SubscriberResource

Provides details about the Amazon Security Lake account subscription. Subscribers are notified of new objects for a source as the data is written to your Amazon S3 bucket for Security Lake.

Contents

sources

Amazon Security Lake supports log and event collection for natively supported AWS services. For more information, see the Amazon Security Lake User Guide.

Type: Array of LogSourceResource objects

Required: Yes

subscriberArn

The subscriber ARN of the Amazon Security Lake subscriber account.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1011.

Pattern: ^arn:aws:securitylake:[A-za-z0-9_/.\-]{0,63}:[A-za-z0-9_/.\-]{0,63}:[A-Za-z0-9][A-za-z0-9_/.\-]{0,127}$

Required: Yes

subscriberId

The subscriber ID of the Amazon Security Lake subscriber account.

Type: String

Pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$

Required: Yes

subscriberIdentity

The AWS identity used to access your data.

Type: AwsIdentity object

Required: Yes

subscriberName

The name of your Amazon Security Lake subscriber account.

Type: String

Pattern: ^[\\\w\-_:/.@=+]*$

Required: Yes

accessTypes

You can choose to notify subscribers of new objects with an Amazon Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the subscriber.

Subscribers can consume data by directly querying AWS Lake Formation tables in your Amazon S3 bucket through services like Amazon Athena. This subscription type is defined as LAKEFORMATION.

Type: Array of strings

Valid Values: LAKEFORMATION | S3

Required: No

createdAt

The date and time when the subscriber was created.

Type: Timestamp

Required: No

resourceShareArn

The Amazon Resource Name (ARN) which uniquely defines the AWS RAM resource share. Before accepting the RAM resource share invitation, you can view details related to the RAM resource share.

This field is available only for Lake Formation subscribers created after March 8, 2023.

Type: String

Required: No

resourceShareName

The name of the resource share.

Type: String

Pattern: ^LakeFormation(?:-V[0-9]+)-([a-zA-Z0-9]+)-([\\\w\-_:/.@=+]*)$

Required: No

roleArn

The Amazon Resource Name (ARN) specifying the role of the subscriber.

Type: String

Pattern: ^arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$

Required: No

s3BucketArn

The ARN for the Amazon S3 bucket.

Type: String

Required: No

subscriberDescription

The subscriber descriptions for a subscriber account. The description for a subscriber includes subscriberName, accountID, externalID, and subscriberId.

Type: String

Pattern: ^[\\\w\-_:/.@=+]*$

Required: No

subscriberEndpoint

The subscriber endpoint to which exception messages are posted.

Type: String

Pattern: ^[\\\w\-_:/.@=+]*$

Required: No

subscriberStatus

The subscriber status of the Amazon Security Lake subscriber account.

Type: String

Valid Values: ACTIVE | DEACTIVATED | PENDING | READY

Required: No

updatedAt

The date and time when the subscriber was last updated.

Type: Timestamp

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Go

• AWS SDK for Java V2

• AWS SDK for Ruby V3