pulumi-aws-kotlin/com.pulumi.aws.cloudwatch.kotlin/LogDataProtectionPolicyArgs

LogDataProtectionPolicyArgs

data class LogDataProtectionPolicyArgs(val logGroupName: Output<String>? = null, val policyDocument: Output<String>? = null) : ConvertibleToJava<LogDataProtectionPolicyArgs>

Provides a CloudWatch Log Data Protection Policy resource. Read more about protecting sensitive user data in the User Guide.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudwatch.LogGroup;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.cloudwatch.LogDataProtectionPolicy;
import com.pulumi.aws.cloudwatch.LogDataProtectionPolicyArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleLogGroup = new LogGroup("exampleLogGroup");
        var exampleBucketV2 = new BucketV2("exampleBucketV2");
        var exampleLogDataProtectionPolicy = new LogDataProtectionPolicy("exampleLogDataProtectionPolicy", LogDataProtectionPolicyArgs.builder()
            .logGroupName(exampleLogGroup.name())
            .policyDocument(exampleBucketV2.bucket().applyValue(bucket -> serializeJson(
                jsonObject(
                    jsonProperty("Name", "Example"),
                    jsonProperty("Version", "2021-06-01"),
                    jsonProperty("Statement", jsonArray(
                        jsonObject(
                            jsonProperty("Sid", "Audit"),
                            jsonProperty("DataIdentifier", jsonArray("arn:aws:dataprotection::aws:data-identifier/EmailAddress")),
                            jsonProperty("Operation", jsonObject(
                                jsonProperty("Audit", jsonObject(
                                    jsonProperty("FindingsDestination", jsonObject(
                                        jsonProperty("S3", jsonObject(
                                            jsonProperty("Bucket", bucket)
                                        ))
                                    ))
                                ))
                            ))
                        ),
                        jsonObject(
                            jsonProperty("Sid", "Redact"),
                            jsonProperty("DataIdentifier", jsonArray("arn:aws:dataprotection::aws:data-identifier/EmailAddress")),
                            jsonProperty("Operation", jsonObject(
                                jsonProperty("Deidentify", jsonObject(
                                    jsonProperty("MaskConfig", jsonObject(
                                    ))
                                ))
                            ))
                        )
                    ))
                ))))
            .build());
    }
}
Content copied to clipboard

Import

This resource can be imported using the log_group_name. For example

$ pulumi import aws:cloudwatch/logDataProtectionPolicy:LogDataProtectionPolicy example my-log-group
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(logGroupName: Output<String>? = null, policyDocument: Output<String>? = null)

Properties

Link copied to clipboard
val logGroupName: Output<String>? = null

The name of the log group under which the log stream is to be created.

Link copied to clipboard
val policyDocument: Output<String>? = null

Specifies the data protection policy in JSON. Read more at Data protection policy syntax.

Functions

Link copied to clipboard
open override fun toJava(): LogDataProtectionPolicyArgs