GetServiceAccount

Use this data source to get the Account ID of the AWS Elastic Load Balancing Service Account in a given region for the purpose of permitting in S3 bucket policy.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var main = Output.Create(Aws.Elb.GetServiceAccount.InvokeAsync());
        var elbLogs = new Aws.S3.Bucket("elbLogs", new Aws.S3.BucketArgs
        {
            Acl = "private",
            Policy = main.Apply(main => @$"{{
  ""Id"": ""Policy"",
  ""Version"": ""2012-10-17"",
  ""Statement"": [
    {{
      ""Action"": [
        ""s3:PutObject""
      ],
      ""Effect"": ""Allow"",
      ""Resource"": ""arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*"",
      ""Principal"": {{
        ""AWS"": [
          ""{main.Arn}""
        ]
      }}
    }}
  ]
}}

"),
        });
        var bar = new Aws.Elb.LoadBalancer("bar", new Aws.Elb.LoadBalancerArgs
        {
            AccessLogs = new Aws.Elb.Inputs.LoadBalancerAccessLogsArgs
            {
                Bucket = elbLogs.BucketName,
                Interval = 5,
            },
            AvailabilityZones = 
            {
                "us-west-2a",
            },
            Listeners = 
            {
                new Aws.Elb.Inputs.LoadBalancerListenerArgs
                {
                    InstancePort = 8000,
                    InstanceProtocol = "http",
                    LbPort = 80,
                    LbProtocol = "http",
                },
            },
        });
    }

}

package main

import (
    "fmt"

    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/elb"
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/s3"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        main, err := elb.GetServiceAccount(ctx, nil, nil)
        if err != nil {
            return err
        }
        elbLogs, err := s3.NewBucket(ctx, "elbLogs", &s3.BucketArgs{
            Acl:    pulumi.String("private"),
            Policy: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", "  \"Id\": \"Policy\",\n", "  \"Version\": \"2012-10-17\",\n", "  \"Statement\": [\n", "    {\n", "      \"Action\": [\n", "        \"s3:PutObject\"\n", "      ],\n", "      \"Effect\": \"Allow\",\n", "      \"Resource\": \"arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*\",\n", "      \"Principal\": {\n", "        \"AWS\": [\n", "          \"", main.Arn, "\"\n", "        ]\n", "      }\n", "    }\n", "  ]\n", "}\n", "\n")),
        })
        if err != nil {
            return err
        }
        _, err = elb.NewLoadBalancer(ctx, "bar", &elb.LoadBalancerArgs{
            AccessLogs: &elb.LoadBalancerAccessLogsArgs{
                Bucket:   elbLogs.Bucket,
                Interval: pulumi.Int(5),
            },
            AvailabilityZones: pulumi.StringArray{
                pulumi.String("us-west-2a"),
            },
            Listeners: elb.LoadBalancerListenerArray{
                &elb.LoadBalancerListenerArgs{
                    InstancePort:     pulumi.Int(8000),
                    InstanceProtocol: pulumi.String("http"),
                    LbPort:           pulumi.Int(80),
                    LbProtocol:       pulumi.String("http"),
                },
            },
        })
        if err != nil {
            return err
        }
        return nil
    })
}

import pulumi
import pulumi_aws as aws

main = aws.elb.get_service_account()
elb_logs = aws.s3.Bucket("elbLogs",
    acl="private",
    policy=f"""{{
  "Id": "Policy",
  "Version": "2012-10-17",
  "Statement": [
    {{
      "Action": [
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*",
      "Principal": {{
        "AWS": [
          "{main.arn}"
        ]
      }}
    }}
  ]
}}

""")
bar = aws.elb.LoadBalancer("bar",
    access_logs={
        "bucket": elb_logs.bucket,
        "interval": 5,
    },
    availability_zones=["us-west-2a"],
    listeners=[{
        "instance_port": 8000,
        "instanceProtocol": "http",
        "lb_port": 80,
        "lbProtocol": "http",
    }])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const main = pulumi.output(aws.elb.getServiceAccount({ async: true }));
const elbLogs = new aws.s3.Bucket("elb_logs", {
    acl: "private",
    policy: pulumi.interpolate`{
  "Id": "Policy",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::my-elb-tf-test-bucket/AWSLogs/*",
      "Principal": {
        "AWS": [
          "${main.arn}"
        ]
      }
    }
  ]
}
`,
});
const bar = new aws.elb.LoadBalancer("bar", {
    accessLogs: {
        bucket: elbLogs.bucket,
        interval: 5,
    },
    availabilityZones: ["us-west-2a"],
    listeners: [{
        instancePort: 8000,
        instanceProtocol: "http",
        lbPort: 80,
        lbProtocol: "http",
    }],
});

Deprecated: aws.elasticloadbalancing.getServiceAccount has been deprecated in favor of aws.elb.getServiceAccount

Using GetServiceAccount

function getServiceAccount(args: GetServiceAccountArgs, opts?: InvokeOptions): Promise<GetServiceAccountResult>

function  get_service_account(region=None, opts=None)

func GetServiceAccount(ctx *Context, args *GetServiceAccountArgs, opts ...InvokeOption) (*GetServiceAccountResult, error)

public static class GetServiceAccount {
    public static Task<GetServiceAccountResult> InvokeAsync(GetServiceAccountArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

Region string: Name of the region whose AWS ELB account ID is desired. Defaults to the region from the AWS provider configuration.

Region string: Name of the region whose AWS ELB account ID is desired. Defaults to the region from the AWS provider configuration.

region string: Name of the region whose AWS ELB account ID is desired. Defaults to the region from the AWS provider configuration.

region str: Name of the region whose AWS ELB account ID is desired. Defaults to the region from the AWS provider configuration.

GetServiceAccount Result

The following output properties are available:

Arn string: The ARN of the AWS ELB service account in the selected region.
Id string: The provider-assigned unique ID for this managed resource.
Region string

Arn string: The ARN of the AWS ELB service account in the selected region.
Id string: The provider-assigned unique ID for this managed resource.
Region string

arn string: The ARN of the AWS ELB service account in the selected region.
id string: The provider-assigned unique ID for this managed resource.
region string

arn str: The ARN of the AWS ELB service account in the selected region.
id str: The provider-assigned unique ID for this managed resource.
region str

Package Details

Repository: https://github.com/pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud

GetServiceAccount

Example Usage

Using GetServiceAccount

GetServiceAccount Result

Package Details

On This Page