aws.networkfirewall.LoggingConfiguration
Explore with Pulumi AI
Provides an AWS Network Firewall Logging Configuration Resource
Example Usage
Logging to S3
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.LoggingConfiguration("example", {
firewallArn: exampleAwsNetworkfirewallFirewall.arn,
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
bucketName: exampleAwsS3Bucket.bucket,
prefix: "example",
},
logDestinationType: "S3",
logType: "FLOW",
}],
},
});
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.LoggingConfiguration("example",
firewall_arn=example_aws_networkfirewall_firewall["arn"],
logging_configuration={
"log_destination_configs": [{
"log_destination": {
"bucketName": example_aws_s3_bucket["bucket"],
"prefix": "example",
},
"log_destination_type": "S3",
"log_type": "FLOW",
}],
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewLoggingConfiguration(ctx, "example", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"bucketName": pulumi.Any(exampleAwsS3Bucket.Bucket),
"prefix": pulumi.String("example"),
},
LogDestinationType: pulumi.String("S3"),
LogType: pulumi.String("FLOW"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.LoggingConfiguration("example", new()
{
FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "bucketName", exampleAwsS3Bucket.Bucket },
{ "prefix", "example" },
},
LogDestinationType = "S3",
LogType = "FLOW",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.LoggingConfiguration;
import com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoggingConfiguration("example", LoggingConfigurationArgs.builder()
.firewallArn(exampleAwsNetworkfirewallFirewall.arn())
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.ofEntries(
Map.entry("bucketName", exampleAwsS3Bucket.bucket()),
Map.entry("prefix", "example")
))
.logDestinationType("S3")
.logType("FLOW")
.build())
.build())
.build());
}
}
resources:
example:
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}
loggingConfiguration:
logDestinationConfigs:
- logDestination:
bucketName: ${exampleAwsS3Bucket.bucket}
prefix: example
logDestinationType: S3
logType: FLOW
Logging to CloudWatch
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.LoggingConfiguration("example", {
firewallArn: exampleAwsNetworkfirewallFirewall.arn,
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
logGroup: exampleAwsCloudwatchLogGroup.name,
},
logDestinationType: "CloudWatchLogs",
logType: "ALERT",
}],
},
});
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.LoggingConfiguration("example",
firewall_arn=example_aws_networkfirewall_firewall["arn"],
logging_configuration={
"log_destination_configs": [{
"log_destination": {
"logGroup": example_aws_cloudwatch_log_group["name"],
},
"log_destination_type": "CloudWatchLogs",
"log_type": "ALERT",
}],
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewLoggingConfiguration(ctx, "example", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"logGroup": pulumi.Any(exampleAwsCloudwatchLogGroup.Name),
},
LogDestinationType: pulumi.String("CloudWatchLogs"),
LogType: pulumi.String("ALERT"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.LoggingConfiguration("example", new()
{
FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "logGroup", exampleAwsCloudwatchLogGroup.Name },
},
LogDestinationType = "CloudWatchLogs",
LogType = "ALERT",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.LoggingConfiguration;
import com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoggingConfiguration("example", LoggingConfigurationArgs.builder()
.firewallArn(exampleAwsNetworkfirewallFirewall.arn())
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.of("logGroup", exampleAwsCloudwatchLogGroup.name()))
.logDestinationType("CloudWatchLogs")
.logType("ALERT")
.build())
.build())
.build());
}
}
resources:
example:
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}
loggingConfiguration:
logDestinationConfigs:
- logDestination:
logGroup: ${exampleAwsCloudwatchLogGroup.name}
logDestinationType: CloudWatchLogs
logType: ALERT
Logging to Kinesis Data Firehose
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.LoggingConfiguration("example", {
firewallArn: exampleAwsNetworkfirewallFirewall.arn,
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
deliveryStream: exampleAwsKinesisFirehoseDeliveryStream.name,
},
logDestinationType: "KinesisDataFirehose",
logType: "TLS",
}],
},
});
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.LoggingConfiguration("example",
firewall_arn=example_aws_networkfirewall_firewall["arn"],
logging_configuration={
"log_destination_configs": [{
"log_destination": {
"deliveryStream": example_aws_kinesis_firehose_delivery_stream["name"],
},
"log_destination_type": "KinesisDataFirehose",
"log_type": "TLS",
}],
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewLoggingConfiguration(ctx, "example", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"deliveryStream": pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Name),
},
LogDestinationType: pulumi.String("KinesisDataFirehose"),
LogType: pulumi.String("TLS"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.LoggingConfiguration("example", new()
{
FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "deliveryStream", exampleAwsKinesisFirehoseDeliveryStream.Name },
},
LogDestinationType = "KinesisDataFirehose",
LogType = "TLS",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.LoggingConfiguration;
import com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoggingConfiguration("example", LoggingConfigurationArgs.builder()
.firewallArn(exampleAwsNetworkfirewallFirewall.arn())
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.of("deliveryStream", exampleAwsKinesisFirehoseDeliveryStream.name()))
.logDestinationType("KinesisDataFirehose")
.logType("TLS")
.build())
.build())
.build());
}
}
resources:
example:
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}
loggingConfiguration:
logDestinationConfigs:
- logDestination:
deliveryStream: ${exampleAwsKinesisFirehoseDeliveryStream.name}
logDestinationType: KinesisDataFirehose
logType: TLS
Create LoggingConfiguration Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new LoggingConfiguration(name: string, args: LoggingConfigurationArgs, opts?: CustomResourceOptions);
@overload
def LoggingConfiguration(resource_name: str,
args: LoggingConfigurationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def LoggingConfiguration(resource_name: str,
opts: Optional[ResourceOptions] = None,
firewall_arn: Optional[str] = None,
logging_configuration: Optional[LoggingConfigurationLoggingConfigurationArgs] = None)
func NewLoggingConfiguration(ctx *Context, name string, args LoggingConfigurationArgs, opts ...ResourceOption) (*LoggingConfiguration, error)
public LoggingConfiguration(string name, LoggingConfigurationArgs args, CustomResourceOptions? opts = null)
public LoggingConfiguration(String name, LoggingConfigurationArgs args)
public LoggingConfiguration(String name, LoggingConfigurationArgs args, CustomResourceOptions options)
type: aws:networkfirewall:LoggingConfiguration
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. LoggingConfigurationArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. LoggingConfigurationArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. LoggingConfigurationArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. LoggingConfigurationArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. LoggingConfigurationArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var awsLoggingConfigurationResource = new Aws.NetworkFirewall.LoggingConfiguration("awsLoggingConfigurationResource", new()
{
FirewallArn = "string",
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "string", "string" },
},
LogDestinationType = "string",
LogType = "string",
},
},
},
});
example, err := networkfirewall.NewLoggingConfiguration(ctx, "awsLoggingConfigurationResource", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.String("string"),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"string": pulumi.String("string"),
},
LogDestinationType: pulumi.String("string"),
LogType: pulumi.String("string"),
},
},
},
})
var awsLoggingConfigurationResource = new LoggingConfiguration("awsLoggingConfigurationResource", LoggingConfigurationArgs.builder()
.firewallArn("string")
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.of("string", "string"))
.logDestinationType("string")
.logType("string")
.build())
.build())
.build());
aws_logging_configuration_resource = aws.networkfirewall.LoggingConfiguration("awsLoggingConfigurationResource",
firewall_arn="string",
logging_configuration={
"log_destination_configs": [{
"log_destination": {
"string": "string",
},
"log_destination_type": "string",
"log_type": "string",
}],
})
const awsLoggingConfigurationResource = new aws.networkfirewall.LoggingConfiguration("awsLoggingConfigurationResource", {
firewallArn: "string",
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
string: "string",
},
logDestinationType: "string",
logType: "string",
}],
},
});
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: string
loggingConfiguration:
logDestinationConfigs:
- logDestination:
string: string
logDestinationType: string
logType: string
LoggingConfiguration Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The LoggingConfiguration resource accepts the following input properties:
- Firewall
Arn This property is required. Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- Logging
Config This property is required. LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- Firewall
Arn This property is required. Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- Logging
Configuration This property is required. LoggingConfiguration Logging Configuration Args - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn This property is required. Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration This property is required. LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn This property is required. Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration This property is required. LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall_
arn This property is required. Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging_
configuration This property is required. LoggingConfiguration Logging Configuration Args - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn This property is required. Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration This property is required. Property Map - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
Outputs
All input properties are implicitly available as output properties. Additionally, the LoggingConfiguration resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing LoggingConfiguration Resource
Get an existing LoggingConfiguration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: LoggingConfigurationState, opts?: CustomResourceOptions): LoggingConfiguration
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
firewall_arn: Optional[str] = None,
logging_configuration: Optional[LoggingConfigurationLoggingConfigurationArgs] = None) -> LoggingConfiguration
func GetLoggingConfiguration(ctx *Context, name string, id IDInput, state *LoggingConfigurationState, opts ...ResourceOption) (*LoggingConfiguration, error)
public static LoggingConfiguration Get(string name, Input<string> id, LoggingConfigurationState? state, CustomResourceOptions? opts = null)
public static LoggingConfiguration get(String name, Output<String> id, LoggingConfigurationState state, CustomResourceOptions options)
resources: _: type: aws:networkfirewall:LoggingConfiguration get: id: ${id}
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Firewall
Arn Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- Logging
Config LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- Firewall
Arn Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- Logging
Configuration LoggingConfiguration Logging Configuration Args - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall_
arn Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging_
configuration LoggingConfiguration Logging Configuration Args - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn Changes to this property will trigger replacement.
- The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration Property Map - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
Supporting Types
LoggingConfigurationLoggingConfiguration, LoggingConfigurationLoggingConfigurationArgs
- Log
Destination Configs This property is required. List<LoggingConfiguration Logging Configuration Log Destination Config> - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
- Log
Destination Configs This property is required. []LoggingConfiguration Logging Configuration Log Destination Config - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
- log
Destination Configs This property is required. List<LoggingConfiguration Logging Configuration Log Destination Config> - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
- log
Destination Configs This property is required. LoggingConfiguration Logging Configuration Log Destination Config[] - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
- log_
destination_ configs This property is required. Sequence[LoggingConfiguration Logging Configuration Log Destination Config] - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
- log
Destination Configs This property is required. List<Property Map> - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
LoggingConfigurationLoggingConfigurationLogDestinationConfig, LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
- Log
Destination This property is required. Dictionary<string, string> - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path (Do not add a leading / in theprefix
as the configuration will have two // when applied). - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- Log
Destination Type This property is required. string - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - Log
Type This property is required. string - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
- Log
Destination This property is required. map[string]string - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path (Do not add a leading / in theprefix
as the configuration will have two // when applied). - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- Log
Destination Type This property is required. string - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - Log
Type This property is required. string - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
- log
Destination This property is required. Map<String,String> - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path (Do not add a leading / in theprefix
as the configuration will have two // when applied). - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- log
Destination Type This property is required. String - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - log
Type This property is required. String - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
- log
Destination This property is required. {[key: string]: string} - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path (Do not add a leading / in theprefix
as the configuration will have two // when applied). - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- log
Destination Type This property is required. string - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - log
Type This property is required. string - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
- log_
destination This property is required. Mapping[str, str] - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path (Do not add a leading / in theprefix
as the configuration will have two // when applied). - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- log_
destination_ type This property is required. str - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - log_
type This property is required. str - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
- log
Destination This property is required. Map<String> - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path (Do not add a leading / in theprefix
as the configuration will have two // when applied). - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- log
Destination Type This property is required. String - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - log
Type This property is required. String - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
Import
Using pulumi import
, import Network Firewall Logging Configurations using the firewall_arn
. For example:
$ pulumi import aws:networkfirewall/loggingConfiguration:LoggingConfiguration example arn:aws:network-firewall:us-west-1:123456789012:firewall/example
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.