Class CloudTrailSettingsConfig

GlobalConfig / LoggingConfig / CloudTrailConfig / (AccountCloudTrailConfig) / CloudTrailSettingsConfig

AWS CloudTrail Settings configuration

Example

multiRegionTrail: true
globalServiceEvents: true
managementEvents: true
s3DataEvents: true
lambdaDataEvents: true
sendToCloudWatchLogs: true
apiErrorRateInsight: false
apiCallRateInsight: false

Hierarchy

  • CloudTrailSettingsConfig

Implements

Constructors

constructor

Properties

apiCallRateInsight apiErrorRateInsight globalServiceEvents lambdaDataEvents managementEvents multiRegionTrail s3DataEvents sendToCloudWatchLogs

Constructors

constructor

Properties

Readonly apiCallRateInsight

apiCallRateInsight: false = false

Will enable CloudTrail Insights and enable the API Call Rate Insight

Readonly apiErrorRateInsight

apiErrorRateInsight: false = false

Will enable CloudTrail Insights and enable the API Error Rate Insight

globalServiceEvents

globalServiceEvents: boolean = true

For global services such as AWS Identity and Access Management (IAM), AWS STS, Amazon CloudFront, and Route 53, events are delivered to any trail that includes global services, and are logged as occurring in US East Region.

lambdaDataEvents

lambdaDataEvents: boolean = true

Adds an Lambda Data Event Selector for filtering events that match Lambda operations. These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.

managementEvents

managementEvents: boolean = true

Management events provide insight into management operations that are on resources in your AWS account. These are also known as control plane operations. Management events can also include non-API events that occur in your account. For example, when a user logs in to your account, CloudTrail logs the ConsoleLogin event. Enabling will set ReadWriteType.ALL

multiRegionTrail

multiRegionTrail: boolean = true

Whether or not this trail delivers log files from all regions in the account.

s3DataEvents

s3DataEvents: boolean = true

Adds an S3 Data Event Selector for filtering events that match S3 operations. These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.

sendToCloudWatchLogs

sendToCloudWatchLogs: boolean = true

If CloudTrail pushes logs to CloudWatch Logs in addition to S3. CloudWatch Logs will also be replicated to S3.

Settings

Member Visibility

Theme

Generated using TypeDoc