pulumi-aws-kotlin/com.pulumi.aws.cfg.kotlin/DeliveryChannel

DeliveryChannel

class DeliveryChannel : KotlinCustomResource

Provides an AWS Config Delivery Channel.

Note: Delivery Channel requires a Configuration Recorder to be present. Use of depends_on (as shown below) is recommended to avoid race conditions.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.cfg.Recorder;
import com.pulumi.aws.cfg.RecorderArgs;
import com.pulumi.aws.cfg.DeliveryChannel;
import com.pulumi.aws.cfg.DeliveryChannelArgs;
import com.pulumi.aws.iam.RolePolicy;
import com.pulumi.aws.iam.RolePolicyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()
            .forceDestroy(true)
            .build());
        var role = new Role("role", RoleArgs.builder()
            .assumeRolePolicy("""
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {
        "Service": "config.amazonaws.com"
      },
      "Effect": "Allow",
      "Sid": ""
    }
  ]
}
            """)
            .build());
        var fooRecorder = new Recorder("fooRecorder", RecorderArgs.builder()
            .roleArn(role.arn())
            .build());
        var fooDeliveryChannel = new DeliveryChannel("fooDeliveryChannel", DeliveryChannelArgs.builder()
            .s3BucketName(bucketV2.bucket())
            .build(), CustomResourceOptions.builder()
                .dependsOn(fooRecorder)
                .build());
        var rolePolicy = new RolePolicy("rolePolicy", RolePolicyArgs.builder()
            .role(role.id())
            .policy(Output.tuple(bucketV2.arn(), bucketV2.arn()).applyValue(values -> {
                var bucketV2Arn = values.t1;
                var bucketV2Arn1 = values.t2;
                return """
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:*"
      ],
      "Effect": "Allow",
      "Resource": [
        "%s",
        "%s/*"
      ]
    }
  ]
}
", bucketV2Arn,bucketV2Arn1);
            }))
            .build());
    }
}

Import

Delivery Channel can be imported using the name, e.g.,

$ pulumi import aws:cfg/deliveryChannel:DeliveryChannel foo example

Properties

val id: Output<String>

name

val name: Output<String>

The name of the delivery channel. Defaults to default. Changing it recreates the resource.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

s3BucketName

val s3BucketName: Output<String>

The name of the S3 bucket used to store the configuration history.

s3KeyPrefix

val s3KeyPrefix: Output<String>?

The prefix for the specified S3 bucket.

s3KmsKeyArn

val s3KmsKeyArn: Output<String>?

The ARN of the AWS KMS key used to encrypt objects delivered by AWS Config. Must belong to the same Region as the destination S3 bucket.

snapshotDeliveryProperties

val snapshotDeliveryProperties: Output<DeliveryChannelSnapshotDeliveryProperties>?

Options for how AWS Config delivers configuration snapshots. See below

snsTopicArn

val snsTopicArn: Output<String>?

The ARN of the SNS topic that AWS Config delivers notifications to.

urn

val urn: Output<String>