Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Enhancement]: Add support for data protection in cloudwatch logs #28036

Closed
marcincuber opened this issue Nov 28, 2022 · 4 comments
Closed

[Enhancement]: Add support for data protection in cloudwatch logs #28036

marcincuber opened this issue Nov 28, 2022 · 4 comments
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/logs Issues and PRs that pertain to the logs service.

Comments

@marcincuber
Copy link

marcincuber commented Nov 28, 2022
edited by ewbankkit
Loading

Description

We are excited to announce data protection in Amazon CloudWatch Logs, a new set of capabilities that leverage pattern matching and machine learning capabilities to detect and protect sensitive log data-in-transit.

Affected Resource(s) and/or Data Source(s)

aws_cloudwatch_log_data_protection_policy

Potential Terraform Configuration

resource "aws_cloudwatch_log_data_protection_policy" "example" {
  log_group_arn = aws_cloudwatch_log_group.example.arn

  policy_document = <<EOS
{
}
EOS
}

References

Announcement.
Blog post.

Requires AWS SDK for Go v1.44.146: #28033.

Would you like to implement a fix?

No response
@marcincuber marcincuber added enhancement Requests to existing resources that expand the functionality or scope. needs-triage Waiting for first response or review from a maintainer. labels Nov 28, 2022
@github-actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

@ewbankkit ewbankkit added service/logs Issues and PRs that pertain to the logs service. and removed needs-triage Waiting for first response or review from a maintainer. labels Nov 28, 2022
@roberth-k
Copy link
Contributor

I'll pick this up.

Based on the API, this would involve:

  • Adding a new resource, aws_cloudwatch_log_group_data_protection_policy.
  • Adding a new data source, aws_cloudwatch_log_group_data_protection_policy_document (mimicking aws_iam_policy_document).
  • Adding the computed attribute data_protection_status to aws_cloudwatch_log_group.

@roberth-k roberth-k mentioned this issue Nov 28, 2022
Merged
@roberth-k roberth-k mentioned this issue Dec 9, 2022
Merged
@marcincuber
Copy link
Author

closing as already released

@github-actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jan 14, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/logs Issues and PRs that pertain to the logs service.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ewbankkit @marcincuber @roberth-k