AWS Classic v6.3.0, Sep 28 23

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.3.0 published on Thursday, Sep 28, 2023 by Pulumi

pulumi/pulumi-aws

aws.cloudtrail.EventDataStore

Explore with Pulumi AI

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.3.0 published on Thursday, Sep 28, 2023 by Pulumi

pulumi/pulumi-aws

Example Usage

Basic

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.CloudTrail.EventDataStore("example");

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudtrail.NewEventDataStore(ctx, "example", nil)
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudtrail.EventDataStore;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new EventDataStore("example");

    }
}

import pulumi
import pulumi_aws as aws

example = aws.cloudtrail.EventDataStore("example")

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.cloudtrail.EventDataStore("example", {});

resources:
  example:
    type: aws:cloudtrail:EventDataStore

Log all DynamoDB PutEvent actions for a specific DynamoDB table

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var table = Aws.DynamoDB.GetTable.Invoke(new()
    {
        Name = "not-important-dynamodb-table",
    });

    // ... other configuration ...
    var example = new Aws.CloudTrail.EventDataStore("example", new()
    {
        AdvancedEventSelectors = new[]
        {
            new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorArgs
            {
                Name = "Log all DynamoDB PutEvent actions for a specific DynamoDB table",
                FieldSelectors = new[]
                {
                    new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs
                    {
                        Field = "eventCategory",
                        Equals = new[]
                        {
                            "Data",
                        },
                    },
                    new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs
                    {
                        Field = "resources.type",
                        Equals = new[]
                        {
                            "AWS::DynamoDB::Table",
                        },
                    },
                    new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs
                    {
                        Field = "eventName",
                        Equals = new[]
                        {
                            "PutItem",
                        },
                    },
                    new Aws.CloudTrail.Inputs.EventDataStoreAdvancedEventSelectorFieldSelectorArgs
                    {
                        Field = "resources.ARN",
                        Equals = new[]
                        {
                            table.Apply(getTableResult => getTableResult.Arn),
                        },
                    },
                },
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudtrail"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/dynamodb"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		table, err := dynamodb.LookupTable(ctx, &dynamodb.LookupTableArgs{
			Name: "not-important-dynamodb-table",
		}, nil)
		if err != nil {
			return err
		}
		_, err = cloudtrail.NewEventDataStore(ctx, "example", &cloudtrail.EventDataStoreArgs{
			AdvancedEventSelectors: cloudtrail.EventDataStoreAdvancedEventSelectorArray{
				&cloudtrail.EventDataStoreAdvancedEventSelectorArgs{
					Name: pulumi.String("Log all DynamoDB PutEvent actions for a specific DynamoDB table"),
					FieldSelectors: cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArray{
						&cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{
							Field: pulumi.String("eventCategory"),
							Equals: pulumi.StringArray{
								pulumi.String("Data"),
							},
						},
						&cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{
							Field: pulumi.String("resources.type"),
							Equals: pulumi.StringArray{
								pulumi.String("AWS::DynamoDB::Table"),
							},
						},
						&cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{
							Field: pulumi.String("eventName"),
							Equals: pulumi.StringArray{
								pulumi.String("PutItem"),
							},
						},
						&cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs{
							Field: pulumi.String("resources.ARN"),
							Equals: pulumi.StringArray{
								*pulumi.String(table.Arn),
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.dynamodb.DynamodbFunctions;
import com.pulumi.aws.dynamodb.inputs.GetTableArgs;
import com.pulumi.aws.cloudtrail.EventDataStore;
import com.pulumi.aws.cloudtrail.EventDataStoreArgs;
import com.pulumi.aws.cloudtrail.inputs.EventDataStoreAdvancedEventSelectorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var table = DynamodbFunctions.getTable(GetTableArgs.builder()
            .name("not-important-dynamodb-table")
            .build());

        var example = new EventDataStore("example", EventDataStoreArgs.builder()        
            .advancedEventSelectors(EventDataStoreAdvancedEventSelectorArgs.builder()
                .name("Log all DynamoDB PutEvent actions for a specific DynamoDB table")
                .fieldSelectors(                
                    EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
                        .field("eventCategory")
                        .equals("Data")
                        .build(),
                    EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
                        .field("resources.type")
                        .equals("AWS::DynamoDB::Table")
                        .build(),
                    EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
                        .field("eventName")
                        .equals("PutItem")
                        .build(),
                    EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
                        .field("resources.ARN")
                        .equals(table.applyValue(getTableResult -> getTableResult.arn()))
                        .build())
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

table = aws.dynamodb.get_table(name="not-important-dynamodb-table")
# ... other configuration ...
example = aws.cloudtrail.EventDataStore("example", advanced_event_selectors=[aws.cloudtrail.EventDataStoreAdvancedEventSelectorArgs(
    name="Log all DynamoDB PutEvent actions for a specific DynamoDB table",
    field_selectors=[
        aws.cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs(
            field="eventCategory",
            equals=["Data"],
        ),
        aws.cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs(
            field="resources.type",
            equals=["AWS::DynamoDB::Table"],
        ),
        aws.cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs(
            field="eventName",
            equals=["PutItem"],
        ),
        aws.cloudtrail.EventDataStoreAdvancedEventSelectorFieldSelectorArgs(
            field="resources.ARN",
            equals=[table.arn],
        ),
    ],
)])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const table = aws.dynamodb.getTable({
    name: "not-important-dynamodb-table",
});
// ... other configuration ...
const example = new aws.cloudtrail.EventDataStore("example", {advancedEventSelectors: [{
    name: "Log all DynamoDB PutEvent actions for a specific DynamoDB table",
    fieldSelectors: [
        {
            field: "eventCategory",
            equals: ["Data"],
        },
        {
            field: "resources.type",
            equals: ["AWS::DynamoDB::Table"],
        },
        {
            field: "eventName",
            equals: ["PutItem"],
        },
        {
            field: "resources.ARN",
            equals: [table.then(table => table.arn)],
        },
    ],
}]});

resources:
  example:
    type: aws:cloudtrail:EventDataStore
    properties:
      advancedEventSelectors:
        - name: Log all DynamoDB PutEvent actions for a specific DynamoDB table
          fieldSelectors:
            - field: eventCategory
              equals:
                - Data
            - field: resources.type
              equals:
                - AWS::DynamoDB::Table
            - field: eventName
              equals:
                - PutItem
            - field: resources.ARN
              equals:
                - ${table.arn}
variables:
  table:
    fn::invoke:
      Function: aws:dynamodb:getTable
      Arguments:
        name: not-important-dynamodb-table

Create EventDataStore Resource

new EventDataStore(name: string, args?: EventDataStoreArgs, opts?: CustomResourceOptions);

@overload
def EventDataStore(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   advanced_event_selectors: Optional[Sequence[EventDataStoreAdvancedEventSelectorArgs]] = None,
                   kms_key_id: Optional[str] = None,
                   multi_region_enabled: Optional[bool] = None,
                   name: Optional[str] = None,
                   organization_enabled: Optional[bool] = None,
                   retention_period: Optional[int] = None,
                   tags: Optional[Mapping[str, str]] = None,
                   termination_protection_enabled: Optional[bool] = None)
@overload
def EventDataStore(resource_name: str,
                   args: Optional[EventDataStoreArgs] = None,
                   opts: Optional[ResourceOptions] = None)

func NewEventDataStore(ctx *Context, name string, args *EventDataStoreArgs, opts ...ResourceOption) (*EventDataStore, error)

public EventDataStore(string name, EventDataStoreArgs? args = null, CustomResourceOptions? opts = null)

public EventDataStore(String name, EventDataStoreArgs args)
public EventDataStore(String name, EventDataStoreArgs args, CustomResourceOptions options)

type: aws:cloudtrail:EventDataStore
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args EventDataStoreArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args EventDataStoreArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args EventDataStoreArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args EventDataStoreArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args EventDataStoreArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

EventDataStore Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The EventDataStore resource accepts the following input properties:

AdvancedEventSelectors List<EventDataStoreAdvancedEventSelector>: The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
KmsKeyId string: Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
MultiRegionEnabled bool: Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.
Name string: The name of the event data store.
OrganizationEnabled bool: Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.
RetentionPeriod int: The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.
Tags Dictionary<string, string>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
TerminationProtectionEnabled bool: Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: true.

AdvancedEventSelectors []EventDataStoreAdvancedEventSelectorArgs: The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
KmsKeyId string: Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
MultiRegionEnabled bool: Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.
Name string: The name of the event data store.
OrganizationEnabled bool: Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.
RetentionPeriod int: The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.
Tags map[string]string: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
TerminationProtectionEnabled bool: Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: true.

advancedEventSelectors List<EventDataStoreAdvancedEventSelector>: The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
kmsKeyId String: Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
multiRegionEnabled Boolean: Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.
name String: The name of the event data store.
organizationEnabled Boolean: Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.
retentionPeriod Integer: The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.
tags Map<String,String>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
terminationProtectionEnabled Boolean: Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: true.

advancedEventSelectors EventDataStoreAdvancedEventSelector[]: The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
kmsKeyId string: Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
multiRegionEnabled boolean: Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.
name string: The name of the event data store.
organizationEnabled boolean: Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.
retentionPeriod number: The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.
tags {[key: string]: string}: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
terminationProtectionEnabled boolean: Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: true.

advanced_event_selectors Sequence[EventDataStoreAdvancedEventSelectorArgs]: The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
kms_key_id str: Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
multi_region_enabled bool: Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.
name str: The name of the event data store.
organization_enabled bool: Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.
retention_period int: The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.
tags Mapping[str, str]: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
termination_protection_enabled bool: Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: true.

advancedEventSelectors List<Property Map>: The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
kmsKeyId String: Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
multiRegionEnabled Boolean: Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.
name String: The name of the event data store.
organizationEnabled Boolean: Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.
retentionPeriod Number: The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.
tags Map<String>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
terminationProtectionEnabled Boolean: Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: true.

Outputs

All input properties are implicitly available as output properties. Additionally, the EventDataStore resource produces the following output properties:

Arn string

ARN of the event data store.

Id string

The provider-assigned unique ID for this managed resource.

TagsAll Dictionary<string, string>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

Arn string

ARN of the event data store.

Id string

The provider-assigned unique ID for this managed resource.

TagsAll map[string]string

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

arn String

ARN of the event data store.

id String

The provider-assigned unique ID for this managed resource.

tagsAll Map<String,String>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

arn string

ARN of the event data store.

id string

The provider-assigned unique ID for this managed resource.

tagsAll {[key: string]: string}

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

arn str

ARN of the event data store.

id str

The provider-assigned unique ID for this managed resource.

tags_all Mapping[str, str]

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

arn String

ARN of the event data store.

id String

The provider-assigned unique ID for this managed resource.

tagsAll Map<String>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

Look up Existing EventDataStore Resource

Get an existing EventDataStore resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: EventDataStoreState, opts?: CustomResourceOptions): EventDataStore

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        advanced_event_selectors: Optional[Sequence[EventDataStoreAdvancedEventSelectorArgs]] = None,
        arn: Optional[str] = None,
        kms_key_id: Optional[str] = None,
        multi_region_enabled: Optional[bool] = None,
        name: Optional[str] = None,
        organization_enabled: Optional[bool] = None,
        retention_period: Optional[int] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None,
        termination_protection_enabled: Optional[bool] = None) -> EventDataStore

func GetEventDataStore(ctx *Context, name string, id IDInput, state *EventDataStoreState, opts ...ResourceOption) (*EventDataStore, error)

public static EventDataStore Get(string name, Input<string> id, EventDataStoreState? state, CustomResourceOptions? opts = null)

public static EventDataStore get(String name, Output<String> id, EventDataStoreState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AdvancedEventSelectors List<EventDataStoreAdvancedEventSelector>

The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.

Arn string

ARN of the event data store.

KmsKeyId string

Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.

MultiRegionEnabled bool

Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.

Name string

The name of the event data store.

OrganizationEnabled bool

Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.

RetentionPeriod int

The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.

Tags Dictionary<string, string>

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll Dictionary<string, string>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

TerminationProtectionEnabled bool

Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: true.

AdvancedEventSelectors []EventDataStoreAdvancedEventSelectorArgs

Arn string

ARN of the event data store.

KmsKeyId string

MultiRegionEnabled bool

Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.

Name string

The name of the event data store.

OrganizationEnabled bool

Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.

RetentionPeriod int

The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.

Tags map[string]string

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll map[string]string

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

TerminationProtectionEnabled bool

advancedEventSelectors List<EventDataStoreAdvancedEventSelector>

arn String

ARN of the event data store.

kmsKeyId String

multiRegionEnabled Boolean

Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.

name String

The name of the event data store.

organizationEnabled Boolean

Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.

retentionPeriod Integer

The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.

tags Map<String,String>

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String,String>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

terminationProtectionEnabled Boolean

advancedEventSelectors EventDataStoreAdvancedEventSelector[]

arn string

ARN of the event data store.

kmsKeyId string

multiRegionEnabled boolean

Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.

name string

The name of the event data store.

organizationEnabled boolean

Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.

retentionPeriod number

The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.

tags {[key: string]: string}

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll {[key: string]: string}

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

terminationProtectionEnabled boolean

advanced_event_selectors Sequence[EventDataStoreAdvancedEventSelectorArgs]

arn str

ARN of the event data store.

kms_key_id str

multi_region_enabled bool

Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.

name str

The name of the event data store.

organization_enabled bool

Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.

retention_period int

The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.

tags Mapping[str, str]

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tags_all Mapping[str, str]

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

termination_protection_enabled bool

advancedEventSelectors List<Property Map>

arn String

ARN of the event data store.

kmsKeyId String

multiRegionEnabled Boolean

Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.

name String

The name of the event data store.

organizationEnabled Boolean

Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.

retentionPeriod Number

The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.

tags Map<String>

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

terminationProtectionEnabled Boolean

Supporting Types

EventDataStoreAdvancedEventSelector, EventDataStoreAdvancedEventSelectorArgs

FieldSelectors List<EventDataStoreAdvancedEventSelectorFieldSelector>: Specifies the selector statements in an advanced event selector. Fields documented below.
Name string: Specifies the name of the advanced event selector.

FieldSelectors []EventDataStoreAdvancedEventSelectorFieldSelector: Specifies the selector statements in an advanced event selector. Fields documented below.
Name string: Specifies the name of the advanced event selector.

fieldSelectors List<EventDataStoreAdvancedEventSelectorFieldSelector>: Specifies the selector statements in an advanced event selector. Fields documented below.
name String: Specifies the name of the advanced event selector.

fieldSelectors EventDataStoreAdvancedEventSelectorFieldSelector[]: Specifies the selector statements in an advanced event selector. Fields documented below.
name string: Specifies the name of the advanced event selector.

field_selectors Sequence[EventDataStoreAdvancedEventSelectorFieldSelector]: Specifies the selector statements in an advanced event selector. Fields documented below.
name str: Specifies the name of the advanced event selector.

fieldSelectors List<Property Map>: Specifies the selector statements in an advanced event selector. Fields documented below.
name String: Specifies the name of the advanced event selector.

EventDataStoreAdvancedEventSelectorFieldSelector, EventDataStoreAdvancedEventSelectorFieldSelectorArgs

EndsWiths List<string>: A list of values that includes events that match the last few characters of the event record field specified as the value of field.
Equals List<string>: A list of values that includes events that match the exact value of the event record field specified as the value of field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
Field string: Specifies a field in an event record on which to filter events to be logged. You can specify only the following values: readOnly, eventSource, eventName, eventCategory, resources.type, resources.ARN.
NotEndsWiths List<string>: A list of values that excludes events that match the last few characters of the event record field specified as the value of field.
NotEquals List<string>: A list of values that excludes events that match the exact value of the event record field specified as the value of field.
NotStartsWiths List<string>: A list of values that excludes events that match the first few characters of the event record field specified as the value of field.
StartsWiths List<string>: A list of values that includes events that match the first few characters of the event record field specified as the value of field.

EndsWiths []string: A list of values that includes events that match the last few characters of the event record field specified as the value of field.
Equals []string: A list of values that includes events that match the exact value of the event record field specified as the value of field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
Field string: Specifies a field in an event record on which to filter events to be logged. You can specify only the following values: readOnly, eventSource, eventName, eventCategory, resources.type, resources.ARN.
NotEndsWiths []string: A list of values that excludes events that match the last few characters of the event record field specified as the value of field.
NotEquals []string: A list of values that excludes events that match the exact value of the event record field specified as the value of field.
NotStartsWiths []string: A list of values that excludes events that match the first few characters of the event record field specified as the value of field.
StartsWiths []string: A list of values that includes events that match the first few characters of the event record field specified as the value of field.

endsWiths List<String>: A list of values that includes events that match the last few characters of the event record field specified as the value of field.
equals_ List<String>: A list of values that includes events that match the exact value of the event record field specified as the value of field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
field String: Specifies a field in an event record on which to filter events to be logged. You can specify only the following values: readOnly, eventSource, eventName, eventCategory, resources.type, resources.ARN.
notEndsWiths List<String>: A list of values that excludes events that match the last few characters of the event record field specified as the value of field.
notEquals List<String>: A list of values that excludes events that match the exact value of the event record field specified as the value of field.
notStartsWiths List<String>: A list of values that excludes events that match the first few characters of the event record field specified as the value of field.
startsWiths List<String>: A list of values that includes events that match the first few characters of the event record field specified as the value of field.

endsWiths string[]: A list of values that includes events that match the last few characters of the event record field specified as the value of field.
equals string[]: A list of values that includes events that match the exact value of the event record field specified as the value of field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
field string: Specifies a field in an event record on which to filter events to be logged. You can specify only the following values: readOnly, eventSource, eventName, eventCategory, resources.type, resources.ARN.
notEndsWiths string[]: A list of values that excludes events that match the last few characters of the event record field specified as the value of field.
notEquals string[]: A list of values that excludes events that match the exact value of the event record field specified as the value of field.
notStartsWiths string[]: A list of values that excludes events that match the first few characters of the event record field specified as the value of field.
startsWiths string[]: A list of values that includes events that match the first few characters of the event record field specified as the value of field.

ends_withs Sequence[str]: A list of values that includes events that match the last few characters of the event record field specified as the value of field.
equals Sequence[str]: A list of values that includes events that match the exact value of the event record field specified as the value of field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
field str: Specifies a field in an event record on which to filter events to be logged. You can specify only the following values: readOnly, eventSource, eventName, eventCategory, resources.type, resources.ARN.
not_ends_withs Sequence[str]: A list of values that excludes events that match the last few characters of the event record field specified as the value of field.
not_equals Sequence[str]: A list of values that excludes events that match the exact value of the event record field specified as the value of field.
not_starts_withs Sequence[str]: A list of values that excludes events that match the first few characters of the event record field specified as the value of field.
starts_withs Sequence[str]: A list of values that includes events that match the first few characters of the event record field specified as the value of field.

endsWiths List<String>: A list of values that includes events that match the last few characters of the event record field specified as the value of field.
equals List<String>: A list of values that includes events that match the exact value of the event record field specified as the value of field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
field String: Specifies a field in an event record on which to filter events to be logged. You can specify only the following values: readOnly, eventSource, eventName, eventCategory, resources.type, resources.ARN.
notEndsWiths List<String>: A list of values that excludes events that match the last few characters of the event record field specified as the value of field.
notEquals List<String>: A list of values that excludes events that match the exact value of the event record field specified as the value of field.
notStartsWiths List<String>: A list of values that excludes events that match the first few characters of the event record field specified as the value of field.
startsWiths List<String>: A list of values that includes events that match the first few characters of the event record field specified as the value of field.

Import

Using pulumi import, import event data stores using their arn. For example:

 $ pulumi import aws:cloudtrail/eventDataStore:EventDataStore example arn:aws:cloudtrail:us-east-1:123456789123:eventdatastore/22333815-4414-412c-b155-dd254033gfhf

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.3.0 published on Thursday, Sep 28, 2023 by Pulumi

pulumi/pulumi-aws

aws.cloudtrail.EventDataStore

On this page

On this page

Example Usage

Basic

Log all DynamoDB PutEvent actions for a specific DynamoDB table

Create EventDataStore Resource

EventDataStore Resource Properties

Inputs

Outputs

Look up Existing EventDataStore Resource

Supporting Types

EventDataStoreAdvancedEventSelector, EventDataStoreAdvancedEventSelectorArgs

EventDataStoreAdvancedEventSelectorFieldSelector, EventDataStoreAdvancedEventSelectorFieldSelectorArgs

Import

Package Details

On this page

On this page