Class CfnFlowLog
Specifies a VPC flow log that captures IP traffic for a specified network interface, subnet, or VPC.
Inherited Members
Namespace: Amazon.CDK.AWS.EC2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnFlowLog : CfnResource, IInspectable, ITaggable
Syntax (vb)
Public Class CfnFlowLog
Inherits CfnResource
Implements IInspectable, ITaggable
Remarks
To view the log data, use Amazon CloudWatch Logs (CloudWatch Logs) to help troubleshoot connection issues. For example, you can use a flow log to investigate why certain traffic isn't reaching an instance, which can help you diagnose overly restrictive security group rules. For more information, see VPC Flow Logs in the Amazon VPC User Guide .
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-flowlog.html
CloudformationResource: AWS::EC2::FlowLog
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.EC2;
var destinationOptions;
var cfnFlowLog = new CfnFlowLog(this, "MyCfnFlowLog", new CfnFlowLogProps {
ResourceId = "resourceId",
ResourceType = "resourceType",
// the properties below are optional
DeliverCrossAccountRole = "deliverCrossAccountRole",
DeliverLogsPermissionArn = "deliverLogsPermissionArn",
DestinationOptions = destinationOptions,
LogDestination = "logDestination",
LogDestinationType = "logDestinationType",
LogFormat = "logFormat",
LogGroupName = "logGroupName",
MaxAggregationInterval = 123,
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} },
TrafficType = "trafficType"
});
Synopsis
Constructors
CfnFlowLog(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
CfnFlowLog(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
CfnFlowLog(Construct, String, ICfnFlowLogProps) |
Properties
AttrId | The ID of the flow log. |
CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
CfnProperties | |
DeliverCrossAccountRole | The ARN of the IAM role that allows the service to publish flow logs across accounts. |
DeliverLogsPermissionArn | The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination. |
DestinationOptions | The destination options. |
LogDestination | The destination for the flow log data. |
LogDestinationType | The type of destination for the flow log data. |
LogFormat | The fields to include in the flow log record, in the order in which they should appear. |
LogGroupName | The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs. |
MaxAggregationInterval | The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. |
ResourceId | The ID of the resource to monitor. |
ResourceType | The type of resource to monitor. |
Tags | Tag Manager which manages the tags for this resource. |
TagsRaw | The tags to apply to the flow logs. |
TrafficType | The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). |
Methods
Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
RenderProperties(IDictionary<String, Object>) |
Constructors
CfnFlowLog(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnFlowLog(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnFlowLog(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnFlowLog(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
CfnFlowLog(Construct, String, ICfnFlowLogProps)
public CfnFlowLog(Construct scope, string id, ICfnFlowLogProps props)
Parameters
- scope Constructs.Construct
Scope in which this resource is defined.
- id System.String
Construct identifier for this resource (unique in its scope).
- props ICfnFlowLogProps
Resource properties.
Properties
AttrId
The ID of the flow log.
public virtual string AttrId { get; }
Property Value
System.String
Remarks
For example, fl-123456abc123abc1
.
CloudformationAttribute: Id
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
DeliverCrossAccountRole
The ARN of the IAM role that allows the service to publish flow logs across accounts.
public virtual string DeliverCrossAccountRole { get; set; }
Property Value
System.String
DeliverLogsPermissionArn
The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.
public virtual string DeliverLogsPermissionArn { get; set; }
Property Value
System.String
DestinationOptions
The destination options.
public virtual object DestinationOptions { get; set; }
Property Value
System.Object
LogDestination
The destination for the flow log data.
public virtual string LogDestination { get; set; }
Property Value
System.String
Remarks
The meaning of this parameter depends on the destination type.
LogDestinationType
The type of destination for the flow log data.
public virtual string LogDestinationType { get; set; }
Property Value
System.String
LogFormat
The fields to include in the flow log record, in the order in which they should appear.
public virtual string LogFormat { get; set; }
Property Value
System.String
LogGroupName
The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.
public virtual string LogGroupName { get; set; }
Property Value
System.String
MaxAggregationInterval
The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record.
public virtual Nullable<double> MaxAggregationInterval { get; set; }
Property Value
System.Nullable<System.Double>
ResourceId
The ID of the resource to monitor.
public virtual string ResourceId { get; set; }
Property Value
System.String
ResourceType
The type of resource to monitor.
public virtual string ResourceType { get; set; }
Property Value
System.String
Tags
Tag Manager which manages the tags for this resource.
public virtual TagManager Tags { get; }
Property Value
TagsRaw
The tags to apply to the flow logs.
public virtual ICfnTag[] TagsRaw { get; set; }
Property Value
ICfnTag[]
TrafficType
The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic).
public virtual string TrafficType { get; set; }
Property Value
System.String
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)
Parameters
- inspector TreeInspector
tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>