pulumi-aws-kotlin/com.pulumi.aws.auditmanager.kotlin/Assessment

Assessment

class Assessment : KotlinCustomResource

Resource for managing an AWS Audit Manager Assessment.

Example Usage

Basic Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = new aws.auditmanager.Assessment("test", {
    name: "example",
    assessmentReportsDestination: {
        destination: `s3://${testAwsS3Bucket.id}`,
        destinationType: "S3",
    },
    frameworkId: testAwsAuditmanagerFramework.id,
    roles: [{
        roleArn: testAwsIamRole.arn,
        roleType: "PROCESS_OWNER",
    }],
    scope: {
        awsAccounts: [{
            id: current.accountId,
        }],
        awsServices: [{
            serviceName: "S3",
        }],
    },
});

import pulumi
import pulumi_aws as aws
test = aws.auditmanager.Assessment("test",
    name="example",
    assessment_reports_destination=aws.auditmanager.AssessmentAssessmentReportsDestinationArgs(
        destination=f"s3://{test_aws_s3_bucket['id']}",
        destination_type="S3",
    ),
    framework_id=test_aws_auditmanager_framework["id"],
    roles=[aws.auditmanager.AssessmentRoleArgs(
        role_arn=test_aws_iam_role["arn"],
        role_type="PROCESS_OWNER",
    )],
    scope=aws.auditmanager.AssessmentScopeArgs(
        aws_accounts=[aws.auditmanager.AssessmentScopeAwsAccountArgs(
            id=current["accountId"],
        )],
        aws_services=[aws.auditmanager.AssessmentScopeAwsServiceArgs(
            service_name="S3",
        )],
    ))

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var test = new Aws.Auditmanager.Assessment("test", new()
    {
        Name = "example",
        AssessmentReportsDestination = new Aws.Auditmanager.Inputs.AssessmentAssessmentReportsDestinationArgs
        {
            Destination = $"s3://{testAwsS3Bucket.Id}",
            DestinationType = "S3",
        },
        FrameworkId = testAwsAuditmanagerFramework.Id,
        Roles = new[]
        {
            new Aws.Auditmanager.Inputs.AssessmentRoleArgs
            {
                RoleArn = testAwsIamRole.Arn,
                RoleType = "PROCESS_OWNER",
            },
        },
        Scope = new Aws.Auditmanager.Inputs.AssessmentScopeArgs
        {
            AwsAccounts = new[]
            {
                new Aws.Auditmanager.Inputs.AssessmentScopeAwsAccountArgs
                {
                    Id = current.AccountId,
                },
            },
            AwsServices = new[]
            {
                new Aws.Auditmanager.Inputs.AssessmentScopeAwsServiceArgs
                {
                    ServiceName = "S3",
                },
            },
        },
    });
});

package main
import (
	"fmt"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := auditmanager.NewAssessment(ctx, "test", &auditmanager.AssessmentArgs{
			Name: pulumi.String("example"),
			AssessmentReportsDestination: &auditmanager.AssessmentAssessmentReportsDestinationArgs{
				Destination:     pulumi.String(fmt.Sprintf("s3://%v", testAwsS3Bucket.Id)),
				DestinationType: pulumi.String("S3"),
			},
			FrameworkId: pulumi.Any(testAwsAuditmanagerFramework.Id),
			Roles: auditmanager.AssessmentRoleArray{
				&auditmanager.AssessmentRoleArgs{
					RoleArn:  pulumi.Any(testAwsIamRole.Arn),
					RoleType: pulumi.String("PROCESS_OWNER"),
				},
			},
			Scope: &auditmanager.AssessmentScopeArgs{
				AwsAccounts: auditmanager.AssessmentScopeAwsAccountArray{
					&auditmanager.AssessmentScopeAwsAccountArgs{
						Id: pulumi.Any(current.AccountId),
					},
				},
				AwsServices: auditmanager.AssessmentScopeAwsServiceArray{
					&auditmanager.AssessmentScopeAwsServiceArgs{
						ServiceName: pulumi.String("S3"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.auditmanager.Assessment;
import com.pulumi.aws.auditmanager.AssessmentArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentAssessmentReportsDestinationArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentRoleArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentScopeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var test = new Assessment("test", AssessmentArgs.builder()
            .name("example")
            .assessmentReportsDestination(AssessmentAssessmentReportsDestinationArgs.builder()
                .destination(String.format("s3://%s", testAwsS3Bucket.id()))
                .destinationType("S3")
                .build())
            .frameworkId(testAwsAuditmanagerFramework.id())
            .roles(AssessmentRoleArgs.builder()
                .roleArn(testAwsIamRole.arn())
                .roleType("PROCESS_OWNER")
                .build())
            .scope(AssessmentScopeArgs.builder()
                .awsAccounts(AssessmentScopeAwsAccountArgs.builder()
                    .id(current.accountId())
                    .build())
                .awsServices(AssessmentScopeAwsServiceArgs.builder()
                    .serviceName("S3")
                    .build())
                .build())
            .build());
    }
}

resources:
  test:
    type: aws:auditmanager:Assessment
    properties:
      name: example
      assessmentReportsDestination:
        destination: s3://${testAwsS3Bucket.id}
        destinationType: S3
      frameworkId: ${testAwsAuditmanagerFramework.id}
      roles:
        - roleArn: ${testAwsIamRole.arn}
          roleType: PROCESS_OWNER
      scope:
        awsAccounts:
          - id: ${current.accountId}
        awsServices:
          - serviceName: S3

Import

Using pulumi import, import Audit Manager Assessments using the assessment id. For example:

$ pulumi import aws:auditmanager/assessment:Assessment example abc123-de45

Properties

arn

val arn: Output<String>

Amazon Resource Name (ARN) of the assessment.

assessmentReportsDestination

val assessmentReportsDestination: Output<AssessmentAssessmentReportsDestination>?

Assessment report storage destination configuration. See assessment_reports_destination below.

description

val description: Output<String>?

Description of the assessment.

frameworkId

val frameworkId: Output<String>

Unique identifier of the framework the assessment will be created from.

val id: Output<String>

name

val name: Output<String>

Name of the assessment.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

roles

val roles: Output<List<AssessmentRole>>

List of roles for the assessment. See roles below.

rolesAlls

val rolesAlls: Output<List<AssessmentRolesAll>>

Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the roles block, and any roles which have access to all Audit Manager assessments by default.

scope

val scope: Output<AssessmentScope>?

Amazon Web Services accounts and services that are in scope for the assessment. See scope below. The following arguments are optional:

status

val status: Output<String>

Status of the assessment. Valid values are ACTIVE and INACTIVE.