class Aws::CloudWatchLogs::Types::PutDataProtectionPolicyRequest

@see docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDataProtectionPolicyRequest AWS API Documentation
@return [String]<br>: docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html<br><br><br><br>characters.
The JSON specified in ‘policyDocument` can be up to 30,720
metrics to CloudWatch.
used as a dimension when CloudWatch Logs reports audit findings
include `Name`, `Description`, and `Version` fields. The `Name` is
In addition to the two JSON blocks, the `policyDocument` can also
The contents of the two `DataIdentifer` arrays must match exactly.
on this page.
For an example data protection policy, see the Examples section
{}` object. The ` “MaskConfig”: {}` object must be empty.
actually masks the data, and it must contain the ` “MaskConfig”:
The `Operation` property with the `Deidentify` action is what
in the first block of the policy.
`DataIdentifer` array must exactly match the `DataIdentifer` array
`Operation` property with an `Deidentify` action. The
* The second block must include both a `DataIdentifer` array and an
groups, Firehose streams, and S3 buckets, they must already exist.
send audit findings to. If you specify destinations such as log
`FindingsDestination` object to list one or more destinations to
`FindingsDestination` object. You can optionally use that
find the sensitive data terms. This `Audit` action must contain a
The `Operation` property with an `Audit` action is required to
that you can mask].
more information about the available options, see [Types of data
array lists the types of sensitive data that you want to mask. For
`Operation` property with an `Audit` action. The `DataIdentifer`
* The first block must include both a `DataIdentifer` array and an
This policy must include two JSON blocks:
Specify the data protection policy, in JSON.
@!attribute [rw] policy_document
@return [String]
Specify either the log group name or log group ARN.
@!attribute [rw] log_group_identifier