investigation_groups

Creates, updates, deletes or gets an investigation_group resource or lists investigation_groups in a region

Overview

Name	`investigation_groups`
Type	Resource
Description	Definition of AWS::AIOps::InvestigationGroup Resource Type
Id	`awscc.aiops.investigation_groups`

Fields

Name	Datatype	Description
`role_arn`	`string`	The Investigation Role's ARN.
`name`	`string`	User friendly name for resources.
`created_at`	`string`	The timestamp value.
`arn`	`string`	The Investigation Group's ARN.
`retention_in_days`	`integer`	The number of days to retain the investigation group
▶`encryption_config`	`object`
`investigation_group_policy`	`string`	Investigation Group policy
`is_cloud_trail_event_history_enabled`	`boolean`	Flag to enable cloud trail history
`tag_key_boundaries`	`array`
▶`chatbot_notification_channels`	`array`	An array of key-value pairs of notification channels to apply to this resource.
`cross_account_configurations`	`array`	An array of cross account configurations.
▶`tags`	`array`	An array of key-value pairs to apply to this resource.
`region`	`string`	AWS region.

For more information, see AWS::AIOps::InvestigationGroup.

Methods

Name	Accessible by	Required Params
`create_resource`	`INSERT`	`Name, region`
`delete_resource`	`DELETE`	`data__Identifier, region`
`update_resource`	`UPDATE`	`data__Identifier, data__PatchDocument, region`
`list_resources`	`SELECT`	`region`
`get_resource`	`SELECT`	`data__Identifier, region`

`SELECT` examples

Gets all properties from an individual investigation_group.

SELECT
region,
role_arn,
name,
created_by,
created_at,
last_modified_by,
last_modified_at,
arn,
retention_in_days,
encryption_config,
investigation_group_policy,
is_cloud_trail_event_history_enabled,
tag_key_boundaries,
chatbot_notification_channels,
cross_account_configurations,
tags
FROM awscc.aiops.investigation_groups
WHERE region = 'us-east-1' AND data__Identifier = '<Arn>';

`INSERT` example

Use the following StackQL query and manifest file to create a new investigation_group resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO awscc.aiops.investigation_groups (
 Name,
 region
)
SELECT 
'{{ Name }}',
'{{ region }}';

/*+ create */
INSERT INTO awscc.aiops.investigation_groups (
 RoleArn,
 Name,
 RetentionInDays,
 EncryptionConfig,
 InvestigationGroupPolicy,
 IsCloudTrailEventHistoryEnabled,
 TagKeyBoundaries,
 ChatbotNotificationChannels,
 CrossAccountConfigurations,
 Tags,
 region
)
SELECT 
 '{{ RoleArn }}',
 '{{ Name }}',
 '{{ RetentionInDays }}',
 '{{ EncryptionConfig }}',
 '{{ InvestigationGroupPolicy }}',
 '{{ IsCloudTrailEventHistoryEnabled }}',
 '{{ TagKeyBoundaries }}',
 '{{ ChatbotNotificationChannels }}',
 '{{ CrossAccountConfigurations }}',
 '{{ Tags }}',
 '{{ region }}';

version: 1
name: stack name
description: stack description
providers:
  - aws
globals:
  - name: region
    value: '{{ vars.AWS_REGION }}'
resources:
  - name: investigation_group
    props:
      - name: RoleArn
        value: '{{ RoleArn }}'
      - name: Name
        value: '{{ Name }}'
      - name: RetentionInDays
        value: '{{ RetentionInDays }}'
      - name: EncryptionConfig
        value:
          EncryptionConfigurationType: '{{ EncryptionConfigurationType }}'
          KmsKeyId: '{{ KmsKeyId }}'
      - name: InvestigationGroupPolicy
        value: '{{ InvestigationGroupPolicy }}'
      - name: IsCloudTrailEventHistoryEnabled
        value: '{{ IsCloudTrailEventHistoryEnabled }}'
      - name: TagKeyBoundaries
        value:
          - '{{ TagKeyBoundaries[0] }}'
      - name: ChatbotNotificationChannels
        value:
          - SNSTopicArn: '{{ SNSTopicArn }}'
            ChatConfigurationArns:
              - '{{ ChatConfigurationArns[0] }}'
      - name: CrossAccountConfigurations
        value:
          - SourceRoleArn: null
      - name: Tags
        value:
          - Key: '{{ Key }}'
            Value: '{{ Value }}'

`DELETE` example

/*+ delete */
DELETE FROM awscc.aiops.investigation_groups
WHERE data__Identifier = '<Arn>'
AND region = 'us-east-1';

Permissions

To operate on the investigation_groups resource, the following permissions are required:

Create

aiops:CreateInvestigationGroup,
aiops:GetInvestigationGroup,
aiops:GetInvestigationGroupPolicy,
aiops:PutInvestigationGroupPolicy,
aiops:TagResource,
aiops:ListTagsForResource,
iam:PassRole,
kms:DescribeKey,
kms:ListAliases,
kms:Decrypt,
kms:Encrypt,
kms:GenerateDataKey

Read

aiops:GetInvestigationGroup,
aiops:GetInvestigationGroupPolicy,
aiops:ListTagsForResource,
kms:DescribeKey,
kms:ListAliases,
kms:Decrypt,
kms:Encrypt

Update

aiops:GetInvestigationGroup,
aiops:UpdateInvestigationGroup,
aiops:GetInvestigationGroupPolicy,
aiops:PutInvestigationGroupPolicy,
aiops:DeleteInvestigationGroupPolicy,
aiops:TagResource,
aiops:UntagResource,
aiops:ListTagsForResource,
iam:PassRole,
kms:DescribeKey,
kms:ListAliases,
kms:Decrypt,
kms:Encrypt,
kms:GenerateDataKey

Delete

aiops:DeleteInvestigationGroup,
aiops:GetInvestigationGroup,
aiops:DeleteInvestigationGroupPolicy,
aiops:GetInvestigationGroupPolicy,
aiops:UntagResource,
kms:DescribeKey,
kms:ListAliases

List

aiops:ListInvestigationGroups,
kms:DescribeKey,
kms:ListAliases

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

DELETE example​

Permissions​

Create​

Read​

Update​

Delete​

List​