Readonly
envOptional
Readonly
logReadonly
nodeThe tree node.
stable
Protected
Readonly
physicalReturns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
This value will resolve to one of the following:
"my-awesome-bucket"
)undefined
, when a name should be generated by CloudFormationReadonly
stackReadonly
trailARN of the CloudTrail trail i.e. arn:aws:cloudtrail:us-east-2:123456789012:trail/myCloudTrail
Readonly
trailARN of the Amazon SNS topic that's associated with the CloudTrail trail, i.e. arn:aws:sns:us-east-2:123456789012:mySNSTopic
When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails. Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
This method adds an Event Selector for filtering events that match either S3 or Lambda function operations.
Data events: These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.
the list of data resource ARNs to include in logging (maximum 250 entries).
Optional
options: AddEventSelectorOptionsthe options to configure logging of management and data events.
When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails. Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
This method adds a Lambda Data Event Selector for filtering events that match Lambda function operations.
Data events: These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.
the list of lambda function handlers whose data events should be logged (maximum 250 entries).
Optional
options: AddEventSelectorOptionsthe options to configure logging of management and data events.
When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails. Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
This method adds an S3 Data Event Selector for filtering events that match S3 operations.
Data events: These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.
the list of S3 bucket with optional prefix to include in logging (maximum 250 entries).
Optional
options: AddEventSelectorOptionsthe options to configure logging of management and data events.
Apply the given removal policy to this resource
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY
), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN
).
Protected
generateProtected
getReturns an environment-sensitive token that should be used for the
resource's "ARN" attribute (e.g. bucket.bucketArn
).
Normally, this token will resolve to arnAttr
, but if the resource is
referenced across environments, arnComponents
will be used to synthesize
a concrete ARN with the resource's physical name. Make sure to reference
this.physicalName
in arnComponents
.
The CFN attribute which resolves to the ARN of the resource.
Commonly it will be called "Arn" (e.g. resource.attrArn
), but sometimes
it's the CFN resource's ref
.
The format of the ARN of this resource. You must
reference this.physicalName
somewhere within the ARN in order for
cross-environment references to work.
Protected
getReturns an environment-sensitive token that should be used for the
resource's "name" attribute (e.g. bucket.bucketName
).
Normally, this token will resolve to nameAttr
, but if the resource is
referenced across environments, it will be resolved to this.physicalName
,
which will be a concrete name.
The CFN attribute which resolves to the resource's name.
Commonly this is the resource's ref
.
Log all Lambda data events for all lambda functions the account.
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html
false
Optional
options: AddEventSelectorOptionsLog all S3 data events for all objects for all buckets in the account.
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html
false
Optional
options: AddEventSelectorOptionsStatic
isStatic
isStatic
isStatic
onCreate an event rule for when an event is recorded by any Trail in the account.
Note that the event doesn't necessarily have to come from this Trail, it can be captured from any one.
Be sure to filter the event further down using an event pattern.
Optional
options: OnEventOptionsGenerated using TypeDoc
The CloudWatch log group to which CloudTrail events are sent.
undefined
ifsendToCloudWatchLogs
property is false.