Class TrailProps.Builder
java.lang.Object
software.amazon.awscdk.services.cloudtrail.TrailProps.Builder
- All Implemented Interfaces:
software.amazon.jsii.Builder<TrailProps>
- Enclosing interface:
TrailProps
@Stability(Stable)
public static final class TrailProps.Builder
extends Object
implements software.amazon.jsii.Builder<TrailProps>
A builder for
TrailProps-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionSets the value ofTrailProps.getBucket()build()Builds the configured instance.cloudWatchLogGroup(ILogGroup cloudWatchLogGroup) Sets the value ofTrailProps.getCloudWatchLogGroup()cloudWatchLogsRetention(RetentionDays cloudWatchLogsRetention) Sets the value ofTrailProps.getCloudWatchLogsRetention()enableFileValidation(Boolean enableFileValidation) Sets the value ofTrailProps.getEnableFileValidation()encryptionKey(IKey encryptionKey) Sets the value ofTrailProps.getEncryptionKey()includeGlobalServiceEvents(Boolean includeGlobalServiceEvents) Sets the value ofTrailProps.getIncludeGlobalServiceEvents()isMultiRegionTrail(Boolean isMultiRegionTrail) Sets the value ofTrailProps.getIsMultiRegionTrail()Deprecated.- use encryptionKey instead.managementEvents(ReadWriteType managementEvents) Sets the value ofTrailProps.getManagementEvents()s3KeyPrefix(String s3KeyPrefix) Sets the value ofTrailProps.getS3KeyPrefix()sendToCloudWatchLogs(Boolean sendToCloudWatchLogs) Sets the value ofTrailProps.getSendToCloudWatchLogs()Sets the value ofTrailProps.getSnsTopic()Sets the value ofTrailProps.getTrailName()
-
Constructor Details
-
Builder
public Builder()
-
-
Method Details
-
bucket
Sets the value ofTrailProps.getBucket()- Parameters:
bucket- The Amazon S3 bucket.- Returns:
this
-
cloudWatchLogGroup
Sets the value ofTrailProps.getCloudWatchLogGroup()- Parameters:
cloudWatchLogGroup- Log Group to which CloudTrail to push logs to. Ignored if sendToCloudWatchLogs is set to false.- Returns:
this
-
cloudWatchLogsRetention
@Stability(Stable) public TrailProps.Builder cloudWatchLogsRetention(RetentionDays cloudWatchLogsRetention) Sets the value ofTrailProps.getCloudWatchLogsRetention()- Parameters:
cloudWatchLogsRetention- How long to retain logs in CloudWatchLogs. Ignored if sendToCloudWatchLogs is false or if cloudWatchLogGroup is set.- Returns:
this
-
enableFileValidation
Sets the value ofTrailProps.getEnableFileValidation()- Parameters:
enableFileValidation- To determine whether a log file was modified, deleted, or unchanged after CloudTrail delivered it, you can use CloudTrail log file integrity validation. This feature is built using industry standard algorithms: SHA-256 for hashing and SHA-256 with RSA for digital signing. This makes it computationally infeasible to modify, delete or forge CloudTrail log files without detection. You can use the AWS CLI to validate the files in the location where CloudTrail delivered them.- Returns:
this
-
encryptionKey
Sets the value ofTrailProps.getEncryptionKey()- Parameters:
encryptionKey- The AWS Key Management Service (AWS KMS) key ID that you want to use to encrypt CloudTrail logs.- Returns:
this
-
includeGlobalServiceEvents
@Stability(Stable) public TrailProps.Builder includeGlobalServiceEvents(Boolean includeGlobalServiceEvents) Sets the value ofTrailProps.getIncludeGlobalServiceEvents()- Parameters:
includeGlobalServiceEvents- For most services, events are recorded in the region where the action occurred. For global services such as AWS Identity and Access Management (IAM), AWS STS, Amazon CloudFront, and Route 53, events are delivered to any trail that includes global services, and are logged as occurring in US East (N. Virginia) Region.- Returns:
this
-
isMultiRegionTrail
Sets the value ofTrailProps.getIsMultiRegionTrail()- Parameters:
isMultiRegionTrail- Whether or not this trail delivers log files from multiple regions to a single S3 bucket for a single account.- Returns:
this
-
kmsKey
Deprecated.- use encryptionKey instead.Sets the value ofTrailProps.getKmsKey()- Parameters:
kmsKey- The AWS Key Management Service (AWS KMS) key ID that you want to use to encrypt CloudTrail logs.- Returns:
this
-
managementEvents
Sets the value ofTrailProps.getManagementEvents()- Parameters:
managementEvents- When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails. Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.This method sets the management configuration for this trail.
Management events provide insight into management operations that are performed on resources in your AWS account. These are also known as control plane operations. Management events can also include non-API events that occur in your account. For example, when a user logs in to your account, CloudTrail logs the ConsoleLogin event.
- Returns:
this
-
s3KeyPrefix
Sets the value ofTrailProps.getS3KeyPrefix()- Parameters:
s3KeyPrefix- An Amazon S3 object key prefix that precedes the name of all log files.- Returns:
this
-
sendToCloudWatchLogs
Sets the value ofTrailProps.getSendToCloudWatchLogs()- Parameters:
sendToCloudWatchLogs- If CloudTrail pushes logs to CloudWatch Logs in addition to S3. Disabled for cost out of the box.- Returns:
this
-
snsTopic
Sets the value ofTrailProps.getSnsTopic()- Parameters:
snsTopic- SNS topic that is notified when new log files are published.- Returns:
this
-
trailName
Sets the value ofTrailProps.getTrailName()- Parameters:
trailName- The name of the trail. We recommend customers do not set an explicit name.- Returns:
this
-
build
Builds the configured instance.- Specified by:
buildin interfacesoftware.amazon.jsii.Builder<TrailProps>- Returns:
- a new instance of
TrailProps - Throws:
NullPointerException- if any required attribute was not provided
-