Class: AWSCDK::WAFv2::CfnLoggingConfigurationProps
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::WAFv2::CfnLoggingConfigurationProps
- Defined in:
- wa_fv2/cfn_logging_configuration_props.rb
Overview
Properties for defining a CfnLoggingConfiguration.
Instance Attribute Summary collapse
-
#log_destination_configs ⇒ Array<String, AWSCDK::Interfaces::AWSKinesisfirehose::IDeliveryStreamRef, AWSCDK::Interfaces::AWSLogs::ILogGroupRef, AWSCDK::Interfaces::AWSS3::IBucketRef>
readonly
The logging destination configuration that you want to associate with the web ACL.
-
#logging_filter ⇒ Object?
readonly
Filtering that specifies which web requests are kept in the logs and which are dropped.
-
#redacted_fields ⇒ AWSCDK::IResolvable, ...
readonly
The parts of the request that you want to keep out of the logs.
-
#resource_arn ⇒ String, AWSCDK::Interfaces::AWSWafv2::IWebACLRef
readonly
The Amazon Resource Name (ARN) of the web ACL that you want to associate with
LogDestinationConfigs.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(log_destination_configs:, resource_arn:, logging_filter: nil, redacted_fields: nil) ⇒ CfnLoggingConfigurationProps
constructor
A new instance of CfnLoggingConfigurationProps.
- #to_jsii ⇒ Object
Constructor Details
#initialize(log_destination_configs:, resource_arn:, logging_filter: nil, redacted_fields: nil) ⇒ CfnLoggingConfigurationProps
Returns a new instance of CfnLoggingConfigurationProps.
13 14 15 16 17 18 19 20 21 22 |
# File 'wa_fv2/cfn_logging_configuration_props.rb', line 13 def initialize(log_destination_configs:, resource_arn:, logging_filter: nil, redacted_fields: nil) @log_destination_configs = log_destination_configs Jsii::Type.check_type(@log_destination_configs, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InVuaW9uIjp7InR5cGVzIjpbeyJwcmltaXRpdmUiOiJzdHJpbmcifSx7ImZxbiI6ImF3cy1jZGstbGliLmludGVyZmFjZXMuYXdzX2tpbmVzaXNmaXJlaG9zZS5JRGVsaXZlcnlTdHJlYW1SZWYifSx7ImZxbiI6ImF3cy1jZGstbGliLmludGVyZmFjZXMuYXdzX2xvZ3MuSUxvZ0dyb3VwUmVmIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c19zMy5JQnVja2V0UmVmIn1dfX0sImtpbmQiOiJhcnJheSJ9fQ==")), "logDestinationConfigs") @resource_arn = resource_arn Jsii::Type.check_type(@resource_arn, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoic3RyaW5nIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5pbnRlcmZhY2VzLmF3c193YWZ2Mi5JV2ViQUNMUmVmIn1dfX0=")), "resourceArn") @logging_filter = logging_filter Jsii::Type.check_type(@logging_filter, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "loggingFilter") unless @logging_filter.nil? @redacted_fields = redacted_fields Jsii::Type.check_type(@redacted_fields, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImNvbGxlY3Rpb24iOnsiZWxlbWVudHR5cGUiOnsidW5pb24iOnsidHlwZXMiOlt7ImZxbiI6ImF3cy1jZGstbGliLklSZXNvbHZhYmxlIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5hd3Nfd2FmdjIuQ2ZuTG9nZ2luZ0NvbmZpZ3VyYXRpb24uRmllbGRUb01hdGNoUHJvcGVydHkifV19fSwia2luZCI6ImFycmF5In19XX19")), "redactedFields") unless @redacted_fields.nil? end |
Instance Attribute Details
#log_destination_configs ⇒ Array<String, AWSCDK::Interfaces::AWSKinesisfirehose::IDeliveryStreamRef, AWSCDK::Interfaces::AWSLogs::ILogGroupRef, AWSCDK::Interfaces::AWSS3::IBucketRef> (readonly)
The logging destination configuration that you want to associate with the web ACL.
You can associate one logging destination to a web ACL.
30 31 32 |
# File 'wa_fv2/cfn_logging_configuration_props.rb', line 30 def log_destination_configs @log_destination_configs end |
#logging_filter ⇒ Object? (readonly)
Filtering that specifies which web requests are kept in the logs and which are dropped.
You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.
42 43 44 |
# File 'wa_fv2/cfn_logging_configuration_props.rb', line 42 def logging_filter @logging_filter end |
#redacted_fields ⇒ AWSCDK::IResolvable, ... (readonly)
The parts of the request that you want to keep out of the logs.
For example, if you redact the SingleHeader field, the HEADER field in the logs will be REDACTED for all rules that use the SingleHeader FieldToMatch setting.
If you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs.
Redaction applies only to the component that's specified in the rule's FieldToMatch setting, so the SingleHeader redaction doesn't apply to rules that use the Headers FieldToMatch .
You can specify only the following fields for redaction:
UriPath,QueryString,SingleHeader, andMethod. > This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.
55 56 57 |
# File 'wa_fv2/cfn_logging_configuration_props.rb', line 55 def redacted_fields @redacted_fields end |
#resource_arn ⇒ String, AWSCDK::Interfaces::AWSWafv2::IWebACLRef (readonly)
The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs .
35 36 37 |
# File 'wa_fv2/cfn_logging_configuration_props.rb', line 35 def resource_arn @resource_arn end |
Class Method Details
.jsii_properties ⇒ Object
57 58 59 60 61 62 63 64 |
# File 'wa_fv2/cfn_logging_configuration_props.rb', line 57 def self.jsii_properties { :log_destination_configs => "logDestinationConfigs", :resource_arn => "resourceArn", :logging_filter => "loggingFilter", :redacted_fields => "redactedFields", } end |
Instance Method Details
#to_jsii ⇒ Object
66 67 68 69 70 71 72 73 74 75 |
# File 'wa_fv2/cfn_logging_configuration_props.rb', line 66 def to_jsii result = {} result.merge!({ "logDestinationConfigs" => @log_destination_configs, "resourceArn" => @resource_arn, "loggingFilter" => @logging_filter, "redactedFields" => @redacted_fields, }) result.compact end |