pulumi-aws-kotlin/com.pulumi.aws.cloudwatch.kotlin/EventPermission

EventPermission

class EventPermission : KotlinCustomResource

Provides a resource to create an EventBridge permission to support cross-account events in the current account default event bus.

Note: EventBridge was formerly known as CloudWatch Events. The functionality is identical. Note: The EventBridge bus policy resource (aws.cloudwatch.EventBusPolicy) is incompatible with the EventBridge permission resource (aws.cloudwatch.EventPermission) and will overwrite permissions.

Example Usage

Account Access

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const devAccountAccess = new aws.cloudwatch.EventPermission("DevAccountAccess", {
    principal: "123456789012",
    statementId: "DevAccountAccess",
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
dev_account_access = aws.cloudwatch.EventPermission("DevAccountAccess",
    principal="123456789012",
    statement_id="DevAccountAccess")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var devAccountAccess = new Aws.CloudWatch.EventPermission("DevAccountAccess", new()
    {
        Principal = "123456789012",
        StatementId = "DevAccountAccess",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudwatch.NewEventPermission(ctx, "DevAccountAccess", &cloudwatch.EventPermissionArgs{
			Principal:   pulumi.String("123456789012"),
			StatementId: pulumi.String("DevAccountAccess"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudwatch.EventPermission;
import com.pulumi.aws.cloudwatch.EventPermissionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var devAccountAccess = new EventPermission("devAccountAccess", EventPermissionArgs.builder()
            .principal("123456789012")
            .statementId("DevAccountAccess")
            .build());
    }
}
Content copied to clipboard
resources:
  devAccountAccess:
    type: aws:cloudwatch:EventPermission
    name: DevAccountAccess
    properties:
      principal: '123456789012'
      statementId: DevAccountAccess
Content copied to clipboard

Organization Access

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const organizationAccess = new aws.cloudwatch.EventPermission("OrganizationAccess", {
    principal: "*",
    statementId: "OrganizationAccess",
    condition: {
        key: "aws:PrincipalOrgID",
        type: "StringEquals",
        value: example.id,
    },
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
organization_access = aws.cloudwatch.EventPermission("OrganizationAccess",
    principal="*",
    statement_id="OrganizationAccess",
    condition={
        "key": "aws:PrincipalOrgID",
        "type": "StringEquals",
        "value": example["id"],
    })
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var organizationAccess = new Aws.CloudWatch.EventPermission("OrganizationAccess", new()
    {
        Principal = "*",
        StatementId = "OrganizationAccess",
        Condition = new Aws.CloudWatch.Inputs.EventPermissionConditionArgs
        {
            Key = "aws:PrincipalOrgID",
            Type = "StringEquals",
            Value = example.Id,
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudwatch.NewEventPermission(ctx, "OrganizationAccess", &cloudwatch.EventPermissionArgs{
			Principal:   pulumi.String("*"),
			StatementId: pulumi.String("OrganizationAccess"),
			Condition: &cloudwatch.EventPermissionConditionArgs{
				Key:   pulumi.String("aws:PrincipalOrgID"),
				Type:  pulumi.String("StringEquals"),
				Value: pulumi.Any(example.Id),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudwatch.EventPermission;
import com.pulumi.aws.cloudwatch.EventPermissionArgs;
import com.pulumi.aws.cloudwatch.inputs.EventPermissionConditionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var organizationAccess = new EventPermission("organizationAccess", EventPermissionArgs.builder()
            .principal("*")
            .statementId("OrganizationAccess")
            .condition(EventPermissionConditionArgs.builder()
                .key("aws:PrincipalOrgID")
                .type("StringEquals")
                .value(example.id())
                .build())
            .build());
    }
}
Content copied to clipboard
resources:
  organizationAccess:
    type: aws:cloudwatch:EventPermission
    name: OrganizationAccess
    properties:
      principal: '*'
      statementId: OrganizationAccess
      condition:
        key: aws:PrincipalOrgID
        type: StringEquals
        value: ${example.id}
Content copied to clipboard

Import

Using pulumi import, import EventBridge permissions using the event_bus_name/statement_id (if you omit event_bus_name, the default event bus will be used). For example:

$ pulumi import aws:cloudwatch/eventPermission:EventPermission DevAccountAccess example-event-bus/DevAccountAccess
Content copied to clipboard

Properties

Link copied to clipboard
val action: Output<String>?

The action that you are enabling the other account to perform. Defaults to events:PutEvents.

Link copied to clipboard
val condition: Output<EventPermissionCondition>?

Configuration block to limit the event bus permissions you are granting to only accounts that fulfill the condition. Specified below.

Link copied to clipboard
val eventBusName: Output<String>?

The name of the event bus to set the permissions on. If you omit this, the permissions are set on the default event bus.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val principal: Output<String>

The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify * to permit any account to put events to your default event bus, optionally limited by condition.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val statementId: Output<String>

An identifier string for the external account that you are granting permissions to.

Link copied to clipboard
val urn: Output<String>