Module Values.PutDataProtectionPolicyResponseSource

Creates a data protection policy for the specified log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. Sensitive data is detected and masked when it is ingested into the log group. When you set a data protection policy, log events ingested into the log group before that time are not masked. By default, when a user views a log event that includes masked data, the sensitive data is replaced by asterisks. A user who has the logs:Unmask permission can use a GetLogEvents or FilterLogEvents operation with the unmask parameter set to true to view the unmasked log events. Users with the logs:Unmask can also view unmasked data in the CloudWatch Logs console by running a CloudWatch Logs Insights query with the unmask query command. For more information, including a list of types of data that can be audited and masked, see Protect sensitive log data with masking. The PutDataProtectionPolicy operation applies to only the specified log group. You can also use PutAccountPolicy to create an account-level data protection policy that applies to all log groups in the account, including both existing log groups and log groups that are created level. If a log group has its own data protection policy and the account also has an account-level data protection policy, then the two policies are cumulative. Any sensitive term specified in either policy is masked.

Sourcetype nonrec t = {
  1. logGroupIdentifier : LogGroupIdentifier.t option;
    (*

    The log group name or ARN that you specified in your request.

    *)
  2. policyDocument : DataProtectionPolicyDocument.t option;
    (*

    The data protection policy used for this log group.

    *)
  3. lastUpdatedTime : Timestamp.t option;
    (*

    The date and time that this policy was most recently updated.

    *)
}
Sourcetype nonrec error = [
  1. | `InvalidParameterException of InvalidParameterException.t
  2. | `LimitExceededException of LimitExceededException.t
  3. | `OperationAbortedException of OperationAbortedException.t
  4. | `ResourceNotFoundException of ResourceNotFoundException.t
  5. | `ServiceUnavailableException of ServiceUnavailableException.t
  6. | `Unknown_operation_error of string * string option
]
Sourceval make : ?logGroupIdentifier:??? -> ?policyDocument:??? -> ?lastUpdatedTime:??? -> unit -> t
Sourceval error_of_json : string -> Yojson.Safe.t -> [> `InvalidParameterException of unit | `LimitExceededException of unit | `OperationAbortedException of unit | `ResourceNotFoundException of unit | `ServiceUnavailableException of unit | `Unknown_operation_error of string * string option ]
Sourceval error_of_xml : string -> Awso.Xml.t -> [> `InvalidParameterException of unit | `LimitExceededException of unit | `OperationAbortedException of unit | `ResourceNotFoundException of unit | `ServiceUnavailableException of unit | `Unknown_operation_error of string * string option ]
Sourceval error_to_json : error -> Yojson.Safe.t
Sourceval to_value : t -> [> `Structure of (string * [> `Long of Timestamp.t | `String of LogGroupIdentifier.t ]) list ]
Sourceval to_query : t -> Awso.Client.Query.t
Sourceval of_xml : Awso.Xml.t -> t
Sourceval of_string : string -> t
Sourceval of_json : Yojson.Safe.t -> t
Sourceval to_json : t -> Yojson.Safe.t