pulumi-aws 7.11.1__py3-none-any.whl → 7.12.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (122) hide show
  1. pulumi_aws/__init__.py +57 -0
  2. pulumi_aws/acm/certificate.py +20 -20
  3. pulumi_aws/acmpca/certificate.py +8 -8
  4. pulumi_aws/apigateway/account.py +0 -4
  5. pulumi_aws/appflow/_inputs.py +33 -0
  6. pulumi_aws/appflow/outputs.py +22 -0
  7. pulumi_aws/appsync/graph_ql_api.py +84 -0
  8. pulumi_aws/bedrock/_inputs.py +97 -21
  9. pulumi_aws/bedrock/agent_agent_alias.py +94 -0
  10. pulumi_aws/bedrock/agentcore_agent_runtime.py +4 -4
  11. pulumi_aws/bedrock/agentcore_browser.py +42 -0
  12. pulumi_aws/bedrock/agentcore_gateway_target.py +217 -7
  13. pulumi_aws/bedrock/agentcore_memory.py +37 -9
  14. pulumi_aws/bedrock/agentcore_oauth2_credential_provider.py +38 -0
  15. pulumi_aws/bedrock/outputs.py +64 -17
  16. pulumi_aws/cloudfront/_inputs.py +15 -14
  17. pulumi_aws/cloudfront/distribution.py +28 -0
  18. pulumi_aws/cloudfront/outputs.py +10 -9
  19. pulumi_aws/cloudhsmv2/cluster.py +64 -0
  20. pulumi_aws/cloudwatch/_inputs.py +9 -8
  21. pulumi_aws/cloudwatch/contributor_managed_insight_rule.py +20 -0
  22. pulumi_aws/cloudwatch/log_delivery_destination.py +53 -12
  23. pulumi_aws/cloudwatch/outputs.py +6 -5
  24. pulumi_aws/codebuild/webhook.py +16 -16
  25. pulumi_aws/codepipeline/webhook.py +16 -16
  26. pulumi_aws/connect/_inputs.py +50 -4
  27. pulumi_aws/connect/outputs.py +95 -4
  28. pulumi_aws/connect/routing_profile.py +42 -18
  29. pulumi_aws/datasync/location_fsx_ontap_file_system.py +34 -0
  30. pulumi_aws/datazone/project.py +24 -0
  31. pulumi_aws/detective/organization_configuration.py +20 -0
  32. pulumi_aws/dms/_inputs.py +3 -3
  33. pulumi_aws/dms/outputs.py +2 -2
  34. pulumi_aws/ec2/__init__.py +1 -0
  35. pulumi_aws/ec2/_inputs.py +182 -0
  36. pulumi_aws/ec2/allowed_images_settings.py +338 -0
  37. pulumi_aws/ec2/get_coip_pools.py +24 -0
  38. pulumi_aws/ec2/image_block_public_access.py +48 -1
  39. pulumi_aws/ec2/outputs.py +167 -0
  40. pulumi_aws/ec2/security_group.py +6 -6
  41. pulumi_aws/ec2/serial_console_access.py +50 -3
  42. pulumi_aws/ec2/vpc_endpoint.py +92 -0
  43. pulumi_aws/ec2clientvpn/authorization_rule.py +7 -7
  44. pulumi_aws/ec2clientvpn/route.py +7 -7
  45. pulumi_aws/ec2transitgateway/instance_connect_endpoint.py +47 -0
  46. pulumi_aws/ecrpublic/get_images.py +24 -0
  47. pulumi_aws/ecs/_inputs.py +172 -33
  48. pulumi_aws/ecs/get_service.py +318 -7
  49. pulumi_aws/ecs/outputs.py +957 -86
  50. pulumi_aws/ecs/service.py +76 -0
  51. pulumi_aws/eks/_inputs.py +195 -5
  52. pulumi_aws/eks/outputs.py +164 -4
  53. pulumi_aws/elasticache/_inputs.py +154 -0
  54. pulumi_aws/elasticache/get_replication_group.py +23 -9
  55. pulumi_aws/elasticache/outputs.py +204 -0
  56. pulumi_aws/elasticache/replication_group.py +115 -0
  57. pulumi_aws/elasticache/reserved_cache_node.py +28 -0
  58. pulumi_aws/finspace/kx_cluster.py +76 -0
  59. pulumi_aws/fis/__init__.py +1 -0
  60. pulumi_aws/fis/target_account_configuration.py +401 -0
  61. pulumi_aws/glue/job.py +7 -7
  62. pulumi_aws/guardduty/malware_protection_plan.py +50 -0
  63. pulumi_aws/guardduty/member_detector_feature.py +42 -0
  64. pulumi_aws/invoicing/__init__.py +11 -0
  65. pulumi_aws/invoicing/_inputs.py +128 -0
  66. pulumi_aws/invoicing/invoice_unit.py +620 -0
  67. pulumi_aws/invoicing/outputs.py +99 -0
  68. pulumi_aws/iot/ca_certificate.py +32 -32
  69. pulumi_aws/iot/get_registration_code.py +8 -8
  70. pulumi_aws/ivschat/logging_configuration.py +28 -0
  71. pulumi_aws/kinesis/get_stream.py +15 -1
  72. pulumi_aws/kinesis/stream.py +47 -0
  73. pulumi_aws/kms/key.py +7 -7
  74. pulumi_aws/licensemanager/license_grant.py +36 -0
  75. pulumi_aws/m2/environment.py +150 -0
  76. pulumi_aws/networkfirewall/tls_inspection_configuration.py +84 -0
  77. pulumi_aws/networkflowmonitor/__init__.py +12 -0
  78. pulumi_aws/networkflowmonitor/_inputs.py +412 -0
  79. pulumi_aws/networkflowmonitor/monitor.py +568 -0
  80. pulumi_aws/networkflowmonitor/outputs.py +302 -0
  81. pulumi_aws/networkflowmonitor/scope.py +443 -0
  82. pulumi_aws/observabilityadmin/__init__.py +11 -0
  83. pulumi_aws/observabilityadmin/_inputs.py +506 -0
  84. pulumi_aws/observabilityadmin/centralization_rule_for_organization.py +637 -0
  85. pulumi_aws/observabilityadmin/outputs.py +415 -0
  86. pulumi_aws/opensearch/_inputs.py +92 -133
  87. pulumi_aws/opensearch/authorize_vpc_endpoint_access.py +4 -4
  88. pulumi_aws/opensearch/domain.py +60 -0
  89. pulumi_aws/opensearch/get_domain.py +16 -9
  90. pulumi_aws/opensearch/outputs.py +131 -2
  91. pulumi_aws/organizations/get_policies.py +2 -2
  92. pulumi_aws/organizations/get_policies_for_target.py +2 -2
  93. pulumi_aws/organizations/get_policy.py +1 -1
  94. pulumi_aws/organizations/organization.py +7 -7
  95. pulumi_aws/organizations/policy.py +35 -7
  96. pulumi_aws/pulumi-plugin.json +1 -1
  97. pulumi_aws/quicksight/analysis.py +108 -0
  98. pulumi_aws/quicksight/dashboard.py +110 -0
  99. pulumi_aws/quicksight/template.py +126 -0
  100. pulumi_aws/redshift/cluster_snapshot.py +28 -0
  101. pulumi_aws/redshift/get_cluster.py +52 -0
  102. pulumi_aws/redshift/snapshot_copy_grant.py +22 -0
  103. pulumi_aws/route53/profiles_association.py +30 -0
  104. pulumi_aws/route53/profiles_resource_association.py +34 -0
  105. pulumi_aws/s3control/multi_region_access_point_policy.py +76 -0
  106. pulumi_aws/s3tables/table.py +76 -1
  107. pulumi_aws/s3tables/table_bucket.py +78 -3
  108. pulumi_aws/sagemaker/_inputs.py +225 -232
  109. pulumi_aws/sagemaker/endpoint_configuration.py +111 -64
  110. pulumi_aws/sagemaker/outputs.py +154 -158
  111. pulumi_aws/ssmincidents/get_response_plan.py +14 -0
  112. pulumi_aws/ssoadmin/account_assignment.py +4 -4
  113. pulumi_aws/transfer/profile.py +20 -0
  114. pulumi_aws/transfer/server.py +7 -0
  115. pulumi_aws/transfer/ssh_key.py +6 -6
  116. pulumi_aws/wafv2/rule_group.py +440 -0
  117. pulumi_aws/workspacesweb/session_logger_association.py +80 -0
  118. pulumi_aws/workspacesweb/trust_store_association.py +24 -0
  119. {pulumi_aws-7.11.1.dist-info → pulumi_aws-7.12.0.dist-info}/METADATA +1 -1
  120. {pulumi_aws-7.11.1.dist-info → pulumi_aws-7.12.0.dist-info}/RECORD +122 -107
  121. {pulumi_aws-7.11.1.dist-info → pulumi_aws-7.12.0.dist-info}/WHEEL +0 -0
  122. {pulumi_aws-7.11.1.dist-info → pulumi_aws-7.12.0.dist-info}/top_level.txt +0 -0
pulumi_aws/observabilityadmin/centralization_rule_for_organization.py ADDED
@@ -0,0 +1,637 @@
1
+ # coding=utf-8
2
+ # *** WARNING: this file was generated by pulumi-language-python. ***
3
+ # *** Do not edit by hand unless you're certain you know what you are doing! ***
4
+
5
+ import builtins as _builtins
6
+ import warnings
7
+ import sys
8
+ import pulumi
9
+ import pulumi.runtime
10
+ from typing import Any, Mapping, Optional, Sequence, Union, overload
11
+ if sys.version_info >= (3, 11):
12
+ from typing import NotRequired, TypedDict, TypeAlias
13
+ else:
14
+ from typing_extensions import NotRequired, TypedDict, TypeAlias
15
+ from .. import _utilities
16
+ from . import outputs
17
+ from ._inputs import *
18
+
19
+ __all__ = ['CentralizationRuleForOrganizationArgs', 'CentralizationRuleForOrganization']
20
+
21
+ @pulumi.input_type
22
+ class CentralizationRuleForOrganizationArgs:
23
+ def __init__(__self__, *,
24
+ rule_name: pulumi.Input[_builtins.str],
25
+ region: Optional[pulumi.Input[_builtins.str]] = None,
26
+ rule: Optional[pulumi.Input['CentralizationRuleForOrganizationRuleArgs']] = None,
27
+ tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
28
+ timeouts: Optional[pulumi.Input['CentralizationRuleForOrganizationTimeoutsArgs']] = None):
29
+ """
30
+ The set of arguments for constructing a CentralizationRuleForOrganization resource.
31
+ :param pulumi.Input[_builtins.str] rule_name: Name of the centralization rule. Must be unique within the organization.
32
+ :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
33
+ :param pulumi.Input['CentralizationRuleForOrganizationRuleArgs'] rule: Configuration block for the centralization rule. See `rule` below.
34
+
35
+ The following arguments are optional:
36
+ :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
37
+ """
38
+ pulumi.set(__self__, "rule_name", rule_name)
39
+ if region is not None:
40
+ pulumi.set(__self__, "region", region)
41
+ if rule is not None:
42
+ pulumi.set(__self__, "rule", rule)
43
+ if tags is not None:
44
+ pulumi.set(__self__, "tags", tags)
45
+ if timeouts is not None:
46
+ pulumi.set(__self__, "timeouts", timeouts)
47
+
48
+ @_builtins.property
49
+ @pulumi.getter(name="ruleName")
50
+ def rule_name(self) -> pulumi.Input[_builtins.str]:
51
+ """
52
+ Name of the centralization rule. Must be unique within the organization.
53
+ """
54
+ return pulumi.get(self, "rule_name")
55
+
56
+ @rule_name.setter
57
+ def rule_name(self, value: pulumi.Input[_builtins.str]):
58
+ pulumi.set(self, "rule_name", value)
59
+
60
+ @_builtins.property
61
+ @pulumi.getter
62
+ def region(self) -> Optional[pulumi.Input[_builtins.str]]:
63
+ """
64
+ Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
65
+ """
66
+ return pulumi.get(self, "region")
67
+
68
+ @region.setter
69
+ def region(self, value: Optional[pulumi.Input[_builtins.str]]):
70
+ pulumi.set(self, "region", value)
71
+
72
+ @_builtins.property
73
+ @pulumi.getter
74
+ def rule(self) -> Optional[pulumi.Input['CentralizationRuleForOrganizationRuleArgs']]:
75
+ """
76
+ Configuration block for the centralization rule. See `rule` below.
77
+
78
+ The following arguments are optional:
79
+ """
80
+ return pulumi.get(self, "rule")
81
+
82
+ @rule.setter
83
+ def rule(self, value: Optional[pulumi.Input['CentralizationRuleForOrganizationRuleArgs']]):
84
+ pulumi.set(self, "rule", value)
85
+
86
+ @_builtins.property
87
+ @pulumi.getter
88
+ def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
89
+ """
90
+ Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
91
+ """
92
+ return pulumi.get(self, "tags")
93
+
94
+ @tags.setter
95
+ def tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
96
+ pulumi.set(self, "tags", value)
97
+
98
+ @_builtins.property
99
+ @pulumi.getter
100
+ def timeouts(self) -> Optional[pulumi.Input['CentralizationRuleForOrganizationTimeoutsArgs']]:
101
+ return pulumi.get(self, "timeouts")
102
+
103
+ @timeouts.setter
104
+ def timeouts(self, value: Optional[pulumi.Input['CentralizationRuleForOrganizationTimeoutsArgs']]):
105
+ pulumi.set(self, "timeouts", value)
106
+
107
+
108
+ @pulumi.input_type
109
+ class _CentralizationRuleForOrganizationState:
110
+ def __init__(__self__, *,
111
+ region: Optional[pulumi.Input[_builtins.str]] = None,
112
+ rule: Optional[pulumi.Input['CentralizationRuleForOrganizationRuleArgs']] = None,
113
+ rule_arn: Optional[pulumi.Input[_builtins.str]] = None,
114
+ rule_name: Optional[pulumi.Input[_builtins.str]] = None,
115
+ tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
116
+ tags_all: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
117
+ timeouts: Optional[pulumi.Input['CentralizationRuleForOrganizationTimeoutsArgs']] = None):
118
+ """
119
+ Input properties used for looking up and filtering CentralizationRuleForOrganization resources.
120
+ :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
121
+ :param pulumi.Input['CentralizationRuleForOrganizationRuleArgs'] rule: Configuration block for the centralization rule. See `rule` below.
122
+
123
+ The following arguments are optional:
124
+ :param pulumi.Input[_builtins.str] rule_arn: ARN of the centralization rule.
125
+ :param pulumi.Input[_builtins.str] rule_name: Name of the centralization rule. Must be unique within the organization.
126
+ :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
127
+ :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags_all: Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
128
+ """
129
+ if region is not None:
130
+ pulumi.set(__self__, "region", region)
131
+ if rule is not None:
132
+ pulumi.set(__self__, "rule", rule)
133
+ if rule_arn is not None:
134
+ pulumi.set(__self__, "rule_arn", rule_arn)
135
+ if rule_name is not None:
136
+ pulumi.set(__self__, "rule_name", rule_name)
137
+ if tags is not None:
138
+ pulumi.set(__self__, "tags", tags)
139
+ if tags_all is not None:
140
+ pulumi.set(__self__, "tags_all", tags_all)
141
+ if timeouts is not None:
142
+ pulumi.set(__self__, "timeouts", timeouts)
143
+
144
+ @_builtins.property
145
+ @pulumi.getter
146
+ def region(self) -> Optional[pulumi.Input[_builtins.str]]:
147
+ """
148
+ Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
149
+ """
150
+ return pulumi.get(self, "region")
151
+
152
+ @region.setter
153
+ def region(self, value: Optional[pulumi.Input[_builtins.str]]):
154
+ pulumi.set(self, "region", value)
155
+
156
+ @_builtins.property
157
+ @pulumi.getter
158
+ def rule(self) -> Optional[pulumi.Input['CentralizationRuleForOrganizationRuleArgs']]:
159
+ """
160
+ Configuration block for the centralization rule. See `rule` below.
161
+
162
+ The following arguments are optional:
163
+ """
164
+ return pulumi.get(self, "rule")
165
+
166
+ @rule.setter
167
+ def rule(self, value: Optional[pulumi.Input['CentralizationRuleForOrganizationRuleArgs']]):
168
+ pulumi.set(self, "rule", value)
169
+
170
+ @_builtins.property
171
+ @pulumi.getter(name="ruleArn")
172
+ def rule_arn(self) -> Optional[pulumi.Input[_builtins.str]]:
173
+ """
174
+ ARN of the centralization rule.
175
+ """
176
+ return pulumi.get(self, "rule_arn")
177
+
178
+ @rule_arn.setter
179
+ def rule_arn(self, value: Optional[pulumi.Input[_builtins.str]]):
180
+ pulumi.set(self, "rule_arn", value)
181
+
182
+ @_builtins.property
183
+ @pulumi.getter(name="ruleName")
184
+ def rule_name(self) -> Optional[pulumi.Input[_builtins.str]]:
185
+ """
186
+ Name of the centralization rule. Must be unique within the organization.
187
+ """
188
+ return pulumi.get(self, "rule_name")
189
+
190
+ @rule_name.setter
191
+ def rule_name(self, value: Optional[pulumi.Input[_builtins.str]]):
192
+ pulumi.set(self, "rule_name", value)
193
+
194
+ @_builtins.property
195
+ @pulumi.getter
196
+ def tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
197
+ """
198
+ Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
199
+ """
200
+ return pulumi.get(self, "tags")
201
+
202
+ @tags.setter
203
+ def tags(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
204
+ pulumi.set(self, "tags", value)
205
+
206
+ @_builtins.property
207
+ @pulumi.getter(name="tagsAll")
208
+ def tags_all(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]:
209
+ """
210
+ Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
211
+ """
212
+ return pulumi.get(self, "tags_all")
213
+
214
+ @tags_all.setter
215
+ def tags_all(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]]):
216
+ pulumi.set(self, "tags_all", value)
217
+
218
+ @_builtins.property
219
+ @pulumi.getter
220
+ def timeouts(self) -> Optional[pulumi.Input['CentralizationRuleForOrganizationTimeoutsArgs']]:
221
+ return pulumi.get(self, "timeouts")
222
+
223
+ @timeouts.setter
224
+ def timeouts(self, value: Optional[pulumi.Input['CentralizationRuleForOrganizationTimeoutsArgs']]):
225
+ pulumi.set(self, "timeouts", value)
226
+
227
+
228
+ @pulumi.type_token("aws:observabilityadmin/centralizationRuleForOrganization:CentralizationRuleForOrganization")
229
+ class CentralizationRuleForOrganization(pulumi.CustomResource):
230
+ @overload
231
+ def __init__(__self__,
232
+ resource_name: str,
233
+ opts: Optional[pulumi.ResourceOptions] = None,
234
+ region: Optional[pulumi.Input[_builtins.str]] = None,
235
+ rule: Optional[pulumi.Input[Union['CentralizationRuleForOrganizationRuleArgs', 'CentralizationRuleForOrganizationRuleArgsDict']]] = None,
236
+ rule_name: Optional[pulumi.Input[_builtins.str]] = None,
237
+ tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
238
+ timeouts: Optional[pulumi.Input[Union['CentralizationRuleForOrganizationTimeoutsArgs', 'CentralizationRuleForOrganizationTimeoutsArgsDict']]] = None,
239
+ __props__=None):
240
+ """
241
+ Manages an AWS CloudWatch Observability Admin Centralization Rule For Organization.
242
+
243
+ Centralization rules enable you to centralize log data from multiple AWS accounts and regions within your organization to a single destination account and region. This helps with log management, compliance, and cost optimization by consolidating logs in a central location.
244
+
245
+ This requires an AWS account within an organization with at least [delegated administrator permissions](https://docs.aws.amazon.com/organizations/latest/APIReference/API_RegisterDelegatedAdministrator.html).
246
+
247
+ ## Example Usage
248
+
249
+ ### Basic Centralization Rule
250
+
251
+ ```python
252
+ import pulumi
253
+ import pulumi_aws as aws
254
+
255
+ current = aws.get_caller_identity()
256
+ current_get_organization = aws.organizations.get_organization()
257
+ example = aws.observabilityadmin.CentralizationRuleForOrganization("example",
258
+ rule_name="example-centralization-rule",
259
+ rule={
260
+ "destination": {
261
+ "region": "eu-west-1",
262
+ "account": current.account_id,
263
+ },
264
+ "source": {
265
+ "regions": ["ap-southeast-1"],
266
+ "scope": f"OrganizationId = '{current_get_organization.id}'",
267
+ "source_logs_configuration": {
268
+ "encrypted_log_group_strategy": "SKIP",
269
+ "log_group_selection_criteria": "*",
270
+ },
271
+ },
272
+ },
273
+ tags={
274
+ "Name": "example-centralization-rule",
275
+ "Environment": "production",
276
+ })
277
+ ```
278
+
279
+ ### Advanced Configuration with Encryption and Backup
280
+
281
+ ```python
282
+ import pulumi
283
+ import pulumi_aws as aws
284
+
285
+ current = aws.get_caller_identity()
286
+ current_get_organization = aws.organizations.get_organization()
287
+ advanced = aws.observabilityadmin.CentralizationRuleForOrganization("advanced",
288
+ rule_name="advanced-centralization-rule",
289
+ rule={
290
+ "destination": {
291
+ "region": "eu-west-1",
292
+ "account": current.account_id,
293
+ "destination_logs_configuration": {
294
+ "logs_encryption_configuration": {
295
+ "encryption_strategy": "AWS_OWNED",
296
+ },
297
+ "backup_configuration": {
298
+ "region": "us-west-1",
299
+ },
300
+ },
301
+ },
302
+ "source": {
303
+ "regions": [
304
+ "ap-southeast-1",
305
+ "us-east-1",
306
+ ],
307
+ "scope": f"OrganizationId = '{current_get_organization.id}'",
308
+ "source_logs_configuration": {
309
+ "encrypted_log_group_strategy": "ALLOW",
310
+ "log_group_selection_criteria": "*",
311
+ },
312
+ },
313
+ },
314
+ tags={
315
+ "Name": "advanced-centralization-rule",
316
+ "Environment": "production",
317
+ "Team": "observability",
318
+ })
319
+ ```
320
+
321
+ ### Selective Log Group Filtering
322
+
323
+ ```python
324
+ import pulumi
325
+ import pulumi_aws as aws
326
+
327
+ current = aws.get_caller_identity()
328
+ current_get_organization = aws.organizations.get_organization()
329
+ filtered = aws.observabilityadmin.CentralizationRuleForOrganization("filtered",
330
+ rule_name="filtered-centralization-rule",
331
+ rule={
332
+ "destination": {
333
+ "region": "eu-west-1",
334
+ "account": current.account_id,
335
+ },
336
+ "source": {
337
+ "regions": [
338
+ "ap-southeast-1",
339
+ "us-east-1",
340
+ ],
341
+ "scope": f"OrganizationId = '{current_get_organization.id}'",
342
+ "source_logs_configuration": {
343
+ "encrypted_log_group_strategy": "ALLOW",
344
+ "log_group_selection_criteria": "LogGroupName LIKE '/aws/lambda%'",
345
+ },
346
+ },
347
+ },
348
+ tags={
349
+ "Name": "filtered-centralization-rule",
350
+ "Filter": "lambda-logs",
351
+ })
352
+ ```
353
+
354
+ ## Import
355
+
356
+ Using `pulumi import`, import CloudWatch Observability Admin Centralization Rule For Organization using the `rule_name`. For example:
357
+
358
+ ```sh
359
+ $ pulumi import aws:observabilityadmin/centralizationRuleForOrganization:CentralizationRuleForOrganization example example-centralization-rule
360
+ ```
361
+
362
+ :param str resource_name: The name of the resource.
363
+ :param pulumi.ResourceOptions opts: Options for the resource.
364
+ :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
365
+ :param pulumi.Input[Union['CentralizationRuleForOrganizationRuleArgs', 'CentralizationRuleForOrganizationRuleArgsDict']] rule: Configuration block for the centralization rule. See `rule` below.
366
+
367
+ The following arguments are optional:
368
+ :param pulumi.Input[_builtins.str] rule_name: Name of the centralization rule. Must be unique within the organization.
369
+ :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
370
+ """
371
+ ...
372
+ @overload
373
+ def __init__(__self__,
374
+ resource_name: str,
375
+ args: CentralizationRuleForOrganizationArgs,
376
+ opts: Optional[pulumi.ResourceOptions] = None):
377
+ """
378
+ Manages an AWS CloudWatch Observability Admin Centralization Rule For Organization.
379
+
380
+ Centralization rules enable you to centralize log data from multiple AWS accounts and regions within your organization to a single destination account and region. This helps with log management, compliance, and cost optimization by consolidating logs in a central location.
381
+
382
+ This requires an AWS account within an organization with at least [delegated administrator permissions](https://docs.aws.amazon.com/organizations/latest/APIReference/API_RegisterDelegatedAdministrator.html).
383
+
384
+ ## Example Usage
385
+
386
+ ### Basic Centralization Rule
387
+
388
+ ```python
389
+ import pulumi
390
+ import pulumi_aws as aws
391
+
392
+ current = aws.get_caller_identity()
393
+ current_get_organization = aws.organizations.get_organization()
394
+ example = aws.observabilityadmin.CentralizationRuleForOrganization("example",
395
+ rule_name="example-centralization-rule",
396
+ rule={
397
+ "destination": {
398
+ "region": "eu-west-1",
399
+ "account": current.account_id,
400
+ },
401
+ "source": {
402
+ "regions": ["ap-southeast-1"],
403
+ "scope": f"OrganizationId = '{current_get_organization.id}'",
404
+ "source_logs_configuration": {
405
+ "encrypted_log_group_strategy": "SKIP",
406
+ "log_group_selection_criteria": "*",
407
+ },
408
+ },
409
+ },
410
+ tags={
411
+ "Name": "example-centralization-rule",
412
+ "Environment": "production",
413
+ })
414
+ ```
415
+
416
+ ### Advanced Configuration with Encryption and Backup
417
+
418
+ ```python
419
+ import pulumi
420
+ import pulumi_aws as aws
421
+
422
+ current = aws.get_caller_identity()
423
+ current_get_organization = aws.organizations.get_organization()
424
+ advanced = aws.observabilityadmin.CentralizationRuleForOrganization("advanced",
425
+ rule_name="advanced-centralization-rule",
426
+ rule={
427
+ "destination": {
428
+ "region": "eu-west-1",
429
+ "account": current.account_id,
430
+ "destination_logs_configuration": {
431
+ "logs_encryption_configuration": {
432
+ "encryption_strategy": "AWS_OWNED",
433
+ },
434
+ "backup_configuration": {
435
+ "region": "us-west-1",
436
+ },
437
+ },
438
+ },
439
+ "source": {
440
+ "regions": [
441
+ "ap-southeast-1",
442
+ "us-east-1",
443
+ ],
444
+ "scope": f"OrganizationId = '{current_get_organization.id}'",
445
+ "source_logs_configuration": {
446
+ "encrypted_log_group_strategy": "ALLOW",
447
+ "log_group_selection_criteria": "*",
448
+ },
449
+ },
450
+ },
451
+ tags={
452
+ "Name": "advanced-centralization-rule",
453
+ "Environment": "production",
454
+ "Team": "observability",
455
+ })
456
+ ```
457
+
458
+ ### Selective Log Group Filtering
459
+
460
+ ```python
461
+ import pulumi
462
+ import pulumi_aws as aws
463
+
464
+ current = aws.get_caller_identity()
465
+ current_get_organization = aws.organizations.get_organization()
466
+ filtered = aws.observabilityadmin.CentralizationRuleForOrganization("filtered",
467
+ rule_name="filtered-centralization-rule",
468
+ rule={
469
+ "destination": {
470
+ "region": "eu-west-1",
471
+ "account": current.account_id,
472
+ },
473
+ "source": {
474
+ "regions": [
475
+ "ap-southeast-1",
476
+ "us-east-1",
477
+ ],
478
+ "scope": f"OrganizationId = '{current_get_organization.id}'",
479
+ "source_logs_configuration": {
480
+ "encrypted_log_group_strategy": "ALLOW",
481
+ "log_group_selection_criteria": "LogGroupName LIKE '/aws/lambda%'",
482
+ },
483
+ },
484
+ },
485
+ tags={
486
+ "Name": "filtered-centralization-rule",
487
+ "Filter": "lambda-logs",
488
+ })
489
+ ```
490
+
491
+ ## Import
492
+
493
+ Using `pulumi import`, import CloudWatch Observability Admin Centralization Rule For Organization using the `rule_name`. For example:
494
+
495
+ ```sh
496
+ $ pulumi import aws:observabilityadmin/centralizationRuleForOrganization:CentralizationRuleForOrganization example example-centralization-rule
497
+ ```
498
+
499
+ :param str resource_name: The name of the resource.
500
+ :param CentralizationRuleForOrganizationArgs args: The arguments to use to populate this resource's properties.
501
+ :param pulumi.ResourceOptions opts: Options for the resource.
502
+ """
503
+ ...
504
+ def __init__(__self__, resource_name: str, *args, **kwargs):
505
+ resource_args, opts = _utilities.get_resource_args_opts(CentralizationRuleForOrganizationArgs, pulumi.ResourceOptions, *args, **kwargs)
506
+ if resource_args is not None:
507
+ __self__._internal_init(resource_name, opts, **resource_args.__dict__)
508
+ else:
509
+ __self__._internal_init(resource_name, *args, **kwargs)
510
+
511
+ def _internal_init(__self__,
512
+ resource_name: str,
513
+ opts: Optional[pulumi.ResourceOptions] = None,
514
+ region: Optional[pulumi.Input[_builtins.str]] = None,
515
+ rule: Optional[pulumi.Input[Union['CentralizationRuleForOrganizationRuleArgs', 'CentralizationRuleForOrganizationRuleArgsDict']]] = None,
516
+ rule_name: Optional[pulumi.Input[_builtins.str]] = None,
517
+ tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
518
+ timeouts: Optional[pulumi.Input[Union['CentralizationRuleForOrganizationTimeoutsArgs', 'CentralizationRuleForOrganizationTimeoutsArgsDict']]] = None,
519
+ __props__=None):
520
+ opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
521
+ if not isinstance(opts, pulumi.ResourceOptions):
522
+ raise TypeError('Expected resource options to be a ResourceOptions instance')
523
+ if opts.id is None:
524
+ if __props__ is not None:
525
+ raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
526
+ __props__ = CentralizationRuleForOrganizationArgs.__new__(CentralizationRuleForOrganizationArgs)
527
+
528
+ __props__.__dict__["region"] = region
529
+ __props__.__dict__["rule"] = rule
530
+ if rule_name is None and not opts.urn:
531
+ raise TypeError("Missing required property 'rule_name'")
532
+ __props__.__dict__["rule_name"] = rule_name
533
+ __props__.__dict__["tags"] = tags
534
+ __props__.__dict__["timeouts"] = timeouts
535
+ __props__.__dict__["rule_arn"] = None
536
+ __props__.__dict__["tags_all"] = None
537
+ super(CentralizationRuleForOrganization, __self__).__init__(
538
+ 'aws:observabilityadmin/centralizationRuleForOrganization:CentralizationRuleForOrganization',
539
+ resource_name,
540
+ __props__,
541
+ opts)
542
+
543
+ @staticmethod
544
+ def get(resource_name: str,
545
+ id: pulumi.Input[str],
546
+ opts: Optional[pulumi.ResourceOptions] = None,
547
+ region: Optional[pulumi.Input[_builtins.str]] = None,
548
+ rule: Optional[pulumi.Input[Union['CentralizationRuleForOrganizationRuleArgs', 'CentralizationRuleForOrganizationRuleArgsDict']]] = None,
549
+ rule_arn: Optional[pulumi.Input[_builtins.str]] = None,
550
+ rule_name: Optional[pulumi.Input[_builtins.str]] = None,
551
+ tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
552
+ tags_all: Optional[pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]]] = None,
553
+ timeouts: Optional[pulumi.Input[Union['CentralizationRuleForOrganizationTimeoutsArgs', 'CentralizationRuleForOrganizationTimeoutsArgsDict']]] = None) -> 'CentralizationRuleForOrganization':
554
+ """
555
+ Get an existing CentralizationRuleForOrganization resource's state with the given name, id, and optional extra
556
+ properties used to qualify the lookup.
557
+
558
+ :param str resource_name: The unique name of the resulting resource.
559
+ :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
560
+ :param pulumi.ResourceOptions opts: Options for the resource.
561
+ :param pulumi.Input[_builtins.str] region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
562
+ :param pulumi.Input[Union['CentralizationRuleForOrganizationRuleArgs', 'CentralizationRuleForOrganizationRuleArgsDict']] rule: Configuration block for the centralization rule. See `rule` below.
563
+
564
+ The following arguments are optional:
565
+ :param pulumi.Input[_builtins.str] rule_arn: ARN of the centralization rule.
566
+ :param pulumi.Input[_builtins.str] rule_name: Name of the centralization rule. Must be unique within the organization.
567
+ :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags: Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
568
+ :param pulumi.Input[Mapping[str, pulumi.Input[_builtins.str]]] tags_all: Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
569
+ """
570
+ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
571
+
572
+ __props__ = _CentralizationRuleForOrganizationState.__new__(_CentralizationRuleForOrganizationState)
573
+
574
+ __props__.__dict__["region"] = region
575
+ __props__.__dict__["rule"] = rule
576
+ __props__.__dict__["rule_arn"] = rule_arn
577
+ __props__.__dict__["rule_name"] = rule_name
578
+ __props__.__dict__["tags"] = tags
579
+ __props__.__dict__["tags_all"] = tags_all
580
+ __props__.__dict__["timeouts"] = timeouts
581
+ return CentralizationRuleForOrganization(resource_name, opts=opts, __props__=__props__)
582
+
583
+ @_builtins.property
584
+ @pulumi.getter
585
+ def region(self) -> pulumi.Output[_builtins.str]:
586
+ """
587
+ Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
588
+ """
589
+ return pulumi.get(self, "region")
590
+
591
+ @_builtins.property
592
+ @pulumi.getter
593
+ def rule(self) -> pulumi.Output[Optional['outputs.CentralizationRuleForOrganizationRule']]:
594
+ """
595
+ Configuration block for the centralization rule. See `rule` below.
596
+
597
+ The following arguments are optional:
598
+ """
599
+ return pulumi.get(self, "rule")
600
+
601
+ @_builtins.property
602
+ @pulumi.getter(name="ruleArn")
603
+ def rule_arn(self) -> pulumi.Output[_builtins.str]:
604
+ """
605
+ ARN of the centralization rule.
606
+ """
607
+ return pulumi.get(self, "rule_arn")
608
+
609
+ @_builtins.property
610
+ @pulumi.getter(name="ruleName")
611
+ def rule_name(self) -> pulumi.Output[_builtins.str]:
612
+ """
613
+ Name of the centralization rule. Must be unique within the organization.
614
+ """
615
+ return pulumi.get(self, "rule_name")
616
+
617
+ @_builtins.property
618
+ @pulumi.getter
619
+ def tags(self) -> pulumi.Output[Optional[Mapping[str, _builtins.str]]]:
620
+ """
621
+ Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
622
+ """
623
+ return pulumi.get(self, "tags")
624
+
625
+ @_builtins.property
626
+ @pulumi.getter(name="tagsAll")
627
+ def tags_all(self) -> pulumi.Output[Mapping[str, _builtins.str]]:
628
+ """
629
+ Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
630
+ """
631
+ return pulumi.get(self, "tags_all")
632
+
633
+ @_builtins.property
634
+ @pulumi.getter
635
+ def timeouts(self) -> pulumi.Output[Optional['outputs.CentralizationRuleForOrganizationTimeouts']]:
636
+ return pulumi.get(self, "timeouts")
637
+