Trail.Builder (software.amazon.awscdk:aws-cdk-lib 2.0.0-rc.6 API)

java.lang.Object
- software.amazon.awscdk.services.cloudtrail.Trail.Builder

All Implemented Interfaces:: software.amazon.jsii.Builder<Trail>

Enclosing class:: Trail

@Stability(value=Experimental)
public static final class Trail.Builder
extends Object
implements software.amazon.jsii.Builder<Trail>

(experimental) A fluent builder for Trail.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Trail.Builder`	`bucket(IBucket bucket)` (experimental) The Amazon S3 bucket.
`Trail`	`build()`
`Trail.Builder`	`cloudWatchLogGroup(ILogGroup cloudWatchLogGroup)` (experimental) Log Group to which CloudTrail to push logs to.
`Trail.Builder`	`cloudWatchLogsRetention(RetentionDays cloudWatchLogsRetention)` (experimental) How long to retain logs in CloudWatchLogs.
`static Trail.Builder`	`create(software.constructs.Construct scope, String id)`
`Trail.Builder`	`enableFileValidation(Boolean enableFileValidation)` (experimental) To determine whether a log file was modified, deleted, or unchanged after CloudTrail delivered it, you can use CloudTrail log file integrity validation.
`Trail.Builder`	`encryptionKey(IKey encryptionKey)` (experimental) The AWS Key Management Service (AWS KMS) key ID that you want to use to encrypt CloudTrail logs.
`Trail.Builder`	`includeGlobalServiceEvents(Boolean includeGlobalServiceEvents)` (experimental) For most services, events are recorded in the region where the action occurred.
`Trail.Builder`	`isMultiRegionTrail(Boolean isMultiRegionTrail)` (experimental) Whether or not this trail delivers log files from multiple regions to a single S3 bucket for a single account.
`Trail.Builder`	`managementEvents(ReadWriteType managementEvents)` (experimental) When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
`Trail.Builder`	`s3KeyPrefix(String s3KeyPrefix)` (experimental) An Amazon S3 object key prefix that precedes the name of all log files.
`Trail.Builder`	`sendToCloudWatchLogs(Boolean sendToCloudWatchLogs)` (experimental) If CloudTrail pushes logs to CloudWatch Logs in addition to S3.
`Trail.Builder`	`snsTopic(ITopic snsTopic)` (experimental) SNS topic that is notified when new log files are published.
`Trail.Builder`	`trailName(String trailName)` (experimental) The name of the trail.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - create
```
@Stability(value=Experimental)
public static Trail.Builder create(software.constructs.Construct scope,
                                                                  String id)
```
    Parameters:
    
    scope - This parameter is required.
    
    id - This parameter is required.
    
    Returns:
    
    a new instance of Trail.Builder.
  - bucket
```
@Stability(value=Experimental)
public Trail.Builder bucket(IBucket bucket)
```
    (experimental) The Amazon S3 bucket.
    Default: - if not supplied a bucket will be created with all the correct permisions
    
    Parameters:
    
    bucket - The Amazon S3 bucket. This parameter is required.
    
    Returns:
    
    this
  - cloudWatchLogGroup
```
@Stability(value=Experimental)
public Trail.Builder cloudWatchLogGroup(ILogGroup cloudWatchLogGroup)
```
    (experimental) Log Group to which CloudTrail to push logs to.
    Ignored if sendToCloudWatchLogs is set to false.
    Default: - a new log group is created and used.
    
    Parameters:
    
    cloudWatchLogGroup - Log Group to which CloudTrail to push logs to. This parameter is required.
    
    Returns:
    
    this
  - cloudWatchLogsRetention
```
@Stability(value=Experimental)
public Trail.Builder cloudWatchLogsRetention(RetentionDays cloudWatchLogsRetention)
```
    (experimental) How long to retain logs in CloudWatchLogs.
    Ignored if sendToCloudWatchLogs is false or if cloudWatchLogGroup is set.
    Default: logs.RetentionDays.ONE_YEAR
    
    Parameters:
    
    cloudWatchLogsRetention - How long to retain logs in CloudWatchLogs. This parameter is required.
    
    Returns:
    
    this
  - enableFileValidation
```
@Stability(value=Experimental)
public Trail.Builder enableFileValidation(Boolean enableFileValidation)
```
    (experimental) To determine whether a log file was modified, deleted, or unchanged after CloudTrail delivered it, you can use CloudTrail log file integrity validation.
    This feature is built using industry standard algorithms: SHA-256 for hashing and SHA-256 with RSA for digital signing. This makes it computationally infeasible to modify, delete or forge CloudTrail log files without detection. You can use the AWS CLI to validate the files in the location where CloudTrail delivered them.
    Default: true
    
    Parameters:
    
    enableFileValidation - To determine whether a log file was modified, deleted, or unchanged after CloudTrail delivered it, you can use CloudTrail log file integrity validation. This parameter is required.
    
    Returns:
    
    this
  - encryptionKey
```
@Stability(value=Experimental)
public Trail.Builder encryptionKey(IKey encryptionKey)
```
    (experimental) The AWS Key Management Service (AWS KMS) key ID that you want to use to encrypt CloudTrail logs.
    Default: - No encryption.
    
    Parameters:
    
    encryptionKey - The AWS Key Management Service (AWS KMS) key ID that you want to use to encrypt CloudTrail logs. This parameter is required.
    
    Returns:
    
    this
  - includeGlobalServiceEvents
```
@Stability(value=Experimental)
public Trail.Builder includeGlobalServiceEvents(Boolean includeGlobalServiceEvents)
```
    (experimental) For most services, events are recorded in the region where the action occurred.
    For global services such as AWS Identity and Access Management (IAM), AWS STS, Amazon CloudFront, and Route 53, events are delivered to any trail that includes global services, and are logged as occurring in US East (N. Virginia) Region.
    Default: true
    
    Parameters:
    
    includeGlobalServiceEvents - For most services, events are recorded in the region where the action occurred. This parameter is required.
    
    Returns:
    
    this
  - isMultiRegionTrail
```
@Stability(value=Experimental)
public Trail.Builder isMultiRegionTrail(Boolean isMultiRegionTrail)
```
    (experimental) Whether or not this trail delivers log files from multiple regions to a single S3 bucket for a single account.
    Default: true
    
    Parameters:
    
    isMultiRegionTrail - Whether or not this trail delivers log files from multiple regions to a single S3 bucket for a single account. This parameter is required.
    
    Returns:
    
    this
  - managementEvents
```
@Stability(value=Experimental)
public Trail.Builder managementEvents(ReadWriteType managementEvents)
```
    (experimental) When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
    Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
    This method sets the management configuration for this trail.
    Management events provide insight into management operations that are performed on resources in your AWS account. These are also known as control plane operations. Management events can also include non-API events that occur in your account. For example, when a user logs in to your account, CloudTrail logs the ConsoleLogin event.
    Default: ReadWriteType.ALL
    
    Parameters:
    
    managementEvents - When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails. This parameter is required.
    
    Returns:
    
    this
  - s3KeyPrefix
```
@Stability(value=Experimental)
public Trail.Builder s3KeyPrefix(String s3KeyPrefix)
```
    (experimental) An Amazon S3 object key prefix that precedes the name of all log files.
    Default: - No prefix.
    
    Parameters:
    
    s3KeyPrefix - An Amazon S3 object key prefix that precedes the name of all log files. This parameter is required.
    
    Returns:
    
    this
  - sendToCloudWatchLogs
```
@Stability(value=Experimental)
public Trail.Builder sendToCloudWatchLogs(Boolean sendToCloudWatchLogs)
```
    (experimental) If CloudTrail pushes logs to CloudWatch Logs in addition to S3.
    Disabled for cost out of the box.
    Default: false
    
    Parameters:
    
    sendToCloudWatchLogs - If CloudTrail pushes logs to CloudWatch Logs in addition to S3. This parameter is required.
    
    Returns:
    
    this
  - snsTopic
```
@Stability(value=Experimental)
public Trail.Builder snsTopic(ITopic snsTopic)
```
    (experimental) SNS topic that is notified when new log files are published.
    Default: - No notifications.
    
    Parameters:
    
    snsTopic - SNS topic that is notified when new log files are published. This parameter is required.
    
    Returns:
    
    this
  - trailName
```
@Stability(value=Experimental)
public Trail.Builder trailName(String trailName)
```
    (experimental) The name of the trail.
    We recoomend customers do not set an explicit name.
    Default: - AWS CloudFormation generated name.
    
    Parameters:
    
    trailName - The name of the trail. This parameter is required.
    
    Returns:
    
    this
  - build
```
@Stability(value=Experimental)
public Trail build()
```
    Specified by:
    
    build in interface software.amazon.jsii.Builder<Trail>

Class Trail.Builder

Method Summary

Methods inherited from class java.lang.Object

Method Detail

create

bucket

cloudWatchLogGroup

cloudWatchLogsRetention

enableFileValidation

encryptionKey

includeGlobalServiceEvents

isMultiRegionTrail

managementEvents

s3KeyPrefix

sendToCloudWatchLogs

snsTopic

trailName

build