aws-cdk-lib

import * as cdk from "../../core/lib"; import * as constructs from "constructs"; import * as cfn_parse from "../../core/lib/helpers-internal"; import { IOrganizationCentralizationRuleRef, IOrganizationTelemetryRuleRef, IS3TableIntegrationRef, ITelemetryPipelinesRef, ITelemetryRuleRef, OrganizationCentralizationRuleReference, OrganizationTelemetryRuleReference, S3TableIntegrationReference, TelemetryPipelinesReference, TelemetryRuleReference } from "../../interfaces/generated/aws-observabilityadmin-interfaces.generated"; /** * Defines how telemetry data should be centralized across an AWS Organization, including source and destination configurations. * * @cloudformationResource AWS::ObservabilityAdmin::OrganizationCentralizationRule * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-organizationcentralizationrule.html */ export declare class CfnOrganizationCentralizationRule extends cdk.CfnResource implements cdk.IInspectable, IOrganizationCentralizationRuleRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnOrganizationCentralizationRule from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnOrganizationCentralizationRule; /** * Checks whether the given object is a CfnOrganizationCentralizationRule */ static isCfnOrganizationCentralizationRule(x: any): x is CfnOrganizationCentralizationRule; /** * The Amazon Resource Name (ARN) of the organization centralization rule. * * @cloudformationAttribute RuleArn */ readonly attrRuleArn: string; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; rule: CfnOrganizationCentralizationRule.CentralizationRuleProperty | cdk.IResolvable; /** * The name of the organization centralization rule. */ ruleName: string; /** * A key-value pair to filter resources based on tags associated with the resource. */ tags?: Array<cdk.CfnTag>; /** * Create a new `AWS::ObservabilityAdmin::OrganizationCentralizationRule`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnOrganizationCentralizationRuleProps); get organizationCentralizationRuleRef(): OrganizationCentralizationRuleReference; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnOrganizationCentralizationRule { /** * Defines how telemetry data should be centralized across an AWS Organization, including source and destination configurations. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationrule.html */ interface CentralizationRuleProperty { /** * Configuration determining where the telemetry data should be centralized, backed up, as well as encryption configuration for the primary and backup destinations. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationrule.html#cfn-observabilityadmin-organizationcentralizationrule-centralizationrule-destination */ readonly destination: CfnOrganizationCentralizationRule.CentralizationRuleDestinationProperty | cdk.IResolvable; /** * Configuration determining the source of the telemetry data to be centralized. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationrule.html#cfn-observabilityadmin-organizationcentralizationrule-centralizationrule-source */ readonly source: CfnOrganizationCentralizationRule.CentralizationRuleSourceProperty | cdk.IResolvable; } /** * Configuration specifying the source of telemetry data to be centralized. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationrulesource.html */ interface CentralizationRuleSourceProperty { /** * The list of source regions from which telemetry data should be centralized. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationrulesource.html#cfn-observabilityadmin-organizationcentralizationrule-centralizationrulesource-regions */ readonly regions: Array<string>; /** * The organizational scope from which telemetry data should be centralized, specified using organization id, accounts or organizational unit ids. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationrulesource.html#cfn-observabilityadmin-organizationcentralizationrule-centralizationrulesource-scope */ readonly scope?: string; /** * Log specific configuration for centralization source log groups. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationrulesource.html#cfn-observabilityadmin-organizationcentralizationrule-centralizationrulesource-sourcelogsconfiguration */ readonly sourceLogsConfiguration?: cdk.IResolvable | CfnOrganizationCentralizationRule.SourceLogsConfigurationProperty; } /** * Configuration for selecting and handling source log groups for centralization. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-sourcelogsconfiguration.html */ interface SourceLogsConfigurationProperty { /** * A strategy determining whether to centralize source log groups that are encrypted with customer managed KMS keys (CMK). * * ALLOW will consider CMK encrypted source log groups for centralization while SKIP will skip CMK encrypted source log groups from centralization. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-sourcelogsconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-sourcelogsconfiguration-encryptedloggroupstrategy */ readonly encryptedLogGroupStrategy: string; /** * The selection criteria that specifies which source log groups to centralize. * * The selection criteria uses the same format as OAM link filters. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-sourcelogsconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-sourcelogsconfiguration-loggroupselectioncriteria */ readonly logGroupSelectionCriteria: string; } /** * Configuration specifying the primary destination for centralized telemetry data. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationruledestination.html */ interface CentralizationRuleDestinationProperty { /** * The destination account (within the organization) to which the telemetry data should be centralized. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationruledestination.html#cfn-observabilityadmin-organizationcentralizationrule-centralizationruledestination-account */ readonly account?: string; /** * Log specific configuration for centralization destination log groups. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationruledestination.html#cfn-observabilityadmin-organizationcentralizationrule-centralizationruledestination-destinationlogsconfiguration */ readonly destinationLogsConfiguration?: CfnOrganizationCentralizationRule.DestinationLogsConfigurationProperty | cdk.IResolvable; /** * The primary destination region to which telemetry data should be centralized. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-centralizationruledestination.html#cfn-observabilityadmin-organizationcentralizationrule-centralizationruledestination-region */ readonly region: string; } /** * Configuration for centralization destination log groups, including encryption and backup settings. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-destinationlogsconfiguration.html */ interface DestinationLogsConfigurationProperty { /** * Configuration defining the backup region and an optional KMS key for the backup destination. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-destinationlogsconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-destinationlogsconfiguration-backupconfiguration */ readonly backupConfiguration?: cdk.IResolvable | CfnOrganizationCentralizationRule.LogsBackupConfigurationProperty; /** * The encryption configuration for centralization destination log groups. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-destinationlogsconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-destinationlogsconfiguration-logsencryptionconfiguration */ readonly logsEncryptionConfiguration?: cdk.IResolvable | CfnOrganizationCentralizationRule.LogsEncryptionConfigurationProperty; } /** * Configuration for encrypting centralized log groups. * * This configuration is only applied to destination log groups for which the corresponding source log groups are encrypted using Customer Managed KMS Keys. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration.html */ interface LogsEncryptionConfigurationProperty { /** * Conflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key. * * ALLOW lets centralization go through while SKIP prevents centralization into the destination log group. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration-encryptionconflictresolutionstrategy */ readonly encryptionConflictResolutionStrategy?: string; /** * Configuration that determines the encryption strategy of the destination log groups. * * CUSTOMER_MANAGED uses the configured KmsKeyArn to encrypt newly created destination log groups. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration-encryptionstrategy */ readonly encryptionStrategy: string; /** * KMS Key ARN belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration-kmskeyarn */ readonly kmsKeyArn?: string; } /** * Configuration for backing up centralized log data to a secondary region. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsbackupconfiguration.html */ interface LogsBackupConfigurationProperty { /** * KMS Key ARN belonging to the primary destination account and backup region, to encrypt newly created central log groups in the backup destination. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsbackupconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-logsbackupconfiguration-kmskeyarn */ readonly kmsKeyArn?: string; /** * Logs specific backup destination region within the primary destination account to which log data should be centralized. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsbackupconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-logsbackupconfiguration-region */ readonly region: string; } } /** * Properties for defining a `CfnOrganizationCentralizationRule` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-organizationcentralizationrule.html */ export interface CfnOrganizationCentralizationRuleProps { /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-organizationcentralizationrule.html#cfn-observabilityadmin-organizationcentralizationrule-rule */ readonly rule: CfnOrganizationCentralizationRule.CentralizationRuleProperty | cdk.IResolvable; /** * The name of the organization centralization rule. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-organizationcentralizationrule.html#cfn-observabilityadmin-organizationcentralizationrule-rulename */ readonly ruleName: string; /** * A key-value pair to filter resources based on tags associated with the resource. * * For more information about tags, see [What are tags?](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/what-are-tags.html) * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-organizationcentralizationrule.html#cfn-observabilityadmin-organizationcentralizationrule-tags */ readonly tags?: Array<cdk.CfnTag>; } /** * Retrieves the details of a specific organization centralization rule. * * This operation can only be called by the organization's management account or a delegated administrator account. * * @cloudformationResource AWS::ObservabilityAdmin::OrganizationTelemetryRule * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-organizationtelemetryrule.html */ export declare class CfnOrganizationTelemetryRule extends cdk.CfnResource implements cdk.IInspectable, IOrganizationTelemetryRuleRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnOrganizationTelemetryRule from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnOrganizationTelemetryRule; /** * Checks whether the given object is a CfnOrganizationTelemetryRule */ static isCfnOrganizationTelemetryRule(x: any): x is CfnOrganizationTelemetryRule; /** * The arn of the organization telemetry rule * * @cloudformationAttribute RuleArn */ readonly attrRuleArn: string; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * The name of the organization telemetry rule. */ rule: cdk.IResolvable | CfnOrganizationTelemetryRule.TelemetryRuleProperty; /** * The name of the organization centralization rule. */ ruleName: string; /** * Lists all tags attached to the specified resource. */ tags?: Array<cdk.CfnTag>; /** * Create a new `AWS::ObservabilityAdmin::OrganizationTelemetryRule`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnOrganizationTelemetryRuleProps); get organizationTelemetryRuleRef(): OrganizationTelemetryRuleReference; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnOrganizationTelemetryRule { /** * Defines how telemetry should be configured for specific AWS resources. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetryrule.html */ interface TelemetryRuleProperty { /** * Configuration specifying where and how the telemetry data should be delivered. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetryrule.html#cfn-observabilityadmin-organizationtelemetryrule-telemetryrule-destinationconfiguration */ readonly destinationConfiguration?: cdk.IResolvable | CfnOrganizationTelemetryRule.TelemetryDestinationConfigurationProperty; /** * The type of AWS resource to configure telemetry for (e.g., "AWS::EC2::VPC", "AWS::EKS::Cluster", "AWS::WAFv2::WebACL"). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetryrule.html#cfn-observabilityadmin-organizationtelemetryrule-telemetryrule-resourcetype */ readonly resourceType: string; /** * The organizational scope to which the rule applies, specified using accounts or organizational units. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetryrule.html#cfn-observabilityadmin-organizationtelemetryrule-telemetryrule-scope */ readonly scope?: string; /** * Criteria for selecting which resources the rule applies to, such as resource tags. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetryrule.html#cfn-observabilityadmin-organizationtelemetryrule-telemetryrule-selectioncriteria */ readonly selectionCriteria?: string; /** * The specific telemetry source types to configure for the resource, such as VPC_FLOW_LOGS or EKS_AUDIT_LOGS. * * TelemetrySourceTypes must be correlated with the specific resource type. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetryrule.html#cfn-observabilityadmin-organizationtelemetryrule-telemetryrule-telemetrysourcetypes */ readonly telemetrySourceTypes?: Array<string>; /** * The type of telemetry to collect (Logs, Metrics, or Traces). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetryrule.html#cfn-observabilityadmin-organizationtelemetryrule-telemetryrule-telemetrytype */ readonly telemetryType: string; } /** * Configuration specifying where and how telemetry data should be delivered for AWS resources. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration.html */ interface TelemetryDestinationConfigurationProperty { /** * Configuration parameters specific to AWS CloudTrail when CloudTrail is the source type. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration.html#cfn-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration-cloudtrailparameters */ readonly cloudtrailParameters?: CfnOrganizationTelemetryRule.CloudtrailParametersProperty | cdk.IResolvable; /** * The pattern used to generate the destination path or name, supporting macros like <resourceId> and <accountId>. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration.html#cfn-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration-destinationpattern */ readonly destinationPattern?: string; /** * The type of destination for the telemetry data (e.g., "Amazon CloudWatch Logs", "S3"). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration.html#cfn-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration-destinationtype */ readonly destinationType?: string; /** * Configuration parameters specific to ELB load balancer logging when ELB is the resource type. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration.html#cfn-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration-elbloadbalancerloggingparameters */ readonly elbLoadBalancerLoggingParameters?: CfnOrganizationTelemetryRule.ELBLoadBalancerLoggingParametersProperty | cdk.IResolvable; /** * The number of days to retain the telemetry data in the destination. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration.html#cfn-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration-retentionindays */ readonly retentionInDays?: number; /** * Configuration parameters specific to VPC Flow Logs when VPC is the resource type. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration.html#cfn-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration-vpcflowlogparameters */ readonly vpcFlowLogParameters?: cdk.IResolvable | CfnOrganizationTelemetryRule.VPCFlowLogParametersProperty; /** * Configuration parameters specific to WAF logging when WAF is the resource type. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration.html#cfn-observabilityadmin-organizationtelemetryrule-telemetrydestinationconfiguration-wafloggingparameters */ readonly wafLoggingParameters?: cdk.IResolvable | CfnOrganizationTelemetryRule.WAFLoggingParametersProperty; } /** * Configuration parameters specific to VPC Flow Logs. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-vpcflowlogparameters.html */ interface VPCFlowLogParametersProperty { /** * The format in which VPC Flow Log entries should be logged. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-vpcflowlogparameters.html#cfn-observabilityadmin-organizationtelemetryrule-vpcflowlogparameters-logformat */ readonly logFormat?: string; /** * The maximum interval in seconds between the capture of flow log records. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-vpcflowlogparameters.html#cfn-observabilityadmin-organizationtelemetryrule-vpcflowlogparameters-maxaggregationinterval */ readonly maxAggregationInterval?: number; /** * The type of traffic to log (ACCEPT, REJECT, or ALL). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-vpcflowlogparameters.html#cfn-observabilityadmin-organizationtelemetryrule-vpcflowlogparameters-traffictype */ readonly trafficType?: string; } /** * Parameters specific to AWS CloudTrail telemetry configuration. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-cloudtrailparameters.html */ interface CloudtrailParametersProperty { /** * The advanced event selectors to use for filtering AWS CloudTrail events. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-cloudtrailparameters.html#cfn-observabilityadmin-organizationtelemetryrule-cloudtrailparameters-advancedeventselectors */ readonly advancedEventSelectors: Array<CfnOrganizationTelemetryRule.AdvancedEventSelectorProperty | cdk.IResolvable> | cdk.IResolvable; } /** * Advanced event selectors let you create fine-grained selectors for management, data, and network activity events. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedeventselector.html */ interface AdvancedEventSelectorProperty { /** * Contains all selector statements in an advanced event selector. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedeventselector.html#cfn-observabilityadmin-organizationtelemetryrule-advancedeventselector-fieldselectors */ readonly fieldSelectors: Array<CfnOrganizationTelemetryRule.AdvancedFieldSelectorProperty | cdk.IResolvable> | cdk.IResolvable; /** * An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets". * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedeventselector.html#cfn-observabilityadmin-organizationtelemetryrule-advancedeventselector-name */ readonly name?: string; } /** * Defines criteria for selecting resources based on field values. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedfieldselector.html */ interface AdvancedFieldSelectorProperty { /** * Matches if the field value ends with the specified value. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedfieldselector.html#cfn-observabilityadmin-organizationtelemetryrule-advancedfieldselector-endswith */ readonly endsWith?: Array<string>; /** * Matches if the field value equals the specified value. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedfieldselector.html#cfn-observabilityadmin-organizationtelemetryrule-advancedfieldselector-equals */ readonly equalTo?: Array<string>; /** * The name of the field to use for selection. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedfieldselector.html#cfn-observabilityadmin-organizationtelemetryrule-advancedfieldselector-field */ readonly field?: string; /** * Matches if the field value does not end with the specified value. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedfieldselector.html#cfn-observabilityadmin-organizationtelemetryrule-advancedfieldselector-notendswith */ readonly notEndsWith?: Array<string>; /** * Matches if the field value does not equal the specified value. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedfieldselector.html#cfn-observabilityadmin-organizationtelemetryrule-advancedfieldselector-notequals */ readonly notEquals?: Array<string>; /** * Matches if the field value does not start with the specified value. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedfieldselector.html#cfn-observabilityadmin-organizationtelemetryrule-advancedfieldselector-notstartswith */ readonly notStartsWith?: Array<string>; /** * Matches if the field value starts with the specified value. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-advancedfieldselector.html#cfn-observabilityadmin-organizationtelemetryrule-advancedfieldselector-startswith */ readonly startsWith?: Array<string>; } /** * Configuration parameters for ELB load balancer logging, including output format and field delimiter settings. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-elbloadbalancerloggingparameters.html */ interface ELBLoadBalancerLoggingParametersProperty { /** * The delimiter character used to separate fields in ELB access log entries when using plain text format. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-elbloadbalancerloggingparameters.html#cfn-observabilityadmin-organizationtelemetryrule-elbloadbalancerloggingparameters-fielddelimiter */ readonly fieldDelimiter?: string; /** * The format for ELB access log entries (plain text or JSON format). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-elbloadbalancerloggingparameters.html#cfn-observabilityadmin-organizationtelemetryrule-elbloadbalancerloggingparameters-outputformat */ readonly outputFormat?: string; } /** * Configuration parameters for WAF logging, including redacted fields and logging filters. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-wafloggingparameters.html */ interface WAFLoggingParametersProperty { /** * A filter configuration that determines which WAF log records to include or exclude. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-wafloggingparameters.html#cfn-observabilityadmin-organizationtelemetryrule-wafloggingparameters-loggingfilter */ readonly loggingFilter?: cdk.IResolvable | CfnOrganizationTelemetryRule.LoggingFilterProperty; /** * The type of WAF logs to collect (currently supports WAF_LOGS). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-wafloggingparameters.html#cfn-observabilityadmin-organizationtelemetryrule-wafloggingparameters-logtype */ readonly logType?: string; /** * The fields to redact from WAF logs to protect sensitive information. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-wafloggingparameters.html#cfn-observabilityadmin-organizationtelemetryrule-wafloggingparameters-redactedfields */ readonly redactedFields?: Array<CfnOrganizationTelemetryRule.FieldToMatchProperty | cdk.IResolvable> | cdk.IResolvable; } /** * Specifies a field in the request to redact from WAF logs, such as headers, query parameters, or body content. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-fieldtomatch.html */ interface FieldToMatchProperty { /** * Redacts the HTTP method from WAF logs. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-fieldtomatch.html#cfn-observabilityadmin-organizationtelemetryrule-fieldtomatch-method */ readonly method?: string; /** * Redacts the entire query string from WAF logs. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-fieldtomatch.html#cfn-observabilityadmin-organizationtelemetryrule-fieldtomatch-querystring */ readonly queryString?: string; /** * Redacts a specific header field by name from WAF logs. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-fieldtomatch.html#cfn-observabilityadmin-organizationtelemetryrule-fieldtomatch-singleheader */ readonly singleHeader?: cdk.IResolvable | CfnOrganizationTelemetryRule.SingleHeaderProperty; /** * Redacts the URI path from WAF logs. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-fieldtomatch.html#cfn-observabilityadmin-organizationtelemetryrule-fieldtomatch-uripath */ readonly uriPath?: string; } /** * Structure containing a name field limited to 64 characters for header or query parameter identification. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-singleheader.html */ interface SingleHeaderProperty { /** * The name value, limited to 64 characters. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-singleheader.html#cfn-observabilityadmin-organizationtelemetryrule-singleheader-name */ readonly name: string; } /** * Configuration that determines which WAF log records to keep or drop based on specified conditions. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-loggingfilter.html */ interface LoggingFilterProperty { /** * The default action (KEEP or DROP) for log records that don't match any filter conditions. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-loggingfilter.html#cfn-observabilityadmin-organizationtelemetryrule-loggingfilter-defaultbehavior */ readonly defaultBehavior?: string; /** * A list of filter conditions that determine log record handling behavior. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-loggingfilter.html#cfn-observabilityadmin-organizationtelemetryrule-loggingfilter-filters */ readonly filters?: Array<CfnOrganizationTelemetryRule.FilterProperty | cdk.IResolvable> | cdk.IResolvable; } /** * A single filter condition that specifies behavior, requirement, and matching conditions for WAF log records. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-filter.html */ interface FilterProperty { /** * The action to take for log records matching this filter (KEEP or DROP). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-filter.html#cfn-observabilityadmin-organizationtelemetryrule-filter-behavior */ readonly behavior?: string; /** * The list of conditions that determine if a log record matches this filter. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-filter.html#cfn-observabilityadmin-organizationtelemetryrule-filter-conditions */ readonly conditions?: Array<CfnOrganizationTelemetryRule.ConditionProperty | cdk.IResolvable> | cdk.IResolvable; /** * Whether the log record must meet all conditions (MEETS_ALL) or any condition (MEETS_ANY) to match this filter. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-filter.html#cfn-observabilityadmin-organizationtelemetryrule-filter-requirement */ readonly requirement?: string; } /** * A single condition that can match based on WAF rule action or label name. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-condition.html */ interface ConditionProperty { /** * Matches log records based on the WAF rule action taken (ALLOW, BLOCK, COUNT, etc.). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-condition.html#cfn-observabilityadmin-organizationtelemetryrule-condition-actioncondition */ readonly actionCondition?: CfnOrganizationTelemetryRule.ActionConditionProperty | cdk.IResolvable; /** * Matches log records based on WAF rule labels applied to the request. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-condition.html#cfn-observabilityadmin-organizationtelemetryrule-condition-labelnamecondition */ readonly labelNameCondition?: cdk.IResolvable | CfnOrganizationTelemetryRule.LabelNameConditionProperty; } /** * Condition that matches based on the specific WAF action taken on the request. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-actioncondition.html */ interface ActionConditionProperty { /** * The WAF action to match against (ALLOW, BLOCK, COUNT, CAPTCHA, CHALLENGE, EXCLUDED_AS_COUNT). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-actioncondition.html#cfn-observabilityadmin-organizationtelemetryrule-actioncondition-action */ readonly action?: string; } /** * Condition that matches based on WAF rule labels, with label names limited to 1024 characters. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-labelnamecondition.html */ interface LabelNameConditionProperty { /** * The label name to match, supporting alphanumeric characters, underscores, hyphens, and colons. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationtelemetryrule-labelnamecondition.html#cfn-observabilityadmin-organizationtelemetryrule-labelnamecondition-labelname */ readonly labelName?: string; } } /** * Properties for defining a `CfnOrganizationTelemetryRule` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-organizationtelemetryrule.html */ export interface CfnOrganizationTelemetryRuleProps { /** * The name of the organization telemetry rule. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-organizationtelemetryrule.html#cfn-observabilityadmin-organizationtelemetryrule-rule */ readonly rule: cdk.IResolvable | CfnOrganizationTelemetryRule.TelemetryRuleProperty; /** * The name of the organization centralization rule. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-organizationtelemetryrule.html#cfn-observabilityadmin-organizationtelemetryrule-rulename */ readonly ruleName: string; /** * Lists all tags attached to the specified resource. * * Supports telemetry rule resources and telemetry pipeline resources. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-organizationtelemetryrule.html#cfn-observabilityadmin-organizationtelemetryrule-tags */ readonly tags?: Array<cdk.CfnTag>; } /** * Creates an integration between CloudWatch and S3 Tables for analytics. * * This integration enables querying CloudWatch telemetry data using analytics engines like Amazon Athena, Amazon Redshift, and Apache Spark. * * @cloudformationResource AWS::ObservabilityAdmin::S3TableIntegration * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-observabilityadmin-s3tableintegration.html */ export declare class CfnS3TableIntegration extends cdk.CfnResource implements cdk.IInspectable, IS3TableIntegrationRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnS3TableIntegration from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnS3TableIntegration; /** * Checks whether the given object is a CfnS3TableIntegration */ static isCfnS3TableIntegration(x: any): x is CfnS3TableIntegration; static arnForS3TableIntegration(resource: IS3TableIntegrationRef): string; /** * The ARN of the S3 Table Integration * * @cloudformationAttribute Arn */ readonly attrArn: string; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * Defines the encryption configuration for S3 Table integrations, including the encryption algorithm and KMS key settings. */ encryption: CfnS3TableIntegration.EncryptionConfigProperty | cdk.IResolvable; /** * The CloudWatch Logs data sources to associate with the S3 Table Integration. */ logSources?: Array<cdk.IResolvable | CfnS3TableIntegration.LogSourceProperty> | cdk.IResolvable; /** * The ARN of the role used to access the S3 Table Integration. */ roleArn: string; /** * An array of key-value pairs to apply to this resource. */ tags?: Array<cdk.CfnTag>; /** * Create a new `AWS::ObservabilityAdmin::S3TableIntegration`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnS3TableIntegrationProps); get s3TableIntegrationRef(): S3TableIntegrationReference; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnS3TableIntegration { /** * Encryption configuration for the S3 Table Integration. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-s3tableintegration-encryptionconfig.html */ interface EncryptionConfigProperty { /** * The ARN of the KMS key used to encrypt the S3 Table Integration. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-s3tableintegration-encryptionconfig.html#cfn-observabilityadmin-s3tableintegration-encryptionconfig-kmskeyarn */ readonly kmsKeyArn?: string; /** * The server-side encryption algorithm used to encrypt the S3 Table(s) data. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-s3tableintegration-encryptionconfig.html#cfn-observabi