destinations
Creates, updates, deletes or gets a destination resource or lists destinations in a region
Overview
| Name | destinations |
| Type | Resource |
| Description | The AWS::Logs::Destination resource specifies a CloudWatch Logs destination. A destination encapsulates a physical resource (such as an Amazon Kinesis data stream) and enables you to subscribe that resource to a stream of log events. |
| Id | aws.logs.destinations |
Fields
| Name | Datatype | Description |
|---|---|---|
arn | string | |
destination_name | string | The name of the destination resource |
destination_policy | string | An IAM policy document that governs which AWS accounts can create subscription filters against this destination. |
role_arn | string | The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource |
target_arn | string | The ARN of the physical target where the log events are delivered (for example, a Kinesis stream) |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | DestinationName, TargetArn, RoleArn, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all destinations in a region.
SELECT
region,
arn,
destination_name,
destination_policy,
role_arn,
target_arn
FROM aws.logs.destinations
WHERE region = 'us-east-1';
Gets all properties from an individual destination.
SELECT
region,
arn,
destination_name,
destination_policy,
role_arn,
target_arn
FROM aws.logs.destinations
WHERE region = 'us-east-1' AND data__Identifier = '<DestinationName>';
INSERT example
Use the following StackQL query and manifest file to create a new destination resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.logs.destinations (
DestinationName,
RoleArn,
TargetArn,
region
)
SELECT
'{{ DestinationName }}',
'{{ RoleArn }}',
'{{ TargetArn }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.logs.destinations (
DestinationName,
DestinationPolicy,
RoleArn,
TargetArn,
region
)
SELECT
'{{ DestinationName }}',
'{{ DestinationPolicy }}',
'{{ RoleArn }}',
'{{ TargetArn }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: destination
props:
- name: DestinationName
value: '{{ DestinationName }}'
- name: DestinationPolicy
value: '{{ DestinationPolicy }}'
- name: RoleArn
value: '{{ RoleArn }}'
- name: TargetArn
value: '{{ TargetArn }}'
DELETE example
/*+ delete */
DELETE FROM aws.logs.destinations
WHERE data__Identifier = '<DestinationName>'
AND region = 'us-east-1';
Permissions
To operate on the destinations resource, the following permissions are required:
Create
logs:PutDestination,
logs:PutDestinationPolicy,
logs:DescribeDestinations,
iam:PassRole
Read
logs:DescribeDestinations
Update
logs:PutDestination,
logs:PutDestinationPolicy,
logs:DescribeDestinations,
iam:PassRole
Delete
logs:DeleteDestination
List
logs:DescribeDestinations