ec2

package
v0.0.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 18, 2022 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FlowLog_IsConstruct 

func FlowLog_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func FlowLog_IsOwnedResource 

func FlowLog_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func FlowLog_IsResource 

func FlowLog_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func NewFlowLogDestination_Override 

func NewFlowLogDestination_Override(f FlowLogDestination)

func NewFlowLogField_Override 

func NewFlowLogField_Override(f FlowLogField, name *string, type_ FlowLogDataType)

Creates a new instance of the FlowLogField class.

func NewFlowLogFormat_Override 

func NewFlowLogFormat_Override(f FlowLogFormat, fields ...FlowLogField)

Creates a new instance of the FlowLogFormat class.

func NewFlowLog_Override 

func NewFlowLog_Override(f FlowLog, scope constructs.IConstruct, id *string, props *FlowLogProps)

Creates a new instance of the FlowLog class.

Types

type FlowLog 

type FlowLog interface {
	awscdk.Resource
	awsec2.IFlowLog
	// The location where flow logs should be delivered.
	// See: [FlowLog LogDestinationType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestinationtype)
	//
	Destination() FlowLogDestination
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The Amazon Resource Name (ARN) of the flow log.
	FlowLogArn() *string
	// The ID of the flow log.
	FlowLogId() *string
	// The fields to include in the flow log record, in the order in which they should appear.
	//
	// For a list of available fields, see {@link FlowLogField}.
	// See: [FlowLog LogFormat](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logformat)
	//
	Format() FlowLogFormat
	// The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record.
	// See: [FlowLog MaxAggregationInterval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-maxaggregationinterval)
	//
	MaxAggregationInterval() FlowLogAggregationInterval
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//    cross-environment scenarios.
	PhysicalName() *string
	// The underlying FlowLog CloudFormation resource.
	// See: [AWS::EC2::FlowLog](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html)
	//
	Resource() awsec2.CfnFlowLog
	// Details for the resource from which flow logs will be captured.
	// See: [FlowLog ResourceType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-resourcetype)
	//
	ResourceType() awsec2.FlowLogResourceType
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic).
	// See: [FlowLog TrafficType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-traffictype)
	//
	TrafficType() awsec2.FlowLogTrafficType
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

func NewFlowLog 

func NewFlowLog(scope constructs.IConstruct, id *string, props *FlowLogProps) FlowLog

Creates a new instance of the FlowLog class.

type FlowLogAggregationInterval 

type FlowLogAggregationInterval string
const (
	// Flow logs will be written at least every 60 seconds.
	FlowLogAggregationInterval_ONE_MINUTE FlowLogAggregationInterval = "ONE_MINUTE"
	// Flow logs will be written at least every ten minutes.
	FlowLogAggregationInterval_TEN_MINUTES FlowLogAggregationInterval = "TEN_MINUTES"
)

type FlowLogDataType 

type FlowLogDataType string
const (
	// 32 bit signed int.
	FlowLogDataType_INT_32 FlowLogDataType = "INT_32"
	// 64 bit signed int.
	FlowLogDataType_INT_64 FlowLogDataType = "INT_64"
	// UTF-8 encoded character string.
	FlowLogDataType_STRING FlowLogDataType = "STRING"
)

type FlowLogDestination 

type FlowLogDestination interface {
	ILogDestination
	// Returns a configuration object with all the fields and resources needed to configure a flow log to write to the destination.
	Bind(scope constructs.IConstruct) *FlowLogDestinationConfig
}

Represents a resource that can act as a deliver endpoint for captured flow logs.

func FlowLogDestination_ToCloudWatchLogs 

func FlowLogDestination_ToCloudWatchLogs(logGroup awslogs.ILogGroup, role awsiam.IRole) FlowLogDestination

Represents a CloudWatch log group that will serve as the endpoint where flow logs should be delivered.

Returns: A configuration object containing details on how to set up logging to the log group. See: [Publish flow logs to CloudWatch Logs](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-cwl.html)

func FlowLogDestination_ToS3 

func FlowLogDestination_ToS3(bucket awss3.IBucket, options *FlowLogS3Options) FlowLogDestination

Represents a CloudWatch log group that will serve as the endpoint where flow logs should be delivered.

Returns: A configuration object containing details on how to set up logging to the bucket. See: [Publish flow logs to Amazon S3](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-s3.html)

type FlowLogDestinationConfig 

type FlowLogDestinationConfig struct {
	// The type of destination for the flow log data.
	// See: [FlowLog LogDestinationType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestinationtype)
	//
	DestinationType awsec2.FlowLogDestinationType `field:"required" json:"destinationType" yaml:"destinationType"`
	// An S3 bucket where logs should be delivered.
	// See: [FlowLog LogDestination](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestination)
	//
	Bucket awss3.IBucket `field:"optional" json:"bucket" yaml:"bucket"`
	// Additional options that control the format and behavior of logs delivered to the destination.
	DestinationOptions *map[string]interface{} `field:"optional" json:"destinationOptions" yaml:"destinationOptions"`
	// A CloudWatch LogGroup where logs should be delivered.
	// See: [FlowLog LogDestination](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestination)
	//
	LogGroup awslogs.ILogGroup `field:"optional" json:"logGroup" yaml:"logGroup"`
	// The ARN of the IAM role that allows Amazon EC2 to publish flow logs in your account.
	// See: [FlowLog DeliverLogsPermissionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-deliverlogspermissionarn)
	//
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
	// An Amazon Resource Name (ARN) for the S3 destination where log files are to be delivered.
	//
	// If a custom prefix is being added the ARN should reflect that prefix.
	// See: [FlowLog LogDestination](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestination)
	//
	S3Path *string `field:"optional" json:"s3Path" yaml:"s3Path"`
}

A configuration object providing the details necessary to set up log delivery to a given destination.

type FlowLogField 

type FlowLogField interface {
	// The name of the Flow Log field, as it should be used when building a format string.
	Name() *string
	// The data type of the field as it would appear in Parquet.
	//
	// For
	// information on the type for various files, see documentation on the
	// [available fields](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-logs-fields).
	Type() FlowLogDataType
}

func FlowLogField_ACCOUNT_ID 

func FlowLogField_ACCOUNT_ID() FlowLogField

func FlowLogField_ACTION 

func FlowLogField_ACTION() FlowLogField

func FlowLogField_AZ_ID 

func FlowLogField_AZ_ID() FlowLogField

func FlowLogField_BYTES 

func FlowLogField_BYTES() FlowLogField

func FlowLogField_DSTADDR 

func FlowLogField_DSTADDR() FlowLogField

func FlowLogField_DSTPORT 

func FlowLogField_DSTPORT() FlowLogField

func FlowLogField_END 

func FlowLogField_END() FlowLogField

func FlowLogField_FLOW_DIRECTION 

func FlowLogField_FLOW_DIRECTION() FlowLogField

func FlowLogField_INSTANCE_ID 

func FlowLogField_INSTANCE_ID() FlowLogField

func FlowLogField_INTERFACE_ID 

func FlowLogField_INTERFACE_ID() FlowLogField

func FlowLogField_LOG_STATUS 

func FlowLogField_LOG_STATUS() FlowLogField

func FlowLogField_PACKETS 

func FlowLogField_PACKETS() FlowLogField

func FlowLogField_PKT_DSTADDR 

func FlowLogField_PKT_DSTADDR() FlowLogField

func FlowLogField_PKT_DST_AWS_SERVICE 

func FlowLogField_PKT_DST_AWS_SERVICE() FlowLogField

func FlowLogField_PKT_SRCADDR 

func FlowLogField_PKT_SRCADDR() FlowLogField

func FlowLogField_PKT_SRC_AWS_SERVICE 

func FlowLogField_PKT_SRC_AWS_SERVICE() FlowLogField

func FlowLogField_PROTOCOL 

func FlowLogField_PROTOCOL() FlowLogField

func FlowLogField_REGION 

func FlowLogField_REGION() FlowLogField

func FlowLogField_SRCADDR 

func FlowLogField_SRCADDR() FlowLogField

func FlowLogField_SRCPORT 

func FlowLogField_SRCPORT() FlowLogField

func FlowLogField_START 

func FlowLogField_START() FlowLogField

func FlowLogField_SUBLOCATION_ID 

func FlowLogField_SUBLOCATION_ID() FlowLogField

func FlowLogField_SUBLOCATION_TYPE 

func FlowLogField_SUBLOCATION_TYPE() FlowLogField

func FlowLogField_SUBNET_ID 

func FlowLogField_SUBNET_ID() FlowLogField

func FlowLogField_TCP_FLAGS 

func FlowLogField_TCP_FLAGS() FlowLogField

func FlowLogField_TRAFFIC_PATH 

func FlowLogField_TRAFFIC_PATH() FlowLogField

func FlowLogField_TYPE 

func FlowLogField_TYPE() FlowLogField

func FlowLogField_VERSION 

func FlowLogField_VERSION() FlowLogField

func FlowLogField_VPC_ID 

func FlowLogField_VPC_ID() FlowLogField

func NewFlowLogField 

func NewFlowLogField(name *string, type_ FlowLogDataType) FlowLogField

Creates a new instance of the FlowLogField class.

type FlowLogFileFormat 

type FlowLogFileFormat string

The file format options for flow log files delivered to S3. See: [Flow log files](https://docs.aws.amazon.com/vpc/latest/tgw/flow-logs-s3.html#flow-logs-s3-path) 

const (
	// Apache Parquet is a columnar data format.
	//
	// Queries on data in Parquet
	// format are 10 to 100 times faster compared to queries on data in plain
	// text. Data in Parquet format with Gzip compression takes 20 percent less
	// storage space than plain text with Gzip compression.
	FlowLogFileFormat_PARQUET FlowLogFileFormat = "PARQUET"
	// Plain text.
	//
	// This is the default format.
	FlowLogFileFormat_PLAIN_TEXT FlowLogFileFormat = "PLAIN_TEXT"
)

type FlowLogFormat 

type FlowLogFormat interface {
	// The fields that make up the flow log format, in the order that they should appear in the log entries.
	Fields() *[]FlowLogField
	// The rendered format string in the format expected by AWS when creating a new Flow Log.
	Template() *string
	// Adds a new field to the flow log output.
	//
	// New fields are added at the
	// end of a log entry after all the other fields that came before it.
	AddField(field FlowLogField)
}

func FlowLogFormat_V2 

func FlowLogFormat_V2() FlowLogFormat

func FlowLogFormat_V3 

func FlowLogFormat_V3() FlowLogFormat

func FlowLogFormat_V4 

func FlowLogFormat_V4() FlowLogFormat

func FlowLogFormat_V5 

func FlowLogFormat_V5() FlowLogFormat

func NewFlowLogFormat 

func NewFlowLogFormat(fields ...FlowLogField) FlowLogFormat

Creates a new instance of the FlowLogFormat class.

type FlowLogProps 

type FlowLogProps struct {
	// The AWS account ID this resource belongs to.
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//    CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//    by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	Region *string `field:"optional" json:"region" yaml:"region"`
	// Details for the resource from which flow logs will be captured.
	// See: [FlowLog ResourceType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-resourcetype)
	//
	ResourceType awsec2.FlowLogResourceType `field:"required" json:"resourceType" yaml:"resourceType"`
	// The location where flow logs should be delivered.
	// See: [FlowLog LogDestinationType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestinationtype)
	//
	Destination FlowLogDestination `field:"optional" json:"destination" yaml:"destination"`
	// The fields to include in the flow log record, in the order in which they should appear.
	//
	// For a list of available fields, see {@link FlowLogField}.
	// See: [FlowLog LogFormat](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logformat)
	//
	Format FlowLogFormat `field:"optional" json:"format" yaml:"format"`
	// The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record.
	// See: [FlowLog MaxAggregationInterval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-maxaggregationinterval)
	//
	MaxAggregationInterval FlowLogAggregationInterval `field:"optional" json:"maxAggregationInterval" yaml:"maxAggregationInterval"`
	// The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic).
	// See: [FlowLog TrafficType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-traffictype)
	//
	TrafficType awsec2.FlowLogTrafficType `field:"optional" json:"trafficType" yaml:"trafficType"`
}

Configuration for the FlowLog class.

type FlowLogS3Options 

type FlowLogS3Options struct {
	// The file format in which flow logs should be delivered to S3.
	// See: [Flow log files](https://docs.aws.amazon.com/vpc/latest/tgw/flow-logs-s3.html#flow-logs-s3-path)
	//
	FileFormat FlowLogFileFormat `field:"optional" json:"fileFormat" yaml:"fileFormat"`
	// Controls the format of partitions ("folders") when the flow logs are delivered to S3.
	//
	// By default, flow logs are delivered partitioned such that each part of
	// the S3 path represents a values pertaining to details of the log.
	//
	// When hive compatible partitions are enabled, partitions will be
	// structured such that keys declaring the partition name are added at
	// each level.
	//
	// An example of standard partitioning:
	// “`
	// /us-east-1/2020/03/08/log.tar.gz
	// “`
	//
	// An example with Hive compatible partitions:
	// “`
	// /region=us-east-1/year=2020/month=03/day=08/log.tar.gz
	// “`.
	// See: [AWS Big Data Blog](https://aws.amazon.com/blogs/big-data/optimize-performance-and-reduce-costs-for-network-analytics-with-vpc-flow-logs-in-apache-parquet-format/)
	//
	HiveCompatiblePartitions *bool `field:"optional" json:"hiveCompatiblePartitions" yaml:"hiveCompatiblePartitions"`
	// An optional prefix that will be added to the start of all flow log files delivered to the S3 bucket.
	// See: [FlowLog LogDestination](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html#cfn-ec2-flowlog-logdestination)
	//
	KeyPrefix *string `field:"optional" json:"keyPrefix" yaml:"keyPrefix"`
	// Indicates whether to partition the flow log per hour.
	//
	// By default, flow logs are partitioned (organized into S3 "folders") by
	// day.
	//
	// Setting this to true will add an extra layer of directories splitting
	// flow log files by the hour in which they were delivered.
	// See: [Flow log files](https://docs.aws.amazon.com/vpc/latest/tgw/flow-logs-s3.html#flow-logs-s3-path)
	//
	PerHourPartition *bool `field:"optional" json:"perHourPartition" yaml:"perHourPartition"`
}

type ILogDestination 

type ILogDestination interface {
	Bind(scope constructs.IConstruct) *FlowLogDestinationConfig
}

Represents a resource that can act as a deliver endpoint for captured flow logs.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.