@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)", date="2023-03-22T19:35:44.300Z") public class Trail extends Resource
import { CloudTrail } from '@aws-cdk/aws-cloudtrail'
const cloudTrail = new CloudTrail(this, 'MyTrail');
NOTE the above example creates an UNENCRYPTED bucket by default, If you are required to use an Encrypted bucket you can supply a preconfigured bucket via TrailProps
Example:
import software.amazon.awscdk.services.cloudtrail.*; IAlias myKeyAlias = Alias.fromAliasName(this, "myKey", "alias/aws/s3"); Trail trail = Trail.Builder.create(this, "myCloudTrail") .sendToCloudWatchLogs(true) .kmsKey(myKeyAlias) .build();
Modifier and Type | Class and Description |
---|---|
static class |
Trail.Builder
A fluent builder for
Trail . |
IResource.Jsii$Default
Modifier | Constructor and Description |
---|---|
protected |
Trail(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
Trail(software.amazon.jsii.JsiiObjectRef objRef) |
|
Trail(software.constructs.Construct scope,
java.lang.String id) |
|
Trail(software.constructs.Construct scope,
java.lang.String id,
TrailProps props) |
Modifier and Type | Method and Description |
---|---|
void |
addEventSelector(DataResourceType dataResourceType,
java.util.List<java.lang.String> dataResourceValues)
When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
|
void |
addEventSelector(DataResourceType dataResourceType,
java.util.List<java.lang.String> dataResourceValues,
AddEventSelectorOptions options)
When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
|
void |
addLambdaEventSelector(java.util.List<IFunction> handlers)
When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
|
void |
addLambdaEventSelector(java.util.List<IFunction> handlers,
AddEventSelectorOptions options)
When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
|
void |
addS3EventSelector(java.util.List<S3EventSelector> s3Selector)
When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
|
void |
addS3EventSelector(java.util.List<S3EventSelector> s3Selector,
AddEventSelectorOptions options)
When an event occurs in your account, CloudTrail evaluates whether the event matches the settings for your trails.
|
ILogGroup |
getLogGroup()
The CloudWatch log group to which CloudTrail events are sent.
|
java.lang.String |
getTrailArn()
ARN of the CloudTrail trail i.e.
|
java.lang.String |
getTrailSnsTopicArn()
ARN of the Amazon SNS topic that's associated with the CloudTrail trail, i.e.
|
void |
logAllLambdaDataEvents()
Log all Lamda data events for all lambda functions the account.
|
void |
logAllLambdaDataEvents(AddEventSelectorOptions options)
Log all Lamda data events for all lambda functions the account.
|
void |
logAllS3DataEvents()
Log all S3 data events for all objects for all buckets in the account.
|
void |
logAllS3DataEvents(AddEventSelectorOptions options)
Log all S3 data events for all objects for all buckets in the account.
|
Rule |
onCloudTrailEvent(java.lang.String id)
Deprecated.
- use Trail.onEvent()
|
Rule |
onCloudTrailEvent(java.lang.String id,
OnEventOptions options)
Deprecated.
- use Trail.onEvent()
|
static Rule |
onEvent(software.constructs.Construct scope,
java.lang.String id)
Create an event rule for when an event is recorded by any Trail in the account.
|
static Rule |
onEvent(software.constructs.Construct scope,
java.lang.String id,
OnEventOptions options)
Create an event rule for when an event is recorded by any Trail in the account.
|
applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isResource
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getNode
protected Trail(software.amazon.jsii.JsiiObjectRef objRef)
protected Trail(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
public Trail(software.constructs.Construct scope, java.lang.String id, TrailProps props)
scope
- This parameter is required.id
- This parameter is required.props
- public Trail(software.constructs.Construct scope, java.lang.String id)
scope
- This parameter is required.id
- This parameter is required.public static Rule onEvent(software.constructs.Construct scope, java.lang.String id, OnEventOptions options)
Note that the event doesn't necessarily have to come from this Trail, it can be captured from any one.
Be sure to filter the event further down using an event pattern.
scope
- This parameter is required.id
- This parameter is required.options
- public static Rule onEvent(software.constructs.Construct scope, java.lang.String id)
Note that the event doesn't necessarily have to come from this Trail, it can be captured from any one.
Be sure to filter the event further down using an event pattern.
scope
- This parameter is required.id
- This parameter is required.public void addEventSelector(DataResourceType dataResourceType, java.util.List<java.lang.String> dataResourceValues, AddEventSelectorOptions options)
Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
This method adds an Event Selector for filtering events that match either S3 or Lambda function operations.
Data events: These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.
dataResourceType
- This parameter is required.dataResourceValues
- the list of data resource ARNs to include in logging (maximum 250 entries). This parameter is required.options
- the options to configure logging of management and data events.public void addEventSelector(DataResourceType dataResourceType, java.util.List<java.lang.String> dataResourceValues)
Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
This method adds an Event Selector for filtering events that match either S3 or Lambda function operations.
Data events: These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.
dataResourceType
- This parameter is required.dataResourceValues
- the list of data resource ARNs to include in logging (maximum 250 entries). This parameter is required.public void addLambdaEventSelector(java.util.List<IFunction> handlers, AddEventSelectorOptions options)
Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
This method adds a Lambda Data Event Selector for filtering events that match Lambda function operations.
Data events: These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.
handlers
- the list of lambda function handlers whose data events should be logged (maximum 250 entries). This parameter is required.options
- the options to configure logging of management and data events.public void addLambdaEventSelector(java.util.List<IFunction> handlers)
Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
This method adds a Lambda Data Event Selector for filtering events that match Lambda function operations.
Data events: These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.
handlers
- the list of lambda function handlers whose data events should be logged (maximum 250 entries). This parameter is required.public void addS3EventSelector(java.util.List<S3EventSelector> s3Selector, AddEventSelectorOptions options)
Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
This method adds an S3 Data Event Selector for filtering events that match S3 operations.
Data events: These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.
s3Selector
- the list of S3 bucket with optional prefix to include in logging (maximum 250 entries). This parameter is required.options
- the options to configure logging of management and data events.public void addS3EventSelector(java.util.List<S3EventSelector> s3Selector)
Only events that match your trail settings are delivered to your Amazon S3 bucket and Amazon CloudWatch Logs log group.
This method adds an S3 Data Event Selector for filtering events that match S3 operations.
Data events: These events provide insight into the resource operations performed on or within a resource. These are also known as data plane operations.
s3Selector
- the list of S3 bucket with optional prefix to include in logging (maximum 250 entries). This parameter is required.public void logAllLambdaDataEvents(AddEventSelectorOptions options)
Default: false
options
- public void logAllLambdaDataEvents()
Default: false
public void logAllS3DataEvents(AddEventSelectorOptions options)
Default: false
options
- public void logAllS3DataEvents()
Default: false
@Deprecated public Rule onCloudTrailEvent(java.lang.String id, OnEventOptions options)
Note that the event doesn't necessarily have to come from this Trail, it can be captured from any one.
Be sure to filter the event further down using an event pattern.
id
- This parameter is required.options
- @Deprecated public Rule onCloudTrailEvent(java.lang.String id)
Note that the event doesn't necessarily have to come from this Trail, it can be captured from any one.
Be sure to filter the event further down using an event pattern.
id
- This parameter is required.public java.lang.String getTrailArn()
public java.lang.String getTrailSnsTopicArn()
public ILogGroup getLogGroup()
undefined
if sendToCloudWatchLogs
property is false.