2.231.0

interface LogsEncryptionConfigurationProperty

LanguageType name
.NETAmazon.CDK.AWS.ObservabilityAdmin.CfnOrganizationCentralizationRule.LogsEncryptionConfigurationProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsobservabilityadmin#CfnOrganizationCentralizationRule_LogsEncryptionConfigurationProperty
Javasoftware.amazon.awscdk.services.observabilityadmin.CfnOrganizationCentralizationRule.LogsEncryptionConfigurationProperty
Pythonaws_cdk.aws_observabilityadmin.CfnOrganizationCentralizationRule.LogsEncryptionConfigurationProperty
TypeScript aws-cdk-lib » aws_observabilityadmin » CfnOrganizationCentralizationRule » LogsEncryptionConfigurationProperty

Configuration for encrypting centralized log groups.

This configuration is only applied to destination log groups for which the corresponding source log groups are encrypted using Customer Managed KMS Keys.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration.html

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_observabilityadmin as observabilityadmin } from 'aws-cdk-lib';
const logsEncryptionConfigurationProperty: observabilityadmin.CfnOrganizationCentralizationRule.LogsEncryptionConfigurationProperty = {
  encryptionStrategy: 'encryptionStrategy',

  // the properties below are optional
  encryptionConflictResolutionStrategy: 'encryptionConflictResolutionStrategy',
  kmsKeyArn: 'kmsKeyArn',
};

Properties

NameTypeDescription
encryptionStrategystringConfiguration that determines the encryption strategy of the destination log groups.
encryptionConflictResolutionStrategy?stringConflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key.
kmsKeyArn?stringKMS Key ARN belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination.

encryptionStrategy

Type: string

Configuration that determines the encryption strategy of the destination log groups.

CUSTOMER_MANAGED uses the configured KmsKeyArn to encrypt newly created destination log groups.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration-encryptionstrategy

encryptionConflictResolutionStrategy?

Type: string (optional)

Conflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key.

ALLOW lets centralization go through while SKIP prevents centralization into the destination log group.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration-encryptionconflictresolutionstrategy

kmsKeyArn?

Type: string (optional)

KMS Key ARN belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration.html#cfn-observabilityadmin-organizationcentralizationrule-logsencryptionconfiguration-kmskeyarn

PreviousNext