event_data_store
Gets an individual event_data_store resource
Overview
| Name | event_data_store |
| Type | Resource |
| Description | event_data_store |
| Id | awscc.cloudtrail.event_data_store |
Fields
| Name | Datatype | Description |
|---|---|---|
advanced_event_selectors | array | The advanced event selectors that were used to select events for the data store. |
created_timestamp | string | The timestamp of the event data store's creation. |
event_data_store_arn | string | The ARN of the event data store. |
federation_enabled | boolean | Indicates whether federation is enabled on an event data store. |
federation_role_arn | string | The ARN of the role used for event data store federation. |
multi_region_enabled | boolean | Indicates whether the event data store includes events from all regions, or only from the region in which it was created. |
name | string | The name of the event data store. |
organization_enabled | boolean | Indicates that an event data store is collecting logged events for an organization. |
billing_mode | string | The mode that the event data store will use to charge for event storage. |
retention_period | integer | The retention period, in days. |
status | string | The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION. |
termination_protection_enabled | boolean | Indicates whether the event data store is protected from termination. |
updated_timestamp | string | The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp. |
kms_key_id | string | Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier. |
tags | array | |
insight_selectors | array | Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store. |
insights_destination | string | Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store |
ingestion_enabled | boolean | Indicates whether the event data store is ingesting events. |
region | string | AWS region. |
Methods
Currently only SELECT is supported for this resource resource.
Example
SELECT
region,
advanced_event_selectors,
created_timestamp,
event_data_store_arn,
federation_enabled,
federation_role_arn,
multi_region_enabled,
name,
organization_enabled,
billing_mode,
retention_period,
status,
termination_protection_enabled,
updated_timestamp,
kms_key_id,
tags,
insight_selectors,
insights_destination,
ingestion_enabled
FROM awscc.cloudtrail.event_data_store
WHERE data__Identifier = '<EventDataStoreArn>';
Permissions
To operate on the event_data_store resource, the following permissions are required:
Read
CloudTrail:GetEventDataStore,
CloudTrail:ListEventDataStores,
CloudTrail:GetInsightSelectors,
CloudTrail:ListTags
Update
CloudTrail:UpdateEventDataStore,
CloudTrail:RestoreEventDataStore,
CloudTrail:AddTags,
CloudTrail:RemoveTags,
CloudTrail:StartEventDataStoreIngestion,
CloudTrail:StopEventDataStoreIngestion,
CloudTrail:GetEventDataStore,
CloudTrail:PutInsightSelectors,
CloudTrail:GetInsightSelectors,
CloudTrail:EnableFederation,
CloudTrail:DisableFederation,
iam:PassRole,
iam:GetRole,
iam:CreateServiceLinkedRole,
organizations:DescribeOrganization,
organizations:ListAWSServiceAccessForOrganization,
glue:CreateDatabase,
glue:CreateTable,
glue:PassConnection,
lakeformation:RegisterResource,
glue:DeleteTable,
lakeformation:DeregisterResource,
kms:DescribeKey
Delete
CloudTrail:DeleteEventDataStore,
CloudTrail:GetEventDataStore,
CloudTrail:DisableFederation,
glue:DeleteTable,
lakeformation:DeregisterResource