Logging
data class LoggingConfigurationArgs(val firewallArn: Output<String>? = null, val loggingConfiguration: Output<LoggingConfigurationLoggingConfigurationArgs>? = null) : ConvertibleToJava<LoggingConfigurationArgs>
Provides an AWS Network Firewall Logging Configuration Resource
Example Usage
Logging to S3
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.LoggingConfiguration("example", {
firewallArn: exampleAwsNetworkfirewallFirewall.arn,
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
bucketName: exampleAwsS3Bucket.bucket,
prefix: "example",
},
logDestinationType: "S3",
logType: "FLOW",
}],
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.LoggingConfiguration("example",
firewall_arn=example_aws_networkfirewall_firewall["arn"],
logging_configuration={
"log_destination_configs": [{
"log_destination": {
"bucketName": example_aws_s3_bucket["bucket"],
"prefix": "example",
},
"log_destination_type": "S3",
"log_type": "FLOW",
}],
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.LoggingConfiguration("example", new()
{
FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "bucketName", exampleAwsS3Bucket.Bucket },
{ "prefix", "example" },
},
LogDestinationType = "S3",
LogType = "FLOW",
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewLoggingConfiguration(ctx, "example", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"bucketName": pulumi.Any(exampleAwsS3Bucket.Bucket),
"prefix": pulumi.String("example"),
},
LogDestinationType: pulumi.String("S3"),
LogType: pulumi.String("FLOW"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.LoggingConfiguration;
import com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoggingConfiguration("example", LoggingConfigurationArgs.builder()
.firewallArn(exampleAwsNetworkfirewallFirewall.arn())
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.ofEntries(
Map.entry("bucketName", exampleAwsS3Bucket.bucket()),
Map.entry("prefix", "example")
))
.logDestinationType("S3")
.logType("FLOW")
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}
loggingConfiguration:
logDestinationConfigs:
- logDestination:
bucketName: ${exampleAwsS3Bucket.bucket}
prefix: example
logDestinationType: S3
logType: FLOWContent copied to clipboard
Logging to CloudWatch
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.LoggingConfiguration("example", {
firewallArn: exampleAwsNetworkfirewallFirewall.arn,
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
logGroup: exampleAwsCloudwatchLogGroup.name,
},
logDestinationType: "CloudWatchLogs",
logType: "ALERT",
}],
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.LoggingConfiguration("example",
firewall_arn=example_aws_networkfirewall_firewall["arn"],
logging_configuration={
"log_destination_configs": [{
"log_destination": {
"logGroup": example_aws_cloudwatch_log_group["name"],
},
"log_destination_type": "CloudWatchLogs",
"log_type": "ALERT",
}],
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.LoggingConfiguration("example", new()
{
FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "logGroup", exampleAwsCloudwatchLogGroup.Name },
},
LogDestinationType = "CloudWatchLogs",
LogType = "ALERT",
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewLoggingConfiguration(ctx, "example", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"logGroup": pulumi.Any(exampleAwsCloudwatchLogGroup.Name),
},
LogDestinationType: pulumi.String("CloudWatchLogs"),
LogType: pulumi.String("ALERT"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.LoggingConfiguration;
import com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoggingConfiguration("example", LoggingConfigurationArgs.builder()
.firewallArn(exampleAwsNetworkfirewallFirewall.arn())
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.of("logGroup", exampleAwsCloudwatchLogGroup.name()))
.logDestinationType("CloudWatchLogs")
.logType("ALERT")
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}
loggingConfiguration:
logDestinationConfigs:
- logDestination:
logGroup: ${exampleAwsCloudwatchLogGroup.name}
logDestinationType: CloudWatchLogs
logType: ALERTContent copied to clipboard
Logging to Kinesis Data Firehose
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.LoggingConfiguration("example", {
firewallArn: exampleAwsNetworkfirewallFirewall.arn,
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
deliveryStream: exampleAwsKinesisFirehoseDeliveryStream.name,
},
logDestinationType: "KinesisDataFirehose",
logType: "TLS",
}],
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.LoggingConfiguration("example",
firewall_arn=example_aws_networkfirewall_firewall["arn"],
logging_configuration={
"log_destination_configs": [{
"log_destination": {
"deliveryStream": example_aws_kinesis_firehose_delivery_stream["name"],
},
"log_destination_type": "KinesisDataFirehose",
"log_type": "TLS",
}],
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.LoggingConfiguration("example", new()
{
FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "deliveryStream", exampleAwsKinesisFirehoseDeliveryStream.Name },
},
LogDestinationType = "KinesisDataFirehose",
LogType = "TLS",
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewLoggingConfiguration(ctx, "example", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"deliveryStream": pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Name),
},
LogDestinationType: pulumi.String("KinesisDataFirehose"),
LogType: pulumi.String("TLS"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.LoggingConfiguration;
import com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoggingConfiguration("example", LoggingConfigurationArgs.builder()
.firewallArn(exampleAwsNetworkfirewallFirewall.arn())
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.of("deliveryStream", exampleAwsKinesisFirehoseDeliveryStream.name()))
.logDestinationType("KinesisDataFirehose")
.logType("TLS")
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}
loggingConfiguration:
logDestinationConfigs:
- logDestination:
deliveryStream: ${exampleAwsKinesisFirehoseDeliveryStream.name}
logDestinationType: KinesisDataFirehose
logType: TLSContent copied to clipboard
Import
Using pulumi import, import Network Firewall Logging Configurations using the firewall_arn. For example:
$ pulumi import aws:networkfirewall/loggingConfiguration:LoggingConfiguration example arn:aws:network-firewall:us-west-1:123456789012:firewall/exampleContent copied to clipboard
Constructors
Link copied to clipboard
constructor(firewallArn: Output<String>? = null, loggingConfiguration: Output<LoggingConfigurationLoggingConfigurationArgs>? = null)