Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Adds a third-party custom source in Amazon Security Lake, from the Amazon Web Services Region where you want to create a custom source. Security Lake can collect logs and events from third-party custom sources. After creating the appropriate IAM role to invoke Glue crawler, use this API to add a custom source name in Security Lake. This operation creates a partition in the Amazon S3 bucket for Security Lake as the target location for log files from the custom source in addition to an associated Glue table and an Glue crawler.
Synopsis
- data CreateCustomLogSource = CreateCustomLogSource' {}
- newCreateCustomLogSource :: Text -> OcsfEventClass -> Text -> Text -> CreateCustomLogSource
- createCustomLogSource_customSourceName :: Lens' CreateCustomLogSource Text
- createCustomLogSource_eventClass :: Lens' CreateCustomLogSource OcsfEventClass
- createCustomLogSource_glueInvocationRoleArn :: Lens' CreateCustomLogSource Text
- createCustomLogSource_logProviderAccountId :: Lens' CreateCustomLogSource Text
- data CreateCustomLogSourceResponse = CreateCustomLogSourceResponse' {}
- newCreateCustomLogSourceResponse :: Int -> Text -> Text -> Text -> Text -> Text -> CreateCustomLogSourceResponse
- createCustomLogSourceResponse_httpStatus :: Lens' CreateCustomLogSourceResponse Int
- createCustomLogSourceResponse_customDataLocation :: Lens' CreateCustomLogSourceResponse Text
- createCustomLogSourceResponse_glueCrawlerName :: Lens' CreateCustomLogSourceResponse Text
- createCustomLogSourceResponse_glueDatabaseName :: Lens' CreateCustomLogSourceResponse Text
- createCustomLogSourceResponse_glueTableName :: Lens' CreateCustomLogSourceResponse Text
- createCustomLogSourceResponse_logProviderAccessRoleArn :: Lens' CreateCustomLogSourceResponse Text
Creating a Request
data CreateCustomLogSource Source #
See: newCreateCustomLogSource
smart constructor.
CreateCustomLogSource' | |
|
Instances
newCreateCustomLogSource Source #
:: Text | |
-> OcsfEventClass | |
-> Text | |
-> Text | |
-> CreateCustomLogSource |
Create a value of CreateCustomLogSource
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:customSourceName:CreateCustomLogSource'
, createCustomLogSource_customSourceName
- The name for a third-party custom source. This must be a Regionally
unique value.
CreateCustomLogSource
, createCustomLogSource_eventClass
- The Open Cybersecurity Schema Framework (OCSF) event class which
describes the type of data that the custom source will send to Security
Lake.
$sel:glueInvocationRoleArn:CreateCustomLogSource'
, createCustomLogSource_glueInvocationRoleArn
- The Amazon Resource Name (ARN) of the Identity and Access Management
(IAM) role to be used by the Glue crawler. The recommended IAM policies
are:
- The managed policy
AWSGlueServiceRole
- A custom policy granting access to your Amazon S3 Data Lake
$sel:logProviderAccountId:CreateCustomLogSource'
, createCustomLogSource_logProviderAccountId
- The Amazon Web Services account ID of the custom source that will write
logs and events into the Amazon S3 Data Lake.
Request Lenses
createCustomLogSource_customSourceName :: Lens' CreateCustomLogSource Text Source #
The name for a third-party custom source. This must be a Regionally unique value.
createCustomLogSource_eventClass :: Lens' CreateCustomLogSource OcsfEventClass Source #
The Open Cybersecurity Schema Framework (OCSF) event class which describes the type of data that the custom source will send to Security Lake.
createCustomLogSource_glueInvocationRoleArn :: Lens' CreateCustomLogSource Text Source #
The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role to be used by the Glue crawler. The recommended IAM policies are:
- The managed policy
AWSGlueServiceRole
- A custom policy granting access to your Amazon S3 Data Lake
createCustomLogSource_logProviderAccountId :: Lens' CreateCustomLogSource Text Source #
The Amazon Web Services account ID of the custom source that will write logs and events into the Amazon S3 Data Lake.
Destructuring the Response
data CreateCustomLogSourceResponse Source #
See: newCreateCustomLogSourceResponse
smart constructor.
CreateCustomLogSourceResponse' | |
|
Instances
newCreateCustomLogSourceResponse Source #
:: Int | |
-> Text | |
-> Text | |
-> Text | |
-> Text | |
-> Text |
|
-> CreateCustomLogSourceResponse |
Create a value of CreateCustomLogSourceResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:CreateCustomLogSourceResponse'
, createCustomLogSourceResponse_httpStatus
- The response's http status code.
$sel:customDataLocation:CreateCustomLogSourceResponse'
, createCustomLogSourceResponse_customDataLocation
- The location of the partition in the Amazon S3 bucket for Security Lake.
$sel:glueCrawlerName:CreateCustomLogSourceResponse'
, createCustomLogSourceResponse_glueCrawlerName
- The name of the Glue crawler.
$sel:glueDatabaseName:CreateCustomLogSourceResponse'
, createCustomLogSourceResponse_glueDatabaseName
- The Glue database where results are written, such as:
arn:aws:daylight:us-east-1::database/sometable/*
.
$sel:glueTableName:CreateCustomLogSourceResponse'
, createCustomLogSourceResponse_glueTableName
- The table name of the Glue crawler.
$sel:logProviderAccessRoleArn:CreateCustomLogSourceResponse'
, createCustomLogSourceResponse_logProviderAccessRoleArn
- The ARN of the IAM role to be used by the entity putting logs into your
custom source partition. Security Lake will apply the correct access
policies to this role, but you must first manually create the trust
policy for this role. The IAM role name must start with the text
'Security Lake'. The IAM role must trust the logProviderAccountId
to
assume the role.
Response Lenses
createCustomLogSourceResponse_httpStatus :: Lens' CreateCustomLogSourceResponse Int Source #
The response's http status code.
createCustomLogSourceResponse_customDataLocation :: Lens' CreateCustomLogSourceResponse Text Source #
The location of the partition in the Amazon S3 bucket for Security Lake.
createCustomLogSourceResponse_glueCrawlerName :: Lens' CreateCustomLogSourceResponse Text Source #
The name of the Glue crawler.
createCustomLogSourceResponse_glueDatabaseName :: Lens' CreateCustomLogSourceResponse Text Source #
The Glue database where results are written, such as:
arn:aws:daylight:us-east-1::database/sometable/*
.
createCustomLogSourceResponse_glueTableName :: Lens' CreateCustomLogSourceResponse Text Source #
The table name of the Glue crawler.
createCustomLogSourceResponse_logProviderAccessRoleArn :: Lens' CreateCustomLogSourceResponse Text Source #
The ARN of the IAM role to be used by the entity putting logs into your
custom source partition. Security Lake will apply the correct access
policies to this role, but you must first manually create the trust
policy for this role. The IAM role name must start with the text
'Security Lake'. The IAM role must trust the logProviderAccountId
to
assume the role.