Docs Home
CrowdStrike v0.0.10 published on Monday, Mar 3, 2025 by CrowdStrike
crowdstrike.CloudAwsAccount
Explore with Pulumi AI
This resource allows management of an AWS account in Falcon.
API Scopes
The following API scopes are required:
- Cloud security AWS registration | Read & Write
- CSPM registration | Read & Write
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.crowdstrike.CloudAwsAccount;
import com.pulumi.crowdstrike.CloudAwsAccountArgs;
import com.pulumi.crowdstrike.inputs.CloudAwsAccountDspmArgs;
import com.pulumi.crowdstrike.inputs.CloudAwsAccountIdpArgs;
import com.pulumi.crowdstrike.inputs.CloudAwsAccountRealtimeVisibilityArgs;
import com.pulumi.crowdstrike.inputs.CloudAwsAccountSensorManagementArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var org = new CloudAwsAccount("org", CloudAwsAccountArgs.builder()
.accountId("123456789012")
.dspm(CloudAwsAccountDspmArgs.builder()
.enabled(true)
.build())
.idp(CloudAwsAccountIdpArgs.builder()
.enabled(true)
.build())
.isOrganizationManagementAccount(true)
.organizationId("o-1234567890")
.realtimeVisibility(CloudAwsAccountRealtimeVisibilityArgs.builder()
.cloudtrail_region("us-east-1")
.enabled(true)
.build())
.sensorManagement(CloudAwsAccountSensorManagementArgs.builder()
.enabled(true)
.build())
.build());
}
}
resources:
org:
type: crowdstrike:CloudAwsAccount
properties:
accountId: '123456789012'
dspm:
enabled: true
idp:
enabled: true
isOrganizationManagementAccount: true
organizationId: o-1234567890
realtimeVisibility:
cloudtrail_region: us-east-1
enabled: true
sensorManagement:
enabled: true
Create CloudAwsAccount Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CloudAwsAccount(name: string, args: CloudAwsAccountArgs, opts?: CustomResourceOptions);@overload
def CloudAwsAccount(resource_name: str,
args: CloudAwsAccountArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CloudAwsAccount(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
account_type: Optional[str] = None,
asset_inventory: Optional[CloudAwsAccountAssetInventoryArgs] = None,
deployment_method: Optional[str] = None,
dspm: Optional[CloudAwsAccountDspmArgs] = None,
idp: Optional[CloudAwsAccountIdpArgs] = None,
is_organization_management_account: Optional[bool] = None,
organization_id: Optional[str] = None,
realtime_visibility: Optional[CloudAwsAccountRealtimeVisibilityArgs] = None,
sensor_management: Optional[CloudAwsAccountSensorManagementArgs] = None,
target_ouses: Optional[Sequence[str]] = None)func NewCloudAwsAccount(ctx *Context, name string, args CloudAwsAccountArgs, opts ...ResourceOption) (*CloudAwsAccount, error)public CloudAwsAccount(string name, CloudAwsAccountArgs args, CustomResourceOptions? opts = null)
public CloudAwsAccount(String name, CloudAwsAccountArgs args)
public CloudAwsAccount(String name, CloudAwsAccountArgs args, CustomResourceOptions options)
type: crowdstrike:CloudAwsAccount
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CloudAwsAccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CloudAwsAccountArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CloudAwsAccountArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CloudAwsAccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CloudAwsAccountArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var cloudAwsAccountResource = new Crowdstrike.CloudAwsAccount("cloudAwsAccountResource", new()
{
AccountId = "string",
AccountType = "string",
AssetInventory = new Crowdstrike.Inputs.CloudAwsAccountAssetInventoryArgs
{
Enabled = false,
RoleName = "string",
},
DeploymentMethod = "string",
Dspm = new Crowdstrike.Inputs.CloudAwsAccountDspmArgs
{
Enabled = false,
RoleName = "string",
},
Idp = new Crowdstrike.Inputs.CloudAwsAccountIdpArgs
{
Enabled = false,
Status = "string",
},
IsOrganizationManagementAccount = false,
OrganizationId = "string",
RealtimeVisibility = new Crowdstrike.Inputs.CloudAwsAccountRealtimeVisibilityArgs
{
CloudtrailRegion = "string",
Enabled = false,
UseExistingCloudtrail = false,
},
SensorManagement = new Crowdstrike.Inputs.CloudAwsAccountSensorManagementArgs
{
Enabled = false,
},
TargetOuses = new[]
{
"string",
},
});
example, err := crowdstrike.NewCloudAwsAccount(ctx, "cloudAwsAccountResource", &crowdstrike.CloudAwsAccountArgs{
AccountId: pulumi.String("string"),
AccountType: pulumi.String("string"),
AssetInventory: &crowdstrike.CloudAwsAccountAssetInventoryArgs{
Enabled: pulumi.Bool(false),
RoleName: pulumi.String("string"),
},
DeploymentMethod: pulumi.String("string"),
Dspm: &crowdstrike.CloudAwsAccountDspmArgs{
Enabled: pulumi.Bool(false),
RoleName: pulumi.String("string"),
},
Idp: &crowdstrike.CloudAwsAccountIdpArgs{
Enabled: pulumi.Bool(false),
Status: pulumi.String("string"),
},
IsOrganizationManagementAccount: pulumi.Bool(false),
OrganizationId: pulumi.String("string"),
RealtimeVisibility: &crowdstrike.CloudAwsAccountRealtimeVisibilityArgs{
CloudtrailRegion: pulumi.String("string"),
Enabled: pulumi.Bool(false),
UseExistingCloudtrail: pulumi.Bool(false),
},
SensorManagement: &crowdstrike.CloudAwsAccountSensorManagementArgs{
Enabled: pulumi.Bool(false),
},
TargetOuses: pulumi.StringArray{
pulumi.String("string"),
},
})
var cloudAwsAccountResource = new CloudAwsAccount("cloudAwsAccountResource", CloudAwsAccountArgs.builder()
.accountId("string")
.accountType("string")
.assetInventory(CloudAwsAccountAssetInventoryArgs.builder()
.enabled(false)
.roleName("string")
.build())
.deploymentMethod("string")
.dspm(CloudAwsAccountDspmArgs.builder()
.enabled(false)
.roleName("string")
.build())
.idp(CloudAwsAccountIdpArgs.builder()
.enabled(false)
.status("string")
.build())
.isOrganizationManagementAccount(false)
.organizationId("string")
.realtimeVisibility(CloudAwsAccountRealtimeVisibilityArgs.builder()
.cloudtrailRegion("string")
.enabled(false)
.useExistingCloudtrail(false)
.build())
.sensorManagement(CloudAwsAccountSensorManagementArgs.builder()
.enabled(false)
.build())
.targetOuses("string")
.build());
cloud_aws_account_resource = crowdstrike.CloudAwsAccount("cloudAwsAccountResource",
account_id="string",
account_type="string",
asset_inventory={
"enabled": False,
"role_name": "string",
},
deployment_method="string",
dspm={
"enabled": False,
"role_name": "string",
},
idp={
"enabled": False,
"status": "string",
},
is_organization_management_account=False,
organization_id="string",
realtime_visibility={
"cloudtrail_region": "string",
"enabled": False,
"use_existing_cloudtrail": False,
},
sensor_management={
"enabled": False,
},
target_ouses=["string"])
const cloudAwsAccountResource = new crowdstrike.CloudAwsAccount("cloudAwsAccountResource", {
accountId: "string",
accountType: "string",
assetInventory: {
enabled: false,
roleName: "string",
},
deploymentMethod: "string",
dspm: {
enabled: false,
roleName: "string",
},
idp: {
enabled: false,
status: "string",
},
isOrganizationManagementAccount: false,
organizationId: "string",
realtimeVisibility: {
cloudtrailRegion: "string",
enabled: false,
useExistingCloudtrail: false,
},
sensorManagement: {
enabled: false,
},
targetOuses: ["string"],
});
type: crowdstrike:CloudAwsAccount
properties:
accountId: string
accountType: string
assetInventory:
enabled: false
roleName: string
deploymentMethod: string
dspm:
enabled: false
roleName: string
idp:
enabled: false
status: string
isOrganizationManagementAccount: false
organizationId: string
realtimeVisibility:
cloudtrailRegion: string
enabled: false
useExistingCloudtrail: false
sensorManagement:
enabled: false
targetOuses:
- string
CloudAwsAccount Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CloudAwsAccount resource accepts the following input properties:
- Account
Id string - The AWS Account ID
- Account
Type string - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- Asset
Inventory CrowdStrike. Crowdstrike. Inputs. Cloud Aws Account Asset Inventory - Deployment
Method string - Dspm
Crowd
Strike. Crowdstrike. Inputs. Cloud Aws Account Dspm - Idp
Crowd
Strike. Crowdstrike. Inputs. Cloud Aws Account Idp - Is
Organization boolManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- Organization
Id string - The AWS Organization ID
- Realtime
Visibility CrowdStrike. Crowdstrike. Inputs. Cloud Aws Account Realtime Visibility - Sensor
Management CrowdStrike. Crowdstrike. Inputs. Cloud Aws Account Sensor Management - Target
Ouses List<string> - The list of target Organizational Units
- Account
Id string - The AWS Account ID
- Account
Type string - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- Asset
Inventory CloudAws Account Asset Inventory Args - Deployment
Method string - Dspm
Cloud
Aws Account Dspm Args - Idp
Cloud
Aws Account Idp Args - Is
Organization boolManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- Organization
Id string - The AWS Organization ID
- Realtime
Visibility CloudAws Account Realtime Visibility Args - Sensor
Management CloudAws Account Sensor Management Args - Target
Ouses []string - The list of target Organizational Units
- account
Id String - The AWS Account ID
- account
Type String - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset
Inventory CloudAws Account Asset Inventory - deployment
Method String - dspm
Cloud
Aws Account Dspm - idp
Cloud
Aws Account Idp - is
Organization BooleanManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization
Id String - The AWS Organization ID
- realtime
Visibility CloudAws Account Realtime Visibility - sensor
Management CloudAws Account Sensor Management - target
Ouses List<String> - The list of target Organizational Units
- account
Id string - The AWS Account ID
- account
Type string - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset
Inventory CloudAws Account Asset Inventory - deployment
Method string - dspm
Cloud
Aws Account Dspm - idp
Cloud
Aws Account Idp - is
Organization booleanManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization
Id string - The AWS Organization ID
- realtime
Visibility CloudAws Account Realtime Visibility - sensor
Management CloudAws Account Sensor Management - target
Ouses string[] - The list of target Organizational Units
- account_
id str - The AWS Account ID
- account_
type str - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset_
inventory CloudAws Account Asset Inventory Args - deployment_
method str - dspm
Cloud
Aws Account Dspm Args - idp
Cloud
Aws Account Idp Args - is_
organization_ boolmanagement_ account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization_
id str - The AWS Organization ID
- realtime_
visibility CloudAws Account Realtime Visibility Args - sensor_
management CloudAws Account Sensor Management Args - target_
ouses Sequence[str] - The list of target Organizational Units
- account
Id String - The AWS Account ID
- account
Type String - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset
Inventory Property Map - deployment
Method String - dspm Property Map
- idp Property Map
- is
Organization BooleanManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization
Id String - The AWS Organization ID
- realtime
Visibility Property Map - sensor
Management Property Map - target
Ouses List<String> - The list of target Organizational Units
Outputs
All input properties are implicitly available as output properties. Additionally, the CloudAwsAccount resource produces the following output properties:
- Cloudtrail
Bucket stringName - The name of the CloudTrail S3 bucket used for real-time visibility
- Dspm
Role stringArn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- Eventbus
Arn string - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- Eventbus
Name string - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- External
Id string - The external ID used to assume the AWS IAM role
- Iam
Role stringArn - The ARN of the AWS IAM role used to access this AWS account
- Id string
- The provider-assigned unique ID for this managed resource.
- Intermediate
Role stringArn - The ARN of the intermediate role used to assume the AWS IAM role
- Cloudtrail
Bucket stringName - The name of the CloudTrail S3 bucket used for real-time visibility
- Dspm
Role stringArn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- Eventbus
Arn string - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- Eventbus
Name string - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- External
Id string - The external ID used to assume the AWS IAM role
- Iam
Role stringArn - The ARN of the AWS IAM role used to access this AWS account
- Id string
- The provider-assigned unique ID for this managed resource.
- Intermediate
Role stringArn - The ARN of the intermediate role used to assume the AWS IAM role
- cloudtrail
Bucket StringName - The name of the CloudTrail S3 bucket used for real-time visibility
- dspm
Role StringArn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- eventbus
Arn String - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus
Name String - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external
Id String - The external ID used to assume the AWS IAM role
- iam
Role StringArn - The ARN of the AWS IAM role used to access this AWS account
- id String
- The provider-assigned unique ID for this managed resource.
- intermediate
Role StringArn - The ARN of the intermediate role used to assume the AWS IAM role
- cloudtrail
Bucket stringName - The name of the CloudTrail S3 bucket used for real-time visibility
- dspm
Role stringArn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- eventbus
Arn string - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus
Name string - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external
Id string - The external ID used to assume the AWS IAM role
- iam
Role stringArn - The ARN of the AWS IAM role used to access this AWS account
- id string
- The provider-assigned unique ID for this managed resource.
- intermediate
Role stringArn - The ARN of the intermediate role used to assume the AWS IAM role
- cloudtrail_
bucket_ strname - The name of the CloudTrail S3 bucket used for real-time visibility
- dspm_
role_ strarn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- eventbus_
arn str - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus_
name str - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external_
id str - The external ID used to assume the AWS IAM role
- iam_
role_ strarn - The ARN of the AWS IAM role used to access this AWS account
- id str
- The provider-assigned unique ID for this managed resource.
- intermediate_
role_ strarn - The ARN of the intermediate role used to assume the AWS IAM role
- cloudtrail
Bucket StringName - The name of the CloudTrail S3 bucket used for real-time visibility
- dspm
Role StringArn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- eventbus
Arn String - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus
Name String - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external
Id String - The external ID used to assume the AWS IAM role
- iam
Role StringArn - The ARN of the AWS IAM role used to access this AWS account
- id String
- The provider-assigned unique ID for this managed resource.
- intermediate
Role StringArn - The ARN of the intermediate role used to assume the AWS IAM role
Look up Existing CloudAwsAccount Resource
Get an existing CloudAwsAccount resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CloudAwsAccountState, opts?: CustomResourceOptions): CloudAwsAccount@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
account_type: Optional[str] = None,
asset_inventory: Optional[CloudAwsAccountAssetInventoryArgs] = None,
cloudtrail_bucket_name: Optional[str] = None,
deployment_method: Optional[str] = None,
dspm: Optional[CloudAwsAccountDspmArgs] = None,
dspm_role_arn: Optional[str] = None,
eventbus_arn: Optional[str] = None,
eventbus_name: Optional[str] = None,
external_id: Optional[str] = None,
iam_role_arn: Optional[str] = None,
idp: Optional[CloudAwsAccountIdpArgs] = None,
intermediate_role_arn: Optional[str] = None,
is_organization_management_account: Optional[bool] = None,
organization_id: Optional[str] = None,
realtime_visibility: Optional[CloudAwsAccountRealtimeVisibilityArgs] = None,
sensor_management: Optional[CloudAwsAccountSensorManagementArgs] = None,
target_ouses: Optional[Sequence[str]] = None) -> CloudAwsAccountfunc GetCloudAwsAccount(ctx *Context, name string, id IDInput, state *CloudAwsAccountState, opts ...ResourceOption) (*CloudAwsAccount, error)public static CloudAwsAccount Get(string name, Input<string> id, CloudAwsAccountState? state, CustomResourceOptions? opts = null)public static CloudAwsAccount get(String name, Output<String> id, CloudAwsAccountState state, CustomResourceOptions options)resources: _: type: crowdstrike:CloudAwsAccount get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - The AWS Account ID
- Account
Type string - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- Asset
Inventory CrowdStrike. Crowdstrike. Inputs. Cloud Aws Account Asset Inventory - Cloudtrail
Bucket stringName - The name of the CloudTrail S3 bucket used for real-time visibility
- Deployment
Method string - Dspm
Crowd
Strike. Crowdstrike. Inputs. Cloud Aws Account Dspm - Dspm
Role stringArn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- Eventbus
Arn string - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- Eventbus
Name string - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- External
Id string - The external ID used to assume the AWS IAM role
- Iam
Role stringArn - The ARN of the AWS IAM role used to access this AWS account
- Idp
Crowd
Strike. Crowdstrike. Inputs. Cloud Aws Account Idp - Intermediate
Role stringArn - The ARN of the intermediate role used to assume the AWS IAM role
- Is
Organization boolManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- Organization
Id string - The AWS Organization ID
- Realtime
Visibility CrowdStrike. Crowdstrike. Inputs. Cloud Aws Account Realtime Visibility - Sensor
Management CrowdStrike. Crowdstrike. Inputs. Cloud Aws Account Sensor Management - Target
Ouses List<string> - The list of target Organizational Units
- Account
Id string - The AWS Account ID
- Account
Type string - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- Asset
Inventory CloudAws Account Asset Inventory Args - Cloudtrail
Bucket stringName - The name of the CloudTrail S3 bucket used for real-time visibility
- Deployment
Method string - Dspm
Cloud
Aws Account Dspm Args - Dspm
Role stringArn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- Eventbus
Arn string - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- Eventbus
Name string - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- External
Id string - The external ID used to assume the AWS IAM role
- Iam
Role stringArn - The ARN of the AWS IAM role used to access this AWS account
- Idp
Cloud
Aws Account Idp Args - Intermediate
Role stringArn - The ARN of the intermediate role used to assume the AWS IAM role
- Is
Organization boolManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- Organization
Id string - The AWS Organization ID
- Realtime
Visibility CloudAws Account Realtime Visibility Args - Sensor
Management CloudAws Account Sensor Management Args - Target
Ouses []string - The list of target Organizational Units
- account
Id String - The AWS Account ID
- account
Type String - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset
Inventory CloudAws Account Asset Inventory - cloudtrail
Bucket StringName - The name of the CloudTrail S3 bucket used for real-time visibility
- deployment
Method String - dspm
Cloud
Aws Account Dspm - dspm
Role StringArn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- eventbus
Arn String - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus
Name String - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external
Id String - The external ID used to assume the AWS IAM role
- iam
Role StringArn - The ARN of the AWS IAM role used to access this AWS account
- idp
Cloud
Aws Account Idp - intermediate
Role StringArn - The ARN of the intermediate role used to assume the AWS IAM role
- is
Organization BooleanManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization
Id String - The AWS Organization ID
- realtime
Visibility CloudAws Account Realtime Visibility - sensor
Management CloudAws Account Sensor Management - target
Ouses List<String> - The list of target Organizational Units
- account
Id string - The AWS Account ID
- account
Type string - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset
Inventory CloudAws Account Asset Inventory - cloudtrail
Bucket stringName - The name of the CloudTrail S3 bucket used for real-time visibility
- deployment
Method string - dspm
Cloud
Aws Account Dspm - dspm
Role stringArn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- eventbus
Arn string - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus
Name string - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external
Id string - The external ID used to assume the AWS IAM role
- iam
Role stringArn - The ARN of the AWS IAM role used to access this AWS account
- idp
Cloud
Aws Account Idp - intermediate
Role stringArn - The ARN of the intermediate role used to assume the AWS IAM role
- is
Organization booleanManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization
Id string - The AWS Organization ID
- realtime
Visibility CloudAws Account Realtime Visibility - sensor
Management CloudAws Account Sensor Management - target
Ouses string[] - The list of target Organizational Units
- account_
id str - The AWS Account ID
- account_
type str - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset_
inventory CloudAws Account Asset Inventory Args - cloudtrail_
bucket_ strname - The name of the CloudTrail S3 bucket used for real-time visibility
- deployment_
method str - dspm
Cloud
Aws Account Dspm Args - dspm_
role_ strarn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- eventbus_
arn str - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus_
name str - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external_
id str - The external ID used to assume the AWS IAM role
- iam_
role_ strarn - The ARN of the AWS IAM role used to access this AWS account
- idp
Cloud
Aws Account Idp Args - intermediate_
role_ strarn - The ARN of the intermediate role used to assume the AWS IAM role
- is_
organization_ boolmanagement_ account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization_
id str - The AWS Organization ID
- realtime_
visibility CloudAws Account Realtime Visibility Args - sensor_
management CloudAws Account Sensor Management Args - target_
ouses Sequence[str] - The list of target Organizational Units
- account
Id String - The AWS Account ID
- account
Type String - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset
Inventory Property Map - cloudtrail
Bucket StringName - The name of the CloudTrail S3 bucket used for real-time visibility
- deployment
Method String - dspm Property Map
- dspm
Role StringArn - The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management
- eventbus
Arn String - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus
Name String - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external
Id String - The external ID used to assume the AWS IAM role
- iam
Role StringArn - The ARN of the AWS IAM role used to access this AWS account
- idp Property Map
- intermediate
Role StringArn - The ARN of the intermediate role used to assume the AWS IAM role
- is
Organization BooleanManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization
Id String - The AWS Organization ID
- realtime
Visibility Property Map - sensor
Management Property Map - target
Ouses List<String> - The list of target Organizational Units
Supporting Types
CloudAwsAccountAssetInventory, CloudAwsAccountAssetInventoryArgs
CloudAwsAccountDspm, CloudAwsAccountDspmArgs
CloudAwsAccountIdp, CloudAwsAccountIdpArgs
CloudAwsAccountRealtimeVisibility, CloudAwsAccountRealtimeVisibilityArgs
- Cloudtrail
Region string - The AWS region of the CloudTrail bucket
- Enabled bool
- Enable real-time visibility and detection
- Use
Existing boolCloudtrail - Set to true if a CloudTrail already exists
- Cloudtrail
Region string - The AWS region of the CloudTrail bucket
- Enabled bool
- Enable real-time visibility and detection
- Use
Existing boolCloudtrail - Set to true if a CloudTrail already exists
- cloudtrail
Region String - The AWS region of the CloudTrail bucket
- enabled Boolean
- Enable real-time visibility and detection
- use
Existing BooleanCloudtrail - Set to true if a CloudTrail already exists
- cloudtrail
Region string - The AWS region of the CloudTrail bucket
- enabled boolean
- Enable real-time visibility and detection
- use
Existing booleanCloudtrail - Set to true if a CloudTrail already exists
- cloudtrail_
region str - The AWS region of the CloudTrail bucket
- enabled bool
- Enable real-time visibility and detection
- use_
existing_ boolcloudtrail - Set to true if a CloudTrail already exists
- cloudtrail
Region String - The AWS region of the CloudTrail bucket
- enabled Boolean
- Enable real-time visibility and detection
- use
Existing BooleanCloudtrail - Set to true if a CloudTrail already exists
CloudAwsAccountSensorManagement, CloudAwsAccountSensorManagementArgs
- Enabled bool
- Enable 1-click sensor deployment
- Enabled bool
- Enable 1-click sensor deployment
- enabled Boolean
- Enable 1-click sensor deployment
- enabled boolean
- Enable 1-click sensor deployment
- enabled bool
- Enable 1-click sensor deployment
- enabled Boolean
- Enable 1-click sensor deployment
Package Details
- Repository
- crowdstrike crowdstrike/pulumi-crowdstrike
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
crowdstrikeTerraform Provider.