Permission": ["aoss:*"], }, { - "resourceType": "collection", - "resource": ["collection/example-collection"], - "permission": ["aoss:*"], + "ResourceType": "collection", + "Resource": ["collection/example-collection"], + "Permission": ["aoss:*"], }, ], - "principal": [ + "Principal": [ "saml/123456789012/myprovider/user/Annie", "saml/123456789012/anotherprovider/group/Accounting", ], diff --git a/sdk/python/pulumi_aws/opensearch/serverless_collection.py b/sdk/python/pulumi_aws/opensearch/serverless_collection.py index 7fe9aeb5a5c..27672d7820f 100644 --- a/sdk/python/pulumi_aws/opensearch/serverless_collection.py +++ b/sdk/python/pulumi_aws/opensearch/serverless_collection.py @@ -342,7 +342,8 @@ def __init__(__self__, }], "AWSOwnedKey": True, })) - example_serverless_collection = aws.opensearch.ServerlessCollection("example", name="example") + example_serverless_collection = aws.opensearch.ServerlessCollection("example", name="example", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -397,7 +398,8 @@ def __init__(__self__, }], "AWSOwnedKey": True, })) - example_serverless_collection = aws.opensearch.ServerlessCollection("example", name="example") + example_serverless_collection = aws.opensearch.ServerlessCollection("example", name="example", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/opensearch/serverless_security_policy.py b/sdk/python/pulumi_aws/opensearch/serverless_security_policy.py index f05538ac874..13decb81723 100644 --- a/sdk/python/pulumi_aws/opensearch/serverless_security_policy.py +++ b/sdk/python/pulumi_aws/opensearch/serverless_security_policy.py @@ -207,11 +207,11 @@ def __init__(__self__, type="encryption", description="encryption security policy for example-collection", policy=json.dumps({ - "rules": [{ - "resource": ["collection/example-collection"], - "resourceType": "collection", + "Rules": [{ + "Resource": ["collection/example-collection"], + "ResourceType": "collection", }], - "aWSOwnedKey": True, + "AWSOwnedKey": True, })) ``` @@ -229,11 +229,11 @@ def __init__(__self__, type="encryption", description="encryption security policy for collections that begin with \\"example\\"", policy=json.dumps({ - "rules": [{ - "resource": ["collection/example*"], - "resourceType": "collection", + "Rules": [{ + "Resource": ["collection/example*"], + "ResourceType": "collection", }], - "aWSOwnedKey": True, + "AWSOwnedKey": True, })) ``` @@ -251,12 +251,12 @@ def __init__(__self__, type="encryption", description="encryption security policy using customer KMS key", policy=json.dumps({ - "rules": [{ - "resource": ["collection/customer-managed-key-collection"], - "resourceType": "collection", + "Rules": [{ + "Resource": ["collection/customer-managed-key-collection"], + "ResourceType": "collection", }], - "aWSOwnedKey": False, - "kmsARN": "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36", + "AWSOwnedKey": False, + "KmsARN": "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36", })) ``` @@ -276,18 +276,18 @@ def __init__(__self__, type="network", description="Public access", policy=json.dumps([{ - "description": "Public access to collection and Dashboards endpoint for example collection", - "rules": [ + "Description": "Public access to collection and Dashboards endpoint for example collection", + "Rules": [ { - "resourceType": "collection", - "resource": ["collection/example-collection"], + "ResourceType": "collection", + "Resource": ["collection/example-collection"], }, { - "resourceType": "dashboard", - "resource": ["collection/example-collection"], + "ResourceType": "dashboard", + "Resource": ["collection/example-collection"], }, ], - "allowFromPublic": True, + "AllowFromPublic": True, }])) ``` @@ -305,19 +305,19 @@ def __init__(__self__, type="network", description="VPC access", policy=json.dumps([{ - "description": "VPC access to collection and Dashboards endpoint for example collection", - "rules": [ + "Description": "VPC access to collection and Dashboards endpoint for example collection", + "Rules": [ { - "resourceType": "collection", - "resource": ["collection/example-collection"], + "ResourceType": "collection", + "Resource": ["collection/example-collection"], }, { - "resourceType": "dashboard", - "resource": ["collection/example-collection"], + "ResourceType": "dashboard", + "Resource": ["collection/example-collection"], }, ], - "allowFromPublic": False, - "sourceVPCEs": ["vpce-050f79086ee71ac05"], + "AllowFromPublic": False, + "SourceVPCEs": ["vpce-050f79086ee71ac05"], }])) ``` @@ -405,11 +405,11 @@ def __init__(__self__, type="encryption", description="encryption security policy for example-collection", policy=json.dumps({ - "rules": [{ - "resource": ["collection/example-collection"], - "resourceType": "collection", + "Rules": [{ + "Resource": ["collection/example-collection"], + "ResourceType": "collection", }], - "aWSOwnedKey": True, + "AWSOwnedKey": True, })) ``` @@ -427,11 +427,11 @@ def __init__(__self__, type="encryption", description="encryption security policy for collections that begin with \\"example\\"", policy=json.dumps({ - "rules": [{ - "resource": ["collection/example*"], - "resourceType": "collection", + "Rules": [{ + "Resource": ["collection/example*"], + "ResourceType": "collection", }], - "aWSOwnedKey": True, + "AWSOwnedKey": True, })) ``` @@ -449,12 +449,12 @@ def __init__(__self__, type="encryption", description="encryption security policy using customer KMS key", policy=json.dumps({ - "rules": [{ - "resource": ["collection/customer-managed-key-collection"], - "resourceType": "collection", + "Rules": [{ + "Resource": ["collection/customer-managed-key-collection"], + "ResourceType": "collection", }], - "aWSOwnedKey": False, - "kmsARN": "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36", + "AWSOwnedKey": False, + "KmsARN": "arn:aws:kms:us-east-1:123456789012:key/93fd6da4-a317-4c17-bfe9-382b5d988b36", })) ``` @@ -474,18 +474,18 @@ def __init__(__self__, type="network", description="Public access", policy=json.dumps([{ - "description": "Public access to collection and Dashboards endpoint for example collection", - "rules": [ + "Description": "Public access to collection and Dashboards endpoint for example collection", + "Rules": [ { - "resourceType": "collection", - "resource": ["collection/example-collection"], + "ResourceType": "collection", + "Resource": ["collection/example-collection"], }, { - "resourceType": "dashboard", - "resource": ["collection/example-collection"], + "ResourceType": "dashboard", + "Resource": ["collection/example-collection"], }, ], - "allowFromPublic": True, + "AllowFromPublic": True, }])) ``` @@ -503,19 +503,19 @@ def __init__(__self__, type="network", description="VPC access", policy=json.dumps([{ - "description": "VPC access to collection and Dashboards endpoint for example collection", - "rules": [ + "Description": "VPC access to collection and Dashboards endpoint for example collection", + "Rules": [ { - "resourceType": "collection", - "resource": ["collection/example-collection"], + "ResourceType": "collection", + "Resource": ["collection/example-collection"], }, { - "resourceType": "dashboard", - "resource": ["collection/example-collection"], + "ResourceType": "dashboard", + "Resource": ["collection/example-collection"], }, ], - "allowFromPublic": False, - "sourceVPCEs": ["vpce-050f79086ee71ac05"], + "AllowFromPublic": False, + "SourceVPCEs": ["vpce-050f79086ee71ac05"], }])) ``` diff --git a/sdk/python/pulumi_aws/opensearchingest/pipeline.py b/sdk/python/pulumi_aws/opensearchingest/pipeline.py index c5c7978081a..b76f47574cc 100644 --- a/sdk/python/pulumi_aws/opensearchingest/pipeline.py +++ b/sdk/python/pulumi_aws/opensearchingest/pipeline.py @@ -426,13 +426,13 @@ def __init__(__self__, current = aws.get_region() example = aws.iam.Role("example", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "osis-pipelines.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "osis-pipelines.amazonaws.com", }, }], })) @@ -518,13 +518,13 @@ def __init__(__self__, current = aws.get_region() example = aws.iam.Role("example", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "osis-pipelines.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "osis-pipelines.amazonaws.com", }, }], })) diff --git a/sdk/python/pulumi_aws/pipes/pipe.py b/sdk/python/pulumi_aws/pipes/pipe.py index e28b048ce03..d4ddf833b90 100644 --- a/sdk/python/pulumi_aws/pipes/pipe.py +++ b/sdk/python/pulumi_aws/pipes/pipe.py @@ -495,15 +495,15 @@ def __init__(__self__, main = aws.get_caller_identity() example = aws.iam.Role("example", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": { - "effect": "Allow", - "action": "sts:AssumeRole", - "principal": { - "service": "pipes.amazonaws.com", + "Version": "2012-10-17", + "Statement": { + "Effect": "Allow", + "Action": "sts:AssumeRole", + "Principal": { + "Service": "pipes.amazonaws.com", }, - "condition": { - "stringEquals": { + "Condition": { + "StringEquals": { "aws:SourceAccount": main.account_id, }, }, @@ -513,33 +513,37 @@ def __init__(__self__, source = aws.iam.RolePolicy("source", role=example.id, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": [ "sqs:DeleteMessage", "sqs:GetQueueAttributes", "sqs:ReceiveMessage", ], - "resource": [source_queue.arn], + "Resource": [source_queue.arn], }], })) target_queue = aws.sqs.Queue("target") target = aws.iam.RolePolicy("target", role=example.id, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "action": ["sqs:SendMessage"], - "resource": [target_queue.arn], + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": ["sqs:SendMessage"], + "Resource": [target_queue.arn], }], })) example_pipe = aws.pipes.Pipe("example", name="example-pipe", role_arn=example.arn, source=source_queue.arn, - target=target_queue.arn) + target=target_queue.arn, + opts=pulumi.ResourceOptions(depends_on=[ + source, + target, + ])) ``` @@ -649,15 +653,15 @@ def __init__(__self__, main = aws.get_caller_identity() example = aws.iam.Role("example", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": { - "effect": "Allow", - "action": "sts:AssumeRole", - "principal": { - "service": "pipes.amazonaws.com", + "Version": "2012-10-17", + "Statement": { + "Effect": "Allow", + "Action": "sts:AssumeRole", + "Principal": { + "Service": "pipes.amazonaws.com", }, - "condition": { - "stringEquals": { + "Condition": { + "StringEquals": { "aws:SourceAccount": main.account_id, }, }, @@ -667,33 +671,37 @@ def __init__(__self__, source = aws.iam.RolePolicy("source", role=example.id, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": [ "sqs:DeleteMessage", "sqs:GetQueueAttributes", "sqs:ReceiveMessage", ], - "resource": [source_queue.arn], + "Resource": [source_queue.arn], }], })) target_queue = aws.sqs.Queue("target") target = aws.iam.RolePolicy("target", role=example.id, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "action": ["sqs:SendMessage"], - "resource": [target_queue.arn], + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": ["sqs:SendMessage"], + "Resource": [target_queue.arn], }], })) example_pipe = aws.pipes.Pipe("example", name="example-pipe", role_arn=example.arn, source=source_queue.arn, - target=target_queue.arn) + target=target_queue.arn, + opts=pulumi.ResourceOptions(depends_on=[ + source, + target, + ])) ``` diff --git a/sdk/python/pulumi_aws/quicksight/vpc_connection.py b/sdk/python/pulumi_aws/quicksight/vpc_connection.py index ddedb2bf3ad..f6d1dc44d49 100644 --- a/sdk/python/pulumi_aws/quicksight/vpc_connection.py +++ b/sdk/python/pulumi_aws/quicksight/vpc_connection.py @@ -397,29 +397,29 @@ def __init__(__self__, vpc_connection_role = aws.iam.Role("vpc_connection_role", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "action": "sts:AssumeRole", - "principal": { - "service": "quicksight.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": "sts:AssumeRole", + "Principal": { + "Service": "quicksight.amazonaws.com", }, }], }), inline_policies=[aws.iam.RoleInlinePolicyArgs( name="QuickSightVPCConnectionRolePolicy", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": [ "ec2:CreateNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", ], - "resource": ["*"], + "Resource": ["*"], }], }), )]) @@ -477,29 +477,29 @@ def __init__(__self__, vpc_connection_role = aws.iam.Role("vpc_connection_role", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "action": "sts:AssumeRole", - "principal": { - "service": "quicksight.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": "sts:AssumeRole", + "Principal": { + "Service": "quicksight.amazonaws.com", }, }], }), inline_policies=[aws.iam.RoleInlinePolicyArgs( name="QuickSightVPCConnectionRolePolicy", policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": [ "ec2:CreateNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DeleteNetworkInterface", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups", ], - "resource": ["*"], + "Resource": ["*"], }], }), )]) diff --git a/sdk/python/pulumi_aws/rds/cluster_activity_stream.py b/sdk/python/pulumi_aws/rds/cluster_activity_stream.py index c289236ed6a..bb9dfbac8b3 100644 --- a/sdk/python/pulumi_aws/rds/cluster_activity_stream.py +++ b/sdk/python/pulumi_aws/rds/cluster_activity_stream.py @@ -217,7 +217,8 @@ def __init__(__self__, default_cluster_activity_stream = aws.rds.ClusterActivityStream("default", resource_arn=default.arn, mode="async", - kms_key_id=default_key.key_id) + kms_key_id=default_key.key_id, + opts=pulumi.ResourceOptions(depends_on=[default_cluster_instance])) ``` @@ -281,7 +282,8 @@ def __init__(__self__, default_cluster_activity_stream = aws.rds.ClusterActivityStream("default", resource_arn=default.arn, mode="async", - kms_key_id=default_key.key_id) + kms_key_id=default_key.key_id, + opts=pulumi.ResourceOptions(depends_on=[default_cluster_instance])) ``` diff --git a/sdk/python/pulumi_aws/rds/export_task.py b/sdk/python/pulumi_aws/rds/export_task.py index b421d91d6d6..4ed5309c7e9 100644 --- a/sdk/python/pulumi_aws/rds/export_task.py +++ b/sdk/python/pulumi_aws/rds/export_task.py @@ -460,13 +460,13 @@ def __init__(__self__, example_role = aws.iam.Role("example", name="example", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "export.rds.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "export.rds.amazonaws.com", }, }], })) @@ -587,13 +587,13 @@ def __init__(__self__, example_role = aws.iam.Role("example", name="example", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "sts:AssumeRole", - "effect": "Allow", - "sid": "", - "principal": { - "service": "export.rds.amazonaws.com", + "Version": "2012-10-17", + "Statement": [{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": { + "Service": "export.rds.amazonaws.com", }, }], })) diff --git a/sdk/python/pulumi_aws/rds/global_cluster.py b/sdk/python/pulumi_aws/rds/global_cluster.py index 80b8e9a8798..f42d3793210 100644 --- a/sdk/python/pulumi_aws/rds/global_cluster.py +++ b/sdk/python/pulumi_aws/rds/global_cluster.py @@ -398,7 +398,8 @@ def __init__(__self__, engine_version=example.engine_version, cluster_identifier="test-secondary-cluster", global_cluster_identifier=example.id, - db_subnet_group_name="default") + db_subnet_group_name="default", + opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance])) secondary_cluster_instance = aws.rds.ClusterInstance("secondary", engine=example.engine, engine_version=example.engine_version, @@ -443,7 +444,8 @@ def __init__(__self__, cluster_identifier="test-secondary-cluster", global_cluster_identifier=example.id, skip_final_snapshot=True, - db_subnet_group_name="default") + db_subnet_group_name="default", + opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance])) secondary_cluster_instance = aws.rds.ClusterInstance("secondary", engine=example.engine, engine_version=example.engine_version, @@ -571,7 +573,8 @@ def __init__(__self__, engine_version=example.engine_version, cluster_identifier="test-secondary-cluster", global_cluster_identifier=example.id, - db_subnet_group_name="default") + db_subnet_group_name="default", + opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance])) secondary_cluster_instance = aws.rds.ClusterInstance("secondary", engine=example.engine, engine_version=example.engine_version, @@ -616,7 +619,8 @@ def __init__(__self__, cluster_identifier="test-secondary-cluster", global_cluster_identifier=example.id, skip_final_snapshot=True, - db_subnet_group_name="default") + db_subnet_group_name="default", + opts=pulumi.ResourceOptions(depends_on=[primary_cluster_instance])) secondary_cluster_instance = aws.rds.ClusterInstance("secondary", engine=example.engine, engine_version=example.engine_version, diff --git a/sdk/python/pulumi_aws/redshift/authentication_profile.py b/sdk/python/pulumi_aws/redshift/authentication_profile.py index 529c57a461b..18a66863c09 100644 --- a/sdk/python/pulumi_aws/redshift/authentication_profile.py +++ b/sdk/python/pulumi_aws/redshift/authentication_profile.py @@ -111,9 +111,9 @@ def __init__(__self__, example = aws.redshift.AuthenticationProfile("example", authentication_profile_name="example", authentication_profile_content=json.dumps({ - "allowDBUserOverride": "1", - "clientID": "ExampleClientID", - "appID": "example", + "AllowDBUserOverride": "1", + "Client_ID": "ExampleClientID", + "App_ID": "example", })) ``` @@ -151,9 +151,9 @@ def __init__(__self__, example = aws.redshift.AuthenticationProfile("example", authentication_profile_name="example", authentication_profile_content=json.dumps({ - "allowDBUserOverride": "1", - "clientID": "ExampleClientID", - "appID": "example", + "AllowDBUserOverride": "1", + "Client_ID": "ExampleClientID", + "App_ID": "example", })) ``` diff --git a/sdk/python/pulumi_aws/redshift/resource_policy.py b/sdk/python/pulumi_aws/redshift/resource_policy.py index ca63fc52f49..04e45b93c63 100644 --- a/sdk/python/pulumi_aws/redshift/resource_policy.py +++ b/sdk/python/pulumi_aws/redshift/resource_policy.py @@ -111,15 +111,15 @@ def __init__(__self__, example = aws.redshift.ResourcePolicy("example", resource_arn=example_aws_redshift_cluster["clusterNamespaceArn"], policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Principal": { "AWS": "arn:aws:iam::12345678901:root", }, - "action": "redshift:CreateInboundIntegration", - "resource": example_aws_redshift_cluster["clusterNamespaceArn"], - "sid": "", + "Action": "redshift:CreateInboundIntegration", + "Resource": example_aws_redshift_cluster["clusterNamespaceArn"], + "Sid": "", }], })) ``` @@ -158,15 +158,15 @@ def __init__(__self__, example = aws.redshift.ResourcePolicy("example", resource_arn=example_aws_redshift_cluster["clusterNamespaceArn"], policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Principal": { "AWS": "arn:aws:iam::12345678901:root", }, - "action": "redshift:CreateInboundIntegration", - "resource": example_aws_redshift_cluster["clusterNamespaceArn"], - "sid": "", + "Action": "redshift:CreateInboundIntegration", + "Resource": example_aws_redshift_cluster["clusterNamespaceArn"], + "Sid": "", }], })) ``` diff --git a/sdk/python/pulumi_aws/redshiftserverless/resource_policy.py b/sdk/python/pulumi_aws/redshiftserverless/resource_policy.py index b88dfcaf2d8..4ac2176bef6 100644 --- a/sdk/python/pulumi_aws/redshiftserverless/resource_policy.py +++ b/sdk/python/pulumi_aws/redshiftserverless/resource_policy.py @@ -111,14 +111,14 @@ def __init__(__self__, example = aws.redshiftserverless.ResourcePolicy("example", resource_arn=example_aws_redshiftserverless_snapshot["arn"], policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Principal": { "AWS": ["12345678901"], }, - "action": ["redshift-serverless:RestoreFromSnapshot"], - "sid": "", + "Action": ["redshift-serverless:RestoreFromSnapshot"], + "Sid": "", }], })) ``` @@ -157,14 +157,14 @@ def __init__(__self__, example = aws.redshiftserverless.ResourcePolicy("example", resource_arn=example_aws_redshiftserverless_snapshot["arn"], policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Effect": "Allow", + "Principal": { "AWS": ["12345678901"], }, - "action": ["redshift-serverless:RestoreFromSnapshot"], - "sid": "", + "Action": ["redshift-serverless:RestoreFromSnapshot"], + "Sid": "", }], })) ``` diff --git a/sdk/python/pulumi_aws/resourceexplorer/view.py b/sdk/python/pulumi_aws/resourceexplorer/view.py index afb5dd8ac5c..2174207075e 100644 --- a/sdk/python/pulumi_aws/resourceexplorer/view.py +++ b/sdk/python/pulumi_aws/resourceexplorer/view.py @@ -256,7 +256,8 @@ def __init__(__self__, ), included_properties=[aws.resourceexplorer.ViewIncludedPropertyArgs( name="tags", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -300,7 +301,8 @@ def __init__(__self__, ), included_properties=[aws.resourceexplorer.ViewIncludedPropertyArgs( name="tags", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/rolesanywhere/profile.py b/sdk/python/pulumi_aws/rolesanywhere/profile.py index d6bdf97a630..e340b965f97 100644 --- a/sdk/python/pulumi_aws/rolesanywhere/profile.py +++ b/sdk/python/pulumi_aws/rolesanywhere/profile.py @@ -349,18 +349,18 @@ def __init__(__self__, name="test", path="/", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Action": [ "sts:AssumeRole", "sts:TagSession", "sts:SetSourceIdentity", ], - "principal": { - "service": "rolesanywhere.amazonaws.com", + "Principal": { + "Service": "rolesanywhere.amazonaws.com", }, - "effect": "Allow", - "sid": "", + "Effect": "Allow", + "Sid": "", }], })) test_profile = aws.rolesanywhere.Profile("test", @@ -409,18 +409,18 @@ def __init__(__self__, name="test", path="/", assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Action": [ "sts:AssumeRole", "sts:TagSession", "sts:SetSourceIdentity", ], - "principal": { - "service": "rolesanywhere.amazonaws.com", + "Principal": { + "Service": "rolesanywhere.amazonaws.com", }, - "effect": "Allow", - "sid": "", + "Effect": "Allow", + "Sid": "", }], })) test_profile = aws.rolesanywhere.Profile("test", diff --git a/sdk/python/pulumi_aws/rolesanywhere/trust_anchor.py b/sdk/python/pulumi_aws/rolesanywhere/trust_anchor.py index ef4a3b3d6be..06e79646154 100644 --- a/sdk/python/pulumi_aws/rolesanywhere/trust_anchor.py +++ b/sdk/python/pulumi_aws/rolesanywhere/trust_anchor.py @@ -245,7 +245,8 @@ def __init__(__self__, acm_pca_arn=example.arn, ), source_type="AWS_ACM_PCA", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_certificate_authority_certificate])) ``` @@ -311,7 +312,8 @@ def __init__(__self__, acm_pca_arn=example.arn, ), source_type="AWS_ACM_PCA", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_certificate_authority_certificate])) ``` diff --git a/sdk/python/pulumi_aws/route53/hosted_zone_dns_sec.py b/sdk/python/pulumi_aws/route53/hosted_zone_dns_sec.py index 82b029a6615..1a300940b00 100644 --- a/sdk/python/pulumi_aws/route53/hosted_zone_dns_sec.py +++ b/sdk/python/pulumi_aws/route53/hosted_zone_dns_sec.py @@ -127,39 +127,40 @@ def __init__(__self__, deletion_window_in_days=7, key_usage="SIGN_VERIFY", policy=json.dumps({ - "statement": [ + "Statement": [ { - "action": [ + "Action": [ "kms:DescribeKey", "kms:GetPublicKey", "kms:Sign", "kms:Verify", ], - "effect": "Allow", - "principal": { - "service": "dnssec-route53.amazonaws.com", + "Effect": "Allow", + "Principal": { + "Service": "dnssec-route53.amazonaws.com", }, - "resource": "*", - "sid": "Allow Route 53 DNSSEC Service", + "Resource": "*", + "Sid": "Allow Route 53 DNSSEC Service", }, { - "action": "kms:*", - "effect": "Allow", - "principal": { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { "AWS": f"arn:aws:iam::{current.account_id}:root", }, - "resource": "*", - "sid": "Enable IAM User Permissions", + "Resource": "*", + "Sid": "Enable IAM User Permissions", }, ], - "version": "2012-10-17", + "Version": "2012-10-17", })) example_zone = aws.route53.Zone("example", name="example.com") example_key_signing_key = aws.route53.KeySigningKey("example", hosted_zone_id=example_zone.id, key_management_service_arn=example.arn, name="example") - example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id) + example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id, + opts=pulumi.ResourceOptions(depends_on=[example_key_signing_key])) ``` @@ -205,39 +206,40 @@ def __init__(__self__, deletion_window_in_days=7, key_usage="SIGN_VERIFY", policy=json.dumps({ - "statement": [ + "Statement": [ { - "action": [ + "Action": [ "kms:DescribeKey", "kms:GetPublicKey", "kms:Sign", "kms:Verify", ], - "effect": "Allow", - "principal": { - "service": "dnssec-route53.amazonaws.com", + "Effect": "Allow", + "Principal": { + "Service": "dnssec-route53.amazonaws.com", }, - "resource": "*", - "sid": "Allow Route 53 DNSSEC Service", + "Resource": "*", + "Sid": "Allow Route 53 DNSSEC Service", }, { - "action": "kms:*", - "effect": "Allow", - "principal": { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { "AWS": f"arn:aws:iam::{current.account_id}:root", }, - "resource": "*", - "sid": "Enable IAM User Permissions", + "Resource": "*", + "Sid": "Enable IAM User Permissions", }, ], - "version": "2012-10-17", + "Version": "2012-10-17", })) example_zone = aws.route53.Zone("example", name="example.com") example_key_signing_key = aws.route53.KeySigningKey("example", hosted_zone_id=example_zone.id, key_management_service_arn=example.arn, name="example") - example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id) + example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id, + opts=pulumi.ResourceOptions(depends_on=[example_key_signing_key])) ``` diff --git a/sdk/python/pulumi_aws/route53/key_signing_key.py b/sdk/python/pulumi_aws/route53/key_signing_key.py index 35da305bc2b..f488fac567d 100644 --- a/sdk/python/pulumi_aws/route53/key_signing_key.py +++ b/sdk/python/pulumi_aws/route53/key_signing_key.py @@ -348,60 +348,61 @@ def __init__(__self__, deletion_window_in_days=7, key_usage="SIGN_VERIFY", policy=json.dumps({ - "statement": [ + "Statement": [ { - "action": [ + "Action": [ "kms:DescribeKey", "kms:GetPublicKey", "kms:Sign", ], - "effect": "Allow", - "principal": { - "service": "dnssec-route53.amazonaws.com", + "Effect": "Allow", + "Principal": { + "Service": "dnssec-route53.amazonaws.com", }, - "sid": "Allow Route 53 DNSSEC Service", - "resource": "*", - "condition": { - "stringEquals": { + "Sid": "Allow Route 53 DNSSEC Service", + "Resource": "*", + "Condition": { + "StringEquals": { "aws:SourceAccount": current.account_id, }, - "arnLike": { + "ArnLike": { "aws:SourceArn": "arn:aws:route53:::hostedzone/*", }, }, }, { - "action": "kms:CreateGrant", - "effect": "Allow", - "principal": { - "service": "dnssec-route53.amazonaws.com", + "Action": "kms:CreateGrant", + "Effect": "Allow", + "Principal": { + "Service": "dnssec-route53.amazonaws.com", }, - "sid": "Allow Route 53 DNSSEC Service to CreateGrant", - "resource": "*", - "condition": { - "bool": { + "Sid": "Allow Route 53 DNSSEC Service to CreateGrant", + "Resource": "*", + "Condition": { + "Bool": { "kms:GrantIsForAWSResource": "true", }, }, }, { - "action": "kms:*", - "effect": "Allow", - "principal": { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { "AWS": f"arn:aws:iam::{current.account_id}:root", }, - "resource": "*", - "sid": "Enable IAM User Permissions", + "Resource": "*", + "Sid": "Enable IAM User Permissions", }, ], - "version": "2012-10-17", + "Version": "2012-10-17", })) example_zone = aws.route53.Zone("example", name="example.com") example_key_signing_key = aws.route53.KeySigningKey("example", hosted_zone_id=test["id"], key_management_service_arn=test_aws_kms_key["arn"], name="example") - example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id) + example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id, + opts=pulumi.ResourceOptions(depends_on=[example_key_signing_key])) ``` @@ -445,60 +446,61 @@ def __init__(__self__, deletion_window_in_days=7, key_usage="SIGN_VERIFY", policy=json.dumps({ - "statement": [ + "Statement": [ { - "action": [ + "Action": [ "kms:DescribeKey", "kms:GetPublicKey", "kms:Sign", ], - "effect": "Allow", - "principal": { - "service": "dnssec-route53.amazonaws.com", + "Effect": "Allow", + "Principal": { + "Service": "dnssec-route53.amazonaws.com", }, - "sid": "Allow Route 53 DNSSEC Service", - "resource": "*", - "condition": { - "stringEquals": { + "Sid": "Allow Route 53 DNSSEC Service", + "Resource": "*", + "Condition": { + "StringEquals": { "aws:SourceAccount": current.account_id, }, - "arnLike": { + "ArnLike": { "aws:SourceArn": "arn:aws:route53:::hostedzone/*", }, }, }, { - "action": "kms:CreateGrant", - "effect": "Allow", - "principal": { - "service": "dnssec-route53.amazonaws.com", + "Action": "kms:CreateGrant", + "Effect": "Allow", + "Principal": { + "Service": "dnssec-route53.amazonaws.com", }, - "sid": "Allow Route 53 DNSSEC Service to CreateGrant", - "resource": "*", - "condition": { - "bool": { + "Sid": "Allow Route 53 DNSSEC Service to CreateGrant", + "Resource": "*", + "Condition": { + "Bool": { "kms:GrantIsForAWSResource": "true", }, }, }, { - "action": "kms:*", - "effect": "Allow", - "principal": { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { "AWS": f"arn:aws:iam::{current.account_id}:root", }, - "resource": "*", - "sid": "Enable IAM User Permissions", + "Resource": "*", + "Sid": "Enable IAM User Permissions", }, ], - "version": "2012-10-17", + "Version": "2012-10-17", })) example_zone = aws.route53.Zone("example", name="example.com") example_key_signing_key = aws.route53.KeySigningKey("example", hosted_zone_id=test["id"], key_management_service_arn=test_aws_kms_key["arn"], name="example") - example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id) + example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id, + opts=pulumi.ResourceOptions(depends_on=[example_key_signing_key])) ``` diff --git a/sdk/python/pulumi_aws/route53/query_log.py b/sdk/python/pulumi_aws/route53/query_log.py index 43b0aa9a5ba..2682cb8d0fe 100644 --- a/sdk/python/pulumi_aws/route53/query_log.py +++ b/sdk/python/pulumi_aws/route53/query_log.py @@ -152,7 +152,8 @@ def __init__(__self__, policy_name="route53-query-logging-policy") example_com_query_log = aws.route53.QueryLog("example_com", cloudwatch_log_group_arn=aws_route53_example_com.arn, - zone_id=example_com.zone_id) + zone_id=example_com.zone_id, + opts=pulumi.ResourceOptions(depends_on=[route53_query_logging_policy_log_resource_policy])) ``` @@ -214,7 +215,8 @@ def __init__(__self__, policy_name="route53-query-logging-policy") example_com_query_log = aws.route53.QueryLog("example_com", cloudwatch_log_group_arn=aws_route53_example_com.arn, - zone_id=example_com.zone_id) + zone_id=example_com.zone_id, + opts=pulumi.ResourceOptions(depends_on=[route53_query_logging_policy_log_resource_policy])) ``` diff --git a/sdk/python/pulumi_aws/route53domains/delegation_signer_record.py b/sdk/python/pulumi_aws/route53domains/delegation_signer_record.py index c5d30b1efd3..716a66847a2 100644 --- a/sdk/python/pulumi_aws/route53domains/delegation_signer_record.py +++ b/sdk/python/pulumi_aws/route53domains/delegation_signer_record.py @@ -160,60 +160,61 @@ def __init__(__self__, deletion_window_in_days=7, key_usage="SIGN_VERIFY", policy=json.dumps({ - "statement": [ + "Statement": [ { - "action": [ + "Action": [ "kms:DescribeKey", "kms:GetPublicKey", "kms:Sign", ], - "effect": "Allow", - "principal": { - "service": "dnssec-route53.amazonaws.com", + "Effect": "Allow", + "Principal": { + "Service": "dnssec-route53.amazonaws.com", }, - "sid": "Allow Route 53 DNSSEC Service", - "resource": "*", - "condition": { - "stringEquals": { + "Sid": "Allow Route 53 DNSSEC Service", + "Resource": "*", + "Condition": { + "StringEquals": { "aws:SourceAccount": current.account_id, }, - "arnLike": { + "ArnLike": { "aws:SourceArn": "arn:aws:route53:::hostedzone/*", }, }, }, { - "action": "kms:CreateGrant", - "effect": "Allow", - "principal": { - "service": "dnssec-route53.amazonaws.com", + "Action": "kms:CreateGrant", + "Effect": "Allow", + "Principal": { + "Service": "dnssec-route53.amazonaws.com", }, - "sid": "Allow Route 53 DNSSEC Service to CreateGrant", - "resource": "*", - "condition": { - "bool": { + "Sid": "Allow Route 53 DNSSEC Service to CreateGrant", + "Resource": "*", + "Condition": { + "Bool": { "kms:GrantIsForAWSResource": "true", }, }, }, { - "action": "kms:*", - "effect": "Allow", - "principal": { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { "AWS": f"arn:aws:iam::{current.account_id}:root", }, - "resource": "*", - "sid": "Enable IAM User Permissions", + "Resource": "*", + "Sid": "Enable IAM User Permissions", }, ], - "version": "2012-10-17", + "Version": "2012-10-17", })) example_zone = aws.route53.Zone("example", name="example.com") example_key_signing_key = aws.route53.KeySigningKey("example", hosted_zone_id=test["id"], key_management_service_arn=test_aws_kms_key["arn"], name="example") - example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id) + example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id, + opts=pulumi.ResourceOptions(depends_on=[example_key_signing_key])) example_delegation_signer_record = aws.route53domains.DelegationSignerRecord("example", domain_name="example.com", signing_attributes=aws.route53domains.DelegationSignerRecordSigningAttributesArgs( @@ -262,60 +263,61 @@ def __init__(__self__, deletion_window_in_days=7, key_usage="SIGN_VERIFY", policy=json.dumps({ - "statement": [ + "Statement": [ { - "action": [ + "Action": [ "kms:DescribeKey", "kms:GetPublicKey", "kms:Sign", ], - "effect": "Allow", - "principal": { - "service": "dnssec-route53.amazonaws.com", + "Effect": "Allow", + "Principal": { + "Service": "dnssec-route53.amazonaws.com", }, - "sid": "Allow Route 53 DNSSEC Service", - "resource": "*", - "condition": { - "stringEquals": { + "Sid": "Allow Route 53 DNSSEC Service", + "Resource": "*", + "Condition": { + "StringEquals": { "aws:SourceAccount": current.account_id, }, - "arnLike": { + "ArnLike": { "aws:SourceArn": "arn:aws:route53:::hostedzone/*", }, }, }, { - "action": "kms:CreateGrant", - "effect": "Allow", - "principal": { - "service": "dnssec-route53.amazonaws.com", + "Action": "kms:CreateGrant", + "Effect": "Allow", + "Principal": { + "Service": "dnssec-route53.amazonaws.com", }, - "sid": "Allow Route 53 DNSSEC Service to CreateGrant", - "resource": "*", - "condition": { - "bool": { + "Sid": "Allow Route 53 DNSSEC Service to CreateGrant", + "Resource": "*", + "Condition": { + "Bool": { "kms:GrantIsForAWSResource": "true", }, }, }, { - "action": "kms:*", - "effect": "Allow", - "principal": { + "Action": "kms:*", + "Effect": "Allow", + "Principal": { "AWS": f"arn:aws:iam::{current.account_id}:root", }, - "resource": "*", - "sid": "Enable IAM User Permissions", + "Resource": "*", + "Sid": "Enable IAM User Permissions", }, ], - "version": "2012-10-17", + "Version": "2012-10-17", })) example_zone = aws.route53.Zone("example", name="example.com") example_key_signing_key = aws.route53.KeySigningKey("example", hosted_zone_id=test["id"], key_management_service_arn=test_aws_kms_key["arn"], name="example") - example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id) + example_hosted_zone_dns_sec = aws.route53.HostedZoneDnsSec("example", hosted_zone_id=example_key_signing_key.hosted_zone_id, + opts=pulumi.ResourceOptions(depends_on=[example_key_signing_key])) example_delegation_signer_record = aws.route53domains.DelegationSignerRecord("example", domain_name="example.com", signing_attributes=aws.route53domains.DelegationSignerRecordSigningAttributesArgs( diff --git a/sdk/python/pulumi_aws/s3/bucket_acl_v2.py b/sdk/python/pulumi_aws/s3/bucket_acl_v2.py index 57c510ed324..460ea3a3c00 100644 --- a/sdk/python/pulumi_aws/s3/bucket_acl_v2.py +++ b/sdk/python/pulumi_aws/s3/bucket_acl_v2.py @@ -190,7 +190,8 @@ def __init__(__self__, )) example_bucket_acl_v2 = aws.s3.BucketAclV2("example", bucket=example.id, - acl="private") + acl="private", + opts=pulumi.ResourceOptions(depends_on=[example_bucket_ownership_controls])) ``` @@ -218,7 +219,11 @@ def __init__(__self__, restrict_public_buckets=False) example_bucket_acl_v2 = aws.s3.BucketAclV2("example", bucket=example.id, - acl="public-read") + acl="public-read", + opts=pulumi.ResourceOptions(depends_on=[ + example_bucket_ownership_controls, + example_bucket_public_access_block, + ])) ``` @@ -258,7 +263,8 @@ def __init__(__self__, owner=aws.s3.BucketAclV2AccessControlPolicyOwnerArgs( id=current.id, ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_bucket_ownership_controls])) ``` @@ -333,7 +339,8 @@ def __init__(__self__, )) example_bucket_acl_v2 = aws.s3.BucketAclV2("example", bucket=example.id, - acl="private") + acl="private", + opts=pulumi.ResourceOptions(depends_on=[example_bucket_ownership_controls])) ``` @@ -361,7 +368,11 @@ def __init__(__self__, restrict_public_buckets=False) example_bucket_acl_v2 = aws.s3.BucketAclV2("example", bucket=example.id, - acl="public-read") + acl="public-read", + opts=pulumi.ResourceOptions(depends_on=[ + example_bucket_ownership_controls, + example_bucket_public_access_block, + ])) ``` @@ -401,7 +412,8 @@ def __init__(__self__, owner=aws.s3.BucketAclV2AccessControlPolicyOwnerArgs( id=current.id, ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_bucket_ownership_controls])) ``` diff --git a/sdk/python/pulumi_aws/s3/bucket_lifecycle_configuration_v2.py b/sdk/python/pulumi_aws/s3/bucket_lifecycle_configuration_v2.py index d598425bfdc..f7a97fb1f7e 100644 --- a/sdk/python/pulumi_aws/s3/bucket_lifecycle_configuration_v2.py +++ b/sdk/python/pulumi_aws/s3/bucket_lifecycle_configuration_v2.py @@ -446,7 +446,8 @@ def __init__(__self__, ), ], status="Enabled", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[versioning])) ``` @@ -793,7 +794,8 @@ def __init__(__self__, ), ], status="Enabled", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[versioning])) ``` diff --git a/sdk/python/pulumi_aws/s3/bucket_notification.py b/sdk/python/pulumi_aws/s3/bucket_notification.py index 51ae7a08999..67a418774a5 100644 --- a/sdk/python/pulumi_aws/s3/bucket_notification.py +++ b/sdk/python/pulumi_aws/s3/bucket_notification.py @@ -324,7 +324,8 @@ def __init__(__self__, events=["s3:ObjectCreated:*"], filter_prefix="AWSLogs/", filter_suffix=".log", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[allow_bucket])) ``` @@ -385,7 +386,11 @@ def __init__(__self__, filter_prefix="OtherLogs/", filter_suffix=".log", ), - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[ + allow_bucket1, + allow_bucket2, + ])) ``` @@ -590,7 +595,8 @@ def __init__(__self__, events=["s3:ObjectCreated:*"], filter_prefix="AWSLogs/", filter_suffix=".log", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[allow_bucket])) ``` @@ -651,7 +657,11 @@ def __init__(__self__, filter_prefix="OtherLogs/", filter_suffix=".log", ), - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[ + allow_bucket1, + allow_bucket2, + ])) ``` diff --git a/sdk/python/pulumi_aws/s3/bucket_object.py b/sdk/python/pulumi_aws/s3/bucket_object.py index 352a86d13e0..54b9804dc95 100644 --- a/sdk/python/pulumi_aws/s3/bucket_object.py +++ b/sdk/python/pulumi_aws/s3/bucket_object.py @@ -1000,7 +1000,8 @@ def __init__(__self__, object_lock_legal_hold_status="ON", object_lock_mode="GOVERNANCE", object_lock_retain_until_date="2021-12-31T23:59:60Z", - force_destroy=True) + force_destroy=True, + opts=pulumi.ResourceOptions(depends_on=[example_bucket_versioning_v2])) ``` @@ -1164,7 +1165,8 @@ def __init__(__self__, object_lock_legal_hold_status="ON", object_lock_mode="GOVERNANCE", object_lock_retain_until_date="2021-12-31T23:59:60Z", - force_destroy=True) + force_destroy=True, + opts=pulumi.ResourceOptions(depends_on=[example_bucket_versioning_v2])) ``` diff --git a/sdk/python/pulumi_aws/s3/bucket_objectv2.py b/sdk/python/pulumi_aws/s3/bucket_objectv2.py index faf0f6dfb9b..95208a68607 100644 --- a/sdk/python/pulumi_aws/s3/bucket_objectv2.py +++ b/sdk/python/pulumi_aws/s3/bucket_objectv2.py @@ -1140,7 +1140,8 @@ def __init__(__self__, object_lock_legal_hold_status="ON", object_lock_mode="GOVERNANCE", object_lock_retain_until_date="2021-12-31T23:59:60Z", - force_destroy=True) + force_destroy=True, + opts=pulumi.ResourceOptions(depends_on=[example_bucket_versioning_v2])) ``` @@ -1336,7 +1337,8 @@ def __init__(__self__, object_lock_legal_hold_status="ON", object_lock_mode="GOVERNANCE", object_lock_retain_until_date="2021-12-31T23:59:60Z", - force_destroy=True) + force_destroy=True, + opts=pulumi.ResourceOptions(depends_on=[example_bucket_versioning_v2])) ``` diff --git a/sdk/python/pulumi_aws/s3/bucket_replication_config.py b/sdk/python/pulumi_aws/s3/bucket_replication_config.py index 937485d8b6a..19b5dcbd9f5 100644 --- a/sdk/python/pulumi_aws/s3/bucket_replication_config.py +++ b/sdk/python/pulumi_aws/s3/bucket_replication_config.py @@ -257,7 +257,8 @@ def __init__(__self__, bucket=destination.arn, storage_class="STANDARD", ), - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[source_bucket_versioning_v2])) ``` @@ -294,7 +295,8 @@ def __init__(__self__, bucket=west.arn, storage_class="STANDARD", ), - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[east_bucket_versioning_v2])) west_to_east = aws.s3.BucketReplicationConfig("west_to_east", role=west_replication["arn"], bucket=west.id, @@ -308,7 +310,8 @@ def __init__(__self__, bucket=east.arn, storage_class="STANDARD", ), - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[west_bucket_versioning_v2])) ``` @@ -423,7 +426,8 @@ def __init__(__self__, bucket=destination.arn, storage_class="STANDARD", ), - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[source_bucket_versioning_v2])) ``` @@ -460,7 +464,8 @@ def __init__(__self__, bucket=west.arn, storage_class="STANDARD", ), - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[east_bucket_versioning_v2])) west_to_east = aws.s3.BucketReplicationConfig("west_to_east", role=west_replication["arn"], bucket=west.id, @@ -474,7 +479,8 @@ def __init__(__self__, bucket=east.arn, storage_class="STANDARD", ), - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[west_bucket_versioning_v2])) ``` diff --git a/sdk/python/pulumi_aws/s3control/access_grant.py b/sdk/python/pulumi_aws/s3control/access_grant.py index 77102288a15..c4aaf1c779f 100644 --- a/sdk/python/pulumi_aws/s3control/access_grant.py +++ b/sdk/python/pulumi_aws/s3control/access_grant.py @@ -341,7 +341,8 @@ def __init__(__self__, example = aws.s3control.AccessGrantsInstance("example") example_access_grants_location = aws.s3control.AccessGrantsLocation("example", iam_role_arn=example_aws_iam_role["arn"], - location_scope=f"s3://{example_aws_s3_bucket['bucket']}/prefixA*") + location_scope=f"s3://{example_aws_s3_bucket['bucket']}/prefixA*", + opts=pulumi.ResourceOptions(depends_on=[example])) example_access_grant = aws.s3control.AccessGrant("example", access_grants_location_id=example_access_grants_location.access_grants_location_id, permission="READ", @@ -393,7 +394,8 @@ def __init__(__self__, example = aws.s3control.AccessGrantsInstance("example") example_access_grants_location = aws.s3control.AccessGrantsLocation("example", iam_role_arn=example_aws_iam_role["arn"], - location_scope=f"s3://{example_aws_s3_bucket['bucket']}/prefixA*") + location_scope=f"s3://{example_aws_s3_bucket['bucket']}/prefixA*", + opts=pulumi.ResourceOptions(depends_on=[example])) example_access_grant = aws.s3control.AccessGrant("example", access_grants_location_id=example_access_grants_location.access_grants_location_id, permission="READ", diff --git a/sdk/python/pulumi_aws/s3control/access_grants_location.py b/sdk/python/pulumi_aws/s3control/access_grants_location.py index fbe9e8aa3a7..0c0ebfa6164 100644 --- a/sdk/python/pulumi_aws/s3control/access_grants_location.py +++ b/sdk/python/pulumi_aws/s3control/access_grants_location.py @@ -229,7 +229,8 @@ def __init__(__self__, example = aws.s3control.AccessGrantsInstance("example") example_access_grants_location = aws.s3control.AccessGrantsLocation("example", iam_role_arn=example_aws_iam_role["arn"], - location_scope="s3://") + location_scope="s3://", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -270,7 +271,8 @@ def __init__(__self__, example = aws.s3control.AccessGrantsInstance("example") example_access_grants_location = aws.s3control.AccessGrantsLocation("example", iam_role_arn=example_aws_iam_role["arn"], - location_scope="s3://") + location_scope="s3://", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/s3control/access_point_policy.py b/sdk/python/pulumi_aws/s3control/access_point_policy.py index b3308d8ef2d..0d5f79dd666 100644 --- a/sdk/python/pulumi_aws/s3control/access_point_policy.py +++ b/sdk/python/pulumi_aws/s3control/access_point_policy.py @@ -139,14 +139,14 @@ def __init__(__self__, example_access_point_policy = aws.s3control.AccessPointPolicy("example", access_point_arn=example_access_point.arn, policy=pulumi.Output.json_dumps({ - "version": "2008-10-17", - "statement": [{ - "effect": "Allow", - "action": "s3:GetObjectTagging", - "principal": { + "Version": "2008-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": "s3:GetObjectTagging", + "Principal": { "AWS": "*", }, - "resource": example_access_point.arn.apply(lambda arn: f"{arn}/object/*"), + "Resource": example_access_point.arn.apply(lambda arn: f"{arn}/object/*"), }], })) ``` @@ -197,14 +197,14 @@ def __init__(__self__, example_access_point_policy = aws.s3control.AccessPointPolicy("example", access_point_arn=example_access_point.arn, policy=pulumi.Output.json_dumps({ - "version": "2008-10-17", - "statement": [{ - "effect": "Allow", - "action": "s3:GetObjectTagging", - "principal": { + "Version": "2008-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": "s3:GetObjectTagging", + "Principal": { "AWS": "*", }, - "resource": example_access_point.arn.apply(lambda arn: f"{arn}/object/*"), + "Resource": example_access_point.arn.apply(lambda arn: f"{arn}/object/*"), }], })) ``` diff --git a/sdk/python/pulumi_aws/s3control/bucket_policy.py b/sdk/python/pulumi_aws/s3control/bucket_policy.py index 06074f9ee33..ac88ee94114 100644 --- a/sdk/python/pulumi_aws/s3control/bucket_policy.py +++ b/sdk/python/pulumi_aws/s3control/bucket_policy.py @@ -113,17 +113,17 @@ def __init__(__self__, example = aws.s3control.BucketPolicy("example", bucket=example_aws_s3control_bucket["arn"], policy=json.dumps({ - "id": "testBucketPolicy", - "statement": [{ - "action": "s3-outposts:PutBucketLifecycleConfiguration", - "effect": "Deny", - "principal": { + "Id": "testBucketPolicy", + "Statement": [{ + "Action": "s3-outposts:PutBucketLifecycleConfiguration", + "Effect": "Deny", + "Principal": { "AWS": "*", }, - "resource": example_aws_s3control_bucket["arn"], - "sid": "statement1", + "Resource": example_aws_s3control_bucket["arn"], + "Sid": "statement1", }], - "version": "2012-10-17", + "Version": "2012-10-17", })) ``` @@ -163,17 +163,17 @@ def __init__(__self__, example = aws.s3control.BucketPolicy("example", bucket=example_aws_s3control_bucket["arn"], policy=json.dumps({ - "id": "testBucketPolicy", - "statement": [{ - "action": "s3-outposts:PutBucketLifecycleConfiguration", - "effect": "Deny", - "principal": { + "Id": "testBucketPolicy", + "Statement": [{ + "Action": "s3-outposts:PutBucketLifecycleConfiguration", + "Effect": "Deny", + "Principal": { "AWS": "*", }, - "resource": example_aws_s3control_bucket["arn"], - "sid": "statement1", + "Resource": example_aws_s3control_bucket["arn"], + "Sid": "statement1", }], - "version": "2012-10-17", + "Version": "2012-10-17", })) ``` diff --git a/sdk/python/pulumi_aws/s3control/object_lambda_access_point_policy.py b/sdk/python/pulumi_aws/s3control/object_lambda_access_point_policy.py index 1225242bd40..527f104f8b9 100644 --- a/sdk/python/pulumi_aws/s3control/object_lambda_access_point_policy.py +++ b/sdk/python/pulumi_aws/s3control/object_lambda_access_point_policy.py @@ -178,14 +178,14 @@ def __init__(__self__, example_object_lambda_access_point_policy = aws.s3control.ObjectLambdaAccessPointPolicy("example", name=example_object_lambda_access_point.name, policy=pulumi.Output.json_dumps({ - "version": "2008-10-17", - "statement": [{ - "effect": "Allow", - "action": "s3-object-lambda:GetObject", - "principal": { + "Version": "2008-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": "s3-object-lambda:GetObject", + "Principal": { "AWS": current["accountId"], }, - "resource": example_object_lambda_access_point.arn, + "Resource": example_object_lambda_access_point.arn, }], })) ``` @@ -242,14 +242,14 @@ def __init__(__self__, example_object_lambda_access_point_policy = aws.s3control.ObjectLambdaAccessPointPolicy("example", name=example_object_lambda_access_point.name, policy=pulumi.Output.json_dumps({ - "version": "2008-10-17", - "statement": [{ - "effect": "Allow", - "action": "s3-object-lambda:GetObject", - "principal": { + "Version": "2008-10-17", + "Statement": [{ + "Effect": "Allow", + "Action": "s3-object-lambda:GetObject", + "Principal": { "AWS": current["accountId"], }, - "resource": example_object_lambda_access_point.arn, + "Resource": example_object_lambda_access_point.arn, }], })) ``` diff --git a/sdk/python/pulumi_aws/sagemaker/code_repository.py b/sdk/python/pulumi_aws/sagemaker/code_repository.py index 6a1e5fea711..9786c53d72a 100644 --- a/sdk/python/pulumi_aws/sagemaker/code_repository.py +++ b/sdk/python/pulumi_aws/sagemaker/code_repository.py @@ -210,7 +210,8 @@ def __init__(__self__, git_config=aws.sagemaker.CodeRepositoryGitConfigArgs( repository_url="https://github.com/github/docs.git", secret_arn=example.arn, - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_secret_version])) ``` @@ -274,7 +275,8 @@ def __init__(__self__, git_config=aws.sagemaker.CodeRepositoryGitConfigArgs( repository_url="https://github.com/github/docs.git", secret_arn=example.arn, - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_secret_version])) ``` diff --git a/sdk/python/pulumi_aws/sagemaker/pipeline.py b/sdk/python/pulumi_aws/sagemaker/pipeline.py index 0933a17fdde..4ad30e46ac7 100644 --- a/sdk/python/pulumi_aws/sagemaker/pipeline.py +++ b/sdk/python/pulumi_aws/sagemaker/pipeline.py @@ -353,12 +353,12 @@ def __init__(__self__, pipeline_display_name="example", role_arn=example_aws_iam_role["arn"], pipeline_definition=json.dumps({ - "version": "2020-12-01", - "steps": [{ - "name": "Test", - "type": "Fail", - "arguments": { - "errorMessage": "test", + "Version": "2020-12-01", + "Steps": [{ + "Name": "Test", + "Type": "Fail", + "Arguments": { + "ErrorMessage": "test", }, }], })) @@ -408,12 +408,12 @@ def __init__(__self__, pipeline_display_name="example", role_arn=example_aws_iam_role["arn"], pipeline_definition=json.dumps({ - "version": "2020-12-01", - "steps": [{ - "name": "Test", - "type": "Fail", - "arguments": { - "errorMessage": "test", + "Version": "2020-12-01", + "Steps": [{ + "Name": "Test", + "Type": "Fail", + "Arguments": { + "ErrorMessage": "test", }, }], })) diff --git a/sdk/python/pulumi_aws/scheduler/schedule.py b/sdk/python/pulumi_aws/scheduler/schedule.py index 06e0e8953f3..2d6859fde6c 100644 --- a/sdk/python/pulumi_aws/scheduler/schedule.py +++ b/sdk/python/pulumi_aws/scheduler/schedule.py @@ -501,8 +501,8 @@ def __init__(__self__, arn="arn:aws:scheduler:::aws-sdk:sqs:sendMessage", role_arn=example_aws_iam_role["arn"], input=pulumi.Output.json_dumps({ - "messageBody": "Greetings, programs!", - "queueUrl": example.url, + "MessageBody": "Greetings, programs!", + "QueueUrl": example.url, }), )) ``` @@ -588,8 +588,8 @@ def __init__(__self__, arn="arn:aws:scheduler:::aws-sdk:sqs:sendMessage", role_arn=example_aws_iam_role["arn"], input=pulumi.Output.json_dumps({ - "messageBody": "Greetings, programs!", - "queueUrl": example.url, + "MessageBody": "Greetings, programs!", + "QueueUrl": example.url, }), )) ``` diff --git a/sdk/python/pulumi_aws/securityhub/action_target.py b/sdk/python/pulumi_aws/securityhub/action_target.py index 0ca7073bbbd..aaf8941f5f3 100644 --- a/sdk/python/pulumi_aws/securityhub/action_target.py +++ b/sdk/python/pulumi_aws/securityhub/action_target.py @@ -160,7 +160,8 @@ def __init__(__self__, example_action_target = aws.securityhub.ActionTarget("example", name="Send notification to chat", identifier="SendToChat", - description="This is custom action sends selected findings to chat") + description="This is custom action sends selected findings to chat", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -198,7 +199,8 @@ def __init__(__self__, example_action_target = aws.securityhub.ActionTarget("example", name="Send notification to chat", identifier="SendToChat", - description="This is custom action sends selected findings to chat") + description="This is custom action sends selected findings to chat", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/securityhub/configuration_policy.py b/sdk/python/pulumi_aws/securityhub/configuration_policy.py index 1f925a31106..9e0b75d6e79 100644 --- a/sdk/python/pulumi_aws/securityhub/configuration_policy.py +++ b/sdk/python/pulumi_aws/securityhub/configuration_policy.py @@ -165,7 +165,8 @@ def __init__(__self__, auto_enable_standards="NONE", organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs( configuration_type="CENTRAL", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example])) example_configuration_policy = aws.securityhub.ConfigurationPolicy("example", name="Example", description="This is an example configuration policy", @@ -178,7 +179,8 @@ def __init__(__self__, security_controls_configuration=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs( disabled_control_identifiers=[], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_organization_configuration])) ``` @@ -195,7 +197,8 @@ def __init__(__self__, configuration_policy=aws.securityhub.ConfigurationPolicyConfigurationPolicyArgs( service_enabled=False, enabled_standard_arns=[], - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -252,7 +255,8 @@ def __init__(__self__, ), ], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -296,7 +300,8 @@ def __init__(__self__, auto_enable_standards="NONE", organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs( configuration_type="CENTRAL", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example])) example_configuration_policy = aws.securityhub.ConfigurationPolicy("example", name="Example", description="This is an example configuration policy", @@ -309,7 +314,8 @@ def __init__(__self__, security_controls_configuration=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs( disabled_control_identifiers=[], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_organization_configuration])) ``` @@ -326,7 +332,8 @@ def __init__(__self__, configuration_policy=aws.securityhub.ConfigurationPolicyConfigurationPolicyArgs( service_enabled=False, enabled_standard_arns=[], - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -383,7 +390,8 @@ def __init__(__self__, ), ], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/securityhub/configuration_policy_association.py b/sdk/python/pulumi_aws/securityhub/configuration_policy_association.py index c9e0ecb9e77..573e581a292 100644 --- a/sdk/python/pulumi_aws/securityhub/configuration_policy_association.py +++ b/sdk/python/pulumi_aws/securityhub/configuration_policy_association.py @@ -115,7 +115,8 @@ def __init__(__self__, auto_enable_standards="NONE", organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs( configuration_type="CENTRAL", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example])) example_configuration_policy = aws.securityhub.ConfigurationPolicy("example", name="Example", description="This is an example configuration policy", @@ -128,7 +129,8 @@ def __init__(__self__, security_controls_configuration=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs( disabled_control_identifiers=[], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_organization_configuration])) account_example = aws.securityhub.ConfigurationPolicyAssociation("account_example", target_id="123456789012", policy_id=example_configuration_policy.id) @@ -178,7 +180,8 @@ def __init__(__self__, auto_enable_standards="NONE", organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs( configuration_type="CENTRAL", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example])) example_configuration_policy = aws.securityhub.ConfigurationPolicy("example", name="Example", description="This is an example configuration policy", @@ -191,7 +194,8 @@ def __init__(__self__, security_controls_configuration=aws.securityhub.ConfigurationPolicyConfigurationPolicySecurityControlsConfigurationArgs( disabled_control_identifiers=[], ), - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_organization_configuration])) account_example = aws.securityhub.ConfigurationPolicyAssociation("account_example", target_id="123456789012", policy_id=example_configuration_policy.id) diff --git a/sdk/python/pulumi_aws/securityhub/finding_aggregator.py b/sdk/python/pulumi_aws/securityhub/finding_aggregator.py index d5acd79296d..b118f33e443 100644 --- a/sdk/python/pulumi_aws/securityhub/finding_aggregator.py +++ b/sdk/python/pulumi_aws/securityhub/finding_aggregator.py @@ -113,7 +113,8 @@ def __init__(__self__, import pulumi_aws as aws example = aws.securityhub.Account("example") - example_finding_aggregator = aws.securityhub.FindingAggregator("example", linking_mode="ALL_REGIONS") + example_finding_aggregator = aws.securityhub.FindingAggregator("example", linking_mode="ALL_REGIONS", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -132,7 +133,8 @@ def __init__(__self__, specified_regions=[ "eu-west-1", "eu-west-2", - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -151,7 +153,8 @@ def __init__(__self__, specified_regions=[ "eu-west-1", "eu-west-2", - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -189,7 +192,8 @@ def __init__(__self__, import pulumi_aws as aws example = aws.securityhub.Account("example") - example_finding_aggregator = aws.securityhub.FindingAggregator("example", linking_mode="ALL_REGIONS") + example_finding_aggregator = aws.securityhub.FindingAggregator("example", linking_mode="ALL_REGIONS", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -208,7 +212,8 @@ def __init__(__self__, specified_regions=[ "eu-west-1", "eu-west-2", - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -227,7 +232,8 @@ def __init__(__self__, specified_regions=[ "eu-west-1", "eu-west-2", - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/securityhub/insight.py b/sdk/python/pulumi_aws/securityhub/insight.py index 8514b40c583..2bde9159d64 100644 --- a/sdk/python/pulumi_aws/securityhub/insight.py +++ b/sdk/python/pulumi_aws/securityhub/insight.py @@ -175,7 +175,8 @@ def __init__(__self__, ], ), group_by_attribute="AwsAccountId", - name="example-insight") + name="example-insight", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -197,7 +198,8 @@ def __init__(__self__, )], ), group_by_attribute="CreatedAt", - name="example-insight") + name="example-insight", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -216,7 +218,8 @@ def __init__(__self__, )], ), group_by_attribute="NetworkDestinationIpV4", - name="example-insight") + name="example-insight", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -235,7 +238,8 @@ def __init__(__self__, )], ), group_by_attribute="Confidence", - name="example-insight") + name="example-insight", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -256,7 +260,8 @@ def __init__(__self__, )], ), group_by_attribute="ResourceTags", - name="example-insight") + name="example-insight", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -307,7 +312,8 @@ def __init__(__self__, ], ), group_by_attribute="AwsAccountId", - name="example-insight") + name="example-insight", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -329,7 +335,8 @@ def __init__(__self__, )], ), group_by_attribute="CreatedAt", - name="example-insight") + name="example-insight", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -348,7 +355,8 @@ def __init__(__self__, )], ), group_by_attribute="NetworkDestinationIpV4", - name="example-insight") + name="example-insight", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -367,7 +375,8 @@ def __init__(__self__, )], ), group_by_attribute="Confidence", - name="example-insight") + name="example-insight", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -388,7 +397,8 @@ def __init__(__self__, )], ), group_by_attribute="ResourceTags", - name="example-insight") + name="example-insight", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/securityhub/invite_accepter.py b/sdk/python/pulumi_aws/securityhub/invite_accepter.py index 9ef0ef70a6f..7e2e6d0f948 100644 --- a/sdk/python/pulumi_aws/securityhub/invite_accepter.py +++ b/sdk/python/pulumi_aws/securityhub/invite_accepter.py @@ -99,7 +99,8 @@ def __init__(__self__, email="example@example.com", invite=True) invitee = aws.securityhub.Account("invitee") - invitee_invite_accepter = aws.securityhub.InviteAccepter("invitee", master_id=example_member.master_id) + invitee_invite_accepter = aws.securityhub.InviteAccepter("invitee", master_id=example_member.master_id, + opts=pulumi.ResourceOptions(depends_on=[invitee])) ``` @@ -139,7 +140,8 @@ def __init__(__self__, email="example@example.com", invite=True) invitee = aws.securityhub.Account("invitee") - invitee_invite_accepter = aws.securityhub.InviteAccepter("invitee", master_id=example_member.master_id) + invitee_invite_accepter = aws.securityhub.InviteAccepter("invitee", master_id=example_member.master_id, + opts=pulumi.ResourceOptions(depends_on=[invitee])) ``` diff --git a/sdk/python/pulumi_aws/securityhub/member.py b/sdk/python/pulumi_aws/securityhub/member.py index a7dd3b1a9a3..745b759aac1 100644 --- a/sdk/python/pulumi_aws/securityhub/member.py +++ b/sdk/python/pulumi_aws/securityhub/member.py @@ -177,7 +177,8 @@ def __init__(__self__, example_member = aws.securityhub.Member("example", account_id="123456789012", email="example@example.com", - invite=True) + invite=True, + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -215,7 +216,8 @@ def __init__(__self__, example_member = aws.securityhub.Member("example", account_id="123456789012", email="example@example.com", - invite=True) + invite=True, + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/securityhub/organization_admin_account.py b/sdk/python/pulumi_aws/securityhub/organization_admin_account.py index afd9c9665cb..5a50fb378e9 100644 --- a/sdk/python/pulumi_aws/securityhub/organization_admin_account.py +++ b/sdk/python/pulumi_aws/securityhub/organization_admin_account.py @@ -79,7 +79,8 @@ def __init__(__self__, aws_service_access_principals=["securityhub.amazonaws.com"], feature_set="ALL") example_account = aws.securityhub.Account("example") - example_organization_admin_account = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012") + example_organization_admin_account = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012", + opts=pulumi.ResourceOptions(depends_on=[example])) # Auto enable security hub in organization member accounts example_organization_configuration = aws.securityhub.OrganizationConfiguration("example", auto_enable=True) ``` @@ -117,7 +118,8 @@ def __init__(__self__, aws_service_access_principals=["securityhub.amazonaws.com"], feature_set="ALL") example_account = aws.securityhub.Account("example") - example_organization_admin_account = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012") + example_organization_admin_account = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012", + opts=pulumi.ResourceOptions(depends_on=[example])) # Auto enable security hub in organization member accounts example_organization_configuration = aws.securityhub.OrganizationConfiguration("example", auto_enable=True) ``` diff --git a/sdk/python/pulumi_aws/securityhub/organization_configuration.py b/sdk/python/pulumi_aws/securityhub/organization_configuration.py index 697fb03b06c..ed717988aac 100644 --- a/sdk/python/pulumi_aws/securityhub/organization_configuration.py +++ b/sdk/python/pulumi_aws/securityhub/organization_configuration.py @@ -156,7 +156,8 @@ def __init__(__self__, example = aws.organizations.Organization("example", aws_service_access_principals=["securityhub.amazonaws.com"], feature_set="ALL") - example_organization_admin_account = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012") + example_organization_admin_account = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012", + opts=pulumi.ResourceOptions(depends_on=[example])) example_organization_configuration = aws.securityhub.OrganizationConfiguration("example", auto_enable=True) ``` @@ -168,14 +169,17 @@ def __init__(__self__, import pulumi import pulumi_aws as aws - example = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012") - example_finding_aggregator = aws.securityhub.FindingAggregator("example", linking_mode="ALL_REGIONS") + example = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012", + opts=pulumi.ResourceOptions(depends_on=[example_aws_organizations_organization])) + example_finding_aggregator = aws.securityhub.FindingAggregator("example", linking_mode="ALL_REGIONS", + opts=pulumi.ResourceOptions(depends_on=[example])) example_organization_configuration = aws.securityhub.OrganizationConfiguration("example", auto_enable=False, auto_enable_standards="NONE", organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs( configuration_type="CENTRAL", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_finding_aggregator])) ``` @@ -222,7 +226,8 @@ def __init__(__self__, example = aws.organizations.Organization("example", aws_service_access_principals=["securityhub.amazonaws.com"], feature_set="ALL") - example_organization_admin_account = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012") + example_organization_admin_account = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012", + opts=pulumi.ResourceOptions(depends_on=[example])) example_organization_configuration = aws.securityhub.OrganizationConfiguration("example", auto_enable=True) ``` @@ -234,14 +239,17 @@ def __init__(__self__, import pulumi import pulumi_aws as aws - example = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012") - example_finding_aggregator = aws.securityhub.FindingAggregator("example", linking_mode="ALL_REGIONS") + example = aws.securityhub.OrganizationAdminAccount("example", admin_account_id="123456789012", + opts=pulumi.ResourceOptions(depends_on=[example_aws_organizations_organization])) + example_finding_aggregator = aws.securityhub.FindingAggregator("example", linking_mode="ALL_REGIONS", + opts=pulumi.ResourceOptions(depends_on=[example])) example_organization_configuration = aws.securityhub.OrganizationConfiguration("example", auto_enable=False, auto_enable_standards="NONE", organization_configuration=aws.securityhub.OrganizationConfigurationOrganizationConfigurationArgs( configuration_type="CENTRAL", - )) + ), + opts=pulumi.ResourceOptions(depends_on=[example_finding_aggregator])) ``` diff --git a/sdk/python/pulumi_aws/securityhub/product_subscription.py b/sdk/python/pulumi_aws/securityhub/product_subscription.py index 2d3035caf10..06c6b4f7fd3 100644 --- a/sdk/python/pulumi_aws/securityhub/product_subscription.py +++ b/sdk/python/pulumi_aws/securityhub/product_subscription.py @@ -245,7 +245,8 @@ def __init__(__self__, example = aws.securityhub.Account("example") current = aws.get_region() - example_product_subscription = aws.securityhub.ProductSubscription("example", product_arn=f"arn:aws:securityhub:{current.name}:733251395267:product/alertlogic/althreatmanagement") + example_product_subscription = aws.securityhub.ProductSubscription("example", product_arn=f"arn:aws:securityhub:{current.name}:733251395267:product/alertlogic/althreatmanagement", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -317,7 +318,8 @@ def __init__(__self__, example = aws.securityhub.Account("example") current = aws.get_region() - example_product_subscription = aws.securityhub.ProductSubscription("example", product_arn=f"arn:aws:securityhub:{current.name}:733251395267:product/alertlogic/althreatmanagement") + example_product_subscription = aws.securityhub.ProductSubscription("example", product_arn=f"arn:aws:securityhub:{current.name}:733251395267:product/alertlogic/althreatmanagement", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/securityhub/standards_control.py b/sdk/python/pulumi_aws/securityhub/standards_control.py index e4ddc1a4067..64174b8fd02 100644 --- a/sdk/python/pulumi_aws/securityhub/standards_control.py +++ b/sdk/python/pulumi_aws/securityhub/standards_control.py @@ -257,11 +257,13 @@ def __init__(__self__, import pulumi_aws as aws example = aws.securityhub.Account("example") - cis_aws_foundations_benchmark = aws.securityhub.StandardsSubscription("cis_aws_foundations_benchmark", standards_arn="arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0") + cis_aws_foundations_benchmark = aws.securityhub.StandardsSubscription("cis_aws_foundations_benchmark", standards_arn="arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", + opts=pulumi.ResourceOptions(depends_on=[example])) ensure_iam_password_policy_prevents_password_reuse = aws.securityhub.StandardsControl("ensure_iam_password_policy_prevents_password_reuse", standards_control_arn="arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10", control_status="DISABLED", - disabled_reason="We handle password policies within Okta") + disabled_reason="We handle password policies within Okta", + opts=pulumi.ResourceOptions(depends_on=[cis_aws_foundations_benchmark])) ``` @@ -292,11 +294,13 @@ def __init__(__self__, import pulumi_aws as aws example = aws.securityhub.Account("example") - cis_aws_foundations_benchmark = aws.securityhub.StandardsSubscription("cis_aws_foundations_benchmark", standards_arn="arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0") + cis_aws_foundations_benchmark = aws.securityhub.StandardsSubscription("cis_aws_foundations_benchmark", standards_arn="arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", + opts=pulumi.ResourceOptions(depends_on=[example])) ensure_iam_password_policy_prevents_password_reuse = aws.securityhub.StandardsControl("ensure_iam_password_policy_prevents_password_reuse", standards_control_arn="arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10", control_status="DISABLED", - disabled_reason="We handle password policies within Okta") + disabled_reason="We handle password policies within Okta", + opts=pulumi.ResourceOptions(depends_on=[cis_aws_foundations_benchmark])) ``` diff --git a/sdk/python/pulumi_aws/securityhub/standards_subscription.py b/sdk/python/pulumi_aws/securityhub/standards_subscription.py index ce24194c670..b03ec0eebb5 100644 --- a/sdk/python/pulumi_aws/securityhub/standards_subscription.py +++ b/sdk/python/pulumi_aws/securityhub/standards_subscription.py @@ -117,8 +117,10 @@ def __init__(__self__, example = aws.securityhub.Account("example") current = aws.get_region() - cis = aws.securityhub.StandardsSubscription("cis", standards_arn="arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0") - pci321 = aws.securityhub.StandardsSubscription("pci_321", standards_arn=f"arn:aws:securityhub:{current.name}::standards/pci-dss/v/3.2.1") + cis = aws.securityhub.StandardsSubscription("cis", standards_arn="arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", + opts=pulumi.ResourceOptions(depends_on=[example])) + pci321 = aws.securityhub.StandardsSubscription("pci_321", standards_arn=f"arn:aws:securityhub:{current.name}::standards/pci-dss/v/3.2.1", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` @@ -168,8 +170,10 @@ def __init__(__self__, example = aws.securityhub.Account("example") current = aws.get_region() - cis = aws.securityhub.StandardsSubscription("cis", standards_arn="arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0") - pci321 = aws.securityhub.StandardsSubscription("pci_321", standards_arn=f"arn:aws:securityhub:{current.name}::standards/pci-dss/v/3.2.1") + cis = aws.securityhub.StandardsSubscription("cis", standards_arn="arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", + opts=pulumi.ResourceOptions(depends_on=[example])) + pci321 = aws.securityhub.StandardsSubscription("pci_321", standards_arn=f"arn:aws:securityhub:{current.name}::standards/pci-dss/v/3.2.1", + opts=pulumi.ResourceOptions(depends_on=[example])) ``` diff --git a/sdk/python/pulumi_aws/ses/domain_identity_verification.py b/sdk/python/pulumi_aws/ses/domain_identity_verification.py index c7fdef31832..1e043aa7a70 100644 --- a/sdk/python/pulumi_aws/ses/domain_identity_verification.py +++ b/sdk/python/pulumi_aws/ses/domain_identity_verification.py @@ -104,7 +104,8 @@ def __init__(__self__, type=aws.route53.RecordType.TXT, ttl=600, records=[example.verification_token]) - example_verification = aws.ses.DomainIdentityVerification("example_verification", domain=example.id) + example_verification = aws.ses.DomainIdentityVerification("example_verification", domain=example.id, + opts=pulumi.ResourceOptions(depends_on=[example_amazonses_verification_record])) ``` @@ -141,7 +142,8 @@ def __init__(__self__, type=aws.route53.RecordType.TXT, ttl=600, records=[example.verification_token]) - example_verification = aws.ses.DomainIdentityVerification("example_verification", domain=example.id) + example_verification = aws.ses.DomainIdentityVerification("example_verification", domain=example.id, + opts=pulumi.ResourceOptions(depends_on=[example_amazonses_verification_record])) ``` diff --git a/sdk/python/pulumi_aws/shield/drt_access_role_arn_association.py b/sdk/python/pulumi_aws/shield/drt_access_role_arn_association.py index 3ab5d4885fd..658859505d9 100644 --- a/sdk/python/pulumi_aws/shield/drt_access_role_arn_association.py +++ b/sdk/python/pulumi_aws/shield/drt_access_role_arn_association.py @@ -109,8 +109,8 @@ def __init__(__self__, test = aws.iam.Role("test", name=aws_shield_drt_access_role_arn, assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ + "Version": "2012-10-17", + "Statement": [{ "Sid": "", "Effect": "Allow", "Principal": { @@ -161,8 +161,8 @@ def __init__(__self__, test = aws.iam.Role("test", name=aws_shield_drt_access_role_arn, assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ + "Version": "2012-10-17", + "Statement": [{ "Sid": "", "Effect": "Allow", "Principal": { diff --git a/sdk/python/pulumi_aws/shield/proactive_engagement.py b/sdk/python/pulumi_aws/shield/proactive_engagement.py index 08c09c223e0..e594791251b 100644 --- a/sdk/python/pulumi_aws/shield/proactive_engagement.py +++ b/sdk/python/pulumi_aws/shield/proactive_engagement.py @@ -117,8 +117,8 @@ def __init__(__self__, example = aws.iam.Role("example", name=aws_shield_drt_access_role_arn, assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ + "Version": "2012-10-17", + "Statement": [{ "Sid": "", "Effect": "Allow", "Principal": { @@ -148,7 +148,8 @@ def __init__(__self__, email_address="test2@company.com", phone_number="+12358132134", ), - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[test_aws_shield_drt_access_role_arn_association])) ``` @@ -188,8 +189,8 @@ def __init__(__self__, example = aws.iam.Role("example", name=aws_shield_drt_access_role_arn, assume_role_policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ + "Version": "2012-10-17", + "Statement": [{ "Sid": "", "Effect": "Allow", "Principal": { @@ -219,7 +220,8 @@ def __init__(__self__, email_address="test2@company.com", phone_number="+12358132134", ), - ]) + ], + opts=pulumi.ResourceOptions(depends_on=[test_aws_shield_drt_access_role_arn_association])) ``` diff --git a/sdk/python/pulumi_aws/shield/protection_group.py b/sdk/python/pulumi_aws/shield/protection_group.py index 5d248568e1c..5b5cc13716c 100644 --- a/sdk/python/pulumi_aws/shield/protection_group.py +++ b/sdk/python/pulumi_aws/shield/protection_group.py @@ -304,7 +304,8 @@ def __init__(__self__, protection_group_id="example", aggregation="MEAN", pattern="ARBITRARY", - members=[example.id.apply(lambda id: f"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}")]) + members=[example.id.apply(lambda id: f"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}")], + opts=pulumi.ResourceOptions(depends_on=[example_protection])) ``` @@ -384,7 +385,8 @@ def __init__(__self__, protection_group_id="example", aggregation="MEAN", pattern="ARBITRARY", - members=[example.id.apply(lambda id: f"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}")]) + members=[example.id.apply(lambda id: f"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}")], + opts=pulumi.ResourceOptions(depends_on=[example_protection])) ``` diff --git a/sdk/python/pulumi_aws/ssm/activation.py b/sdk/python/pulumi_aws/ssm/activation.py index 93c218129f0..7bcacc2a849 100644 --- a/sdk/python/pulumi_aws/ssm/activation.py +++ b/sdk/python/pulumi_aws/ssm/activation.py @@ -328,7 +328,8 @@ def __init__(__self__, name="test_ssm_activation", description="Test", iam_role=test_role.id, - registration_limit=5) + registration_limit=5, + opts=pulumi.ResourceOptions(depends_on=[test_attach])) ``` @@ -384,7 +385,8 @@ def __init__(__self__, name="test_ssm_activation", description="Test", iam_role=test_role.id, - registration_limit=5) + registration_limit=5, + opts=pulumi.ResourceOptions(depends_on=[test_attach])) ``` diff --git a/sdk/python/pulumi_aws/ssm/contacts_rotation.py b/sdk/python/pulumi_aws/ssm/contacts_rotation.py index 35364c4bc20..4ca2f6d96b5 100644 --- a/sdk/python/pulumi_aws/ssm/contacts_rotation.py +++ b/sdk/python/pulumi_aws/ssm/contacts_rotation.py @@ -298,7 +298,8 @@ def __init__(__self__, minute_of_hour=0, )], ), - time_zone_id="Australia/Sydney") + time_zone_id="Australia/Sydney", + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -350,7 +351,8 @@ def __init__(__self__, tags={ "key1": "tag1", "key2": "tag2", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -384,7 +386,8 @@ def __init__(__self__, ), ], ), - time_zone_id="Australia/Sydney") + time_zone_id="Australia/Sydney", + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -434,7 +437,8 @@ def __init__(__self__, minute_of_hour=0, )], ), - time_zone_id="Australia/Sydney") + time_zone_id="Australia/Sydney", + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -486,7 +490,8 @@ def __init__(__self__, tags={ "key1": "tag1", "key2": "tag2", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -520,7 +525,8 @@ def __init__(__self__, ), ], ), - time_zone_id="Australia/Sydney") + time_zone_id="Australia/Sydney", + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` diff --git a/sdk/python/pulumi_aws/ssmcontacts/contact.py b/sdk/python/pulumi_aws/ssmcontacts/contact.py index 8a3574ae1b6..c1c9312400e 100644 --- a/sdk/python/pulumi_aws/ssmcontacts/contact.py +++ b/sdk/python/pulumi_aws/ssmcontacts/contact.py @@ -227,7 +227,8 @@ def __init__(__self__, example = aws.ssmcontacts.Contact("example", alias="alias", - type="PERSONAL") + type="PERSONAL", + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -244,7 +245,8 @@ def __init__(__self__, type="ESCALATION", tags={ "key": "value", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -286,7 +288,8 @@ def __init__(__self__, example = aws.ssmcontacts.Contact("example", alias="alias", - type="PERSONAL") + type="PERSONAL", + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -303,7 +306,8 @@ def __init__(__self__, type="ESCALATION", tags={ "key": "value", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` diff --git a/sdk/python/pulumi_aws/ssmincidents/response_plan.py b/sdk/python/pulumi_aws/ssmincidents/response_plan.py index 89b31497dac..b61889ddaba 100644 --- a/sdk/python/pulumi_aws/ssmincidents/response_plan.py +++ b/sdk/python/pulumi_aws/ssmincidents/response_plan.py @@ -348,7 +348,8 @@ def __init__(__self__, ), tags={ "key": "value", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -415,7 +416,8 @@ def __init__(__self__, ), tags={ "key": "value", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -463,7 +465,8 @@ def __init__(__self__, ), tags={ "key": "value", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` @@ -530,7 +533,8 @@ def __init__(__self__, ), tags={ "key": "value", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[example_aws_ssmincidents_replication_set])) ``` diff --git a/sdk/python/pulumi_aws/storagegateway/file_system_association.py b/sdk/python/pulumi_aws/storagegateway/file_system_association.py index 0b8a908178a..013cb1d2c3f 100644 --- a/sdk/python/pulumi_aws/storagegateway/file_system_association.py +++ b/sdk/python/pulumi_aws/storagegateway/file_system_association.py @@ -334,7 +334,11 @@ def __init__(__self__, associate_public_ip_address=True, instance_type=aws.ec2.InstanceType(available["instanceType"]), vpc_security_group_ids=[test_aws_security_group["id"]], - subnet_id=test_aws_subnet[0]["id"]) + subnet_id=test_aws_subnet[0]["id"], + opts=pulumi.ResourceOptions(depends_on=[ + test_aws_route, + test_aws_vpc_dhcp_options_association, + ])) test_gateway = aws.storagegateway.Gateway("test", gateway_ip_address=test.public_ip, gateway_name="test-sgw", @@ -422,7 +426,11 @@ def __init__(__self__, associate_public_ip_address=True, instance_type=aws.ec2.InstanceType(available["instanceType"]), vpc_security_group_ids=[test_aws_security_group["id"]], - subnet_id=test_aws_subnet[0]["id"]) + subnet_id=test_aws_subnet[0]["id"], + opts=pulumi.ResourceOptions(depends_on=[ + test_aws_route, + test_aws_vpc_dhcp_options_association, + ])) test_gateway = aws.storagegateway.Gateway("test", gateway_ip_address=test.public_ip, gateway_name="test-sgw", diff --git a/sdk/python/pulumi_aws/transcribe/language_model.py b/sdk/python/pulumi_aws/transcribe/language_model.py index cbec7f5880c..16d1e6d8cb4 100644 --- a/sdk/python/pulumi_aws/transcribe/language_model.py +++ b/sdk/python/pulumi_aws/transcribe/language_model.py @@ -259,14 +259,14 @@ def __init__(__self__, name="example", role=example_role.id, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Action": [ "s3:GetObject", "s3:ListBucket", ], - "effect": "Allow", - "resource": ["*"], + "Effect": "Allow", + "Resource": ["*"], }], })) example_bucket_v2 = aws.s3.BucketV2("example", @@ -341,14 +341,14 @@ def __init__(__self__, name="example", role=example_role.id, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": [ + "Version": "2012-10-17", + "Statement": [{ + "Action": [ "s3:GetObject", "s3:ListBucket", ], - "effect": "Allow", - "resource": ["*"], + "Effect": "Allow", + "Resource": ["*"], }], })) example_bucket_v2 = aws.s3.BucketV2("example", diff --git a/sdk/python/pulumi_aws/transcribe/medical_vocabulary.py b/sdk/python/pulumi_aws/transcribe/medical_vocabulary.py index 265ce26d9a9..2b71125a7c6 100644 --- a/sdk/python/pulumi_aws/transcribe/medical_vocabulary.py +++ b/sdk/python/pulumi_aws/transcribe/medical_vocabulary.py @@ -246,7 +246,8 @@ def __init__(__self__, tags={ "tag1": "value1", "tag2": "value3", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[object])) ``` @@ -299,7 +300,8 @@ def __init__(__self__, tags={ "tag1": "value1", "tag2": "value3", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[object])) ``` diff --git a/sdk/python/pulumi_aws/transcribe/vocabulary.py b/sdk/python/pulumi_aws/transcribe/vocabulary.py index 8f6ffb590bd..578716c529d 100644 --- a/sdk/python/pulumi_aws/transcribe/vocabulary.py +++ b/sdk/python/pulumi_aws/transcribe/vocabulary.py @@ -280,7 +280,8 @@ def __init__(__self__, tags={ "tag1": "value1", "tag2": "value3", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[object])) ``` @@ -334,7 +335,8 @@ def __init__(__self__, tags={ "tag1": "value1", "tag2": "value3", - }) + }, + opts=pulumi.ResourceOptions(depends_on=[object])) ``` diff --git a/sdk/python/pulumi_aws/vpclattice/auth_policy.py b/sdk/python/pulumi_aws/vpclattice/auth_policy.py index 017231aef6a..2b5c82f0d38 100644 --- a/sdk/python/pulumi_aws/vpclattice/auth_policy.py +++ b/sdk/python/pulumi_aws/vpclattice/auth_policy.py @@ -150,14 +150,14 @@ def __init__(__self__, example_auth_policy = aws.vpclattice.AuthPolicy("example", resource_identifier=example.arn, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "*", - "effect": "Allow", - "principal": "*", - "resource": "*", - "condition": { - "stringNotEqualsIgnoreCase": { + "Version": "2012-10-17", + "Statement": [{ + "Action": "*", + "Effect": "Allow", + "Principal": "*", + "Resource": "*", + "Condition": { + "StringNotEqualsIgnoreCase": { "aws:PrincipalType": "anonymous", }, }, @@ -206,14 +206,14 @@ def __init__(__self__, example_auth_policy = aws.vpclattice.AuthPolicy("example", resource_identifier=example.arn, policy=json.dumps({ - "version": "2012-10-17", - "statement": [{ - "action": "*", - "effect": "Allow", - "principal": "*", - "resource": "*", - "condition": { - "stringNotEqualsIgnoreCase": { + "Version": "2012-10-17", + "Statement": [{ + "Action": "*", + "Effect": "Allow", + "Principal": "*", + "Resource": "*", + "Condition": { + "StringNotEqualsIgnoreCase": { "aws:PrincipalType": "anonymous", }, }, diff --git a/sdk/python/pulumi_aws/vpclattice/resource_policy.py b/sdk/python/pulumi_aws/vpclattice/resource_policy.py index ae934c5a482..06da540ebf5 100644 --- a/sdk/python/pulumi_aws/vpclattice/resource_policy.py +++ b/sdk/python/pulumi_aws/vpclattice/resource_policy.py @@ -116,19 +116,19 @@ def __init__(__self__, example_resource_policy = aws.vpclattice.ResourcePolicy("example", resource_arn=example.arn, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "sid": "test-pol-principals-6", - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Sid": "test-pol-principals-6", + "Effect": "Allow", + "Principal": { "AWS": f"arn:{current_get_partition.partition}:iam::{current.account_id}:root", }, - "action": [ + "Action": [ "vpc-lattice:CreateServiceNetworkVpcAssociation", "vpc-lattice:CreateServiceNetworkServiceAssociation", "vpc-lattice:GetServiceNetwork", ], - "resource": example.arn, + "Resource": example.arn, }], })) ``` @@ -172,19 +172,19 @@ def __init__(__self__, example_resource_policy = aws.vpclattice.ResourcePolicy("example", resource_arn=example.arn, policy=pulumi.Output.json_dumps({ - "version": "2012-10-17", - "statement": [{ - "sid": "test-pol-principals-6", - "effect": "Allow", - "principal": { + "Version": "2012-10-17", + "Statement": [{ + "Sid": "test-pol-principals-6", + "Effect": "Allow", + "Principal": { "AWS": f"arn:{current_get_partition.partition}:iam::{current.account_id}:root", }, - "action": [ + "Action": [ "vpc-lattice:CreateServiceNetworkVpcAssociation", "vpc-lattice:CreateServiceNetworkServiceAssociation", "vpc-lattice:GetServiceNetwork", ], - "resource": example.arn, + "Resource": example.arn, }], })) ``` diff --git a/sdk/python/pulumi_aws/waf/rate_based_rule.py b/sdk/python/pulumi_aws/waf/rate_based_rule.py index 00a548b8a0c..323e9190ce4 100644 --- a/sdk/python/pulumi_aws/waf/rate_based_rule.py +++ b/sdk/python/pulumi_aws/waf/rate_based_rule.py @@ -293,7 +293,8 @@ def __init__(__self__, data_id=ipset.id, negated=False, type="IPMatch", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[ipset])) ``` @@ -345,7 +346,8 @@ def __init__(__self__, data_id=ipset.id, negated=False, type="IPMatch", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[ipset])) ``` diff --git a/sdk/python/pulumi_aws/waf/rule.py b/sdk/python/pulumi_aws/waf/rule.py index c9490e93d0f..cf1dde46635 100644 --- a/sdk/python/pulumi_aws/waf/rule.py +++ b/sdk/python/pulumi_aws/waf/rule.py @@ -227,7 +227,8 @@ def __init__(__self__, data_id=ipset.id, negated=False, type="IPMatch", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[ipset])) ``` @@ -275,7 +276,8 @@ def __init__(__self__, data_id=ipset.id, negated=False, type="IPMatch", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[ipset])) ``` diff --git a/sdk/python/pulumi_aws/waf/web_acl.py b/sdk/python/pulumi_aws/waf/web_acl.py index c9532699cda..1cc9e6bea9c 100644 --- a/sdk/python/pulumi_aws/waf/web_acl.py +++ b/sdk/python/pulumi_aws/waf/web_acl.py @@ -294,7 +294,8 @@ def __init__(__self__, data_id=ipset.id, negated=False, type="IPMatch", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[ipset])) waf_acl = aws.waf.WebAcl("waf_acl", name="tfWebACL", metric_name="tfWebACL", @@ -308,7 +309,11 @@ def __init__(__self__, priority=1, rule_id=wafrule.id, type="REGULAR", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[ + ipset, + wafrule, + ])) ``` @@ -386,7 +391,8 @@ def __init__(__self__, data_id=ipset.id, negated=False, type="IPMatch", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[ipset])) waf_acl = aws.waf.WebAcl("waf_acl", name="tfWebACL", metric_name="tfWebACL", @@ -400,7 +406,11 @@ def __init__(__self__, priority=1, rule_id=wafrule.id, type="REGULAR", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[ + ipset, + wafrule, + ])) ``` diff --git a/sdk/python/pulumi_aws/wafregional/rate_based_rule.py b/sdk/python/pulumi_aws/wafregional/rate_based_rule.py index 21a8feae5f6..8f28bc0dfe5 100644 --- a/sdk/python/pulumi_aws/wafregional/rate_based_rule.py +++ b/sdk/python/pulumi_aws/wafregional/rate_based_rule.py @@ -293,7 +293,8 @@ def __init__(__self__, data_id=ipset.id, negated=False, type="IPMatch", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[ipset])) ``` @@ -345,7 +346,8 @@ def __init__(__self__, data_id=ipset.id, negated=False, type="IPMatch", - )]) + )], + opts=pulumi.ResourceOptions(depends_on=[ipset])) ``` diff --git a/sdk/python/pulumi_aws/workspaces/directory.py b/sdk/python/pulumi_aws/workspaces/directory.py index 6376002fde7..b7a9656eb75 100644 --- a/sdk/python/pulumi_aws/workspaces/directory.py +++ b/sdk/python/pulumi_aws/workspaces/directory.py @@ -447,6 +447,22 @@ def __init__(__self__, example_b.id, ], )) + workspaces = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( + actions=["sts:AssumeRole"], + principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs( + type="Service", + identifiers=["workspaces.amazonaws.com"], + )], + )]) + workspaces_default = aws.iam.Role("workspaces_default", + name="workspaces_DefaultRole", + assume_role_policy=workspaces.json) + workspaces_default_service_access = aws.iam.RolePolicyAttachment("workspaces_default_service_access", + role=workspaces_default.name, + policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess") + workspaces_default_self_service_access = aws.iam.RolePolicyAttachment("workspaces_default_self_service_access", + role=workspaces_default.name, + policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess") example_c = aws.ec2.Subnet("example_c", vpc_id=example_vpc.id, availability_zone="us-east-1c", @@ -487,23 +503,11 @@ def __init__(__self__, enable_internet_access=True, enable_maintenance_mode=True, user_enabled_as_local_administrator=True, - )) - workspaces = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( - actions=["sts:AssumeRole"], - principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs( - type="Service", - identifiers=["workspaces.amazonaws.com"], - )], - )]) - workspaces_default = aws.iam.Role("workspaces_default", - name="workspaces_DefaultRole", - assume_role_policy=workspaces.json) - workspaces_default_service_access = aws.iam.RolePolicyAttachment("workspaces_default_service_access", - role=workspaces_default.name, - policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess") - workspaces_default_self_service_access = aws.iam.RolePolicyAttachment("workspaces_default_self_service_access", - role=workspaces_default.name, - policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess") + ), + opts=pulumi.ResourceOptions(depends_on=[ + workspaces_default_service_access, + workspaces_default_self_service_access, + ])) ``` @@ -577,6 +581,22 @@ def __init__(__self__, example_b.id, ], )) + workspaces = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( + actions=["sts:AssumeRole"], + principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs( + type="Service", + identifiers=["workspaces.amazonaws.com"], + )], + )]) + workspaces_default = aws.iam.Role("workspaces_default", + name="workspaces_DefaultRole", + assume_role_policy=workspaces.json) + workspaces_default_service_access = aws.iam.RolePolicyAttachment("workspaces_default_service_access", + role=workspaces_default.name, + policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess") + workspaces_default_self_service_access = aws.iam.RolePolicyAttachment("workspaces_default_self_service_access", + role=workspaces_default.name, + policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess") example_c = aws.ec2.Subnet("example_c", vpc_id=example_vpc.id, availability_zone="us-east-1c", @@ -617,23 +637,11 @@ def __init__(__self__, enable_internet_access=True, enable_maintenance_mode=True, user_enabled_as_local_administrator=True, - )) - workspaces = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs( - actions=["sts:AssumeRole"], - principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs( - type="Service", - identifiers=["workspaces.amazonaws.com"], - )], - )]) - workspaces_default = aws.iam.Role("workspaces_default", - name="workspaces_DefaultRole", - assume_role_policy=workspaces.json) - workspaces_default_service_access = aws.iam.RolePolicyAttachment("workspaces_default_service_access", - role=workspaces_default.name, - policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesServiceAccess") - workspaces_default_self_service_access = aws.iam.RolePolicyAttachment("workspaces_default_self_service_access", - role=workspaces_default.name, - policy_arn="arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess") + ), + opts=pulumi.ResourceOptions(depends_on=[ + workspaces_default_service_access, + workspaces_default_self_service_access, + ])) ```