Metadata-Version: 2.1
Name: aws-cdk.aws-cloudtrail
Version: 1.16.0
Summary: CDK Constructs for AWS CloudTrail
Home-page: https://github.com/aws/aws-cdk
Author: Amazon Web Services
License: UNKNOWN
Project-URL: Source, https://github.com/aws/aws-cdk.git
Platform: UNKNOWN
Requires-Python: >=3.6
Description-Content-Type: text/markdown
Requires-Dist: jsii (~=0.20.2)
Requires-Dist: publication (>=0.0.3)
Requires-Dist: aws-cdk.aws-events (>=1.16.0,~=1.16)
Requires-Dist: aws-cdk.aws-iam (>=1.16.0,~=1.16)
Requires-Dist: aws-cdk.aws-kms (>=1.16.0,~=1.16)
Requires-Dist: aws-cdk.aws-logs (>=1.16.0,~=1.16)
Requires-Dist: aws-cdk.aws-s3 (>=1.16.0,~=1.16)
Requires-Dist: aws-cdk.core (>=1.16.0,~=1.16)

## AWS CloudTrail Construct Library

<html></html>---


![Stability: Experimental](https://img.shields.io/badge/stability-Experimental-important.svg?style=for-the-badge)

> **This is a *developer preview* (public beta) module. Releases might lack important features and might have
> future breaking changes.**
>
> This API is still under active development and subject to non-backward
> compatible changes or removal in any future version. Use of the API is not recommended in production
> environments. Experimental APIs are not subject to the Semantic Versioning model.

---
<html></html>

Add a CloudTrail construct - for ease of setting up CloudTrail logging in your account

Example usage:

```python
# Example may have issues. See https://github.com/aws/jsii/issues/826
import aws_cdk.aws_cloudtrail as cloudtrail

trail = cloudtrail.Trail(self, "CloudTrail")
```

You can instantiate the CloudTrail construct with no arguments - this will by default:
* Create a new S3 Bucket and associated Policy that allows CloudTrail to write to it
* Create a CloudTrail with the following configuration:
* Logging Enabled
* Log file validation enabled
* Multi Region set to true
* Global Service Events set to true
* The created S3 bucket
* CloudWatch Logging Disabled
* No SNS configuartion
* No tags
* No fixed name

You can override any of these properties using the `CloudTrailProps` configuraiton object.

For example, to log to CloudWatch Logs

```python
# Example may have issues. See https://github.com/aws/jsii/issues/826

import aws_cdk.aws_cloudtrail as cloudtrail

trail = cloudtrail.Trail(self, "CloudTrail",
    send_to_cloud_watch_logs=True
)
```

This creates the same setup as above - but also logs events to a created CloudWatch Log stream.
By default, the created log group has a retention period of 365 Days, but this is also configurable.

For using CloudTrail event selector to log specific S3 events,
you can use the `CloudTrailProps` configuration object.
Example:

```python
# Example may have issues. See https://github.com/aws/jsii/issues/826
import aws_cdk.aws_cloudtrail as cloudtrail

trail = cloudtrail.Trail(self, "MyAmazingCloudTrail")

# Adds an event selector to the bucket magic-bucket.
# By default, this includes management events and all operations (Read + Write)
trail.add_s3_event_selector(["arn:aws:s3:::magic-bucket/"])

# Adds an event selector to the bucket foo, with a specific configuration
trail.add_s3_event_selector(["arn:aws:s3:::foo/"],
    include_management_events=False,
    read_write_type=ReadWriteType.ALL
)
```


