integrations

Creates, updates, deletes or gets an integration resource or lists integrations in a region

Overview

Name	`integrations`
Type	Resource
Description	Resource Schema for Logs Integration Resource
Id	`aws.logs.integrations`

Fields

Name	Datatype	Description
`integration_name`	`string`	User provided identifier for integration, unique to the user account.
`integration_type`	`string`	The type of the Integration.
`resource_config`	`object`	OpenSearchResourceConfig for the given Integration
`integration_status`	`string`	Status of creation for the Integration and its resources
`region`	`string`	AWS region.

For more information, see AWS::Logs::Integration.

Methods

Name	Accessible by	Required Params
`create_resource`	`INSERT`	`IntegrationName, IntegrationType, ResourceConfig, region`
`delete_resource`	`DELETE`	`data__Identifier, region`
`list_resources`	`SELECT`	`region`
`get_resource`	`SELECT`	`data__Identifier, region`

`SELECT` examples

Gets all integrations in a region.

SELECT
region,
integration_name,
integration_type,
resource_config,
integration_status
FROM aws.logs.integrations
WHERE region = 'us-east-1';

Gets all properties from an individual integration.

SELECT
region,
integration_name,
integration_type,
resource_config,
integration_status
FROM aws.logs.integrations
WHERE region = 'us-east-1' AND data__Identifier = '<IntegrationName>';

`INSERT` example

Use the following StackQL query and manifest file to create a new integration resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO aws.logs.integrations (
 IntegrationName,
 IntegrationType,
 ResourceConfig,
 region
)
SELECT 
'{{ IntegrationName }}',
 '{{ IntegrationType }}',
 '{{ ResourceConfig }}',
'{{ region }}';

/*+ create */
INSERT INTO aws.logs.integrations (
 IntegrationName,
 IntegrationType,
 ResourceConfig,
 region
)
SELECT 
 '{{ IntegrationName }}',
 '{{ IntegrationType }}',
 '{{ ResourceConfig }}',
 '{{ region }}';

version: 1
name: stack name
description: stack description
providers:
  - aws
globals:
  - name: region
    value: '{{ vars.AWS_REGION }}'
resources:
  - name: integration
    props:
      - name: IntegrationName
        value: '{{ IntegrationName }}'
      - name: IntegrationType
        value: '{{ IntegrationType }}'
      - name: ResourceConfig
        value:
          OpenSearchResourceConfig:
            KmsKeyArn: '{{ KmsKeyArn }}'
            DataSourceRoleArn: null
            DashboardViewerPrincipals:
              - null
            ApplicationARN: null
            RetentionDays: '{{ RetentionDays }}'

`DELETE` example

/*+ delete */
DELETE FROM aws.logs.integrations
WHERE data__Identifier = '<IntegrationName>'
AND region = 'us-east-1';

Permissions

To operate on the integrations resource, the following permissions are required:

Create

logs:PutIntegration,
logs:GetIntegration,
aoss:CreateCollection,
aoss:CreateSecurityPolicy,
aoss:CreateAccessPolicy,
aoss:CreateLifeCyclePolicy,
aoss:BatchGetCollection,
aoss:DeleteCollection,
aoss:DeleteSecurityPolicy,
aoss:DeleteAccessPolicy,
aoss:DeleteLifeCyclePolicy,
aoss:GetAccessPolicy,
aoss:GetSecurityPolicy,
aoss:BatchGetLifecyclePolicy,
aoss:TagResource,
aoss:APIAccessAll,
opensearch:AddDirectQueryDataSource,
opensearch:DeleteDirectQueryDataSource,
opensearch:GetDirectQueryDataSource,
opensearch:CreateApplication,
opensearch:GetApplication,
opensearch:UpdateApplication,
opensearch:DeleteApplication,
opensearch:ApplicationAccessAll,
opensearch:DashboardsAccessAll,
opensearch:StartDirectQuery,
opensearch:GetDirectQuery,
iam:PassRole,
iam:CreateServiceLinkedRole,
iam:AttachRolePolicy,
iam:AttachUserPolicy,
es:AddDirectQueryDataSource,
es:CreateApplication,
es:UpdateApplication,
es:GetApplication,
es:DeleteApplication,
es:DeleteDirectQueryDataSource,
es:GetDirectQueryDataSource,
es:AddTags,
es:ListApplications

Read

logs:GetIntegration

Delete

logs:DeleteIntegration

List

logs:ListIntegrations

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

DELETE example​

Permissions​

Create​

Read​

Delete​

List​