Docs Home Pulumi IaC Pulumi ESC Pulumi Cloud Packages Tutorials
  1. Packages
  2. AWS
  3. API Docs
  4. cloudfront
  5. getLogDeliveryCanonicalUserId
AWS v6.71.0 published on Friday, Mar 7, 2025 by Pulumi
pulumi/pulumi-aws

aws.cloudfront.getLogDeliveryCanonicalUserId

Explore with Pulumi AI

aws logo
AWS v6.71.0 published on Friday, Mar 7, 2025 by Pulumi
pulumi/pulumi-aws

    The CloudFront Log Delivery Canonical User ID data source allows access to the canonical user ID of the AWS awslogsdelivery account for CloudFront bucket logging. See the Amazon CloudFront Developer Guide for more information.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const current = aws.s3.getCanonicalUserId({});
const example = aws.cloudfront.getLogDeliveryCanonicalUserId({});
const exampleBucketV2 = new aws.s3.BucketV2("example", {bucket: "example"});
const exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls("example", {
    bucket: exampleBucketV2.id,
    rule: {
        objectOwnership: "BucketOwnerPreferred",
    },
});
const exampleBucketAclV2 = new aws.s3.BucketAclV2("example", {
    bucket: exampleBucketV2.id,
    accessControlPolicy: {
        grants: [{
            grantee: {
                id: example.then(example => example.id),
                type: "CanonicalUser",
            },
            permission: "FULL_CONTROL",
        }],
        owner: {
            id: current.then(current => current.id),
        },
    },
}, {
    dependsOn: [exampleBucketOwnershipControls],
});

    import pulumi
import pulumi_aws as aws

current = aws.s3.get_canonical_user_id()
example = aws.cloudfront.get_log_delivery_canonical_user_id()
example_bucket_v2 = aws.s3.BucketV2("example", bucket="example")
example_bucket_ownership_controls = aws.s3.BucketOwnershipControls("example",
    bucket=example_bucket_v2.id,
    rule={
        "object_ownership": "BucketOwnerPreferred",
    })
example_bucket_acl_v2 = aws.s3.BucketAclV2("example",
    bucket=example_bucket_v2.id,
    access_control_policy={
        "grants": [{
            "grantee": {
                "id": example.id,
                "type": "CanonicalUser",
            },
            "permission": "FULL_CONTROL",
        }],
        "owner": {
            "id": current.id,
        },
    },
    opts = pulumi.ResourceOptions(depends_on=[example_bucket_ownership_controls]))

    package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		current, err := s3.GetCanonicalUserId(ctx, map[string]interface{}{}, nil)
		if err != nil {
			return err
		}
		example, err := cloudfront.GetLogDeliveryCanonicalUserId(ctx, &cloudfront.GetLogDeliveryCanonicalUserIdArgs{}, nil)
		if err != nil {
			return err
		}
		exampleBucketV2, err := s3.NewBucketV2(ctx, "example", &s3.BucketV2Args{
			Bucket: pulumi.String("example"),
		})
		if err != nil {
			return err
		}
		exampleBucketOwnershipControls, err := s3.NewBucketOwnershipControls(ctx, "example", &s3.BucketOwnershipControlsArgs{
			Bucket: exampleBucketV2.ID(),
			Rule: &s3.BucketOwnershipControlsRuleArgs{
				ObjectOwnership: pulumi.String("BucketOwnerPreferred"),
			},
		})
		if err != nil {
			return err
		}
		_, err = s3.NewBucketAclV2(ctx, "example", &s3.BucketAclV2Args{
			Bucket: exampleBucketV2.ID(),
			AccessControlPolicy: &s3.BucketAclV2AccessControlPolicyArgs{
				Grants: s3.BucketAclV2AccessControlPolicyGrantArray{
					&s3.BucketAclV2AccessControlPolicyGrantArgs{
						Grantee: &s3.BucketAclV2AccessControlPolicyGrantGranteeArgs{
							Id:   pulumi.String(example.Id),
							Type: pulumi.String("CanonicalUser"),
						},
						Permission: pulumi.String("FULL_CONTROL"),
					},
				},
				Owner: &s3.BucketAclV2AccessControlPolicyOwnerArgs{
					Id: pulumi.String(current.Id),
				},
			},
		}, pulumi.DependsOn([]pulumi.Resource{
			exampleBucketOwnershipControls,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var current = Aws.S3.GetCanonicalUserId.Invoke();

    var example = Aws.CloudFront.GetLogDeliveryCanonicalUserId.Invoke();

    var exampleBucketV2 = new Aws.S3.BucketV2("example", new()
    {
        Bucket = "example",
    });

    var exampleBucketOwnershipControls = new Aws.S3.BucketOwnershipControls("example", new()
    {
        Bucket = exampleBucketV2.Id,
        Rule = new Aws.S3.Inputs.BucketOwnershipControlsRuleArgs
        {
            ObjectOwnership = "BucketOwnerPreferred",
        },
    });

    var exampleBucketAclV2 = new Aws.S3.BucketAclV2("example", new()
    {
        Bucket = exampleBucketV2.Id,
        AccessControlPolicy = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyArgs
        {
            Grants = new[]
            {
                new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantArgs
                {
                    Grantee = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyGrantGranteeArgs
                    {
                        Id = example.Apply(getLogDeliveryCanonicalUserIdResult => getLogDeliveryCanonicalUserIdResult.Id),
                        Type = "CanonicalUser",
                    },
                    Permission = "FULL_CONTROL",
                },
            },
            Owner = new Aws.S3.Inputs.BucketAclV2AccessControlPolicyOwnerArgs
            {
                Id = current.Apply(getCanonicalUserIdResult => getCanonicalUserIdResult.Id),
            },
        },
    }, new CustomResourceOptions
    {
        DependsOn =
        {
            exampleBucketOwnershipControls,
        },
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.S3Functions;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetLogDeliveryCanonicalUserIdArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketOwnershipControls;
import com.pulumi.aws.s3.BucketOwnershipControlsArgs;
import com.pulumi.aws.s3.inputs.BucketOwnershipControlsRuleArgs;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyArgs;
import com.pulumi.aws.s3.inputs.BucketAclV2AccessControlPolicyOwnerArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var current = S3Functions.getCanonicalUserId();

        final var example = CloudfrontFunctions.getLogDeliveryCanonicalUserId();

        var exampleBucketV2 = new BucketV2("exampleBucketV2", BucketV2Args.builder()
            .bucket("example")
            .build());

        var exampleBucketOwnershipControls = new BucketOwnershipControls("exampleBucketOwnershipControls", BucketOwnershipControlsArgs.builder()
            .bucket(exampleBucketV2.id())
            .rule(BucketOwnershipControlsRuleArgs.builder()
                .objectOwnership("BucketOwnerPreferred")
                .build())
            .build());

        var exampleBucketAclV2 = new BucketAclV2("exampleBucketAclV2", BucketAclV2Args.builder()
            .bucket(exampleBucketV2.id())
            .accessControlPolicy(BucketAclV2AccessControlPolicyArgs.builder()
                .grants(BucketAclV2AccessControlPolicyGrantArgs.builder()
                    .grantee(BucketAclV2AccessControlPolicyGrantGranteeArgs.builder()
                        .id(example.applyValue(getLogDeliveryCanonicalUserIdResult -> getLogDeliveryCanonicalUserIdResult.id()))
                        .type("CanonicalUser")
                        .build())
                    .permission("FULL_CONTROL")
                    .build())
                .owner(BucketAclV2AccessControlPolicyOwnerArgs.builder()
                    .id(current.applyValue(getCanonicalUserIdResult -> getCanonicalUserIdResult.id()))
                    .build())
                .build())
            .build(), CustomResourceOptions.builder()
                .dependsOn(exampleBucketOwnershipControls)
                .build());

    }
}

    resources:
  exampleBucketV2:
    type: aws:s3:BucketV2
    name: example
    properties:
      bucket: example
  exampleBucketOwnershipControls:
    type: aws:s3:BucketOwnershipControls
    name: example
    properties:
      bucket: ${exampleBucketV2.id}
      rule:
        objectOwnership: BucketOwnerPreferred
  exampleBucketAclV2:
    type: aws:s3:BucketAclV2
    name: example
    properties:
      bucket: ${exampleBucketV2.id}
      accessControlPolicy:
        grants:
          - grantee:
              id: ${example.id}
              type: CanonicalUser
            permission: FULL_CONTROL
        owner:
          id: ${current.id}
    options:
      dependsOn:
        - ${exampleBucketOwnershipControls}
variables:
  current:
    fn::invoke:
      function: aws:s3:getCanonicalUserId
      arguments: {}
  example:
    fn::invoke:
      function: aws:cloudfront:getLogDeliveryCanonicalUserId
      arguments: {}

    Using getLogDeliveryCanonicalUserId

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getLogDeliveryCanonicalUserId(args: GetLogDeliveryCanonicalUserIdArgs, opts?: InvokeOptions): Promise<GetLogDeliveryCanonicalUserIdResult>
function getLogDeliveryCanonicalUserIdOutput(args: GetLogDeliveryCanonicalUserIdOutputArgs, opts?: InvokeOptions): Output<GetLogDeliveryCanonicalUserIdResult>
    def get_log_delivery_canonical_user_id(region: Optional[str] = None,
                                       opts: Optional[InvokeOptions] = None) -> GetLogDeliveryCanonicalUserIdResult
def get_log_delivery_canonical_user_id_output(region: Optional[pulumi.Input[str]] = None,
                                       opts: Optional[InvokeOptions] = None) -> Output[GetLogDeliveryCanonicalUserIdResult]
    func GetLogDeliveryCanonicalUserId(ctx *Context, args *GetLogDeliveryCanonicalUserIdArgs, opts ...InvokeOption) (*GetLogDeliveryCanonicalUserIdResult, error)
func GetLogDeliveryCanonicalUserIdOutput(ctx *Context, args *GetLogDeliveryCanonicalUserIdOutputArgs, opts ...InvokeOption) GetLogDeliveryCanonicalUserIdResultOutput

    > Note: This function is named GetLogDeliveryCanonicalUserId in the Go SDK.

    public static class GetLogDeliveryCanonicalUserId 
{
    public static Task<GetLogDeliveryCanonicalUserIdResult> InvokeAsync(GetLogDeliveryCanonicalUserIdArgs args, InvokeOptions? opts = null)
    public static Output<GetLogDeliveryCanonicalUserIdResult> Invoke(GetLogDeliveryCanonicalUserIdInvokeArgs args, InvokeOptions? opts = null)
}
    public static CompletableFuture<GetLogDeliveryCanonicalUserIdResult> getLogDeliveryCanonicalUserId(GetLogDeliveryCanonicalUserIdArgs args, InvokeOptions options)
public static Output<GetLogDeliveryCanonicalUserIdResult> getLogDeliveryCanonicalUserId(GetLogDeliveryCanonicalUserIdArgs args, InvokeOptions options)

    fn::invoke:
  function: aws:cloudfront/getLogDeliveryCanonicalUserId:getLogDeliveryCanonicalUserId
  arguments:
    # arguments dictionary

    The following arguments are supported:

    Region string
    Region you'd like the zone for. By default, fetches the current region.
    Region string
    Region you'd like the zone for. By default, fetches the current region.
    region String
    Region you'd like the zone for. By default, fetches the current region.
    region string
    Region you'd like the zone for. By default, fetches the current region.
    region str
    Region you'd like the zone for. By default, fetches the current region.
    region String
    Region you'd like the zone for. By default, fetches the current region.

    getLogDeliveryCanonicalUserId Result

    The following output properties are available:

    Id string
    The provider-assigned unique ID for this managed resource.
    Region string
    Id string
    The provider-assigned unique ID for this managed resource.
    Region string
    id String
    The provider-assigned unique ID for this managed resource.
    region String
    id string
    The provider-assigned unique ID for this managed resource.
    region string
    id str
    The provider-assigned unique ID for this managed resource.
    region str
    id String
    The provider-assigned unique ID for this managed resource.
    region String

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.71.0 published on Friday, Mar 7, 2025 by Pulumi
    pulumi/pulumi-aws