1. Packages
  2. AWS
  3. API Docs
  4. securitylake
  5. DataLake
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

aws.securitylake.DataLake

Explore with Pulumi AI

aws logo
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

    Resource for managing an AWS Security Lake Data Lake.

    NOTE: The underlying aws.securitylake.DataLake must be configured before creating other Security Lake resources. Use a depends_on statement.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.securitylake.DataLake("example", {
        metaStoreManagerRoleArn: metaStoreManager.arn,
        configuration: {
            region: "eu-west-1",
            encryptionConfigurations: [{
                kmsKeyId: "S3_MANAGED_KEY",
            }],
            lifecycleConfiguration: {
                transitions: [
                    {
                        days: 31,
                        storageClass: "STANDARD_IA",
                    },
                    {
                        days: 80,
                        storageClass: "ONEZONE_IA",
                    },
                ],
                expiration: {
                    days: 300,
                },
            },
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.securitylake.DataLake("example",
        meta_store_manager_role_arn=meta_store_manager["arn"],
        configuration={
            "region": "eu-west-1",
            "encryption_configurations": [{
                "kms_key_id": "S3_MANAGED_KEY",
            }],
            "lifecycle_configuration": {
                "transitions": [
                    {
                        "days": 31,
                        "storage_class": "STANDARD_IA",
                    },
                    {
                        "days": 80,
                        "storage_class": "ONEZONE_IA",
                    },
                ],
                "expiration": {
                    "days": 300,
                },
            },
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securitylake"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := securitylake.NewDataLake(ctx, "example", &securitylake.DataLakeArgs{
    			MetaStoreManagerRoleArn: pulumi.Any(metaStoreManager.Arn),
    			Configuration: &securitylake.DataLakeConfigurationArgs{
    				Region: pulumi.String("eu-west-1"),
    				EncryptionConfigurations: securitylake.DataLakeConfigurationEncryptionConfigurationArray{
    					&securitylake.DataLakeConfigurationEncryptionConfigurationArgs{
    						KmsKeyId: pulumi.String("S3_MANAGED_KEY"),
    					},
    				},
    				LifecycleConfiguration: &securitylake.DataLakeConfigurationLifecycleConfigurationArgs{
    					Transitions: securitylake.DataLakeConfigurationLifecycleConfigurationTransitionArray{
    						&securitylake.DataLakeConfigurationLifecycleConfigurationTransitionArgs{
    							Days:         pulumi.Int(31),
    							StorageClass: pulumi.String("STANDARD_IA"),
    						},
    						&securitylake.DataLakeConfigurationLifecycleConfigurationTransitionArgs{
    							Days:         pulumi.Int(80),
    							StorageClass: pulumi.String("ONEZONE_IA"),
    						},
    					},
    					Expiration: &securitylake.DataLakeConfigurationLifecycleConfigurationExpirationArgs{
    						Days: pulumi.Int(300),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.SecurityLake.DataLake("example", new()
        {
            MetaStoreManagerRoleArn = metaStoreManager.Arn,
            Configuration = new Aws.SecurityLake.Inputs.DataLakeConfigurationArgs
            {
                Region = "eu-west-1",
                EncryptionConfigurations = new[]
                {
                    new Aws.SecurityLake.Inputs.DataLakeConfigurationEncryptionConfigurationArgs
                    {
                        KmsKeyId = "S3_MANAGED_KEY",
                    },
                },
                LifecycleConfiguration = new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationArgs
                {
                    Transitions = new[]
                    {
                        new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationTransitionArgs
                        {
                            Days = 31,
                            StorageClass = "STANDARD_IA",
                        },
                        new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationTransitionArgs
                        {
                            Days = 80,
                            StorageClass = "ONEZONE_IA",
                        },
                    },
                    Expiration = new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationExpirationArgs
                    {
                        Days = 300,
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.securitylake.DataLake;
    import com.pulumi.aws.securitylake.DataLakeArgs;
    import com.pulumi.aws.securitylake.inputs.DataLakeConfigurationArgs;
    import com.pulumi.aws.securitylake.inputs.DataLakeConfigurationLifecycleConfigurationArgs;
    import com.pulumi.aws.securitylake.inputs.DataLakeConfigurationLifecycleConfigurationExpirationArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new DataLake("example", DataLakeArgs.builder()
                .metaStoreManagerRoleArn(metaStoreManager.arn())
                .configuration(DataLakeConfigurationArgs.builder()
                    .region("eu-west-1")
                    .encryptionConfigurations(DataLakeConfigurationEncryptionConfigurationArgs.builder()
                        .kmsKeyId("S3_MANAGED_KEY")
                        .build())
                    .lifecycleConfiguration(DataLakeConfigurationLifecycleConfigurationArgs.builder()
                        .transitions(                    
                            DataLakeConfigurationLifecycleConfigurationTransitionArgs.builder()
                                .days(31)
                                .storageClass("STANDARD_IA")
                                .build(),
                            DataLakeConfigurationLifecycleConfigurationTransitionArgs.builder()
                                .days(80)
                                .storageClass("ONEZONE_IA")
                                .build())
                        .expiration(DataLakeConfigurationLifecycleConfigurationExpirationArgs.builder()
                            .days(300)
                            .build())
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:securitylake:DataLake
        properties:
          metaStoreManagerRoleArn: ${metaStoreManager.arn}
          configuration:
            region: eu-west-1
            encryptionConfigurations:
              - kmsKeyId: S3_MANAGED_KEY
            lifecycleConfiguration:
              transitions:
                - days: 31
                  storageClass: STANDARD_IA
                - days: 80
                  storageClass: ONEZONE_IA
              expiration:
                days: 300
    

    Basic Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.securitylake.DataLake("example", {
        metaStoreManagerRoleArn: metaStoreManager.arn,
        configuration: {
            region: "eu-west-1",
            encryptionConfigurations: [{
                kmsKeyId: "S3_MANAGED_KEY",
            }],
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.securitylake.DataLake("example",
        meta_store_manager_role_arn=meta_store_manager["arn"],
        configuration={
            "region": "eu-west-1",
            "encryption_configurations": [{
                "kms_key_id": "S3_MANAGED_KEY",
            }],
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securitylake"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := securitylake.NewDataLake(ctx, "example", &securitylake.DataLakeArgs{
    			MetaStoreManagerRoleArn: pulumi.Any(metaStoreManager.Arn),
    			Configuration: &securitylake.DataLakeConfigurationArgs{
    				Region: pulumi.String("eu-west-1"),
    				EncryptionConfigurations: securitylake.DataLakeConfigurationEncryptionConfigurationArray{
    					&securitylake.DataLakeConfigurationEncryptionConfigurationArgs{
    						KmsKeyId: pulumi.String("S3_MANAGED_KEY"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.SecurityLake.DataLake("example", new()
        {
            MetaStoreManagerRoleArn = metaStoreManager.Arn,
            Configuration = new Aws.SecurityLake.Inputs.DataLakeConfigurationArgs
            {
                Region = "eu-west-1",
                EncryptionConfigurations = new[]
                {
                    new Aws.SecurityLake.Inputs.DataLakeConfigurationEncryptionConfigurationArgs
                    {
                        KmsKeyId = "S3_MANAGED_KEY",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.securitylake.DataLake;
    import com.pulumi.aws.securitylake.DataLakeArgs;
    import com.pulumi.aws.securitylake.inputs.DataLakeConfigurationArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new DataLake("example", DataLakeArgs.builder()
                .metaStoreManagerRoleArn(metaStoreManager.arn())
                .configuration(DataLakeConfigurationArgs.builder()
                    .region("eu-west-1")
                    .encryptionConfigurations(DataLakeConfigurationEncryptionConfigurationArgs.builder()
                        .kmsKeyId("S3_MANAGED_KEY")
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:securitylake:DataLake
        properties:
          metaStoreManagerRoleArn: ${metaStoreManager.arn}
          configuration:
            region: eu-west-1
            encryptionConfigurations:
              - kmsKeyId: S3_MANAGED_KEY
    

    Create DataLake Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new DataLake(name: string, args: DataLakeArgs, opts?: CustomResourceOptions);
    @overload
    def DataLake(resource_name: str,
                 args: DataLakeArgs,
                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def DataLake(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 meta_store_manager_role_arn: Optional[str] = None,
                 configuration: Optional[DataLakeConfigurationArgs] = None,
                 tags: Optional[Mapping[str, str]] = None,
                 timeouts: Optional[DataLakeTimeoutsArgs] = None)
    func NewDataLake(ctx *Context, name string, args DataLakeArgs, opts ...ResourceOption) (*DataLake, error)
    public DataLake(string name, DataLakeArgs args, CustomResourceOptions? opts = null)
    public DataLake(String name, DataLakeArgs args)
    public DataLake(String name, DataLakeArgs args, CustomResourceOptions options)
    
    type: aws:securitylake:DataLake
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args DataLakeArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args DataLakeArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args DataLakeArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args DataLakeArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args DataLakeArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var dataLakeResource = new Aws.SecurityLake.DataLake("dataLakeResource", new()
    {
        MetaStoreManagerRoleArn = "string",
        Configuration = new Aws.SecurityLake.Inputs.DataLakeConfigurationArgs
        {
            Region = "string",
            EncryptionConfigurations = new[]
            {
                new Aws.SecurityLake.Inputs.DataLakeConfigurationEncryptionConfigurationArgs
                {
                    KmsKeyId = "string",
                },
            },
            LifecycleConfiguration = new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationArgs
            {
                Expiration = new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationExpirationArgs
                {
                    Days = 0,
                },
                Transitions = new[]
                {
                    new Aws.SecurityLake.Inputs.DataLakeConfigurationLifecycleConfigurationTransitionArgs
                    {
                        Days = 0,
                        StorageClass = "string",
                    },
                },
            },
            ReplicationConfiguration = new Aws.SecurityLake.Inputs.DataLakeConfigurationReplicationConfigurationArgs
            {
                Regions = new[]
                {
                    "string",
                },
                RoleArn = "string",
            },
        },
        Tags = 
        {
            { "string", "string" },
        },
        Timeouts = new Aws.SecurityLake.Inputs.DataLakeTimeoutsArgs
        {
            Create = "string",
            Delete = "string",
            Update = "string",
        },
    });
    
    example, err := securitylake.NewDataLake(ctx, "dataLakeResource", &securitylake.DataLakeArgs{
    	MetaStoreManagerRoleArn: pulumi.String("string"),
    	Configuration: &securitylake.DataLakeConfigurationArgs{
    		Region: pulumi.String("string"),
    		EncryptionConfigurations: securitylake.DataLakeConfigurationEncryptionConfigurationArray{
    			&securitylake.DataLakeConfigurationEncryptionConfigurationArgs{
    				KmsKeyId: pulumi.String("string"),
    			},
    		},
    		LifecycleConfiguration: &securitylake.DataLakeConfigurationLifecycleConfigurationArgs{
    			Expiration: &securitylake.DataLakeConfigurationLifecycleConfigurationExpirationArgs{
    				Days: pulumi.Int(0),
    			},
    			Transitions: securitylake.DataLakeConfigurationLifecycleConfigurationTransitionArray{
    				&securitylake.DataLakeConfigurationLifecycleConfigurationTransitionArgs{
    					Days:         pulumi.Int(0),
    					StorageClass: pulumi.String("string"),
    				},
    			},
    		},
    		ReplicationConfiguration: &securitylake.DataLakeConfigurationReplicationConfigurationArgs{
    			Regions: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			RoleArn: pulumi.String("string"),
    		},
    	},
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Timeouts: &securitylake.DataLakeTimeoutsArgs{
    		Create: pulumi.String("string"),
    		Delete: pulumi.String("string"),
    		Update: pulumi.String("string"),
    	},
    })
    
    var dataLakeResource = new DataLake("dataLakeResource", DataLakeArgs.builder()
        .metaStoreManagerRoleArn("string")
        .configuration(DataLakeConfigurationArgs.builder()
            .region("string")
            .encryptionConfigurations(DataLakeConfigurationEncryptionConfigurationArgs.builder()
                .kmsKeyId("string")
                .build())
            .lifecycleConfiguration(DataLakeConfigurationLifecycleConfigurationArgs.builder()
                .expiration(DataLakeConfigurationLifecycleConfigurationExpirationArgs.builder()
                    .days(0)
                    .build())
                .transitions(DataLakeConfigurationLifecycleConfigurationTransitionArgs.builder()
                    .days(0)
                    .storageClass("string")
                    .build())
                .build())
            .replicationConfiguration(DataLakeConfigurationReplicationConfigurationArgs.builder()
                .regions("string")
                .roleArn("string")
                .build())
            .build())
        .tags(Map.of("string", "string"))
        .timeouts(DataLakeTimeoutsArgs.builder()
            .create("string")
            .delete("string")
            .update("string")
            .build())
        .build());
    
    data_lake_resource = aws.securitylake.DataLake("dataLakeResource",
        meta_store_manager_role_arn="string",
        configuration={
            "region": "string",
            "encryption_configurations": [{
                "kms_key_id": "string",
            }],
            "lifecycle_configuration": {
                "expiration": {
                    "days": 0,
                },
                "transitions": [{
                    "days": 0,
                    "storage_class": "string",
                }],
            },
            "replication_configuration": {
                "regions": ["string"],
                "role_arn": "string",
            },
        },
        tags={
            "string": "string",
        },
        timeouts={
            "create": "string",
            "delete": "string",
            "update": "string",
        })
    
    const dataLakeResource = new aws.securitylake.DataLake("dataLakeResource", {
        metaStoreManagerRoleArn: "string",
        configuration: {
            region: "string",
            encryptionConfigurations: [{
                kmsKeyId: "string",
            }],
            lifecycleConfiguration: {
                expiration: {
                    days: 0,
                },
                transitions: [{
                    days: 0,
                    storageClass: "string",
                }],
            },
            replicationConfiguration: {
                regions: ["string"],
                roleArn: "string",
            },
        },
        tags: {
            string: "string",
        },
        timeouts: {
            create: "string",
            "delete": "string",
            update: "string",
        },
    });
    
    type: aws:securitylake:DataLake
    properties:
        configuration:
            encryptionConfigurations:
                - kmsKeyId: string
            lifecycleConfiguration:
                expiration:
                    days: 0
                transitions:
                    - days: 0
                      storageClass: string
            region: string
            replicationConfiguration:
                regions:
                    - string
                roleArn: string
        metaStoreManagerRoleArn: string
        tags:
            string: string
        timeouts:
            create: string
            delete: string
            update: string
    

    DataLake Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The DataLake resource accepts the following input properties:

    MetaStoreManagerRoleArn string
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    Configuration DataLakeConfiguration
    Specify the Region or Regions that will contribute data to the rollup region.
    Tags Dictionary<string, string>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    Timeouts DataLakeTimeouts
    MetaStoreManagerRoleArn string
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    Configuration DataLakeConfigurationArgs
    Specify the Region or Regions that will contribute data to the rollup region.
    Tags map[string]string
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    Timeouts DataLakeTimeoutsArgs
    metaStoreManagerRoleArn String
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    configuration DataLakeConfiguration
    Specify the Region or Regions that will contribute data to the rollup region.
    tags Map<String,String>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    timeouts DataLakeTimeouts
    metaStoreManagerRoleArn string
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    configuration DataLakeConfiguration
    Specify the Region or Regions that will contribute data to the rollup region.
    tags {[key: string]: string}
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    timeouts DataLakeTimeouts
    meta_store_manager_role_arn str
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    configuration DataLakeConfigurationArgs
    Specify the Region or Regions that will contribute data to the rollup region.
    tags Mapping[str, str]
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    timeouts DataLakeTimeoutsArgs
    metaStoreManagerRoleArn String
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    configuration Property Map
    Specify the Region or Regions that will contribute data to the rollup region.
    tags Map<String>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    timeouts Property Map

    Outputs

    All input properties are implicitly available as output properties. Additionally, the DataLake resource produces the following output properties:

    Arn string
    ARN of the Data Lake.
    Id string
    The provider-assigned unique ID for this managed resource.
    S3BucketArn string
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Arn string
    ARN of the Data Lake.
    Id string
    The provider-assigned unique ID for this managed resource.
    S3BucketArn string
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn String
    ARN of the Data Lake.
    id String
    The provider-assigned unique ID for this managed resource.
    s3BucketArn String
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn string
    ARN of the Data Lake.
    id string
    The provider-assigned unique ID for this managed resource.
    s3BucketArn string
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn str
    ARN of the Data Lake.
    id str
    The provider-assigned unique ID for this managed resource.
    s3_bucket_arn str
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    arn String
    ARN of the Data Lake.
    id String
    The provider-assigned unique ID for this managed resource.
    s3BucketArn String
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Look up Existing DataLake Resource

    Get an existing DataLake resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: DataLakeState, opts?: CustomResourceOptions): DataLake
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            arn: Optional[str] = None,
            configuration: Optional[DataLakeConfigurationArgs] = None,
            meta_store_manager_role_arn: Optional[str] = None,
            s3_bucket_arn: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None,
            timeouts: Optional[DataLakeTimeoutsArgs] = None) -> DataLake
    func GetDataLake(ctx *Context, name string, id IDInput, state *DataLakeState, opts ...ResourceOption) (*DataLake, error)
    public static DataLake Get(string name, Input<string> id, DataLakeState? state, CustomResourceOptions? opts = null)
    public static DataLake get(String name, Output<String> id, DataLakeState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Arn string
    ARN of the Data Lake.
    Configuration DataLakeConfiguration
    Specify the Region or Regions that will contribute data to the rollup region.
    MetaStoreManagerRoleArn string
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    S3BucketArn string
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    Tags Dictionary<string, string>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Timeouts DataLakeTimeouts
    Arn string
    ARN of the Data Lake.
    Configuration DataLakeConfigurationArgs
    Specify the Region or Regions that will contribute data to the rollup region.
    MetaStoreManagerRoleArn string
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    S3BucketArn string
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    Tags map[string]string
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Timeouts DataLakeTimeoutsArgs
    arn String
    ARN of the Data Lake.
    configuration DataLakeConfiguration
    Specify the Region or Regions that will contribute data to the rollup region.
    metaStoreManagerRoleArn String
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    s3BucketArn String
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    tags Map<String,String>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    timeouts DataLakeTimeouts
    arn string
    ARN of the Data Lake.
    configuration DataLakeConfiguration
    Specify the Region or Regions that will contribute data to the rollup region.
    metaStoreManagerRoleArn string
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    s3BucketArn string
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    tags {[key: string]: string}
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    timeouts DataLakeTimeouts
    arn str
    ARN of the Data Lake.
    configuration DataLakeConfigurationArgs
    Specify the Region or Regions that will contribute data to the rollup region.
    meta_store_manager_role_arn str
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    s3_bucket_arn str
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    tags Mapping[str, str]
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    timeouts DataLakeTimeoutsArgs
    arn String
    ARN of the Data Lake.
    configuration Property Map
    Specify the Region or Regions that will contribute data to the rollup region.
    metaStoreManagerRoleArn String
    The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.
    s3BucketArn String
    The ARN for the Amazon Security Lake Amazon S3 bucket.
    tags Map<String>
    Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    timeouts Property Map

    Supporting Types

    DataLakeConfiguration, DataLakeConfigurationArgs

    Region string
    The AWS Regions where Security Lake is automatically enabled.
    EncryptionConfigurations List<DataLakeConfigurationEncryptionConfiguration>
    Provides encryption details of Amazon Security Lake object.
    LifecycleConfiguration DataLakeConfigurationLifecycleConfiguration
    Provides lifecycle details of Amazon Security Lake object.
    ReplicationConfiguration DataLakeConfigurationReplicationConfiguration
    Provides replication details of Amazon Security Lake object.
    Region string
    The AWS Regions where Security Lake is automatically enabled.
    EncryptionConfigurations []DataLakeConfigurationEncryptionConfiguration
    Provides encryption details of Amazon Security Lake object.
    LifecycleConfiguration DataLakeConfigurationLifecycleConfiguration
    Provides lifecycle details of Amazon Security Lake object.
    ReplicationConfiguration DataLakeConfigurationReplicationConfiguration
    Provides replication details of Amazon Security Lake object.
    region String
    The AWS Regions where Security Lake is automatically enabled.
    encryptionConfigurations List<DataLakeConfigurationEncryptionConfiguration>
    Provides encryption details of Amazon Security Lake object.
    lifecycleConfiguration DataLakeConfigurationLifecycleConfiguration
    Provides lifecycle details of Amazon Security Lake object.
    replicationConfiguration DataLakeConfigurationReplicationConfiguration
    Provides replication details of Amazon Security Lake object.
    region string
    The AWS Regions where Security Lake is automatically enabled.
    encryptionConfigurations DataLakeConfigurationEncryptionConfiguration[]
    Provides encryption details of Amazon Security Lake object.
    lifecycleConfiguration DataLakeConfigurationLifecycleConfiguration
    Provides lifecycle details of Amazon Security Lake object.
    replicationConfiguration DataLakeConfigurationReplicationConfiguration
    Provides replication details of Amazon Security Lake object.
    region str
    The AWS Regions where Security Lake is automatically enabled.
    encryption_configurations Sequence[DataLakeConfigurationEncryptionConfiguration]
    Provides encryption details of Amazon Security Lake object.
    lifecycle_configuration DataLakeConfigurationLifecycleConfiguration
    Provides lifecycle details of Amazon Security Lake object.
    replication_configuration DataLakeConfigurationReplicationConfiguration
    Provides replication details of Amazon Security Lake object.
    region String
    The AWS Regions where Security Lake is automatically enabled.
    encryptionConfigurations List<Property Map>
    Provides encryption details of Amazon Security Lake object.
    lifecycleConfiguration Property Map
    Provides lifecycle details of Amazon Security Lake object.
    replicationConfiguration Property Map
    Provides replication details of Amazon Security Lake object.

    DataLakeConfigurationEncryptionConfiguration, DataLakeConfigurationEncryptionConfigurationArgs

    KmsKeyId string
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.
    KmsKeyId string
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.
    kmsKeyId String
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.
    kmsKeyId string
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.
    kms_key_id str
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.
    kmsKeyId String
    The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.

    DataLakeConfigurationLifecycleConfiguration, DataLakeConfigurationLifecycleConfigurationArgs

    Expiration DataLakeConfigurationLifecycleConfigurationExpiration
    Provides data expiration details of Amazon Security Lake object.
    Transitions List<DataLakeConfigurationLifecycleConfigurationTransition>
    Provides data storage transition details of Amazon Security Lake object.
    Expiration DataLakeConfigurationLifecycleConfigurationExpiration
    Provides data expiration details of Amazon Security Lake object.
    Transitions []DataLakeConfigurationLifecycleConfigurationTransition
    Provides data storage transition details of Amazon Security Lake object.
    expiration DataLakeConfigurationLifecycleConfigurationExpiration
    Provides data expiration details of Amazon Security Lake object.
    transitions List<DataLakeConfigurationLifecycleConfigurationTransition>
    Provides data storage transition details of Amazon Security Lake object.
    expiration DataLakeConfigurationLifecycleConfigurationExpiration
    Provides data expiration details of Amazon Security Lake object.
    transitions DataLakeConfigurationLifecycleConfigurationTransition[]
    Provides data storage transition details of Amazon Security Lake object.
    expiration DataLakeConfigurationLifecycleConfigurationExpiration
    Provides data expiration details of Amazon Security Lake object.
    transitions Sequence[DataLakeConfigurationLifecycleConfigurationTransition]
    Provides data storage transition details of Amazon Security Lake object.
    expiration Property Map
    Provides data expiration details of Amazon Security Lake object.
    transitions List<Property Map>
    Provides data storage transition details of Amazon Security Lake object.

    DataLakeConfigurationLifecycleConfigurationExpiration, DataLakeConfigurationLifecycleConfigurationExpirationArgs

    Days int
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    Days int
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    days Integer
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    days number
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    days int
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    days Number
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.

    DataLakeConfigurationLifecycleConfigurationTransition, DataLakeConfigurationLifecycleConfigurationTransitionArgs

    Days int
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    StorageClass string
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.
    Days int
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    StorageClass string
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.
    days Integer
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    storageClass String
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.
    days number
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    storageClass string
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.
    days int
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    storage_class str
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.
    days Number
    Number of days before data transition to a different S3 Storage Class in the Amazon Security Lake object.
    storageClass String
    The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads.

    DataLakeConfigurationReplicationConfiguration, DataLakeConfigurationReplicationConfigurationArgs

    Regions List<string>
    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. Amazon S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different AWS Regions or within the same Region as the source bucket.
    RoleArn string
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.
    Regions []string
    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. Amazon S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different AWS Regions or within the same Region as the source bucket.
    RoleArn string
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.
    regions List<String>
    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. Amazon S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different AWS Regions or within the same Region as the source bucket.
    roleArn String
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.
    regions string[]
    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. Amazon S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different AWS Regions or within the same Region as the source bucket.
    roleArn string
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.
    regions Sequence[str]
    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. Amazon S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different AWS Regions or within the same Region as the source bucket.
    role_arn str
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.
    regions List<String>
    Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. Amazon S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different AWS Regions or within the same Region as the source bucket.
    roleArn String
    Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct.

    DataLakeTimeouts, DataLakeTimeoutsArgs

    Create string
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    Delete string
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
    Update string
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    Create string
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    Delete string
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
    Update string
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    create String
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    delete String
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
    update String
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    create string
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    delete string
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
    update string
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    create str
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    delete str
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
    update str
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    create String
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
    delete String
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
    update String
    A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).

    Import

    Using pulumi import, import Security Hub standards subscriptions using the standards subscription ARN. For example:

    $ pulumi import aws:securitylake/dataLake:DataLake example arn:aws:securitylake:eu-west-1:123456789012:data-lake/default
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi