chore(cloudtrail): better typed event selector apis #8097
Conversation
The event selector APIs now take strongly typed `IFunction` and `IBucket` instead of a string that is expected to contain the ARN. Additionally, add APIs to log all S3 data events and to log all Lambda data events. Change the type of `snsTopic` from `string` to `ITopic`. BREAKING CHANGE: API signatures of `addS3EventSelectors` and `addLambdaEventSelectors` have changed. Their parameters are now strongly typed to accept `IBucket` and `IFunction` respectively. * **cloudtrail:** `addS3EventSelectors` and `addLambdaEventSelectors` can no longer be used to configure all S3 data events or all Lambda data events. Two new APIs `logAllS3DataEvents()` and `logAllLambdaDataEvents()` have been introduced to achieve this. * **cloudtrail:** The property `snsTopic` is now of the type `ITopic`.
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
| public addS3EventSelector(dataResourceValues: string[], options: AddEventSelectorOptions = {}) { | ||
| public addS3EventSelector(s3Selector: S3EventSelector[], options: AddEventSelectorOptions = {}) { | ||
| if (s3Selector.length === 0) { return; } | ||
| const dataResourceValues = s3Selector.map((sel) => `${sel.bucket.bucketArn}/${sel.objectPrefix ?? ''}`); | ||
| return this.addEventSelector(DataResourceType.S3_OBJECT, dataResourceValues, options); |
There was a problem hiding this comment.
If objectPrefix is empty is it ok for the / to be appended?
There was a problem hiding this comment.
I believe so, yes.
From the documentation -
"To log data events for all objects in all S3 buckets in your AWS account, specify the prefix as arn:aws:s3:::.
To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as arn:aws:s3:::bucket-1/. The trail logs data events for all objects in this S3 bucket.
To log data events for specific objects, specify the S3 bucket and object prefix such as arn:aws:s3:::bucket-1/example-images. The trail logs data events for objects in this S3 bucket that match the prefix."
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
Commit Message
chore(cloudtrail): better typed event selector apis (#8097)
The event selector APIs now take strongly typed
IFunctionandIBucketinstead of a string that is expected to contain the ARN.Additionally, add APIs to log all S3 data events and to log all Lambda
data events.
Change the type of
snsTopicfromstringtoITopic.BREAKING CHANGE: API signatures of
addS3EventSelectorsandaddLambdaEventSelectorshave changed. Their parameters are nowstrongly typed to accept
IBucketandIFunctionrespectively.addS3EventSelectorsandaddLambdaEventSelectorscan no longer be used to configure all S3 data events or all Lambda data
events. Two new APIs
logAllS3DataEvents()andlogAllLambdaDataEvents()have been introduced to achieve this.snsTopicis now of the typeITopic.End Commit Message
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license