latest--aws-cloudtrail-eventdatastore
sharedA storage lake of event data against which you can run complex SQL-based queries. An event data store can include events that you have logged on your account from the last 90 to 2555 days (about three months to up to seven years).. Source:- https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-cloudtrail.git
Properties
The advanced event selectors that were used to select events for the data store.
Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
The name of the event data store.
Indicates that an event data store is collecting logged events for an organization.
The retention period, in days.
Indicates whether the event data store is protected from termination.
Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
Indicates whether the event data store is ingesting events.
Definitions
A single selector statement in an advanced event selector.
A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN.
An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields.
An operator that includes events that match the first few characters of the event record field specified as the value of Field.
An operator that includes events that match the last few characters of the event record field specified as the value of Field.
An operator that excludes events that match the exact value of the event record field specified as the value of Field.
An operator that excludes events that match the first few characters of the event record field specified as the value of Field.
An operator that excludes events that match the last few characters of the event record field specified as the value of Field.
Advanced event selectors let you create fine-grained selectors for the following AWS CloudTrail event record fields. They help you control costs by logging only those events that are important to you.
Contains all selector statements in an advanced event selector.
An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets".
An arbitrary set of tags (key-value pairs) for this event data store.
The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.