pulumi-aws-kotlin/com.pulumi.aws.xray.kotlin/EncryptionConfig

EncryptionConfig

class EncryptionConfig : KotlinCustomResource

Creates and manages an AWS XRay Encryption Config.

NOTE: Removing this resource from the provider has no effect to the encryption configuration within X-Ray.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.xray.EncryptionConfig;
import com.pulumi.aws.xray.EncryptionConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new EncryptionConfig("example", EncryptionConfigArgs.builder()
            .type("NONE")
            .build());
    }
}
Content copied to clipboard

With KMS Key

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.kms.Key;
import com.pulumi.aws.kms.KeyArgs;
import com.pulumi.aws.xray.EncryptionConfig;
import com.pulumi.aws.xray.EncryptionConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var current = AwsFunctions.getCallerIdentity();
        final var examplePolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .sid("Enable IAM User Permissions")
                .effect("Allow")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .type("AWS")
                    .identifiers(String.format("arn:aws:iam::%s:root", current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())))
                    .build())
                .actions("kms:*")
                .resources("*")
                .build())
            .build());
        var exampleKey = new Key("exampleKey", KeyArgs.builder()
            .description("Some Key")
            .deletionWindowInDays(7)
            .policy(examplePolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());
        var exampleEncryptionConfig = new EncryptionConfig("exampleEncryptionConfig", EncryptionConfigArgs.builder()
            .type("KMS")
            .keyId(exampleKey.arn())
            .build());
    }
}
Content copied to clipboard

Import

XRay Encryption Config can be imported using the region name, e.g.,

$ pulumi import aws:xray/encryptionConfig:EncryptionConfig example us-west-2
Content copied to clipboard

Properties

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val keyId: Output<String>?

An AWS KMS customer master key (CMK) ARN.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val type: Output<String>

The type of encryption. Set to KMS to use your own key for encryption. Set to NONE for default encryption.

Link copied to clipboard
val urn: Output<String>