CrowdStrike v0.0.14 published on Monday, May 5, 2025 by CrowdStrike
crowdstrike.getCloudAwsAccount
This data source provides information about AWS accounts in Falcon.
API Scopes
The following API scopes are required:
- Cloud security AWS registration | Read & Write
- CSPM registration | Read & Write
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as crowdstrike from "@pulumi/crowdstrike";
const all = crowdstrike.getCloudAwsAccount({});
const specific = crowdstrike.getCloudAwsAccount({
accountId: "123456789012",
});
const org = crowdstrike.getCloudAwsAccount({
organizationId: "o-123456789012",
});
import pulumi
import pulumi_crowdstrike as crowdstrike
all = crowdstrike.get_cloud_aws_account()
specific = crowdstrike.get_cloud_aws_account(account_id="123456789012")
org = crowdstrike.get_cloud_aws_account(organization_id="o-123456789012")
package main
import (
"github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := crowdstrike.LookupCloudAwsAccount(ctx, &crowdstrike.LookupCloudAwsAccountArgs{}, nil)
if err != nil {
return err
}
_, err = crowdstrike.LookupCloudAwsAccount(ctx, &crowdstrike.LookupCloudAwsAccountArgs{
AccountId: pulumi.StringRef("123456789012"),
}, nil)
if err != nil {
return err
}
_, err = crowdstrike.LookupCloudAwsAccount(ctx, &crowdstrike.LookupCloudAwsAccountArgs{
OrganizationId: pulumi.StringRef("o-123456789012"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Crowdstrike = Pulumi.Crowdstrike;
return await Deployment.RunAsync(() =>
{
var all = Crowdstrike.GetCloudAwsAccount.Invoke();
var specific = Crowdstrike.GetCloudAwsAccount.Invoke(new()
{
AccountId = "123456789012",
});
var org = Crowdstrike.GetCloudAwsAccount.Invoke(new()
{
OrganizationId = "o-123456789012",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.crowdstrike.CrowdstrikeFunctions;
import com.pulumi.crowdstrike.inputs.GetCloudAwsAccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var all = CrowdstrikeFunctions.getCloudAwsAccount(GetCloudAwsAccountArgs.builder()
.build());
final var specific = CrowdstrikeFunctions.getCloudAwsAccount(GetCloudAwsAccountArgs.builder()
.accountId("123456789012")
.build());
final var org = CrowdstrikeFunctions.getCloudAwsAccount(GetCloudAwsAccountArgs.builder()
.organizationId("o-123456789012")
.build());
}
}
variables:
all:
fn::invoke:
function: crowdstrike:getCloudAwsAccount
arguments: {}
specific:
fn::invoke:
function: crowdstrike:getCloudAwsAccount
arguments:
accountId: '123456789012'
org:
fn::invoke:
function: crowdstrike:getCloudAwsAccount
arguments:
organizationId: o-123456789012
Using getCloudAwsAccount
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getCloudAwsAccount(args: GetCloudAwsAccountArgs, opts?: InvokeOptions): Promise<GetCloudAwsAccountResult>
function getCloudAwsAccountOutput(args: GetCloudAwsAccountOutputArgs, opts?: InvokeOptions): Output<GetCloudAwsAccountResult>def get_cloud_aws_account(account_id: Optional[str] = None,
organization_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetCloudAwsAccountResult
def get_cloud_aws_account_output(account_id: Optional[pulumi.Input[str]] = None,
organization_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetCloudAwsAccountResult]func LookupCloudAwsAccount(ctx *Context, args *LookupCloudAwsAccountArgs, opts ...InvokeOption) (*LookupCloudAwsAccountResult, error)
func LookupCloudAwsAccountOutput(ctx *Context, args *LookupCloudAwsAccountOutputArgs, opts ...InvokeOption) LookupCloudAwsAccountResultOutput> Note: This function is named LookupCloudAwsAccount in the Go SDK.
public static class GetCloudAwsAccount
{
public static Task<GetCloudAwsAccountResult> InvokeAsync(GetCloudAwsAccountArgs args, InvokeOptions? opts = null)
public static Output<GetCloudAwsAccountResult> Invoke(GetCloudAwsAccountInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetCloudAwsAccountResult> getCloudAwsAccount(GetCloudAwsAccountArgs args, InvokeOptions options)
public static Output<GetCloudAwsAccountResult> getCloudAwsAccount(GetCloudAwsAccountArgs args, InvokeOptions options)
fn::invoke:
function: crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount
arguments:
# arguments dictionaryThe following arguments are supported:
- Account
Id string - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- Organization
Id string - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
- Account
Id string - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- Organization
Id string - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
- account
Id String - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- organization
Id String - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
- account
Id string - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- organization
Id string - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
- account_
id str - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- organization_
id str - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
- account
Id String - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- organization
Id String - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
getCloudAwsAccount Result
The following output properties are available:
- Accounts
List<Crowd
Strike. Crowdstrike. Outputs. Get Cloud Aws Account Account> - The list of AWS accounts
- Id string
- The provider-assigned unique ID for this managed resource.
- Account
Id string - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- Organization
Id string - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
- Accounts
[]Get
Cloud Aws Account Account - The list of AWS accounts
- Id string
- The provider-assigned unique ID for this managed resource.
- Account
Id string - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- Organization
Id string - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
- accounts
List<Get
Cloud Aws Account Account> - The list of AWS accounts
- id String
- The provider-assigned unique ID for this managed resource.
- account
Id String - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- organization
Id String - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
- accounts
Get
Cloud Aws Account Account[] - The list of AWS accounts
- id string
- The provider-assigned unique ID for this managed resource.
- account
Id string - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- organization
Id string - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
- accounts
Sequence[Get
Cloud Aws Account Account] - The list of AWS accounts
- id str
- The provider-assigned unique ID for this managed resource.
- account_
id str - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- organization_
id str - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
- accounts List<Property Map>
- The list of AWS accounts
- id String
- The provider-assigned unique ID for this managed resource.
- account
Id String - Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching
- organization
Id String - Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching
Supporting Types
GetCloudAwsAccountAccount
- Account
Id string - The AWS Account ID
- Account
Type string - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- Asset
Inventory boolEnabled - Whether asset inventory is enabled
- Cloudtrail
Bucket stringName - The name of the CloudTrail S3 bucket used for real-time visibility
- Cloudtrail
Region string - The AWS region of the CloudTrail bucket
- Dspm
Enabled bool - Whether Data Security Posture Management is enabled
- Dspm
Role stringArn - The ARN of the IAM role to be used by CrowdStrike DSPM
- Dspm
Role stringName - The name of the IAM role to be used by CrowdStrike DSPM
- Eventbus
Arn string - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- Eventbus
Name string - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- External
Id string - The external ID used to assume the AWS IAM role
- Iam
Role stringArn - The ARN of the AWS IAM role used to access this AWS account
- Iam
Role stringName - The name of the AWS IAM role used to access this AWS account
- Idp
Enabled bool - Whether Identity Protection is enabled
- Intermediate
Role stringArn - The ARN of the intermediate role used to assume the AWS IAM role
- Is
Organization boolManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- Organization
Id string - The AWS Organization ID
- Realtime
Visibility boolEnabled - Whether real-time visibility is enabled
- Sensor
Management boolEnabled - Whether 1-click sensor deployment is enabled
- Target
Ouses List<string> - The list of AWS Organizational Units (OUs) targeted for this account
- Account
Id string - The AWS Account ID
- Account
Type string - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- Asset
Inventory boolEnabled - Whether asset inventory is enabled
- Cloudtrail
Bucket stringName - The name of the CloudTrail S3 bucket used for real-time visibility
- Cloudtrail
Region string - The AWS region of the CloudTrail bucket
- Dspm
Enabled bool - Whether Data Security Posture Management is enabled
- Dspm
Role stringArn - The ARN of the IAM role to be used by CrowdStrike DSPM
- Dspm
Role stringName - The name of the IAM role to be used by CrowdStrike DSPM
- Eventbus
Arn string - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- Eventbus
Name string - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- External
Id string - The external ID used to assume the AWS IAM role
- Iam
Role stringArn - The ARN of the AWS IAM role used to access this AWS account
- Iam
Role stringName - The name of the AWS IAM role used to access this AWS account
- Idp
Enabled bool - Whether Identity Protection is enabled
- Intermediate
Role stringArn - The ARN of the intermediate role used to assume the AWS IAM role
- Is
Organization boolManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- Organization
Id string - The AWS Organization ID
- Realtime
Visibility boolEnabled - Whether real-time visibility is enabled
- Sensor
Management boolEnabled - Whether 1-click sensor deployment is enabled
- Target
Ouses []string - The list of AWS Organizational Units (OUs) targeted for this account
- account
Id String - The AWS Account ID
- account
Type String - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset
Inventory BooleanEnabled - Whether asset inventory is enabled
- cloudtrail
Bucket StringName - The name of the CloudTrail S3 bucket used for real-time visibility
- cloudtrail
Region String - The AWS region of the CloudTrail bucket
- dspm
Enabled Boolean - Whether Data Security Posture Management is enabled
- dspm
Role StringArn - The ARN of the IAM role to be used by CrowdStrike DSPM
- dspm
Role StringName - The name of the IAM role to be used by CrowdStrike DSPM
- eventbus
Arn String - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus
Name String - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external
Id String - The external ID used to assume the AWS IAM role
- iam
Role StringArn - The ARN of the AWS IAM role used to access this AWS account
- iam
Role StringName - The name of the AWS IAM role used to access this AWS account
- idp
Enabled Boolean - Whether Identity Protection is enabled
- intermediate
Role StringArn - The ARN of the intermediate role used to assume the AWS IAM role
- is
Organization BooleanManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization
Id String - The AWS Organization ID
- realtime
Visibility BooleanEnabled - Whether real-time visibility is enabled
- sensor
Management BooleanEnabled - Whether 1-click sensor deployment is enabled
- target
Ouses List<String> - The list of AWS Organizational Units (OUs) targeted for this account
- account
Id string - The AWS Account ID
- account
Type string - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset
Inventory booleanEnabled - Whether asset inventory is enabled
- cloudtrail
Bucket stringName - The name of the CloudTrail S3 bucket used for real-time visibility
- cloudtrail
Region string - The AWS region of the CloudTrail bucket
- dspm
Enabled boolean - Whether Data Security Posture Management is enabled
- dspm
Role stringArn - The ARN of the IAM role to be used by CrowdStrike DSPM
- dspm
Role stringName - The name of the IAM role to be used by CrowdStrike DSPM
- eventbus
Arn string - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus
Name string - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external
Id string - The external ID used to assume the AWS IAM role
- iam
Role stringArn - The ARN of the AWS IAM role used to access this AWS account
- iam
Role stringName - The name of the AWS IAM role used to access this AWS account
- idp
Enabled boolean - Whether Identity Protection is enabled
- intermediate
Role stringArn - The ARN of the intermediate role used to assume the AWS IAM role
- is
Organization booleanManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization
Id string - The AWS Organization ID
- realtime
Visibility booleanEnabled - Whether real-time visibility is enabled
- sensor
Management booleanEnabled - Whether 1-click sensor deployment is enabled
- target
Ouses string[] - The list of AWS Organizational Units (OUs) targeted for this account
- account_
id str - The AWS Account ID
- account_
type str - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset_
inventory_ boolenabled - Whether asset inventory is enabled
- cloudtrail_
bucket_ strname - The name of the CloudTrail S3 bucket used for real-time visibility
- cloudtrail_
region str - The AWS region of the CloudTrail bucket
- dspm_
enabled bool - Whether Data Security Posture Management is enabled
- dspm_
role_ strarn - The ARN of the IAM role to be used by CrowdStrike DSPM
- dspm_
role_ strname - The name of the IAM role to be used by CrowdStrike DSPM
- eventbus_
arn str - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus_
name str - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external_
id str - The external ID used to assume the AWS IAM role
- iam_
role_ strarn - The ARN of the AWS IAM role used to access this AWS account
- iam_
role_ strname - The name of the AWS IAM role used to access this AWS account
- idp_
enabled bool - Whether Identity Protection is enabled
- intermediate_
role_ strarn - The ARN of the intermediate role used to assume the AWS IAM role
- is_
organization_ boolmanagement_ account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization_
id str - The AWS Organization ID
- realtime_
visibility_ boolenabled - Whether real-time visibility is enabled
- sensor_
management_ boolenabled - Whether 1-click sensor deployment is enabled
- target_
ouses Sequence[str] - The list of AWS Organizational Units (OUs) targeted for this account
- account
Id String - The AWS Account ID
- account
Type String - The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type
- asset
Inventory BooleanEnabled - Whether asset inventory is enabled
- cloudtrail
Bucket StringName - The name of the CloudTrail S3 bucket used for real-time visibility
- cloudtrail
Region String - The AWS region of the CloudTrail bucket
- dspm
Enabled Boolean - Whether Data Security Posture Management is enabled
- dspm
Role StringArn - The ARN of the IAM role to be used by CrowdStrike DSPM
- dspm
Role StringName - The name of the IAM role to be used by CrowdStrike DSPM
- eventbus
Arn String - The ARN of the Amazon EventBridge used by CrowdStrike to forward messages
- eventbus
Name String - The name of the Amazon EventBridge used by CrowdStrike to forward messages
- external
Id String - The external ID used to assume the AWS IAM role
- iam
Role StringArn - The ARN of the AWS IAM role used to access this AWS account
- iam
Role StringName - The name of the AWS IAM role used to access this AWS account
- idp
Enabled Boolean - Whether Identity Protection is enabled
- intermediate
Role StringArn - The ARN of the intermediate role used to assume the AWS IAM role
- is
Organization BooleanManagement Account - Indicates whether this is the management account (formerly known as the root account) of an AWS Organization
- organization
Id String - The AWS Organization ID
- realtime
Visibility BooleanEnabled - Whether real-time visibility is enabled
- sensor
Management BooleanEnabled - Whether 1-click sensor deployment is enabled
- target
Ouses List<String> - The list of AWS Organizational Units (OUs) targeted for this account
Package Details
- Repository
- crowdstrike crowdstrike/pulumi-crowdstrike
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
crowdstrikeTerraform Provider.
