public MyStack() { var exampleLogGroup = new Aws.CloudWatch.LogGroup("exampleLogGroup", new Aws.CloudWatch.LogGroupArgs { RetentionInDays = 14, }); var ad_log_policyPolicyDocument = exampleLogGroup.Arn.Apply(arn => Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs { Statements = { new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs { Actions = { "logs:CreateLogStream", "logs:PutLogEvents", }, Effect = "Allow", Principals = { new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs { Identifiers = { "ds.amazonaws.com", }, Type = "Service", }, }, Resources = { arn, }, }, }, })); var ad_log_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy("ad-log-policyLogResourcePolicy", new Aws.CloudWatch.LogResourcePolicyArgs { PolicyDocument = ad_log_policyPolicyDocument.Apply(ad_log_policyPolicyDocument => ad_log_policyPolicyDocument.Json), PolicyName = "ad-log-policy", }); var exampleLogService = new Aws.DirectoryService.LogService("exampleLogService", new Aws.DirectoryService.LogServiceArgs { DirectoryId = aws_directory_service_directory.Example.Id, LogGroupName = exampleLogGroup.Name, }); }
public MyStack() { var exampleLogGroup = new Aws.CloudWatch.LogGroup("exampleLogGroup", new Aws.CloudWatch.LogGroupArgs { }); var exampleLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy("exampleLogResourcePolicy", new Aws.CloudWatch.LogResourcePolicyArgs { PolicyDocument = @"{ ""Version"": ""2012-10-17"", ""Statement"": [ { ""Effect"": ""Allow"", ""Principal"": { ""Service"": ""es.amazonaws.com"" }, ""Action"": [ ""logs:PutLogEvents"", ""logs:PutLogEventsBatch"", ""logs:CreateLogStream"" ], ""Resource"": ""arn:aws:logs:*"" } ] } ", PolicyName = "example", }); var exampleDomain = new Aws.ElasticSearch.Domain("exampleDomain", new Aws.ElasticSearch.DomainArgs { LogPublishingOptions = { new Aws.ElasticSearch.Inputs.DomainLogPublishingOptionArgs { CloudwatchLogGroupArn = exampleLogGroup.Arn, LogType = "INDEX_SLOW_LOGS", }, }, }); }
public MyStack() { var elasticsearch_log_publishing_policyPolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs { Statements = { new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs { Actions = { "logs:CreateLogStream", "logs:PutLogEvents", "logs:PutLogEventsBatch", }, Principals = { new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs { Identifiers = { "es.amazonaws.com", }, Type = "Service", }, }, Resources = { "arn:aws:logs:*", }, }, }, })); var elasticsearch_log_publishing_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy("elasticsearch-log-publishing-policyLogResourcePolicy", new Aws.CloudWatch.LogResourcePolicyArgs { PolicyDocument = elasticsearch_log_publishing_policyPolicyDocument.Apply(elasticsearch_log_publishing_policyPolicyDocument => elasticsearch_log_publishing_policyPolicyDocument.Json), PolicyName = "elasticsearch-log-publishing-policy", }); }
public MyStack() { var route53_query_logging_policyPolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs { Statements = { new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs { Actions = { "logs:CreateLogStream", "logs:PutLogEvents", }, Principals = { new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs { Identifiers = { "route53.amazonaws.com", }, Type = "Service", }, }, Resources = { "arn:aws:logs:*:*:log-group:/aws/route53/*", }, }, }, })); var route53_query_logging_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy("route53-query-logging-policyLogResourcePolicy", new Aws.CloudWatch.LogResourcePolicyArgs { PolicyDocument = route53_query_logging_policyPolicyDocument.Apply(route53_query_logging_policyPolicyDocument => route53_query_logging_policyPolicyDocument.Json), PolicyName = "route53-query-logging-policy", }); }
public MyStack() { var us_east_1 = new Aws.Provider("us-east-1", new Aws.ProviderArgs { Region = "us-east-1", }); var awsRoute53ExampleCom = new Aws.CloudWatch.LogGroup("awsRoute53ExampleCom", new Aws.CloudWatch.LogGroupArgs { RetentionInDays = 30, }, new CustomResourceOptions { Provider = "aws.us-east-1", }); var route53_query_logging_policyPolicyDocument = Output.Create(Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs { Statements = { new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs { Actions = { "logs:CreateLogStream", "logs:PutLogEvents", }, Principals = { new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs { Identifiers = { "route53.amazonaws.com", }, Type = "Service", }, }, Resources = { "arn:aws:logs:*:*:log-group:/aws/route53/*", }, }, }, })); var route53_query_logging_policyLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy("route53-query-logging-policyLogResourcePolicy", new Aws.CloudWatch.LogResourcePolicyArgs { PolicyDocument = route53_query_logging_policyPolicyDocument.Apply(route53_query_logging_policyPolicyDocument => route53_query_logging_policyPolicyDocument.Json), PolicyName = "route53-query-logging-policy", }, new CustomResourceOptions { Provider = "aws.us-east-1", }); var exampleComZone = new Aws.Route53.Zone("exampleComZone", new Aws.Route53.ZoneArgs { }); var exampleComQueryLog = new Aws.Route53.QueryLog("exampleComQueryLog", new Aws.Route53.QueryLogArgs { CloudwatchLogGroupArn = awsRoute53ExampleCom.Arn, ZoneId = exampleComZone.ZoneId, }, new CustomResourceOptions { DependsOn = { "aws_cloudwatch_log_resource_policy.route53-query-logging-policy", }, }); }