aws-cdk-lib.aws_logs.CrossAccountDestination

class CrossAccountDestination (construct)

LanguageType name
.NETAmazon.CDK.AWS.Logs.CrossAccountDestination
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awslogs#CrossAccountDestination
Javasoftware.amazon.awscdk.services.logs.CrossAccountDestination
Pythonaws_cdk.aws_logs.CrossAccountDestination
TypeScript (source)aws-cdk-lib » aws_logs » CrossAccountDestination

Implements IConstruct, IDependable, IResource, ILogSubscriptionDestination

A new CloudWatch Logs Destination for use in cross-account scenarios.

CrossAccountDestinations are used to subscribe a Kinesis stream in a different account to a CloudWatch Subscription.

Consumers will hardly ever need to use this class. Instead, directly subscribe a Kinesis stream using the integration class in the @aws-cdk/aws-logs-destinations package; if necessary, a CrossAccountDestination will be created automatically.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_iam as iam } from 'aws-cdk-lib';
import { aws_logs as logs } from 'aws-cdk-lib';

declare const role: iam.Role;
const crossAccountDestination = new logs.CrossAccountDestination(this, 'MyCrossAccountDestination', {
  role: role,
  targetArn: 'targetArn',

  // the properties below are optional
  destinationName: 'destinationName',
});

Initializer

new CrossAccountDestination(scope: Construct, id: string, props: CrossAccountDestinationProps)

Parameters

  • scope Construct
  • id string
  • props CrossAccountDestinationProps

Construct Props

NameTypeDescription
roleIRoleThe role to assume that grants permissions to write to 'target'.
targetArnstringThe log destination target's ARN.
destinationName?stringThe name of the log destination.

role

Type: IRole

The role to assume that grants permissions to write to 'target'.

The role must be assumable by 'logs.{REGION}.amazonaws.com'.


targetArn

Type: string

The log destination target's ARN.


destinationName?

Type: string (optional, default: Automatically generated)

The name of the log destination.

Properties

NameTypeDescription
destinationArnstringThe ARN of this CrossAccountDestination object.
destinationNamestringThe name of this CrossAccountDestination object.
envResourceEnvironmentThe environment this resource belongs to.
nodeNodeThe tree node.
policyDocumentPolicyDocumentPolicy object of this CrossAccountDestination object.
stackStackThe stack in which this resource is defined.

destinationArn

Type: string

The ARN of this CrossAccountDestination object.


destinationName

Type: string

The name of this CrossAccountDestination object.


env

Type: ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.


node

Type: Node

The tree node.


policyDocument

Type: PolicyDocument

Policy object of this CrossAccountDestination object.


stack

Type: Stack

The stack in which this resource is defined.

Methods

NameDescription
addToPolicy(statement)
applyRemovalPolicy(policy)Apply the given removal policy to this resource.
bind(_scope, _sourceLogGroup)Return the properties required to send subscription events to this destination.
toString()Returns a string representation of this construct.

addToPolicy(statement)

public addToPolicy(statement: PolicyStatement): void

Parameters

  • statement PolicyStatement

applyRemovalPolicy(policy)

public applyRemovalPolicy(policy: RemovalPolicy): void

Parameters

  • policy RemovalPolicy

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).


bind(_scope, _sourceLogGroup)

public bind(_scope: Construct, _sourceLogGroup: ILogGroup): LogSubscriptionDestinationConfig

Parameters

  • _scope Construct
  • _sourceLogGroup ILogGroup

Returns

  • LogSubscriptionDestinationConfig

Return the properties required to send subscription events to this destination.

If necessary, the destination can use the properties of the SubscriptionFilter object itself to configure its permissions to allow the subscription to write to it.

The destination may reconfigure its own permissions in response to this function call.


toString()

public toString(): string

Returns

  • string

Returns a string representation of this construct.