Assessment
data class AssessmentArgs(val assessmentReportsDestination: Output<AssessmentAssessmentReportsDestinationArgs>? = null, val description: Output<String>? = null, val frameworkId: Output<String>? = null, val name: Output<String>? = null, val roles: Output<List<AssessmentRoleArgs>>? = null, val scope: Output<AssessmentScopeArgs>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<AssessmentArgs>
Resource for managing an AWS Audit Manager Assessment.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = new aws.auditmanager.Assessment("test", {
name: "example",
assessmentReportsDestination: {
destination: `s3://${testAwsS3Bucket.id}`,
destinationType: "S3",
},
frameworkId: testAwsAuditmanagerFramework.id,
roles: [{
roleArn: testAwsIamRole.arn,
roleType: "PROCESS_OWNER",
}],
scope: {
awsAccounts: [{
id: current.accountId,
}],
awsServices: [{
serviceName: "S3",
}],
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
test = aws.auditmanager.Assessment("test",
name="example",
assessment_reports_destination={
"destination": f"s3://{test_aws_s3_bucket['id']}",
"destination_type": "S3",
},
framework_id=test_aws_auditmanager_framework["id"],
roles=[{
"role_arn": test_aws_iam_role["arn"],
"role_type": "PROCESS_OWNER",
}],
scope={
"aws_accounts": [{
"id": current["accountId"],
}],
"aws_services": [{
"service_name": "S3",
}],
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = new Aws.Auditmanager.Assessment("test", new()
{
Name = "example",
AssessmentReportsDestination = new Aws.Auditmanager.Inputs.AssessmentAssessmentReportsDestinationArgs
{
Destination = $"s3://{testAwsS3Bucket.Id}",
DestinationType = "S3",
},
FrameworkId = testAwsAuditmanagerFramework.Id,
Roles = new[]
{
new Aws.Auditmanager.Inputs.AssessmentRoleArgs
{
RoleArn = testAwsIamRole.Arn,
RoleType = "PROCESS_OWNER",
},
},
Scope = new Aws.Auditmanager.Inputs.AssessmentScopeArgs
{
AwsAccounts = new[]
{
new Aws.Auditmanager.Inputs.AssessmentScopeAwsAccountArgs
{
Id = current.AccountId,
},
},
AwsServices = new[]
{
new Aws.Auditmanager.Inputs.AssessmentScopeAwsServiceArgs
{
ServiceName = "S3",
},
},
},
});
});Content copied to clipboard
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := auditmanager.NewAssessment(ctx, "test", &auditmanager.AssessmentArgs{
Name: pulumi.String("example"),
AssessmentReportsDestination: &auditmanager.AssessmentAssessmentReportsDestinationArgs{
Destination: pulumi.Sprintf("s3://%v", testAwsS3Bucket.Id),
DestinationType: pulumi.String("S3"),
},
FrameworkId: pulumi.Any(testAwsAuditmanagerFramework.Id),
Roles: auditmanager.AssessmentRoleArray{
&auditmanager.AssessmentRoleArgs{
RoleArn: pulumi.Any(testAwsIamRole.Arn),
RoleType: pulumi.String("PROCESS_OWNER"),
},
},
Scope: &auditmanager.AssessmentScopeArgs{
AwsAccounts: auditmanager.AssessmentScopeAwsAccountArray{
&auditmanager.AssessmentScopeAwsAccountArgs{
Id: pulumi.Any(current.AccountId),
},
},
AwsServices: auditmanager.AssessmentScopeAwsServiceArray{
&auditmanager.AssessmentScopeAwsServiceArgs{
ServiceName: pulumi.String("S3"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.auditmanager.Assessment;
import com.pulumi.aws.auditmanager.AssessmentArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentAssessmentReportsDestinationArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentRoleArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentScopeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new Assessment("test", AssessmentArgs.builder()
.name("example")
.assessmentReportsDestination(AssessmentAssessmentReportsDestinationArgs.builder()
.destination(String.format("s3://%s", testAwsS3Bucket.id()))
.destinationType("S3")
.build())
.frameworkId(testAwsAuditmanagerFramework.id())
.roles(AssessmentRoleArgs.builder()
.roleArn(testAwsIamRole.arn())
.roleType("PROCESS_OWNER")
.build())
.scope(AssessmentScopeArgs.builder()
.awsAccounts(AssessmentScopeAwsAccountArgs.builder()
.id(current.accountId())
.build())
.awsServices(AssessmentScopeAwsServiceArgs.builder()
.serviceName("S3")
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
test:
type: aws:auditmanager:Assessment
properties:
name: example
assessmentReportsDestination:
destination: s3://${testAwsS3Bucket.id}
destinationType: S3
frameworkId: ${testAwsAuditmanagerFramework.id}
roles:
- roleArn: ${testAwsIamRole.arn}
roleType: PROCESS_OWNER
scope:
awsAccounts:
- id: ${current.accountId}
awsServices:
- serviceName: S3Content copied to clipboard
Import
Using pulumi import, import Audit Manager Assessments using the assessment id. For example:
$ pulumi import aws:auditmanager/assessment:Assessment example abc123-de45Content copied to clipboard
Constructors
Link copied to clipboard
constructor(assessmentReportsDestination: Output<AssessmentAssessmentReportsDestinationArgs>? = null, description: Output<String>? = null, frameworkId: Output<String>? = null, name: Output<String>? = null, roles: Output<List<AssessmentRoleArgs>>? = null, scope: Output<AssessmentScopeArgs>? = null, tags: Output<Map<String, String>>? = null)
Properties
Link copied to clipboard
Assessment report storage destination configuration. See assessment_reports_destination below.
Link copied to clipboard
Description of the assessment.
Link copied to clipboard
Unique identifier of the framework the assessment will be created from.
Link copied to clipboard
List of roles for the assessment. See roles below.
Link copied to clipboard
Amazon Web Services accounts and services that are in scope for the assessment. See scope below. The following arguments are optional: