interface DataProtectionPolicyProps
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.Logs.DataProtectionPolicyProps |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awslogs#DataProtectionPolicyProps |
![]() | software.amazon.awscdk.services.logs.DataProtectionPolicyProps |
![]() | aws_cdk.aws_logs.DataProtectionPolicyProps |
![]() | aws-cdk-lib » aws_logs » DataProtectionPolicyProps |
Properties for creating a data protection policy.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_logs as logs } from 'aws-cdk-lib';
import { aws_s3 as s3 } from 'aws-cdk-lib';
declare const bucket: s3.Bucket;
declare const dataIdentifier: logs.DataIdentifier;
declare const logGroup: logs.LogGroup;
const dataProtectionPolicyProps: logs.DataProtectionPolicyProps = {
identifiers: [dataIdentifier],
// the properties below are optional
deliveryStreamNameAuditDestination: 'deliveryStreamNameAuditDestination',
description: 'description',
logGroupAuditDestination: logGroup,
name: 'name',
s3BucketAuditDestination: bucket,
};
Properties
Name | Type | Description |
---|---|---|
identifiers | Data [] | List of data protection identifiers. |
delivery | string | Amazon Kinesis Data Firehose delivery stream to send audit findings to. |
description? | string | Description of the data protection policy. |
log | ILog | CloudWatch Logs log group to send audit findings to. |
name? | string | Name of the data protection policy. |
s3 | IBucket | S3 bucket to send audit findings to. |
identifiers
Type:
Data
[]
List of data protection identifiers.
Must be in the following list: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/protect-sensitive-log-data-types.html
deliveryStreamNameAuditDestination?
Type:
string
(optional, default: no firehose delivery stream audit destination)
Amazon Kinesis Data Firehose delivery stream to send audit findings to.
The delivery stream must already exist.
description?
Type:
string
(optional, default: 'cdk generated data protection policy')
Description of the data protection policy.
logGroupAuditDestination?
Type:
ILog
(optional, default: no CloudWatch Logs audit destination)
CloudWatch Logs log group to send audit findings to.
The log group must already exist prior to creating the data protection policy.
name?
Type:
string
(optional, default: 'data-protection-policy-cdk')
Name of the data protection policy.
s3BucketAuditDestination?
Type:
IBucket
(optional, default: no S3 bucket audit destination)
S3 bucket to send audit findings to.
The bucket must already exist.