1. Docs
  2. Reference
  3. API
  4. @pulumi/aws
  5. inspector

Module inspector

This page documents the language specification for the aws package. If you're looking for help working with the inputs, outputs, or functions of aws resources in a Pulumi program, please see the resource documentation for examples and API reference.

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

Resources

Functions

Others

Resources

Resource AssessmentTarget

class AssessmentTarget extends CustomResource

Provides a Inspector assessment target

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const bar = new aws.inspector.ResourceGroup("bar", {
    tags: {
        Env: "bar",
        Name: "foo",
    },
});
const foo = new aws.inspector.AssessmentTarget("foo", {
    resourceGroupArn: bar.arn,
});

constructor

new AssessmentTarget(name: string, args?: AssessmentTargetArgs, opts?: pulumi.CustomResourceOptions)

Create a AssessmentTarget resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AssessmentTargetState, opts?: pulumi.CustomResourceOptions): AssessmentTarget

Get an existing AssessmentTarget resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is AssessmentTarget

Returns true if the given object is an instance of AssessmentTarget. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

The target assessment ARN.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the assessment target.

property resourceGroupArn

public resourceGroupArn: pulumi.Output<string | undefined>;

Inspector Resource Group Amazon Resource Name (ARN) stating tags for instance matching. If not specified, all EC2 instances in the current AWS account and region are included in the assessment target.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource AssessmentTemplate

class AssessmentTemplate extends CustomResource

Provides a Inspector assessment template

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.inspector.AssessmentTemplate("example", {
    duration: 3600,
    rulesPackageArns: [
        "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p",
        "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc",
        "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ",
        "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD",
    ],
    targetArn: aws_inspector_assessment_target_example.arn,
});

constructor

new AssessmentTemplate(name: string, args: AssessmentTemplateArgs, opts?: pulumi.CustomResourceOptions)

Create a AssessmentTemplate resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AssessmentTemplateState, opts?: pulumi.CustomResourceOptions): AssessmentTemplate

Get an existing AssessmentTemplate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is AssessmentTemplate

Returns true if the given object is an instance of AssessmentTemplate. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

The template assessment ARN.

property duration

public duration: pulumi.Output<number>;

The duration of the inspector run.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the assessment template.

property rulesPackageArns

public rulesPackageArns: pulumi.Output<string[]>;

The rules to be used during the run.

property tags

public tags: pulumi.Output<{[key: string]: any} | undefined>;

Key-value map of tags for the Inspector assessment template.

property targetArn

public targetArn: pulumi.Output<string>;

The assessment target ARN to attach the template to.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ResourceGroup

class ResourceGroup extends CustomResource

Provides an Amazon Inspector resource group resource.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.inspector.ResourceGroup("example", {
    tags: {
        Env: "bar",
        Name: "foo",
    },
});

constructor

new ResourceGroup(name: string, args: ResourceGroupArgs, opts?: pulumi.CustomResourceOptions)

Create a ResourceGroup resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ResourceGroupState, opts?: pulumi.CustomResourceOptions): ResourceGroup

Get an existing ResourceGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ResourceGroup

Returns true if the given object is an instance of ResourceGroup. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

The resource group ARN.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property tags

public tags: pulumi.Output<{[key: string]: any}>;

Key-value map of tags that are used to select the EC2 instances to be included in an Amazon Inspector assessment target resource.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Functions

Function getRulesPackages

getRulesPackages(opts?: pulumi.InvokeOptions): Promise<GetRulesPackagesResult>

The AWS Inspector Rules Packages data source allows access to the list of AWS Inspector Rules Packages which can be used by AWS Inspector within the region configured in the provider.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Declare the data source
const rules = pulumi.output(aws.inspector.getRulesPackages({ async: true }));
// e.g. Use in aws_inspector_assessment_template
const group = new aws.inspector.ResourceGroup("group", {
    tags: {
        test: "test",
    },
});
const assessmentAssessmentTarget = new aws.inspector.AssessmentTarget("assessment", {
    resourceGroupArn: group.arn,
});
const assessmentAssessmentTemplate = new aws.inspector.AssessmentTemplate("assessment", {
    duration: 60,
    rulesPackageArns: rules.arns,
    targetArn: assessmentAssessmentTarget.arn,
});

Others

interface AssessmentTargetArgs

interface AssessmentTargetArgs

The set of arguments for constructing a AssessmentTarget resource.

property name

name?: pulumi.Input<string>;

The name of the assessment target.

property resourceGroupArn

resourceGroupArn?: pulumi.Input<string>;

Inspector Resource Group Amazon Resource Name (ARN) stating tags for instance matching. If not specified, all EC2 instances in the current AWS account and region are included in the assessment target.

interface AssessmentTargetState

interface AssessmentTargetState

Input properties used for looking up and filtering AssessmentTarget resources.

property arn

arn?: pulumi.Input<string>;

The target assessment ARN.

property name

name?: pulumi.Input<string>;

The name of the assessment target.

property resourceGroupArn

resourceGroupArn?: pulumi.Input<string>;

Inspector Resource Group Amazon Resource Name (ARN) stating tags for instance matching. If not specified, all EC2 instances in the current AWS account and region are included in the assessment target.

interface AssessmentTemplateArgs

interface AssessmentTemplateArgs

The set of arguments for constructing a AssessmentTemplate resource.

property duration

duration: pulumi.Input<number>;

The duration of the inspector run.

property name

name?: pulumi.Input<string>;

The name of the assessment template.

property rulesPackageArns

rulesPackageArns: pulumi.Input<pulumi.Input<string>[]>;

The rules to be used during the run.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

Key-value map of tags for the Inspector assessment template.

property targetArn

targetArn: pulumi.Input<string>;

The assessment target ARN to attach the template to.

interface AssessmentTemplateState

interface AssessmentTemplateState

Input properties used for looking up and filtering AssessmentTemplate resources.

property arn

arn?: pulumi.Input<string>;

The template assessment ARN.

property duration

duration?: pulumi.Input<number>;

The duration of the inspector run.

property name

name?: pulumi.Input<string>;

The name of the assessment template.

property rulesPackageArns

rulesPackageArns?: pulumi.Input<pulumi.Input<string>[]>;

The rules to be used during the run.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

Key-value map of tags for the Inspector assessment template.

property targetArn

targetArn?: pulumi.Input<string>;

The assessment target ARN to attach the template to.

interface GetRulesPackagesResult

interface GetRulesPackagesResult

A collection of values returned by getRulesPackages.

property arns

arns: string[];

A list of the AWS Inspector Rules Packages arns available in the AWS region.

property id

id: string;

The provider-assigned unique ID for this managed resource.

interface ResourceGroupArgs

interface ResourceGroupArgs

The set of arguments for constructing a ResourceGroup resource.

property tags

tags: pulumi.Input<{[key: string]: any}>;

Key-value map of tags that are used to select the EC2 instances to be included in an Amazon Inspector assessment target resource.

interface ResourceGroupState

interface ResourceGroupState

Input properties used for looking up and filtering ResourceGroup resources.

property arn

arn?: pulumi.Input<string>;

The resource group ARN.

property tags

tags?: pulumi.Input<{[key: string]: any}>;

Key-value map of tags that are used to select the EC2 instances to be included in an Amazon Inspector assessment target resource.