Class CfnFlowLog
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.ec2.CfnFlowLog
- All Implemented Interfaces:
IInspectable,ITaggable,software.amazon.jsii.JsiiSerializable,software.constructs.IConstruct,software.constructs.IDependable
@Generated(value="jsii-pacmak/1.98.0 (build 00b106d)",
date="2024-05-08T21:35:05.726Z")
@Stability(Stable)
public class CfnFlowLog
extends CfnResource
implements IInspectable, ITaggable
Specifies a VPC flow log that captures IP traffic for a specified network interface, subnet, or VPC.
To view the log data, use Amazon CloudWatch Logs (CloudWatch Logs) to help troubleshoot connection issues. For example, you can use a flow log to investigate why certain traffic isn't reaching an instance, which can help you diagnose overly restrictive security group rules. For more information, see VPC Flow Logs in the Amazon VPC User Guide .
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.ec2.*;
Object destinationOptions;
CfnFlowLog cfnFlowLog = CfnFlowLog.Builder.create(this, "MyCfnFlowLog")
.resourceId("resourceId")
.resourceType("resourceType")
// the properties below are optional
.deliverCrossAccountRole("deliverCrossAccountRole")
.deliverLogsPermissionArn("deliverLogsPermissionArn")
.destinationOptions(destinationOptions)
.logDestination("logDestination")
.logDestinationType("logDestinationType")
.logFormat("logFormat")
.logGroupName("logGroupName")
.maxAggregationInterval(123)
.tags(List.of(CfnTag.builder()
.key("key")
.value("value")
.build()))
.trafficType("trafficType")
.build();
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic final classA fluent builder forCfnFlowLog.static interfaceDescribes the destination options for a flow log.Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationModeNested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$DefaultNested classes/interfaces inherited from interface software.amazon.awscdk.IInspectable
IInspectable.Jsii$Default, IInspectable.Jsii$ProxyNested classes/interfaces inherited from interface software.amazon.awscdk.ITaggable
ITaggable.Jsii$Default, ITaggable.Jsii$Proxy -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringThe CloudFormation resource type name for this resource class. -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedCfnFlowLog(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protectedCfnFlowLog(software.amazon.jsii.JsiiObjectRef objRef) CfnFlowLog(software.constructs.Construct scope, String id, CfnFlowLogProps props) -
Method Summary
Modifier and TypeMethodDescriptionThe ID of the flow log.The ARN of the IAM role that allows the service to publish flow logs across accounts.The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.The destination options.The destination for the flow log data.The type of destination for the flow log data.The fields to include in the flow log record, in the order in which they should appear.The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record.The ID of the resource to monitor.The type of resource to monitor.getTags()Tag Manager which manages the tags for this resource.The tags to apply to the flow logs.The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic).voidinspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.renderProperties(Map<String, Object> props) voidsetDeliverCrossAccountRole(String value) The ARN of the IAM role that allows the service to publish flow logs across accounts.voidThe ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.voidsetDestinationOptions(Object value) The destination options.voidsetLogDestination(String value) The destination for the flow log data.voidsetLogDestinationType(String value) The type of destination for the flow log data.voidsetLogFormat(String value) The fields to include in the flow log record, in the order in which they should appear.voidsetLogGroupName(String value) The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.voidsetMaxAggregationInterval(Number value) The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record.voidsetResourceId(String value) The ID of the resource to monitor.voidsetResourceType(String value) The type of resource to monitor.voidsetTagsRaw(List<CfnTag> value) The tags to apply to the flow logs.voidsetTrafficType(String value) The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic).Methods inherited from class software.amazon.awscdk.CfnResource
addDeletionOverride, addDependency, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, obtainDependencies, obtainResourceDependencies, removeDependency, replaceDependency, shouldSynthesize, toString, validatePropertiesMethods inherited from class software.amazon.awscdk.CfnRefElement
getRefMethods inherited from class software.amazon.awscdk.CfnElement
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalIdMethods inherited from class software.constructs.Construct
getNode, isConstructMethods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSetMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
-
-
Constructor Details
-
CfnFlowLog
protected CfnFlowLog(software.amazon.jsii.JsiiObjectRef objRef) -
CfnFlowLog
protected CfnFlowLog(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
CfnFlowLog
@Stability(Stable) public CfnFlowLog(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnFlowLogProps props) - Parameters:
scope- Scope in which this resource is defined. This parameter is required.id- Construct identifier for this resource (unique in its scope). This parameter is required.props- Resource properties. This parameter is required.
-
-
Method Details
-
inspect
Examines the CloudFormation resource and discloses attributes.- Specified by:
inspectin interfaceIInspectable- Parameters:
inspector- tree inspector to collect and process attributes. This parameter is required.
-
renderProperties
@Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String, Object> props) - Overrides:
renderPropertiesin classCfnResource- Parameters:
props- This parameter is required.
-
getAttrId
The ID of the flow log.For example,
fl-123456abc123abc1. -
getCfnProperties
- Overrides:
getCfnPropertiesin classCfnResource
-
getTags
Tag Manager which manages the tags for this resource. -
getResourceId
The ID of the resource to monitor. -
setResourceId
The ID of the resource to monitor. -
getResourceType
The type of resource to monitor. -
setResourceType
The type of resource to monitor. -
getDeliverCrossAccountRole
The ARN of the IAM role that allows the service to publish flow logs across accounts. -
setDeliverCrossAccountRole
The ARN of the IAM role that allows the service to publish flow logs across accounts. -
getDeliverLogsPermissionArn
The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination. -
setDeliverLogsPermissionArn
The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination. -
getDestinationOptions
The destination options. -
setDestinationOptions
The destination options. -
getLogDestination
The destination for the flow log data.The meaning of this parameter depends on the destination type.
-
setLogDestination
The destination for the flow log data.The meaning of this parameter depends on the destination type.
-
getLogDestinationType
The type of destination for the flow log data. -
setLogDestinationType
The type of destination for the flow log data. -
getLogFormat
The fields to include in the flow log record, in the order in which they should appear. -
setLogFormat
The fields to include in the flow log record, in the order in which they should appear. -
getLogGroupName
The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs. -
setLogGroupName
The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs. -
getMaxAggregationInterval
The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. -
setMaxAggregationInterval
The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. -
getTagsRaw
The tags to apply to the flow logs. -
setTagsRaw
The tags to apply to the flow logs. -
getTrafficType
The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). -
setTrafficType
The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic).
-