CfnProtectionLogsMixin

class aws_cdk.mixins_preview.aws_shield.mixins.CfnProtectionLogsMixin(log_type, log_delivery)

Bases: Mixin

Enables AWS Shield Advanced for a specific AWS resource.

The resource can be an Amazon CloudFront distribution, Amazon Route 53 hosted zone, AWS Global Accelerator standard accelerator, Elastic IP Address, Application Load Balancer, or a Classic Load Balancer. You can protect Amazon EC2 instances and Network Load Balancers by association with protected Amazon EC2 Elastic IP addresses.

Configure a single ``AWS::Shield::Protection``

Use this protection to protect a single resource at a time.

To configure this Shield Advanced protection through CloudFormation , you must be subscribed to Shield Advanced . You can subscribe through the Shield Advanced console and through the APIs. For more information, see Subscribe to AWS Shield Advanced .

See example templates for Shield Advanced in CloudFormation at aws-samples/aws-shield-advanced-examples .

Configure Shield Advanced using AWS CloudFormation and AWS Firewall Manager

You might be able to use Firewall Manager with AWS CloudFormation to configure Shield Advanced across multiple accounts and protected resources. To do this, your accounts must be part of an organization in AWS Organizations . You can use Firewall Manager to configure Shield Advanced protections for any resource types except for Amazon Route 53 or AWS Global Accelerator .

For an example of this, see the one-click configuration guidance published by the AWS technical community at One-click deployment of Shield Advanced .

Configure multiple protections through the Shield Advanced console

You can add protection to multiple resources at once through the Shield Advanced console . For more information see Getting Started with AWS Shield Advanced and Managing resource protections in AWS Shield Advanced .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-shield-protection.html

CloudformationResource:

AWS::Shield::Protection

Mixin:

true

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import aws_logs as logs
from aws_cdk.mixins_preview.aws_shield import mixins as shield_mixins

# logs_delivery: logs.ILogsDelivery

cfn_protection_logs_mixin = shield_mixins.CfnProtectionLogsMixin("logType", logs_delivery)

Create a mixin to enable vended logs for AWS::Shield::Protection.

Parameters:

  • log_type (str) – Type of logs that are getting vended.

  • log_delivery (ILogsDelivery) – Object in charge of setting up the delivery source, delivery destination, and delivery connection.

Methods

apply_to(resource)

Apply vended logs configuration to the construct.

Parameters:

resource (IConstruct)

Return type:

IConstruct

supports(construct)

Check if this mixin supports the given construct (has vendedLogs property).

Parameters:

construct (IConstruct)

Return type:

bool

Attributes

FLOW_LOGS = <aws_cdk.mixins_preview.aws_shield.mixins.CfnProtectionFlowLogs object>

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Mixin.

Stability:

experimental