com.pulumi.aws.shield.kotlin.ProtectionGroupArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-aws-kotlin Show documentation
Show all versions of pulumi-aws-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.aws.shield.kotlin
import com.pulumi.aws.shield.ProtectionGroupArgs.builder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.Pair
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.collections.Map
import kotlin.jvm.JvmName
/**
* Creates a grouping of protected resources so they can be handled as a collective.
* This resource grouping improves the accuracy of detection and reduces false positives. For more information see
* [Managing AWS Shield Advanced protection groups](https://docs.aws.amazon.com/waf/latest/developerguide/manage-protection-group.html)
* ## Example Usage
* ### Create protection group for all resources
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
* const example = new aws.shield.ProtectionGroup("example", {
* protectionGroupId: "example",
* aggregation: "MAX",
* pattern: "ALL",
* });
* ```
* ```python
* import pulumi
* import pulumi_aws as aws
* example = aws.shield.ProtectionGroup("example",
* protection_group_id="example",
* aggregation="MAX",
* pattern="ALL")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Aws = Pulumi.Aws;
* return await Deployment.RunAsync(() =>
* {
* var example = new Aws.Shield.ProtectionGroup("example", new()
* {
* ProtectionGroupId = "example",
* Aggregation = "MAX",
* Pattern = "ALL",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := shield.NewProtectionGroup(ctx, "example", &shield.ProtectionGroupArgs{
* ProtectionGroupId: pulumi.String("example"),
* Aggregation: pulumi.String("MAX"),
* Pattern: pulumi.String("ALL"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.aws.shield.ProtectionGroup;
* import com.pulumi.aws.shield.ProtectionGroupArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var example = new ProtectionGroup("example", ProtectionGroupArgs.builder()
* .protectionGroupId("example")
* .aggregation("MAX")
* .pattern("ALL")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: aws:shield:ProtectionGroup
* properties:
* protectionGroupId: example
* aggregation: MAX
* pattern: ALL
* ```
*
* ### Create protection group for arbitrary number of resources
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
* const current = aws.getRegion({});
* const currentGetCallerIdentity = aws.getCallerIdentity({});
* const example = new aws.ec2.Eip("example", {domain: "vpc"});
* const exampleProtection = new aws.shield.Protection("example", {
* name: "example",
* resourceArn: pulumi.all([current, currentGetCallerIdentity, example.id]).apply(([current, currentGetCallerIdentity, id]) => `arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`),
* });
* const exampleProtectionGroup = new aws.shield.ProtectionGroup("example", {
* protectionGroupId: "example",
* aggregation: "MEAN",
* pattern: "ARBITRARY",
* members: [pulumi.all([current, currentGetCallerIdentity, example.id]).apply(([current, currentGetCallerIdentity, id]) => `arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${id}`)],
* }, {
* dependsOn: [exampleProtection],
* });
* ```
* ```python
* import pulumi
* import pulumi_aws as aws
* current = aws.get_region()
* current_get_caller_identity = aws.get_caller_identity()
* example = aws.ec2.Eip("example", domain="vpc")
* example_protection = aws.shield.Protection("example",
* name="example",
* resource_arn=example.id.apply(lambda id: f"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}"))
* example_protection_group = aws.shield.ProtectionGroup("example",
* protection_group_id="example",
* aggregation="MEAN",
* pattern="ARBITRARY",
* members=[example.id.apply(lambda id: f"arn:aws:ec2:{current.name}:{current_get_caller_identity.account_id}:eip-allocation/{id}")],
* opts = pulumi.ResourceOptions(depends_on=[example_protection]))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Aws = Pulumi.Aws;
* return await Deployment.RunAsync(() =>
* {
* var current = Aws.GetRegion.Invoke();
* var currentGetCallerIdentity = Aws.GetCallerIdentity.Invoke();
* var example = new Aws.Ec2.Eip("example", new()
* {
* Domain = "vpc",
* });
* var exampleProtection = new Aws.Shield.Protection("example", new()
* {
* Name = "example",
* ResourceArn = Output.Tuple(current, currentGetCallerIdentity, example.Id).Apply(values =>
* {
* var current = values.Item1;
* var currentGetCallerIdentity = values.Item2;
* var id = values.Item3;
* return $"arn:aws:ec2:{current.Apply(getRegionResult => getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId)}:eip-allocation/{id}";
* }),
* });
* var exampleProtectionGroup = new Aws.Shield.ProtectionGroup("example", new()
* {
* ProtectionGroupId = "example",
* Aggregation = "MEAN",
* Pattern = "ARBITRARY",
* Members = new[]
* {
* Output.Tuple(current, currentGetCallerIdentity, example.Id).Apply(values =>
* {
* var current = values.Item1;
* var currentGetCallerIdentity = values.Item2;
* var id = values.Item3;
* return $"arn:aws:ec2:{current.Apply(getRegionResult => getRegionResult.Name)}:{currentGetCallerIdentity.Apply(getCallerIdentityResult => getCallerIdentityResult.AccountId)}:eip-allocation/{id}";
* }),
* },
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* exampleProtection,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
* "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
* "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* current, err := aws.GetRegion(ctx, &aws.GetRegionArgs{}, nil)
* if err != nil {
* return err
* }
* currentGetCallerIdentity, err := aws.GetCallerIdentity(ctx, &aws.GetCallerIdentityArgs{}, nil)
* if err != nil {
* return err
* }
* example, err := ec2.NewEip(ctx, "example", &ec2.EipArgs{
* Domain: pulumi.String("vpc"),
* })
* if err != nil {
* return err
* }
* exampleProtection, err := shield.NewProtection(ctx, "example", &shield.ProtectionArgs{
* Name: pulumi.String("example"),
* ResourceArn: example.ID().ApplyT(func(id string) (string, error) {
* return fmt.Sprintf("arn:aws:ec2:%v:%v:eip-allocation/%v", current.Name, currentGetCallerIdentity.AccountId, id), nil
* }).(pulumi.StringOutput),
* })
* if err != nil {
* return err
* }
* _, err = shield.NewProtectionGroup(ctx, "example", &shield.ProtectionGroupArgs{
* ProtectionGroupId: pulumi.String("example"),
* Aggregation: pulumi.String("MEAN"),
* Pattern: pulumi.String("ARBITRARY"),
* Members: pulumi.StringArray{
* example.ID().ApplyT(func(id string) (string, error) {
* return fmt.Sprintf("arn:aws:ec2:%v:%v:eip-allocation/%v", current.Name, currentGetCallerIdentity.AccountId, id), nil
* }).(pulumi.StringOutput),
* },
* }, pulumi.DependsOn([]pulumi.Resource{
* exampleProtection,
* }))
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.aws.AwsFunctions;
* import com.pulumi.aws.inputs.GetRegionArgs;
* import com.pulumi.aws.inputs.GetCallerIdentityArgs;
* import com.pulumi.aws.ec2.Eip;
* import com.pulumi.aws.ec2.EipArgs;
* import com.pulumi.aws.shield.Protection;
* import com.pulumi.aws.shield.ProtectionArgs;
* import com.pulumi.aws.shield.ProtectionGroup;
* import com.pulumi.aws.shield.ProtectionGroupArgs;
* import com.pulumi.resources.CustomResourceOptions;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var current = AwsFunctions.getRegion();
* final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();
* var example = new Eip("example", EipArgs.builder()
* .domain("vpc")
* .build());
* var exampleProtection = new Protection("exampleProtection", ProtectionArgs.builder()
* .name("example")
* .resourceArn(example.id().applyValue(id -> String.format("arn:aws:ec2:%s:%s:eip-allocation/%s", current.applyValue(getRegionResult -> getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()),id)))
* .build());
* var exampleProtectionGroup = new ProtectionGroup("exampleProtectionGroup", ProtectionGroupArgs.builder()
* .protectionGroupId("example")
* .aggregation("MEAN")
* .pattern("ARBITRARY")
* .members(example.id().applyValue(id -> String.format("arn:aws:ec2:%s:%s:eip-allocation/%s", current.applyValue(getRegionResult -> getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()),id)))
* .build(), CustomResourceOptions.builder()
* .dependsOn(exampleProtection)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: aws:ec2:Eip
* properties:
* domain: vpc
* exampleProtection:
* type: aws:shield:Protection
* name: example
* properties:
* name: example
* resourceArn: arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${example.id}
* exampleProtectionGroup:
* type: aws:shield:ProtectionGroup
* name: example
* properties:
* protectionGroupId: example
* aggregation: MEAN
* pattern: ARBITRARY
* members:
* - arn:aws:ec2:${current.name}:${currentGetCallerIdentity.accountId}:eip-allocation/${example.id}
* options:
* dependson:
* - ${exampleProtection}
* variables:
* current:
* fn::invoke:
* Function: aws:getRegion
* Arguments: {}
* currentGetCallerIdentity:
* fn::invoke:
* Function: aws:getCallerIdentity
* Arguments: {}
* ```
*
* ### Create protection group for a type of resource
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
* const example = new aws.shield.ProtectionGroup("example", {
* protectionGroupId: "example",
* aggregation: "SUM",
* pattern: "BY_RESOURCE_TYPE",
* resourceType: "ELASTIC_IP_ALLOCATION",
* });
* ```
* ```python
* import pulumi
* import pulumi_aws as aws
* example = aws.shield.ProtectionGroup("example",
* protection_group_id="example",
* aggregation="SUM",
* pattern="BY_RESOURCE_TYPE",
* resource_type="ELASTIC_IP_ALLOCATION")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Aws = Pulumi.Aws;
* return await Deployment.RunAsync(() =>
* {
* var example = new Aws.Shield.ProtectionGroup("example", new()
* {
* ProtectionGroupId = "example",
* Aggregation = "SUM",
* Pattern = "BY_RESOURCE_TYPE",
* ResourceType = "ELASTIC_IP_ALLOCATION",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/shield"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* _, err := shield.NewProtectionGroup(ctx, "example", &shield.ProtectionGroupArgs{
* ProtectionGroupId: pulumi.String("example"),
* Aggregation: pulumi.String("SUM"),
* Pattern: pulumi.String("BY_RESOURCE_TYPE"),
* ResourceType: pulumi.String("ELASTIC_IP_ALLOCATION"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.aws.shield.ProtectionGroup;
* import com.pulumi.aws.shield.ProtectionGroupArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var example = new ProtectionGroup("example", ProtectionGroupArgs.builder()
* .protectionGroupId("example")
* .aggregation("SUM")
* .pattern("BY_RESOURCE_TYPE")
* .resourceType("ELASTIC_IP_ALLOCATION")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: aws:shield:ProtectionGroup
* properties:
* protectionGroupId: example
* aggregation: SUM
* pattern: BY_RESOURCE_TYPE
* resourceType: ELASTIC_IP_ALLOCATION
* ```
*
* ## Import
* Using `pulumi import`, import Shield protection group resources using their protection group id. For example:
* ```sh
* $ pulumi import aws:shield/protectionGroup:ProtectionGroup example example
* ```
* @property aggregation Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
* @property members The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `pattern` to ARBITRARY and you must not set it for any other `pattern` setting.
* @property pattern The criteria to use to choose the protected resources for inclusion in the group.
* @property protectionGroupId The name of the protection group.
* @property resourceType The resource type to include in the protection group. You must set this when you set `pattern` to BY_RESOURCE_TYPE and you must not set it for any other `pattern` setting.
* @property tags Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
public data class ProtectionGroupArgs(
public val aggregation: Output? = null,
public val members: Output>? = null,
public val pattern: Output? = null,
public val protectionGroupId: Output? = null,
public val resourceType: Output? = null,
public val tags: Output>? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.aws.shield.ProtectionGroupArgs =
com.pulumi.aws.shield.ProtectionGroupArgs.builder()
.aggregation(aggregation?.applyValue({ args0 -> args0 }))
.members(members?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.pattern(pattern?.applyValue({ args0 -> args0 }))
.protectionGroupId(protectionGroupId?.applyValue({ args0 -> args0 }))
.resourceType(resourceType?.applyValue({ args0 -> args0 }))
.tags(
tags?.applyValue({ args0 ->
args0.map({ args0 ->
args0.key.to(args0.value)
}).toMap()
}),
).build()
}
/**
* Builder for [ProtectionGroupArgs].
*/
@PulumiTagMarker
public class ProtectionGroupArgsBuilder internal constructor() {
private var aggregation: Output? = null
private var members: Output>? = null
private var pattern: Output? = null
private var protectionGroupId: Output? = null
private var resourceType: Output? = null
private var tags: Output>? = null
/**
* @param value Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
*/
@JvmName("nhcffpkqlhbordmd")
public suspend fun aggregation(`value`: Output) {
this.aggregation = value
}
/**
* @param value The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `pattern` to ARBITRARY and you must not set it for any other `pattern` setting.
*/
@JvmName("rkgkwausvopmivun")
public suspend fun members(`value`: Output>) {
this.members = value
}
@JvmName("muxqnipeafebgeil")
public suspend fun members(vararg values: Output) {
this.members = Output.all(values.asList())
}
/**
* @param values The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `pattern` to ARBITRARY and you must not set it for any other `pattern` setting.
*/
@JvmName("vmxdmuyjvpqimsgb")
public suspend fun members(values: List>) {
this.members = Output.all(values)
}
/**
* @param value The criteria to use to choose the protected resources for inclusion in the group.
*/
@JvmName("mycxyxxkpvvoeqau")
public suspend fun pattern(`value`: Output) {
this.pattern = value
}
/**
* @param value The name of the protection group.
*/
@JvmName("efrrukfpkqdrylwn")
public suspend fun protectionGroupId(`value`: Output) {
this.protectionGroupId = value
}
/**
* @param value The resource type to include in the protection group. You must set this when you set `pattern` to BY_RESOURCE_TYPE and you must not set it for any other `pattern` setting.
*/
@JvmName("cfcngeywskgioxwr")
public suspend fun resourceType(`value`: Output) {
this.resourceType = value
}
/**
* @param value Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
@JvmName("hkxobqrstqxlmyob")
public suspend fun tags(`value`: Output>) {
this.tags = value
}
/**
* @param value Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
*/
@JvmName("huimybjjidlelsqs")
public suspend fun aggregation(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.aggregation = mapped
}
/**
* @param value The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `pattern` to ARBITRARY and you must not set it for any other `pattern` setting.
*/
@JvmName("nhymjlrpmrpeuary")
public suspend fun members(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.members = mapped
}
/**
* @param values The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `pattern` to ARBITRARY and you must not set it for any other `pattern` setting.
*/
@JvmName("bbhxupdiqinbtnfb")
public suspend fun members(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.members = mapped
}
/**
* @param value The criteria to use to choose the protected resources for inclusion in the group.
*/
@JvmName("alvkwrfwouovflgv")
public suspend fun pattern(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.pattern = mapped
}
/**
* @param value The name of the protection group.
*/
@JvmName("cpeatririkqnqicd")
public suspend fun protectionGroupId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.protectionGroupId = mapped
}
/**
* @param value The resource type to include in the protection group. You must set this when you set `pattern` to BY_RESOURCE_TYPE and you must not set it for any other `pattern` setting.
*/
@JvmName("lvvlvheqjkdgwiam")
public suspend fun resourceType(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.resourceType = mapped
}
/**
* @param value Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
@JvmName("cjkyqapupvpnxmmj")
public suspend fun tags(`value`: Map?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tags = mapped
}
/**
* @param values Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
@JvmName("krthbbijmkwglklj")
public fun tags(vararg values: Pair) {
val toBeMapped = values.toMap()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.tags = mapped
}
internal fun build(): ProtectionGroupArgs = ProtectionGroupArgs(
aggregation = aggregation,
members = members,
pattern = pattern,
protectionGroupId = protectionGroupId,
resourceType = resourceType,
tags = tags,
)
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy