FlowLogProps

class aws_cdk.aws_ec2.FlowLogProps(*, destination=None, traffic_type=None, resource_type, flow_log_name=None)

Bases: aws_cdk.aws_ec2.FlowLogOptions

Properties of a VPC Flow Log.

Parameters

  • destination (Optional[FlowLogDestination]) – Specifies the type of destination to which the flow log data is to be published. Flow log data can be published to CloudWatch Logs or Amazon S3 Default: FlowLogDestinationType.toCloudWatchLogs()

  • traffic_type (Optional[FlowLogTrafficType]) – The type of traffic to log. You can log traffic that the resource accepts or rejects, or all traffic. Default: ALL

  • resource_type (FlowLogResourceType) – The type of resource for which to create the flow log.

  • flow_log_name (Optional[str]) – The name of the FlowLog. It is not recommended to use an explicit name. Default: If you don’t specify a flowLogName, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.

ExampleMetadata

infused

Example:

# vpc: ec2.Vpc


log_group = logs.LogGroup(self, "MyCustomLogGroup")

role = iam.Role(self, "MyCustomRole",
    assumed_by=iam.ServicePrincipal("vpc-flow-logs.amazonaws.com")
)

ec2.FlowLog(self, "FlowLog",
    resource_type=ec2.FlowLogResourceType.from_vpc(vpc),
    destination=ec2.FlowLogDestination.to_cloud_watch_logs(log_group, role)
)

Attributes

destination

Specifies the type of destination to which the flow log data is to be published.

Flow log data can be published to CloudWatch Logs or Amazon S3

Default

FlowLogDestinationType.toCloudWatchLogs()

Return type

Optional[FlowLogDestination]

flow_log_name

The name of the FlowLog.

It is not recommended to use an explicit name.

Default

If you don’t specify a flowLogName, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.

Return type

Optional[str]

resource_type

The type of resource for which to create the flow log.

Return type

FlowLogResourceType

traffic_type

The type of traffic to log.

You can log traffic that the resource accepts or rejects, or all traffic.

Default

ALL

Return type

Optional[FlowLogTrafficType]