pulumi-aws-kotlin/com.pulumi.aws.cloudtrail.kotlin/EventDataStore

EventDataStore

class EventDataStore : KotlinCustomResource

Provides a CloudTrail Event Data Store. More information about event data stores can be found in the Event Data Store User Guide.

Tip: For an organization event data store you must create this resource in the management account.

Example Usage

Basic

The most simple event data store configuration requires us to only set the name attribute. The event data store will automatically capture all management events. To capture management events from all the regions, multi_region_enabled must be true.

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudtrail.EventDataStore;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new EventDataStore("example");
    }
}
Content copied to clipboard

Log all DynamoDB PutEvent actions for a specific DynamoDB table

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.dynamodb.DynamodbFunctions;
import com.pulumi.aws.dynamodb.inputs.GetTableArgs;
import com.pulumi.aws.cloudtrail.EventDataStore;
import com.pulumi.aws.cloudtrail.EventDataStoreArgs;
import com.pulumi.aws.cloudtrail.inputs.EventDataStoreAdvancedEventSelectorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var table = DynamodbFunctions.getTable(GetTableArgs.builder()
            .name("not-important-dynamodb-table")
            .build());
        var example = new EventDataStore("example", EventDataStoreArgs.builder()
            .advancedEventSelectors(EventDataStoreAdvancedEventSelectorArgs.builder()
                .name("Log all DynamoDB PutEvent actions for a specific DynamoDB table")
                .fieldSelectors(
                    EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
                        .field("eventCategory")
                        .equals("Data")
                        .build(),
                    EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
                        .field("resources.type")
                        .equals("AWS::DynamoDB::Table")
                        .build(),
                    EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
                        .field("eventName")
                        .equals("PutItem")
                        .build(),
                    EventDataStoreAdvancedEventSelectorFieldSelectorArgs.builder()
                        .field("resources.ARN")
                        .equals(table.applyValue(getTableResult -> getTableResult.arn()))
                        .build())
                .build())
            .build());
    }
}
Content copied to clipboard

Import

Using pulumi import, import event data stores using their arn. For example:

$ pulumi import aws:cloudtrail/eventDataStore:EventDataStore example arn:aws:cloudtrail:us-east-1:123456789123:eventdatastore/22333815-4414-412c-b155-dd254033gfhf
Content copied to clipboard

Properties

Link copied to clipboard
val advancedEventSelectors: Output<List<EventDataStoreAdvancedEventSelector>>

The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.

Link copied to clipboard
val arn: Output<String>

ARN of the event data store.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val kmsKeyId: Output<String>?

Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by alias/, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.

Link copied to clipboard
val multiRegionEnabled: Output<Boolean>?

Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created. Default: true.

Link copied to clipboard
val name: Output<String>

The name of the event data store.

Link copied to clipboard
val organizationEnabled: Output<Boolean>?

Specifies whether an event data store collects events logged for an organization in AWS Organizations. Default: false.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val retentionPeriod: Output<Int>?

The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years. Default: 2555.

Link copied to clipboard
val tags: Output<Map<String, String>>?

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Link copied to clipboard
val tagsAll: Output<Map<String, String>>

Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Link copied to clipboard
val terminationProtectionEnabled: Output<Boolean>?

Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled. Default: true.

Link copied to clipboard
val urn: Output<String>