1. Docs
  2. Reference
  3. API
  4. @pulumi/signalfx
  5. aws

Module aws

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-signalfx repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-signalfx repo.

Resources

Functions

Others

Resources

Resource ExternalIntegration

class ExternalIntegration extends CustomResource

SignalFx AWS CloudWatch integrations using Role ARNs. For help with this integration see Connect to AWS CloudWatch.

NOTE When managing integrations you’ll need to use an admin token to authenticate the SignalFx provider.

WARNING This resource implements a part of a workflow. You must use it with signalfx.aws.Integration. Check with SignalFx support for your realm’s AWS account id.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as signalfx from "@pulumi/signalfx";

const awsMyteamExtern = new signalfx.aws.ExternalIntegration("awsMyteamExtern", {});
const signalfxAssumePolicy = aws.iam.getPolicyDocument({
    statement: [{
        actions: ["sts:AssumeRole"],
        principals: [{
            type: "AWS",
            identifiers: [awsMyteamExtern.signalfxAwsAccount],
        }],
        condition: [{
            test: "StringEquals",
            variable: "sts:ExternalId",
            values: [awsMyteamExtern.externalId],
        }],
    }],
});
const awsSfxRole = new aws.iam.Role("awsSfxRole", {
    description: "signalfx integration to read out data and send it to signalfxs aws account",
    assumeRolePolicy: signalfxAssumePolicy.json,
});
const awsReadPermissions = new aws.iam.Policy("awsReadPermissions", {
    description: "farts",
    policy: `{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Action": [
				"dynamodb:ListTables",
		    "dynamodb:DescribeTable",
		    "dynamodb:ListTagsOfResource",
		    "ec2:DescribeInstances",
		    "ec2:DescribeInstanceStatus",
		    "ec2:DescribeVolumes",
		    "ec2:DescribeReservedInstances",
		    "ec2:DescribeReservedInstancesModifications",
		    "ec2:DescribeTags",
		    "organizations:DescribeOrganization",
		    "cloudwatch:ListMetrics",
		    "cloudwatch:GetMetricData",
		    "cloudwatch:GetMetricStatistics",
		    "cloudwatch:DescribeAlarms",
		    "sqs:ListQueues",
		    "sqs:GetQueueAttributes",
		    "sqs:ListQueueTags",
		    "elasticmapreduce:ListClusters",
		    "elasticmapreduce:DescribeCluster",
		    "kinesis:ListShards",
		    "kinesis:ListStreams",
		    "kinesis:DescribeStream",
		    "kinesis:ListTagsForStream",
		    "rds:DescribeDBInstances",
		    "rds:ListTagsForResource",
		    "elasticloadbalancing:DescribeLoadBalancers",
		    "elasticloadbalancing:DescribeTags",
		    "elasticache:describeCacheClusters",
		    "redshift:DescribeClusters",
		    "lambda:GetAlias",
		    "lambda:ListFunctions",
		    "lambda:ListTags",
		    "autoscaling:DescribeAutoScalingGroups",
		    "s3:ListAllMyBuckets",
		    "s3:ListBucket",
		    "s3:GetBucketLocation",
		    "s3:GetBucketTagging",
		    "ecs:ListServices",
		    "ecs:ListTasks",
		    "ecs:DescribeTasks",
		    "ecs:DescribeServices",
		    "ecs:ListClusters",
		    "ecs:DescribeClusters",
		    "ecs:ListTaskDefinitions",
		    "ecs:ListTagsForResource",
		    "apigateway:GET",
		    "cloudfront:ListDistributions",
		    "cloudfront:ListTagsForResource",
		    "tag:GetResources",
		    "es:ListDomainNames",
		    "es:DescribeElasticsearchDomain"
			],
			"Effect": "Allow",
			"Resource": "*"
		}
	]
}
`,
});
const sfxReadAttach = new aws.iam.RolePolicyAttachment("sfx-read-attach", {
    role: awsSfxRole.name,
    policyArn: awsReadPermissions.arn,
});
const awsMyteam = new signalfx.aws.Integration("awsMyteam", {
    enabled: true,
    integrationId: awsMyteamExtern.id,
    externalId: awsMyteamExtern.externalId,
    roleArn: awsSfxRole.arn,
    regions: ["us-east-1"],
    pollRate: 300,
    importCloudWatch: true,
    enableAwsUsage: true,
});

constructor

new ExternalIntegration(name: string, args?: ExternalIntegrationArgs, opts?: pulumi.CustomResourceOptions)

Create a ExternalIntegration resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ExternalIntegrationState, opts?: pulumi.CustomResourceOptions): ExternalIntegration

Get an existing ExternalIntegration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ExternalIntegration

Returns true if the given object is an instance of ExternalIntegration. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property externalId

public externalId: pulumi.Output<string>;

The external ID to use with your IAM role and with signalfx.aws.Integration.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of this integration

property namedToken

public namedToken: pulumi.Output<string | undefined>;

A named token to use for ingest

property signalfxAwsAccount

public signalfxAwsAccount: pulumi.Output<string>;

The AWS Account ARN to use with your policies/roles, provided by SignalFx.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Integration

class Integration extends CustomResource

SignalFx AWS CloudWatch integrations. For help with this integration see Monitoring Amazon Web Services.

NOTE When managing integrations you’ll need to use an admin token to authenticate the SignalFx provider.

WARNING This resource implements a part of a workflow. You must use it with one of either signalfx.aws.ExternalIntegration or signalfx.aws.TokenIntegration.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as signalfx from "@pulumi/signalfx";

// This resource returns an account id in `externalId`…
const awsMyteamExternal = new signalfx.aws.ExternalIntegration("awsMyteamExternal", {});
// Make yourself an AWS IAM role here, use `signalfx_aws_external_integration.aws_myteam_external.external_id`
const awsSfxRole = new aws.iam.Role("awsSfxRole", {});
// Stuff here that uses the external and account ID
const awsMyteam = new signalfx.aws.Integration("awsMyteam", {
    enabled: true,
    integrationId: awsMyteamExternal.id,
    externalId: awsMyteamExternal.externalId,
    roleArn: awsSfxRole.arn,
    regions: ["us-east-1"],
    pollRate: 300,
    importCloudWatch: true,
    enableAwsUsage: true,
    custom_namespace_sync_rule: [{
        defaultAction: "Exclude",
        filterAction: "Include",
        filterSource: "filter('code', '200')",
        namespace: "fart",
    }],
    namespace_sync_rule: [{
        defaultAction: "Exclude",
        filterAction: "Include",
        filterSource: "filter('code', '200')",
        namespace: "AWS/EC2",
    }],
});

Service Names

NOTE You can use the data source “signalfx.aws.getServices” to specify all services.

constructor

new Integration(name: string, args: IntegrationArgs, opts?: pulumi.CustomResourceOptions)

Create a Integration resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IntegrationState, opts?: pulumi.CustomResourceOptions): Integration

Get an existing Integration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Integration

Returns true if the given object is an instance of Integration. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property customCloudwatchNamespaces

public customCloudwatchNamespaces: pulumi.Output<string[] | undefined>;

List of custom AWS CloudWatch namespaces to monitor. Custom namespaces contain custom metrics that you define in AWS; SignalFx imports the metrics so you can monitor them.

property customNamespaceSyncRules

public customNamespaceSyncRules: pulumi.Output<IntegrationCustomNamespaceSyncRule[] | undefined>;

Each element controls the data collected by SignalFx for the specified namespace. Conflicts with the customCloudwatchNamespaces property.

property enableAwsUsage

public enableAwsUsage: pulumi.Output<boolean | undefined>;

Flag that controls how SignalFx imports usage metrics from AWS to use with AWS Cost Optimizer. If true, SignalFx imports the metrics.

property enabled

public enabled: pulumi.Output<boolean>;

Whether the integration is enabled.

property externalId

public externalId: pulumi.Output<string | undefined>;

The externalId property from one of a signalfx.aws.ExternalIntegration or signalfx.aws.TokenIntegration

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property importCloudWatch

public importCloudWatch: pulumi.Output<boolean | undefined>;

Flag that controls how SignalFx imports Cloud Watch metrics. If true, SignalFx imports Cloud Watch metrics from AWS.

property integrationId

public integrationId: pulumi.Output<string>;

The id of one of a signalfx.aws.ExternalIntegration or signalfx.aws.TokenIntegration.

property key

public key: pulumi.Output<string | undefined>;

If you specify authMethod = \"SecurityToken\" in your request to create an AWS integration object, use this property to specify the key.

property namespaceSyncRules

public namespaceSyncRules: pulumi.Output<IntegrationNamespaceSyncRule[] | undefined>;

Each element in the array is an object that contains an AWS namespace name and a filter that controls the data that SignalFx collects for the namespace. Conflicts with the services property. If you don’t specify either property, SignalFx syncs all data in all AWS namespaces.

property pollRate

public pollRate: pulumi.Output<number | undefined>;

AWS poll rate (in seconds). One of 60 or 300.

property regions

public regions: pulumi.Output<string[] | undefined>;

List of AWS regions that SignalFx should monitor.

property roleArn

public roleArn: pulumi.Output<string | undefined>;

Role ARN that you add to an existing AWS integration object. Note: Ensure you use the arn property of your role, not the id!

property services

public services: pulumi.Output<string[] | undefined>;

List of AWS services that you want SignalFx to monitor. Each element is a string designating an AWS service. Conflicts with namespaceSyncRule. See the documentation for Creating Integrations for valida values.

property token

public token: pulumi.Output<string | undefined>;

Used with signalfx_aws_token_integration. Use this property to specify the token.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property useGetMetricDataMethod

public useGetMetricDataMethod: pulumi.Output<boolean | undefined>;

Enable the use of Amazon’s GetMetricData for collecting metrics. Note that this requires the inclusion of the "cloudwatch:GetMetricData" permission.

Resource TokenIntegration

class TokenIntegration extends CustomResource

SignalFx AWS CloudWatch integrations using security tokens. For help with this integration see Connect to AWS CloudWatch.

NOTE When managing integrations you’ll need to use an admin token to authenticate the SignalFx provider.

WARNING This resource implements a part of a workflow. You must use it with signalfx.aws.Integration.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as signalfx from "@pulumi/signalfx";

const awsMyteamToken = new signalfx.aws.TokenIntegration("awsMyteamToken", {});
// Make yourself an AWS IAM role here
const awsSfxRole = new aws.iam.Role("awsSfxRole", {});
// Stuff here that uses the external and account ID
const awsMyteam = new signalfx.aws.Integration("awsMyteam", {
    enabled: true,
    integrationId: awsMyteamToken.id,
    token: "putYourTokenHere",
    key: "putYourKeyHere",
    regions: ["us-east-1"],
    pollRate: 300,
    importCloudWatch: true,
    enableAwsUsage: true,
    custom_namespace_sync_rule: [{
        defaultAction: "Exclude",
        filterAction: "Include",
        filterSource: "filter('code', '200')",
        namespace: "fart",
    }],
    namespace_sync_rule: [{
        defaultAction: "Exclude",
        filterAction: "Include",
        filterSource: "filter('code', '200')",
        namespace: "AWS/EC2",
    }],
});

constructor

new TokenIntegration(name: string, args?: TokenIntegrationArgs, opts?: pulumi.CustomResourceOptions)

Create a TokenIntegration resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: TokenIntegrationState, opts?: pulumi.CustomResourceOptions): TokenIntegration

Get an existing TokenIntegration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is TokenIntegration

Returns true if the given object is an instance of TokenIntegration. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of this integration

property namedToken

public namedToken: pulumi.Output<string | undefined>;

A named token to use for ingest

property signalfxAwsAccount

public signalfxAwsAccount: pulumi.Output<string>;

The AWS Account ARN to use with your policies/roles, provided by SignalFx.

property tokenId

public tokenId: pulumi.Output<string>;

The SignalFx-generated AWS token to use with an AWS integration.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Functions

Function getServices

getServices(args?: GetServicesArgs, opts?: pulumi.InvokeOptions): Promise<GetServicesResult>

Use this data source to get a list of AWS service names.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as signalfx from "@pulumi/signalfx";

const awsServices = signalfx.aws.getServices({});
// Leaves out most of the integration bits, see the docs
// for signalfx.aws.Integration for more
const awsMyteam = new signalfx.aws.Integration("awsMyteam", {services: [awsServices.then(awsServices => awsServices.services)].map(__item => __item?.name)});

Others

interface ExternalIntegrationArgs

interface ExternalIntegrationArgs

The set of arguments for constructing a ExternalIntegration resource.

property name

name?: pulumi.Input<string>;

The name of this integration

property namedToken

namedToken?: pulumi.Input<string>;

A named token to use for ingest

interface ExternalIntegrationState

interface ExternalIntegrationState

Input properties used for looking up and filtering ExternalIntegration resources.

property externalId

externalId?: pulumi.Input<string>;

The external ID to use with your IAM role and with signalfx.aws.Integration.

property name

name?: pulumi.Input<string>;

The name of this integration

property namedToken

namedToken?: pulumi.Input<string>;

A named token to use for ingest

property signalfxAwsAccount

signalfxAwsAccount?: pulumi.Input<string>;

The AWS Account ARN to use with your policies/roles, provided by SignalFx.

interface GetServicesArgs

interface GetServicesArgs

A collection of arguments for invoking getServices.

property services

services?: GetServicesService[];

interface GetServicesResult

interface GetServicesResult

A collection of values returned by getServices.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property services

services?: GetServicesService[];

interface IntegrationArgs

interface IntegrationArgs

The set of arguments for constructing a Integration resource.

property customCloudwatchNamespaces

customCloudwatchNamespaces?: pulumi.Input<pulumi.Input<string>[]>;

List of custom AWS CloudWatch namespaces to monitor. Custom namespaces contain custom metrics that you define in AWS; SignalFx imports the metrics so you can monitor them.

property customNamespaceSyncRules

customNamespaceSyncRules?: pulumi.Input<pulumi.Input<IntegrationCustomNamespaceSyncRule>[]>;

Each element controls the data collected by SignalFx for the specified namespace. Conflicts with the customCloudwatchNamespaces property.

property enableAwsUsage

enableAwsUsage?: pulumi.Input<boolean>;

Flag that controls how SignalFx imports usage metrics from AWS to use with AWS Cost Optimizer. If true, SignalFx imports the metrics.

property enabled

enabled: pulumi.Input<boolean>;

Whether the integration is enabled.

property externalId

externalId?: pulumi.Input<string>;

The externalId property from one of a signalfx.aws.ExternalIntegration or signalfx.aws.TokenIntegration

property importCloudWatch

importCloudWatch?: pulumi.Input<boolean>;

Flag that controls how SignalFx imports Cloud Watch metrics. If true, SignalFx imports Cloud Watch metrics from AWS.

property integrationId

integrationId: pulumi.Input<string>;

The id of one of a signalfx.aws.ExternalIntegration or signalfx.aws.TokenIntegration.

property key

key?: pulumi.Input<string>;

If you specify authMethod = \"SecurityToken\" in your request to create an AWS integration object, use this property to specify the key.

property namespaceSyncRules

namespaceSyncRules?: pulumi.Input<pulumi.Input<IntegrationNamespaceSyncRule>[]>;

Each element in the array is an object that contains an AWS namespace name and a filter that controls the data that SignalFx collects for the namespace. Conflicts with the services property. If you don’t specify either property, SignalFx syncs all data in all AWS namespaces.

property pollRate

pollRate?: pulumi.Input<number>;

AWS poll rate (in seconds). One of 60 or 300.

property regions

regions?: pulumi.Input<pulumi.Input<string>[]>;

List of AWS regions that SignalFx should monitor.

property roleArn

roleArn?: pulumi.Input<string>;

Role ARN that you add to an existing AWS integration object. Note: Ensure you use the arn property of your role, not the id!

property services

services?: pulumi.Input<pulumi.Input<string>[]>;

List of AWS services that you want SignalFx to monitor. Each element is a string designating an AWS service. Conflicts with namespaceSyncRule. See the documentation for Creating Integrations for valida values.

property token

token?: pulumi.Input<string>;

Used with signalfx_aws_token_integration. Use this property to specify the token.

property useGetMetricDataMethod

useGetMetricDataMethod?: pulumi.Input<boolean>;

Enable the use of Amazon’s GetMetricData for collecting metrics. Note that this requires the inclusion of the "cloudwatch:GetMetricData" permission.

interface IntegrationState

interface IntegrationState

Input properties used for looking up and filtering Integration resources.

property customCloudwatchNamespaces

customCloudwatchNamespaces?: pulumi.Input<pulumi.Input<string>[]>;

List of custom AWS CloudWatch namespaces to monitor. Custom namespaces contain custom metrics that you define in AWS; SignalFx imports the metrics so you can monitor them.

property customNamespaceSyncRules

customNamespaceSyncRules?: pulumi.Input<pulumi.Input<IntegrationCustomNamespaceSyncRule>[]>;

Each element controls the data collected by SignalFx for the specified namespace. Conflicts with the customCloudwatchNamespaces property.

property enableAwsUsage

enableAwsUsage?: pulumi.Input<boolean>;

Flag that controls how SignalFx imports usage metrics from AWS to use with AWS Cost Optimizer. If true, SignalFx imports the metrics.

property enabled

enabled?: pulumi.Input<boolean>;

Whether the integration is enabled.

property externalId

externalId?: pulumi.Input<string>;

The externalId property from one of a signalfx.aws.ExternalIntegration or signalfx.aws.TokenIntegration

property importCloudWatch

importCloudWatch?: pulumi.Input<boolean>;

Flag that controls how SignalFx imports Cloud Watch metrics. If true, SignalFx imports Cloud Watch metrics from AWS.

property integrationId

integrationId?: pulumi.Input<string>;

The id of one of a signalfx.aws.ExternalIntegration or signalfx.aws.TokenIntegration.

property key

key?: pulumi.Input<string>;

If you specify authMethod = \"SecurityToken\" in your request to create an AWS integration object, use this property to specify the key.

property namespaceSyncRules

namespaceSyncRules?: pulumi.Input<pulumi.Input<IntegrationNamespaceSyncRule>[]>;

Each element in the array is an object that contains an AWS namespace name and a filter that controls the data that SignalFx collects for the namespace. Conflicts with the services property. If you don’t specify either property, SignalFx syncs all data in all AWS namespaces.

property pollRate

pollRate?: pulumi.Input<number>;

AWS poll rate (in seconds). One of 60 or 300.

property regions

regions?: pulumi.Input<pulumi.Input<string>[]>;

List of AWS regions that SignalFx should monitor.

property roleArn

roleArn?: pulumi.Input<string>;

Role ARN that you add to an existing AWS integration object. Note: Ensure you use the arn property of your role, not the id!

property services

services?: pulumi.Input<pulumi.Input<string>[]>;

List of AWS services that you want SignalFx to monitor. Each element is a string designating an AWS service. Conflicts with namespaceSyncRule. See the documentation for Creating Integrations for valida values.

property token

token?: pulumi.Input<string>;

Used with signalfx_aws_token_integration. Use this property to specify the token.

property useGetMetricDataMethod

useGetMetricDataMethod?: pulumi.Input<boolean>;

Enable the use of Amazon’s GetMetricData for collecting metrics. Note that this requires the inclusion of the "cloudwatch:GetMetricData" permission.

interface TokenIntegrationArgs

interface TokenIntegrationArgs

The set of arguments for constructing a TokenIntegration resource.

property name

name?: pulumi.Input<string>;

The name of this integration

property namedToken

namedToken?: pulumi.Input<string>;

A named token to use for ingest

interface TokenIntegrationState

interface TokenIntegrationState

Input properties used for looking up and filtering TokenIntegration resources.

property name

name?: pulumi.Input<string>;

The name of this integration

property namedToken

namedToken?: pulumi.Input<string>;

A named token to use for ingest

property signalfxAwsAccount

signalfxAwsAccount?: pulumi.Input<string>;

The AWS Account ARN to use with your policies/roles, provided by SignalFx.

property tokenId

tokenId?: pulumi.Input<string>;

The SignalFx-generated AWS token to use with an AWS integration.