How to use the @aws-cdk/aws-logs.CfnLogGroup function in @aws-cdk/aws-logs

To help you get started, we’ve selected a few @aws-cdk/aws-logs examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github aws / aws-cdk / packages / @aws-cdk / aws-cloudtrail / lib / index.ts View on Github external
}));

    this.s3bucket.addToResourcePolicy(new iam.PolicyStatement({
        resources: [this.s3bucket.arnForObjects(`AWSLogs/${Stack.of(this).account}/*`)],
        actions: ["s3:PutObject"],
        principals: [cloudTrailPrincipal],
        conditions:  {
          StringEquals: {'s3:x-amz-acl': "bucket-owner-full-control"}
        }
      }));

    let logGroup: logs.CfnLogGroup | undefined;
    let logsRole: iam.IRole | undefined;

    if (props.sendToCloudWatchLogs) {
      logGroup = new logs.CfnLogGroup(this, "LogGroup", {
        retentionInDays: props.cloudWatchLogsRetention || logs.RetentionDays.ONE_YEAR
      });

      logsRole = new iam.Role(this, 'LogsRole', { assumedBy: cloudTrailPrincipal });

      logsRole.addToPolicy(new iam.PolicyStatement({
        actions: ["logs:PutLogEvents", "logs:CreateLogStream"],
        resources: [logGroup.attrArn],
      }));
    }

    if (props.managementEvents) {
      const managementEvent =  {
        includeManagementEvents: true,
        readWriteType: props.managementEvents
      };

@aws-cdk/aws-logs

The CDK Construct Library for AWS::Logs

Apache-2.0
Latest version published 2 years ago

Package Health Score

67 / 100
Full package analysis