aws.networkfirewall.LoggingConfiguration
Explore with Pulumi AI
Provides an AWS Network Firewall Logging Configuration Resource
Example Usage
Logging to S3
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.LoggingConfiguration("example", {
firewallArn: exampleAwsNetworkfirewallFirewall.arn,
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
bucketName: exampleAwsS3Bucket.bucket,
prefix: "/example",
},
logDestinationType: "S3",
logType: "FLOW",
}],
},
});
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.LoggingConfiguration("example",
firewall_arn=example_aws_networkfirewall_firewall["arn"],
logging_configuration={
"log_destination_configs": [{
"log_destination": {
"bucket_name": example_aws_s3_bucket["bucket"],
"prefix": "/example",
},
"log_destination_type": "S3",
"log_type": "FLOW",
}],
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewLoggingConfiguration(ctx, "example", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"bucketName": pulumi.Any(exampleAwsS3Bucket.Bucket),
"prefix": pulumi.String("/example"),
},
LogDestinationType: pulumi.String("S3"),
LogType: pulumi.String("FLOW"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.LoggingConfiguration("example", new()
{
FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "bucketName", exampleAwsS3Bucket.Bucket },
{ "prefix", "/example" },
},
LogDestinationType = "S3",
LogType = "FLOW",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.LoggingConfiguration;
import com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoggingConfiguration("example", LoggingConfigurationArgs.builder()
.firewallArn(exampleAwsNetworkfirewallFirewall.arn())
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.ofEntries(
Map.entry("bucketName", exampleAwsS3Bucket.bucket()),
Map.entry("prefix", "/example")
))
.logDestinationType("S3")
.logType("FLOW")
.build())
.build())
.build());
}
}
resources:
example:
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}
loggingConfiguration:
logDestinationConfigs:
- logDestination:
bucketName: ${exampleAwsS3Bucket.bucket}
prefix: /example
logDestinationType: S3
logType: FLOW
Logging to CloudWatch
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.LoggingConfiguration("example", {
firewallArn: exampleAwsNetworkfirewallFirewall.arn,
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
logGroup: exampleAwsCloudwatchLogGroup.name,
},
logDestinationType: "CloudWatchLogs",
logType: "ALERT",
}],
},
});
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.LoggingConfiguration("example",
firewall_arn=example_aws_networkfirewall_firewall["arn"],
logging_configuration={
"log_destination_configs": [{
"log_destination": {
"log_group": example_aws_cloudwatch_log_group["name"],
},
"log_destination_type": "CloudWatchLogs",
"log_type": "ALERT",
}],
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewLoggingConfiguration(ctx, "example", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"logGroup": pulumi.Any(exampleAwsCloudwatchLogGroup.Name),
},
LogDestinationType: pulumi.String("CloudWatchLogs"),
LogType: pulumi.String("ALERT"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.LoggingConfiguration("example", new()
{
FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "logGroup", exampleAwsCloudwatchLogGroup.Name },
},
LogDestinationType = "CloudWatchLogs",
LogType = "ALERT",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.LoggingConfiguration;
import com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoggingConfiguration("example", LoggingConfigurationArgs.builder()
.firewallArn(exampleAwsNetworkfirewallFirewall.arn())
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.of("logGroup", exampleAwsCloudwatchLogGroup.name()))
.logDestinationType("CloudWatchLogs")
.logType("ALERT")
.build())
.build())
.build());
}
}
resources:
example:
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}
loggingConfiguration:
logDestinationConfigs:
- logDestination:
logGroup: ${exampleAwsCloudwatchLogGroup.name}
logDestinationType: CloudWatchLogs
logType: ALERT
Logging to Kinesis Data Firehose
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.networkfirewall.LoggingConfiguration("example", {
firewallArn: exampleAwsNetworkfirewallFirewall.arn,
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
deliveryStream: exampleAwsKinesisFirehoseDeliveryStream.name,
},
logDestinationType: "KinesisDataFirehose",
logType: "TLS",
}],
},
});
import pulumi
import pulumi_aws as aws
example = aws.networkfirewall.LoggingConfiguration("example",
firewall_arn=example_aws_networkfirewall_firewall["arn"],
logging_configuration={
"log_destination_configs": [{
"log_destination": {
"delivery_stream": example_aws_kinesis_firehose_delivery_stream["name"],
},
"log_destination_type": "KinesisDataFirehose",
"log_type": "TLS",
}],
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/networkfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkfirewall.NewLoggingConfiguration(ctx, "example", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"deliveryStream": pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Name),
},
LogDestinationType: pulumi.String("KinesisDataFirehose"),
LogType: pulumi.String("TLS"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.NetworkFirewall.LoggingConfiguration("example", new()
{
FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "deliveryStream", exampleAwsKinesisFirehoseDeliveryStream.Name },
},
LogDestinationType = "KinesisDataFirehose",
LogType = "TLS",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.LoggingConfiguration;
import com.pulumi.aws.networkfirewall.LoggingConfigurationArgs;
import com.pulumi.aws.networkfirewall.inputs.LoggingConfigurationLoggingConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new LoggingConfiguration("example", LoggingConfigurationArgs.builder()
.firewallArn(exampleAwsNetworkfirewallFirewall.arn())
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.of("deliveryStream", exampleAwsKinesisFirehoseDeliveryStream.name()))
.logDestinationType("KinesisDataFirehose")
.logType("TLS")
.build())
.build())
.build());
}
}
resources:
example:
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}
loggingConfiguration:
logDestinationConfigs:
- logDestination:
deliveryStream: ${exampleAwsKinesisFirehoseDeliveryStream.name}
logDestinationType: KinesisDataFirehose
logType: TLS
Create LoggingConfiguration Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new LoggingConfiguration(name: string, args: LoggingConfigurationArgs, opts?: CustomResourceOptions);
@overload
def LoggingConfiguration(resource_name: str,
args: LoggingConfigurationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def LoggingConfiguration(resource_name: str,
opts: Optional[ResourceOptions] = None,
firewall_arn: Optional[str] = None,
logging_configuration: Optional[LoggingConfigurationLoggingConfigurationArgs] = None)
func NewLoggingConfiguration(ctx *Context, name string, args LoggingConfigurationArgs, opts ...ResourceOption) (*LoggingConfiguration, error)
public LoggingConfiguration(string name, LoggingConfigurationArgs args, CustomResourceOptions? opts = null)
public LoggingConfiguration(String name, LoggingConfigurationArgs args)
public LoggingConfiguration(String name, LoggingConfigurationArgs args, CustomResourceOptions options)
type: aws:networkfirewall:LoggingConfiguration
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args LoggingConfigurationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args LoggingConfigurationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args LoggingConfigurationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LoggingConfigurationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args LoggingConfigurationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var awsLoggingConfigurationResource = new Aws.NetworkFirewall.LoggingConfiguration("awsLoggingConfigurationResource", new()
{
FirewallArn = "string",
LoggingConfig = new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationArgs
{
LogDestinationConfigs = new[]
{
new Aws.NetworkFirewall.Inputs.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
{
LogDestination =
{
{ "string", "string" },
},
LogDestinationType = "string",
LogType = "string",
},
},
},
});
example, err := networkfirewall.NewLoggingConfiguration(ctx, "awsLoggingConfigurationResource", &networkfirewall.LoggingConfigurationArgs{
FirewallArn: pulumi.String("string"),
LoggingConfiguration: &networkfirewall.LoggingConfigurationLoggingConfigurationArgs{
LogDestinationConfigs: networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArray{
&networkfirewall.LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs{
LogDestination: pulumi.StringMap{
"string": pulumi.String("string"),
},
LogDestinationType: pulumi.String("string"),
LogType: pulumi.String("string"),
},
},
},
})
var awsLoggingConfigurationResource = new LoggingConfiguration("awsLoggingConfigurationResource", LoggingConfigurationArgs.builder()
.firewallArn("string")
.loggingConfiguration(LoggingConfigurationLoggingConfigurationArgs.builder()
.logDestinationConfigs(LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs.builder()
.logDestination(Map.of("string", "string"))
.logDestinationType("string")
.logType("string")
.build())
.build())
.build());
aws_logging_configuration_resource = aws.networkfirewall.LoggingConfiguration("awsLoggingConfigurationResource",
firewall_arn="string",
logging_configuration={
"logDestinationConfigs": [{
"logDestination": {
"string": "string",
},
"logDestinationType": "string",
"logType": "string",
}],
})
const awsLoggingConfigurationResource = new aws.networkfirewall.LoggingConfiguration("awsLoggingConfigurationResource", {
firewallArn: "string",
loggingConfiguration: {
logDestinationConfigs: [{
logDestination: {
string: "string",
},
logDestinationType: "string",
logType: "string",
}],
},
});
type: aws:networkfirewall:LoggingConfiguration
properties:
firewallArn: string
loggingConfiguration:
logDestinationConfigs:
- logDestination:
string: string
logDestinationType: string
logType: string
LoggingConfiguration Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The LoggingConfiguration resource accepts the following input properties:
- Firewall
Arn string - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- Logging
Config LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- Firewall
Arn string - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- Logging
Configuration LoggingConfiguration Logging Configuration Args - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn String - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn string - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall_
arn str - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging_
configuration LoggingConfiguration Logging Configuration Args - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn String - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration Property Map - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
Outputs
All input properties are implicitly available as output properties. Additionally, the LoggingConfiguration resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing LoggingConfiguration Resource
Get an existing LoggingConfiguration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: LoggingConfigurationState, opts?: CustomResourceOptions): LoggingConfiguration
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
firewall_arn: Optional[str] = None,
logging_configuration: Optional[LoggingConfigurationLoggingConfigurationArgs] = None) -> LoggingConfiguration
func GetLoggingConfiguration(ctx *Context, name string, id IDInput, state *LoggingConfigurationState, opts ...ResourceOption) (*LoggingConfiguration, error)
public static LoggingConfiguration Get(string name, Input<string> id, LoggingConfigurationState? state, CustomResourceOptions? opts = null)
public static LoggingConfiguration get(String name, Output<String> id, LoggingConfigurationState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Firewall
Arn string - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- Logging
Config LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- Firewall
Arn string - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- Logging
Configuration LoggingConfiguration Logging Configuration Args - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn String - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn string - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration LoggingConfiguration Logging Configuration - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall_
arn str - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging_
configuration LoggingConfiguration Logging Configuration Args - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
- firewall
Arn String - The Amazon Resource Name (ARN) of the Network Firewall firewall.
- logging
Configuration Property Map - A configuration block describing how AWS Network Firewall performs logging for a firewall. See Logging Configuration below for details.
Supporting Types
LoggingConfigurationLoggingConfiguration, LoggingConfigurationLoggingConfigurationArgs
- Log
Destination List<LoggingConfigs Configuration Logging Configuration Log Destination Config> - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
- Log
Destination []LoggingConfigs Configuration Logging Configuration Log Destination Config - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
- log
Destination List<LoggingConfigs Configuration Logging Configuration Log Destination Config> - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
- log
Destination LoggingConfigs Configuration Logging Configuration Log Destination Config[] - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
- log_
destination_ Sequence[Loggingconfigs Configuration Logging Configuration Log Destination Config] - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
- log
Destination List<Property Map>Configs - Set of configuration blocks describing the logging details for a firewall. See Log Destination Config below for details. At most, only Three blocks can be specified; one for
FLOW
logs and one forALERT
logs and one forTLS
logs.
LoggingConfigurationLoggingConfigurationLogDestinationConfig, LoggingConfigurationLoggingConfigurationLogDestinationConfigArgs
- Log
Destination Dictionary<string, string> - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path. - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- Log
Destination stringType - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - Log
Type string - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
- Log
Destination map[string]string - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path. - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- Log
Destination stringType - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - Log
Type string - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
- log
Destination Map<String,String> - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path. - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- log
Destination StringType - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - log
Type String - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
- log
Destination {[key: string]: string} - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path. - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- log
Destination stringType - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - log
Type string - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
- log_
destination Mapping[str, str] - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path. - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- log_
destination_ strtype - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - log_
type str - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
- log
Destination Map<String> - A map describing the logging destination for the chosen
log_destination_type
.- For an Amazon S3 bucket, specify the key
bucketName
with the name of the bucket and optionally specify the keyprefix
with a path. - For a CloudWatch log group, specify the key
logGroup
with the name of the CloudWatch log group. - For a Kinesis Data Firehose delivery stream, specify the key
deliveryStream
with the name of the delivery stream.
- For an Amazon S3 bucket, specify the key
- log
Destination StringType - The location to send logs to. Valid values:
S3
,CloudWatchLogs
,KinesisDataFirehose
. - log
Type String - The type of log to send. Valid values:
ALERT
orFLOW
orTLS
. Alert logs report traffic that matches aStatefulRule
with an action setting that sends a log message. Flow logs are standard network traffic flow logs.
Import
Using pulumi import
, import Network Firewall Logging Configurations using the firewall_arn
. For example:
$ pulumi import aws:networkfirewall/loggingConfiguration:LoggingConfiguration example arn:aws:network-firewall:us-west-1:123456789012:firewall/example
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.