@pulumi/aws 7.0.0-alpha.2 → 7.0.0-rc.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/accessanalyzer/analyzer.d.ts +54 -7
- package/accessanalyzer/analyzer.js +48 -1
- package/accessanalyzer/analyzer.js.map +1 -1
- package/amp/index.d.ts +3 -0
- package/amp/index.js +6 -1
- package/amp/index.js.map +1 -1
- package/amp/queryLoggingConfiguration.d.ts +107 -0
- package/amp/queryLoggingConfiguration.js +82 -0
- package/amp/queryLoggingConfiguration.js.map +1 -0
- package/amplify/app.d.ts +26 -0
- package/amplify/app.js +16 -0
- package/amplify/app.js.map +1 -1
- package/amplify/branch.d.ts +12 -0
- package/amplify/branch.js +2 -0
- package/amplify/branch.js.map +1 -1
- package/bedrock/agentAgent.d.ts +2 -2
- package/bedrock/agentAgent.js +2 -2
- package/bedrock/agentAgentCollaborator.d.ts +4 -4
- package/bedrock/agentAgentCollaborator.js +4 -4
- package/cloudfront/distribution.d.ts +12 -0
- package/cloudfront/distribution.js +2 -0
- package/cloudfront/distribution.js.map +1 -1
- package/cloudfront/getDistribution.d.ts +4 -0
- package/cloudfront/getDistribution.js.map +1 -1
- package/cloudtrail/trail.d.ts +2 -2
- package/cloudtrail/trail.js +2 -2
- package/cloudwatch/eventArchive.d.ts +91 -15
- package/cloudwatch/eventArchive.js +67 -1
- package/cloudwatch/eventArchive.js.map +1 -1
- package/cloudwatch/logGroup.d.ts +6 -6
- package/codeartifact/domainPermissions.d.ts +1 -1
- package/codeartifact/domainPermissions.js +0 -3
- package/codeartifact/domainPermissions.js.map +1 -1
- package/connect/botAssociation.d.ts +1 -1
- package/connect/botAssociation.js +1 -1
- package/controltower/controlTowerControl.d.ts +1 -1
- package/controltower/controlTowerControl.js +1 -1
- package/cur/reportDefinition.d.ts +3 -3
- package/datasync/agent.d.ts +1 -1
- package/datasync/agent.js +1 -1
- package/dynamodb/table.d.ts +36 -1
- package/dynamodb/table.js +36 -1
- package/dynamodb/table.js.map +1 -1
- package/dynamodb/tag.d.ts +1 -1
- package/dynamodb/tag.js +1 -1
- package/ec2/getManagedPrefixList.d.ts +2 -2
- package/ec2/getManagedPrefixList.js +2 -2
- package/ec2/securityGroupRule.d.ts +1 -1
- package/ec2/securityGroupRule.js +1 -1
- package/ec2/vpc.d.ts +2 -2
- package/ec2/vpc.js +2 -2
- package/ec2/vpcIpam.d.ts +1 -1
- package/ec2/vpcIpam.js +1 -1
- package/ec2/vpcIpamPool.d.ts +4 -4
- package/ec2/vpcIpamPool.js +4 -4
- package/ec2/vpcIpamPoolCidr.d.ts +3 -3
- package/ec2/vpcIpamPoolCidr.js +3 -3
- package/ec2/vpcIpamPoolCidrAllocation.d.ts +4 -4
- package/ec2/vpcIpamPoolCidrAllocation.js +4 -4
- package/ec2/vpcIpamPreviewNextCidr.d.ts +2 -2
- package/ec2/vpcIpamPreviewNextCidr.js +2 -2
- package/ec2/vpcIpamResourceDiscovery.d.ts +1 -1
- package/ec2/vpcIpamResourceDiscovery.js +1 -1
- package/ec2/vpcIpamScope.d.ts +1 -1
- package/ec2/vpcIpamScope.js +1 -1
- package/ecr/registryPolicy.d.ts +1 -1
- package/ecr/registryPolicy.js +1 -1
- package/eks/cluster.d.ts +2 -4
- package/eks/cluster.js +0 -2
- package/eks/cluster.js.map +1 -1
- package/eks/podIdentityAssociation.d.ts +32 -0
- package/eks/podIdentityAssociation.js +6 -0
- package/eks/podIdentityAssociation.js.map +1 -1
- package/elasticsearch/domain.d.ts +2 -2
- package/elasticsearch/domain.js +2 -2
- package/emr/cluster.d.ts +12 -0
- package/emr/cluster.js +2 -0
- package/emr/cluster.js.map +1 -1
- package/fms/policy.d.ts +12 -0
- package/fms/policy.js +2 -0
- package/fms/policy.js.map +1 -1
- package/getRegion.d.ts +2 -2
- package/getService.d.ts +2 -2
- package/getService.js +2 -2
- package/glue/job.d.ts +12 -0
- package/glue/job.js +2 -0
- package/glue/job.js.map +1 -1
- package/glue/resourcePolicy.d.ts +1 -1
- package/glue/resourcePolicy.js +1 -1
- package/guardduty/detectorFeature.d.ts +21 -0
- package/guardduty/detectorFeature.js +21 -0
- package/guardduty/detectorFeature.js.map +1 -1
- package/guardduty/memberDetectorFeature.d.ts +1 -11
- package/guardduty/memberDetectorFeature.js +1 -11
- package/guardduty/memberDetectorFeature.js.map +1 -1
- package/guardduty/publishingDestination.d.ts +2 -2
- package/guardduty/publishingDestination.js +2 -2
- package/iam/rolePolicy.d.ts +21 -15
- package/iam/rolePolicy.js.map +1 -1
- package/imagebuilder/imageRecipe.d.ts +1 -1
- package/imagebuilder/imageRecipe.js +1 -1
- package/kinesis/firehoseDeliveryStream.d.ts +1 -1
- package/kinesis/firehoseDeliveryStream.js +1 -1
- package/kinesis/getStreamConsumer.d.ts +9 -0
- package/kinesis/getStreamConsumer.js +2 -0
- package/kinesis/getStreamConsumer.js.map +1 -1
- package/kinesis/streamConsumer.d.ts +15 -0
- package/kinesis/streamConsumer.js +4 -0
- package/kinesis/streamConsumer.js.map +1 -1
- package/kms/getKey.d.ts +1 -1
- package/kms/key.d.ts +3 -3
- package/lightsail/instancePublicPorts.d.ts +6 -6
- package/macie/findingsFilter.d.ts +1 -1
- package/macie/findingsFilter.js +1 -1
- package/mediastore/containerPolicy.d.ts +1 -1
- package/mediastore/containerPolicy.js +1 -1
- package/networkfirewall/firewallPolicy.d.ts +51 -2
- package/networkfirewall/firewallPolicy.js +51 -2
- package/networkfirewall/firewallPolicy.js.map +1 -1
- package/networkmanager/dxGatewayAttachment.d.ts +1 -1
- package/networkmanager/dxGatewayAttachment.js +1 -1
- package/opensearch/domain.d.ts +2 -2
- package/opensearch/domain.js +2 -2
- package/opensearch/inboundConnectionAccepter.d.ts +2 -2
- package/opensearch/inboundConnectionAccepter.js +2 -2
- package/opensearch/outboundConnection.d.ts +2 -2
- package/opensearch/outboundConnection.js +2 -2
- package/opensearchingest/pipeline.d.ts +1 -1
- package/opensearchingest/pipeline.js +1 -1
- package/package.json +2 -2
- package/quicksight/dataSource.d.ts +1 -1
- package/quicksight/dataSource.js +1 -1
- package/rbin/rule.d.ts +52 -17
- package/rbin/rule.js +26 -1
- package/rbin/rule.js.map +1 -1
- package/route53/getTrafficPolicyDocument.d.ts +4 -4
- package/route53/getTrafficPolicyDocument.js +4 -4
- package/route53/profilesResourceAssociation.d.ts +1 -1
- package/s3/bucket.d.ts +5 -4
- package/s3/bucketPolicy.d.ts +2 -0
- package/s3/bucketPolicy.js +2 -0
- package/s3/bucketPolicy.js.map +1 -1
- package/s3/directoryBucket.d.ts +30 -0
- package/s3/directoryBucket.js +4 -0
- package/s3/directoryBucket.js.map +1 -1
- package/s3tables/table.d.ts +62 -0
- package/s3tables/table.js +49 -0
- package/s3tables/table.js.map +1 -1
- package/sagemaker/flowDefinition.d.ts +1 -1
- package/sagemaker/flowDefinition.js +1 -1
- package/securityhub/productSubscription.d.ts +1 -1
- package/securityhub/productSubscription.js +1 -1
- package/securityhub/standardsSubscription.d.ts +1 -1
- package/securityhub/standardsSubscription.js +1 -1
- package/serverlessrepository/cloudFormationStack.d.ts +1 -1
- package/serverlessrepository/cloudFormationStack.js +1 -1
- package/shield/drtAccessLogBucketAssociation.d.ts +1 -1
- package/shield/drtAccessLogBucketAssociation.js +1 -1
- package/shield/protection.d.ts +1 -1
- package/shield/protection.js +1 -1
- package/shield/protectionGroup.d.ts +2 -2
- package/shield/protectionGroup.js +2 -2
- package/shield/protectionHealthCheckAssociation.d.ts +1 -1
- package/shield/protectionHealthCheckAssociation.js +1 -1
- package/ssm/parameter.d.ts +1 -1
- package/ssm/quicksetupConfigurationManager.d.ts +2 -2
- package/ssm/quicksetupConfigurationManager.js +2 -2
- package/ssoadmin/applicationAccessScope.d.ts +1 -1
- package/ssoadmin/applicationAccessScope.js +1 -1
- package/ssoadmin/applicationAssignment.d.ts +2 -2
- package/ssoadmin/applicationAssignment.js +2 -2
- package/ssoadmin/applicationAssignmentConfiguration.d.ts +1 -1
- package/ssoadmin/applicationAssignmentConfiguration.js +1 -1
- package/ssoadmin/getApplicationAssignments.d.ts +2 -2
- package/ssoadmin/getApplicationAssignments.js +2 -2
- package/types/input.d.ts +217 -26
- package/types/input.js.map +1 -1
- package/types/output.d.ts +209 -25
- package/types/output.js.map +1 -1
|
@@ -17,6 +17,27 @@ const utilities = require("../utilities");
|
|
|
17
17
|
* import * as aws from "@pulumi/aws";
|
|
18
18
|
*
|
|
19
19
|
* const example = new aws.guardduty.Detector("example", {enable: true});
|
|
20
|
+
* const s3Protection = new aws.guardduty.DetectorFeature("s3_protection", {
|
|
21
|
+
* detectorId: example.id,
|
|
22
|
+
* name: "S3_DATA_EVENTS",
|
|
23
|
+
* status: "ENABLED",
|
|
24
|
+
* });
|
|
25
|
+
* ```
|
|
26
|
+
*
|
|
27
|
+
* ## Extended Threat Detection for EKS
|
|
28
|
+
*
|
|
29
|
+
* To enable GuardDuty [Extended Threat Detection](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html) for EKS, you need at least one of these features enabled: [EKS Protection](https://docs.aws.amazon.com/guardduty/latest/ug/kubernetes-protection.html) or [Runtime Monitoring](https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring-configuration.html). For maximum detection coverage, enabling both is recommended to enhance detection capabilities.
|
|
30
|
+
*
|
|
31
|
+
* ```typescript
|
|
32
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
33
|
+
* import * as aws from "@pulumi/aws";
|
|
34
|
+
*
|
|
35
|
+
* const example = new aws.guardduty.Detector("example", {enable: true});
|
|
36
|
+
* const eksProtection = new aws.guardduty.DetectorFeature("eks_protection", {
|
|
37
|
+
* detectorId: example.id,
|
|
38
|
+
* name: "EKS_AUDIT_LOGS",
|
|
39
|
+
* status: "ENABLED",
|
|
40
|
+
* });
|
|
20
41
|
* const eksRuntimeMonitoring = new aws.guardduty.DetectorFeature("eks_runtime_monitoring", {
|
|
21
42
|
* detectorId: example.id,
|
|
22
43
|
* name: "EKS_RUNTIME_MONITORING",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"detectorFeature.js","sourceRoot":"","sources":["../../guardduty/detectorFeature.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAIzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"detectorFeature.js","sourceRoot":"","sources":["../../guardduty/detectorFeature.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAIzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2CG;AACH,MAAa,eAAgB,SAAQ,MAAM,CAAC,cAAc;IACtD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA4B,EAAE,IAAmC;QAC1H,OAAO,IAAI,eAAe,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACtE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,eAAe,CAAC,YAAY,CAAC;IAChE,CAAC;IA+BD,YAAY,IAAY,EAAE,WAAwD,EAAE,IAAmC;QACnH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA+C,CAAC;YAC9D,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChG,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;aAAM;YACH,MAAM,IAAI,GAAG,WAA8C,CAAC;YAC5D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;aACzD;YACD,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;SAC7D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,eAAe,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACpE,CAAC;;AAnFL,0CAoFC;AAtEG,gBAAgB;AACO,4BAAY,GAAG,+CAA+C,CAAC"}
|
|
@@ -16,18 +16,8 @@ import * as outputs from "../types/output";
|
|
|
16
16
|
* const runtimeMonitoring = new aws.guardduty.MemberDetectorFeature("runtime_monitoring", {
|
|
17
17
|
* detectorId: example.id,
|
|
18
18
|
* accountId: "123456789012",
|
|
19
|
-
* name: "
|
|
19
|
+
* name: "S3_DATA_EVENTS",
|
|
20
20
|
* status: "ENABLED",
|
|
21
|
-
* additionalConfigurations: [
|
|
22
|
-
* {
|
|
23
|
-
* name: "EKS_ADDON_MANAGEMENT",
|
|
24
|
-
* status: "ENABLED",
|
|
25
|
-
* },
|
|
26
|
-
* {
|
|
27
|
-
* name: "ECS_FARGATE_AGENT_MANAGEMENT",
|
|
28
|
-
* status: "ENABLED",
|
|
29
|
-
* },
|
|
30
|
-
* ],
|
|
31
21
|
* });
|
|
32
22
|
* ```
|
|
33
23
|
*/
|
|
@@ -20,18 +20,8 @@ const utilities = require("../utilities");
|
|
|
20
20
|
* const runtimeMonitoring = new aws.guardduty.MemberDetectorFeature("runtime_monitoring", {
|
|
21
21
|
* detectorId: example.id,
|
|
22
22
|
* accountId: "123456789012",
|
|
23
|
-
* name: "
|
|
23
|
+
* name: "S3_DATA_EVENTS",
|
|
24
24
|
* status: "ENABLED",
|
|
25
|
-
* additionalConfigurations: [
|
|
26
|
-
* {
|
|
27
|
-
* name: "EKS_ADDON_MANAGEMENT",
|
|
28
|
-
* status: "ENABLED",
|
|
29
|
-
* },
|
|
30
|
-
* {
|
|
31
|
-
* name: "ECS_FARGATE_AGENT_MANAGEMENT",
|
|
32
|
-
* status: "ENABLED",
|
|
33
|
-
* },
|
|
34
|
-
* ],
|
|
35
25
|
* });
|
|
36
26
|
* ```
|
|
37
27
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"memberDetectorFeature.js","sourceRoot":"","sources":["../../guardduty/memberDetectorFeature.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAIzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"memberDetectorFeature.js","sourceRoot":"","sources":["../../guardduty/memberDetectorFeature.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAIzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAa,qBAAsB,SAAQ,MAAM,CAAC,cAAc;IAC5D;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAkC,EAAE,IAAmC;QAChI,OAAO,IAAI,qBAAqB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC5E,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,qBAAqB,CAAC,YAAY,CAAC;IACtE,CAAC;IAmCD,YAAY,IAAY,EAAE,WAAoE,EAAE,IAAmC;QAC/H,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAqD,CAAC;YACpE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,0BAA0B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChG,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/D;aAAM;YACH,MAAM,IAAI,GAAG,WAAoD,CAAC;YAClE,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACtD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;aAC5D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;aACzD;YACD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,0BAA0B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;SAC7D;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,qBAAqB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC1E,CAAC;;AA5FL,sDA6FC;AA/EG,gBAAgB;AACO,kCAAY,GAAG,2DAA2D,CAAC"}
|
|
@@ -41,7 +41,7 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
41
41
|
* {
|
|
42
42
|
* sid: "Allow GuardDuty to encrypt findings",
|
|
43
43
|
* actions: ["kms:GenerateDataKey"],
|
|
44
|
-
* resources: [`arn:aws:kms:${currentGetRegion.
|
|
44
|
+
* resources: [`arn:aws:kms:${currentGetRegion.region}:${current.accountId}:key/*`],
|
|
45
45
|
* principals: [{
|
|
46
46
|
* type: "Service",
|
|
47
47
|
* identifiers: ["guardduty.amazonaws.com"],
|
|
@@ -50,7 +50,7 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
50
50
|
* {
|
|
51
51
|
* sid: "Allow all users to modify/delete key (test only)",
|
|
52
52
|
* actions: ["kms:*"],
|
|
53
|
-
* resources: [`arn:aws:kms:${currentGetRegion1.
|
|
53
|
+
* resources: [`arn:aws:kms:${currentGetRegion1.region}:${current1.accountId}:key/*`],
|
|
54
54
|
* principals: [{
|
|
55
55
|
* type: "AWS",
|
|
56
56
|
* identifiers: [`arn:aws:iam::${current2.accountId}:root`],
|
|
@@ -47,7 +47,7 @@ const utilities = require("../utilities");
|
|
|
47
47
|
* {
|
|
48
48
|
* sid: "Allow GuardDuty to encrypt findings",
|
|
49
49
|
* actions: ["kms:GenerateDataKey"],
|
|
50
|
-
* resources: [`arn:aws:kms:${currentGetRegion.
|
|
50
|
+
* resources: [`arn:aws:kms:${currentGetRegion.region}:${current.accountId}:key/*`],
|
|
51
51
|
* principals: [{
|
|
52
52
|
* type: "Service",
|
|
53
53
|
* identifiers: ["guardduty.amazonaws.com"],
|
|
@@ -56,7 +56,7 @@ const utilities = require("../utilities");
|
|
|
56
56
|
* {
|
|
57
57
|
* sid: "Allow all users to modify/delete key (test only)",
|
|
58
58
|
* actions: ["kms:*"],
|
|
59
|
-
* resources: [`arn:aws:kms:${currentGetRegion1.
|
|
59
|
+
* resources: [`arn:aws:kms:${currentGetRegion1.region}:${current1.accountId}:key/*`],
|
|
60
60
|
* principals: [{
|
|
61
61
|
* type: "AWS",
|
|
62
62
|
* identifiers: [`arn:aws:iam::${current2.accountId}:root`],
|
package/iam/rolePolicy.d.ts
CHANGED
|
@@ -67,17 +67,19 @@ export declare class RolePolicy extends pulumi.CustomResource {
|
|
|
67
67
|
*/
|
|
68
68
|
static isInstance(obj: any): obj is RolePolicy;
|
|
69
69
|
/**
|
|
70
|
-
* The name of the role policy.
|
|
71
|
-
* assign a random, unique name.
|
|
70
|
+
* The name of the role policy.
|
|
71
|
+
* If omitted, the provider will assign a random, unique name.
|
|
72
72
|
*/
|
|
73
73
|
readonly name: pulumi.Output<string>;
|
|
74
74
|
/**
|
|
75
|
-
* Creates a unique name beginning with the specified
|
|
76
|
-
*
|
|
75
|
+
* Creates a unique name beginning with the specified prefix.
|
|
76
|
+
* Conflicts with `name`.
|
|
77
77
|
*/
|
|
78
78
|
readonly namePrefix: pulumi.Output<string>;
|
|
79
79
|
/**
|
|
80
|
-
* The inline policy document.
|
|
80
|
+
* The inline policy document.
|
|
81
|
+
* This is a JSON formatted string.
|
|
82
|
+
* For more information about building IAM policy documents with Pulumi, see the AWS IAM Policy Document Guide
|
|
81
83
|
*/
|
|
82
84
|
readonly policy: pulumi.Output<string>;
|
|
83
85
|
/**
|
|
@@ -98,17 +100,19 @@ export declare class RolePolicy extends pulumi.CustomResource {
|
|
|
98
100
|
*/
|
|
99
101
|
export interface RolePolicyState {
|
|
100
102
|
/**
|
|
101
|
-
* The name of the role policy.
|
|
102
|
-
* assign a random, unique name.
|
|
103
|
+
* The name of the role policy.
|
|
104
|
+
* If omitted, the provider will assign a random, unique name.
|
|
103
105
|
*/
|
|
104
106
|
name?: pulumi.Input<string>;
|
|
105
107
|
/**
|
|
106
|
-
* Creates a unique name beginning with the specified
|
|
107
|
-
*
|
|
108
|
+
* Creates a unique name beginning with the specified prefix.
|
|
109
|
+
* Conflicts with `name`.
|
|
108
110
|
*/
|
|
109
111
|
namePrefix?: pulumi.Input<string>;
|
|
110
112
|
/**
|
|
111
|
-
* The inline policy document.
|
|
113
|
+
* The inline policy document.
|
|
114
|
+
* This is a JSON formatted string.
|
|
115
|
+
* For more information about building IAM policy documents with Pulumi, see the AWS IAM Policy Document Guide
|
|
112
116
|
*/
|
|
113
117
|
policy?: pulumi.Input<string | inputs.iam.PolicyDocument>;
|
|
114
118
|
/**
|
|
@@ -121,17 +125,19 @@ export interface RolePolicyState {
|
|
|
121
125
|
*/
|
|
122
126
|
export interface RolePolicyArgs {
|
|
123
127
|
/**
|
|
124
|
-
* The name of the role policy.
|
|
125
|
-
* assign a random, unique name.
|
|
128
|
+
* The name of the role policy.
|
|
129
|
+
* If omitted, the provider will assign a random, unique name.
|
|
126
130
|
*/
|
|
127
131
|
name?: pulumi.Input<string>;
|
|
128
132
|
/**
|
|
129
|
-
* Creates a unique name beginning with the specified
|
|
130
|
-
*
|
|
133
|
+
* Creates a unique name beginning with the specified prefix.
|
|
134
|
+
* Conflicts with `name`.
|
|
131
135
|
*/
|
|
132
136
|
namePrefix?: pulumi.Input<string>;
|
|
133
137
|
/**
|
|
134
|
-
* The inline policy document.
|
|
138
|
+
* The inline policy document.
|
|
139
|
+
* This is a JSON formatted string.
|
|
140
|
+
* For more information about building IAM policy documents with Pulumi, see the AWS IAM Policy Document Guide
|
|
135
141
|
*/
|
|
136
142
|
policy: pulumi.Input<string | inputs.iam.PolicyDocument>;
|
|
137
143
|
/**
|
package/iam/rolePolicy.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rolePolicy.js","sourceRoot":"","sources":["../../iam/rolePolicy.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAIzC,0CAA0C;AAI1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgDG;AACH,MAAa,UAAW,SAAQ,MAAM,CAAC,cAAc;IACjD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAuB,EAAE,IAAmC;QACrH,OAAO,IAAI,UAAU,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACjE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,UAAU,CAAC,YAAY,CAAC;IAC3D,CAAC;
|
|
1
|
+
{"version":3,"file":"rolePolicy.js","sourceRoot":"","sources":["../../iam/rolePolicy.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AAIzC,0CAA0C;AAI1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgDG;AACH,MAAa,UAAW,SAAQ,MAAM,CAAC,cAAc;IACjD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAuB,EAAE,IAAmC;QACrH,OAAO,IAAI,UAAU,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACjE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,UAAU,CAAC,YAAY,CAAC;IAC3D,CAAC;IA+BD,YAAY,IAAY,EAAE,WAA8C,EAAE,IAAmC;QACzG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA0C,CAAC;YACzD,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SAC3D;aAAM;YACH,MAAM,IAAI,GAAG,WAAyC,CAAC;YACvD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACnD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;aACzD;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACjD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;aACvD;YACD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;SACzD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,UAAU,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC/D,CAAC;;AAjFL,gCAkFC;AApEG,gBAAgB;AACO,uBAAY,GAAG,+BAA+B,CAAC"}
|
|
@@ -33,7 +33,7 @@ import * as outputs from "../types/output";
|
|
|
33
33
|
* ],
|
|
34
34
|
* }],
|
|
35
35
|
* name: "example",
|
|
36
|
-
* parentImage: `arn:${current.partition}:imagebuilder:${currentAwsRegion.
|
|
36
|
+
* parentImage: `arn:${current.partition}:imagebuilder:${currentAwsRegion.region}:aws:image/amazon-linux-2-x86/x.x.x`,
|
|
37
37
|
* version: "1.0.0",
|
|
38
38
|
* });
|
|
39
39
|
* ```
|
|
@@ -37,7 +37,7 @@ const utilities = require("../utilities");
|
|
|
37
37
|
* ],
|
|
38
38
|
* }],
|
|
39
39
|
* name: "example",
|
|
40
|
-
* parentImage: `arn:${current.partition}:imagebuilder:${currentAwsRegion.
|
|
40
|
+
* parentImage: `arn:${current.partition}:imagebuilder:${currentAwsRegion.region}:aws:image/amazon-linux-2-x86/x.x.x`,
|
|
41
41
|
* version: "1.0.0",
|
|
42
42
|
* });
|
|
43
43
|
* ```
|
|
@@ -524,7 +524,7 @@ import * as outputs from "../types/output";
|
|
|
524
524
|
* destination: "iceberg",
|
|
525
525
|
* icebergConfiguration: {
|
|
526
526
|
* roleArn: firehoseRole.arn,
|
|
527
|
-
* catalogArn: Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) => `arn:${currentGetPartition.partition}:glue:${currentGetRegion.
|
|
527
|
+
* catalogArn: Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) => `arn:${currentGetPartition.partition}:glue:${currentGetRegion.region}:${current.accountId}:catalog`),
|
|
528
528
|
* bufferingSize: 10,
|
|
529
529
|
* bufferingInterval: 400,
|
|
530
530
|
* s3Configuration: {
|
|
@@ -528,7 +528,7 @@ const utilities = require("../utilities");
|
|
|
528
528
|
* destination: "iceberg",
|
|
529
529
|
* icebergConfiguration: {
|
|
530
530
|
* roleArn: firehoseRole.arn,
|
|
531
|
-
* catalogArn: Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) => `arn:${currentGetPartition.partition}:glue:${currentGetRegion.
|
|
531
|
+
* catalogArn: Promise.all([currentGetPartition, currentGetRegion, current]).then(([currentGetPartition, currentGetRegion, current]) => `arn:${currentGetPartition.partition}:glue:${currentGetRegion.region}:${current.accountId}:catalog`),
|
|
532
532
|
* bufferingSize: 10,
|
|
533
533
|
* bufferingInterval: 400,
|
|
534
534
|
* s3Configuration: {
|
|
@@ -37,6 +37,9 @@ export interface GetStreamConsumerArgs {
|
|
|
37
37
|
* ARN of the data stream the consumer is registered with.
|
|
38
38
|
*/
|
|
39
39
|
streamArn: string;
|
|
40
|
+
tags?: {
|
|
41
|
+
[key: string]: string;
|
|
42
|
+
};
|
|
40
43
|
}
|
|
41
44
|
/**
|
|
42
45
|
* A collection of values returned by getStreamConsumer.
|
|
@@ -58,6 +61,9 @@ export interface GetStreamConsumerResult {
|
|
|
58
61
|
*/
|
|
59
62
|
readonly status: string;
|
|
60
63
|
readonly streamArn: string;
|
|
64
|
+
readonly tags: {
|
|
65
|
+
[key: string]: string;
|
|
66
|
+
};
|
|
61
67
|
}
|
|
62
68
|
/**
|
|
63
69
|
* Provides details about a Kinesis Stream Consumer.
|
|
@@ -97,4 +103,7 @@ export interface GetStreamConsumerOutputArgs {
|
|
|
97
103
|
* ARN of the data stream the consumer is registered with.
|
|
98
104
|
*/
|
|
99
105
|
streamArn: pulumi.Input<string>;
|
|
106
|
+
tags?: pulumi.Input<{
|
|
107
|
+
[key: string]: pulumi.Input<string>;
|
|
108
|
+
}>;
|
|
100
109
|
}
|
|
@@ -29,6 +29,7 @@ function getStreamConsumer(args, opts) {
|
|
|
29
29
|
"name": args.name,
|
|
30
30
|
"region": args.region,
|
|
31
31
|
"streamArn": args.streamArn,
|
|
32
|
+
"tags": args.tags,
|
|
32
33
|
}, opts);
|
|
33
34
|
}
|
|
34
35
|
exports.getStreamConsumer = getStreamConsumer;
|
|
@@ -56,6 +57,7 @@ function getStreamConsumerOutput(args, opts) {
|
|
|
56
57
|
"name": args.name,
|
|
57
58
|
"region": args.region,
|
|
58
59
|
"streamArn": args.streamArn,
|
|
60
|
+
"tags": args.tags,
|
|
59
61
|
}, opts);
|
|
60
62
|
}
|
|
61
63
|
exports.getStreamConsumerOutput = getStreamConsumerOutput;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getStreamConsumer.js","sourceRoot":"","sources":["../../kinesis/getStreamConsumer.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;GAgBG;AACH,SAAgB,iBAAiB,CAAC,IAA2B,EAAE,IAA2B;IACtF,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACzE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,iDAAiD,EAAE;QAC5E,KAAK,EAAE,IAAI,CAAC,GAAG;QACf,MAAM,EAAE,IAAI,CAAC,IAAI;QACjB,QAAQ,EAAE,IAAI,CAAC,MAAM;QACrB,WAAW,EAAE,IAAI,CAAC,SAAS;
|
|
1
|
+
{"version":3,"file":"getStreamConsumer.js","sourceRoot":"","sources":["../../kinesis/getStreamConsumer.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;GAgBG;AACH,SAAgB,iBAAiB,CAAC,IAA2B,EAAE,IAA2B;IACtF,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACzE,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,iDAAiD,EAAE;QAC5E,KAAK,EAAE,IAAI,CAAC,GAAG;QACf,MAAM,EAAE,IAAI,CAAC,IAAI;QACjB,QAAQ,EAAE,IAAI,CAAC,MAAM;QACrB,WAAW,EAAE,IAAI,CAAC,SAAS;QAC3B,MAAM,EAAE,IAAI,CAAC,IAAI;KACpB,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AATD,8CASC;AA+CD;;;;;;;;;;;;;;;;GAgBG;AACH,SAAgB,uBAAuB,CAAC,IAAiC,EAAE,IAAiC;IACxG,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACzE,OAAO,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,iDAAiD,EAAE;QAClF,KAAK,EAAE,IAAI,CAAC,GAAG;QACf,MAAM,EAAE,IAAI,CAAC,IAAI;QACjB,QAAQ,EAAE,IAAI,CAAC,MAAM;QACrB,WAAW,EAAE,IAAI,CAAC,SAAS;QAC3B,MAAM,EAAE,IAAI,CAAC,IAAI;KACpB,EAAE,IAAI,CAAC,CAAC;AACb,CAAC;AATD,0DASC"}
|
|
@@ -66,6 +66,12 @@ export declare class StreamConsumer extends pulumi.CustomResource {
|
|
|
66
66
|
* Amazon Resource Name (ARN) of the data stream the consumer is registered with.
|
|
67
67
|
*/
|
|
68
68
|
readonly streamArn: pulumi.Output<string>;
|
|
69
|
+
readonly tags: pulumi.Output<{
|
|
70
|
+
[key: string]: string;
|
|
71
|
+
} | undefined>;
|
|
72
|
+
readonly tagsAll: pulumi.Output<{
|
|
73
|
+
[key: string]: string;
|
|
74
|
+
}>;
|
|
69
75
|
/**
|
|
70
76
|
* Create a StreamConsumer resource with the given unique name, arguments, and options.
|
|
71
77
|
*
|
|
@@ -99,6 +105,12 @@ export interface StreamConsumerState {
|
|
|
99
105
|
* Amazon Resource Name (ARN) of the data stream the consumer is registered with.
|
|
100
106
|
*/
|
|
101
107
|
streamArn?: pulumi.Input<string>;
|
|
108
|
+
tags?: pulumi.Input<{
|
|
109
|
+
[key: string]: pulumi.Input<string>;
|
|
110
|
+
}>;
|
|
111
|
+
tagsAll?: pulumi.Input<{
|
|
112
|
+
[key: string]: pulumi.Input<string>;
|
|
113
|
+
}>;
|
|
102
114
|
}
|
|
103
115
|
/**
|
|
104
116
|
* The set of arguments for constructing a StreamConsumer resource.
|
|
@@ -116,4 +128,7 @@ export interface StreamConsumerArgs {
|
|
|
116
128
|
* Amazon Resource Name (ARN) of the data stream the consumer is registered with.
|
|
117
129
|
*/
|
|
118
130
|
streamArn: pulumi.Input<string>;
|
|
131
|
+
tags?: pulumi.Input<{
|
|
132
|
+
[key: string]: pulumi.Input<string>;
|
|
133
|
+
}>;
|
|
119
134
|
}
|
|
@@ -69,6 +69,8 @@ class StreamConsumer extends pulumi.CustomResource {
|
|
|
69
69
|
resourceInputs["name"] = state ? state.name : undefined;
|
|
70
70
|
resourceInputs["region"] = state ? state.region : undefined;
|
|
71
71
|
resourceInputs["streamArn"] = state ? state.streamArn : undefined;
|
|
72
|
+
resourceInputs["tags"] = state ? state.tags : undefined;
|
|
73
|
+
resourceInputs["tagsAll"] = state ? state.tagsAll : undefined;
|
|
72
74
|
}
|
|
73
75
|
else {
|
|
74
76
|
const args = argsOrState;
|
|
@@ -78,8 +80,10 @@ class StreamConsumer extends pulumi.CustomResource {
|
|
|
78
80
|
resourceInputs["name"] = args ? args.name : undefined;
|
|
79
81
|
resourceInputs["region"] = args ? args.region : undefined;
|
|
80
82
|
resourceInputs["streamArn"] = args ? args.streamArn : undefined;
|
|
83
|
+
resourceInputs["tags"] = args ? args.tags : undefined;
|
|
81
84
|
resourceInputs["arn"] = undefined /*out*/;
|
|
82
85
|
resourceInputs["creationTimestamp"] = undefined /*out*/;
|
|
86
|
+
resourceInputs["tagsAll"] = undefined /*out*/;
|
|
83
87
|
}
|
|
84
88
|
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
|
|
85
89
|
super(StreamConsumer.__pulumiType, name, resourceInputs, opts);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"streamConsumer.js","sourceRoot":"","sources":["../../kinesis/streamConsumer.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,MAAa,cAAe,SAAQ,MAAM,CAAC,cAAc;IACrD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA2B,EAAE,IAAmC;QACzH,OAAO,IAAI,cAAc,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACrE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,cAAc,CAAC,YAAY,CAAC;IAC/D,CAAC;
|
|
1
|
+
{"version":3,"file":"streamConsumer.js","sourceRoot":"","sources":["../../kinesis/streamConsumer.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,MAAa,cAAe,SAAQ,MAAM,CAAC,cAAc;IACrD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA2B,EAAE,IAAmC;QACzH,OAAO,IAAI,cAAc,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACrE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,cAAc,CAAC,YAAY,CAAC;IAC/D,CAAC;IAiCD,YAAY,IAAY,EAAE,WAAsD,EAAE,IAAmC;QACjH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA8C,CAAC;YAC7D,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SACjE;aAAM;YACH,MAAM,IAAI,GAAG,WAA6C,CAAC;YAC3D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACtD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;aAC5D;YACD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC1C,cAAc,CAAC,mBAAmB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACjD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,cAAc,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACnE,CAAC;;AAtFL,wCAuFC;AAzEG,gBAAgB;AACO,2BAAY,GAAG,2CAA2C,CAAC"}
|
package/kms/getKey.d.ts
CHANGED
|
@@ -73,7 +73,7 @@ export interface GetKeyResult {
|
|
|
73
73
|
*/
|
|
74
74
|
readonly customKeyStoreId: string;
|
|
75
75
|
/**
|
|
76
|
-
*
|
|
76
|
+
* See `keySpec`.
|
|
77
77
|
*/
|
|
78
78
|
readonly customerMasterKeySpec: string;
|
|
79
79
|
/**
|
package/kms/key.d.ts
CHANGED
|
@@ -346,7 +346,7 @@ export declare class Key extends pulumi.CustomResource {
|
|
|
346
346
|
readonly customKeyStoreId: pulumi.Output<string | undefined>;
|
|
347
347
|
/**
|
|
348
348
|
* Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.
|
|
349
|
-
* Valid values: `SYMMETRIC_DEFAULT`,
|
|
349
|
+
* Valid values: `SYMMETRIC_DEFAULT`, `RSA_2048`, `RSA_3072`, `RSA_4096`, `HMAC_224`, `HMAC_256`, `HMAC_384`, `HMAC_512`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, `ECC_SECG_P256K1`, `ML_DSA_44`, `ML_DSA_65`, `ML_DSA_87`, or `SM2` (China Regions only). Defaults to `SYMMETRIC_DEFAULT`. For help with choosing a key spec, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html).
|
|
350
350
|
*/
|
|
351
351
|
readonly customerMasterKeySpec: pulumi.Output<string | undefined>;
|
|
352
352
|
/**
|
|
@@ -440,7 +440,7 @@ export interface KeyState {
|
|
|
440
440
|
customKeyStoreId?: pulumi.Input<string>;
|
|
441
441
|
/**
|
|
442
442
|
* Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.
|
|
443
|
-
* Valid values: `SYMMETRIC_DEFAULT`,
|
|
443
|
+
* Valid values: `SYMMETRIC_DEFAULT`, `RSA_2048`, `RSA_3072`, `RSA_4096`, `HMAC_224`, `HMAC_256`, `HMAC_384`, `HMAC_512`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, `ECC_SECG_P256K1`, `ML_DSA_44`, `ML_DSA_65`, `ML_DSA_87`, or `SM2` (China Regions only). Defaults to `SYMMETRIC_DEFAULT`. For help with choosing a key spec, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html).
|
|
444
444
|
*/
|
|
445
445
|
customerMasterKeySpec?: pulumi.Input<string>;
|
|
446
446
|
/**
|
|
@@ -522,7 +522,7 @@ export interface KeyArgs {
|
|
|
522
522
|
customKeyStoreId?: pulumi.Input<string>;
|
|
523
523
|
/**
|
|
524
524
|
* Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.
|
|
525
|
-
* Valid values: `SYMMETRIC_DEFAULT`,
|
|
525
|
+
* Valid values: `SYMMETRIC_DEFAULT`, `RSA_2048`, `RSA_3072`, `RSA_4096`, `HMAC_224`, `HMAC_256`, `HMAC_384`, `HMAC_512`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, `ECC_SECG_P256K1`, `ML_DSA_44`, `ML_DSA_65`, `ML_DSA_87`, or `SM2` (China Regions only). Defaults to `SYMMETRIC_DEFAULT`. For help with choosing a key spec, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html).
|
|
526
526
|
*/
|
|
527
527
|
customerMasterKeySpec?: pulumi.Input<string>;
|
|
528
528
|
/**
|
|
@@ -62,11 +62,11 @@ export declare class InstancePublicPorts extends pulumi.CustomResource {
|
|
|
62
62
|
*/
|
|
63
63
|
static isInstance(obj: any): obj is InstancePublicPorts;
|
|
64
64
|
/**
|
|
65
|
-
* Name of the
|
|
65
|
+
* Name of the instance for which to open ports.
|
|
66
66
|
*/
|
|
67
67
|
readonly instanceName: pulumi.Output<string>;
|
|
68
68
|
/**
|
|
69
|
-
*
|
|
69
|
+
* Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See `portInfo` Block for details.
|
|
70
70
|
*
|
|
71
71
|
* The following arguments are optional:
|
|
72
72
|
*/
|
|
@@ -89,11 +89,11 @@ export declare class InstancePublicPorts extends pulumi.CustomResource {
|
|
|
89
89
|
*/
|
|
90
90
|
export interface InstancePublicPortsState {
|
|
91
91
|
/**
|
|
92
|
-
* Name of the
|
|
92
|
+
* Name of the instance for which to open ports.
|
|
93
93
|
*/
|
|
94
94
|
instanceName?: pulumi.Input<string>;
|
|
95
95
|
/**
|
|
96
|
-
*
|
|
96
|
+
* Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See `portInfo` Block for details.
|
|
97
97
|
*
|
|
98
98
|
* The following arguments are optional:
|
|
99
99
|
*/
|
|
@@ -108,11 +108,11 @@ export interface InstancePublicPortsState {
|
|
|
108
108
|
*/
|
|
109
109
|
export interface InstancePublicPortsArgs {
|
|
110
110
|
/**
|
|
111
|
-
* Name of the
|
|
111
|
+
* Name of the instance for which to open ports.
|
|
112
112
|
*/
|
|
113
113
|
instanceName: pulumi.Input<string>;
|
|
114
114
|
/**
|
|
115
|
-
*
|
|
115
|
+
* Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See `portInfo` Block for details.
|
|
116
116
|
*
|
|
117
117
|
* The following arguments are optional:
|
|
118
118
|
*/
|
package/macie/findingsFilter.js
CHANGED
|
@@ -18,7 +18,7 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
18
18
|
* identifiers: [currentGetCallerIdentity.then(currentGetCallerIdentity => `arn:aws:iam::${currentGetCallerIdentity.accountId}:root`)],
|
|
19
19
|
* }],
|
|
20
20
|
* actions: ["mediastore:*"],
|
|
21
|
-
* resources: [pulumi.all([current, currentGetCallerIdentity, exampleContainer.name]).apply(([current, currentGetCallerIdentity, name]) => `arn:aws:mediastore:${current.
|
|
21
|
+
* resources: [pulumi.all([current, currentGetCallerIdentity, exampleContainer.name]).apply(([current, currentGetCallerIdentity, name]) => `arn:aws:mediastore:${current.region}:${currentGetCallerIdentity.accountId}:container/${name}/*`)],
|
|
22
22
|
* conditions: [{
|
|
23
23
|
* test: "Bool",
|
|
24
24
|
* variable: "aws:SecureTransport",
|
|
@@ -24,7 +24,7 @@ const utilities = require("../utilities");
|
|
|
24
24
|
* identifiers: [currentGetCallerIdentity.then(currentGetCallerIdentity => `arn:aws:iam::${currentGetCallerIdentity.accountId}:root`)],
|
|
25
25
|
* }],
|
|
26
26
|
* actions: ["mediastore:*"],
|
|
27
|
-
* resources: [pulumi.all([current, currentGetCallerIdentity, exampleContainer.name]).apply(([current, currentGetCallerIdentity, name]) => `arn:aws:mediastore:${current.
|
|
27
|
+
* resources: [pulumi.all([current, currentGetCallerIdentity, exampleContainer.name]).apply(([current, currentGetCallerIdentity, name]) => `arn:aws:mediastore:${current.region}:${currentGetCallerIdentity.accountId}:container/${name}/*`)],
|
|
28
28
|
* conditions: [{
|
|
29
29
|
* test: "Bool",
|
|
30
30
|
* variable: "aws:SecureTransport",
|
|
@@ -10,6 +10,9 @@ import * as outputs from "../types/output";
|
|
|
10
10
|
* import * as pulumi from "@pulumi/pulumi";
|
|
11
11
|
* import * as aws from "@pulumi/aws";
|
|
12
12
|
*
|
|
13
|
+
* const current = aws.getRegion({});
|
|
14
|
+
* const currentGetPartition = aws.getPartition({});
|
|
15
|
+
* const currentGetCallerIdentity = aws.getCallerIdentity({});
|
|
13
16
|
* const example = new aws.networkfirewall.FirewallPolicy("example", {
|
|
14
17
|
* name: "example",
|
|
15
18
|
* firewallPolicy: {
|
|
@@ -19,7 +22,7 @@ import * as outputs from "../types/output";
|
|
|
19
22
|
* priority: 1,
|
|
20
23
|
* resourceArn: exampleAwsNetworkfirewallRuleGroup.arn,
|
|
21
24
|
* }],
|
|
22
|
-
* tlsInspectionConfigurationArn:
|
|
25
|
+
* tlsInspectionConfigurationArn: Promise.all([currentGetPartition, current, currentGetCallerIdentity]).then(([currentGetPartition, current, currentGetCallerIdentity]) => `arn:${currentGetPartition.partition}:network-firewall:${current.region}:${currentGetCallerIdentity.accountId}:tls-configuration/example`),
|
|
23
26
|
* },
|
|
24
27
|
* tags: {
|
|
25
28
|
* Tag1: "Value1",
|
|
@@ -68,7 +71,7 @@ import * as outputs from "../types/output";
|
|
|
68
71
|
* import * as pulumi from "@pulumi/pulumi";
|
|
69
72
|
* import * as aws from "@pulumi/aws";
|
|
70
73
|
*
|
|
71
|
-
* const
|
|
74
|
+
* const example = new aws.networkfirewall.FirewallPolicy("example", {
|
|
72
75
|
* name: "example",
|
|
73
76
|
* firewallPolicy: {
|
|
74
77
|
* statelessDefaultActions: [
|
|
@@ -90,6 +93,52 @@ import * as outputs from "../types/output";
|
|
|
90
93
|
* });
|
|
91
94
|
* ```
|
|
92
95
|
*
|
|
96
|
+
* ## Policy with Active Threat Defense in Action Order
|
|
97
|
+
*
|
|
98
|
+
* ```typescript
|
|
99
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
100
|
+
* import * as aws from "@pulumi/aws";
|
|
101
|
+
*
|
|
102
|
+
* const current = aws.getRegion({});
|
|
103
|
+
* const currentGetPartition = aws.getPartition({});
|
|
104
|
+
* const example = new aws.networkfirewall.FirewallPolicy("example", {
|
|
105
|
+
* name: "example",
|
|
106
|
+
* firewallPolicy: {
|
|
107
|
+
* statelessFragmentDefaultActions: ["aws:drop"],
|
|
108
|
+
* statelessDefaultActions: ["aws:pass"],
|
|
109
|
+
* statefulRuleGroupReferences: [{
|
|
110
|
+
* deepThreatInspection: "true",
|
|
111
|
+
* resourceArn: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) => `arn:${currentGetPartition.partition}:network-firewall:${current.region}:aws-managed:stateful-rulegroup/AttackInfrastructureActionOrder`),
|
|
112
|
+
* }],
|
|
113
|
+
* },
|
|
114
|
+
* });
|
|
115
|
+
* ```
|
|
116
|
+
*
|
|
117
|
+
* ## Policy with Active Threat Defense in Strict Order
|
|
118
|
+
*
|
|
119
|
+
* ```typescript
|
|
120
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
121
|
+
* import * as aws from "@pulumi/aws";
|
|
122
|
+
*
|
|
123
|
+
* const current = aws.getRegion({});
|
|
124
|
+
* const currentGetPartition = aws.getPartition({});
|
|
125
|
+
* const example = new aws.networkfirewall.FirewallPolicy("example", {
|
|
126
|
+
* name: "example",
|
|
127
|
+
* firewallPolicy: {
|
|
128
|
+
* statelessFragmentDefaultActions: ["aws:drop"],
|
|
129
|
+
* statelessDefaultActions: ["aws:pass"],
|
|
130
|
+
* statefulEngineOptions: {
|
|
131
|
+
* ruleOrder: "STRICT_ORDER",
|
|
132
|
+
* },
|
|
133
|
+
* statefulRuleGroupReferences: [{
|
|
134
|
+
* deepThreatInspection: "false",
|
|
135
|
+
* priority: 1,
|
|
136
|
+
* resourceArn: Promise.all([currentGetPartition, current]).then(([currentGetPartition, current]) => `arn:${currentGetPartition.partition}:network-firewall:${current.region}:aws-managed:stateful-rulegroup/AttackInfrastructureStrictOrder`),
|
|
137
|
+
* }],
|
|
138
|
+
* },
|
|
139
|
+
* });
|
|
140
|
+
* ```
|
|
141
|
+
*
|
|
93
142
|
* ## Import
|
|
94
143
|
*
|
|
95
144
|
* Using `pulumi import`, import Network Firewall Policies using their `arn`. For example:
|