Class CfnLoggingConfiguration.LogDestinationConfigProperty.Builder

java.lang.Object
software.amazon.awscdk.services.networkfirewall.CfnLoggingConfiguration.LogDestinationConfigProperty.Builder
All Implemented Interfaces:
software.amazon.jsii.Builder<CfnLoggingConfiguration.LogDestinationConfigProperty>
Enclosing interface:
CfnLoggingConfiguration.LogDestinationConfigProperty

@Stability(Stable) public static final class CfnLoggingConfiguration.LogDestinationConfigProperty.Builder extends Object implements software.amazon.jsii.Builder<CfnLoggingConfiguration.LogDestinationConfigProperty>
  • Constructor Details

    • Builder

      public Builder()
  • Method Details

    • logDestination

      @Stability(Stable) public CfnLoggingConfiguration.LogDestinationConfigProperty.Builder logDestination(IResolvable logDestination)
      Parameters:
      logDestination - The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type. This parameter is required.
      • For an Amazon S3 bucket, provide the name of the bucket, with key bucketName , and optionally provide a prefix, with key prefix .

      The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix alerts :

      "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }

      • For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup . The following example specifies a log group named alert-log-group :

      "LogDestination": { "logGroup": "alert-log-group" }

      • For a Firehose delivery stream, provide the name of the delivery stream, with key deliveryStream . The following example specifies a delivery stream named alert-delivery-stream :

      "LogDestination": { "deliveryStream": "alert-delivery-stream" }

      Returns:
      this
    • logDestination

      @Stability(Stable) public CfnLoggingConfiguration.LogDestinationConfigProperty.Builder logDestination(Map<String,String> logDestination)
      Parameters:
      logDestination - The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type. This parameter is required.
      • For an Amazon S3 bucket, provide the name of the bucket, with key bucketName , and optionally provide a prefix, with key prefix .

      The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix alerts :

      "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }

      • For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup . The following example specifies a log group named alert-log-group :

      "LogDestination": { "logGroup": "alert-log-group" }

      • For a Firehose delivery stream, provide the name of the delivery stream, with key deliveryStream . The following example specifies a delivery stream named alert-delivery-stream :

      "LogDestination": { "deliveryStream": "alert-delivery-stream" }

      Returns:
      this
    • logDestinationType

      @Stability(Stable) public CfnLoggingConfiguration.LogDestinationConfigProperty.Builder logDestinationType(String logDestinationType)
      Parameters:
      logDestinationType - The type of storage destination to send these logs to. This parameter is required. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.
      Returns:
      this
    • logType

      @Stability(Stable) public CfnLoggingConfiguration.LogDestinationConfigProperty.Builder logType(String logType)
      Parameters:
      logType - The type of log to record. This parameter is required. You can record the following types of logs from your Network Firewall stateful engine.

      • ALERT - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the StatefulRule property.
      • FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.
      • TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer Guide .
      Returns:
      this
    • build

      @Stability(Stable) public CfnLoggingConfiguration.LogDestinationConfigProperty build()
      Builds the configured instance.
      Specified by:
      build in interface software.amazon.jsii.Builder<CfnLoggingConfiguration.LogDestinationConfigProperty>
      Returns:
      a new instance of CfnLoggingConfiguration.LogDestinationConfigProperty
      Throws:
      NullPointerException - if any required attribute was not provided