Docs Home
sysdig 1.56.1 published on Thursday, May 8, 2025 by sysdiglabs
sysdig.SecureCloudAccount
Explore with Pulumi AI
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as sysdig from "@pulumi/sysdig";
const sample = new sysdig.SecureCloudAccount("sample", {
accountId: "123456789012",
alias: "prod",
cloudProvider: "aws",
roleEnabled: false,
roleName: "CustomRoleName",
workloadIdentityAccountAlias: "prod-alias",
workloadIdentityAccountId: "457345678065",
});
import pulumi
import pulumi_sysdig as sysdig
sample = sysdig.SecureCloudAccount("sample",
account_id="123456789012",
alias="prod",
cloud_provider="aws",
role_enabled=False,
role_name="CustomRoleName",
workload_identity_account_alias="prod-alias",
workload_identity_account_id="457345678065")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/sysdig/sysdig"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sysdig.NewSecureCloudAccount(ctx, "sample", &sysdig.SecureCloudAccountArgs{
AccountId: pulumi.String("123456789012"),
Alias: pulumi.String("prod"),
CloudProvider: pulumi.String("aws"),
RoleEnabled: pulumi.Bool(false),
RoleName: pulumi.String("CustomRoleName"),
WorkloadIdentityAccountAlias: pulumi.String("prod-alias"),
WorkloadIdentityAccountId: pulumi.String("457345678065"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Sysdig = Pulumi.Sysdig;
return await Deployment.RunAsync(() =>
{
var sample = new Sysdig.SecureCloudAccount("sample", new()
{
AccountId = "123456789012",
Alias = "prod",
CloudProvider = "aws",
RoleEnabled = false,
RoleName = "CustomRoleName",
WorkloadIdentityAccountAlias = "prod-alias",
WorkloadIdentityAccountId = "457345678065",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sysdig.SecureCloudAccount;
import com.pulumi.sysdig.SecureCloudAccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var sample = new SecureCloudAccount("sample", SecureCloudAccountArgs.builder()
.accountId("123456789012")
.alias("prod")
.cloudProvider("aws")
.roleEnabled("false")
.roleName("CustomRoleName")
.workloadIdentityAccountAlias("prod-alias")
.workloadIdentityAccountId("457345678065")
.build());
}
}
resources:
sample:
type: sysdig:SecureCloudAccount
properties:
accountId: '123456789012'
alias: prod
cloudProvider: aws
roleEnabled: 'false'
roleName: CustomRoleName
workloadIdentityAccountAlias: prod-alias
workloadIdentityAccountId: '457345678065'
Create SecureCloudAccount Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SecureCloudAccount(name: string, args: SecureCloudAccountArgs, opts?: CustomResourceOptions);@overload
def SecureCloudAccount(resource_name: str,
args: SecureCloudAccountArgs,
opts: Optional[ResourceOptions] = None)
@overload
def SecureCloudAccount(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
cloud_provider: Optional[str] = None,
alias: Optional[str] = None,
role_enabled: Optional[bool] = None,
role_name: Optional[str] = None,
secure_cloud_account_id: Optional[str] = None,
timeouts: Optional[SecureCloudAccountTimeoutsArgs] = None,
workload_identity_account_alias: Optional[str] = None,
workload_identity_account_id: Optional[str] = None)func NewSecureCloudAccount(ctx *Context, name string, args SecureCloudAccountArgs, opts ...ResourceOption) (*SecureCloudAccount, error)public SecureCloudAccount(string name, SecureCloudAccountArgs args, CustomResourceOptions? opts = null)
public SecureCloudAccount(String name, SecureCloudAccountArgs args)
public SecureCloudAccount(String name, SecureCloudAccountArgs args, CustomResourceOptions options)
type: sysdig:SecureCloudAccount
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SecureCloudAccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecureCloudAccountArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecureCloudAccountArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecureCloudAccountArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecureCloudAccountArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var secureCloudAccountResource = new Sysdig.SecureCloudAccount("secureCloudAccountResource", new()
{
AccountId = "string",
CloudProvider = "string",
Alias = "string",
RoleEnabled = false,
RoleName = "string",
SecureCloudAccountId = "string",
Timeouts = new Sysdig.Inputs.SecureCloudAccountTimeoutsArgs
{
Create = "string",
Delete = "string",
Read = "string",
Update = "string",
},
WorkloadIdentityAccountAlias = "string",
WorkloadIdentityAccountId = "string",
});
example, err := sysdig.NewSecureCloudAccount(ctx, "secureCloudAccountResource", &sysdig.SecureCloudAccountArgs{
AccountId: pulumi.String("string"),
CloudProvider: pulumi.String("string"),
Alias: pulumi.String("string"),
RoleEnabled: pulumi.Bool(false),
RoleName: pulumi.String("string"),
SecureCloudAccountId: pulumi.String("string"),
Timeouts: &sysdig.SecureCloudAccountTimeoutsArgs{
Create: pulumi.String("string"),
Delete: pulumi.String("string"),
Read: pulumi.String("string"),
Update: pulumi.String("string"),
},
WorkloadIdentityAccountAlias: pulumi.String("string"),
WorkloadIdentityAccountId: pulumi.String("string"),
})
var secureCloudAccountResource = new SecureCloudAccount("secureCloudAccountResource", SecureCloudAccountArgs.builder()
.accountId("string")
.cloudProvider("string")
.alias("string")
.roleEnabled(false)
.roleName("string")
.secureCloudAccountId("string")
.timeouts(SecureCloudAccountTimeoutsArgs.builder()
.create("string")
.delete("string")
.read("string")
.update("string")
.build())
.workloadIdentityAccountAlias("string")
.workloadIdentityAccountId("string")
.build());
secure_cloud_account_resource = sysdig.SecureCloudAccount("secureCloudAccountResource",
account_id="string",
cloud_provider="string",
alias="string",
role_enabled=False,
role_name="string",
secure_cloud_account_id="string",
timeouts={
"create": "string",
"delete": "string",
"read": "string",
"update": "string",
},
workload_identity_account_alias="string",
workload_identity_account_id="string")
const secureCloudAccountResource = new sysdig.SecureCloudAccount("secureCloudAccountResource", {
accountId: "string",
cloudProvider: "string",
alias: "string",
roleEnabled: false,
roleName: "string",
secureCloudAccountId: "string",
timeouts: {
create: "string",
"delete": "string",
read: "string",
update: "string",
},
workloadIdentityAccountAlias: "string",
workloadIdentityAccountId: "string",
});
type: sysdig:SecureCloudAccount
properties:
accountId: string
alias: string
cloudProvider: string
roleEnabled: false
roleName: string
secureCloudAccountId: string
timeouts:
create: string
delete: string
read: string
update: string
workloadIdentityAccountAlias: string
workloadIdentityAccountId: string
SecureCloudAccount Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SecureCloudAccount resource accepts the following input properties:
- Account
Id string - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - Cloud
Provider string - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - Alias string
- A human friendly alias for
account_id. - Role
Enabled bool - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - Role
Name string - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - Secure
Cloud stringAccount Id - Timeouts
Secure
Cloud Account Timeouts - Workload
Identity stringAccount Alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- Workload
Identity stringAccount Id - For GCP only. The account id in which workload identity is present for this account in gcp org.
- Account
Id string - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - Cloud
Provider string - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - Alias string
- A human friendly alias for
account_id. - Role
Enabled bool - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - Role
Name string - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - Secure
Cloud stringAccount Id - Timeouts
Secure
Cloud Account Timeouts Args - Workload
Identity stringAccount Alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- Workload
Identity stringAccount Id - For GCP only. The account id in which workload identity is present for this account in gcp org.
- account
Id String - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - cloud
Provider String - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - alias String
- A human friendly alias for
account_id. - role
Enabled Boolean - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - role
Name String - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - secure
Cloud StringAccount Id - timeouts
Secure
Cloud Account Timeouts - workload
Identity StringAccount Alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- workload
Identity StringAccount Id - For GCP only. The account id in which workload identity is present for this account in gcp org.
- account
Id string - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - cloud
Provider string - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - alias string
- A human friendly alias for
account_id. - role
Enabled boolean - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - role
Name string - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - secure
Cloud stringAccount Id - timeouts
Secure
Cloud Account Timeouts - workload
Identity stringAccount Alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- workload
Identity stringAccount Id - For GCP only. The account id in which workload identity is present for this account in gcp org.
- account_
id str - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - cloud_
provider str - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - alias str
- A human friendly alias for
account_id. - role_
enabled bool - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - role_
name str - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - secure_
cloud_ straccount_ id - timeouts
Secure
Cloud Account Timeouts Args - workload_
identity_ straccount_ alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- workload_
identity_ straccount_ id - For GCP only. The account id in which workload identity is present for this account in gcp org.
- account
Id String - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - cloud
Provider String - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - alias String
- A human friendly alias for
account_id. - role
Enabled Boolean - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - role
Name String - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - secure
Cloud StringAccount Id - timeouts Property Map
- workload
Identity StringAccount Alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- workload
Identity StringAccount Id - For GCP only. The account id in which workload identity is present for this account in gcp org.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecureCloudAccount resource produces the following output properties:
- External
Id string - Id string
- The provider-assigned unique ID for this managed resource.
- External
Id string - Id string
- The provider-assigned unique ID for this managed resource.
- external
Id String - id String
- The provider-assigned unique ID for this managed resource.
- external
Id string - id string
- The provider-assigned unique ID for this managed resource.
- external_
id str - id str
- The provider-assigned unique ID for this managed resource.
- external
Id String - id String
- The provider-assigned unique ID for this managed resource.
Look up Existing SecureCloudAccount Resource
Get an existing SecureCloudAccount resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecureCloudAccountState, opts?: CustomResourceOptions): SecureCloudAccount@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
alias: Optional[str] = None,
cloud_provider: Optional[str] = None,
external_id: Optional[str] = None,
role_enabled: Optional[bool] = None,
role_name: Optional[str] = None,
secure_cloud_account_id: Optional[str] = None,
timeouts: Optional[SecureCloudAccountTimeoutsArgs] = None,
workload_identity_account_alias: Optional[str] = None,
workload_identity_account_id: Optional[str] = None) -> SecureCloudAccountfunc GetSecureCloudAccount(ctx *Context, name string, id IDInput, state *SecureCloudAccountState, opts ...ResourceOption) (*SecureCloudAccount, error)public static SecureCloudAccount Get(string name, Input<string> id, SecureCloudAccountState? state, CustomResourceOptions? opts = null)public static SecureCloudAccount get(String name, Output<String> id, SecureCloudAccountState state, CustomResourceOptions options)resources: _: type: sysdig:SecureCloudAccount get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - Alias string
- A human friendly alias for
account_id. - Cloud
Provider string - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - External
Id string - Role
Enabled bool - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - Role
Name string - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - Secure
Cloud stringAccount Id - Timeouts
Secure
Cloud Account Timeouts - Workload
Identity stringAccount Alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- Workload
Identity stringAccount Id - For GCP only. The account id in which workload identity is present for this account in gcp org.
- Account
Id string - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - Alias string
- A human friendly alias for
account_id. - Cloud
Provider string - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - External
Id string - Role
Enabled bool - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - Role
Name string - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - Secure
Cloud stringAccount Id - Timeouts
Secure
Cloud Account Timeouts Args - Workload
Identity stringAccount Alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- Workload
Identity stringAccount Id - For GCP only. The account id in which workload identity is present for this account in gcp org.
- account
Id String - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - alias String
- A human friendly alias for
account_id. - cloud
Provider String - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - external
Id String - role
Enabled Boolean - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - role
Name String - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - secure
Cloud StringAccount Id - timeouts
Secure
Cloud Account Timeouts - workload
Identity StringAccount Alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- workload
Identity StringAccount Id - For GCP only. The account id in which workload identity is present for this account in gcp org.
- account
Id string - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - alias string
- A human friendly alias for
account_id. - cloud
Provider string - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - external
Id string - role
Enabled boolean - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - role
Name string - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - secure
Cloud stringAccount Id - timeouts
Secure
Cloud Account Timeouts - workload
Identity stringAccount Alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- workload
Identity stringAccount Id - For GCP only. The account id in which workload identity is present for this account in gcp org.
- account_
id str - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - alias str
- A human friendly alias for
account_id. - cloud_
provider str - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - external_
id str - role_
enabled bool - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - role_
name str - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - secure_
cloud_ straccount_ id - timeouts
Secure
Cloud Account Timeouts Args - workload_
identity_ straccount_ alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- workload_
identity_ straccount_ id - For GCP only. The account id in which workload identity is present for this account in gcp org.
- account
Id String - The unique identifier of the cloud account. e.g. for AWS:
123456789012, - alias String
- A human friendly alias for
account_id. - cloud
Provider String - The cloud provider in which the account exists. Currently supported providers are
aws,gcpandazure - external
Id String - role
Enabled Boolean - Whether or not a role is provisioned withing this account, that Sysdig has permission to AssumeRole in order to run Benchmarks. Default:
false. - role
Name String - The name of the role Sysdig will have permission to AssumeRole if
role_enaledis set totrue. Default:SysdigCloudBench. - secure
Cloud StringAccount Id - timeouts Property Map
- workload
Identity StringAccount Alias - For GCP only. The alias of workload identity is present for this account in gcp org.
- workload
Identity StringAccount Id - For GCP only. The account id in which workload identity is present for this account in gcp org.
Supporting Types
SecureCloudAccountTimeouts, SecureCloudAccountTimeoutsArgs
Import
Secure Cloud Accounts can be imported using the account_id, e.g.
$ pulumi import sysdig:index/secureCloudAccount:SecureCloudAccount sample 123456789012
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- sysdig sysdiglabs/terraform-provider-sysdig
- License
- Notes
- This Pulumi package is based on the
sysdigTerraform Provider.