import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; import * as enums from "../types/enums"; /** * Specifies a VPC flow log, which enables you to capture IP traffic for a specific network interface, subnet, or VPC. */ export declare class FlowLog extends pulumi.CustomResource { /** * Get an existing FlowLog resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): FlowLog; /** * Returns true if the given object is an instance of FlowLog. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is FlowLog; /** * The Flow Log ID */ readonly awsId: pulumi.Output; /** * The ARN of the IAM role that allows Amazon EC2 to publish flow logs across accounts. */ readonly deliverCrossAccountRole: pulumi.Output; /** * The ARN for the IAM role that permits Amazon EC2 to publish flow logs to a CloudWatch Logs log group in your account. If you specify LogDestinationType as s3 or kinesis-data-firehose, do not specify DeliverLogsPermissionArn or LogGroupName. */ readonly deliverLogsPermissionArn: pulumi.Output; /** * The destination options. */ readonly destinationOptions: pulumi.Output; /** * Specifies the destination to which the flow log data is to be published. Flow log data can be published to a CloudWatch Logs log group, an Amazon S3 bucket, or a Kinesis Firehose stream. The value specified for this parameter depends on the value specified for LogDestinationType. */ readonly logDestination: pulumi.Output; /** * Specifies the type of destination to which the flow log data is to be published. Flow log data can be published to CloudWatch Logs or Amazon S3. */ readonly logDestinationType: pulumi.Output; /** * The fields to include in the flow log record, in the order in which they should appear. */ readonly logFormat: pulumi.Output; /** * The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs. If you specify LogDestinationType as s3 or kinesis-data-firehose, do not specify DeliverLogsPermissionArn or LogGroupName. */ readonly logGroupName: pulumi.Output; /** * The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. You can specify 60 seconds (1 minute) or 600 seconds (10 minutes). */ readonly maxAggregationInterval: pulumi.Output; /** * The ID of the subnet, network interface, or VPC for which you want to create a flow log. */ readonly resourceId: pulumi.Output; /** * The type of resource for which to create the flow log. For example, if you specified a VPC ID for the ResourceId property, specify VPC for this property. */ readonly resourceType: pulumi.Output; /** * The tags to apply to the flow logs. */ readonly tags: pulumi.Output; /** * The type of traffic to log. You can log traffic that the resource accepts or rejects, or all traffic. */ readonly trafficType: pulumi.Output; /** * Create a FlowLog resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: FlowLogArgs, opts?: pulumi.CustomResourceOptions); } /** * The set of arguments for constructing a FlowLog resource. */ export interface FlowLogArgs { /** * The ARN of the IAM role that allows Amazon EC2 to publish flow logs across accounts. */ deliverCrossAccountRole?: pulumi.Input; /** * The ARN for the IAM role that permits Amazon EC2 to publish flow logs to a CloudWatch Logs log group in your account. If you specify LogDestinationType as s3 or kinesis-data-firehose, do not specify DeliverLogsPermissionArn or LogGroupName. */ deliverLogsPermissionArn?: pulumi.Input; /** * The destination options. */ destinationOptions?: pulumi.Input; /** * Specifies the destination to which the flow log data is to be published. Flow log data can be published to a CloudWatch Logs log group, an Amazon S3 bucket, or a Kinesis Firehose stream. The value specified for this parameter depends on the value specified for LogDestinationType. */ logDestination?: pulumi.Input; /** * Specifies the type of destination to which the flow log data is to be published. Flow log data can be published to CloudWatch Logs or Amazon S3. */ logDestinationType?: pulumi.Input; /** * The fields to include in the flow log record, in the order in which they should appear. */ logFormat?: pulumi.Input; /** * The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs. If you specify LogDestinationType as s3 or kinesis-data-firehose, do not specify DeliverLogsPermissionArn or LogGroupName. */ logGroupName?: pulumi.Input; /** * The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. You can specify 60 seconds (1 minute) or 600 seconds (10 minutes). */ maxAggregationInterval?: pulumi.Input; /** * The ID of the subnet, network interface, or VPC for which you want to create a flow log. */ resourceId: pulumi.Input; /** * The type of resource for which to create the flow log. For example, if you specified a VPC ID for the ResourceId property, specify VPC for this property. */ resourceType: pulumi.Input; /** * The tags to apply to the flow logs. */ tags?: pulumi.Input[]>; /** * The type of traffic to log. You can log traffic that the resource accepts or rejects, or all traffic. */ trafficType?: pulumi.Input; }