Docs Home
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
aws-native.cloudtrail.EventDataStore
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events that you have logged on your account from the last 7 to 2557 or 3653 days (about seven or ten years) depending on the selected BillingMode.
Create EventDataStore Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new EventDataStore(name: string, args?: EventDataStoreArgs, opts?: CustomResourceOptions);@overload
def EventDataStore(resource_name: str,
args: Optional[EventDataStoreArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def EventDataStore(resource_name: str,
opts: Optional[ResourceOptions] = None,
advanced_event_selectors: Optional[Sequence[EventDataStoreAdvancedEventSelectorArgs]] = None,
billing_mode: Optional[str] = None,
federation_enabled: Optional[bool] = None,
federation_role_arn: Optional[str] = None,
ingestion_enabled: Optional[bool] = None,
insight_selectors: Optional[Sequence[EventDataStoreInsightSelectorArgs]] = None,
insights_destination: Optional[str] = None,
kms_key_id: Optional[str] = None,
multi_region_enabled: Optional[bool] = None,
name: Optional[str] = None,
organization_enabled: Optional[bool] = None,
retention_period: Optional[int] = None,
tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
termination_protection_enabled: Optional[bool] = None)func NewEventDataStore(ctx *Context, name string, args *EventDataStoreArgs, opts ...ResourceOption) (*EventDataStore, error)public EventDataStore(string name, EventDataStoreArgs? args = null, CustomResourceOptions? opts = null)
public EventDataStore(String name, EventDataStoreArgs args)
public EventDataStore(String name, EventDataStoreArgs args, CustomResourceOptions options)
type: aws-native:cloudtrail:EventDataStore
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args EventDataStoreArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args EventDataStoreArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args EventDataStoreArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args EventDataStoreArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args EventDataStoreArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
EventDataStore Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The EventDataStore resource accepts the following input properties:
- Advanced
Event List<Pulumi.Selectors Aws Native. Cloud Trail. Inputs. Event Data Store Advanced Event Selector> - The advanced event selectors that were used to select events for the data store.
- Billing
Mode string - The mode that the event data store will use to charge for event storage.
- Federation
Enabled bool - Indicates whether federation is enabled on an event data store.
- Federation
Role stringArn - The ARN of the role used for event data store federation.
- Ingestion
Enabled bool - Indicates whether the event data store is ingesting events.
- Insight
Selectors List<Pulumi.Aws Native. Cloud Trail. Inputs. Event Data Store Insight Selector> - Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store.
- Insights
Destination string - Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store
- Kms
Key stringId - Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- Multi
Region boolEnabled - Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
- Name string
- The name of the event data store.
- Organization
Enabled bool - Indicates that an event data store is collecting logged events for an organization.
- Retention
Period int - The retention period, in days.
-
List<Pulumi.
Aws Native. Inputs. Tag> - A list of tags.
- Termination
Protection boolEnabled - Indicates whether the event data store is protected from termination.
- Advanced
Event []EventSelectors Data Store Advanced Event Selector Args - The advanced event selectors that were used to select events for the data store.
- Billing
Mode string - The mode that the event data store will use to charge for event storage.
- Federation
Enabled bool - Indicates whether federation is enabled on an event data store.
- Federation
Role stringArn - The ARN of the role used for event data store federation.
- Ingestion
Enabled bool - Indicates whether the event data store is ingesting events.
- Insight
Selectors []EventData Store Insight Selector Args - Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store.
- Insights
Destination string - Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store
- Kms
Key stringId - Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- Multi
Region boolEnabled - Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
- Name string
- The name of the event data store.
- Organization
Enabled bool - Indicates that an event data store is collecting logged events for an organization.
- Retention
Period int - The retention period, in days.
-
Tag
Args - A list of tags.
- Termination
Protection boolEnabled - Indicates whether the event data store is protected from termination.
- advanced
Event List<EventSelectors Data Store Advanced Event Selector> - The advanced event selectors that were used to select events for the data store.
- billing
Mode String - The mode that the event data store will use to charge for event storage.
- federation
Enabled Boolean - Indicates whether federation is enabled on an event data store.
- federation
Role StringArn - The ARN of the role used for event data store federation.
- ingestion
Enabled Boolean - Indicates whether the event data store is ingesting events.
- insight
Selectors List<EventData Store Insight Selector> - Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store.
- insights
Destination String - Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store
- kms
Key StringId - Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi
Region BooleanEnabled - Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
- name String
- The name of the event data store.
- organization
Enabled Boolean - Indicates that an event data store is collecting logged events for an organization.
- retention
Period Integer - The retention period, in days.
- List<Tag>
- A list of tags.
- termination
Protection BooleanEnabled - Indicates whether the event data store is protected from termination.
- advanced
Event EventSelectors Data Store Advanced Event Selector[] - The advanced event selectors that were used to select events for the data store.
- billing
Mode string - The mode that the event data store will use to charge for event storage.
- federation
Enabled boolean - Indicates whether federation is enabled on an event data store.
- federation
Role stringArn - The ARN of the role used for event data store federation.
- ingestion
Enabled boolean - Indicates whether the event data store is ingesting events.
- insight
Selectors EventData Store Insight Selector[] - Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store.
- insights
Destination string - Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store
- kms
Key stringId - Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi
Region booleanEnabled - Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
- name string
- The name of the event data store.
- organization
Enabled boolean - Indicates that an event data store is collecting logged events for an organization.
- retention
Period number - The retention period, in days.
- Tag[]
- A list of tags.
- termination
Protection booleanEnabled - Indicates whether the event data store is protected from termination.
- advanced_
event_ Sequence[Eventselectors Data Store Advanced Event Selector Args] - The advanced event selectors that were used to select events for the data store.
- billing_
mode str - The mode that the event data store will use to charge for event storage.
- federation_
enabled bool - Indicates whether federation is enabled on an event data store.
- federation_
role_ strarn - The ARN of the role used for event data store federation.
- ingestion_
enabled bool - Indicates whether the event data store is ingesting events.
- insight_
selectors Sequence[EventData Store Insight Selector Args] - Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store.
- insights_
destination str - Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store
- kms_
key_ strid - Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi_
region_ boolenabled - Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
- name str
- The name of the event data store.
- organization_
enabled bool - Indicates that an event data store is collecting logged events for an organization.
- retention_
period int - The retention period, in days.
-
Sequence[Tag
Args] - A list of tags.
- termination_
protection_ boolenabled - Indicates whether the event data store is protected from termination.
- advanced
Event List<Property Map>Selectors - The advanced event selectors that were used to select events for the data store.
- billing
Mode String - The mode that the event data store will use to charge for event storage.
- federation
Enabled Boolean - Indicates whether federation is enabled on an event data store.
- federation
Role StringArn - The ARN of the role used for event data store federation.
- ingestion
Enabled Boolean - Indicates whether the event data store is ingesting events.
- insight
Selectors List<Property Map> - Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store.
- insights
Destination String - Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store
- kms
Key StringId - Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
- multi
Region BooleanEnabled - Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
- name String
- The name of the event data store.
- organization
Enabled Boolean - Indicates that an event data store is collecting logged events for an organization.
- retention
Period Number - The retention period, in days.
- List<Property Map>
- A list of tags.
- termination
Protection BooleanEnabled - Indicates whether the event data store is protected from termination.
Outputs
All input properties are implicitly available as output properties. Additionally, the EventDataStore resource produces the following output properties:
- Created
Timestamp string - The timestamp of the event data store's creation.
- Event
Data stringStore Arn - The ARN of the event data store.
- Id string
- The provider-assigned unique ID for this managed resource.
- Status string
- The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION.
- Updated
Timestamp string - The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
- Created
Timestamp string - The timestamp of the event data store's creation.
- Event
Data stringStore Arn - The ARN of the event data store.
- Id string
- The provider-assigned unique ID for this managed resource.
- Status string
- The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION.
- Updated
Timestamp string - The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
- created
Timestamp String - The timestamp of the event data store's creation.
- event
Data StringStore Arn - The ARN of the event data store.
- id String
- The provider-assigned unique ID for this managed resource.
- status String
- The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION.
- updated
Timestamp String - The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
- created
Timestamp string - The timestamp of the event data store's creation.
- event
Data stringStore Arn - The ARN of the event data store.
- id string
- The provider-assigned unique ID for this managed resource.
- status string
- The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION.
- updated
Timestamp string - The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
- created_
timestamp str - The timestamp of the event data store's creation.
- event_
data_ strstore_ arn - The ARN of the event data store.
- id str
- The provider-assigned unique ID for this managed resource.
- status str
- The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION.
- updated_
timestamp str - The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
- created
Timestamp String - The timestamp of the event data store's creation.
- event
Data StringStore Arn - The ARN of the event data store.
- id String
- The provider-assigned unique ID for this managed resource.
- status String
- The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION.
- updated
Timestamp String - The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
Supporting Types
EventDataStoreAdvancedEventSelector, EventDataStoreAdvancedEventSelectorArgs
- Field
Selectors List<Pulumi.Aws Native. Cloud Trail. Inputs. Event Data Store Advanced Field Selector> - Contains all selector statements in an advanced event selector.
- Name string
- An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
- Field
Selectors []EventData Store Advanced Field Selector - Contains all selector statements in an advanced event selector.
- Name string
- An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
- field
Selectors List<EventData Store Advanced Field Selector> - Contains all selector statements in an advanced event selector.
- name String
- An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
- field
Selectors EventData Store Advanced Field Selector[] - Contains all selector statements in an advanced event selector.
- name string
- An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
- field_
selectors Sequence[EventData Store Advanced Field Selector] - Contains all selector statements in an advanced event selector.
- name str
- An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
- field
Selectors List<Property Map> - Contains all selector statements in an advanced event selector.
- name String
- An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
EventDataStoreAdvancedFieldSelector, EventDataStoreAdvancedFieldSelectorArgs
- Field string
- A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN.
- Ends
With List<string> - An operator that includes events that match the last few characters of the event record field specified as the value of Field.
- Equals List<string>
- An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
- Not
Ends List<string>With - An operator that excludes events that match the last few characters of the event record field specified as the value of Field.
- Not
Equals List<string> - An operator that excludes events that match the exact value of the event record field specified as the value of Field.
- Not
Starts List<string>With - An operator that excludes events that match the first few characters of the event record field specified as the value of Field.
- Starts
With List<string> - An operator that includes events that match the first few characters of the event record field specified as the value of Field.
- Field string
- A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN.
- Ends
With []string - An operator that includes events that match the last few characters of the event record field specified as the value of Field.
- Equals []string
- An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
- Not
Ends []stringWith - An operator that excludes events that match the last few characters of the event record field specified as the value of Field.
- Not
Equals []string - An operator that excludes events that match the exact value of the event record field specified as the value of Field.
- Not
Starts []stringWith - An operator that excludes events that match the first few characters of the event record field specified as the value of Field.
- Starts
With []string - An operator that includes events that match the first few characters of the event record field specified as the value of Field.
- field String
- A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN.
- ends
With List<String> - An operator that includes events that match the last few characters of the event record field specified as the value of Field.
- equals_ List<String>
- An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
- not
Ends List<String>With - An operator that excludes events that match the last few characters of the event record field specified as the value of Field.
- not
Equals List<String> - An operator that excludes events that match the exact value of the event record field specified as the value of Field.
- not
Starts List<String>With - An operator that excludes events that match the first few characters of the event record field specified as the value of Field.
- starts
With List<String> - An operator that includes events that match the first few characters of the event record field specified as the value of Field.
- field string
- A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN.
- ends
With string[] - An operator that includes events that match the last few characters of the event record field specified as the value of Field.
- equals string[]
- An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
- not
Ends string[]With - An operator that excludes events that match the last few characters of the event record field specified as the value of Field.
- not
Equals string[] - An operator that excludes events that match the exact value of the event record field specified as the value of Field.
- not
Starts string[]With - An operator that excludes events that match the first few characters of the event record field specified as the value of Field.
- starts
With string[] - An operator that includes events that match the first few characters of the event record field specified as the value of Field.
- field str
- A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN.
- ends_
with Sequence[str] - An operator that includes events that match the last few characters of the event record field specified as the value of Field.
- equals Sequence[str]
- An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
- not_
ends_ Sequence[str]with - An operator that excludes events that match the last few characters of the event record field specified as the value of Field.
- not_
equals Sequence[str] - An operator that excludes events that match the exact value of the event record field specified as the value of Field.
- not_
starts_ Sequence[str]with - An operator that excludes events that match the first few characters of the event record field specified as the value of Field.
- starts_
with Sequence[str] - An operator that includes events that match the first few characters of the event record field specified as the value of Field.
- field String
- A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN.
- ends
With List<String> - An operator that includes events that match the last few characters of the event record field specified as the value of Field.
- equals List<String>
- An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
- not
Ends List<String>With - An operator that excludes events that match the last few characters of the event record field specified as the value of Field.
- not
Equals List<String> - An operator that excludes events that match the exact value of the event record field specified as the value of Field.
- not
Starts List<String>With - An operator that excludes events that match the first few characters of the event record field specified as the value of Field.
- starts
With List<String> - An operator that includes events that match the first few characters of the event record field specified as the value of Field.
EventDataStoreInsightSelector, EventDataStoreInsightSelectorArgs
- Insight
Type string - The type of Insights to log on an event data store.
- Insight
Type string - The type of Insights to log on an event data store.
- insight
Type String - The type of Insights to log on an event data store.
- insight
Type string - The type of Insights to log on an event data store.
- insight_
type str - The type of Insights to log on an event data store.
- insight
Type String - The type of Insights to log on an event data store.
Tag, TagArgs
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi