get
suspend fun getLogDataProtectionPolicyDocument(argument: GetLogDataProtectionPolicyDocumentPlainArgs): GetLogDataProtectionPolicyDocumentResult
Generates a CloudWatch Log Group Data Protection Policy document in JSON format for use with the aws.cloudwatch.LogDataProtectionPolicy resource.
For more information about data protection policies, see the Help protect sensitive log data with masking.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudwatch.CloudwatchFunctions;
import com.pulumi.aws.cloudwatch.inputs.GetLogDataProtectionPolicyDocumentArgs;
import com.pulumi.aws.cloudwatch.LogDataProtectionPolicy;
import com.pulumi.aws.cloudwatch.LogDataProtectionPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var exampleLogDataProtectionPolicyDocument = CloudwatchFunctions.getLogDataProtectionPolicyDocument(GetLogDataProtectionPolicyDocumentArgs.builder()
.name("Example")
.statements(
GetLogDataProtectionPolicyDocumentStatementArgs.builder()
.sid("Audit")
.dataIdentifiers(
"arn:aws:dataprotection::aws:data-identifier/EmailAddress",
"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US")
.operation(GetLogDataProtectionPolicyDocumentStatementOperationArgs.builder()
.audit(GetLogDataProtectionPolicyDocumentStatementOperationAuditArgs.builder()
.findingsDestination(GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationArgs.builder()
.cloudwatchLogs(GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationCloudwatchLogsArgs.builder()
.logGroup(aws_cloudwatch_log_group.audit().name())
.build())
.firehose(GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationFirehoseArgs.builder()
.deliveryStream(aws_kinesis_firehose_delivery_stream.audit().name())
.build())
.s3(GetLogDataProtectionPolicyDocumentStatementOperationAuditFindingsDestinationS3Args.builder()
.bucket(aws_s3_bucket.audit().bucket())
.build())
.build())
.build())
.build())
.build(),
GetLogDataProtectionPolicyDocumentStatementArgs.builder()
.sid("Deidentify")
.dataIdentifiers(
"arn:aws:dataprotection::aws:data-identifier/EmailAddress",
"arn:aws:dataprotection::aws:data-identifier/DriversLicense-US")
.operation(GetLogDataProtectionPolicyDocumentStatementOperationArgs.builder()
.deidentify(GetLogDataProtectionPolicyDocumentStatementOperationDeidentifyArgs.builder()
.maskConfig()
.build())
.build())
.build())
.build());
var exampleLogDataProtectionPolicy = new LogDataProtectionPolicy("exampleLogDataProtectionPolicy", LogDataProtectionPolicyArgs.builder()
.logGroupName(aws_cloudwatch_log_group.example().name())
.policyDocument(exampleLogDataProtectionPolicyDocument.applyValue(getLogDataProtectionPolicyDocumentResult -> getLogDataProtectionPolicyDocumentResult.json()))
.build());
}
}Content copied to clipboard
Return
A collection of values returned by getLogDataProtectionPolicyDocument.
Parameters
argument
A collection of arguments for invoking getLogDataProtectionPolicyDocument.
suspend fun getLogDataProtectionPolicyDocument(description: String? = null, name: String, statements: List<GetLogDataProtectionPolicyDocumentStatement>, version: String? = null): GetLogDataProtectionPolicyDocumentResult
Return
A collection of values returned by getLogDataProtectionPolicyDocument.
See also
Parameters
description
name
The name of the data protection policy document.
statements
Configures the data protection policy.
version
suspend fun getLogDataProtectionPolicyDocument(argument: suspend GetLogDataProtectionPolicyDocumentPlainArgsBuilder.() -> Unit): GetLogDataProtectionPolicyDocumentResult
Return
A collection of values returned by getLogDataProtectionPolicyDocument.
See also
Parameters
argument
Builder for com.pulumi.aws.cloudwatch.kotlin.inputs.GetLogDataProtectionPolicyDocumentPlainArgs.