aws.cloudtrail.EventDataStore
Provides a CloudTrail Event Data Store.
More information about event data stores can be found in the Event Data Store User Guide.
Tip: For an organization event data store you must create this resource in the management account.
Example Usage
Basic
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.CloudTrail.EventDataStore("example");
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudtrail"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudtrail.NewEventDataStore(ctx, "example", nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudtrail.EventDataStore;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new EventDataStore("example");
}
}
import pulumi
import pulumi_aws as aws
example = aws.cloudtrail.EventDataStore("example")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.cloudtrail.EventDataStore("example", {});
resources:
example:
type: aws:cloudtrail:EventDataStore
Log all DynamoDB PutEvent actions for a specific DynamoDB table
using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var table = Aws.DynamoDB.GetTable.Invoke(new()
{
Name = "not-important-dynamodb-table",
});
// ... other configuration ...
var example = new Aws.CloudTrail.EventDataStore("example", new()
{
AdvancedEventSelectors = new[]
{
new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorArgs
{
Name = "Log all DynamoDB PutEvent actions for a specific DynamoDB table",
FieldSelectors = new[]
{
new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs
{
Field = "eventCategory",
Equals = new[]
{
"Data",
},
},
new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs
{
Field = "resources.type",
Equals = new[]
{
"AWS::DynamoDB::Table",
},
},
new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs
{
Field = "eventName",
Equals = new[]
{
"PutItem",
},
},
new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs
{
Field = "resources.ARN",
Equals = new[]
{
table.Apply(getTableResult => getTableResult.Arn),
},
},
},
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudtrail"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/dynamodb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
table, err := dynamodb.LookupTable(ctx, &dynamodb.LookupTableArgs{
Name: "not-important-dynamodb-table",
}, nil)
if err != nil {
return err
}
_, err = cloudtrail.NewEventDataStore(ctx, "example", &cloudtrail.EventDataStoreArgs{
AdvancedEventSelectors: cloudtrail.EventDataStoreAdvancedEventSelectorArray{
&cloudtrail.EventDataStoreAdvancedEventSelectorArgs{
Name: pulumi.String("Log all DynamoDB PutEvent actions for a specific DynamoDB table"),
FieldSelectors: cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArray{
&cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{
Field: pulumi.String("eventCategory"),
Equals: pulumi.StringArray{
pulumi.String("Data"),
},
},
&cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{
Field: pulumi.String("resources.type"),
Equals: pulumi.StringArray{
pulumi.String("AWS::DynamoDB::Table"),
},
},
&cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{
Field: pulumi.String("eventName"),
Equals: pulumi.StringArray{
pulumi.String("PutItem"),
},
},
&cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{
Field: pulumi.String("resources.ARN"),
Equals: pulumi.StringArray{
*pulumi.String(table.Arn),
},
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.dynamodb.DynamodbFunctions;
import com.pulumi.aws.dynamodb.inputs.GetTableArgs;
import com.pulumi.aws.cloudtrail.EventDataStore;
import com.pulumi.aws.cloudtrail.EventDataStoreArgs;
import com.pulumi.aws.cloudtrail.inputs.EventDataStoreAdvancedEventSelectorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var table = DynamodbFunctions.getTable(GetTableArgs.builder()
.name("not-important-dynamodb-table")
.build());
var example = new EventDataStore("example", EventDataStoreArgs.builder()
.advancedEventSelectors(EventDataStoreAdvancedEventSelectorArgs.builder()
.name("Log all DynamoDB PutEvent actions for a specific DynamoDB table")
.fieldSelectors(
EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
.field("eventCategory")
.equals("Data")
.build(),
EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
.field("resources.type")
.equals("AWS::DynamoDB::Table")
.build(),
EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
.field("eventName")
.equals("PutItem")
.build(),
EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
.field("resources.ARN")
.equals(table.applyValue(getTableResult -> getTableResult.arn()))
.build())
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
table = aws.dynamodb.get_table(name="not-important-dynamodb-table")
# ... other configuration ...
example = aws.cloudtrail.EventDataStore("example", advanced_event_selectors=[aws.cloudtrail.EventDataStoreAdvancedEventSelectorArgs(
name="Log all DynamoDB PutEvent actions for a specific DynamoDB table",
field_selectors=[
aws.cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs(
field="eventCategory",
equals=["Data"],
),
aws.cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs(
field="resources.type",
equals=["AWS::DynamoDB::Table"],
),
aws.cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs(
field="eventName",
equals=["PutItem"],
),
aws.cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs(
field="resources.ARN",
equals=[table.arn],
),
],
)])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const table = aws.dynamodb.getTable({
name: "not-important-dynamodb-table",
});
// ... other configuration ...
const example = new aws.cloudtrail.EventDataStore("example", {advancedEventSelectors: [{
name: "Log all DynamoDB PutEvent actions for a specific DynamoDB table",
fieldSelectors: [
{
field: "eventCategory",
equals: ["Data"],
},
{
field: "resources.type",
equals: ["AWS::DynamoDB::Table"],
},
{
field: "eventName",
equals: ["PutItem"],
},
{
field: "resources.ARN",
equals: [table.then(table => table.arn)],
},
],
}]});
resources:
example:
type: aws:cloudtrail:EventDataStore
properties:
advancedEventSelectors:
- name: Log all DynamoDB PutEvent actions for a specific DynamoDB table
fieldSelectors:
- field: eventCategory
equals:
- Data
- field: resources.type
equals:
- AWS::DynamoDB::Table
- field: eventName
equals:
- PutItem
- field: resources.ARN
equals:
- ${table.arn}
variables:
table:
fn::invoke:
Function: aws:dynamodb:getTable
Arguments:
name: not-important-dynamodb-table
Create EventDataStore Resource
new EventDataStore(name: string, args?: EventDataStoreArgs, opts?: CustomResourceOptions);@overload
def EventDataStore(resource_name: str,
opts: Optional[ResourceOptions] = None,
advanced_event_selectors: Optional[Sequence[EventDataStoreAdvancedEventSelectorArgs]] = None,
kms_key_id: Optional[str] = None,
multi_region_enabled: Optional[bool] = None,
name: Optional[str] = None,
organization_enabled: Optional[bool] = None,
retention_period: Optional[int] = None,
tags: Optional[Mapping[str, str]] = None,
termination_protection_enabled: Optional[bool] = None)
@overload
def EventDataStore(resource_name: str,
args: Optional[EventDataStoreArgs] = None,
opts: Optional[ResourceOptions] = None)func NewEventDataStore(ctx *Context, name string, args *EventDataStoreArgs, opts ...ResourceOption) (*EventDataStore, error)public EventDataStore(string name, EventDataStoreArgs? args = null, CustomResourceOptions? opts = null)
public EventDataStore(String name, EventDataStoreArgs args)
public EventDataStore(String name, EventDataStoreArgs args, CustomResourceOptions options)
type: aws:cloudtrail:EventDataStore
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args EventDataStoreArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args EventDataStoreArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args EventDataStoreArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args EventDataStoreArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args EventDataStoreArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
EventDataStore Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The EventDataStore resource accepts the following input properties:
- Advanced
Event List<EventSelectors Data Store Advanced Event Selector Args> The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- Kms
Key stringId Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- Multi
Region boolEnabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- Name string
The name of the event data store.
- Organization
Enabled bool Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- Retention
Period int The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- Dictionary<string, string>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Termination
Protection boolEnabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
- Advanced
Event []EventSelectors Data Store Advanced Event Selector Args The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- Kms
Key stringId Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- Multi
Region boolEnabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- Name string
The name of the event data store.
- Organization
Enabled bool Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- Retention
Period int The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- map[string]string
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Termination
Protection boolEnabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
- advanced
Event List<EventSelectors Data Store Advanced Event Selector Args> The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- kms
Key StringId Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi
Region BooleanEnabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- name String
The name of the event data store.
- organization
Enabled Boolean Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- retention
Period Integer The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- Map<String,String>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- termination
Protection BooleanEnabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
- advanced
Event EventSelectors Data Store Advanced Event Selector Args[] The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- kms
Key stringId Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi
Region booleanEnabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- name string
The name of the event data store.
- organization
Enabled boolean Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- retention
Period number The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- {[key: string]: string}
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- termination
Protection booleanEnabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
- advanced_
event_ Sequence[Eventselectors Data Store Advanced Event Selector Args] The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- kms_
key_ strid Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi_
region_ boolenabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- name str
The name of the event data store.
- organization_
enabled bool Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- retention_
period int The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- Mapping[str, str]
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- termination_
protection_ boolenabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
- advanced
Event List<Property Map>Selectors The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- kms
Key StringId Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi
Region BooleanEnabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- name String
The name of the event data store.
- organization
Enabled Boolean Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- retention
Period Number The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- Map<String>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- termination
Protection BooleanEnabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
Outputs
All input properties are implicitly available as output properties. Additionally, the EventDataStore resource produces the following output properties:
Look up Existing EventDataStore Resource
Get an existing EventDataStore resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: EventDataStoreState, opts?: CustomResourceOptions): EventDataStore@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
advanced_event_selectors: Optional[Sequence[EventDataStoreAdvancedEventSelectorArgs]] = None,
arn: Optional[str] = None,
kms_key_id: Optional[str] = None,
multi_region_enabled: Optional[bool] = None,
name: Optional[str] = None,
organization_enabled: Optional[bool] = None,
retention_period: Optional[int] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
termination_protection_enabled: Optional[bool] = None) -> EventDataStorefunc GetEventDataStore(ctx *Context, name string, id IDInput, state *EventDataStoreState, opts ...ResourceOption) (*EventDataStore, error)public static EventDataStore Get(string name, Input<string> id, EventDataStoreState? state, CustomResourceOptions? opts = null)public static EventDataStore get(String name, Output<String> id, EventDataStoreState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Advanced
Event List<EventSelectors Data Store Advanced Event Selector Args> The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- Arn string
ARN of the event data store.
- Kms
Key stringId Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- Multi
Region boolEnabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- Name string
The name of the event data store.
- Organization
Enabled bool Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- Retention
Period int The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- Dictionary<string, string>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Dictionary<string, string>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- Termination
Protection boolEnabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
- Advanced
Event []EventSelectors Data Store Advanced Event Selector Args The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- Arn string
ARN of the event data store.
- Kms
Key stringId Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- Multi
Region boolEnabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- Name string
The name of the event data store.
- Organization
Enabled bool Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- Retention
Period int The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- map[string]string
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- map[string]string
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- Termination
Protection boolEnabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
- advanced
Event List<EventSelectors Data Store Advanced Event Selector Args> The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- arn String
ARN of the event data store.
- kms
Key StringId Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi
Region BooleanEnabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- name String
The name of the event data store.
- organization
Enabled Boolean Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- retention
Period Integer The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- Map<String,String>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Map<String,String>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- termination
Protection BooleanEnabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
- advanced
Event EventSelectors Data Store Advanced Event Selector Args[] The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- arn string
ARN of the event data store.
- kms
Key stringId Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi
Region booleanEnabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- name string
The name of the event data store.
- organization
Enabled boolean Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- retention
Period number The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- {[key: string]: string}
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- {[key: string]: string}
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- termination
Protection booleanEnabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
- advanced_
event_ Sequence[Eventselectors Data Store Advanced Event Selector Args] The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- arn str
ARN of the event data store.
- kms_
key_ strid Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi_
region_ boolenabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- name str
The name of the event data store.
- organization_
enabled bool Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- retention_
period int The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- Mapping[str, str]
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Mapping[str, str]
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- termination_
protection_ boolenabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
- advanced
Event List<Property Map>Selectors The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
- arn String
ARN of the event data store.
- kms
Key StringId Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi
Region BooleanEnabled Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default:
true.- name String
The name of the event data store.
- organization
Enabled Boolean Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default:
false.- retention
Period Number The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default:
2555.- Map<String>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Map<String>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- termination
Protection BooleanEnabled Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default:
true.
Supporting Types
EventDataStoreAdvancedEventSelector
- Field
Selectors List<EventData Store Advanced Event Selector Field Selector> Specifies the selector statements in an advanced event selector. Fields documented below.
- Name string
The name of the event data store.
- Field
Selectors []EventData Store Advanced Event Selector Field Selector Specifies the selector statements in an advanced event selector. Fields documented below.
- Name string
The name of the event data store.
- field
Selectors List<EventData Store Advanced Event Selector Field Selector> Specifies the selector statements in an advanced event selector. Fields documented below.
- name String
The name of the event data store.
- field
Selectors EventData Store Advanced Event Selector Field Selector[] Specifies the selector statements in an advanced event selector. Fields documented below.
- name string
The name of the event data store.
- field_
selectors Sequence[EventData Store Advanced Event Selector Field Selector] Specifies the selector statements in an advanced event selector. Fields documented below.
- name str
The name of the event data store.
- field
Selectors List<Property Map> Specifies the selector statements in an advanced event selector. Fields documented below.
- name String
The name of the event data store.
EventDataStoreAdvancedEventSelectorFieldSelector
- Ends
Withs List<string> A list of values that includes events that match the last few characters of the event record field specified as the value of
field.- Equals List<string>
A list of values that includes events that match the exact value of the event record field specified as the value of
field. This is the only valid operator that you can use with thereadOnly,eventCategory, andresources.typefields.- Field string
Specifies a field in an event record on which to filter events to be logged. You can specify only the following values:
readOnly,eventSource,eventName,eventCategory,resources.type,resources.ARN.- Not
Ends List<string>Withs A list of values that excludes events that match the last few characters of the event record field specified as the value of
field.- Not
Equals List<string> A list of values that excludes events that match the exact value of the event record field specified as the value of
field.- Not
Starts List<string>Withs A list of values that excludes events that match the first few characters of the event record field specified as the value of
field.- Starts
Withs List<string> A list of values that includes events that match the first few characters of the event record field specified as the value of
field.
- Ends
Withs []string A list of values that includes events that match the last few characters of the event record field specified as the value of
field.- Equals []string
A list of values that includes events that match the exact value of the event record field specified as the value of
field. This is the only valid operator that you can use with thereadOnly,eventCategory, andresources.typefields.- Field string
Specifies a field in an event record on which to filter events to be logged. You can specify only the following values:
readOnly,eventSource,eventName,eventCategory,resources.type,resources.ARN.- Not
Ends []stringWiths A list of values that excludes events that match the last few characters of the event record field specified as the value of
field.- Not
Equals []string A list of values that excludes events that match the exact value of the event record field specified as the value of
field.- Not
Starts []stringWiths A list of values that excludes events that match the first few characters of the event record field specified as the value of
field.- Starts
Withs []string A list of values that includes events that match the first few characters of the event record field specified as the value of
field.
- ends
Withs List<String> A list of values that includes events that match the last few characters of the event record field specified as the value of
field.- equals_ List<String>
A list of values that includes events that match the exact value of the event record field specified as the value of
field. This is the only valid operator that you can use with thereadOnly,eventCategory, andresources.typefields.- field String
Specifies a field in an event record on which to filter events to be logged. You can specify only the following values:
readOnly,eventSource,eventName,eventCategory,resources.type,resources.ARN.- not
Ends List<String>Withs A list of values that excludes events that match the last few characters of the event record field specified as the value of
field.- not
Equals List<String> A list of values that excludes events that match the exact value of the event record field specified as the value of
field.- not
Starts List<String>Withs A list of values that excludes events that match the first few characters of the event record field specified as the value of
field.- starts
Withs List<String> A list of values that includes events that match the first few characters of the event record field specified as the value of
field.
- ends
Withs string[] A list of values that includes events that match the last few characters of the event record field specified as the value of
field.- equals string[]
A list of values that includes events that match the exact value of the event record field specified as the value of
field. This is the only valid operator that you can use with thereadOnly,eventCategory, andresources.typefields.- field string
Specifies a field in an event record on which to filter events to be logged. You can specify only the following values:
readOnly,eventSource,eventName,eventCategory,resources.type,resources.ARN.- not
Ends string[]Withs A list of values that excludes events that match the last few characters of the event record field specified as the value of
field.- not
Equals string[] A list of values that excludes events that match the exact value of the event record field specified as the value of
field.- not
Starts string[]Withs A list of values that excludes events that match the first few characters of the event record field specified as the value of
field.- starts
Withs string[] A list of values that includes events that match the first few characters of the event record field specified as the value of
field.
- ends_
withs Sequence[str] A list of values that includes events that match the last few characters of the event record field specified as the value of
field.- equals Sequence[str]
A list of values that includes events that match the exact value of the event record field specified as the value of
field. This is the only valid operator that you can use with thereadOnly,eventCategory, andresources.typefields.- field str
Specifies a field in an event record on which to filter events to be logged. You can specify only the following values:
readOnly,eventSource,eventName,eventCategory,resources.type,resources.ARN.- not_
ends_ Sequence[str]withs A list of values that excludes events that match the last few characters of the event record field specified as the value of
field.- not_
equals Sequence[str] A list of values that excludes events that match the exact value of the event record field specified as the value of
field.- not_
starts_ Sequence[str]withs A list of values that excludes events that match the first few characters of the event record field specified as the value of
field.- starts_
withs Sequence[str] A list of values that includes events that match the first few characters of the event record field specified as the value of
field.
- ends
Withs List<String> A list of values that includes events that match the last few characters of the event record field specified as the value of
field.- equals List<String>
A list of values that includes events that match the exact value of the event record field specified as the value of
field. This is the only valid operator that you can use with thereadOnly,eventCategory, andresources.typefields.- field String
Specifies a field in an event record on which to filter events to be logged. You can specify only the following values:
readOnly,eventSource,eventName,eventCategory,resources.type,resources.ARN.- not
Ends List<String>Withs A list of values that excludes events that match the last few characters of the event record field specified as the value of
field.- not
Equals List<String> A list of values that excludes events that match the exact value of the event record field specified as the value of
field.- not
Starts List<String>Withs A list of values that excludes events that match the first few characters of the event record field specified as the value of
field.- starts
Withs List<String> A list of values that includes events that match the first few characters of the event record field specified as the value of
field.
Import
Event data stores can be imported using their arn, e.g.,
$ pulumi import aws:cloudtrail/eventDataStore:EventDataStore example arn:aws:cloudtrail:us-east-1:123456789123:eventdatastore/22333815-4414-412c-b155-dd254033gfhf
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.