CfnOrganizationCentralizationRulePropsMixin
- class aws_cdk.mixins_preview.aws_observabilityadmin.mixins.CfnOrganizationCentralizationRulePropsMixin(props, *, strategy=None)
Bases:
MixinDefines how telemetry data should be centralized across an AWS Organization, including source and destination configurations.
- See:
- CloudformationResource:
AWS::ObservabilityAdmin::OrganizationCentralizationRule
- Mixin:
true
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview import mixins from aws_cdk.mixins_preview.aws_observabilityadmin import mixins as observabilityadmin_mixins cfn_organization_centralization_rule_props_mixin = observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin(observabilityadmin_mixins.CfnOrganizationCentralizationRuleMixinProps( rule=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleProperty( destination=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleDestinationProperty( account="account", destination_logs_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.DestinationLogsConfigurationProperty( backup_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.LogsBackupConfigurationProperty( kms_key_arn="kmsKeyArn", region="region" ), logs_encryption_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.LogsEncryptionConfigurationProperty( encryption_conflict_resolution_strategy="encryptionConflictResolutionStrategy", encryption_strategy="encryptionStrategy", kms_key_arn="kmsKeyArn" ) ), region="region" ), source=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleSourceProperty( regions=["regions"], scope="scope", source_logs_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.SourceLogsConfigurationProperty( encrypted_log_group_strategy="encryptedLogGroupStrategy", log_group_selection_criteria="logGroupSelectionCriteria" ) ) ), rule_name="ruleName", tags=[CfnTag( key="key", value="value" )] ), strategy=mixins.PropertyMergeStrategy.OVERRIDE )
Create a mixin to apply properties to
AWS::ObservabilityAdmin::OrganizationCentralizationRule.- Parameters:
props (
Union[CfnOrganizationCentralizationRuleMixinProps,Dict[str,Any]]) – L1 properties to apply.strategy (
Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE
Methods
- apply_to(construct)
Apply the mixin properties to the construct.
- Parameters:
construct (
IConstruct)- Return type:
- supports(construct)
Check if this mixin supports the given construct.
- Parameters:
construct (
IConstruct)- Return type:
bool
Attributes
- CFN_PROPERTY_KEYS = ['rule', 'ruleName', 'tags']
Static Methods
- classmethod is_mixin(x)
(experimental) Checks if
xis a Mixin.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsMixin.- Stability:
experimental
CentralizationRuleDestinationProperty
- class CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleDestinationProperty(*, account=None, destination_logs_configuration=None, region=None)
Bases:
objectConfiguration specifying the primary destination for centralized telemetry data.
- Parameters:
account (
Optional[str]) – The destination account (within the organization) to which the telemetry data should be centralized.destination_logs_configuration (
Union[IResolvable,DestinationLogsConfigurationProperty,Dict[str,Any],None]) – Log specific configuration for centralization destination log groups.region (
Optional[str]) – The primary destination region to which telemetry data should be centralized.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_observabilityadmin import mixins as observabilityadmin_mixins centralization_rule_destination_property = observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleDestinationProperty( account="account", destination_logs_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.DestinationLogsConfigurationProperty( backup_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.LogsBackupConfigurationProperty( kms_key_arn="kmsKeyArn", region="region" ), logs_encryption_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.LogsEncryptionConfigurationProperty( encryption_conflict_resolution_strategy="encryptionConflictResolutionStrategy", encryption_strategy="encryptionStrategy", kms_key_arn="kmsKeyArn" ) ), region="region" )
Attributes
- account
The destination account (within the organization) to which the telemetry data should be centralized.
- destination_logs_configuration
Log specific configuration for centralization destination log groups.
- region
The primary destination region to which telemetry data should be centralized.
CentralizationRuleProperty
- class CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleProperty(*, destination=None, source=None)
Bases:
objectDefines how telemetry data should be centralized across an AWS Organization, including source and destination configurations.
- Parameters:
destination (
Union[IResolvable,CentralizationRuleDestinationProperty,Dict[str,Any],None]) – Configuration determining where the telemetry data should be centralized, backed up, as well as encryption configuration for the primary and backup destinations.source (
Union[IResolvable,CentralizationRuleSourceProperty,Dict[str,Any],None]) – Configuration determining the source of the telemetry data to be centralized.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_observabilityadmin import mixins as observabilityadmin_mixins centralization_rule_property = observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleProperty( destination=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleDestinationProperty( account="account", destination_logs_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.DestinationLogsConfigurationProperty( backup_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.LogsBackupConfigurationProperty( kms_key_arn="kmsKeyArn", region="region" ), logs_encryption_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.LogsEncryptionConfigurationProperty( encryption_conflict_resolution_strategy="encryptionConflictResolutionStrategy", encryption_strategy="encryptionStrategy", kms_key_arn="kmsKeyArn" ) ), region="region" ), source=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleSourceProperty( regions=["regions"], scope="scope", source_logs_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.SourceLogsConfigurationProperty( encrypted_log_group_strategy="encryptedLogGroupStrategy", log_group_selection_criteria="logGroupSelectionCriteria" ) ) )
Attributes
- destination
Configuration determining where the telemetry data should be centralized, backed up, as well as encryption configuration for the primary and backup destinations.
- source
Configuration determining the source of the telemetry data to be centralized.
CentralizationRuleSourceProperty
- class CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleSourceProperty(*, regions=None, scope=None, source_logs_configuration=None)
Bases:
objectConfiguration specifying the source of telemetry data to be centralized.
- Parameters:
regions (
Optional[Sequence[str]]) – The list of source regions from which telemetry data should be centralized.scope (
Optional[str]) – The organizational scope from which telemetry data should be centralized, specified using organization id, accounts or organizational unit ids.source_logs_configuration (
Union[IResolvable,SourceLogsConfigurationProperty,Dict[str,Any],None]) – Log specific configuration for centralization source log groups.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_observabilityadmin import mixins as observabilityadmin_mixins centralization_rule_source_property = observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.CentralizationRuleSourceProperty( regions=["regions"], scope="scope", source_logs_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.SourceLogsConfigurationProperty( encrypted_log_group_strategy="encryptedLogGroupStrategy", log_group_selection_criteria="logGroupSelectionCriteria" ) )
Attributes
- regions
The list of source regions from which telemetry data should be centralized.
- scope
The organizational scope from which telemetry data should be centralized, specified using organization id, accounts or organizational unit ids.
- source_logs_configuration
Log specific configuration for centralization source log groups.
DestinationLogsConfigurationProperty
- class CfnOrganizationCentralizationRulePropsMixin.DestinationLogsConfigurationProperty(*, backup_configuration=None, logs_encryption_configuration=None)
Bases:
objectConfiguration for centralization destination log groups, including encryption and backup settings.
- Parameters:
backup_configuration (
Union[IResolvable,LogsBackupConfigurationProperty,Dict[str,Any],None]) – Configuration defining the backup region and an optional KMS key for the backup destination.logs_encryption_configuration (
Union[IResolvable,LogsEncryptionConfigurationProperty,Dict[str,Any],None]) – The encryption configuration for centralization destination log groups.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_observabilityadmin import mixins as observabilityadmin_mixins destination_logs_configuration_property = observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.DestinationLogsConfigurationProperty( backup_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.LogsBackupConfigurationProperty( kms_key_arn="kmsKeyArn", region="region" ), logs_encryption_configuration=observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.LogsEncryptionConfigurationProperty( encryption_conflict_resolution_strategy="encryptionConflictResolutionStrategy", encryption_strategy="encryptionStrategy", kms_key_arn="kmsKeyArn" ) )
Attributes
- backup_configuration
Configuration defining the backup region and an optional KMS key for the backup destination.
- logs_encryption_configuration
The encryption configuration for centralization destination log groups.
LogsBackupConfigurationProperty
- class CfnOrganizationCentralizationRulePropsMixin.LogsBackupConfigurationProperty(*, kms_key_arn=None, region=None)
Bases:
objectConfiguration for backing up centralized log data to a secondary region.
- Parameters:
kms_key_arn (
Optional[str]) – KMS Key ARN belonging to the primary destination account and backup region, to encrypt newly created central log groups in the backup destination.region (
Optional[str]) – Logs specific backup destination region within the primary destination account to which log data should be centralized.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_observabilityadmin import mixins as observabilityadmin_mixins logs_backup_configuration_property = observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.LogsBackupConfigurationProperty( kms_key_arn="kmsKeyArn", region="region" )
Attributes
- kms_key_arn
KMS Key ARN belonging to the primary destination account and backup region, to encrypt newly created central log groups in the backup destination.
- region
Logs specific backup destination region within the primary destination account to which log data should be centralized.
LogsEncryptionConfigurationProperty
- class CfnOrganizationCentralizationRulePropsMixin.LogsEncryptionConfigurationProperty(*, encryption_conflict_resolution_strategy=None, encryption_strategy=None, kms_key_arn=None)
Bases:
objectConfiguration for encrypting centralized log groups.
This configuration is only applied to destination log groups for which the corresponding source log groups are encrypted using Customer Managed KMS Keys.
- Parameters:
encryption_conflict_resolution_strategy (
Optional[str]) – Conflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key. ALLOW lets centralization go through while SKIP prevents centralization into the destination log group.encryption_strategy (
Optional[str]) – Configuration that determines the encryption strategy of the destination log groups. CUSTOMER_MANAGED uses the configured KmsKeyArn to encrypt newly created destination log groups.kms_key_arn (
Optional[str]) – KMS Key ARN belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_observabilityadmin import mixins as observabilityadmin_mixins logs_encryption_configuration_property = observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.LogsEncryptionConfigurationProperty( encryption_conflict_resolution_strategy="encryptionConflictResolutionStrategy", encryption_strategy="encryptionStrategy", kms_key_arn="kmsKeyArn" )
Attributes
- encryption_conflict_resolution_strategy
Conflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key.
ALLOW lets centralization go through while SKIP prevents centralization into the destination log group.
- encryption_strategy
Configuration that determines the encryption strategy of the destination log groups.
CUSTOMER_MANAGED uses the configured KmsKeyArn to encrypt newly created destination log groups.
- kms_key_arn
KMS Key ARN belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination.
SourceLogsConfigurationProperty
- class CfnOrganizationCentralizationRulePropsMixin.SourceLogsConfigurationProperty(*, encrypted_log_group_strategy=None, log_group_selection_criteria=None)
Bases:
objectConfiguration for selecting and handling source log groups for centralization.
- Parameters:
encrypted_log_group_strategy (
Optional[str]) – A strategy determining whether to centralize source log groups that are encrypted with customer managed KMS keys (CMK). ALLOW will consider CMK encrypted source log groups for centralization while SKIP will skip CMK encrypted source log groups from centralization.log_group_selection_criteria (
Optional[str]) – The selection criteria that specifies which source log groups to centralize. The selection criteria uses the same format as OAM link filters.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_observabilityadmin import mixins as observabilityadmin_mixins source_logs_configuration_property = observabilityadmin_mixins.CfnOrganizationCentralizationRulePropsMixin.SourceLogsConfigurationProperty( encrypted_log_group_strategy="encryptedLogGroupStrategy", log_group_selection_criteria="logGroupSelectionCriteria" )
Attributes
- encrypted_log_group_strategy
A strategy determining whether to centralize source log groups that are encrypted with customer managed KMS keys (CMK).
ALLOW will consider CMK encrypted source log groups for centralization while SKIP will skip CMK encrypted source log groups from centralization.
- log_group_selection_criteria
The selection criteria that specifies which source log groups to centralize.
The selection criteria uses the same format as OAM link filters.