Delivery
data class DeliveryChannelArgs(val name: Output<String>? = null, val s3BucketName: Output<String>? = null, val s3KeyPrefix: Output<String>? = null, val s3KmsKeyArn: Output<String>? = null, val snapshotDeliveryProperties: Output<DeliveryChannelSnapshotDeliveryPropertiesArgs>? = null, val snsTopicArn: Output<String>? = null) : ConvertibleToJava<DeliveryChannelArgs>
Provides an AWS Config Delivery Channel.
Note: Delivery Channel requires a Configuration Recorder to be present. Use of
depends_on(as shown below) is recommended to avoid race conditions.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.cfg.Recorder;
import com.pulumi.aws.cfg.RecorderArgs;
import com.pulumi.aws.cfg.DeliveryChannel;
import com.pulumi.aws.cfg.DeliveryChannelArgs;
import com.pulumi.aws.iam.RolePolicy;
import com.pulumi.aws.iam.RolePolicyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()
.forceDestroy(true)
.build());
final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.principals(GetPolicyDocumentStatementPrincipalArgs.builder()
.type("Service")
.identifiers("config.amazonaws.com")
.build())
.actions("sts:AssumeRole")
.build())
.build());
var role = new Role("role", RoleArgs.builder()
.assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
.build());
var fooRecorder = new Recorder("fooRecorder", RecorderArgs.builder()
.roleArn(role.arn())
.build());
var fooDeliveryChannel = new DeliveryChannel("fooDeliveryChannel", DeliveryChannelArgs.builder()
.s3BucketName(bucketV2.bucket())
.build(), CustomResourceOptions.builder()
.dependsOn(fooRecorder)
.build());
final var policyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
.statements(GetPolicyDocumentStatementArgs.builder()
.effect("Allow")
.actions("s3:*")
.resources(
bucketV2.arn(),
bucketV2.arn().applyValue(arn -> String.format("%s/*", arn)))
.build())
.build());
var rolePolicy = new RolePolicy("rolePolicy", RolePolicyArgs.builder()
.role(role.id())
.policy(policyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(policyDocument -> policyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
.build());
}
}Content copied to clipboard
Import
Delivery Channel can be imported using the name, e.g.,
$ pulumi import aws:cfg/deliveryChannel:DeliveryChannel foo exampleContent copied to clipboard
Constructors
Link copied to clipboard
fun DeliveryChannelArgs(name: Output<String>? = null, s3BucketName: Output<String>? = null, s3KeyPrefix: Output<String>? = null, s3KmsKeyArn: Output<String>? = null, snapshotDeliveryProperties: Output<DeliveryChannelSnapshotDeliveryPropertiesArgs>? = null, snsTopicArn: Output<String>? = null)