interface ExecuteCommandLogConfiguration

Language	Type name
.NET	`Amazon.CDK.AWS.ECS.ExecuteCommandLogConfiguration`
Java	`software.amazon.awscdk.services.ecs.ExecuteCommandLogConfiguration`
Python	`aws_cdk.aws_ecs.ExecuteCommandLogConfiguration`
TypeScript (source)	`@aws-cdk/aws-ecs` » `ExecuteCommandLogConfiguration`

The log configuration for the results of the execute command actions.

The logs can be sent to CloudWatch Logs and/ or an Amazon S3 bucket. For more information, see [ExecuteCommandLogConfiguration] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-cluster-executecommandlogconfiguration.html

Example

declare const vpc: ec2.Vpc;
const kmsKey = new kms.Key(this, 'KmsKey');

// Pass the KMS key in the `encryptionKey` field to associate the key to the log group
const logGroup = new logs.LogGroup(this, 'LogGroup', {
  encryptionKey: kmsKey,
});

// Pass the KMS key in the `encryptionKey` field to associate the key to the S3 bucket
const execBucket = new s3.Bucket(this, 'EcsExecBucket', {
  encryptionKey: kmsKey,
});

const cluster = new ecs.Cluster(this, 'Cluster', {
  vpc,
  executeCommandConfiguration: {
    kmsKey,
    logConfiguration: {
      cloudWatchLogGroup: logGroup,
      cloudWatchEncryptionEnabled: true,
      s3Bucket: execBucket,
      s3EncryptionEnabled: true,
      s3KeyPrefix: 'exec-command-output',
    },
    logging: ecs.ExecuteCommandLogging.OVERRIDE,
  },
});

Properties

Name	Type	Description
cloudWatchEncryptionEnabled?	`boolean`	Whether or not to enable encryption on the CloudWatch logs.
cloudWatchLogGroup?	`ILogGroup`	The name of the CloudWatch log group to send logs to.
s3Bucket?	`IBucket`	The name of the S3 bucket to send logs to.
s3EncryptionEnabled?	`boolean`	Whether or not to enable encryption on the CloudWatch logs.
s3KeyPrefix?	`string`	An optional folder in the S3 bucket to place logs in.

cloudWatchEncryptionEnabled?

Type: boolean (optional, default: encryption will be disabled.)

Whether or not to enable encryption on the CloudWatch logs.

cloudWatchLogGroup?

Type: ILogGroup (optional, default: none)

The name of the CloudWatch log group to send logs to.

The CloudWatch log group must already be created.

s3Bucket?

Type: IBucket (optional, default: none)

The name of the S3 bucket to send logs to.

The S3 bucket must already be created.

s3EncryptionEnabled?

Type: boolean (optional, default: encryption will be disabled.)

Whether or not to enable encryption on the CloudWatch logs.

s3KeyPrefix?

Type: string (optional, default: none)

An optional folder in the S3 bucket to place logs in.