/AWS1/CL_CWOLOGSENCRYPTIONCONF¶

Configuration for encrypting centralized log groups. This configuration is only applied to destination log groups for which the corresponding source log groups are encrypted using Customer Managed KMS Keys.

`CONSTRUCTOR`¶

IMPORTING¶

Required arguments:¶

`iv_encryptionstrategy` `TYPE /AWS1/CWOENCRYPTIONSTRATEGY` `/AWS1/CWOENCRYPTIONSTRATEGY`¶

Configuration that determines the encryption strategy of the destination log groups. CUSTOMER_MANAGED uses the configured KmsKeyArn to encrypt newly created destination log groups.

Optional arguments:¶

`iv_kmskeyarn` `TYPE /AWS1/CWORESOURCEARN` `/AWS1/CWORESOURCEARN`¶

KMS Key arn belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination.

`iv_encconflictresolstrategy` `TYPE /AWS1/CWOENCCONFLICTRESOLSTRAG` `/AWS1/CWOENCCONFLICTRESOLSTRAG`¶

Conflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key. ALLOW lets centralization go through while SKIP prevents centralization into the destination log group.

Queryable Attributes¶

EncryptionStrategy¶

Configuration that determines the encryption strategy of the destination log groups. CUSTOMER_MANAGED uses the configured KmsKeyArn to encrypt newly created destination log groups.

Accessible with the following methods¶

Method	Description
`GET_ENCRYPTIONSTRATEGY()`	Getter for ENCRYPTIONSTRATEGY, with configurable default
`ASK_ENCRYPTIONSTRATEGY()`	Getter for ENCRYPTIONSTRATEGY w/ exceptions if field has no
`HAS_ENCRYPTIONSTRATEGY()`	Determine if ENCRYPTIONSTRATEGY has a value

KmsKeyArn¶

KMS Key arn belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination.

Accessible with the following methods¶

Method	Description
`GET_KMSKEYARN()`	Getter for KMSKEYARN, with configurable default
`ASK_KMSKEYARN()`	Getter for KMSKEYARN w/ exceptions if field has no value
`HAS_KMSKEYARN()`	Determine if KMSKEYARN has a value

EncryptionConflictResolutionStrategy¶

Conflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key. ALLOW lets centralization go through while SKIP prevents centralization into the destination log group.

Accessible with the following methods¶

Method	Description
`GET_ENCCONFLICTRESOLSTRATEGY()`	Getter for ENCCONFLICTRESOLSTRATEGY, with configurable defau
`ASK_ENCCONFLICTRESOLSTRATEGY()`	Getter for ENCCONFLICTRESOLSTRATEGY w/ exceptions if field h
`HAS_ENCCONFLICTRESOLSTRATEGY()`	Determine if ENCCONFLICTRESOLSTRATEGY has a value

/AWS1/CL_CWOLOGSENCRYPTIONCONF¶

CONSTRUCTOR¶

IMPORTING¶

Required arguments:¶

iv_encryptionstrategy TYPE /AWS1/CWOENCRYPTIONSTRATEGY /AWS1/CWOENCRYPTIONSTRATEGY¶

Optional arguments:¶

iv_kmskeyarn TYPE /AWS1/CWORESOURCEARN /AWS1/CWORESOURCEARN¶

iv_encconflictresolstrategy TYPE /AWS1/CWOENCCONFLICTRESOLSTRAG /AWS1/CWOENCCONFLICTRESOLSTRAG¶

Queryable Attributes¶

EncryptionStrategy¶

Accessible with the following methods¶

KmsKeyArn¶

Accessible with the following methods¶

EncryptionConflictResolutionStrategy¶

Accessible with the following methods¶

`CONSTRUCTOR`¶

`iv_encryptionstrategy` `TYPE /AWS1/CWOENCRYPTIONSTRATEGY` `/AWS1/CWOENCRYPTIONSTRATEGY`¶

`iv_kmskeyarn` `TYPE /AWS1/CWORESOURCEARN` `/AWS1/CWORESOURCEARN`¶

`iv_encconflictresolstrategy` `TYPE /AWS1/CWOENCCONFLICTRESOLSTRAG` `/AWS1/CWOENCCONFLICTRESOLSTRAG`¶