cloudtrail

package
v1.24.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

nolint: lll

nolint: lll

nolint: lll

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type GetServiceAccountArgs 

type GetServiceAccountArgs struct {
	// Name of the region whose AWS CloudTrail account ID is desired.
	// Defaults to the region from the AWS provider configuration.
	Region *string `pulumi:"region"`
}

A collection of arguments for invoking getServiceAccount.

type GetServiceAccountResult 

type GetServiceAccountResult struct {
	// The ARN of the AWS CloudTrail service account in the selected region.
	Arn string `pulumi:"arn"`
	// id is the provider-assigned unique ID for this managed resource.
	Id     string  `pulumi:"id"`
	Region *string `pulumi:"region"`
}

A collection of values returned by getServiceAccount.

func GetServiceAccount added in v1.19.0 

func GetServiceAccount(ctx *pulumi.Context, args *GetServiceAccountArgs, opts ...pulumi.InvokeOption) (*GetServiceAccountResult, error)

Use this data source to get the Account ID of the [AWS CloudTrail Service Account](http://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-supported-regions.html) in a given region for the purpose of allowing CloudTrail to store trail data in S3.

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/d/cloudtrail_service_account.html.markdown.

type Trail 

type Trail struct {
	pulumi.CustomResourceState

	// The Amazon Resource Name of the trail.
	Arn pulumi.StringOutput `pulumi:"arn"`
	// Specifies a log group name using an Amazon Resource Name (ARN),
	// that represents the log group to which CloudTrail logs will be delivered.
	CloudWatchLogsGroupArn pulumi.StringPtrOutput `pulumi:"cloudWatchLogsGroupArn"`
	// Specifies the role for the CloudWatch Logs
	// endpoint to assume to write to a user’s log group.
	CloudWatchLogsRoleArn pulumi.StringPtrOutput `pulumi:"cloudWatchLogsRoleArn"`
	// Specifies whether log file integrity validation is enabled.
	// Defaults to `false`.
	EnableLogFileValidation pulumi.BoolPtrOutput `pulumi:"enableLogFileValidation"`
	// Enables logging for the trail. Defaults to `true`.
	// Setting this to `false` will pause logging.
	EnableLogging pulumi.BoolPtrOutput `pulumi:"enableLogging"`
	// Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these.
	EventSelectors TrailEventSelectorArrayOutput `pulumi:"eventSelectors"`
	// The region in which the trail was created.
	HomeRegion pulumi.StringOutput `pulumi:"homeRegion"`
	// Specifies whether the trail is publishing events
	// from global services such as IAM to the log files. Defaults to `true`.
	IncludeGlobalServiceEvents pulumi.BoolPtrOutput `pulumi:"includeGlobalServiceEvents"`
	// Specifies whether the trail is created in the current
	// region or in all regions. Defaults to `false`.
	IsMultiRegionTrail pulumi.BoolPtrOutput `pulumi:"isMultiRegionTrail"`
	// Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`.
	IsOrganizationTrail pulumi.BoolPtrOutput `pulumi:"isOrganizationTrail"`
	// Specifies the KMS key ARN to use to encrypt the logs delivered by CloudTrail.
	KmsKeyId pulumi.StringPtrOutput `pulumi:"kmsKeyId"`
	// Specifies the name of the trail.
	Name pulumi.StringOutput `pulumi:"name"`
	// Specifies the name of the S3 bucket designated for publishing log files.
	S3BucketName pulumi.StringOutput `pulumi:"s3BucketName"`
	// Specifies the S3 key prefix that follows
	// the name of the bucket you have designated for log file delivery.
	S3KeyPrefix pulumi.StringPtrOutput `pulumi:"s3KeyPrefix"`
	// Specifies the name of the Amazon SNS topic
	// defined for notification of log file delivery.
	SnsTopicName pulumi.StringPtrOutput `pulumi:"snsTopicName"`
	// A mapping of tags to assign to the trail
	Tags pulumi.MapOutput `pulumi:"tags"`
}

Provides a CloudTrail resource.

> *NOTE:* For a multi-region trail, this resource must be in the home region of the trail.

> *NOTE:* For an organization trail, this resource must be in the master account of the organization.

> This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/cloudtrail.html.markdown.

func GetTrail 

func GetTrail(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *TrailState, opts ...pulumi.ResourceOption) (*Trail, error)

GetTrail gets an existing Trail resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewTrail 

func NewTrail(ctx *pulumi.Context,
	name string, args *TrailArgs, opts ...pulumi.ResourceOption) (*Trail, error)

NewTrail registers a new resource with the given unique name, arguments, and options.

type TrailArgs 

type TrailArgs struct {
	// Specifies a log group name using an Amazon Resource Name (ARN),
	// that represents the log group to which CloudTrail logs will be delivered.
	CloudWatchLogsGroupArn pulumi.StringPtrInput
	// Specifies the role for the CloudWatch Logs
	// endpoint to assume to write to a user’s log group.
	CloudWatchLogsRoleArn pulumi.StringPtrInput
	// Specifies whether log file integrity validation is enabled.
	// Defaults to `false`.
	EnableLogFileValidation pulumi.BoolPtrInput
	// Enables logging for the trail. Defaults to `true`.
	// Setting this to `false` will pause logging.
	EnableLogging pulumi.BoolPtrInput
	// Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these.
	EventSelectors TrailEventSelectorArrayInput
	// Specifies whether the trail is publishing events
	// from global services such as IAM to the log files. Defaults to `true`.
	IncludeGlobalServiceEvents pulumi.BoolPtrInput
	// Specifies whether the trail is created in the current
	// region or in all regions. Defaults to `false`.
	IsMultiRegionTrail pulumi.BoolPtrInput
	// Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`.
	IsOrganizationTrail pulumi.BoolPtrInput
	// Specifies the KMS key ARN to use to encrypt the logs delivered by CloudTrail.
	KmsKeyId pulumi.StringPtrInput
	// Specifies the name of the trail.
	Name pulumi.StringPtrInput
	// Specifies the name of the S3 bucket designated for publishing log files.
	S3BucketName pulumi.StringInput
	// Specifies the S3 key prefix that follows
	// the name of the bucket you have designated for log file delivery.
	S3KeyPrefix pulumi.StringPtrInput
	// Specifies the name of the Amazon SNS topic
	// defined for notification of log file delivery.
	SnsTopicName pulumi.StringPtrInput
	// A mapping of tags to assign to the trail
	Tags pulumi.MapInput
}

The set of arguments for constructing a Trail resource.

func (TrailArgs) ElementType added in v1.19.0 

func (TrailArgs) ElementType() reflect.Type

type TrailEventSelector added in v1.19.0 

type TrailEventSelector struct {
	// Specifies logging data events. Fields documented below.
	DataResources []TrailEventSelectorDataResource `pulumi:"dataResources"`
	// Specify if you want your event selector to include management events for your trail.
	IncludeManagementEvents *bool `pulumi:"includeManagementEvents"`
	// Specify if you want your trail to log read-only events, write-only events, or all. By default, the value is All. You can specify only the following value: "ReadOnly", "WriteOnly", "All". Defaults to `All`.
	ReadWriteType *string `pulumi:"readWriteType"`
}

type TrailEventSelectorArgs added in v1.19.0 

type TrailEventSelectorArgs struct {
	// Specifies logging data events. Fields documented below.
	DataResources TrailEventSelectorDataResourceArrayInput `pulumi:"dataResources"`
	// Specify if you want your event selector to include management events for your trail.
	IncludeManagementEvents pulumi.BoolPtrInput `pulumi:"includeManagementEvents"`
	// Specify if you want your trail to log read-only events, write-only events, or all. By default, the value is All. You can specify only the following value: "ReadOnly", "WriteOnly", "All". Defaults to `All`.
	ReadWriteType pulumi.StringPtrInput `pulumi:"readWriteType"`
}

func (TrailEventSelectorArgs) ElementType added in v1.19.0 

func (TrailEventSelectorArgs) ElementType() reflect.Type

func (TrailEventSelectorArgs) ToTrailEventSelectorOutput added in v1.19.0 

func (i TrailEventSelectorArgs) ToTrailEventSelectorOutput() TrailEventSelectorOutput

func (TrailEventSelectorArgs) ToTrailEventSelectorOutputWithContext added in v1.19.0 

func (i TrailEventSelectorArgs) ToTrailEventSelectorOutputWithContext(ctx context.Context) TrailEventSelectorOutput

type TrailEventSelectorArray added in v1.19.0 

type TrailEventSelectorArray []TrailEventSelectorInput

func (TrailEventSelectorArray) ElementType added in v1.19.0 

func (TrailEventSelectorArray) ElementType() reflect.Type

func (TrailEventSelectorArray) ToTrailEventSelectorArrayOutput added in v1.19.0 

func (i TrailEventSelectorArray) ToTrailEventSelectorArrayOutput() TrailEventSelectorArrayOutput

func (TrailEventSelectorArray) ToTrailEventSelectorArrayOutputWithContext added in v1.19.0 

func (i TrailEventSelectorArray) ToTrailEventSelectorArrayOutputWithContext(ctx context.Context) TrailEventSelectorArrayOutput

type TrailEventSelectorArrayInput added in v1.19.0 

type TrailEventSelectorArrayInput interface {
	pulumi.Input

	ToTrailEventSelectorArrayOutput() TrailEventSelectorArrayOutput
	ToTrailEventSelectorArrayOutputWithContext(context.Context) TrailEventSelectorArrayOutput
}

type TrailEventSelectorArrayOutput added in v1.19.0 

type TrailEventSelectorArrayOutput struct{ *pulumi.OutputState }

func (TrailEventSelectorArrayOutput) ElementType added in v1.19.0 

func (TrailEventSelectorArrayOutput) ElementType() reflect.Type

func (TrailEventSelectorArrayOutput) Index added in v1.19.0 

func (o TrailEventSelectorArrayOutput) Index(i pulumi.IntInput) TrailEventSelectorOutput

func (TrailEventSelectorArrayOutput) ToTrailEventSelectorArrayOutput added in v1.19.0 

func (o TrailEventSelectorArrayOutput) ToTrailEventSelectorArrayOutput() TrailEventSelectorArrayOutput

func (TrailEventSelectorArrayOutput) ToTrailEventSelectorArrayOutputWithContext added in v1.19.0 

func (o TrailEventSelectorArrayOutput) ToTrailEventSelectorArrayOutputWithContext(ctx context.Context) TrailEventSelectorArrayOutput

type TrailEventSelectorDataResource added in v1.19.0 

type TrailEventSelectorDataResource struct {
	// The resource type in which you want to log data events. You can specify only the follwing value: "AWS::S3::Object", "AWS::Lambda::Function"
	Type string `pulumi:"type"`
	// A list of ARN for the specified S3 buckets and object prefixes..
	Values []string `pulumi:"values"`
}

type TrailEventSelectorDataResourceArgs added in v1.19.0 

type TrailEventSelectorDataResourceArgs struct {
	// The resource type in which you want to log data events. You can specify only the follwing value: "AWS::S3::Object", "AWS::Lambda::Function"
	Type pulumi.StringInput `pulumi:"type"`
	// A list of ARN for the specified S3 buckets and object prefixes..
	Values pulumi.StringArrayInput `pulumi:"values"`
}

func (TrailEventSelectorDataResourceArgs) ElementType added in v1.19.0 

func (TrailEventSelectorDataResourceArgs) ElementType() reflect.Type

func (TrailEventSelectorDataResourceArgs) ToTrailEventSelectorDataResourceOutput added in v1.19.0 

func (i TrailEventSelectorDataResourceArgs) ToTrailEventSelectorDataResourceOutput() TrailEventSelectorDataResourceOutput

func (TrailEventSelectorDataResourceArgs) ToTrailEventSelectorDataResourceOutputWithContext added in v1.19.0 

func (i TrailEventSelectorDataResourceArgs) ToTrailEventSelectorDataResourceOutputWithContext(ctx context.Context) TrailEventSelectorDataResourceOutput

type TrailEventSelectorDataResourceArray added in v1.19.0 

type TrailEventSelectorDataResourceArray []TrailEventSelectorDataResourceInput

func (TrailEventSelectorDataResourceArray) ElementType added in v1.19.0 

func (TrailEventSelectorDataResourceArray) ElementType() reflect.Type

func (TrailEventSelectorDataResourceArray) ToTrailEventSelectorDataResourceArrayOutput added in v1.19.0 

func (i TrailEventSelectorDataResourceArray) ToTrailEventSelectorDataResourceArrayOutput() TrailEventSelectorDataResourceArrayOutput

func (TrailEventSelectorDataResourceArray) ToTrailEventSelectorDataResourceArrayOutputWithContext added in v1.19.0 

func (i TrailEventSelectorDataResourceArray) ToTrailEventSelectorDataResourceArrayOutputWithContext(ctx context.Context) TrailEventSelectorDataResourceArrayOutput

type TrailEventSelectorDataResourceArrayInput added in v1.19.0 

type TrailEventSelectorDataResourceArrayInput interface {
	pulumi.Input

	ToTrailEventSelectorDataResourceArrayOutput() TrailEventSelectorDataResourceArrayOutput
	ToTrailEventSelectorDataResourceArrayOutputWithContext(context.Context) TrailEventSelectorDataResourceArrayOutput
}

type TrailEventSelectorDataResourceArrayOutput added in v1.19.0 

type TrailEventSelectorDataResourceArrayOutput struct{ *pulumi.OutputState }

func (TrailEventSelectorDataResourceArrayOutput) ElementType added in v1.19.0 

func (TrailEventSelectorDataResourceArrayOutput) ElementType() reflect.Type

func (TrailEventSelectorDataResourceArrayOutput) Index added in v1.19.0 

func (o TrailEventSelectorDataResourceArrayOutput) Index(i pulumi.IntInput) TrailEventSelectorDataResourceOutput

func (TrailEventSelectorDataResourceArrayOutput) ToTrailEventSelectorDataResourceArrayOutput added in v1.19.0 

func (o TrailEventSelectorDataResourceArrayOutput) ToTrailEventSelectorDataResourceArrayOutput() TrailEventSelectorDataResourceArrayOutput

func (TrailEventSelectorDataResourceArrayOutput) ToTrailEventSelectorDataResourceArrayOutputWithContext added in v1.19.0 

func (o TrailEventSelectorDataResourceArrayOutput) ToTrailEventSelectorDataResourceArrayOutputWithContext(ctx context.Context) TrailEventSelectorDataResourceArrayOutput

type TrailEventSelectorDataResourceInput added in v1.19.0 

type TrailEventSelectorDataResourceInput interface {
	pulumi.Input

	ToTrailEventSelectorDataResourceOutput() TrailEventSelectorDataResourceOutput
	ToTrailEventSelectorDataResourceOutputWithContext(context.Context) TrailEventSelectorDataResourceOutput
}

type TrailEventSelectorDataResourceOutput added in v1.19.0 

type TrailEventSelectorDataResourceOutput struct{ *pulumi.OutputState }

func (TrailEventSelectorDataResourceOutput) ElementType added in v1.19.0 

func (TrailEventSelectorDataResourceOutput) ElementType() reflect.Type

func (TrailEventSelectorDataResourceOutput) ToTrailEventSelectorDataResourceOutput added in v1.19.0 

func (o TrailEventSelectorDataResourceOutput) ToTrailEventSelectorDataResourceOutput() TrailEventSelectorDataResourceOutput

func (TrailEventSelectorDataResourceOutput) ToTrailEventSelectorDataResourceOutputWithContext added in v1.19.0 

func (o TrailEventSelectorDataResourceOutput) ToTrailEventSelectorDataResourceOutputWithContext(ctx context.Context) TrailEventSelectorDataResourceOutput

func (TrailEventSelectorDataResourceOutput) Type added in v1.19.0 

func (o TrailEventSelectorDataResourceOutput) Type() pulumi.StringOutput

The resource type in which you want to log data events. You can specify only the follwing value: "AWS::S3::Object", "AWS::Lambda::Function"

func (TrailEventSelectorDataResourceOutput) Values added in v1.19.0 

func (o TrailEventSelectorDataResourceOutput) Values() pulumi.StringArrayOutput

A list of ARN for the specified S3 buckets and object prefixes..

type TrailEventSelectorInput added in v1.19.0 

type TrailEventSelectorInput interface {
	pulumi.Input

	ToTrailEventSelectorOutput() TrailEventSelectorOutput
	ToTrailEventSelectorOutputWithContext(context.Context) TrailEventSelectorOutput
}

type TrailEventSelectorOutput added in v1.19.0 

type TrailEventSelectorOutput struct{ *pulumi.OutputState }

func (TrailEventSelectorOutput) DataResources added in v1.19.0 

func (o TrailEventSelectorOutput) DataResources() TrailEventSelectorDataResourceArrayOutput

Specifies logging data events. Fields documented below.

func (TrailEventSelectorOutput) ElementType added in v1.19.0 

func (TrailEventSelectorOutput) ElementType() reflect.Type

func (TrailEventSelectorOutput) IncludeManagementEvents added in v1.19.0 

func (o TrailEventSelectorOutput) IncludeManagementEvents() pulumi.BoolPtrOutput

Specify if you want your event selector to include management events for your trail.

func (TrailEventSelectorOutput) ReadWriteType added in v1.19.0 

func (o TrailEventSelectorOutput) ReadWriteType() pulumi.StringPtrOutput

Specify if you want your trail to log read-only events, write-only events, or all. By default, the value is All. You can specify only the following value: "ReadOnly", "WriteOnly", "All". Defaults to `All`.

func (TrailEventSelectorOutput) ToTrailEventSelectorOutput added in v1.19.0 

func (o TrailEventSelectorOutput) ToTrailEventSelectorOutput() TrailEventSelectorOutput

func (TrailEventSelectorOutput) ToTrailEventSelectorOutputWithContext added in v1.19.0 

func (o TrailEventSelectorOutput) ToTrailEventSelectorOutputWithContext(ctx context.Context) TrailEventSelectorOutput

type TrailState 

type TrailState struct {
	// The Amazon Resource Name of the trail.
	Arn pulumi.StringPtrInput
	// Specifies a log group name using an Amazon Resource Name (ARN),
	// that represents the log group to which CloudTrail logs will be delivered.
	CloudWatchLogsGroupArn pulumi.StringPtrInput
	// Specifies the role for the CloudWatch Logs
	// endpoint to assume to write to a user’s log group.
	CloudWatchLogsRoleArn pulumi.StringPtrInput
	// Specifies whether log file integrity validation is enabled.
	// Defaults to `false`.
	EnableLogFileValidation pulumi.BoolPtrInput
	// Enables logging for the trail. Defaults to `true`.
	// Setting this to `false` will pause logging.
	EnableLogging pulumi.BoolPtrInput
	// Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these.
	EventSelectors TrailEventSelectorArrayInput
	// The region in which the trail was created.
	HomeRegion pulumi.StringPtrInput
	// Specifies whether the trail is publishing events
	// from global services such as IAM to the log files. Defaults to `true`.
	IncludeGlobalServiceEvents pulumi.BoolPtrInput
	// Specifies whether the trail is created in the current
	// region or in all regions. Defaults to `false`.
	IsMultiRegionTrail pulumi.BoolPtrInput
	// Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`.
	IsOrganizationTrail pulumi.BoolPtrInput
	// Specifies the KMS key ARN to use to encrypt the logs delivered by CloudTrail.
	KmsKeyId pulumi.StringPtrInput
	// Specifies the name of the trail.
	Name pulumi.StringPtrInput
	// Specifies the name of the S3 bucket designated for publishing log files.
	S3BucketName pulumi.StringPtrInput
	// Specifies the S3 key prefix that follows
	// the name of the bucket you have designated for log file delivery.
	S3KeyPrefix pulumi.StringPtrInput
	// Specifies the name of the Amazon SNS topic
	// defined for notification of log file delivery.
	SnsTopicName pulumi.StringPtrInput
	// A mapping of tags to assign to the trail
	Tags pulumi.MapInput
}

func (TrailState) ElementType added in v1.19.0 

func (TrailState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.