AWS::CloudTrail::Trail InsightSelector - AWS CloudFormation
SyntaxProperties
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::CloudTrail::Trail InsightSelector

A JSON string that contains a list of Insights types that are logged on a trail.

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

JSON

{
  "EventCategories" : [ String, ... ],
  "InsightType" : String
}

YAML

  EventCategories: 
    - String
  InsightType: String

Properties

EventCategories

Select the event category on which Insights should be enabled.

  • If EventCategories is not provided, the specified Insights types are enabled on management API calls by default.

  • If EventCategories is provided, the given event categories will overwrite the existing ones. For example, if a trail already has Insights enabled on management events, and then a PutInsightSelectors request is made with only data events specified in EventCategories, Insights on management events will be disabled.

Required: No

Type: Array of String

Update requires: No interruption

InsightType

The type of Insights events to log on a trail. ApiCallRateInsight and ApiErrorRateInsight are valid Insight types.

The ApiCallRateInsight Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.

The ApiErrorRateInsight Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.

Required: No

Type: String

Allowed values: ApiCallRateInsight | ApiErrorRateInsight

Update requires: No interruption