1. Packages
  2. AWS Classic
  3. API Docs
  4. verifiedaccess
  5. InstanceLoggingConfiguration

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi

aws.verifiedaccess.InstanceLoggingConfiguration

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi

    Resource for managing a Verified Access Logging Configuration.

    Example Usage

    With CloudWatch Logging

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.verifiedaccess.InstanceLoggingConfiguration("example", {
        accessLogs: {
            cloudwatchLogs: {
                enabled: true,
                logGroup: exampleAwsCloudwatchLogGroup.id,
            },
        },
        verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.verifiedaccess.InstanceLoggingConfiguration("example",
        access_logs={
            "cloudwatchLogs": {
                "enabled": True,
                "logGroup": example_aws_cloudwatch_log_group["id"],
            },
        },
        verifiedaccess_instance_id=example_aws_verifiedaccess_instance["id"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, "example", &verifiedaccess.InstanceLoggingConfigurationArgs{
    			AccessLogs: &verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{
    				CloudwatchLogs: &verifiedaccess.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs{
    					Enabled:  pulumi.Bool(true),
    					LogGroup: pulumi.Any(exampleAwsCloudwatchLogGroup.Id),
    				},
    			},
    			VerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration("example", new()
        {
            AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs
            {
                CloudwatchLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs
                {
                    Enabled = true,
                    LogGroup = exampleAwsCloudwatchLogGroup.Id,
                },
            },
            VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new InstanceLoggingConfiguration("example", InstanceLoggingConfigurationArgs.builder()
                .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()
                    .cloudwatchLogs(InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs.builder()
                        .enabled(true)
                        .logGroup(exampleAwsCloudwatchLogGroup.id())
                        .build())
                    .build())
                .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:verifiedaccess:InstanceLoggingConfiguration
        properties:
          accessLogs:
            cloudwatchLogs:
              enabled: true
              logGroup: ${exampleAwsCloudwatchLogGroup.id}
          verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}
    

    With Kinesis Data Firehose Logging

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.verifiedaccess.InstanceLoggingConfiguration("example", {
        accessLogs: {
            kinesisDataFirehose: {
                deliveryStream: exampleAwsKinesisFirehoseDeliveryStream.name,
                enabled: true,
            },
        },
        verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.verifiedaccess.InstanceLoggingConfiguration("example",
        access_logs={
            "kinesisDataFirehose": {
                "deliveryStream": example_aws_kinesis_firehose_delivery_stream["name"],
                "enabled": True,
            },
        },
        verifiedaccess_instance_id=example_aws_verifiedaccess_instance["id"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, "example", &verifiedaccess.InstanceLoggingConfigurationArgs{
    			AccessLogs: &verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{
    				KinesisDataFirehose: &verifiedaccess.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs{
    					DeliveryStream: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Name),
    					Enabled:        pulumi.Bool(true),
    				},
    			},
    			VerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration("example", new()
        {
            AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs
            {
                KinesisDataFirehose = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs
                {
                    DeliveryStream = exampleAwsKinesisFirehoseDeliveryStream.Name,
                    Enabled = true,
                },
            },
            VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new InstanceLoggingConfiguration("example", InstanceLoggingConfigurationArgs.builder()
                .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()
                    .kinesisDataFirehose(InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs.builder()
                        .deliveryStream(exampleAwsKinesisFirehoseDeliveryStream.name())
                        .enabled(true)
                        .build())
                    .build())
                .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:verifiedaccess:InstanceLoggingConfiguration
        properties:
          accessLogs:
            kinesisDataFirehose:
              deliveryStream: ${exampleAwsKinesisFirehoseDeliveryStream.name}
              enabled: true
          verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}
    

    With S3 logging

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.verifiedaccess.InstanceLoggingConfiguration("example", {
        accessLogs: {
            s3: {
                bucketName: exampleAwsS3Bucket.id,
                enabled: true,
                prefix: "example",
            },
        },
        verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.verifiedaccess.InstanceLoggingConfiguration("example",
        access_logs={
            "s3": {
                "bucketName": example_aws_s3_bucket["id"],
                "enabled": True,
                "prefix": "example",
            },
        },
        verifiedaccess_instance_id=example_aws_verifiedaccess_instance["id"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, "example", &verifiedaccess.InstanceLoggingConfigurationArgs{
    			AccessLogs: &verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{
    				S3: &verifiedaccess.InstanceLoggingConfigurationAccessLogsS3Args{
    					BucketName: pulumi.Any(exampleAwsS3Bucket.Id),
    					Enabled:    pulumi.Bool(true),
    					Prefix:     pulumi.String("example"),
    				},
    			},
    			VerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration("example", new()
        {
            AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs
            {
                S3 = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsS3Args
                {
                    BucketName = exampleAwsS3Bucket.Id,
                    Enabled = true,
                    Prefix = "example",
                },
            },
            VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsS3Args;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new InstanceLoggingConfiguration("example", InstanceLoggingConfigurationArgs.builder()
                .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()
                    .s3(InstanceLoggingConfigurationAccessLogsS3Args.builder()
                        .bucketName(exampleAwsS3Bucket.id())
                        .enabled(true)
                        .prefix("example")
                        .build())
                    .build())
                .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:verifiedaccess:InstanceLoggingConfiguration
        properties:
          accessLogs:
            s3:
              bucketName: ${exampleAwsS3Bucket.id}
              enabled: true
              prefix: example
          verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}
    

    With all three logging options

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.verifiedaccess.InstanceLoggingConfiguration("example", {
        accessLogs: {
            cloudwatchLogs: {
                enabled: true,
                logGroup: exampleAwsCloudwatchLogGroup.id,
            },
            kinesisDataFirehose: {
                deliveryStream: exampleAwsKinesisFirehoseDeliveryStream.name,
                enabled: true,
            },
            s3: {
                bucketName: exampleAwsS3Bucket.id,
                enabled: true,
            },
        },
        verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.verifiedaccess.InstanceLoggingConfiguration("example",
        access_logs={
            "cloudwatchLogs": {
                "enabled": True,
                "logGroup": example_aws_cloudwatch_log_group["id"],
            },
            "kinesisDataFirehose": {
                "deliveryStream": example_aws_kinesis_firehose_delivery_stream["name"],
                "enabled": True,
            },
            "s3": {
                "bucketName": example_aws_s3_bucket["id"],
                "enabled": True,
            },
        },
        verifiedaccess_instance_id=example_aws_verifiedaccess_instance["id"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, "example", &verifiedaccess.InstanceLoggingConfigurationArgs{
    			AccessLogs: &verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{
    				CloudwatchLogs: &verifiedaccess.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs{
    					Enabled:  pulumi.Bool(true),
    					LogGroup: pulumi.Any(exampleAwsCloudwatchLogGroup.Id),
    				},
    				KinesisDataFirehose: &verifiedaccess.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs{
    					DeliveryStream: pulumi.Any(exampleAwsKinesisFirehoseDeliveryStream.Name),
    					Enabled:        pulumi.Bool(true),
    				},
    				S3: &verifiedaccess.InstanceLoggingConfigurationAccessLogsS3Args{
    					BucketName: pulumi.Any(exampleAwsS3Bucket.Id),
    					Enabled:    pulumi.Bool(true),
    				},
    			},
    			VerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration("example", new()
        {
            AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs
            {
                CloudwatchLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs
                {
                    Enabled = true,
                    LogGroup = exampleAwsCloudwatchLogGroup.Id,
                },
                KinesisDataFirehose = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs
                {
                    DeliveryStream = exampleAwsKinesisFirehoseDeliveryStream.Name,
                    Enabled = true,
                },
                S3 = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsS3Args
                {
                    BucketName = exampleAwsS3Bucket.Id,
                    Enabled = true,
                },
            },
            VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsS3Args;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new InstanceLoggingConfiguration("example", InstanceLoggingConfigurationArgs.builder()
                .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()
                    .cloudwatchLogs(InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs.builder()
                        .enabled(true)
                        .logGroup(exampleAwsCloudwatchLogGroup.id())
                        .build())
                    .kinesisDataFirehose(InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs.builder()
                        .deliveryStream(exampleAwsKinesisFirehoseDeliveryStream.name())
                        .enabled(true)
                        .build())
                    .s3(InstanceLoggingConfigurationAccessLogsS3Args.builder()
                        .bucketName(exampleAwsS3Bucket.id())
                        .enabled(true)
                        .build())
                    .build())
                .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:verifiedaccess:InstanceLoggingConfiguration
        properties:
          accessLogs:
            cloudwatchLogs:
              enabled: true
              logGroup: ${exampleAwsCloudwatchLogGroup.id}
            kinesisDataFirehose:
              deliveryStream: ${exampleAwsKinesisFirehoseDeliveryStream.name}
              enabled: true
            s3:
              bucketName: ${exampleAwsS3Bucket.id}
              enabled: true
          verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}
    

    With include_trust_context

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.verifiedaccess.InstanceLoggingConfiguration("example", {
        accessLogs: {
            includeTrustContext: true,
        },
        verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.verifiedaccess.InstanceLoggingConfiguration("example",
        access_logs={
            "includeTrustContext": True,
        },
        verifiedaccess_instance_id=example_aws_verifiedaccess_instance["id"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, "example", &verifiedaccess.InstanceLoggingConfigurationArgs{
    			AccessLogs: &verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{
    				IncludeTrustContext: pulumi.Bool(true),
    			},
    			VerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration("example", new()
        {
            AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs
            {
                IncludeTrustContext = true,
            },
            VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new InstanceLoggingConfiguration("example", InstanceLoggingConfigurationArgs.builder()
                .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()
                    .includeTrustContext(true)
                    .build())
                .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:verifiedaccess:InstanceLoggingConfiguration
        properties:
          accessLogs:
            includeTrustContext: true
          verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}
    

    With log_version

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.verifiedaccess.InstanceLoggingConfiguration("example", {
        accessLogs: {
            logVersion: "ocsf-1.0.0-rc.2",
        },
        verifiedaccessInstanceId: exampleAwsVerifiedaccessInstance.id,
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.verifiedaccess.InstanceLoggingConfiguration("example",
        access_logs={
            "logVersion": "ocsf-1.0.0-rc.2",
        },
        verifiedaccess_instance_id=example_aws_verifiedaccess_instance["id"])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/verifiedaccess"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, "example", &verifiedaccess.InstanceLoggingConfigurationArgs{
    			AccessLogs: &verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{
    				LogVersion: pulumi.String("ocsf-1.0.0-rc.2"),
    			},
    			VerifiedaccessInstanceId: pulumi.Any(exampleAwsVerifiedaccessInstance.Id),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.VerifiedAccess.InstanceLoggingConfiguration("example", new()
        {
            AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs
            {
                LogVersion = "ocsf-1.0.0-rc.2",
            },
            VerifiedaccessInstanceId = exampleAwsVerifiedaccessInstance.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfiguration;
    import com.pulumi.aws.verifiedaccess.InstanceLoggingConfigurationArgs;
    import com.pulumi.aws.verifiedaccess.inputs.InstanceLoggingConfigurationAccessLogsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new InstanceLoggingConfiguration("example", InstanceLoggingConfigurationArgs.builder()
                .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()
                    .logVersion("ocsf-1.0.0-rc.2")
                    .build())
                .verifiedaccessInstanceId(exampleAwsVerifiedaccessInstance.id())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:verifiedaccess:InstanceLoggingConfiguration
        properties:
          accessLogs:
            logVersion: ocsf-1.0.0-rc.2
          verifiedaccessInstanceId: ${exampleAwsVerifiedaccessInstance.id}
    

    Create InstanceLoggingConfiguration Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new InstanceLoggingConfiguration(name: string, args: InstanceLoggingConfigurationArgs, opts?: CustomResourceOptions);
    @overload
    def InstanceLoggingConfiguration(resource_name: str,
                                     args: InstanceLoggingConfigurationArgs,
                                     opts: Optional[ResourceOptions] = None)
    
    @overload
    def InstanceLoggingConfiguration(resource_name: str,
                                     opts: Optional[ResourceOptions] = None,
                                     access_logs: Optional[InstanceLoggingConfigurationAccessLogsArgs] = None,
                                     verifiedaccess_instance_id: Optional[str] = None)
    func NewInstanceLoggingConfiguration(ctx *Context, name string, args InstanceLoggingConfigurationArgs, opts ...ResourceOption) (*InstanceLoggingConfiguration, error)
    public InstanceLoggingConfiguration(string name, InstanceLoggingConfigurationArgs args, CustomResourceOptions? opts = null)
    public InstanceLoggingConfiguration(String name, InstanceLoggingConfigurationArgs args)
    public InstanceLoggingConfiguration(String name, InstanceLoggingConfigurationArgs args, CustomResourceOptions options)
    
    type: aws:verifiedaccess:InstanceLoggingConfiguration
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args InstanceLoggingConfigurationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args InstanceLoggingConfigurationArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args InstanceLoggingConfigurationArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args InstanceLoggingConfigurationArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args InstanceLoggingConfigurationArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var instanceLoggingConfigurationResource = new Aws.VerifiedAccess.InstanceLoggingConfiguration("instanceLoggingConfigurationResource", new()
    {
        AccessLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsArgs
        {
            CloudwatchLogs = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs
            {
                Enabled = false,
                LogGroup = "string",
            },
            IncludeTrustContext = false,
            KinesisDataFirehose = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs
            {
                Enabled = false,
                DeliveryStream = "string",
            },
            LogVersion = "string",
            S3 = new Aws.VerifiedAccess.Inputs.InstanceLoggingConfigurationAccessLogsS3Args
            {
                Enabled = false,
                BucketName = "string",
                BucketOwner = "string",
                Prefix = "string",
            },
        },
        VerifiedaccessInstanceId = "string",
    });
    
    example, err := verifiedaccess.NewInstanceLoggingConfiguration(ctx, "instanceLoggingConfigurationResource", &verifiedaccess.InstanceLoggingConfigurationArgs{
    	AccessLogs: &verifiedaccess.InstanceLoggingConfigurationAccessLogsArgs{
    		CloudwatchLogs: &verifiedaccess.InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs{
    			Enabled:  pulumi.Bool(false),
    			LogGroup: pulumi.String("string"),
    		},
    		IncludeTrustContext: pulumi.Bool(false),
    		KinesisDataFirehose: &verifiedaccess.InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs{
    			Enabled:        pulumi.Bool(false),
    			DeliveryStream: pulumi.String("string"),
    		},
    		LogVersion: pulumi.String("string"),
    		S3: &verifiedaccess.InstanceLoggingConfigurationAccessLogsS3Args{
    			Enabled:     pulumi.Bool(false),
    			BucketName:  pulumi.String("string"),
    			BucketOwner: pulumi.String("string"),
    			Prefix:      pulumi.String("string"),
    		},
    	},
    	VerifiedaccessInstanceId: pulumi.String("string"),
    })
    
    var instanceLoggingConfigurationResource = new InstanceLoggingConfiguration("instanceLoggingConfigurationResource", InstanceLoggingConfigurationArgs.builder()
        .accessLogs(InstanceLoggingConfigurationAccessLogsArgs.builder()
            .cloudwatchLogs(InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs.builder()
                .enabled(false)
                .logGroup("string")
                .build())
            .includeTrustContext(false)
            .kinesisDataFirehose(InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs.builder()
                .enabled(false)
                .deliveryStream("string")
                .build())
            .logVersion("string")
            .s3(InstanceLoggingConfigurationAccessLogsS3Args.builder()
                .enabled(false)
                .bucketName("string")
                .bucketOwner("string")
                .prefix("string")
                .build())
            .build())
        .verifiedaccessInstanceId("string")
        .build());
    
    instance_logging_configuration_resource = aws.verifiedaccess.InstanceLoggingConfiguration("instanceLoggingConfigurationResource",
        access_logs={
            "cloudwatchLogs": {
                "enabled": False,
                "logGroup": "string",
            },
            "includeTrustContext": False,
            "kinesisDataFirehose": {
                "enabled": False,
                "deliveryStream": "string",
            },
            "logVersion": "string",
            "s3": {
                "enabled": False,
                "bucketName": "string",
                "bucketOwner": "string",
                "prefix": "string",
            },
        },
        verifiedaccess_instance_id="string")
    
    const instanceLoggingConfigurationResource = new aws.verifiedaccess.InstanceLoggingConfiguration("instanceLoggingConfigurationResource", {
        accessLogs: {
            cloudwatchLogs: {
                enabled: false,
                logGroup: "string",
            },
            includeTrustContext: false,
            kinesisDataFirehose: {
                enabled: false,
                deliveryStream: "string",
            },
            logVersion: "string",
            s3: {
                enabled: false,
                bucketName: "string",
                bucketOwner: "string",
                prefix: "string",
            },
        },
        verifiedaccessInstanceId: "string",
    });
    
    type: aws:verifiedaccess:InstanceLoggingConfiguration
    properties:
        accessLogs:
            cloudwatchLogs:
                enabled: false
                logGroup: string
            includeTrustContext: false
            kinesisDataFirehose:
                deliveryStream: string
                enabled: false
            logVersion: string
            s3:
                bucketName: string
                bucketOwner: string
                enabled: false
                prefix: string
        verifiedaccessInstanceId: string
    

    InstanceLoggingConfiguration Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The InstanceLoggingConfiguration resource accepts the following input properties:

    AccessLogs InstanceLoggingConfigurationAccessLogs
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    VerifiedaccessInstanceId string
    The ID of the Verified Access instance.
    AccessLogs InstanceLoggingConfigurationAccessLogsArgs
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    VerifiedaccessInstanceId string
    The ID of the Verified Access instance.
    accessLogs InstanceLoggingConfigurationAccessLogs
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    verifiedaccessInstanceId String
    The ID of the Verified Access instance.
    accessLogs InstanceLoggingConfigurationAccessLogs
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    verifiedaccessInstanceId string
    The ID of the Verified Access instance.
    access_logs InstanceLoggingConfigurationAccessLogsArgs
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    verifiedaccess_instance_id str
    The ID of the Verified Access instance.
    accessLogs Property Map
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    verifiedaccessInstanceId String
    The ID of the Verified Access instance.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the InstanceLoggingConfiguration resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing InstanceLoggingConfiguration Resource

    Get an existing InstanceLoggingConfiguration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: InstanceLoggingConfigurationState, opts?: CustomResourceOptions): InstanceLoggingConfiguration
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            access_logs: Optional[InstanceLoggingConfigurationAccessLogsArgs] = None,
            verifiedaccess_instance_id: Optional[str] = None) -> InstanceLoggingConfiguration
    func GetInstanceLoggingConfiguration(ctx *Context, name string, id IDInput, state *InstanceLoggingConfigurationState, opts ...ResourceOption) (*InstanceLoggingConfiguration, error)
    public static InstanceLoggingConfiguration Get(string name, Input<string> id, InstanceLoggingConfigurationState? state, CustomResourceOptions? opts = null)
    public static InstanceLoggingConfiguration get(String name, Output<String> id, InstanceLoggingConfigurationState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccessLogs InstanceLoggingConfigurationAccessLogs
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    VerifiedaccessInstanceId string
    The ID of the Verified Access instance.
    AccessLogs InstanceLoggingConfigurationAccessLogsArgs
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    VerifiedaccessInstanceId string
    The ID of the Verified Access instance.
    accessLogs InstanceLoggingConfigurationAccessLogs
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    verifiedaccessInstanceId String
    The ID of the Verified Access instance.
    accessLogs InstanceLoggingConfigurationAccessLogs
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    verifiedaccessInstanceId string
    The ID of the Verified Access instance.
    access_logs InstanceLoggingConfigurationAccessLogsArgs
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    verifiedaccess_instance_id str
    The ID of the Verified Access instance.
    accessLogs Property Map
    A block that specifies the configuration options for Verified Access instances. Detailed below.
    verifiedaccessInstanceId String
    The ID of the Verified Access instance.

    Supporting Types

    InstanceLoggingConfigurationAccessLogs, InstanceLoggingConfigurationAccessLogsArgs

    CloudwatchLogs InstanceLoggingConfigurationAccessLogsCloudwatchLogs
    A block that specifies configures sending Verified Access logs to CloudWatch Logs. Detailed below.
    IncludeTrustContext bool
    Include trust data sent by trust providers into the logs.
    KinesisDataFirehose InstanceLoggingConfigurationAccessLogsKinesisDataFirehose
    A block that specifies configures sending Verified Access logs to Kinesis. Detailed below.
    LogVersion string
    The logging version to use. Refer to VerifiedAccessLogOptions for the allowed values.
    S3 InstanceLoggingConfigurationAccessLogsS3
    A block that specifies configures sending Verified Access logs to S3. Detailed below.
    CloudwatchLogs InstanceLoggingConfigurationAccessLogsCloudwatchLogs
    A block that specifies configures sending Verified Access logs to CloudWatch Logs. Detailed below.
    IncludeTrustContext bool
    Include trust data sent by trust providers into the logs.
    KinesisDataFirehose InstanceLoggingConfigurationAccessLogsKinesisDataFirehose
    A block that specifies configures sending Verified Access logs to Kinesis. Detailed below.
    LogVersion string
    The logging version to use. Refer to VerifiedAccessLogOptions for the allowed values.
    S3 InstanceLoggingConfigurationAccessLogsS3
    A block that specifies configures sending Verified Access logs to S3. Detailed below.
    cloudwatchLogs InstanceLoggingConfigurationAccessLogsCloudwatchLogs
    A block that specifies configures sending Verified Access logs to CloudWatch Logs. Detailed below.
    includeTrustContext Boolean
    Include trust data sent by trust providers into the logs.
    kinesisDataFirehose InstanceLoggingConfigurationAccessLogsKinesisDataFirehose
    A block that specifies configures sending Verified Access logs to Kinesis. Detailed below.
    logVersion String
    The logging version to use. Refer to VerifiedAccessLogOptions for the allowed values.
    s3 InstanceLoggingConfigurationAccessLogsS3
    A block that specifies configures sending Verified Access logs to S3. Detailed below.
    cloudwatchLogs InstanceLoggingConfigurationAccessLogsCloudwatchLogs
    A block that specifies configures sending Verified Access logs to CloudWatch Logs. Detailed below.
    includeTrustContext boolean
    Include trust data sent by trust providers into the logs.
    kinesisDataFirehose InstanceLoggingConfigurationAccessLogsKinesisDataFirehose
    A block that specifies configures sending Verified Access logs to Kinesis. Detailed below.
    logVersion string
    The logging version to use. Refer to VerifiedAccessLogOptions for the allowed values.
    s3 InstanceLoggingConfigurationAccessLogsS3
    A block that specifies configures sending Verified Access logs to S3. Detailed below.
    cloudwatch_logs InstanceLoggingConfigurationAccessLogsCloudwatchLogs
    A block that specifies configures sending Verified Access logs to CloudWatch Logs. Detailed below.
    include_trust_context bool
    Include trust data sent by trust providers into the logs.
    kinesis_data_firehose InstanceLoggingConfigurationAccessLogsKinesisDataFirehose
    A block that specifies configures sending Verified Access logs to Kinesis. Detailed below.
    log_version str
    The logging version to use. Refer to VerifiedAccessLogOptions for the allowed values.
    s3 InstanceLoggingConfigurationAccessLogsS3
    A block that specifies configures sending Verified Access logs to S3. Detailed below.
    cloudwatchLogs Property Map
    A block that specifies configures sending Verified Access logs to CloudWatch Logs. Detailed below.
    includeTrustContext Boolean
    Include trust data sent by trust providers into the logs.
    kinesisDataFirehose Property Map
    A block that specifies configures sending Verified Access logs to Kinesis. Detailed below.
    logVersion String
    The logging version to use. Refer to VerifiedAccessLogOptions for the allowed values.
    s3 Property Map
    A block that specifies configures sending Verified Access logs to S3. Detailed below.

    InstanceLoggingConfigurationAccessLogsCloudwatchLogs, InstanceLoggingConfigurationAccessLogsCloudwatchLogsArgs

    Enabled bool
    Indicates whether logging is enabled.
    LogGroup string
    The name of the CloudWatch Logs Log Group.
    Enabled bool
    Indicates whether logging is enabled.
    LogGroup string
    The name of the CloudWatch Logs Log Group.
    enabled Boolean
    Indicates whether logging is enabled.
    logGroup String
    The name of the CloudWatch Logs Log Group.
    enabled boolean
    Indicates whether logging is enabled.
    logGroup string
    The name of the CloudWatch Logs Log Group.
    enabled bool
    Indicates whether logging is enabled.
    log_group str
    The name of the CloudWatch Logs Log Group.
    enabled Boolean
    Indicates whether logging is enabled.
    logGroup String
    The name of the CloudWatch Logs Log Group.

    InstanceLoggingConfigurationAccessLogsKinesisDataFirehose, InstanceLoggingConfigurationAccessLogsKinesisDataFirehoseArgs

    Enabled bool
    Indicates whether logging is enabled.
    DeliveryStream string
    The name of the delivery stream.
    Enabled bool
    Indicates whether logging is enabled.
    DeliveryStream string
    The name of the delivery stream.
    enabled Boolean
    Indicates whether logging is enabled.
    deliveryStream String
    The name of the delivery stream.
    enabled boolean
    Indicates whether logging is enabled.
    deliveryStream string
    The name of the delivery stream.
    enabled bool
    Indicates whether logging is enabled.
    delivery_stream str
    The name of the delivery stream.
    enabled Boolean
    Indicates whether logging is enabled.
    deliveryStream String
    The name of the delivery stream.

    InstanceLoggingConfigurationAccessLogsS3, InstanceLoggingConfigurationAccessLogsS3Args

    Enabled bool
    Indicates whether logging is enabled.
    BucketName string
    The name of S3 bucket.
    BucketOwner string
    The ID of the AWS account that owns the Amazon S3 bucket.
    Prefix string
    The bucket prefix.
    Enabled bool
    Indicates whether logging is enabled.
    BucketName string
    The name of S3 bucket.
    BucketOwner string
    The ID of the AWS account that owns the Amazon S3 bucket.
    Prefix string
    The bucket prefix.
    enabled Boolean
    Indicates whether logging is enabled.
    bucketName String
    The name of S3 bucket.
    bucketOwner String
    The ID of the AWS account that owns the Amazon S3 bucket.
    prefix String
    The bucket prefix.
    enabled boolean
    Indicates whether logging is enabled.
    bucketName string
    The name of S3 bucket.
    bucketOwner string
    The ID of the AWS account that owns the Amazon S3 bucket.
    prefix string
    The bucket prefix.
    enabled bool
    Indicates whether logging is enabled.
    bucket_name str
    The name of S3 bucket.
    bucket_owner str
    The ID of the AWS account that owns the Amazon S3 bucket.
    prefix str
    The bucket prefix.
    enabled Boolean
    Indicates whether logging is enabled.
    bucketName String
    The name of S3 bucket.
    bucketOwner String
    The ID of the AWS account that owns the Amazon S3 bucket.
    prefix String
    The bucket prefix.

    Import

    Using pulumi import, import Verified Access Logging Configuration using the Verified Access Instance id. For example:

    $ pulumi import aws:verifiedaccess/instanceLoggingConfiguration:InstanceLoggingConfiguration example vai-1234567890abcdef0
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.42.0 published on Wednesday, Jun 26, 2024 by Pulumi