UNPKG

@pulumi/awsx

Version:

[![Actions Status](https://github.com/pulumi/pulumi-awsx/workflows/master/badge.svg)](https://github.com/pulumi/pulumi-awsx/actions) [![Slack](http://www.pulumi.com/images/docs/badges/slack.svg)](https://slack.pulumi.com) [![NPM version](https://badge.fur

pulumi.com

pulumi/pulumi-awsx

102 lines (101 loc) 4.5 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as pulumiAws from "@pulumi/aws"; export declare class Trail extends pulumi.ComponentResource { /** * Returns true if the given object is an instance of Trail. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Trail; /** * The managed S3 Bucket where the Trail will place its logs. */ readonly bucket: pulumi.Output<pulumiAws.s3.Bucket | undefined>; /** * The managed Cloudwatch Log Group. */ readonly logGroup: pulumi.Output<pulumiAws.cloudwatch.LogGroup | undefined>; /** * The CloudTrail Trail. */ readonly trail: pulumi.Output<pulumiAws.cloudtrail.Trail>; /** * Create a Trail resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: TrailArgs, opts?: pulumi.ComponentResourceOptions); } /** * The set of arguments for constructing a Trail resource. */ export interface TrailArgs { /** * Specifies an advanced event selector for enabling data event logging. Fields documented below. Conflicts with `event_selector`. */ advancedEventSelectors?: pulumi.Input<pulumi.Input<pulumiAws.types.input.cloudtrail.TrailAdvancedEventSelector>[]>; /** * Log group to which CloudTrail logs will be delivered. */ cloudWatchLogsGroup?: inputs.awsx.OptionalLogGroupArgs; /** * Whether log file integrity validation is enabled. Defaults to `false`. */ enableLogFileValidation?: pulumi.Input<boolean>; /** * Enables logging for the trail. Defaults to `true`. Setting this to `false` will pause logging. */ enableLogging?: pulumi.Input<boolean>; /** * Specifies an event selector for enabling data event logging. Fields documented below. Please note the [CloudTrail limits](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) when configuring these. Conflicts with `advanced_event_selector`. */ eventSelectors?: pulumi.Input<pulumi.Input<pulumiAws.types.input.cloudtrail.TrailEventSelector>[]>; /** * Whether the trail is publishing events from global services such as IAM to the log files. Defaults to `true`. */ includeGlobalServiceEvents?: pulumi.Input<boolean>; /** * Configuration block for identifying unusual operational activity. See details below. */ insightSelectors?: pulumi.Input<pulumi.Input<pulumiAws.types.input.cloudtrail.TrailInsightSelector>[]>; /** * Whether the trail is created in the current region or in all regions. Defaults to `false`. */ isMultiRegionTrail?: pulumi.Input<boolean>; /** * Whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. Defaults to `false`. */ isOrganizationTrail?: pulumi.Input<boolean>; /** * KMS key ARN to use to encrypt the logs delivered by CloudTrail. */ kmsKeyId?: pulumi.Input<string>; /** * Name of the trail. */ name?: pulumi.Input<string>; /** * Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration. */ region?: pulumi.Input<string>; /** * S3 bucket designated for publishing log files. */ s3Bucket?: inputs.awsx.RequiredBucketArgs; /** * S3 key prefix that follows the name of the bucket you have designated for log file delivery. */ s3KeyPrefix?: pulumi.Input<string>; /** * Name of the Amazon SNS topic defined for notification of log file delivery. Specify the SNS topic ARN if it resides in another region. */ snsTopicName?: pulumi.Input<string>; /** * Map of tags to assign to the trail. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; }