README
¶
Vibe-io CDK-Extensions Glue Tables Construct Library
The cdk-extensions/glue-tables package contains advanced constructs and patterns for setting up commonly needed Glue tables and Athena Named Queries. The constructs presented here are intended to be replacements for equivalent AWS constructs in the CDK module, but with additional features included.
The patterns here extend and depend on the Glue constructs in the cdk-extensions/glue module(crawler, table, et al) to
ensure all defaults follow best practices, and utilize most secure settings.
To import and use this module within your CDK project:
Typescript
import * as glue_tables from 'cdk-extensions/glue-tables';
Python
import cdk_extensions.glue_tables as glue_tables
AWS Logging Tables
These constructs are utilized as part of the logging strategy defined by stacks/AwsLoggingStack, but can be deployed individually. They define Glue tables and named Athena queries for ingesting and analyzing each services log data from an S3 Bucket.
Usage
These tables all expect input from S3_buckets. By default, for each service in the AwsLoggingStack, a Glue crawler performs an ETL process to analyze and categorize the stored data and store the associated metadata in the AWS Glue Data Catalog. All fields are represented, with handling for nested data as structs.
For each service, projections are configured where necessary and tables constructed to patterns expected for that service, including any necessary SerDe Info.
Several default named Athena queries are defined using the cdk_extensions/athena module that aid in improving the security posture of your AWS Account. These named queries have been defined for each AWS service.
Required Parameters
These constructs are intended to be used internally by the AwsLoggingStack. If using them directly, requires:
- bucket: An AWS S3 iBucket representing the s3 bucket logs are stored in
- database: A cdk-extensions/glue
Databaseto create the table in.
About ETL
ETL stands for Extract, Transform, Load. Data is extracted from the service logs by the Glue crawler, and transformed to a proper schema and format for loading into a Glue table.
AlbLogsTable
Usage
Required Parameters
- bucket: An AWS S3 iBucket representing the s3 bucket logs are stored in
- database: A cdk-extensions/glue
Databaseto create the table in.
TypeScript
import { AlbLogsTable } from 'cdk-extensions/glue-tables'
new AlbLogsTable(this, 'AlbLogsTable', {
'bucket': bucket,
'database': database
})
Python
from cdk_extensions.glue_tables import (
AlbLogsTable
)
alb_logging_stack = AlbLogsTable(self, 'AwsLoggingStack',
bucket=bucket,
database=database
)
Glue
Creates a Glue table using constructs from the cdk_extensions/glue module. Table schema is configured for expected ALB log fields.
The following partition keys are set:
sourcelognameregionnameday
Projection is enabled and configured for the expected yyyy/MM/dd log format.
Athena Queries
Creates Athena Queries using the cdk-extensions/athena module.
Two Athena CfnNamedQueries are created by default:
- alb-top-ips: Gets the 100 most active IP addresses by request count.
- alb-5xx-errors: Gets the 100 most recent ELB 5XX responses
CloudFrontLogsTable
Usage
Required Parameters
- bucket: An AWS S3 iBucket representing the s3 bucket logs are stored in
- database: A cdk-extensions/glue
Databaseto create the table in.
TypeScript
import { CloudFrontLogsTable } from 'cdk-extensions/glue-tables'
new CloudFrontLogsTable(this, 'CloudFrontLogsTable', {
'bucket': bucket,
'database': database
})
Python
from cdk_extensions.glue_tables import (
CloudFrontLogsTable
)
cloudfront_logging_stack = CloudFrontLogsTable(self, 'AwsLoggingStack',
bucket=bucket,
database=database
)
Glue
Creates a Glue table using constructs from the cdk_extensions/glue module. Table schema is configured for expected CloudFront log fields.
Athena Queries
Creates Athena Queries using the cdk-extensions/athena constructs.
Four Athena CfnNamedQueries are created by default:
- cloudfront-distribution-statistics: Gets statistics for CloudFront distributions for the last day.
- cloudfront-request-errors: Gets the 100 most recent requests that resulted in an error from CloudFront.
- cloudfront-top-ips: Gets the 100 most active IP addresses by request count.
- cloudfront-top-objects: Gets the 100 most requested CloudFront objects.
CloudTrailTable
Usage
Required Parameters
- bucket: An AWS S3 iBucket representing the s3 bucket logs are stored in
- database: A cdk-extensions/glue
Databaseto create the table in.
TypeScript
import { CloudTrailTable } from 'cdk-extensions/glue-tables'
new CloudTrailTable(this, 'CloudTrailTable', {
'bucket': bucket,
'database': database
})
Python
from cdk_extensions.glue_tables import (
CloudTrailTable
)
cloudtrail_table_stack = CloudTrailTable(self, 'AwsLoggingStack',
bucket=bucket,
database=database
)
Glue
Creates a Glue table using constructs from the cdk_extensions/glue module. Table schema is configured for expected CloudTrail event logs data.
The following partition keys are set:
sourcelognameregionnameday
Projection is enabled and configured for the expected yyyy/MM/dd log format.
Athena Queries
Creates Athena Queries using the cdk-extensions/athena constructs.
Two Athena CfnNamedQueries are created by default:
- cloudtrail-unauthorized-errors: Gets the 100 most recent unauthorized AWS API calls.
- cloudtrail-user-logins: Gets the 100 most recent AWS user logins.
FlowLogsTable
Usage
Required Parameters
- bucket: An AWS S3 iBucket representing the s3 bucket logs are stored in
- database: A cdk-extensions/glue
Databaseto create the table in.
TypeScript
import { FlowLogsTable } from 'cdk-extensions/glue-tables'
new FlowLogsTable(this, 'FlowLogsTable', {
'bucket': bucket,
'database': database
})
Python
from cdk_extensions.glue_tables import (
FlowLogsTable
)
flowlogs_stack = FlowLogsTable(self, 'AwsLoggingStack',
bucket=bucket,
database=database
)
Glue
Creates a Glue table using constructs from the cdk_extensions/glue module. Table schema is configured for expected VPC FlowLog data.
The following partition keys are set:
sourcelognameregionnameday
Projection is enabled and configured for the expected yyyy/MM/dd log format.
Athena Queries
One AthenaNamedQuery is created by default:
- flow-logs-internal-rejected: Gets the 100 most recent rejected packets that stayed within the private network ranges.
S3AccessLogsTable
Usage
Required Parameters
- bucket: An AWS S3 iBucket representing the s3 bucket logs are stored in
- database: A cdk-extensions/glue
Databaseto create the table in.
TypeScript
import { S3AccessLogsTable } from 'cdk-extensions/glue-tables'
new S3AccessLogsTable(this, 'S3AccessLogsTable', {
'bucket': bucket,
'database': database
})
Python
from cdk_extensions.glue_tables import (
S3AccessLogsTable
)
s3_access_logging_stack = S3AccessLogsTable(self, 'AwsLoggingStack',
bucket=bucket,
database=database
)
Glue
Creates a Glue table using constructs from the cdk_extensions/glue module. Table schema is configured for expected S3 Access log data.
Athena Queries
Creates an Athena Query using the cdk-extensions/athena constructs. One AthenaNamedQuery is created by default:
- s3-request-errors: Gets the 100 most recent failed S3 access requests.
SesLogsTable
Usage
Required Parameters
- bucket: An AWS S3 iBucket representing the s3 bucket logs are stored in
- database: A cdk-extensions/glue
Databaseto create the table in.
TypeScript
import { SesLogsTable } from 'cdk-extensions/glue-tables'
new SesLogsTable(this, 'SesLogsTable', {
'bucket': bucket,
'database': database
})
Python
from cdk_extensions.glue_tables import (
SesLogsTable
)
ses_logging_stack = SesLogsTable(self, 'AwsLoggingStack',
bucket=bucket,
database=database
)
Glue
Creates a Glue table using constructs from the cdk_extensions/glue module. Table schema is configured for the expected SES event logs.
Projection is enabled and configured for the expected yyyy/MM/dd log format.
The following partition keys are set:
day
Athena Queries
Creates Athena Queries using the cdk-extensions/athena constructs.
Two Athena CfnNamedQueries are created by default:
- ses-bounces: Gets the 100 most recent bounces from the last day.
- ses-complaints: Gets the 100 most recent complaints from the last day.
WafLogsTable
Usage
Required Paramaters
- bucket: An AWS S3 iBucket representing the s3 bucket logs are stored in
- database: A cdk-extensions/glue
Databaseto create the table in. TypeScript
import { WafLogsTable } from 'cdk-extensions/glue-tables'
new WafLogsTable(this, 'WafLogsTable', {
'bucket': bucket,
'database': database
})
Python
from cdk_extensions.glue_tables import (
WafLogsTable
)
waf_logging_stack = WafLogsTable(self, 'AwsLoggingStack',
bucket=bucket,
database=database
)
Glue
Creates a Glue table using constructs from the cdk_extensions/glue module. Table schema is configured for expected WAF log data.
The following partition keys are set:
accountregion
Projection is enabled.
Athena Queries
No default Athena Queries have been implemented at this time.
Examples
Creates an ALB Logging stack, with an S3 logging bucket, cdk_extensions/glue Database, and AlbLogsTable with its default Athena Queries.
TypeScript
import { App, Stack, StackProps, RemovalPolicy, aws_s3 as s3 } from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { Database } from 'cdk-extensions/glue/database';
import { AlbLogsTable } from 'cdk-extensions/glue-tables';
export class AlbLogStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
// If we were to use the cdk-extensions AlbLogsBucket pattern,
// Glue tables would be created for us. Instead, we use the
// standard library, remembering to set some secure best practices
// like encryption and removal policy
const bucket = new s3.Bucket(this, 'MyEncryptedBucket', {
encryption: s3.BucketEncryption.KMS,
removalPolicy: RemovalPolicy.RETAIN
});
// Create a cdk-extensions/glue Database with secure defaults
const database = new Database(this, 'GlueDatabase');
// Create the AlbLogsTable Glue table with defaults
const alb_logs_table = new AlbLogsTable(this, 'AlbLogsTable', {
'bucket': bucket,
'database': database
})
}
}
Python
from constructs import Construct
from aws_cdk import (
RemovalPolicy,
Stack,
aws_s3 as s3
)
from cdk_extensions.glue import (
Database
)
from cdk_extensions.glue_tables import (
AlbLogsTable
)
class AlbLogStack(Stack):
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
# If we were to use the cdk-extensions AlbLogsBucket pattern,
# Glue tables would be created for us. Instead, we use the
# standard library, remembering to set some secure best practices
# like encryption and removal policy
bucket = s3.Bucket(self, 'MyEncryptedBucket',
encryption=s3.BucketEncryption.KMS,
removalPolicy=RemovalPolicy.RETAIN
)
# Create a cdk-extensions/glue Database with secure defaults
database = Database(self, 'MyGlueDatabase')
# Create the AlbLogsTable Glue table with defaults
alb_logging_stack = AlbLogsTable(self, 'AwsLoggingStack',
bucket=bucket,
database=database
)
Documentation
¶
Index ¶
- func AlbLogsTable_IsConstruct(x interface{}) *bool
- func AlbLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
- func AlbLogsTable_IsResource(construct constructs.IConstruct) *bool
- func CloudfrontLogsTable_IsConstruct(x interface{}) *bool
- func CloudfrontLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
- func CloudfrontLogsTable_IsResource(construct constructs.IConstruct) *bool
- func CloudtrailTable_IsConstruct(x interface{}) *bool
- func CloudtrailTable_IsOwnedResource(construct constructs.IConstruct) *bool
- func CloudtrailTable_IsResource(construct constructs.IConstruct) *bool
- func FlowLogsTable_IsConstruct(x interface{}) *bool
- func FlowLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
- func FlowLogsTable_IsResource(construct constructs.IConstruct) *bool
- func NewAlbLogsTable_Override(a AlbLogsTable, scope constructs.Construct, id *string, ...)
- func NewCloudfrontLogsTable_Override(c CloudfrontLogsTable, scope constructs.Construct, id *string, ...)
- func NewCloudtrailTable_Override(c CloudtrailTable, scope constructs.Construct, id *string, ...)
- func NewFlowLogsTable_Override(f FlowLogsTable, scope constructs.Construct, id *string, ...)
- func NewS3AccessLogsTable_Override(s S3AccessLogsTable, scope constructs.Construct, id *string, ...)
- func NewSesLogsTable_Override(s SesLogsTable, scope constructs.Construct, id *string, ...)
- func NewWafLogsTable_Override(w WafLogsTable, scope constructs.Construct, id *string, ...)
- func S3AccessLogsTable_IsConstruct(x interface{}) *bool
- func S3AccessLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
- func S3AccessLogsTable_IsResource(construct constructs.IConstruct) *bool
- func SesLogsTable_IsConstruct(x interface{}) *bool
- func SesLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
- func SesLogsTable_IsResource(construct constructs.IConstruct) *bool
- func WafLogsTable_IsConstruct(x interface{}) *bool
- func WafLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
- func WafLogsTable_IsResource(construct constructs.IConstruct) *bool
- type AlbLogsTable
- type AlbLogsTableProps
- type CloudfrontLogsTable
- type CloudfrontLogsTableProps
- type CloudtrailTable
- type CloudtrailTableProps
- type FlowLogsTable
- type FlowLogsTableProps
- type S3AccessLogsTable
- type S3AccessLogsTableProps
- type SesLogsTable
- type SesLogsTableProps
- type WafLogsTable
- type WafLogsTableProps
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AlbLogsTable_IsConstruct ¶
func AlbLogsTable_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func AlbLogsTable_IsOwnedResource ¶
func AlbLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func AlbLogsTable_IsResource ¶
func AlbLogsTable_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func CloudfrontLogsTable_IsConstruct ¶
func CloudfrontLogsTable_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func CloudfrontLogsTable_IsOwnedResource ¶
func CloudfrontLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func CloudfrontLogsTable_IsResource ¶
func CloudfrontLogsTable_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func CloudtrailTable_IsConstruct ¶
func CloudtrailTable_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func CloudtrailTable_IsOwnedResource ¶
func CloudtrailTable_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func CloudtrailTable_IsResource ¶
func CloudtrailTable_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func FlowLogsTable_IsConstruct ¶
func FlowLogsTable_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func FlowLogsTable_IsOwnedResource ¶
func FlowLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func FlowLogsTable_IsResource ¶
func FlowLogsTable_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func NewAlbLogsTable_Override ¶
func NewAlbLogsTable_Override(a AlbLogsTable, scope constructs.Construct, id *string, props *AlbLogsTableProps)
Creates a new instance of the AlbLogsTable class.
func NewCloudfrontLogsTable_Override ¶
func NewCloudfrontLogsTable_Override(c CloudfrontLogsTable, scope constructs.Construct, id *string, props *CloudfrontLogsTableProps)
Creates a new instance of the CloudfrontAccessLogsTable class.
func NewCloudtrailTable_Override ¶
func NewCloudtrailTable_Override(c CloudtrailTable, scope constructs.Construct, id *string, props *CloudtrailTableProps)
Creates a new instance of the FlowLogsTable class.
func NewFlowLogsTable_Override ¶
func NewFlowLogsTable_Override(f FlowLogsTable, scope constructs.Construct, id *string, props *FlowLogsTableProps)
Creates a new instance of the FlowLogsTable class.
func NewS3AccessLogsTable_Override ¶
func NewS3AccessLogsTable_Override(s S3AccessLogsTable, scope constructs.Construct, id *string, props *S3AccessLogsTableProps)
Creates a new instance of the S3AccessLogsTable class.
func NewSesLogsTable_Override ¶
func NewSesLogsTable_Override(s SesLogsTable, scope constructs.Construct, id *string, props *SesLogsTableProps)
Creates a new instance of the SesLogsTable class.
func NewWafLogsTable_Override ¶
func NewWafLogsTable_Override(w WafLogsTable, scope constructs.Construct, id *string, props *WafLogsTableProps)
Creates a new instance of the S3AccessLogsTable class.
func S3AccessLogsTable_IsConstruct ¶
func S3AccessLogsTable_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func S3AccessLogsTable_IsOwnedResource ¶
func S3AccessLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func S3AccessLogsTable_IsResource ¶
func S3AccessLogsTable_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func SesLogsTable_IsConstruct ¶
func SesLogsTable_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func SesLogsTable_IsOwnedResource ¶
func SesLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func SesLogsTable_IsResource ¶
func SesLogsTable_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func WafLogsTable_IsConstruct ¶
func WafLogsTable_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func WafLogsTable_IsOwnedResource ¶
func WafLogsTable_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func WafLogsTable_IsResource ¶
func WafLogsTable_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
Types ¶
type AlbLogsTable ¶
type AlbLogsTable interface {
glue.Table
// {@link TableProps.compressed}.
Compressed() *bool
// Boolean indicating whether to create default Athena queries for the ALB Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries() *bool
// {@link TableProps.database:}.
Database() glue.Database
// {@link TableProps.dataFormat}.
DataFormat() glue.DataFormat
// {@link TableProps.description}.
Description() *string
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames() *bool
// {@link TableProps.location}.
Location() *string
// {@link TableProps.name}.
Name() *string
// The tree node.
Node() constructs.Node
// {@link TableProps.owner}.
Owner() *string
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
Resource() awsglue.CfnTable
// {@link TableProps.retention}.
Retention() awscdk.Duration
// {@link TableProps.serdeName}.
SerdeName() *string
// The stack in which this resource is defined.
Stack() awscdk.Stack
Status5xxNamedQuery() athena.NamedQuery
// {@link TableProps.storedAsSubDirectories}.
StoredAsSubDirectories() *bool
TableArn() *string
TableName() *string
// {@link TableProps.tableType}.
TableType() glue.TableType
// {@link TableProps.targetTable}.
TargetTable() glue.Table
TopIpsNamedQuery() athena.NamedQuery
// {@link TableProps.viewExpandedText}.
ViewExpandedText() *string
// {@link TableProps.viewOriginalText}.
ViewOriginalText() *string
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup() athena.IWorkGroup
AddColumn(column glue.Column)
AddParameter(key *string, value *string)
AddPartitionKey(column glue.Column)
AddSerdeParameter(key *string, value *string)
AddStorageParameter(key *string, value *string)
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
RenderStorageDescriptor() *awsglue.CfnTable_StorageDescriptorProperty
// Returns a string representation of this construct.
ToString() *string
}
func NewAlbLogsTable ¶
func NewAlbLogsTable(scope constructs.Construct, id *string, props *AlbLogsTableProps) AlbLogsTable
Creates a new instance of the AlbLogsTable class.
type AlbLogsTableProps ¶
type AlbLogsTableProps struct {
// The AWS account ID this resource belongs to.
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
Region *string `field:"optional" json:"region" yaml:"region"`
// A bucket where logs will be stored.
// See: [AWS S3 iBucket](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)
//
Bucket awss3.IBucket `field:"required" json:"bucket" yaml:"bucket"`
// A cdk-extensions/glue {@link aws-glue!Database } object that the table should be created in.
// See: [AWS::Glue::Database](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-database.html)
//
Database glue.Database `field:"required" json:"database" yaml:"database"`
// Boolean indicating whether to create default Athena queries for the ALB Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries *bool `field:"optional" json:"createQueries" yaml:"createQueries"`
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames *bool `field:"optional" json:"friendlyQueryNames" yaml:"friendlyQueryNames"`
// Name for Alb Logs Table.
Name *string `field:"optional" json:"name" yaml:"name"`
// Set a custom prefix for the S3 Bucket.
S3Prefix *string `field:"optional" json:"s3Prefix" yaml:"s3Prefix"`
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup athena.IWorkGroup `field:"optional" json:"workGroup" yaml:"workGroup"`
}
Configuration for AlbLogsTable.
type CloudfrontLogsTable ¶
type CloudfrontLogsTable interface {
glue.Table
// {@link TableProps.compressed}.
Compressed() *bool
// Boolean indicating whether to create default Athena queries for the Cloudfront Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries() *bool
// {@link TableProps.database:}.
Database() glue.Database
// {@link TableProps.dataFormat}.
DataFormat() glue.DataFormat
// {@link TableProps.description}.
Description() *string
DistributionStatisticsNamedQuery() athena.NamedQuery
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames() *bool
// {@link TableProps.location}.
Location() *string
// {@link TableProps.name}.
Name() *string
// The tree node.
Node() constructs.Node
// {@link TableProps.owner}.
Owner() *string
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
RequestErrorsNamedQuery() athena.NamedQuery
Resource() awsglue.CfnTable
// {@link TableProps.retention}.
Retention() awscdk.Duration
// {@link TableProps.serdeName}.
SerdeName() *string
// The stack in which this resource is defined.
Stack() awscdk.Stack
// {@link TableProps.storedAsSubDirectories}.
StoredAsSubDirectories() *bool
TableArn() *string
TableName() *string
// {@link TableProps.tableType}.
TableType() glue.TableType
// {@link TableProps.targetTable}.
TargetTable() glue.Table
TopIpsNamedQuery() athena.NamedQuery
TopObjectsNamedQuery() athena.NamedQuery
// {@link TableProps.viewExpandedText}.
ViewExpandedText() *string
// {@link TableProps.viewOriginalText}.
ViewOriginalText() *string
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup() athena.IWorkGroup
AddColumn(column glue.Column)
AddParameter(key *string, value *string)
AddPartitionKey(column glue.Column)
AddSerdeParameter(key *string, value *string)
AddStorageParameter(key *string, value *string)
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
RenderStorageDescriptor() *awsglue.CfnTable_StorageDescriptorProperty
// Returns a string representation of this construct.
ToString() *string
}
func NewCloudfrontLogsTable ¶
func NewCloudfrontLogsTable(scope constructs.Construct, id *string, props *CloudfrontLogsTableProps) CloudfrontLogsTable
Creates a new instance of the CloudfrontAccessLogsTable class.
type CloudfrontLogsTableProps ¶
type CloudfrontLogsTableProps struct {
// The AWS account ID this resource belongs to.
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
Region *string `field:"optional" json:"region" yaml:"region"`
// The bucket where logs will be contained.
// See: [AWS S3 iBucket](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)
//
Bucket awss3.IBucket `field:"required" json:"bucket" yaml:"bucket"`
// A cdk-extensions/glue {@link aws-glue!Database } object that the table should be created in.
// See: [AWS::Glue::Database](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-database.html)
//
Database glue.Database `field:"required" json:"database" yaml:"database"`
// Boolean indicating whether to create default Athena queries for the Cloudfront Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries *bool `field:"optional" json:"createQueries" yaml:"createQueries"`
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames *bool `field:"optional" json:"friendlyQueryNames" yaml:"friendlyQueryNames"`
// Name for Cloudfront Logs Table.
Name *string `field:"optional" json:"name" yaml:"name"`
// Set a custom prefix for the S3 Bucket.
S3Prefix *string `field:"optional" json:"s3Prefix" yaml:"s3Prefix"`
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup athena.IWorkGroup `field:"optional" json:"workGroup" yaml:"workGroup"`
}
Configuration for CloudfrontAccessLogsTable.
type CloudtrailTable ¶
type CloudtrailTable interface {
glue.Table
// {@link TableProps.compressed}.
Compressed() *bool
// Boolean indicating whether to create default Athena queries for the Cloudtrail Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries() *bool
// {@link TableProps.database:}.
Database() glue.Database
// {@link TableProps.dataFormat}.
DataFormat() glue.DataFormat
// {@link TableProps.description}.
Description() *string
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames() *bool
// {@link TableProps.location}.
Location() *string
// {@link TableProps.name}.
Name() *string
// The tree node.
Node() constructs.Node
// {@link TableProps.owner}.
Owner() *string
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
Resource() awsglue.CfnTable
// {@link TableProps.retention}.
Retention() awscdk.Duration
// {@link TableProps.serdeName}.
SerdeName() *string
// The stack in which this resource is defined.
Stack() awscdk.Stack
// {@link TableProps.storedAsSubDirectories}.
StoredAsSubDirectories() *bool
TableArn() *string
TableName() *string
// {@link TableProps.tableType}.
TableType() glue.TableType
// {@link TableProps.targetTable}.
TargetTable() glue.Table
UserLoginsNamedQuery() athena.NamedQuery
// {@link TableProps.viewExpandedText}.
ViewExpandedText() *string
// {@link TableProps.viewOriginalText}.
ViewOriginalText() *string
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup() athena.IWorkGroup
AddColumn(column glue.Column)
AddParameter(key *string, value *string)
AddPartitionKey(column glue.Column)
AddSerdeParameter(key *string, value *string)
AddStorageParameter(key *string, value *string)
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
RenderStorageDescriptor() *awsglue.CfnTable_StorageDescriptorProperty
// Returns a string representation of this construct.
ToString() *string
}
func NewCloudtrailTable ¶
func NewCloudtrailTable(scope constructs.Construct, id *string, props *CloudtrailTableProps) CloudtrailTable
Creates a new instance of the FlowLogsTable class.
type CloudtrailTableProps ¶
type CloudtrailTableProps struct {
// The AWS account ID this resource belongs to.
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
Region *string `field:"optional" json:"region" yaml:"region"`
// A bucket where logs will be stored.
// See: [AWS S3 iBucket](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)
//
Bucket awss3.IBucket `field:"required" json:"bucket" yaml:"bucket"`
// A cdk-extensions/glue {@link aws-glue!Database } object that the table should be created in.
// See: [AWS::Glue::Database](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-database.html)
//
Database glue.Database `field:"required" json:"database" yaml:"database"`
// Boolean indicating whether to create default Athena queries for the Cloudtrail Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries *bool `field:"optional" json:"createQueries" yaml:"createQueries"`
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames *bool `field:"optional" json:"friendlyQueryNames" yaml:"friendlyQueryNames"`
// Name for Cloudtrail Logs Table.
Name *string `field:"optional" json:"name" yaml:"name"`
// Set a custom prefix for the S3 Bucket.
S3Prefix *string `field:"optional" json:"s3Prefix" yaml:"s3Prefix"`
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup athena.IWorkGroup `field:"optional" json:"workGroup" yaml:"workGroup"`
}
Configuration for FlowLogsTable.
type FlowLogsTable ¶
type FlowLogsTable interface {
glue.Table
// {@link TableProps.compressed}.
Compressed() *bool
// Boolean indicating whether to create default Athena queries for the Flow Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries() *bool
// {@link TableProps.database:}.
Database() glue.Database
// {@link TableProps.dataFormat}.
DataFormat() glue.DataFormat
// {@link TableProps.description}.
Description() *string
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// A cdk-extentions/ec2 {@link aws-ec2!FlowLogFormat } object defining the desired formatting for Flow Logs.
Format() ec2.FlowLogFormat
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames() *bool
InternalRejectedNamedQuery() athena.NamedQuery
// {@link TableProps.location}.
Location() *string
// {@link TableProps.name}.
Name() *string
// The tree node.
Node() constructs.Node
// {@link TableProps.owner}.
Owner() *string
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
Resource() awsglue.CfnTable
// {@link TableProps.retention}.
Retention() awscdk.Duration
// {@link TableProps.serdeName}.
SerdeName() *string
// The stack in which this resource is defined.
Stack() awscdk.Stack
// {@link TableProps.storedAsSubDirectories}.
StoredAsSubDirectories() *bool
TableArn() *string
TableName() *string
// {@link TableProps.tableType}.
TableType() glue.TableType
// {@link TableProps.targetTable}.
TargetTable() glue.Table
// {@link TableProps.viewExpandedText}.
ViewExpandedText() *string
// {@link TableProps.viewOriginalText}.
ViewOriginalText() *string
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup() athena.IWorkGroup
AddColumn(column glue.Column)
AddParameter(key *string, value *string)
AddPartitionKey(column glue.Column)
AddSerdeParameter(key *string, value *string)
AddStorageParameter(key *string, value *string)
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
RenderStorageDescriptor() *awsglue.CfnTable_StorageDescriptorProperty
// Returns a string representation of this construct.
ToString() *string
}
func NewFlowLogsTable ¶
func NewFlowLogsTable(scope constructs.Construct, id *string, props *FlowLogsTableProps) FlowLogsTable
Creates a new instance of the FlowLogsTable class.
type FlowLogsTableProps ¶
type FlowLogsTableProps struct {
// The AWS account ID this resource belongs to.
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
Region *string `field:"optional" json:"region" yaml:"region"`
// A bucket where logs will be stored.
// See: [AWS S3 iBucket](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)
//
Bucket awss3.IBucket `field:"required" json:"bucket" yaml:"bucket"`
// A cdk-extensions/glue {@link aws-glue!Database } object that the table should be created in.
// See: [AWS::Glue::Database](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-database.html)
//
Database glue.Database `field:"required" json:"database" yaml:"database"`
// Boolean indicating whether to create default Athena queries for the Flow Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries *bool `field:"optional" json:"createQueries" yaml:"createQueries"`
// A cdk-extentions/ec2 {@link aws-ec2!FlowLogFormat } object defining the desired formatting for Flow Logs.
Format ec2.FlowLogFormat `field:"optional" json:"format" yaml:"format"`
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames *bool `field:"optional" json:"friendlyQueryNames" yaml:"friendlyQueryNames"`
// Name for Flow Logs Table.
Name *string `field:"optional" json:"name" yaml:"name"`
// Set a custom prefix for the S3 Bucket.
S3Prefix *string `field:"optional" json:"s3Prefix" yaml:"s3Prefix"`
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup athena.IWorkGroup `field:"optional" json:"workGroup" yaml:"workGroup"`
}
Configuration for FlowLogsTable.
type S3AccessLogsTable ¶
type S3AccessLogsTable interface {
glue.Table
// {@link TableProps.compressed}.
Compressed() *bool
// Boolean indicating whether to create default Athena queries for the S3 Access Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries() *bool
// {@link TableProps.database:}.
Database() glue.Database
// {@link TableProps.dataFormat}.
DataFormat() glue.DataFormat
// {@link TableProps.description}.
Description() *string
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames() *bool
// {@link TableProps.location}.
Location() *string
// {@link TableProps.name}.
Name() *string
// The tree node.
Node() constructs.Node
// {@link TableProps.owner}.
Owner() *string
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
RequestErrorsNamedQuery() athena.NamedQuery
Resource() awsglue.CfnTable
// {@link TableProps.retention}.
Retention() awscdk.Duration
// {@link TableProps.serdeName}.
SerdeName() *string
// The stack in which this resource is defined.
Stack() awscdk.Stack
// {@link TableProps.storedAsSubDirectories}.
StoredAsSubDirectories() *bool
TableArn() *string
TableName() *string
// {@link TableProps.tableType}.
TableType() glue.TableType
// {@link TableProps.targetTable}.
TargetTable() glue.Table
// {@link TableProps.viewExpandedText}.
ViewExpandedText() *string
// {@link TableProps.viewOriginalText}.
ViewOriginalText() *string
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup() athena.IWorkGroup
AddColumn(column glue.Column)
AddParameter(key *string, value *string)
AddPartitionKey(column glue.Column)
AddSerdeParameter(key *string, value *string)
AddStorageParameter(key *string, value *string)
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
RenderStorageDescriptor() *awsglue.CfnTable_StorageDescriptorProperty
// Returns a string representation of this construct.
ToString() *string
}
func NewS3AccessLogsTable ¶
func NewS3AccessLogsTable(scope constructs.Construct, id *string, props *S3AccessLogsTableProps) S3AccessLogsTable
Creates a new instance of the S3AccessLogsTable class.
type S3AccessLogsTableProps ¶
type S3AccessLogsTableProps struct {
// The AWS account ID this resource belongs to.
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
Region *string `field:"optional" json:"region" yaml:"region"`
// A bucket where logs will be stored.
// See: [AWS S3 iBucket](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)
//
Bucket awss3.IBucket `field:"required" json:"bucket" yaml:"bucket"`
// A cdk-extensions/glue {@link aws-glue!Database } object that the table should be created in.
// See: [AWS::Glue::Database](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-database.html)
//
Database glue.Database `field:"required" json:"database" yaml:"database"`
// Boolean indicating whether to create default Athena queries for the S3 Access Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries *bool `field:"optional" json:"createQueries" yaml:"createQueries"`
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames *bool `field:"optional" json:"friendlyQueryNames" yaml:"friendlyQueryNames"`
// Name for S3 Access Logs Table.
Name *string `field:"optional" json:"name" yaml:"name"`
// Set a custom prefix for the S3 Bucket.
S3Prefix *string `field:"optional" json:"s3Prefix" yaml:"s3Prefix"`
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup athena.IWorkGroup `field:"optional" json:"workGroup" yaml:"workGroup"`
}
Configuration for S3AccessLogsTable.
type SesLogsTable ¶
type SesLogsTable interface {
glue.Table
BouncesQuery() athena.NamedQuery
ComplaintsQuery() athena.NamedQuery
// {@link TableProps.compressed}.
Compressed() *bool
// Boolean indicating whether to create default Athena queries for the Ses Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries() *bool
// {@link TableProps.database:}.
Database() glue.Database
// {@link TableProps.dataFormat}.
DataFormat() glue.DataFormat
// {@link TableProps.description}.
Description() *string
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames() *bool
// {@link TableProps.location}.
Location() *string
// {@link TableProps.name}.
Name() *string
// The tree node.
Node() constructs.Node
// {@link TableProps.owner}.
Owner() *string
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
Resource() awsglue.CfnTable
// {@link TableProps.retention}.
Retention() awscdk.Duration
// {@link TableProps.serdeName}.
SerdeName() *string
// The stack in which this resource is defined.
Stack() awscdk.Stack
// {@link TableProps.storedAsSubDirectories}.
StoredAsSubDirectories() *bool
TableArn() *string
TableName() *string
// {@link TableProps.tableType}.
TableType() glue.TableType
// {@link TableProps.targetTable}.
TargetTable() glue.Table
// {@link TableProps.viewExpandedText}.
ViewExpandedText() *string
// {@link TableProps.viewOriginalText}.
ViewOriginalText() *string
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup() athena.IWorkGroup
AddColumn(column glue.Column)
AddParameter(key *string, value *string)
AddPartitionKey(column glue.Column)
AddSerdeParameter(key *string, value *string)
AddStorageParameter(key *string, value *string)
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
RenderStorageDescriptor() *awsglue.CfnTable_StorageDescriptorProperty
// Returns a string representation of this construct.
ToString() *string
}
func NewSesLogsTable ¶
func NewSesLogsTable(scope constructs.Construct, id *string, props *SesLogsTableProps) SesLogsTable
Creates a new instance of the SesLogsTable class.
type SesLogsTableProps ¶
type SesLogsTableProps struct {
// The AWS account ID this resource belongs to.
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
Region *string `field:"optional" json:"region" yaml:"region"`
// A bucket where logs will be stored.
// See: [AWS S3 iBucket](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)
//
Bucket awss3.IBucket `field:"required" json:"bucket" yaml:"bucket"`
// A cdk-extensions/glue {@link aws-glue!Database } object that the table should be created in.
// See: [AWS::Glue::Database](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-database.html)
//
Database glue.Database `field:"required" json:"database" yaml:"database"`
// Boolean indicating whether to create default Athena queries for the Ses Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries *bool `field:"optional" json:"createQueries" yaml:"createQueries"`
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames *bool `field:"optional" json:"friendlyQueryNames" yaml:"friendlyQueryNames"`
// Name for SES Logs Table.
Name *string `field:"optional" json:"name" yaml:"name"`
// Set a custom prefix for the S3 Bucket.
S3Prefix *string `field:"optional" json:"s3Prefix" yaml:"s3Prefix"`
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup athena.IWorkGroup `field:"optional" json:"workGroup" yaml:"workGroup"`
}
Configuration for SesLogsTable.
type WafLogsTable ¶
type WafLogsTable interface {
glue.Table
// {@link TableProps.compressed}.
Compressed() *bool
// Boolean indicating whether to create default Athena queries for the WAF Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries() *bool
// {@link TableProps.database:}.
Database() glue.Database
// {@link TableProps.dataFormat}.
DataFormat() glue.DataFormat
// {@link TableProps.description}.
Description() *string
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames() *bool
// {@link TableProps.location}.
Location() *string
// {@link TableProps.name}.
Name() *string
// The tree node.
Node() constructs.Node
// {@link TableProps.owner}.
Owner() *string
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
Resource() awsglue.CfnTable
// {@link TableProps.retention}.
Retention() awscdk.Duration
// {@link TableProps.serdeName}.
SerdeName() *string
// The stack in which this resource is defined.
Stack() awscdk.Stack
Status5xxNamedQuery() athena.NamedQuery
// {@link TableProps.storedAsSubDirectories}.
StoredAsSubDirectories() *bool
TableArn() *string
TableName() *string
// {@link TableProps.tableType}.
TableType() glue.TableType
// {@link TableProps.targetTable}.
TargetTable() glue.Table
TopIpsNamedQuery() athena.NamedQuery
// {@link TableProps.viewExpandedText}.
ViewExpandedText() *string
// {@link TableProps.viewOriginalText}.
ViewOriginalText() *string
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup() athena.IWorkGroup
AddColumn(column glue.Column)
AddParameter(key *string, value *string)
AddPartitionKey(column glue.Column)
AddSerdeParameter(key *string, value *string)
AddStorageParameter(key *string, value *string)
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
RenderStorageDescriptor() *awsglue.CfnTable_StorageDescriptorProperty
// Returns a string representation of this construct.
ToString() *string
}
func NewWafLogsTable ¶
func NewWafLogsTable(scope constructs.Construct, id *string, props *WafLogsTableProps) WafLogsTable
Creates a new instance of the S3AccessLogsTable class.
type WafLogsTableProps ¶
type WafLogsTableProps struct {
// The AWS account ID this resource belongs to.
Account *string `field:"optional" json:"account" yaml:"account"`
// ARN to deduce region and account from.
//
// The ARN is parsed and the account and region are taken from the ARN.
// This should be used for imported resources.
//
// Cannot be supplied together with either `account` or `region`.
EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
// The value passed in by users to the physical name prop of the resource.
//
// - `undefined` implies that a physical name will be allocated by
// CloudFormation during deployment.
// - a concrete value implies a specific physical name
// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
// by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
// The AWS region this resource belongs to.
Region *string `field:"optional" json:"region" yaml:"region"`
// A bucket where logs will be stored.
// See: [AWS S3 iBucket](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)
//
Bucket awss3.IBucket `field:"required" json:"bucket" yaml:"bucket"`
// A cdk-extensions/glue {@link aws-glue!Database } object that the table should be created in.
// See: [AWS::Glue::Database](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-glue-database.html)
//
Database glue.Database `field:"required" json:"database" yaml:"database"`
// Boolean indicating whether to create default Athena queries for the WAF Logs.
// See: [`CfnNamedQueries`](https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.aws_athena/CfnNamedQuery.html)
//
CreateQueries *bool `field:"optional" json:"createQueries" yaml:"createQueries"`
// Boolean for adding "friendly names" for the created Athena queries.
FriendlyQueryNames *bool `field:"optional" json:"friendlyQueryNames" yaml:"friendlyQueryNames"`
// Name for WAF Logs Table.
Name *string `field:"optional" json:"name" yaml:"name"`
// Set a custom prefix for the S3 Bucket.
S3Prefix *string `field:"optional" json:"s3Prefix" yaml:"s3Prefix"`
// The name of the workgroup where namedqueries should be created.
// See: [Setting up workgroups](https://docs.aws.amazon.com/athena/latest/ug/workgroups-procedure.html)
//
WorkGroup athena.IWorkGroup `field:"optional" json:"workGroup" yaml:"workGroup"`
}
Configuration for S3AccessLogsTable.
Source Files
¶
- AlbLogsTable.go
- AlbLogsTableProps.go
- AlbLogsTable__checks.go
- CloudfrontLogsTable.go
- CloudfrontLogsTableProps.go
- CloudfrontLogsTable__checks.go
- CloudtrailTable.go
- CloudtrailTableProps.go
- CloudtrailTable__checks.go
- FlowLogsTable.go
- FlowLogsTableProps.go
- FlowLogsTable__checks.go
- S3AccessLogsTable.go
- S3AccessLogsTableProps.go
- S3AccessLogsTable__checks.go
- SesLogsTable.go
- SesLogsTableProps.go
- SesLogsTable__checks.go
- WafLogsTable.go
- WafLogsTableProps.go
- WafLogsTable__checks.go
- main.go
Directories
Click to show internal directories.
Click to hide internal directories.