pulumi-aws-kotlin/com.pulumi.aws.cfg.kotlin/RecorderStatus

RecorderStatus

class RecorderStatus : KotlinCustomResource

Manages status (recording / stopped) of an AWS Config Configuration Recorder.

Note: Starting Configuration Recorder requires a Delivery Channel to be present. Use of depends_on (as shown below) is recommended to avoid race conditions.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.cfg.DeliveryChannel;
import com.pulumi.aws.cfg.DeliveryChannelArgs;
import com.pulumi.aws.cfg.RecorderStatus;
import com.pulumi.aws.cfg.RecorderStatusArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.cfg.Recorder;
import com.pulumi.aws.cfg.RecorderArgs;
import com.pulumi.aws.iam.RolePolicy;
import com.pulumi.aws.iam.RolePolicyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var bucketV2 = new BucketV2("bucketV2");
        var fooDeliveryChannel = new DeliveryChannel("fooDeliveryChannel", DeliveryChannelArgs.builder()
            .s3BucketName(bucketV2.bucket())
            .build());
        var fooRecorderStatus = new RecorderStatus("fooRecorderStatus", RecorderStatusArgs.builder()
            .isEnabled(true)
            .build(), CustomResourceOptions.builder()
                .dependsOn(fooDeliveryChannel)
                .build());
        var role = new Role("role", RoleArgs.builder()
            .assumeRolePolicy("""
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {
        "Service": "config.amazonaws.com"
      },
      "Effect": "Allow",
      "Sid": ""
    }
  ]
}
            """)
            .build());
        var rolePolicyAttachment = new RolePolicyAttachment("rolePolicyAttachment", RolePolicyAttachmentArgs.builder()
            .role(role.name())
            .policyArn("arn:aws:iam::aws:policy/service-role/AWSConfigRole")
            .build());
        var fooRecorder = new Recorder("fooRecorder", RecorderArgs.builder()
            .roleArn(role.arn())
            .build());
        var rolePolicy = new RolePolicy("rolePolicy", RolePolicyArgs.builder()
            .role(role.id())
            .policy(Output.tuple(bucketV2.arn(), bucketV2.arn()).applyValue(values -> {
                var bucketV2Arn = values.t1;
                var bucketV2Arn1 = values.t2;
                return """
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:*"
      ],
      "Effect": "Allow",
      "Resource": [
        "%s",
        "%s/*"
      ]
    }
  ]
}
", bucketV2Arn,bucketV2Arn1);
            }))
            .build());
    }
}
Content copied to clipboard

Import

Configuration Recorder Status can be imported using the name of the Configuration Recorder, e.g.,

$ pulumi import aws:cfg/recorderStatus:RecorderStatus foo example
Content copied to clipboard

*/

Properties

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val isEnabled: Output<Boolean>

Whether the configuration recorder should be enabled or disabled.

Link copied to clipboard
val name: Output<String>

The name of the recorder

Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val urn: Output<String>