pulumi-alicloud-kotlin/com.pulumi.alicloud.log.kotlin/Audit

Audit

class Audit : KotlinCustomResource

SLS log audit exists in the form of log service app. In addition to inheriting all SLS functions, it also enhances the real-time automatic centralized collection of audit related logs across multi cloud products under multi accounts, and provides support for storage, query and information summary required by audit. It covers actiontrail, OSS, NAS, SLB, API gateway, RDS, WAF, cloud firewall, cloud security center and other products.

NOTE: Available since v1.81.0

Example Usage

Basic Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.log.Audit;
import com.pulumi.alicloud.log.AuditArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var default = AlicloudFunctions.getAccount();
        var example = new Audit("example", AuditArgs.builder()
            .displayName("tf-audit-example")
            .aliuid(default_.id())
            .variableMap(Map.ofEntries(
                Map.entry("actiontrail_enabled", "true"),
                Map.entry("actiontrail_ttl", "180"),
                Map.entry("oss_access_enabled", "true"),
                Map.entry("oss_access_ttl", "7"),
                Map.entry("oss_sync_enabled", "true"),
                Map.entry("oss_sync_ttl", "180"),
                Map.entry("oss_metering_enabled", "true"),
                Map.entry("oss_metering_ttl", "180"),
                Map.entry("rds_enabled", "true"),
                Map.entry("rds_audit_collection_policy", ""),
                Map.entry("rds_ttl", "180"),
                Map.entry("rds_slow_enabled", "false"),
                Map.entry("rds_slow_collection_policy", ""),
                Map.entry("rds_slow_ttl", "180"),
                Map.entry("rds_perf_enabled", "false"),
                Map.entry("rds_perf_collection_policy", ""),
                Map.entry("rds_perf_ttl", "180"),
                Map.entry("vpc_flow_enabled", "false"),
                Map.entry("vpc_flow_ttl", "7"),
                Map.entry("vpc_flow_collection_policy", ""),
                Map.entry("vpc_sync_enabled", "true"),
                Map.entry("vpc_sync_ttl", "180"),
                Map.entry("polardb_enabled", "true"),
                Map.entry("polardb_audit_collection_policy", ""),
                Map.entry("polardb_ttl", "180"),
                Map.entry("polardb_slow_enabled", "false"),
                Map.entry("polardb_slow_collection_policy", ""),
                Map.entry("polardb_slow_ttl", "180"),
                Map.entry("polardb_perf_enabled", "false"),
                Map.entry("polardb_perf_collection_policy", ""),
                Map.entry("polardb_perf_ttl", "180"),
                Map.entry("drds_audit_enabled", "true"),
                Map.entry("drds_audit_collection_policy", ""),
                Map.entry("drds_audit_ttl", "7"),
                Map.entry("drds_sync_enabled", "true"),
                Map.entry("drds_sync_ttl", "180"),
                Map.entry("slb_access_enabled", "true"),
                Map.entry("slb_access_collection_policy", ""),
                Map.entry("slb_access_ttl", "7"),
                Map.entry("slb_sync_enabled", "true"),
                Map.entry("slb_sync_ttl", "180"),
                Map.entry("bastion_enabled", "true"),
                Map.entry("bastion_ttl", "180"),
                Map.entry("waf_enabled", "true"),
                Map.entry("waf_ttl", "180"),
                Map.entry("cloudfirewall_enabled", "true"),
                Map.entry("cloudfirewall_ttl", "180"),
                Map.entry("ddos_coo_access_enabled", "false"),
                Map.entry("ddos_coo_access_ttl", "180"),
                Map.entry("ddos_bgp_access_enabled", "false"),
                Map.entry("ddos_bgp_access_ttl", "180"),
                Map.entry("ddos_dip_access_enabled", "false"),
                Map.entry("ddos_dip_access_ttl", "180"),
                Map.entry("sas_crack_enabled", "true"),
                Map.entry("sas_dns_enabled", "true"),
                Map.entry("sas_http_enabled", "true"),
                Map.entry("sas_local_dns_enabled", "true"),
                Map.entry("sas_login_enabled", "true"),
                Map.entry("sas_network_enabled", "true"),
                Map.entry("sas_process_enabled", "true"),
                Map.entry("sas_security_alert_enabled", "true"),
                Map.entry("sas_security_hc_enabled", "true"),
                Map.entry("sas_security_vul_enabled", "true"),
                Map.entry("sas_session_enabled", "true"),
                Map.entry("sas_snapshot_account_enabled", "true"),
                Map.entry("sas_snapshot_port_enabled", "true"),
                Map.entry("sas_snapshot_process_enabled", "true"),
                Map.entry("sas_ttl", "180"),
                Map.entry("apigateway_enabled", "true"),
                Map.entry("apigateway_ttl", "180"),
                Map.entry("nas_enabled", "true"),
                Map.entry("nas_ttl", "180"),
                Map.entry("appconnect_enabled", "false"),
                Map.entry("appconnect_ttl", "180"),
                Map.entry("cps_enabled", "true"),
                Map.entry("cps_ttl", "180"),
                Map.entry("k8s_audit_enabled", "true"),
                Map.entry("k8s_audit_collection_policy", ""),
                Map.entry("k8s_audit_ttl", "180"),
                Map.entry("k8s_event_enabled", "true"),
                Map.entry("k8s_event_collection_policy", ""),
                Map.entry("k8s_event_ttl", "180"),
                Map.entry("k8s_ingress_enabled", "true"),
                Map.entry("k8s_ingress_collection_policy", ""),
                Map.entry("k8s_ingress_ttl", "180")
            ))
            .build());
    }
}
Content copied to clipboard

Import

Log audit can be imported using the id, e.g.

$ pulumi import alicloud:log/audit:Audit example tf-audit-example
Content copied to clipboard

Properties

Link copied to clipboard
val aliuid: Output<String>

Aliuid value of your account.

Link copied to clipboard
val displayName: Output<String>

Name of SLS log audit.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val multiAccounts: Output<List<String>>?

Multi-account configuration, please fill in multiple aliuid.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val resourceDirectoryType: Output<String>?

Resource Directory type. Optional values are all or custom. If the value is custom, argument multi_account should be provided.

Link copied to clipboard
val urn: Output<String>
Link copied to clipboard
val variableMap: Output<Map<String, Any>>?

Log audit detailed configuration.