Package com.pulumi.aws.shield

Class ProtectionGroup

  • public class ProtectionGroup
extends com.pulumi.resources.CustomResource
    Creates a grouping of protected resources so they can be handled as a collective. This resource grouping improves the accuracy of detection and reduces false positives. For more information see [Managing AWS Shield Advanced protection groups](https://docs.aws.amazon.com/waf/latest/developerguide/manage-protection-group.html) ## Example Usage ### Create protection group for all resources <!--Start PulumiCodeChooser --> ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.shield.ProtectionGroup; import com.pulumi.aws.shield.ProtectionGroupArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var example = new ProtectionGroup("example", ProtectionGroupArgs.builder() .protectionGroupId("example") .aggregation("MAX") .pattern("ALL") .build()); } } ``` <!--End PulumiCodeChooser --> ### Create protection group for arbitrary number of resources <!--Start PulumiCodeChooser --> ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.AwsFunctions; import com.pulumi.aws.inputs.GetRegionArgs; import com.pulumi.aws.inputs.GetCallerIdentityArgs; import com.pulumi.aws.ec2.Eip; import com.pulumi.aws.ec2.EipArgs; import com.pulumi.aws.shield.Protection; import com.pulumi.aws.shield.ProtectionArgs; import com.pulumi.aws.shield.ProtectionGroup; import com.pulumi.aws.shield.ProtectionGroupArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { final var current = AwsFunctions.getRegion(); final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity(); var example = new Eip("example", EipArgs.builder() .domain("vpc") .build()); var exampleProtection = new Protection("exampleProtection", ProtectionArgs.builder() .name("example") .resourceArn(example.id().applyValue(id -> String.format("arn:aws:ec2:%s:%s:eip-allocation/%s", current.applyValue(getRegionResult -> getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()),id))) .build()); var exampleProtectionGroup = new ProtectionGroup("exampleProtectionGroup", ProtectionGroupArgs.builder() .protectionGroupId("example") .aggregation("MEAN") .pattern("ARBITRARY") .members(example.id().applyValue(id -> String.format("arn:aws:ec2:%s:%s:eip-allocation/%s", current.applyValue(getRegionResult -> getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()),id))) .build()); } } ``` <!--End PulumiCodeChooser --> ### Create protection group for a type of resource <!--Start PulumiCodeChooser --> ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.shield.ProtectionGroup; import com.pulumi.aws.shield.ProtectionGroupArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var example = new ProtectionGroup("example", ProtectionGroupArgs.builder() .protectionGroupId("example") .aggregation("SUM") .pattern("BY_RESOURCE_TYPE") .resourceType("ELASTIC_IP_ALLOCATION") .build()); } } ``` <!--End PulumiCodeChooser --> ## Import Using `pulumi import`, import Shield protection group resources using their protection group id. For example: ```sh $ pulumi import aws:shield/protectionGroup:ProtectionGroup example example ```

    • Nested Class Summary

      • Nested classes/interfaces inherited from class com.pulumi.resources.CustomResource

        com.pulumi.resources.CustomResource.CustomResourceInternal

      • Nested classes/interfaces inherited from class com.pulumi.resources.Resource

        com.pulumi.resources.Resource.LazyField<T extends java.lang.Object>, com.pulumi.resources.Resource.LazyFields, com.pulumi.resources.Resource.ResourceInternal

    • Field Summary

      • Fields inherited from class com.pulumi.resources.Resource

        childResources, remote

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      com.pulumi.core.Output<java.lang.String> aggregation()  
      static ProtectionGroup get​(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, ProtectionGroupState state, com.pulumi.resources.CustomResourceOptions options)
      Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
      com.pulumi.core.Output<java.util.Optional<java.util.List<java.lang.String>>> members()  
      com.pulumi.core.Output<java.lang.String> pattern()  
      com.pulumi.core.Output<java.lang.String> protectionGroupArn()  
      com.pulumi.core.Output<java.lang.String> protectionGroupId()  
      com.pulumi.core.Output<java.util.Optional<java.lang.String>> resourceType()  
      com.pulumi.core.Output<java.util.Optional<java.util.Map<java.lang.String,​java.lang.String>>> tags()  
      com.pulumi.core.Output<java.util.Map<java.lang.String,​java.lang.String>> tagsAll()  

      • Methods inherited from class com.pulumi.resources.CustomResource

        getId, id, idFuture

      • Methods inherited from class com.pulumi.resources.Resource

        getChildResources, getResourceName, getResourceType, getUrn, pulumiChildResources, pulumiResourceName, pulumiResourceType, urn

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • ProtectionGroup

        public ProtectionGroup​(java.lang.String name)
        Parameters:
        name - The _unique_ name of the resulting resource.

      • ProtectionGroup

        public ProtectionGroup​(java.lang.String name,
                       ProtectionGroupArgs args)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.

      • ProtectionGroup

        public ProtectionGroup​(java.lang.String name,
                       ProtectionGroupArgs args,
                       @Nullable
                       com.pulumi.resources.CustomResourceOptions options)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.
        options - A bag of options that control this resource's behavior.

    • Method Detail

      • aggregation

        public com.pulumi.core.Output<java.lang.String> aggregation()
        Returns:
        Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.

      • members

        public com.pulumi.core.Output<java.util.Optional<java.util.List<java.lang.String>>> members()
        Returns:
        The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `pattern` to ARBITRARY and you must not set it for any other `pattern` setting.

      • pattern

        public com.pulumi.core.Output<java.lang.String> pattern()
        Returns:
        The criteria to use to choose the protected resources for inclusion in the group.

      • protectionGroupArn

        public com.pulumi.core.Output<java.lang.String> protectionGroupArn()
        Returns:
        The ARN (Amazon Resource Name) of the protection group.

      • protectionGroupId

        public com.pulumi.core.Output<java.lang.String> protectionGroupId()
        Returns:
        The name of the protection group.

      • resourceType

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> resourceType()
        Returns:
        The resource type to include in the protection group. You must set this when you set `pattern` to BY_RESOURCE_TYPE and you must not set it for any other `pattern` setting.

      • tags

        public com.pulumi.core.Output<java.util.Optional<java.util.Map<java.lang.String,​java.lang.String>>> tags()
        Returns:
        Key-value map of resource tags. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.

      • tagsAll

        public com.pulumi.core.Output<java.util.Map<java.lang.String,​java.lang.String>> tagsAll()
        Returns:
        A map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.

      • get

        public static ProtectionGroup get​(java.lang.String name,
                                  com.pulumi.core.Output<java.lang.String> id,
                                  @Nullable
                                  ProtectionGroupState state,
                                  @Nullable
                                  com.pulumi.resources.CustomResourceOptions options)
        Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
        Parameters:
        name - The _unique_ name of the resulting resource.
        id - The _unique_ provider ID of the resource to lookup.
        state -
        options - Optional settings to control the behavior of the CustomResource.