aws.auditmanager.Assessment
Explore with Pulumi AI
Resource for managing an AWS Audit Manager Assessment.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = new aws.auditmanager.Assessment("test", {
name: "example",
assessmentReportsDestination: {
destination: `s3://${testAwsS3Bucket.id}`,
destinationType: "S3",
},
frameworkId: testAwsAuditmanagerFramework.id,
roles: [{
roleArn: testAwsIamRole.arn,
roleType: "PROCESS_OWNER",
}],
scope: {
awsAccounts: [{
id: current.accountId,
}],
awsServices: [{
serviceName: "S3",
}],
},
});
import pulumi
import pulumi_aws as aws
test = aws.auditmanager.Assessment("test",
name="example",
assessment_reports_destination={
"destination": f"s3://{test_aws_s3_bucket['id']}",
"destination_type": "S3",
},
framework_id=test_aws_auditmanager_framework["id"],
roles=[{
"role_arn": test_aws_iam_role["arn"],
"role_type": "PROCESS_OWNER",
}],
scope={
"aws_accounts": [{
"id": current["accountId"],
}],
"aws_services": [{
"service_name": "S3",
}],
})
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := auditmanager.NewAssessment(ctx, "test", &auditmanager.AssessmentArgs{
Name: pulumi.String("example"),
AssessmentReportsDestination: &auditmanager.AssessmentAssessmentReportsDestinationArgs{
Destination: pulumi.Sprintf("s3://%v", testAwsS3Bucket.Id),
DestinationType: pulumi.String("S3"),
},
FrameworkId: pulumi.Any(testAwsAuditmanagerFramework.Id),
Roles: auditmanager.AssessmentRoleArray{
&auditmanager.AssessmentRoleArgs{
RoleArn: pulumi.Any(testAwsIamRole.Arn),
RoleType: pulumi.String("PROCESS_OWNER"),
},
},
Scope: &auditmanager.AssessmentScopeArgs{
AwsAccounts: auditmanager.AssessmentScopeAwsAccountArray{
&auditmanager.AssessmentScopeAwsAccountArgs{
Id: pulumi.Any(current.AccountId),
},
},
AwsServices: auditmanager.AssessmentScopeAwsServiceArray{
&auditmanager.AssessmentScopeAwsServiceArgs{
ServiceName: pulumi.String("S3"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = new Aws.Auditmanager.Assessment("test", new()
{
Name = "example",
AssessmentReportsDestination = new Aws.Auditmanager.Inputs.AssessmentAssessmentReportsDestinationArgs
{
Destination = $"s3://{testAwsS3Bucket.Id}",
DestinationType = "S3",
},
FrameworkId = testAwsAuditmanagerFramework.Id,
Roles = new[]
{
new Aws.Auditmanager.Inputs.AssessmentRoleArgs
{
RoleArn = testAwsIamRole.Arn,
RoleType = "PROCESS_OWNER",
},
},
Scope = new Aws.Auditmanager.Inputs.AssessmentScopeArgs
{
AwsAccounts = new[]
{
new Aws.Auditmanager.Inputs.AssessmentScopeAwsAccountArgs
{
Id = current.AccountId,
},
},
AwsServices = new[]
{
new Aws.Auditmanager.Inputs.AssessmentScopeAwsServiceArgs
{
ServiceName = "S3",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.auditmanager.Assessment;
import com.pulumi.aws.auditmanager.AssessmentArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentAssessmentReportsDestinationArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentRoleArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentScopeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new Assessment("test", AssessmentArgs.builder()
.name("example")
.assessmentReportsDestination(AssessmentAssessmentReportsDestinationArgs.builder()
.destination(String.format("s3://%s", testAwsS3Bucket.id()))
.destinationType("S3")
.build())
.frameworkId(testAwsAuditmanagerFramework.id())
.roles(AssessmentRoleArgs.builder()
.roleArn(testAwsIamRole.arn())
.roleType("PROCESS_OWNER")
.build())
.scope(AssessmentScopeArgs.builder()
.awsAccounts(AssessmentScopeAwsAccountArgs.builder()
.id(current.accountId())
.build())
.awsServices(AssessmentScopeAwsServiceArgs.builder()
.serviceName("S3")
.build())
.build())
.build());
}
}
resources:
test:
type: aws:auditmanager:Assessment
properties:
name: example
assessmentReportsDestination:
destination: s3://${testAwsS3Bucket.id}
destinationType: S3
frameworkId: ${testAwsAuditmanagerFramework.id}
roles:
- roleArn: ${testAwsIamRole.arn}
roleType: PROCESS_OWNER
scope:
awsAccounts:
- id: ${current.accountId}
awsServices:
- serviceName: S3
Create Assessment Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Assessment(name: string, args: AssessmentArgs, opts?: CustomResourceOptions);
@overload
def Assessment(resource_name: str,
args: AssessmentArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Assessment(resource_name: str,
opts: Optional[ResourceOptions] = None,
framework_id: Optional[str] = None,
roles: Optional[Sequence[AssessmentRoleArgs]] = None,
assessment_reports_destination: Optional[AssessmentAssessmentReportsDestinationArgs] = None,
description: Optional[str] = None,
name: Optional[str] = None,
scope: Optional[AssessmentScopeArgs] = None,
tags: Optional[Mapping[str, str]] = None)
func NewAssessment(ctx *Context, name string, args AssessmentArgs, opts ...ResourceOption) (*Assessment, error)
public Assessment(string name, AssessmentArgs args, CustomResourceOptions? opts = null)
public Assessment(String name, AssessmentArgs args)
public Assessment(String name, AssessmentArgs args, CustomResourceOptions options)
type: aws:auditmanager:Assessment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AssessmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AssessmentArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AssessmentArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AssessmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AssessmentArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var assessmentResource = new Aws.Auditmanager.Assessment("assessmentResource", new()
{
FrameworkId = "string",
Roles = new[]
{
new Aws.Auditmanager.Inputs.AssessmentRoleArgs
{
RoleArn = "string",
RoleType = "string",
},
},
AssessmentReportsDestination = new Aws.Auditmanager.Inputs.AssessmentAssessmentReportsDestinationArgs
{
Destination = "string",
DestinationType = "string",
},
Description = "string",
Name = "string",
Scope = new Aws.Auditmanager.Inputs.AssessmentScopeArgs
{
AwsAccounts = new[]
{
new Aws.Auditmanager.Inputs.AssessmentScopeAwsAccountArgs
{
Id = "string",
},
},
AwsServices = new[]
{
new Aws.Auditmanager.Inputs.AssessmentScopeAwsServiceArgs
{
ServiceName = "string",
},
},
},
Tags =
{
{ "string", "string" },
},
});
example, err := auditmanager.NewAssessment(ctx, "assessmentResource", &auditmanager.AssessmentArgs{
FrameworkId: pulumi.String("string"),
Roles: auditmanager.AssessmentRoleArray{
&auditmanager.AssessmentRoleArgs{
RoleArn: pulumi.String("string"),
RoleType: pulumi.String("string"),
},
},
AssessmentReportsDestination: &auditmanager.AssessmentAssessmentReportsDestinationArgs{
Destination: pulumi.String("string"),
DestinationType: pulumi.String("string"),
},
Description: pulumi.String("string"),
Name: pulumi.String("string"),
Scope: &auditmanager.AssessmentScopeArgs{
AwsAccounts: auditmanager.AssessmentScopeAwsAccountArray{
&auditmanager.AssessmentScopeAwsAccountArgs{
Id: pulumi.String("string"),
},
},
AwsServices: auditmanager.AssessmentScopeAwsServiceArray{
&auditmanager.AssessmentScopeAwsServiceArgs{
ServiceName: pulumi.String("string"),
},
},
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var assessmentResource = new Assessment("assessmentResource", AssessmentArgs.builder()
.frameworkId("string")
.roles(AssessmentRoleArgs.builder()
.roleArn("string")
.roleType("string")
.build())
.assessmentReportsDestination(AssessmentAssessmentReportsDestinationArgs.builder()
.destination("string")
.destinationType("string")
.build())
.description("string")
.name("string")
.scope(AssessmentScopeArgs.builder()
.awsAccounts(AssessmentScopeAwsAccountArgs.builder()
.id("string")
.build())
.awsServices(AssessmentScopeAwsServiceArgs.builder()
.serviceName("string")
.build())
.build())
.tags(Map.of("string", "string"))
.build());
assessment_resource = aws.auditmanager.Assessment("assessmentResource",
framework_id="string",
roles=[{
"role_arn": "string",
"role_type": "string",
}],
assessment_reports_destination={
"destination": "string",
"destination_type": "string",
},
description="string",
name="string",
scope={
"aws_accounts": [{
"id": "string",
}],
"aws_services": [{
"service_name": "string",
}],
},
tags={
"string": "string",
})
const assessmentResource = new aws.auditmanager.Assessment("assessmentResource", {
frameworkId: "string",
roles: [{
roleArn: "string",
roleType: "string",
}],
assessmentReportsDestination: {
destination: "string",
destinationType: "string",
},
description: "string",
name: "string",
scope: {
awsAccounts: [{
id: "string",
}],
awsServices: [{
serviceName: "string",
}],
},
tags: {
string: "string",
},
});
type: aws:auditmanager:Assessment
properties:
assessmentReportsDestination:
destination: string
destinationType: string
description: string
frameworkId: string
name: string
roles:
- roleArn: string
roleType: string
scope:
awsAccounts:
- id: string
awsServices:
- serviceName: string
tags:
string: string
Assessment Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Assessment resource accepts the following input properties:
- Framework
Id string - Unique identifier of the framework the assessment will be created from.
- Roles
List<Assessment
Role> - List of roles for the assessment. See
roles
below. - Assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destination
below. - Description string
- Description of the assessment.
- Name string
- Name of the assessment.
- Scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- Dictionary<string, string>
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
- Framework
Id string - Unique identifier of the framework the assessment will be created from.
- Roles
[]Assessment
Role Args - List of roles for the assessment. See
roles
below. - Assessment
Reports AssessmentDestination Assessment Reports Destination Args - Assessment report storage destination configuration. See
assessment_reports_destination
below. - Description string
- Description of the assessment.
- Name string
- Name of the assessment.
- Scope
Assessment
Scope Args Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- map[string]string
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
- framework
Id String - Unique identifier of the framework the assessment will be created from.
- roles
List<Assessment
Role> - List of roles for the assessment. See
roles
below. - assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destination
below. - description String
- Description of the assessment.
- name String
- Name of the assessment.
- scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- Map<String,String>
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
- framework
Id string - Unique identifier of the framework the assessment will be created from.
- roles
Assessment
Role[] - List of roles for the assessment. See
roles
below. - assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destination
below. - description string
- Description of the assessment.
- name string
- Name of the assessment.
- scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- {[key: string]: string}
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
- framework_
id str - Unique identifier of the framework the assessment will be created from.
- roles
Sequence[Assessment
Role Args] - List of roles for the assessment. See
roles
below. - assessment_
reports_ Assessmentdestination Assessment Reports Destination Args - Assessment report storage destination configuration. See
assessment_reports_destination
below. - description str
- Description of the assessment.
- name str
- Name of the assessment.
- scope
Assessment
Scope Args Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- Mapping[str, str]
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
- framework
Id String - Unique identifier of the framework the assessment will be created from.
- roles List<Property Map>
- List of roles for the assessment. See
roles
below. - assessment
Reports Property MapDestination - Assessment report storage destination configuration. See
assessment_reports_destination
below. - description String
- Description of the assessment.
- name String
- Name of the assessment.
- scope Property Map
Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- Map<String>
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
Outputs
All input properties are implicitly available as output properties. Additionally, the Assessment resource produces the following output properties:
- Arn string
- Amazon Resource Name (ARN) of the assessment.
- Id string
- The provider-assigned unique ID for this managed resource.
- Roles
Alls List<AssessmentRoles All> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - Status string
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - Dictionary<string, string>
- Arn string
- Amazon Resource Name (ARN) of the assessment.
- Id string
- The provider-assigned unique ID for this managed resource.
- Roles
Alls []AssessmentRoles All - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - Status string
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - map[string]string
- arn String
- Amazon Resource Name (ARN) of the assessment.
- id String
- The provider-assigned unique ID for this managed resource.
- roles
Alls List<AssessmentRoles All> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - status String
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - Map<String,String>
- arn string
- Amazon Resource Name (ARN) of the assessment.
- id string
- The provider-assigned unique ID for this managed resource.
- roles
Alls AssessmentRoles All[] - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - status string
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - {[key: string]: string}
- arn str
- Amazon Resource Name (ARN) of the assessment.
- id str
- The provider-assigned unique ID for this managed resource.
- roles_
alls Sequence[AssessmentRoles All] - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - status str
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - Mapping[str, str]
- arn String
- Amazon Resource Name (ARN) of the assessment.
- id String
- The provider-assigned unique ID for this managed resource.
- roles
Alls List<Property Map> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - status String
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - Map<String>
Look up Existing Assessment Resource
Get an existing Assessment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AssessmentState, opts?: CustomResourceOptions): Assessment
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
assessment_reports_destination: Optional[AssessmentAssessmentReportsDestinationArgs] = None,
description: Optional[str] = None,
framework_id: Optional[str] = None,
name: Optional[str] = None,
roles: Optional[Sequence[AssessmentRoleArgs]] = None,
roles_alls: Optional[Sequence[AssessmentRolesAllArgs]] = None,
scope: Optional[AssessmentScopeArgs] = None,
status: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None) -> Assessment
func GetAssessment(ctx *Context, name string, id IDInput, state *AssessmentState, opts ...ResourceOption) (*Assessment, error)
public static Assessment Get(string name, Input<string> id, AssessmentState? state, CustomResourceOptions? opts = null)
public static Assessment get(String name, Output<String> id, AssessmentState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
- Amazon Resource Name (ARN) of the assessment.
- Assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destination
below. - Description string
- Description of the assessment.
- Framework
Id string - Unique identifier of the framework the assessment will be created from.
- Name string
- Name of the assessment.
- Roles
List<Assessment
Role> - List of roles for the assessment. See
roles
below. - Roles
Alls List<AssessmentRoles All> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - Scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- Status string
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - Dictionary<string, string>
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- Arn string
- Amazon Resource Name (ARN) of the assessment.
- Assessment
Reports AssessmentDestination Assessment Reports Destination Args - Assessment report storage destination configuration. See
assessment_reports_destination
below. - Description string
- Description of the assessment.
- Framework
Id string - Unique identifier of the framework the assessment will be created from.
- Name string
- Name of the assessment.
- Roles
[]Assessment
Role Args - List of roles for the assessment. See
roles
below. - Roles
Alls []AssessmentRoles All Args - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - Scope
Assessment
Scope Args Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- Status string
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - map[string]string
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- arn String
- Amazon Resource Name (ARN) of the assessment.
- assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destination
below. - description String
- Description of the assessment.
- framework
Id String - Unique identifier of the framework the assessment will be created from.
- name String
- Name of the assessment.
- roles
List<Assessment
Role> - List of roles for the assessment. See
roles
below. - roles
Alls List<AssessmentRoles All> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- status String
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - Map<String,String>
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- arn string
- Amazon Resource Name (ARN) of the assessment.
- assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destination
below. - description string
- Description of the assessment.
- framework
Id string - Unique identifier of the framework the assessment will be created from.
- name string
- Name of the assessment.
- roles
Assessment
Role[] - List of roles for the assessment. See
roles
below. - roles
Alls AssessmentRoles All[] - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- status string
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - {[key: string]: string}
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- arn str
- Amazon Resource Name (ARN) of the assessment.
- assessment_
reports_ Assessmentdestination Assessment Reports Destination Args - Assessment report storage destination configuration. See
assessment_reports_destination
below. - description str
- Description of the assessment.
- framework_
id str - Unique identifier of the framework the assessment will be created from.
- name str
- Name of the assessment.
- roles
Sequence[Assessment
Role Args] - List of roles for the assessment. See
roles
below. - roles_
alls Sequence[AssessmentRoles All Args] - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - scope
Assessment
Scope Args Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- status str
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - Mapping[str, str]
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- arn String
- Amazon Resource Name (ARN) of the assessment.
- assessment
Reports Property MapDestination - Assessment report storage destination configuration. See
assessment_reports_destination
below. - description String
- Description of the assessment.
- framework
Id String - Unique identifier of the framework the assessment will be created from.
- name String
- Name of the assessment.
- roles List<Property Map>
- List of roles for the assessment. See
roles
below. - roles
Alls List<Property Map> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
roles
block, and any roles which have access to all Audit Manager assessments by default. - scope Property Map
Amazon Web Services accounts and services that are in scope for the assessment. See
scope
below.The following arguments are optional:
- status String
- Status of the assessment. Valid values are
ACTIVE
andINACTIVE
. - Map<String>
- A map of tags to assign to the assessment. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
Supporting Types
AssessmentAssessmentReportsDestination, AssessmentAssessmentReportsDestinationArgs
- Destination string
- Destination of the assessment report. This value be in the form
s3://{bucket_name}
. - Destination
Type string - Destination type. Currently,
S3
is the only valid value.
- Destination string
- Destination of the assessment report. This value be in the form
s3://{bucket_name}
. - Destination
Type string - Destination type. Currently,
S3
is the only valid value.
- destination String
- Destination of the assessment report. This value be in the form
s3://{bucket_name}
. - destination
Type String - Destination type. Currently,
S3
is the only valid value.
- destination string
- Destination of the assessment report. This value be in the form
s3://{bucket_name}
. - destination
Type string - Destination type. Currently,
S3
is the only valid value.
- destination str
- Destination of the assessment report. This value be in the form
s3://{bucket_name}
. - destination_
type str - Destination type. Currently,
S3
is the only valid value.
- destination String
- Destination of the assessment report. This value be in the form
s3://{bucket_name}
. - destination
Type String - Destination type. Currently,
S3
is the only valid value.
AssessmentRole, AssessmentRoleArgs
AssessmentRolesAll, AssessmentRolesAllArgs
AssessmentScope, AssessmentScopeArgs
- Aws
Accounts List<AssessmentScope Aws Account> - Amazon Web Services accounts that are in scope for the assessment. See
aws_accounts
below. - Aws
Services List<AssessmentScope Aws Service> - Amazon Web Services services that are included in the scope of the assessment. See
aws_services
below.
- Aws
Accounts []AssessmentScope Aws Account - Amazon Web Services accounts that are in scope for the assessment. See
aws_accounts
below. - Aws
Services []AssessmentScope Aws Service - Amazon Web Services services that are included in the scope of the assessment. See
aws_services
below.
- aws
Accounts List<AssessmentScope Aws Account> - Amazon Web Services accounts that are in scope for the assessment. See
aws_accounts
below. - aws
Services List<AssessmentScope Aws Service> - Amazon Web Services services that are included in the scope of the assessment. See
aws_services
below.
- aws
Accounts AssessmentScope Aws Account[] - Amazon Web Services accounts that are in scope for the assessment. See
aws_accounts
below. - aws
Services AssessmentScope Aws Service[] - Amazon Web Services services that are included in the scope of the assessment. See
aws_services
below.
- aws_
accounts Sequence[AssessmentScope Aws Account] - Amazon Web Services accounts that are in scope for the assessment. See
aws_accounts
below. - aws_
services Sequence[AssessmentScope Aws Service] - Amazon Web Services services that are included in the scope of the assessment. See
aws_services
below.
- aws
Accounts List<Property Map> - Amazon Web Services accounts that are in scope for the assessment. See
aws_accounts
below. - aws
Services List<Property Map> - Amazon Web Services services that are included in the scope of the assessment. See
aws_services
below.
AssessmentScopeAwsAccount, AssessmentScopeAwsAccountArgs
- Id string
- Identifier for the Amazon Web Services account.
- Id string
- Identifier for the Amazon Web Services account.
- id String
- Identifier for the Amazon Web Services account.
- id string
- Identifier for the Amazon Web Services account.
- id str
- Identifier for the Amazon Web Services account.
- id String
- Identifier for the Amazon Web Services account.
AssessmentScopeAwsService, AssessmentScopeAwsServiceArgs
- Service
Name string - Name of the Amazon Web Service.
- Service
Name string - Name of the Amazon Web Service.
- service
Name String - Name of the Amazon Web Service.
- service
Name string - Name of the Amazon Web Service.
- service_
name str - Name of the Amazon Web Service.
- service
Name String - Name of the Amazon Web Service.
Import
Using pulumi import
, import Audit Manager Assessments using the assessment id
. For example:
$ pulumi import aws:auditmanager/assessment:Assessment example abc123-de45
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.