We recommend new projects start with resources from the AWS provider.
aws-native.wafv2.LoggingConfiguration
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
A WAFv2 Logging Configuration Resource Provider
Create LoggingConfiguration Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new LoggingConfiguration(name: string, args: LoggingConfigurationArgs, opts?: CustomResourceOptions);
@overload
def LoggingConfiguration(resource_name: str,
args: LoggingConfigurationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def LoggingConfiguration(resource_name: str,
opts: Optional[ResourceOptions] = None,
log_destination_configs: Optional[Sequence[str]] = None,
resource_arn: Optional[str] = None,
logging_filter: Optional[LoggingFilterPropertiesArgs] = None,
redacted_fields: Optional[Sequence[LoggingConfigurationFieldToMatchArgs]] = None)
func NewLoggingConfiguration(ctx *Context, name string, args LoggingConfigurationArgs, opts ...ResourceOption) (*LoggingConfiguration, error)
public LoggingConfiguration(string name, LoggingConfigurationArgs args, CustomResourceOptions? opts = null)
public LoggingConfiguration(String name, LoggingConfigurationArgs args)
public LoggingConfiguration(String name, LoggingConfigurationArgs args, CustomResourceOptions options)
type: aws-native:wafv2:LoggingConfiguration
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. LoggingConfigurationArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. LoggingConfigurationArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. LoggingConfigurationArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. LoggingConfigurationArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. LoggingConfigurationArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
LoggingConfiguration Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The LoggingConfiguration resource accepts the following input properties:
- Log
Destination Configs This property is required. List<string> - The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL.
- Resource
Arn This property is required. string - The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.
- Logging
Filter Pulumi.Aws Native. Wa Fv2. Inputs. Logging Filter Properties - Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.
- Redacted
Fields List<Pulumi.Aws Native. Wa Fv2. Inputs. Logging Configuration Field To Match> - The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx.
- Log
Destination Configs This property is required. []string - The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL.
- Resource
Arn This property is required. string - The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.
- Logging
Filter LoggingFilter Properties Args - Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.
- Redacted
Fields []LoggingConfiguration Field To Match Args - The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx.
- log
Destination Configs This property is required. List<String> - The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL.
- resource
Arn This property is required. String - The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.
- logging
Filter LoggingFilter Properties - Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.
- redacted
Fields List<LoggingConfiguration Field To Match> - The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx.
- log
Destination Configs This property is required. string[] - The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL.
- resource
Arn This property is required. string - The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.
- logging
Filter LoggingFilter Properties - Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.
- redacted
Fields LoggingConfiguration Field To Match[] - The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx.
- log_
destination_ configs This property is required. Sequence[str] - The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL.
- resource_
arn This property is required. str - The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.
- logging_
filter LoggingFilter Properties Args - Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.
- redacted_
fields Sequence[LoggingConfiguration Field To Match Args] - The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx.
- log
Destination Configs This property is required. List<String> - The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL.
- resource
Arn This property is required. String - The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.
- logging
Filter Property Map - Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.
- redacted
Fields List<Property Map> - The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx.
Outputs
All input properties are implicitly available as output properties. Additionally, the LoggingConfiguration resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Managed
By boolFirewall Manager - Indicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.
- Id string
- The provider-assigned unique ID for this managed resource.
- Managed
By boolFirewall Manager - Indicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.
- id String
- The provider-assigned unique ID for this managed resource.
- managed
By BooleanFirewall Manager - Indicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.
- id string
- The provider-assigned unique ID for this managed resource.
- managed
By booleanFirewall Manager - Indicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.
- id str
- The provider-assigned unique ID for this managed resource.
- managed_
by_ boolfirewall_ manager - Indicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.
- id String
- The provider-assigned unique ID for this managed resource.
- managed
By BooleanFirewall Manager - Indicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.
Supporting Types
LoggingConfigurationCondition, LoggingConfigurationConditionArgs
- Action
Condition Pulumi.Aws Native. Wa Fv2. Inputs. Logging Configuration Condition Action Condition Properties - A single action condition.
- Label
Name Pulumi.Condition Aws Native. Wa Fv2. Inputs. Logging Configuration Condition Label Name Condition Properties - A single label name condition.
- Action
Condition LoggingConfiguration Condition Action Condition Properties - A single action condition.
- Label
Name LoggingCondition Configuration Condition Label Name Condition Properties - A single label name condition.
- action
Condition LoggingConfiguration Condition Action Condition Properties - A single action condition.
- label
Name LoggingCondition Configuration Condition Label Name Condition Properties - A single label name condition.
- action
Condition LoggingConfiguration Condition Action Condition Properties - A single action condition.
- label
Name LoggingCondition Configuration Condition Label Name Condition Properties - A single label name condition.
- action_
condition LoggingConfiguration Condition Action Condition Properties - A single action condition.
- label_
name_ Loggingcondition Configuration Condition Label Name Condition Properties - A single label name condition.
- action
Condition Property Map - A single action condition.
- label
Name Property MapCondition - A single label name condition.
LoggingConfigurationConditionActionConditionProperties, LoggingConfigurationConditionActionConditionPropertiesArgs
- Action
This property is required. Pulumi.Aws Native. Wa Fv2. Logging Configuration Condition Action Condition Properties Action - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
- Action
This property is required. LoggingConfiguration Condition Action Condition Properties Action - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
- action
This property is required. LoggingConfiguration Condition Action Condition Properties Action - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
- action
This property is required. LoggingConfiguration Condition Action Condition Properties Action - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
- action
This property is required. LoggingConfiguration Condition Action Condition Properties Action - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
- action
This property is required. "ALLOW" | "BLOCK" | "COUNT" | "CAPTCHA" | "CHALLENGE" | "EXCLUDED_AS_COUNT" - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
LoggingConfigurationConditionActionConditionPropertiesAction, LoggingConfigurationConditionActionConditionPropertiesActionArgs
- Allow
- ALLOW
- Block
- BLOCK
- Count
- COUNT
- Captcha
- CAPTCHA
- Challenge
- CHALLENGE
- Excluded
As Count - EXCLUDED_AS_COUNT
- Logging
Configuration Condition Action Condition Properties Action Allow - ALLOW
- Logging
Configuration Condition Action Condition Properties Action Block - BLOCK
- Logging
Configuration Condition Action Condition Properties Action Count - COUNT
- Logging
Configuration Condition Action Condition Properties Action Captcha - CAPTCHA
- Logging
Configuration Condition Action Condition Properties Action Challenge - CHALLENGE
- Logging
Configuration Condition Action Condition Properties Action Excluded As Count - EXCLUDED_AS_COUNT
- Allow
- ALLOW
- Block
- BLOCK
- Count
- COUNT
- Captcha
- CAPTCHA
- Challenge
- CHALLENGE
- Excluded
As Count - EXCLUDED_AS_COUNT
- Allow
- ALLOW
- Block
- BLOCK
- Count
- COUNT
- Captcha
- CAPTCHA
- Challenge
- CHALLENGE
- Excluded
As Count - EXCLUDED_AS_COUNT
- ALLOW
- ALLOW
- BLOCK
- BLOCK
- COUNT
- COUNT
- CAPTCHA
- CAPTCHA
- CHALLENGE
- CHALLENGE
- EXCLUDED_AS_COUNT
- EXCLUDED_AS_COUNT
- "ALLOW"
- ALLOW
- "BLOCK"
- BLOCK
- "COUNT"
- COUNT
- "CAPTCHA"
- CAPTCHA
- "CHALLENGE"
- CHALLENGE
- "EXCLUDED_AS_COUNT"
- EXCLUDED_AS_COUNT
LoggingConfigurationConditionLabelNameConditionProperties, LoggingConfigurationConditionLabelNameConditionPropertiesArgs
- Label
Name This property is required. string - The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.
- Label
Name This property is required. string - The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.
- label
Name This property is required. String - The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.
- label
Name This property is required. string - The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.
- label_
name This property is required. str - The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.
- label
Name This property is required. String - The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.
LoggingConfigurationFieldToMatch, LoggingConfigurationFieldToMatchArgs
- Method object
- Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- Query
String object - Inspect the query string. This is the part of a URL that appears after a ? character, if any.
- Single
Header Pulumi.Aws Native. Wa Fv2. Inputs. Logging Configuration Field To Match Single Header Properties - Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive.
- Uri
Path object - Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
- Method interface{}
- Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- Query
String interface{} - Inspect the query string. This is the part of a URL that appears after a ? character, if any.
- Single
Header LoggingConfiguration Field To Match Single Header Properties - Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive.
- Uri
Path interface{} - Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
- method Object
- Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query
String Object - Inspect the query string. This is the part of a URL that appears after a ? character, if any.
- single
Header LoggingConfiguration Field To Match Single Header Properties - Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive.
- uri
Path Object - Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
- method any
- Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query
String any - Inspect the query string. This is the part of a URL that appears after a ? character, if any.
- single
Header LoggingConfiguration Field To Match Single Header Properties - Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive.
- uri
Path any - Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
- method Any
- Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query_
string Any - Inspect the query string. This is the part of a URL that appears after a ? character, if any.
- single_
header LoggingConfiguration Field To Match Single Header Properties - Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive.
- uri_
path Any - Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
- method Any
- Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.
- query
String Any - Inspect the query string. This is the part of a URL that appears after a ? character, if any.
- single
Header Property Map - Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive.
- uri
Path Any - Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.
LoggingConfigurationFieldToMatchSingleHeaderProperties, LoggingConfigurationFieldToMatchSingleHeaderPropertiesArgs
- Name
This property is required. string - The name of the query header to inspect.
- Name
This property is required. string - The name of the query header to inspect.
- name
This property is required. String - The name of the query header to inspect.
- name
This property is required. string - The name of the query header to inspect.
- name
This property is required. str - The name of the query header to inspect.
- name
This property is required. String - The name of the query header to inspect.
LoggingConfigurationFilter, LoggingConfigurationFilterArgs
- Behavior
This property is required. Pulumi.Aws Native. Wa Fv2. Logging Configuration Filter Behavior - How to handle logs that satisfy the filter's conditions and requirement.
- Conditions
This property is required. List<Pulumi.Aws Native. Wa Fv2. Inputs. Logging Configuration Condition> - Match conditions for the filter.
- Requirement
This property is required. Pulumi.Aws Native. Wa Fv2. Logging Configuration Filter Requirement - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
- Behavior
This property is required. LoggingConfiguration Filter Behavior - How to handle logs that satisfy the filter's conditions and requirement.
- Conditions
This property is required. []LoggingConfiguration Condition - Match conditions for the filter.
- Requirement
This property is required. LoggingConfiguration Filter Requirement - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
- behavior
This property is required. LoggingConfiguration Filter Behavior - How to handle logs that satisfy the filter's conditions and requirement.
- conditions
This property is required. List<LoggingConfiguration Condition> - Match conditions for the filter.
- requirement
This property is required. LoggingConfiguration Filter Requirement - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
- behavior
This property is required. LoggingConfiguration Filter Behavior - How to handle logs that satisfy the filter's conditions and requirement.
- conditions
This property is required. LoggingConfiguration Condition[] - Match conditions for the filter.
- requirement
This property is required. LoggingConfiguration Filter Requirement - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
- behavior
This property is required. LoggingConfiguration Filter Behavior - How to handle logs that satisfy the filter's conditions and requirement.
- conditions
This property is required. Sequence[LoggingConfiguration Condition] - Match conditions for the filter.
- requirement
This property is required. LoggingConfiguration Filter Requirement - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
- behavior
This property is required. "KEEP" | "DROP" - How to handle logs that satisfy the filter's conditions and requirement.
- conditions
This property is required. List<Property Map> - Match conditions for the filter.
- requirement
This property is required. "MEETS_ALL" | "MEETS_ANY" - Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.
LoggingConfigurationFilterBehavior, LoggingConfigurationFilterBehaviorArgs
- Keep
- KEEP
- Drop
- DROP
- Logging
Configuration Filter Behavior Keep - KEEP
- Logging
Configuration Filter Behavior Drop - DROP
- Keep
- KEEP
- Drop
- DROP
- Keep
- KEEP
- Drop
- DROP
- KEEP
- KEEP
- DROP
- DROP
- "KEEP"
- KEEP
- "DROP"
- DROP
LoggingConfigurationFilterRequirement, LoggingConfigurationFilterRequirementArgs
- Meets
All - MEETS_ALL
- Meets
Any - MEETS_ANY
- Logging
Configuration Filter Requirement Meets All - MEETS_ALL
- Logging
Configuration Filter Requirement Meets Any - MEETS_ANY
- Meets
All - MEETS_ALL
- Meets
Any - MEETS_ANY
- Meets
All - MEETS_ALL
- Meets
Any - MEETS_ANY
- MEETS_ALL
- MEETS_ALL
- MEETS_ANY
- MEETS_ANY
- "MEETS_ALL"
- MEETS_ALL
- "MEETS_ANY"
- MEETS_ANY
LoggingConfigurationLoggingFilterPropertiesDefaultBehavior, LoggingConfigurationLoggingFilterPropertiesDefaultBehaviorArgs
- Keep
- KEEP
- Drop
- DROP
- Logging
Configuration Logging Filter Properties Default Behavior Keep - KEEP
- Logging
Configuration Logging Filter Properties Default Behavior Drop - DROP
- Keep
- KEEP
- Drop
- DROP
- Keep
- KEEP
- Drop
- DROP
- KEEP
- KEEP
- DROP
- DROP
- "KEEP"
- KEEP
- "DROP"
- DROP
LoggingFilterProperties, LoggingFilterPropertiesArgs
- Default
Behavior This property is required. Pulumi.Aws Native. Wa Fv2. Logging Configuration Logging Filter Properties Default Behavior - Default handling for logs that don't match any of the specified filtering conditions.
- Filters
This property is required. List<Pulumi.Aws Native. Wa Fv2. Inputs. Logging Configuration Filter> - The filters that you want to apply to the logs.
- Default
Behavior This property is required. LoggingConfiguration Logging Filter Properties Default Behavior - Default handling for logs that don't match any of the specified filtering conditions.
- Filters
This property is required. []LoggingConfiguration Filter - The filters that you want to apply to the logs.
- default
Behavior This property is required. LoggingConfiguration Logging Filter Properties Default Behavior - Default handling for logs that don't match any of the specified filtering conditions.
- filters
This property is required. List<LoggingConfiguration Filter> - The filters that you want to apply to the logs.
- default
Behavior This property is required. LoggingConfiguration Logging Filter Properties Default Behavior - Default handling for logs that don't match any of the specified filtering conditions.
- filters
This property is required. LoggingConfiguration Filter[] - The filters that you want to apply to the logs.
- default_
behavior This property is required. LoggingConfiguration Logging Filter Properties Default Behavior - Default handling for logs that don't match any of the specified filtering conditions.
- filters
This property is required. Sequence[LoggingConfiguration Filter] - The filters that you want to apply to the logs.
- default
Behavior This property is required. "KEEP" | "DROP" - Default handling for logs that don't match any of the specified filtering conditions.
- filters
This property is required. List<Property Map> - The filters that you want to apply to the logs.
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.