Package software.amazon.awscdk.services.cloudtrail

Class CfnTrail.DataResourceProperty.Builder

java.lang.Object
software.amazon.awscdk.services.cloudtrail.CfnTrail.DataResourceProperty.Builder
All Implemented Interfaces:
software.amazon.jsii.Builder<CfnTrail.DataResourceProperty>
Enclosing interface:
CfnTrail.DataResourceProperty
@Stability(Stable) public static final class CfnTrail.DataResourceProperty.Builder extends Object implements software.amazon.jsii.Builder<CfnTrail.DataResourceProperty>
A builder for CfnTrail.DataResourceProperty

  • Constructor Details

    • Builder

      public Builder()

  • Method Details

    • type

      @Stability(Stable) public CfnTrail.DataResourceProperty.Builder type(String type)
      Sets the value of CfnTrail.DataResourceProperty.getType()
      Parameters:
      type - The resource type in which you want to log data events. This parameter is required. You can specify the following basic event selector resource types:

      • AWS::S3::Object
      • AWS::Lambda::Function
      • AWS::DynamoDB::Table
      Returns:
      this

    • values

      @Stability(Stable) public CfnTrail.DataResourceProperty.Builder values(List<String> values)
      Sets the value of CfnTrail.DataResourceProperty.getValues()
      Parameters:
      values - An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects.
      • To log data events for all objects in all S3 buckets in your AWS account , specify the prefix as arn:aws:s3 .

      This also enables logging of data event activity performed by any user or role in your AWS account , even if that activity is performed on a bucket that belongs to another AWS account .

      • To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as arn:aws:s3:::bucket-1/ . The trail logs data events for all objects in this S3 bucket.
      • To log data events for specific objects, specify the S3 bucket and object prefix such as arn:aws:s3:::bucket-1/example-images . The trail logs data events for objects in this S3 bucket that match the prefix.
      • To log data events for all Lambda functions in your AWS account , specify the prefix as arn:aws:lambda .

      This also enables logging of Invoke activity performed by any user or role in your AWS account , even if that activity is performed on a function that belongs to another AWS account .

      • To log data events for a specific Lambda function, specify the function ARN.

      Lambda function ARNs are exact. For example, if you specify a function ARN arn:aws:lambda:us-west-2:111111111111:function:helloworld , data events will only be logged for arn:aws:lambda:us-west-2:111111111111:function:helloworld . They will not be logged for arn:aws:lambda:us-west-2:111111111111:function:helloworld2 .

      • To log data events for all DynamoDB tables in your AWS account , specify the prefix as arn:aws:dynamodb .
      Returns:
      this

    • build

      @Stability(Stable) public CfnTrail.DataResourceProperty build()
      Builds the configured instance.
      Specified by:
      build in interface software.amazon.jsii.Builder<CfnTrail.DataResourceProperty>
      Returns:
      a new instance of CfnTrail.DataResourceProperty
      Throws:
      NullPointerException - if any required attribute was not provided