Class: Aws::CloudWatchLogs::Types::PutResourcePolicyRequest

Inherits:
Struct
  • Object
show all
Includes:
Structure
Defined in:
lib/aws-sdk-cloudwatchlogs/types.rb

Overview

Note:

When making an API call, you may pass PutResourcePolicyRequest data as a hash:

{
  policy_name: "PolicyName",
  policy_document: "PolicyDocument",
}

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#policy_documentString

Details of the new policy, including the identity of the principal that is enabled to put logs to this account. This is formatted as a JSON string. This parameter is required.

The following example creates a resource policy enabling the Route 53 service to put DNS query logs in to the specified log group. Replace `“logArn”` with the ARN of your CloudWatch Logs resource, such as a log group or log stream.

CloudWatch Logs also supports [aws:SourceArn] and

aws:SourceAccount][2

condition context keys.

In the example resource policy, you would replace the value of `SourceArn` with the resource making the call from Route 53 to CloudWatch Logs and replace the value of `SourceAccount` with the Amazon Web Services account ID making that call.

`{ “Version”: “2012-10-17”, “Statement”: [ { “Sid”: “Route53LogsToCloudWatchLogs”, “Effect”: “Allow”, “Principal”: { “Service”: [ “route53.amazonaws.com” ] }, “Action”: “logs:PutLogEvents”, “Resource”: “logArn”, “Condition”: { “ArnLike”: { “aws:SourceArn”: “myRoute53ResourceArn” }, “StringEquals”: { “aws:SourceAccount”: “myAwsAccountId” } } } ] }`

[1]: docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourcearn [2]: docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceaccount

Returns:

  • (String)

2262
2263
2264
2265
2266
2267
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 2262

class PutResourcePolicyRequest < Struct.new(
  :policy_name,
  :policy_document)
  SENSITIVE = []
  include Aws::Structure
end

#policy_nameString

Name of the new policy. This parameter is required.

Returns:

  • (String)

2262
2263
2264
2265
2266
2267
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 2262

class PutResourcePolicyRequest < Struct.new(
  :policy_name,
  :policy_document)
  SENSITIVE = []
  include Aws::Structure
end