software.amazon.awscdk.services.cloudtrail

Class TrailProps.Jsii$Proxy

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.cloudtrail.TrailProps.Jsii$Proxy

All Implemented Interfaces:

TrailProps, software.amazon.jsii.JsiiSerializable

Enclosing interface:

TrailProps

@Stability(value=Experimental)
 @Internal
public static final class TrailProps.Jsii$Proxy
extends software.amazon.jsii.JsiiObject
implements TrailProps

An implementation for TrailProps

Nested Class Summary

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.cloudtrail.TrailProps

TrailProps.Builder, TrailProps.Jsii$Proxy

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	Jsii$Proxy(IBucket bucket, ILogGroup cloudWatchLogGroup, RetentionDays cloudWatchLogsRetention, Boolean enableFileValidation, IKey encryptionKey, Boolean includeGlobalServiceEvents, Boolean isMultiRegionTrail, ReadWriteType managementEvents, String s3KeyPrefix, Boolean sendToCloudWatchLogs, ITopic snsTopic, String trailName) Constructor that initializes the object based on literal property values passed by the TrailProps.Builder.
protected	Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef) Constructor that initializes the object based on values retrieved from the JsiiObject.

Method Summary

Modifier and Type	Method and Description
com.fasterxml.jackson.databind.JsonNode	$jsii$toJson()
boolean	equals(Object o)
IBucket	getBucket() (experimental) The Amazon S3 bucket.
ILogGroup	getCloudWatchLogGroup() (experimental) Log Group to which CloudTrail to push logs to.
RetentionDays	getCloudWatchLogsRetention() (experimental) How long to retain logs in CloudWatchLogs.
Boolean	getEnableFileValidation() (experimental) To determine whether a log file was modified, deleted, or unchanged after CloudTrail delivered it, you can use CloudTrail log file integrity validation.
IKey	getEncryptionKey() (experimental) The AWS Key Management Service (AWS KMS) key ID that you want to use to encrypt CloudTrail logs.
Boolean	getIncludeGlobalServiceEvents() (experimental) For most services, events are recorded in the region where the action occurred.
Boolean	getIsMultiRegionTrail() (experimental) Whether or not this trail delivers log files from multiple regions to a single S3 bucket for a single account.
ReadWriteType	getManagementEvents() (experimental) When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
String	getS3KeyPrefix() (experimental) An Amazon S3 object key prefix that precedes the name of all log files.
Boolean	getSendToCloudWatchLogs() (experimental) If CloudTrail pushes logs to CloudWatch Logs in addition to S3.
ITopic	getSnsTopic() (experimental) SNS topic that is notified when new log files are published.
String	getTrailName() (experimental) The name of the trail.
int	hashCode()

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface software.amazon.awscdk.services.cloudtrail.TrailProps

builder

Constructor Detail

Jsii$Proxy

protected Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)

Constructor that initializes the object based on values retrieved from the JsiiObject.

Parameters:

objRef - Reference to the JSII managed object.

Jsii$Proxy

protected Jsii$Proxy(IBucket bucket,
                     ILogGroup cloudWatchLogGroup,
                     RetentionDays cloudWatchLogsRetention,
                     Boolean enableFileValidation,
                     IKey encryptionKey,
                     Boolean includeGlobalServiceEvents,
                     Boolean isMultiRegionTrail,
                     ReadWriteType managementEvents,
                     String s3KeyPrefix,
                     Boolean sendToCloudWatchLogs,
                     ITopic snsTopic,
                     String trailName)

Constructor that initializes the object based on literal property values passed by the TrailProps.Builder.

Method Detail

getBucket

public final IBucket getBucket()

Description copied from interface: TrailProps

(experimental) The Amazon S3 bucket.

Default: - if not supplied a bucket will be created with all the correct permisions

Specified by:

getBucket in interface TrailProps

getCloudWatchLogGroup

public final ILogGroup getCloudWatchLogGroup()

Description copied from interface: TrailProps

(experimental) Log Group to which CloudTrail to push logs to.

Ignored if sendToCloudWatchLogs is set to false.

Default: - a new log group is created and used.

Specified by:

getCloudWatchLogGroup in interface TrailProps

getCloudWatchLogsRetention

public final RetentionDays getCloudWatchLogsRetention()

Description copied from interface: TrailProps

(experimental) How long to retain logs in CloudWatchLogs.

Ignored if sendToCloudWatchLogs is false or if cloudWatchLogGroup is set.

Default: logs.RetentionDays.ONE_YEAR

Specified by:

getCloudWatchLogsRetention in interface TrailProps

getEnableFileValidation

public final Boolean getEnableFileValidation()

Description copied from interface: TrailProps

(experimental) To determine whether a log file was modified, deleted, or unchanged after CloudTrail delivered it, you can use CloudTrail log file integrity validation.

This feature is built using industry standard algorithms: SHA-256 for hashing and SHA-256 with RSA for digital signing. This makes it computationally infeasible to modify, delete or forge CloudTrail log files without detection. You can use the AWS CLI to validate the files in the location where CloudTrail delivered them.

Default: true

Specified by:

getEnableFileValidation in interface TrailProps

getEncryptionKey

public final IKey getEncryptionKey()

Description copied from interface: TrailProps

(experimental) The AWS Key Management Service (AWS KMS) key ID that you want to use to encrypt CloudTrail logs.

Default: - No encryption.

Specified by:

getEncryptionKey in interface TrailProps

getIncludeGlobalServiceEvents

public final Boolean getIncludeGlobalServiceEvents()

Description copied from interface: TrailProps

(experimental) For most services, events are recorded in the region where the action occurred.

For global services such as AWS Identity and Access Management (IAM), AWS STS, Amazon CloudFront, and Route 53, events are delivered to any trail that includes global services, and are logged as occurring in US East (N. Virginia) Region.

Default: true

Specified by:

getIncludeGlobalServiceEvents in interface TrailProps

getIsMultiRegionTrail

public final Boolean getIsMultiRegionTrail()

Description copied from interface: TrailProps

(experimental) Whether or not this trail delivers log files from multiple regions to a single S3 bucket for a single account.

Default: true

Specified by:

getIsMultiRegionTrail in interface TrailProps

getManagementEvents

public final ReadWriteType getManagementEvents()

Description copied from interface: TrailProps

(experimental) When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.

Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.

This method sets the management configuration for this trail.

Management events provide insight into management operations that are performed on resources in your AWS account. These are also known as control plane operations. Management events can also include non-API events that occur in your account. For example, when a user logs in to your account, CloudTrail logs the ConsoleLogin event.

Default: ReadWriteType.ALL

Specified by:

getManagementEvents in interface TrailProps

getS3KeyPrefix

public final String getS3KeyPrefix()

Description copied from interface: TrailProps

(experimental) An Amazon S3 object key prefix that precedes the name of all log files.

Default: - No prefix.

Specified by:

getS3KeyPrefix in interface TrailProps

getSendToCloudWatchLogs

public final Boolean getSendToCloudWatchLogs()

Description copied from interface: TrailProps

(experimental) If CloudTrail pushes logs to CloudWatch Logs in addition to S3.

Disabled for cost out of the box.

Default: false

Specified by:

getSendToCloudWatchLogs in interface TrailProps

getSnsTopic

public final ITopic getSnsTopic()

Description copied from interface: TrailProps

(experimental) SNS topic that is notified when new log files are published.

Default: - No notifications.

Specified by:

getSnsTopic in interface TrailProps

getTrailName

public final String getTrailName()

Description copied from interface: TrailProps

(experimental) The name of the trail.

We recoomend customers do not set an explicit name.

Default: - AWS CloudFormation generated name.

Specified by:

getTrailName in interface TrailProps

$jsii$toJson

@Internal
public com.fasterxml.jackson.databind.JsonNode $jsii$toJson()

Specified by:

$jsii$toJson in interface software.amazon.jsii.JsiiSerializable

equals

public final boolean equals(Object o)

Overrides:

equals in class Object

hashCode

public final int hashCode()

Overrides:

hashCode in class Object