TrailProps (software.amazon.awscdk:aws-cdk-lib 2.0.0-rc.6 API)

All Superinterfaces:: software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:: TrailProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.29.0 (build 41df200)",
           date="2021-06-02T09:55:01.251Z")
 @Stability(value=Experimental)
public interface TrailProps
extends software.amazon.jsii.JsiiSerializable

(experimental) Properties for an AWS CloudTrail trail.

Nested Class Summary

Nested Classes
Modifier and Type Interface and Description

static class TrailProps.Builder
A builder for TrailProps

static class TrailProps.Jsii$Proxy
An implementation for TrailProps

Nested Classes
Modifier and Type	Interface and Description
`static class`	`TrailProps.Builder` A builder for `TrailProps`
`static class`	`TrailProps.Jsii$Proxy` An implementation for `TrailProps`

Method Summary

All Methods Static Methods Instance Methods Default Methods
Modifier and Type	Method and Description
`static TrailProps.Builder`	`builder()`
`default IBucket`	`getBucket()` (experimental) The Amazon S3 bucket.
`default ILogGroup`	`getCloudWatchLogGroup()` (experimental) Log Group to which CloudTrail to push logs to.
`default RetentionDays`	`getCloudWatchLogsRetention()` (experimental) How long to retain logs in CloudWatchLogs.
`default Boolean`	`getEnableFileValidation()` (experimental) To determine whether a log file was modified, deleted, or unchanged after CloudTrail delivered it, you can use CloudTrail log file integrity validation.
`default IKey`	`getEncryptionKey()` (experimental) The AWS Key Management Service (AWS KMS) key ID that you want to use to encrypt CloudTrail logs.
`default Boolean`	`getIncludeGlobalServiceEvents()` (experimental) For most services, events are recorded in the region where the action occurred.
`default Boolean`	`getIsMultiRegionTrail()` (experimental) Whether or not this trail delivers log files from multiple regions to a single S3 bucket for a single account.
`default ReadWriteType`	`getManagementEvents()` (experimental) When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
`default String`	`getS3KeyPrefix()` (experimental) An Amazon S3 object key prefix that precedes the name of all log files.
`default Boolean`	`getSendToCloudWatchLogs()` (experimental) If CloudTrail pushes logs to CloudWatch Logs in addition to S3.
`default ITopic`	`getSnsTopic()` (experimental) SNS topic that is notified when new log files are published.
`default String`	`getTrailName()` (experimental) The name of the trail.

Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson

- Method Detail
  - getBucket
```
@Stability(value=Experimental)
 @Nullable
default IBucket getBucket()
```
    (experimental) The Amazon S3 bucket.
    Default: - if not supplied a bucket will be created with all the correct permisions
  - getCloudWatchLogGroup
```
@Stability(value=Experimental)
 @Nullable
default ILogGroup getCloudWatchLogGroup()
```
    (experimental) Log Group to which CloudTrail to push logs to.
    Ignored if sendToCloudWatchLogs is set to false.
    Default: - a new log group is created and used.
  - getCloudWatchLogsRetention
```
@Stability(value=Experimental)
 @Nullable
default RetentionDays getCloudWatchLogsRetention()
```
    (experimental) How long to retain logs in CloudWatchLogs.
    Ignored if sendToCloudWatchLogs is false or if cloudWatchLogGroup is set.
    Default: logs.RetentionDays.ONE_YEAR
  - getEnableFileValidation
```
@Stability(value=Experimental)
 @Nullable
default Boolean getEnableFileValidation()
```
    (experimental) To determine whether a log file was modified, deleted, or unchanged after CloudTrail delivered it, you can use CloudTrail log file integrity validation.
    This feature is built using industry standard algorithms: SHA-256 for hashing and SHA-256 with RSA for digital signing. This makes it computationally infeasible to modify, delete or forge CloudTrail log files without detection. You can use the AWS CLI to validate the files in the location where CloudTrail delivered them.
    Default: true
  - getEncryptionKey
```
@Stability(value=Experimental)
 @Nullable
default IKey getEncryptionKey()
```
    (experimental) The AWS Key Management Service (AWS KMS) key ID that you want to use to encrypt CloudTrail logs.
    Default: - No encryption.
  - getIncludeGlobalServiceEvents
```
@Stability(value=Experimental)
 @Nullable
default Boolean getIncludeGlobalServiceEvents()
```
    (experimental) For most services, events are recorded in the region where the action occurred.
    For global services such as AWS Identity and Access Management (IAM), AWS STS, Amazon CloudFront, and Route 53, events are delivered to any trail that includes global services, and are logged as occurring in US East (N. Virginia) Region.
    Default: true
  - getIsMultiRegionTrail
```
@Stability(value=Experimental)
 @Nullable
default Boolean getIsMultiRegionTrail()
```
    (experimental) Whether or not this trail delivers log files from multiple regions to a single S3 bucket for a single account.
    Default: true
  - getManagementEvents
```
@Stability(value=Experimental)
 @Nullable
default ReadWriteType getManagementEvents()
```
    (experimental) When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
    Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
    This method sets the management configuration for this trail.
    Management events provide insight into management operations that are performed on resources in your AWS account. These are also known as control plane operations. Management events can also include non-API events that occur in your account. For example, when a user logs in to your account, CloudTrail logs the ConsoleLogin event.
    Default: ReadWriteType.ALL
  - getS3KeyPrefix
```
@Stability(value=Experimental)
 @Nullable
default String getS3KeyPrefix()
```
    (experimental) An Amazon S3 object key prefix that precedes the name of all log files.
    Default: - No prefix.
  - getSendToCloudWatchLogs
```
@Stability(value=Experimental)
 @Nullable
default Boolean getSendToCloudWatchLogs()
```
    (experimental) If CloudTrail pushes logs to CloudWatch Logs in addition to S3.
    Disabled for cost out of the box.
    Default: false
  - getSnsTopic
```
@Stability(value=Experimental)
 @Nullable
default ITopic getSnsTopic()
```
    (experimental) SNS topic that is notified when new log files are published.
    Default: - No notifications.
  - getTrailName
```
@Stability(value=Experimental)
 @Nullable
default String getTrailName()
```
    (experimental) The name of the trail.
    We recoomend customers do not set an explicit name.
    Default: - AWS CloudFormation generated name.
  - builder
```
@Stability(value=Experimental)
static TrailProps.Builder builder()
```
    Returns:
    
    a TrailProps.Builder of TrailProps

Interface TrailProps

Nested Class Summary

Method Summary

Methods inherited from interface software.amazon.jsii.JsiiSerializable

Method Detail

getBucket

getCloudWatchLogGroup

getCloudWatchLogsRetention

getEnableFileValidation

getEncryptionKey

getIncludeGlobalServiceEvents

getIsMultiRegionTrail

getManagementEvents

getS3KeyPrefix

getSendToCloudWatchLogs

getSnsTopic

getTrailName

builder