Docs Home
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi
aws.cloudfront.getLogDeliveryCanonicalUserId
Explore with Pulumi AI
The CloudFront Log Delivery Canonical User ID data source allows access to the canonical user ID of the AWS awslogsdelivery account for CloudFront bucket logging.
See the Amazon CloudFront Developer Guide for more information.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = aws.s3.getCanonicalUserId({});
const example = aws.cloudfront.getLogDeliveryCanonicalUserId({});
const exampleBucketV2 = new aws.s3.BucketV2("example", {bucket: "example"});
const exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls("example", {
bucket: exampleBucketV2.id,
rule: {
objectOwnership: "BucketOwnerPreferred",
},
});
const exampleBucketAclV2 = new aws.s3.BucketAclV2("example", {
bucket: exampleBucketV2.id,
accessControlPolicy: {
grants: [{
grantee: {
id: example.then(example => example.id),
type: "CanonicalUser",
},
permission: "FULL_CONTROL",
}],
owner: {
id: current.then(current => current.id),
},
},
}, {
dependsOn: [exampleBucketOwnershipControls],
});
import pulumi
import pulumi_aws as aws
current = aws.s3.get_canonical_user_id()
example = aws.cloudfront.get_log_delivery_canonical_user_id()
example_bucket_v2 = aws.s3.BucketV2("example", bucket="example")
example_bucket_ownership_controls = aws.s3.BucketOwnershipControls("example",
bucket=example_bucket_v2.id,
rule={
"object_ownership": "BucketOwnerPreferred",
})
example_bucket_acl_v2 = aws.s3.BucketAclV2("example",
bucket=example_bucket_v2.id,
access_control_policy={
"grants": [{
"grantee": {
"id": example.id,
"type": "CanonicalUser",
},
"permission": "FULL_CONTROL",
}],
"owner": {
"id": current.id,
},
},
opts = pulumi.ResourceOptions(depends_on=[example_bucket_ownership_controls]))
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
current, err := s3.GetCanonicalUserId(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
example, err := cloudfront.GetLogDeliveryCanonicalUserId(ctx, &cloudfront.GetLogDeliveryCanonicalUserIdArgs{}, nil)
if err != nil {
return err
}
exampleBucketV2, err := s3.NewBucketV2(ctx, "example", &s3.BucketV2Args{
Bucket: pulumi.String("example"),
})
if err != nil {
return err
}
exampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, "example", &s3.BucketOwnershipControlsArgs{
Bucket: exampleBucketV2.ID(),
Rule: &s3.BucketOwnershipControlsRuleArgs{
ObjectOwnership: pulumi.String("BucketOwnerPreferred"),
},
})
if err != nil {
return err
}
_, err = s3.NewBucketAclV2(ctx, "example", &s3.BucketAclV2Args{
Bucket: exampleBucketV2.ID(),
AccessControlPolicy: &s3.BucketAclV2AccessControlPolicyArgs{
Grants: s3.BucketAclV2AccessControlPolicyGrantArray{
&s3.BucketAclV2AccessControlPolicyGrantArgs{
Grantee: &s3.BucketAclV2AccessControlPolicyGrantGranteeArgs{
Id: pulumi.String(example.Id),
Type: pulumi.String("CanonicalUser"),
},
Permission: pulumi.String("FULL_CONTROL"),
},
},
Owner: &s3.BucketAclV2AccessControlPolicyOwnerArgs{
Id: pulumi.String(current.Id),
},
},
}, pulumi.DependsOn([]pulumi.Resource{
exampleBucketOwnershipControls,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var current = Aws.S3.GetCanonicalUserId.Invoke();
var example = Aws.CloudFront.GetLogDeliveryCanonicalUserId.Invoke();
var exampleBucketV2 = new Aws.S3.BucketV2("example", new()
{
Bucket = "example",
});
var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls("example", new()
{
Bucket = exampleBucketV2.Id,
Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs
{
ObjectOwnership = "BucketOwnerPreferred",
},
});
var exampleBucketAclV2 = new Aws.S3.BucketAclV2("example", new()
{
Bucket = exampleBucketV2.Id,
AccessControlPolicy = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyArgs
{
Grants = new[]
{
new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantArgs
{
Grantee = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantGranteeArgs
{
Id = example.Apply(getLogDeliveryCanonicalUserIdResult => getLogDeliveryCanonicalUserIdResult.Id),
Type = "CanonicalUser",
},
Permission = "FULL_CONTROL",
},
},
Owner = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyOwnerArgs
{
Id = current.Apply(getCanonicalUserIdResult => getCanonicalUserIdResult.Id),
},
},
}, new CustomResourceOptions
{
DependsOn =
{
exampleBucketOwnershipControls,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.S3Functions;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetLogDeliveryCanonicalUserIdArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketOwnershipControls;
import com.pulumi.aws.s3.BucketOwnershipControlsArgs;
import com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyArgs;
import com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyOwnerArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = S3Functions.getCanonicalUserId();
final var example = CloudfrontFunctions.getLogDeliveryCanonicalUserId();
var exampleBucketV2 = new BucketV2("exampleBucketV2", BucketV2Args.builder()
.bucket("example")
.build());
var exampleBucketOwnershipControls = new BucketOwnershipControls("exampleBucketOwnershipControls", BucketOwnershipControlsArgs.builder()
.bucket(exampleBucketV2.id())
.rule(BucketOwnershipControlsRuleArgs.builder()
.objectOwnership("BucketOwnerPreferred")
.build())
.build());
var exampleBucketAclV2 = new BucketAclV2("exampleBucketAclV2", BucketAclV2Args.builder()
.bucket(exampleBucketV2.id())
.accessControlPolicy(BucketAclV2AccessControlPolicyArgs.builder()
.grants(BucketAclV2AccessControlPolicyGrantArgs.builder()
.grantee(BucketAclV2AccessControlPolicyGrantGranteeArgs.builder()
.id(example.applyValue(getLogDeliveryCanonicalUserIdResult -> getLogDeliveryCanonicalUserIdResult.id()))
.type("CanonicalUser")
.build())
.permission("FULL_CONTROL")
.build())
.owner(BucketAclV2AccessControlPolicyOwnerArgs.builder()
.id(current.applyValue(getCanonicalUserIdResult -> getCanonicalUserIdResult.id()))
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(exampleBucketOwnershipControls)
.build());
}
}
resources:
exampleBucketV2:
type: aws:s3:BucketV2
name: example
properties:
bucket: example
exampleBucketOwnershipControls:
type: aws:s3:BucketOwnershipControls
name: example
properties:
bucket: ${exampleBucketV2.id}
rule:
objectOwnership: BucketOwnerPreferred
exampleBucketAclV2:
type: aws:s3:BucketAclV2
name: example
properties:
bucket: ${exampleBucketV2.id}
accessControlPolicy:
grants:
- grantee:
id: ${example.id}
type: CanonicalUser
permission: FULL_CONTROL
owner:
id: ${current.id}
options:
dependson:
- ${exampleBucketOwnershipControls}
variables:
current:
fn::invoke:
Function: aws:s3:getCanonicalUserId
Arguments: {}
example:
fn::invoke:
Function: aws:cloudfront:getLogDeliveryCanonicalUserId
Arguments: {}
Using getLogDeliveryCanonicalUserId
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getLogDeliveryCanonicalUserId(args: GetLogDeliveryCanonicalUserIdArgs, opts?: InvokeOptions): Promise<GetLogDeliveryCanonicalUserIdResult>
function getLogDeliveryCanonicalUserIdOutput(args: GetLogDeliveryCanonicalUserIdOutputArgs, opts?: InvokeOptions): Output<GetLogDeliveryCanonicalUserIdResult>def get_log_delivery_canonical_user_id(region: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetLogDeliveryCanonicalUserIdResult
def get_log_delivery_canonical_user_id_output(region: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetLogDeliveryCanonicalUserIdResult]func GetLogDeliveryCanonicalUserId(ctx *Context, args *GetLogDeliveryCanonicalUserIdArgs, opts ...InvokeOption) (*GetLogDeliveryCanonicalUserIdResult, error)
func GetLogDeliveryCanonicalUserIdOutput(ctx *Context, args *GetLogDeliveryCanonicalUserIdOutputArgs, opts ...InvokeOption) GetLogDeliveryCanonicalUserIdResultOutput> Note: This function is named GetLogDeliveryCanonicalUserId in the Go SDK.
public static class GetLogDeliveryCanonicalUserId
{
public static Task<GetLogDeliveryCanonicalUserIdResult> InvokeAsync(GetLogDeliveryCanonicalUserIdArgs args, InvokeOptions? opts = null)
public static Output<GetLogDeliveryCanonicalUserIdResult> Invoke(GetLogDeliveryCanonicalUserIdInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetLogDeliveryCanonicalUserIdResult> getLogDeliveryCanonicalUserId(GetLogDeliveryCanonicalUserIdArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aws:cloudfront/getLogDeliveryCanonicalUserId:getLogDeliveryCanonicalUserId
arguments:
# arguments dictionaryThe following arguments are supported:
- Region string
- Region you'd like the zone for. By default, fetches the current region.
- Region string
- Region you'd like the zone for. By default, fetches the current region.
- region String
- Region you'd like the zone for. By default, fetches the current region.
- region string
- Region you'd like the zone for. By default, fetches the current region.
- region str
- Region you'd like the zone for. By default, fetches the current region.
- region String
- Region you'd like the zone for. By default, fetches the current region.
getLogDeliveryCanonicalUserId Result
The following output properties are available:
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.