v1alpha1

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2022 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

+k8s:deepcopy-gen=package Package v1alpha1 is the v1alpha1 version of the cloudtrail.services.k8s.aws API. +groupName=cloudtrail.services.k8s.aws

Index

Constants

This section is empty.

Variables

View Source 
var (
	// GroupVersion is the API Group Version used to register the objects
	GroupVersion = schema.GroupVersion{Group: "cloudtrail.services.k8s.aws", Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type AdvancedEventSelector 

type AdvancedEventSelector struct {
	FieldSelectors []*AdvancedFieldSelector `json:"fieldSelectors,omitempty"`
	Name           *string                  `json:"name,omitempty"`
}

Advanced event selectors let you create fine-grained selectors for the following CloudTrail event record fields. They help you control costs by logging only those events that are important to you. For more information about advanced event selectors, see Logging data events for trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) in the CloudTrail User Guide.

  • readOnly

  • eventSource

  • eventName

  • eventCategory

  • resources.type

  • resources.ARN

You cannot apply both event selectors and advanced event selectors to a trail.

func (*AdvancedEventSelector) DeepCopy 

func (in *AdvancedEventSelector) DeepCopy() *AdvancedEventSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdvancedEventSelector.

func (*AdvancedEventSelector) DeepCopyInto 

func (in *AdvancedEventSelector) DeepCopyInto(out *AdvancedEventSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AdvancedFieldSelector 

type AdvancedFieldSelector struct {
	EndsWith      []*string `json:"endsWith,omitempty"`
	Equals        []*string `json:"equals,omitempty"`
	Field         *string   `json:"field,omitempty"`
	NotEndsWith   []*string `json:"notEndsWith,omitempty"`
	NotEquals     []*string `json:"notEquals,omitempty"`
	NotStartsWith []*string `json:"notStartsWith,omitempty"`
	StartsWith    []*string `json:"startsWith,omitempty"`
}

A single selector statement in an advanced event selector.

func (*AdvancedFieldSelector) DeepCopy 

func (in *AdvancedFieldSelector) DeepCopy() *AdvancedFieldSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdvancedFieldSelector.

func (*AdvancedFieldSelector) DeepCopyInto 

func (in *AdvancedFieldSelector) DeepCopyInto(out *AdvancedFieldSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DataResource 

type DataResource struct {
	Type *string `json:"type_,omitempty"`
}

The Amazon S3 buckets, Lambda functions, or Amazon DynamoDB tables that you specify in your event selectors for your trail to log data events. Data events provide information about the resource operations performed on or within a resource itself. These are also known as data plane operations. You can specify up to 250 data resources for a trail.

The total number of allowed data resources is 250. This number can be distributed between 1 and 5 event selectors, but the total cannot exceed 250 across all selectors.

If you are using advanced event selectors, the maximum total number of values for all conditions, across all advanced event selectors for the trail, is 500.

The following example demonstrates how logging works when you configure logging of all data events for an S3 bucket named bucket-1. In this example, the CloudTrail user specified an empty prefix, and the option to log both Read and Write data events.

A user uploads an image file to bucket-1.

The PutObject API operation is an Amazon S3 object-level API. It is recorded as a data event in CloudTrail. Because the CloudTrail user specified an S3 bucket with an empty prefix, events that occur on any object in that bucket are logged. The trail processes and logs the event.

A user uploads an object to an Amazon S3 bucket named arn:aws:s3:::bucket-2.

The PutObject API operation occurred for an object in an S3 bucket that the CloudTrail user didn't specify for the trail. The trail doesn’t log the event.

The following example demonstrates how logging works when you configure logging of Lambda data events for a Lambda function named MyLambdaFunction, but not for all Lambda functions.

A user runs a script that includes a call to the MyLambdaFunction function and the MyOtherLambdaFunction function.

The Invoke API operation on MyLambdaFunction is an Lambda API. It is recorded as a data event in CloudTrail. Because the CloudTrail user specified logging data events for MyLambdaFunction, any invocations of that function are logged. The trail processes and logs the event.

The Invoke API operation on MyOtherLambdaFunction is an Lambda API. Because the CloudTrail user did not specify logging data events for all Lambda functions, the Invoke operation for MyOtherLambdaFunction does not match the function specified for the trail. The trail doesn’t log the event.

func (*DataResource) DeepCopy 

func (in *DataResource) DeepCopy() *DataResource

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DataResource.

func (*DataResource) DeepCopyInto 

func (in *DataResource) DeepCopyInto(out *DataResource)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Event 

type Event struct {
	AccessKeyID     *string      `json:"accessKeyID,omitempty"`
	CloudTrailEvent *string      `json:"cloudTrailEvent,omitempty"`
	EventID         *string      `json:"eventID,omitempty"`
	EventName       *string      `json:"eventName,omitempty"`
	EventSource     *string      `json:"eventSource,omitempty"`
	EventTime       *metav1.Time `json:"eventTime,omitempty"`
	ReadOnly        *string      `json:"readOnly,omitempty"`
	Username        *string      `json:"username,omitempty"`
}

Contains information about an event that was returned by a lookup request. The result includes a representation of a CloudTrail event.

func (*Event) DeepCopy 

func (in *Event) DeepCopy() *Event

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Event.

func (*Event) DeepCopyInto 

func (in *Event) DeepCopyInto(out *Event)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EventCategory 

type EventCategory string
const (
	EventCategory_insight EventCategory = "insight"
)

type EventDataStore 

type EventDataStore struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              EventDataStoreSpec   `json:"spec,omitempty"`
	Status            EventDataStoreStatus `json:"status,omitempty"`
}

EventDataStore is the Schema for the EventDataStores API +kubebuilder:object:root=true +kubebuilder:subresource:status

func (*EventDataStore) DeepCopy 

func (in *EventDataStore) DeepCopy() *EventDataStore

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventDataStore.

func (*EventDataStore) DeepCopyInto 

func (in *EventDataStore) DeepCopyInto(out *EventDataStore)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EventDataStore) DeepCopyObject 

func (in *EventDataStore) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type EventDataStoreList 

type EventDataStoreList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []EventDataStore `json:"items"`
}

EventDataStoreList contains a list of EventDataStore +kubebuilder:object:root=true

func (*EventDataStoreList) DeepCopy 

func (in *EventDataStoreList) DeepCopy() *EventDataStoreList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventDataStoreList.

func (*EventDataStoreList) DeepCopyInto 

func (in *EventDataStoreList) DeepCopyInto(out *EventDataStoreList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EventDataStoreList) DeepCopyObject 

func (in *EventDataStoreList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type EventDataStoreSpec 

type EventDataStoreSpec struct {
	// The advanced event selectors to use to select the events for the data store.
	// For more information about how to use advanced event selectors, see Log events
	// by using advanced event selectors (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced)
	// in the CloudTrail User Guide.
	AdvancedEventSelectors []*AdvancedEventSelector `json:"advancedEventSelectors,omitempty"`
	// Specifies whether the event data store includes events from all regions,
	// or only from the region in which the event data store is created.
	MultiRegionEnabled *bool `json:"multiRegionEnabled,omitempty"`
	// The name of the event data store.
	// +kubebuilder:validation:Required
	Name *string `json:"name"`
	// Specifies whether an event data store collects events logged for an organization
	// in Organizations.
	OrganizationEnabled *bool `json:"organizationEnabled,omitempty"`
	// The retention period of the event data store, in days. You can set a retention
	// period of up to 2555 days, the equivalent of seven years.
	RetentionPeriod *int64 `json:"retentionPeriod,omitempty"`

	Tags []*Tag `json:"tags,omitempty"`
	// Specifies whether termination protection is enabled for the event data store.
	// If termination protection is enabled, you cannot delete the event data store
	// until termination protection is disabled.
	TerminationProtectionEnabled *bool `json:"terminationProtectionEnabled,omitempty"`
}

EventDataStoreSpec defines the desired state of EventDataStore.

A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events that you have logged on your account from the last 90 to 2555 days (about three months to up to seven years). To select events for an event data store, use advanced event selectors (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced).

func (*EventDataStoreSpec) DeepCopy 

func (in *EventDataStoreSpec) DeepCopy() *EventDataStoreSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventDataStoreSpec.

func (*EventDataStoreSpec) DeepCopyInto 

func (in *EventDataStoreSpec) DeepCopyInto(out *EventDataStoreSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EventDataStoreStatus 

type EventDataStoreStatus struct {
	// All CRs managed by ACK have a common `Status.ACKResourceMetadata` member
	// that is used to contain resource sync state, account ownership,
	// constructed ARN for the resource
	// +kubebuilder:validation:Optional
	ACKResourceMetadata *ackv1alpha1.ResourceMetadata `json:"ackResourceMetadata"`
	// All CRS managed by ACK have a common `Status.Conditions` member that
	// contains a collection of `ackv1alpha1.Condition` objects that describe
	// the various terminal states of the CR and its backend AWS service API
	// resource
	// +kubebuilder:validation:Optional
	Conditions []*ackv1alpha1.Condition `json:"conditions"`
	// The timestamp that shows when the event data store was created.
	// +kubebuilder:validation:Optional
	CreatedTimestamp *metav1.Time `json:"createdTimestamp,omitempty"`
	// The status of event data store creation.
	// +kubebuilder:validation:Optional
	Status *string `json:"status,omitempty"`
	// The timestamp that shows when an event data store was updated, if applicable.
	// UpdatedTimestamp is always either the same or newer than the time shown in
	// CreatedTimestamp.
	// +kubebuilder:validation:Optional
	UpdatedTimestamp *metav1.Time `json:"updatedTimestamp,omitempty"`
}

EventDataStoreStatus defines the observed state of EventDataStore

func (*EventDataStoreStatus) DeepCopy 

func (in *EventDataStoreStatus) DeepCopy() *EventDataStoreStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventDataStoreStatus.

func (*EventDataStoreStatus) DeepCopyInto 

func (in *EventDataStoreStatus) DeepCopyInto(out *EventDataStoreStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EventDataStoreStatus_SDK 

type EventDataStoreStatus_SDK string
const (
	EventDataStoreStatus_SDK_CREATED          EventDataStoreStatus_SDK = "CREATED"
	EventDataStoreStatus_SDK_ENABLED          EventDataStoreStatus_SDK = "ENABLED"
	EventDataStoreStatus_SDK_PENDING_DELETION EventDataStoreStatus_SDK = "PENDING_DELETION"
)

type EventDataStore_SDK 

type EventDataStore_SDK struct {
	AdvancedEventSelectors       []*AdvancedEventSelector `json:"advancedEventSelectors,omitempty"`
	CreatedTimestamp             *metav1.Time             `json:"createdTimestamp,omitempty"`
	EventDataStoreARN            *string                  `json:"eventDataStoreARN,omitempty"`
	MultiRegionEnabled           *bool                    `json:"multiRegionEnabled,omitempty"`
	Name                         *string                  `json:"name,omitempty"`
	OrganizationEnabled          *bool                    `json:"organizationEnabled,omitempty"`
	RetentionPeriod              *int64                   `json:"retentionPeriod,omitempty"`
	Status                       *string                  `json:"status,omitempty"`
	TerminationProtectionEnabled *bool                    `json:"terminationProtectionEnabled,omitempty"`
	UpdatedTimestamp             *metav1.Time             `json:"updatedTimestamp,omitempty"`
}

A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events that you have logged on your account from the last 90 to 2555 days (about three months to up to seven years). To select events for an event data store, use advanced event selectors (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced).

func (*EventDataStore_SDK) DeepCopy 

func (in *EventDataStore_SDK) DeepCopy() *EventDataStore_SDK

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventDataStore_SDK.

func (*EventDataStore_SDK) DeepCopyInto 

func (in *EventDataStore_SDK) DeepCopyInto(out *EventDataStore_SDK)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EventSelector 

type EventSelector struct {
	IncludeManagementEvents *bool `json:"includeManagementEvents,omitempty"`
}

Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.

You can configure up to five event selectors for a trail.

You cannot apply both event selectors and advanced event selectors to a trail.

func (*EventSelector) DeepCopy 

func (in *EventSelector) DeepCopy() *EventSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EventSelector.

func (*EventSelector) DeepCopyInto 

func (in *EventSelector) DeepCopyInto(out *EventSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type InsightType 

type InsightType string
const (
	InsightType_ApiCallRateInsight  InsightType = "ApiCallRateInsight"
	InsightType_ApiErrorRateInsight InsightType = "ApiErrorRateInsight"
)

type LookupAttribute 

type LookupAttribute struct {
	AttributeValue *string `json:"attributeValue,omitempty"`
}

Specifies an attribute and value that filter the events returned.

func (*LookupAttribute) DeepCopy 

func (in *LookupAttribute) DeepCopy() *LookupAttribute

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LookupAttribute.

func (*LookupAttribute) DeepCopyInto 

func (in *LookupAttribute) DeepCopyInto(out *LookupAttribute)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LookupAttributeKey 

type LookupAttributeKey string
const (
	LookupAttributeKey_EventId      LookupAttributeKey = "EventId"
	LookupAttributeKey_EventName    LookupAttributeKey = "EventName"
	LookupAttributeKey_ReadOnly     LookupAttributeKey = "ReadOnly"
	LookupAttributeKey_Username     LookupAttributeKey = "Username"
	LookupAttributeKey_ResourceType LookupAttributeKey = "ResourceType"
	LookupAttributeKey_ResourceName LookupAttributeKey = "ResourceName"
	LookupAttributeKey_EventSource  LookupAttributeKey = "EventSource"
	LookupAttributeKey_AccessKeyId  LookupAttributeKey = "AccessKeyId"
)

type PublicKey 

type PublicKey struct {
	Fingerprint       *string      `json:"fingerprint,omitempty"`
	ValidityEndTime   *metav1.Time `json:"validityEndTime,omitempty"`
	ValidityStartTime *metav1.Time `json:"validityStartTime,omitempty"`
}

Contains information about a returned public key.

func (*PublicKey) DeepCopy 

func (in *PublicKey) DeepCopy() *PublicKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PublicKey.

func (*PublicKey) DeepCopyInto 

func (in *PublicKey) DeepCopyInto(out *PublicKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Query 

type Query struct {
	CreationTime *metav1.Time `json:"creationTime,omitempty"`
}

A SQL string of criteria about events that you want to collect in an event data store.

func (*Query) DeepCopy 

func (in *Query) DeepCopy() *Query

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Query.

func (*Query) DeepCopyInto 

func (in *Query) DeepCopyInto(out *Query)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type QueryStatisticsForDescribeQuery 

type QueryStatisticsForDescribeQuery struct {
	CreationTime *metav1.Time `json:"creationTime,omitempty"`
}

Gets metadata about a query, including the number of events that were matched, the total number of events scanned, the query run time in milliseconds, and the query's creation time.

func (*QueryStatisticsForDescribeQuery) DeepCopy 

func (in *QueryStatisticsForDescribeQuery) DeepCopy() *QueryStatisticsForDescribeQuery

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryStatisticsForDescribeQuery.

func (*QueryStatisticsForDescribeQuery) DeepCopyInto 

func (in *QueryStatisticsForDescribeQuery) DeepCopyInto(out *QueryStatisticsForDescribeQuery)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type QueryStatus 

type QueryStatus string
const (
	QueryStatus_QUEUED    QueryStatus = "QUEUED"
	QueryStatus_RUNNING   QueryStatus = "RUNNING"
	QueryStatus_FINISHED  QueryStatus = "FINISHED"
	QueryStatus_FAILED    QueryStatus = "FAILED"
	QueryStatus_CANCELLED QueryStatus = "CANCELLED"
	QueryStatus_TIMED_OUT QueryStatus = "TIMED_OUT"
)

type ReadWriteType 

type ReadWriteType string
const (
	ReadWriteType_ReadOnly  ReadWriteType = "ReadOnly"
	ReadWriteType_WriteOnly ReadWriteType = "WriteOnly"
	ReadWriteType_All       ReadWriteType = "All"
)

type Resource 

type Resource struct {
	ResourceName *string `json:"resourceName,omitempty"`
	ResourceType *string `json:"resourceType,omitempty"`
}

Specifies the type and name of a resource referenced by an event.

func (*Resource) DeepCopy 

func (in *Resource) DeepCopy() *Resource

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Resource.

func (*Resource) DeepCopyInto 

func (in *Resource) DeepCopyInto(out *Resource)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ResourceTag 

type ResourceTag struct {
	ResourceID *string `json:"resourceID,omitempty"`
	// A list of tags.
	TagsList []*Tag `json:"tagsList,omitempty"`
}

A resource tag.

func (*ResourceTag) DeepCopy 

func (in *ResourceTag) DeepCopy() *ResourceTag

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceTag.

func (*ResourceTag) DeepCopyInto 

func (in *ResourceTag) DeepCopyInto(out *ResourceTag)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Tag 

type Tag struct {
	Key   *string `json:"key,omitempty"`
	Value *string `json:"value,omitempty"`
}

A custom key-value pair associated with a resource such as a CloudTrail trail.

func (*Tag) DeepCopy 

func (in *Tag) DeepCopy() *Tag

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tag.

func (*Tag) DeepCopyInto 

func (in *Tag) DeepCopyInto(out *Tag)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Trail 

type Trail struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              TrailSpec   `json:"spec,omitempty"`
	Status            TrailStatus `json:"status,omitempty"`
}

Trail is the Schema for the Trails API +kubebuilder:object:root=true +kubebuilder:subresource:status

func (*Trail) DeepCopy 

func (in *Trail) DeepCopy() *Trail

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Trail.

func (*Trail) DeepCopyInto 

func (in *Trail) DeepCopyInto(out *Trail)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Trail) DeepCopyObject 

func (in *Trail) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type TrailInfo 

type TrailInfo struct {
	HomeRegion *string `json:"homeRegion,omitempty"`
	Name       *string `json:"name,omitempty"`
	TrailARN   *string `json:"trailARN,omitempty"`
}

Information about a CloudTrail trail, including the trail's name, home region, and Amazon Resource Name (ARN).

func (*TrailInfo) DeepCopy 

func (in *TrailInfo) DeepCopy() *TrailInfo

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrailInfo.

func (*TrailInfo) DeepCopyInto 

func (in *TrailInfo) DeepCopyInto(out *TrailInfo)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TrailList 

type TrailList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Trail `json:"items"`
}

TrailList contains a list of Trail +kubebuilder:object:root=true

func (*TrailList) DeepCopy 

func (in *TrailList) DeepCopy() *TrailList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrailList.

func (*TrailList) DeepCopyInto 

func (in *TrailList) DeepCopyInto(out *TrailList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TrailList) DeepCopyObject 

func (in *TrailList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type TrailSpec 

type TrailSpec struct {
	// Specifies a log group name using an Amazon Resource Name (ARN), a unique
	// identifier that represents the log group to which CloudTrail logs will be
	// delivered. Not required unless you specify CloudWatchLogsRoleArn.
	CloudWatchLogsLogGroupARN *string `json:"cloudWatchLogsLogGroupARN,omitempty"`
	// Specifies the role for the CloudWatch Logs endpoint to assume to write to
	// a user's log group.
	CloudWatchLogsRoleARN *string `json:"cloudWatchLogsRoleARN,omitempty"`
	// Specifies whether log file integrity validation is enabled. The default is
	// false.
	//
	// When you disable log file integrity validation, the chain of digest files
	// is broken after one hour. CloudTrail does not create digest files for log
	// files that were delivered during a period in which log file integrity validation
	// was disabled. For example, if you enable log file integrity validation at
	// noon on January 1, disable it at noon on January 2, and re-enable it at noon
	// on January 10, digest files will not be created for the log files delivered
	// from noon on January 2 to noon on January 10. The same applies whenever you
	// stop CloudTrail logging or delete a trail.
	EnableLogFileValidation *bool `json:"enableLogFileValidation,omitempty"`
	// Specifies whether the trail is publishing events from global services such
	// as IAM to the log files.
	IncludeGlobalServiceEvents *bool `json:"includeGlobalServiceEvents,omitempty"`
	// Specifies whether the trail is created in the current region or in all regions.
	// The default is false, which creates a trail only in the region where you
	// are signed in. As a best practice, consider creating trails that log events
	// in all regions.
	IsMultiRegionTrail *bool `json:"isMultiRegionTrail,omitempty"`
	// Specifies whether the trail is created for all accounts in an organization
	// in Organizations, or only for the current Amazon Web Services account. The
	// default is false, and cannot be true unless the call is made on behalf of
	// an Amazon Web Services account that is the management account for an organization
	// in Organizations.
	IsOrganizationTrail *bool `json:"isOrganizationTrail,omitempty"`
	// Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail.
	// The value can be an alias name prefixed by "alias/", a fully specified ARN
	// to an alias, a fully specified ARN to a key, or a globally unique identifier.
	//
	// CloudTrail also supports KMS multi-Region keys. For more information about
	// multi-Region keys, see Using multi-Region keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html)
	// in the Key Management Service Developer Guide.
	//
	// Examples:
	//
	//    * alias/MyAliasName
	//
	//    * arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
	//
	//    * arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
	//
	//    * 12345678-1234-1234-1234-123456789012
	KMSKeyID *string `json:"kmsKeyID,omitempty"`
	// Specifies the name of the trail. The name must meet the following requirements:
	//
	//    * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
	//    (_), or dashes (-)
	//
	//    * Start with a letter or number, and end with a letter or number
	//
	//    * Be between 3 and 128 characters
	//
	//    * Have no adjacent periods, underscores or dashes. Names like my-_namespace
	//    and my--namespace are not valid.
	//
	//    * Not be in IP address format (for example, 192.168.5.4)
	// +kubebuilder:validation:Required
	Name *string `json:"name"`
	// Specifies the name of the Amazon S3 bucket designated for publishing log
	// files. See Amazon S3 Bucket Naming Requirements (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html).
	// +kubebuilder:validation:Required
	S3BucketName *string `json:"s3BucketName"`
	// Specifies the Amazon S3 key prefix that comes after the name of the bucket
	// you have designated for log file delivery. For more information, see Finding
	// Your CloudTrail Log Files (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html).
	// The maximum length is 200 characters.
	S3KeyPrefix *string `json:"s3KeyPrefix,omitempty"`
	// Specifies the name of the Amazon SNS topic defined for notification of log
	// file delivery. The maximum length is 256 characters.
	SNSTopicName *string `json:"snsTopicName,omitempty"`

	Tags []*Tag `json:"tags,omitempty"`
}

TrailSpec defines the desired state of Trail.

The settings for a trail.

func (*TrailSpec) DeepCopy 

func (in *TrailSpec) DeepCopy() *TrailSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrailSpec.

func (*TrailSpec) DeepCopyInto 

func (in *TrailSpec) DeepCopyInto(out *TrailSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TrailStatus 

type TrailStatus struct {
	// All CRs managed by ACK have a common `Status.ACKResourceMetadata` member
	// that is used to contain resource sync state, account ownership,
	// constructed ARN for the resource
	// +kubebuilder:validation:Optional
	ACKResourceMetadata *ackv1alpha1.ResourceMetadata `json:"ackResourceMetadata"`
	// All CRS managed by ACK have a common `Status.Conditions` member that
	// contains a collection of `ackv1alpha1.Condition` objects that describe
	// the various terminal states of the CR and its backend AWS service API
	// resource
	// +kubebuilder:validation:Optional
	Conditions []*ackv1alpha1.Condition `json:"conditions"`
	// Specifies whether log file integrity validation is enabled.
	// +kubebuilder:validation:Optional
	LogFileValidationEnabled *bool `json:"logFileValidationEnabled,omitempty"`
	// Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send notifications
	// when log files are delivered. The format of a topic ARN is:
	//
	// arn:aws:sns:us-east-2:123456789012:MyTopic
	// +kubebuilder:validation:Optional
	SNSTopicARN *string `json:"snsTopicARN,omitempty"`
}

TrailStatus defines the observed state of Trail

func (*TrailStatus) DeepCopy 

func (in *TrailStatus) DeepCopy() *TrailStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrailStatus.

func (*TrailStatus) DeepCopyInto 

func (in *TrailStatus) DeepCopyInto(out *TrailStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Trail_SDK 

type Trail_SDK struct {
	CloudWatchLogsLogGroupARN  *string `json:"cloudWatchLogsLogGroupARN,omitempty"`
	CloudWatchLogsRoleARN      *string `json:"cloudWatchLogsRoleARN,omitempty"`
	HasCustomEventSelectors    *bool   `json:"hasCustomEventSelectors,omitempty"`
	HasInsightSelectors        *bool   `json:"hasInsightSelectors,omitempty"`
	HomeRegion                 *string `json:"homeRegion,omitempty"`
	IncludeGlobalServiceEvents *bool   `json:"includeGlobalServiceEvents,omitempty"`
	IsMultiRegionTrail         *bool   `json:"isMultiRegionTrail,omitempty"`
	IsOrganizationTrail        *bool   `json:"isOrganizationTrail,omitempty"`
	KMSKeyID                   *string `json:"kmsKeyID,omitempty"`
	LogFileValidationEnabled   *bool   `json:"logFileValidationEnabled,omitempty"`
	Name                       *string `json:"name,omitempty"`
	S3BucketName               *string `json:"s3BucketName,omitempty"`
	S3KeyPrefix                *string `json:"s3KeyPrefix,omitempty"`
	SNSTopicARN                *string `json:"snsTopicARN,omitempty"`
	SNSTopicName               *string `json:"snsTopicName,omitempty"`
	TrailARN                   *string `json:"trailARN,omitempty"`
}

The settings for a trail.

func (*Trail_SDK) DeepCopy 

func (in *Trail_SDK) DeepCopy() *Trail_SDK

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Trail_SDK.

func (*Trail_SDK) DeepCopyInto 

func (in *Trail_SDK) DeepCopyInto(out *Trail_SDK)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.