Docs Home
AWS v6.77.0 published on Wednesday, Apr 9, 2025 by Pulumi
aws.auditmanager.Assessment
Explore with Pulumi AI
Resource for managing an AWS Audit Manager Assessment.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = new aws.auditmanager.Assessment("test", {
name: "example",
assessmentReportsDestination: {
destination: `s3://${testAwsS3Bucket.id}`,
destinationType: "S3",
},
frameworkId: testAwsAuditmanagerFramework.id,
roles: [{
roleArn: testAwsIamRole.arn,
roleType: "PROCESS_OWNER",
}],
scope: {
awsAccounts: [{
id: current.accountId,
}],
awsServices: [{
serviceName: "S3",
}],
},
});
import pulumi
import pulumi_aws as aws
test = aws.auditmanager.Assessment("test",
name="example",
assessment_reports_destination={
"destination": f"s3://{test_aws_s3_bucket['id']}",
"destination_type": "S3",
},
framework_id=test_aws_auditmanager_framework["id"],
roles=[{
"role_arn": test_aws_iam_role["arn"],
"role_type": "PROCESS_OWNER",
}],
scope={
"aws_accounts": [{
"id": current["accountId"],
}],
"aws_services": [{
"service_name": "S3",
}],
})
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/auditmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := auditmanager.NewAssessment(ctx, "test", &auditmanager.AssessmentArgs{
Name: pulumi.String("example"),
AssessmentReportsDestination: &auditmanager.AssessmentAssessmentReportsDestinationArgs{
Destination: pulumi.Sprintf("s3://%v", testAwsS3Bucket.Id),
DestinationType: pulumi.String("S3"),
},
FrameworkId: pulumi.Any(testAwsAuditmanagerFramework.Id),
Roles: auditmanager.AssessmentRoleArray{
&auditmanager.AssessmentRoleArgs{
RoleArn: pulumi.Any(testAwsIamRole.Arn),
RoleType: pulumi.String("PROCESS_OWNER"),
},
},
Scope: &auditmanager.AssessmentScopeArgs{
AwsAccounts: auditmanager.AssessmentScopeAwsAccountArray{
&auditmanager.AssessmentScopeAwsAccountArgs{
Id: pulumi.Any(current.AccountId),
},
},
AwsServices: auditmanager.AssessmentScopeAwsServiceArray{
&auditmanager.AssessmentScopeAwsServiceArgs{
ServiceName: pulumi.String("S3"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = new Aws.Auditmanager.Assessment("test", new()
{
Name = "example",
AssessmentReportsDestination = new Aws.Auditmanager.Inputs.AssessmentAssessmentReportsDestinationArgs
{
Destination = $"s3://{testAwsS3Bucket.Id}",
DestinationType = "S3",
},
FrameworkId = testAwsAuditmanagerFramework.Id,
Roles = new[]
{
new Aws.Auditmanager.Inputs.AssessmentRoleArgs
{
RoleArn = testAwsIamRole.Arn,
RoleType = "PROCESS_OWNER",
},
},
Scope = new Aws.Auditmanager.Inputs.AssessmentScopeArgs
{
AwsAccounts = new[]
{
new Aws.Auditmanager.Inputs.AssessmentScopeAwsAccountArgs
{
Id = current.AccountId,
},
},
AwsServices = new[]
{
new Aws.Auditmanager.Inputs.AssessmentScopeAwsServiceArgs
{
ServiceName = "S3",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.auditmanager.Assessment;
import com.pulumi.aws.auditmanager.AssessmentArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentAssessmentReportsDestinationArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentRoleArgs;
import com.pulumi.aws.auditmanager.inputs.AssessmentScopeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new Assessment("test", AssessmentArgs.builder()
.name("example")
.assessmentReportsDestination(AssessmentAssessmentReportsDestinationArgs.builder()
.destination(String.format("s3://%s", testAwsS3Bucket.id()))
.destinationType("S3")
.build())
.frameworkId(testAwsAuditmanagerFramework.id())
.roles(AssessmentRoleArgs.builder()
.roleArn(testAwsIamRole.arn())
.roleType("PROCESS_OWNER")
.build())
.scope(AssessmentScopeArgs.builder()
.awsAccounts(AssessmentScopeAwsAccountArgs.builder()
.id(current.accountId())
.build())
.awsServices(AssessmentScopeAwsServiceArgs.builder()
.serviceName("S3")
.build())
.build())
.build());
}
}
resources:
test:
type: aws:auditmanager:Assessment
properties:
name: example
assessmentReportsDestination:
destination: s3://${testAwsS3Bucket.id}
destinationType: S3
frameworkId: ${testAwsAuditmanagerFramework.id}
roles:
- roleArn: ${testAwsIamRole.arn}
roleType: PROCESS_OWNER
scope:
awsAccounts:
- id: ${current.accountId}
awsServices:
- serviceName: S3
Create Assessment Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Assessment(name: string, args: AssessmentArgs, opts?: CustomResourceOptions);@overload
def Assessment(resource_name: str,
args: AssessmentArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Assessment(resource_name: str,
opts: Optional[ResourceOptions] = None,
framework_id: Optional[str] = None,
roles: Optional[Sequence[AssessmentRoleArgs]] = None,
assessment_reports_destination: Optional[AssessmentAssessmentReportsDestinationArgs] = None,
description: Optional[str] = None,
name: Optional[str] = None,
scope: Optional[AssessmentScopeArgs] = None,
tags: Optional[Mapping[str, str]] = None)func NewAssessment(ctx *Context, name string, args AssessmentArgs, opts ...ResourceOption) (*Assessment, error)public Assessment(string name, AssessmentArgs args, CustomResourceOptions? opts = null)public Assessment(String name, AssessmentArgs args)
public Assessment(String name, AssessmentArgs args, CustomResourceOptions options)
type: aws:auditmanager:Assessment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. AssessmentArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. AssessmentArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. AssessmentArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. AssessmentArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. AssessmentArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var assessmentResource = new Aws.Auditmanager.Assessment("assessmentResource", new()
{
FrameworkId = "string",
Roles = new[]
{
new Aws.Auditmanager.Inputs.AssessmentRoleArgs
{
RoleArn = "string",
RoleType = "string",
},
},
AssessmentReportsDestination = new Aws.Auditmanager.Inputs.AssessmentAssessmentReportsDestinationArgs
{
Destination = "string",
DestinationType = "string",
},
Description = "string",
Name = "string",
Scope = new Aws.Auditmanager.Inputs.AssessmentScopeArgs
{
AwsAccounts = new[]
{
new Aws.Auditmanager.Inputs.AssessmentScopeAwsAccountArgs
{
Id = "string",
},
},
AwsServices = new[]
{
new Aws.Auditmanager.Inputs.AssessmentScopeAwsServiceArgs
{
ServiceName = "string",
},
},
},
Tags =
{
{ "string", "string" },
},
});
example, err := auditmanager.NewAssessment(ctx, "assessmentResource", &auditmanager.AssessmentArgs{
FrameworkId: pulumi.String("string"),
Roles: auditmanager.AssessmentRoleArray{
&auditmanager.AssessmentRoleArgs{
RoleArn: pulumi.String("string"),
RoleType: pulumi.String("string"),
},
},
AssessmentReportsDestination: &auditmanager.AssessmentAssessmentReportsDestinationArgs{
Destination: pulumi.String("string"),
DestinationType: pulumi.String("string"),
},
Description: pulumi.String("string"),
Name: pulumi.String("string"),
Scope: &auditmanager.AssessmentScopeArgs{
AwsAccounts: auditmanager.AssessmentScopeAwsAccountArray{
&auditmanager.AssessmentScopeAwsAccountArgs{
Id: pulumi.String("string"),
},
},
AwsServices: auditmanager.AssessmentScopeAwsServiceArray{
&auditmanager.AssessmentScopeAwsServiceArgs{
ServiceName: pulumi.String("string"),
},
},
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var assessmentResource = new Assessment("assessmentResource", AssessmentArgs.builder()
.frameworkId("string")
.roles(AssessmentRoleArgs.builder()
.roleArn("string")
.roleType("string")
.build())
.assessmentReportsDestination(AssessmentAssessmentReportsDestinationArgs.builder()
.destination("string")
.destinationType("string")
.build())
.description("string")
.name("string")
.scope(AssessmentScopeArgs.builder()
.awsAccounts(AssessmentScopeAwsAccountArgs.builder()
.id("string")
.build())
.awsServices(AssessmentScopeAwsServiceArgs.builder()
.serviceName("string")
.build())
.build())
.tags(Map.of("string", "string"))
.build());
assessment_resource = aws.auditmanager.Assessment("assessmentResource",
framework_id="string",
roles=[{
"role_arn": "string",
"role_type": "string",
}],
assessment_reports_destination={
"destination": "string",
"destination_type": "string",
},
description="string",
name="string",
scope={
"aws_accounts": [{
"id": "string",
}],
"aws_services": [{
"service_name": "string",
}],
},
tags={
"string": "string",
})
const assessmentResource = new aws.auditmanager.Assessment("assessmentResource", {
frameworkId: "string",
roles: [{
roleArn: "string",
roleType: "string",
}],
assessmentReportsDestination: {
destination: "string",
destinationType: "string",
},
description: "string",
name: "string",
scope: {
awsAccounts: [{
id: "string",
}],
awsServices: [{
serviceName: "string",
}],
},
tags: {
string: "string",
},
});
type: aws:auditmanager:Assessment
properties:
assessmentReportsDestination:
destination: string
destinationType: string
description: string
frameworkId: string
name: string
roles:
- roleArn: string
roleType: string
scope:
awsAccounts:
- id: string
awsServices:
- serviceName: string
tags:
string: string
Assessment Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Assessment resource accepts the following input properties:
- Framework
Id This property is required. string - Unique identifier of the framework the assessment will be created from.
- Roles
This property is required. List<AssessmentRole> - List of roles for the assessment. See
rolesbelow. - Assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - Description string
- Description of the assessment.
- Name string
- Name of the assessment.
- Scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- Dictionary<string, string>
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- Framework
Id This property is required. string - Unique identifier of the framework the assessment will be created from.
- Roles
This property is required. []AssessmentRole Args - List of roles for the assessment. See
rolesbelow. - Assessment
Reports AssessmentDestination Assessment Reports Destination Args - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - Description string
- Description of the assessment.
- Name string
- Name of the assessment.
- Scope
Assessment
Scope Args Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- map[string]string
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- framework
Id This property is required. String - Unique identifier of the framework the assessment will be created from.
- roles
This property is required. List<AssessmentRole> - List of roles for the assessment. See
rolesbelow. - assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - description String
- Description of the assessment.
- name String
- Name of the assessment.
- scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- Map<String,String>
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- framework
Id This property is required. string - Unique identifier of the framework the assessment will be created from.
- roles
This property is required. AssessmentRole[] - List of roles for the assessment. See
rolesbelow. - assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - description string
- Description of the assessment.
- name string
- Name of the assessment.
- scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- {[key: string]: string}
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- framework_
id This property is required. str - Unique identifier of the framework the assessment will be created from.
- roles
This property is required. Sequence[AssessmentRole Args] - List of roles for the assessment. See
rolesbelow. - assessment_
reports_ Assessmentdestination Assessment Reports Destination Args - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - description str
- Description of the assessment.
- name str
- Name of the assessment.
- scope
Assessment
Scope Args Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- Mapping[str, str]
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- framework
Id This property is required. String - Unique identifier of the framework the assessment will be created from.
- roles
This property is required. List<Property Map> - List of roles for the assessment. See
rolesbelow. - assessment
Reports Property MapDestination - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - description String
- Description of the assessment.
- name String
- Name of the assessment.
- scope Property Map
Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- Map<String>
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
Outputs
All input properties are implicitly available as output properties. Additionally, the Assessment resource produces the following output properties:
- Arn string
- Amazon Resource Name (ARN) of the assessment.
- Id string
- The provider-assigned unique ID for this managed resource.
- Roles
Alls List<AssessmentRoles All> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - Status string
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - Dictionary<string, string>
- Arn string
- Amazon Resource Name (ARN) of the assessment.
- Id string
- The provider-assigned unique ID for this managed resource.
- Roles
Alls []AssessmentRoles All - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - Status string
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - map[string]string
- arn String
- Amazon Resource Name (ARN) of the assessment.
- id String
- The provider-assigned unique ID for this managed resource.
- roles
Alls List<AssessmentRoles All> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - status String
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - Map<String,String>
- arn string
- Amazon Resource Name (ARN) of the assessment.
- id string
- The provider-assigned unique ID for this managed resource.
- roles
Alls AssessmentRoles All[] - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - status string
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - {[key: string]: string}
- arn str
- Amazon Resource Name (ARN) of the assessment.
- id str
- The provider-assigned unique ID for this managed resource.
- roles_
alls Sequence[AssessmentRoles All] - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - status str
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - Mapping[str, str]
- arn String
- Amazon Resource Name (ARN) of the assessment.
- id String
- The provider-assigned unique ID for this managed resource.
- roles
Alls List<Property Map> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - status String
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - Map<String>
Look up Existing Assessment Resource
Get an existing Assessment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AssessmentState, opts?: CustomResourceOptions): Assessment@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
assessment_reports_destination: Optional[AssessmentAssessmentReportsDestinationArgs] = None,
description: Optional[str] = None,
framework_id: Optional[str] = None,
name: Optional[str] = None,
roles: Optional[Sequence[AssessmentRoleArgs]] = None,
roles_alls: Optional[Sequence[AssessmentRolesAllArgs]] = None,
scope: Optional[AssessmentScopeArgs] = None,
status: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None) -> Assessmentfunc GetAssessment(ctx *Context, name string, id IDInput, state *AssessmentState, opts ...ResourceOption) (*Assessment, error)public static Assessment Get(string name, Input<string> id, AssessmentState? state, CustomResourceOptions? opts = null)public static Assessment get(String name, Output<String> id, AssessmentState state, CustomResourceOptions options)resources: _: type: aws:auditmanager:Assessment get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Arn string
- Amazon Resource Name (ARN) of the assessment.
- Assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - Description string
- Description of the assessment.
- Framework
Id string - Unique identifier of the framework the assessment will be created from.
- Name string
- Name of the assessment.
- Roles
List<Assessment
Role> - List of roles for the assessment. See
rolesbelow. - Roles
Alls List<AssessmentRoles All> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - Scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- Status string
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - Dictionary<string, string>
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- Arn string
- Amazon Resource Name (ARN) of the assessment.
- Assessment
Reports AssessmentDestination Assessment Reports Destination Args - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - Description string
- Description of the assessment.
- Framework
Id string - Unique identifier of the framework the assessment will be created from.
- Name string
- Name of the assessment.
- Roles
[]Assessment
Role Args - List of roles for the assessment. See
rolesbelow. - Roles
Alls []AssessmentRoles All Args - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - Scope
Assessment
Scope Args Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- Status string
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - map[string]string
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- arn String
- Amazon Resource Name (ARN) of the assessment.
- assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - description String
- Description of the assessment.
- framework
Id String - Unique identifier of the framework the assessment will be created from.
- name String
- Name of the assessment.
- roles
List<Assessment
Role> - List of roles for the assessment. See
rolesbelow. - roles
Alls List<AssessmentRoles All> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- status String
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - Map<String,String>
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- arn string
- Amazon Resource Name (ARN) of the assessment.
- assessment
Reports AssessmentDestination Assessment Reports Destination - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - description string
- Description of the assessment.
- framework
Id string - Unique identifier of the framework the assessment will be created from.
- name string
- Name of the assessment.
- roles
Assessment
Role[] - List of roles for the assessment. See
rolesbelow. - roles
Alls AssessmentRoles All[] - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - scope
Assessment
Scope Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- status string
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - {[key: string]: string}
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- arn str
- Amazon Resource Name (ARN) of the assessment.
- assessment_
reports_ Assessmentdestination Assessment Reports Destination Args - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - description str
- Description of the assessment.
- framework_
id str - Unique identifier of the framework the assessment will be created from.
- name str
- Name of the assessment.
- roles
Sequence[Assessment
Role Args] - List of roles for the assessment. See
rolesbelow. - roles_
alls Sequence[AssessmentRoles All Args] - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - scope
Assessment
Scope Args Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- status str
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - Mapping[str, str]
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- arn String
- Amazon Resource Name (ARN) of the assessment.
- assessment
Reports Property MapDestination - Assessment report storage destination configuration. See
assessment_reports_destinationbelow. - description String
- Description of the assessment.
- framework
Id String - Unique identifier of the framework the assessment will be created from.
- name String
- Name of the assessment.
- roles List<Property Map>
- List of roles for the assessment. See
rolesbelow. - roles
Alls List<Property Map> - Complete list of all roles with access to the assessment. This includes both roles explicitly configured via the
rolesblock, and any roles which have access to all Audit Manager assessments by default. - scope Property Map
Amazon Web Services accounts and services that are in scope for the assessment. See
scopebelow.The following arguments are optional:
- status String
- Status of the assessment. Valid values are
ACTIVEandINACTIVE. - Map<String>
- A map of tags to assign to the assessment. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
Supporting Types
AssessmentAssessmentReportsDestination, AssessmentAssessmentReportsDestinationArgs
, AssessmentAssessmentReportsDestinationArgs
- Destination
This property is required. string - Destination of the assessment report. This value be in the form
s3://{bucket_name}. - Destination
Type This property is required. string - Destination type. Currently,
S3is the only valid value.
- Destination
This property is required. string - Destination of the assessment report. This value be in the form
s3://{bucket_name}. - Destination
Type This property is required. string - Destination type. Currently,
S3is the only valid value.
- destination
This property is required. String - Destination of the assessment report. This value be in the form
s3://{bucket_name}. - destination
Type This property is required. String - Destination type. Currently,
S3is the only valid value.
- destination
This property is required. string - Destination of the assessment report. This value be in the form
s3://{bucket_name}. - destination
Type This property is required. string - Destination type. Currently,
S3is the only valid value.
- destination
This property is required. str - Destination of the assessment report. This value be in the form
s3://{bucket_name}. - destination_
type This property is required. str - Destination type. Currently,
S3is the only valid value.
- destination
This property is required. String - Destination of the assessment report. This value be in the form
s3://{bucket_name}. - destination
Type This property is required. String - Destination type. Currently,
S3is the only valid value.
AssessmentRole, AssessmentRoleArgs
, AssessmentRoleArgs
AssessmentRolesAll, AssessmentRolesAllArgs
, AssessmentRolesAllArgs
AssessmentScope, AssessmentScopeArgs
, AssessmentScopeArgs
- Aws
Accounts List<AssessmentScope Aws Account> - Amazon Web Services accounts that are in scope for the assessment. See
aws_accountsbelow. - Aws
Services List<AssessmentScope Aws Service> - Amazon Web Services services that are included in the scope of the assessment. See
aws_servicesbelow.
- Aws
Accounts []AssessmentScope Aws Account - Amazon Web Services accounts that are in scope for the assessment. See
aws_accountsbelow. - Aws
Services []AssessmentScope Aws Service - Amazon Web Services services that are included in the scope of the assessment. See
aws_servicesbelow.
- aws
Accounts List<AssessmentScope Aws Account> - Amazon Web Services accounts that are in scope for the assessment. See
aws_accountsbelow. - aws
Services List<AssessmentScope Aws Service> - Amazon Web Services services that are included in the scope of the assessment. See
aws_servicesbelow.
- aws
Accounts AssessmentScope Aws Account[] - Amazon Web Services accounts that are in scope for the assessment. See
aws_accountsbelow. - aws
Services AssessmentScope Aws Service[] - Amazon Web Services services that are included in the scope of the assessment. See
aws_servicesbelow.
- aws_
accounts Sequence[AssessmentScope Aws Account] - Amazon Web Services accounts that are in scope for the assessment. See
aws_accountsbelow. - aws_
services Sequence[AssessmentScope Aws Service] - Amazon Web Services services that are included in the scope of the assessment. See
aws_servicesbelow.
- aws
Accounts List<Property Map> - Amazon Web Services accounts that are in scope for the assessment. See
aws_accountsbelow. - aws
Services List<Property Map> - Amazon Web Services services that are included in the scope of the assessment. See
aws_servicesbelow.
AssessmentScopeAwsAccount, AssessmentScopeAwsAccountArgs
, AssessmentScopeAwsAccountArgs
- Id
This property is required. string - Identifier for the Amazon Web Services account.
- Id
This property is required. string - Identifier for the Amazon Web Services account.
- id
This property is required. String - Identifier for the Amazon Web Services account.
- id
This property is required. string - Identifier for the Amazon Web Services account.
- id
This property is required. str - Identifier for the Amazon Web Services account.
- id
This property is required. String - Identifier for the Amazon Web Services account.
AssessmentScopeAwsService, AssessmentScopeAwsServiceArgs
, AssessmentScopeAwsServiceArgs
- Service
Name This property is required. string - Name of the Amazon Web Service.
- Service
Name This property is required. string - Name of the Amazon Web Service.
- service
Name This property is required. String - Name of the Amazon Web Service.
- service
Name This property is required. string - Name of the Amazon Web Service.
- service_
name This property is required. str - Name of the Amazon Web Service.
- service
Name This property is required. String - Name of the Amazon Web Service.
Import
Using pulumi import, import Audit Manager Assessments using the assessment id. For example:
$ pulumi import aws:auditmanager/assessment:Assessment example abc123-de45
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.