FlowLogDestinationConfig
- class aws_cdk.aws_ec2.FlowLogDestinationConfig(*, log_destination_type, delivery_stream=None, delivery_stream_arn=None, destination_options=None, iam_role=None, key_prefix=None, log_group=None, s3_bucket=None)
Bases:
objectFlow Log Destination configuration.
- Parameters:
log_destination_type (
FlowLogDestinationType) – The type of destination to publish the flow logs to. Default: - CLOUD_WATCH_LOGSdelivery_stream (
Optional[IDeliveryStreamRef]) – The Amazon Data Firehose delivery stream to publish the flow logs to. Default: - undefineddelivery_stream_arn (
Optional[str]) – (deprecated) The ARN of Amazon Data Firehose delivery stream to publish the flow logs to. Default: - undefineddestination_options (
Union[DestinationOptions,Dict[str,Any],None]) – Options for writing flow logs to a supported destination. Default: - undefinediam_role (
Optional[IRole]) – The IAM role that allows Amazon EC2 to publish flow logs to the log destination. Required if the destination type is CloudWatch logs, or if the destination type is Amazon Data Firehose delivery stream and the delivery stream and the VPC are in different accounts. Default: - default IAM role is created for you if the destination type is CloudWatch logskey_prefix (
Optional[str]) – S3 bucket key prefix to publish the flow logs to. Default: - undefinedlog_group (
Optional[ILogGroupRef]) – The CloudWatch Logs Log Group to publish the flow logs to. Default: - default log group is created for yous3_bucket (
Optional[IBucket]) – S3 bucket to publish the flow logs to. Default: - undefined
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_ec2 as ec2 from aws_cdk import aws_iam as iam from aws_cdk import aws_s3 as s3 from aws_cdk.interfaces import aws_kinesisfirehose as interfaces_kinesisfirehose from aws_cdk.interfaces import aws_logs as interfaces_logs # bucket: s3.Bucket # delivery_stream_ref: interfaces_kinesisfirehose.IDeliveryStreamRef # log_group_ref: interfaces_logs.ILogGroupRef # role: iam.Role flow_log_destination_config = ec2.FlowLogDestinationConfig( log_destination_type=ec2.FlowLogDestinationType.CLOUD_WATCH_LOGS, # the properties below are optional delivery_stream=delivery_stream_ref, delivery_stream_arn="deliveryStreamArn", destination_options=ec2.DestinationOptions( file_format=ec2.FlowLogFileFormat.PLAIN_TEXT, hive_compatible_partitions=False, per_hour_partition=False ), iam_role=role, key_prefix="keyPrefix", log_group=log_group_ref, s3_bucket=bucket )
Attributes
- delivery_stream
The Amazon Data Firehose delivery stream to publish the flow logs to.
- Default:
undefined
- delivery_stream_arn
(deprecated) The ARN of Amazon Data Firehose delivery stream to publish the flow logs to.
- Default:
undefined
- Deprecated:
use deliveryStream
- Stability:
deprecated
- destination_options
Options for writing flow logs to a supported destination.
- Default:
undefined
- iam_role
The IAM role that allows Amazon EC2 to publish flow logs to the log destination.
Required if the destination type is CloudWatch logs, or if the destination type is Amazon Data Firehose delivery stream and the delivery stream and the VPC are in different accounts.
- Default:
default IAM role is created for you if the destination type is CloudWatch logs
- key_prefix
S3 bucket key prefix to publish the flow logs to.
- Default:
undefined
- log_destination_type
The type of destination to publish the flow logs to.
- Default:
CLOUD_WATCH_LOGS
- log_group
The CloudWatch Logs Log Group to publish the flow logs to.
- Default:
default log group is created for you
- s3_bucket
S3 bucket to publish the flow logs to.
- Default:
undefined