Class: Ansible::Ruby::Modules::Cloudtrail

Inherits:

Base

• Object
• Ansible::Ruby::Models::Base
• Base
• Ansible::Ruby::Modules::Cloudtrail

Defined in:

lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb

Overview

Creates, deletes, or updates CloudTrail configuration. Ensures logging is also enabled.

Instance Method Summary

• #cloudwatch_logs_log_group_arn ⇒ String^?

  A full ARN specifying a valid CloudWatch log group to which CloudTrail logs will be delivered.

• #cloudwatch_logs_role_arn ⇒ String^?

  Specifies a full ARN for an IAM role that assigns the proper permissions for CloudTrail to create and write to the log group.,See U(docs.aws.amazon.com/awscloudtrail/latest/userguide/send-cloudtrail-events-to-cloudwatch-logs.html),Required when C(cloudwatch_logs_log_group_arn).

• #enable_log_file_validation ⇒ Boolean^?

  Specifies whether log file integrity validation is enabled.,CloudTrail will create a hash for every log file delivered and produce a signed digest file that can be used to ensure log files have not been tampered.

• #enable_logging ⇒ Boolean^?

  Start or stop the CloudTrail logging.

• #include_global_events ⇒ Boolean^?

  Record API calls from global services such as IAM and STS.

• #is_multi_region_trail ⇒ Boolean^?

  Specify whether the trail belongs only to one region or exists in all regions.

• #kms_key_id ⇒ String^?

  Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail.

• #name ⇒ String

  Name for the CloudTrail.,Names are unique per-region unless the CloudTrail is a multi-region trail, in which case it is unique per-account.

• #s3_bucket_name ⇒ String^?

  An existing S3 bucket where CloudTrail will deliver log files.,This bucket should exist and have the proper policy.,See U(docs.aws.amazon.com/awscloudtrail/latest/userguide/aggregating_logs_regions_bucket_policy.html),Required when C(state=present).

• #s3_key_prefix ⇒ String^?

  S3 Key prefix for delivered log files.

• #sns_topic_name ⇒ Object^?

  SNS Topic name to send notifications to when a log file is delivered.

• #state ⇒ :present, ...

  Add or remove CloudTrail configuration.,The following states have been preserved for backwards compatibility.

• #tags ⇒ Object^?

  A hash/dictionary of tags to be applied to the CloudTrail resource.,Remove completely or specify an empty dictionary to remove all tags.

Methods inherited from Base

#ansible_name, #to_h

Methods inherited from Ansible::Ruby::Models::Base

attr_option, attr_options, attribute, fix_inclusion, #initialize, remove_existing_validations, #to_h, validates

Constructor Details

This class inherits a constructor from Ansible::Ruby::Models::Base

Instance Method Details

#cloudwatch_logs_log_group_arn ⇒ String^?

Returns A full ARN specifying a valid CloudWatch log group to which CloudTrail logs will be delivered. The log group should already exist.,See U(docs.aws.amazon.com/awscloudtrail/latest/userguide/send-cloudtrail-events-to-cloudwatch-logs.html),Required when C(cloudwatch_logs_role_arn).

Returns:

• (String, nil) —

  A full ARN specifying a valid CloudWatch log group to which CloudTrail logs will be delivered. The log group should already exist.,See U(docs.aws.amazon.com/awscloudtrail/latest/userguide/send-cloudtrail-events-to-cloudwatch-logs.html),Required when C(cloudwatch_logs_role_arn)

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 51

attribute :cloudwatch_logs_log_group_arn

#cloudwatch_logs_role_arn ⇒ String^?

Returns Specifies a full ARN for an IAM role that assigns the proper permissions for CloudTrail to create and write to the log group.,See U(docs.aws.amazon.com/awscloudtrail/latest/userguide/send-cloudtrail-events-to-cloudwatch-logs.html),Required when C(cloudwatch_logs_log_group_arn).

Returns:

• (String, nil) —

  Specifies a full ARN for an IAM role that assigns the proper permissions for CloudTrail to create and write to the log group.,See U(docs.aws.amazon.com/awscloudtrail/latest/userguide/send-cloudtrail-events-to-cloudwatch-logs.html),Required when C(cloudwatch_logs_log_group_arn)

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 47

attribute :cloudwatch_logs_role_arn

#enable_log_file_validation ⇒ Boolean^?

Returns Specifies whether log file integrity validation is enabled.,CloudTrail will create a hash for every log file delivered and produce a signed digest file that can be used to ensure log files have not been tampered.

Returns:

• (Boolean, nil) —

  Specifies whether log file integrity validation is enabled.,CloudTrail will create a hash for every log file delivered and produce a signed digest file that can be used to ensure log files have not been tampered.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 36

attribute :enable_log_file_validation

#enable_logging ⇒ Boolean^?

Returns Start or stop the CloudTrail logging. If stopped the trail will be paused and will not record events or deliver log files.

Returns:

• (Boolean, nil) —

  Start or stop the CloudTrail logging. If stopped the trail will be paused and will not record events or deliver log files.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 20

attribute :enable_logging

#include_global_events ⇒ Boolean^?

Returns Record API calls from global services such as IAM and STS.

Returns:

• (Boolean, nil) —

  Record API calls from global services such as IAM and STS.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 40

attribute :include_global_events

#is_multi_region_trail ⇒ Boolean^?

Returns Specify whether the trail belongs only to one region or exists in all regions.

Returns:

• (Boolean, nil) —

  Specify whether the trail belongs only to one region or exists in all regions.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 32

attribute :is_multi_region_trail

#kms_key_id ⇒ String^?

Returns Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. This also has the effect of enabling log file encryption.,The value can be an alias name prefixed by “alias/”, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.,See U(docs.aws.amazon.com/awscloudtrail/latest/userguide/encrypting-cloudtrail-log-files-with-aws-kms.html).

Returns:

• (String, nil) —

  Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. This also has the effect of enabling log file encryption.,The value can be an alias name prefixed by “alias/”, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.,See U(docs.aws.amazon.com/awscloudtrail/latest/userguide/encrypting-cloudtrail-log-files-with-aws-kms.html)

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 55

attribute :kms_key_id

#name ⇒ String

Returns Name for the CloudTrail.,Names are unique per-region unless the CloudTrail is a multi-region trail, in which case it is unique per-account.

Returns:

• (String) —

  Name for the CloudTrail.,Names are unique per-region unless the CloudTrail is a multi-region trail, in which case it is unique per-account.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 16

attribute :name

#s3_bucket_name ⇒ String^?

Returns An existing S3 bucket where CloudTrail will deliver log files.,This bucket should exist and have the proper policy.,See U(docs.aws.amazon.com/awscloudtrail/latest/userguide/aggregating_logs_regions_bucket_policy.html),Required when C(state=present).

Returns:

• (String, nil) —

  An existing S3 bucket where CloudTrail will deliver log files.,This bucket should exist and have the proper policy.,See U(docs.aws.amazon.com/awscloudtrail/latest/userguide/aggregating_logs_regions_bucket_policy.html),Required when C(state=present)

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 24

attribute :s3_bucket_name

#s3_key_prefix ⇒ String^?

Returns S3 Key prefix for delivered log files. A trailing slash is not necessary and will be removed.

Returns:

• (String, nil) —

  S3 Key prefix for delivered log files. A trailing slash is not necessary and will be removed.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 28

attribute :s3_key_prefix

#sns_topic_name ⇒ Object^?

Returns SNS Topic name to send notifications to when a log file is delivered.

Returns:

• (Object, nil) —

  SNS Topic name to send notifications to when a log file is delivered

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 44

attribute :sns_topic_name

#state ⇒ :present, ...

Returns Add or remove CloudTrail configuration.,The following states have been preserved for backwards compatibility. C(state=enabled) and C(state=disabled).,enabled=present and disabled=absent.

Returns:

• (:present, :absent, :enabled, :disabled) —

  Add or remove CloudTrail configuration.,The following states have been preserved for backwards compatibility. C(state=enabled) and C(state=disabled).,enabled=present and disabled=absent.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 12

attribute :state

#tags ⇒ Object^?

Returns A hash/dictionary of tags to be applied to the CloudTrail resource.,Remove completely or specify an empty dictionary to remove all tags.

Returns:

• (Object, nil) —

  A hash/dictionary of tags to be applied to the CloudTrail resource.,Remove completely or specify an empty dictionary to remove all tags.

# File 'lib/ansible/ruby/modules/generated/cloud/amazon/cloudtrail.rb', line 59

attribute :tags