com.amazonaws.services.cloudtrail.model.AdvancedFieldSelector Maven / Gradle / Ivy
Show all versions of aws-java-sdk-cloudtrail Show documentation
/*
* Copyright 2018-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.cloudtrail.model;
import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.protocol.StructuredPojo;
import com.amazonaws.protocol.ProtocolMarshaller;
/**
*
* A single selector statement in an advanced event selector.
*
*
* @see AWS
* API Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class AdvancedFieldSelector implements Serializable, Cloneable, StructuredPojo {
/**
*
* A field in a CloudTrail event record on which to filter events to be logged. For event data stores for Config
* configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used only for
* selecting events as filtering is not supported.
*
*
* For CloudTrail event records, supported fields include readOnly, eventCategory,
* eventSource (for management events), eventName, resources.type, and
* resources.ARN.
*
*
* For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events,
* the only supported field is eventCategory.
*
*
* -
*
* readOnly - Optional. Can be set to Equals a value of true or
* false. If you do not add this field, CloudTrail logs both read and write
* events. A value of true logs only read events. A value of false logs only
* write events.
*
*
* -
*
* eventSource - For filtering management events only. This can be set only to
* NotEquals kms.amazonaws.com.
*
*
* -
*
* eventName - Can use any operator. You can use it to filter in or filter out any data event
* logged to CloudTrail, such as PutBucket or GetSnapshotBlock. You can have multiple
* values for this field, separated by commas.
*
*
* -
*
* eventCategory - This is required and must be set to Equals.
*
*
* -
*
* For CloudTrail event records, the value must be Management or Data.
*
*
* -
*
* For Config configuration items, the value must be ConfigurationItem.
*
*
* -
*
* For Audit Manager evidence, the value must be Evidence.
*
*
* -
*
* For non-Amazon Web Services events, the value must be ActivityAuditLog.
*
*
*
*
* -
*
* resources.type - This field is required for CloudTrail data events.
* resources.type can only use the Equals operator, and the value can be one of the
* following:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*
* You can have only one resources.type field per selector. To log data events on more than one resource
* type, add another selector.
*
*
* -
*
* resources.ARN - You can use any operator with resources.ARN, but if you use
* Equals or NotEquals, the value must exactly match the ARN of a valid resource of the
* type you've specified in the template as the value of resources.type. For example, if resources.type equals
* AWS::S3::Object, the ARN must be in one of the following formats. To log all data events for all
* objects in a specific S3 bucket, use the StartsWith operator, and include only the bucket ARN as the
* matching value.
*
*
* The trailing slash is intentional; do not exclude it. Replace the text between less than and greater than symbols
* (<>) with resource-specific information.
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/<object_path>/
*
*
*
*
* When resources.type equals AWS::DynamoDB::Table, and the operator is set to Equals or
* NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>
*
*
*
*
* When resources.type equals AWS::Lambda::Function, and the operator is set to Equals or
* NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:lambda:<region>:<account_ID>:function:<function_name>
*
*
*
*
* When resources.type equals AWS::CloudTrail::Channel, and the operator is set to Equals
* or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cloudtrail:<region>:<account_ID>:channel/<channel_UUID>
*
*
*
*
* When resources.type equals AWS::CodeWhisperer::Profile, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:codewhisperer:<region>:<account_ID>:profile/<profile_ID>
*
*
*
*
* When resources.type equals AWS::Cognito::IdentityPool, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cognito-identity:<region>:<account_ID>:identitypool/<identity_pool_ID>
*
*
*
*
* When resources.type equals AWS::DynamoDB::Stream, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time>
*
*
*
*
* When resources.type equals AWS::EC2::Snapshot, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ec2:<region>::snapshot/<snapshot_ID>
*
*
*
*
* When resources.type equals AWS::EMRWAL::Workspace, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:emrwal:<region>::workspace/<workspace_name>
*
*
*
*
* When resources.type equals AWS::FinSpace::Environment, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:finspace:<region>:<account_ID>:environment/<environment_ID>
*
*
*
*
* When resources.type equals AWS::Glue::Table, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:glue:<region>:<account_ID>:table/<database_name>/<table_name>
*
*
*
*
* When resources.type equals AWS::GuardDuty::Detector, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:guardduty:<region>:<account_ID>:detector/<detector_ID>
*
*
*
*
* When resources.type equals AWS::KendraRanking::ExecutionPlan, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:kendra-ranking:<region>:<account_ID>:rescore-execution-plan/<rescore_execution_plan_ID>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Network, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:::networks/<network_name>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Node, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:<region>:<account_ID>:nodes/<node_ID>
*
*
*
*
* When resources.type equals AWS::MedicalImaging::Datastore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:medical-imaging:<region>:<account_ID>:datastore/<data_store_ID>
*
*
*
*
* When resources.type equals AWS::SageMaker::ExperimentTrialComponent, and the operator
* is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:experiment-trial-component/<experiment_trial_component_name>
*
*
*
*
* When resources.type equals AWS::SageMaker::FeatureGroup, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:feature-group/<feature_group_name>
*
*
*
*
* When resources.type equals AWS::S3::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in one of the following formats. To log events on
* all objects in an S3 access point, we recommend that you use only the access point ARN, don’t include the object
* path, and use the StartsWith or NotStartsWith operators.
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>/object/<object_path>
*
*
*
*
* When resources.type equals AWS::S3ObjectLambda::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-object-lambda:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
*
*
* When resources.type equals AWS::S3Outposts::Object, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-outposts:<region>:<account_ID>:<object_path>
*
*
*
*
* When resources.type equals AWS::SSMMessages::ControlChannel, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ssmmessages:<region>:<account_ID>:control-channel/<channel_ID>
*
*
*
*
* When resources.type equals AWS::VerifiedPermissions::PolicyStore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:verifiedpermissions:<region>:<account_ID>:policy-store/<policy_store_UUID>
*
*
*
*
*
*/
private String field;
/**
*
* An operator that includes events that match the exact value of the event record field specified as the value of
* Field. This is the only valid operator that you can use with the readOnly,
* eventCategory, and resources.type fields.
*
*/
private com.amazonaws.internal.SdkInternalList equals;
/**
*
* An operator that includes events that match the first few characters of the event record field specified as the
* value of Field.
*
*/
private com.amazonaws.internal.SdkInternalList startsWith;
/**
*
* An operator that includes events that match the last few characters of the event record field specified as the
* value of Field.
*
*/
private com.amazonaws.internal.SdkInternalList endsWith;
/**
*
* An operator that excludes events that match the exact value of the event record field specified as the value of
* Field.
*
*/
private com.amazonaws.internal.SdkInternalList notEquals;
/**
*
* An operator that excludes events that match the first few characters of the event record field specified as the
* value of Field.
*
*/
private com.amazonaws.internal.SdkInternalList notStartsWith;
/**
*
* An operator that excludes events that match the last few characters of the event record field specified as the
* value of Field.
*
*/
private com.amazonaws.internal.SdkInternalList notEndsWith;
/**
*
* A field in a CloudTrail event record on which to filter events to be logged. For event data stores for Config
* configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used only for
* selecting events as filtering is not supported.
*
*
* For CloudTrail event records, supported fields include readOnly, eventCategory,
* eventSource (for management events), eventName, resources.type, and
* resources.ARN.
*
*
* For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events,
* the only supported field is eventCategory.
*
*
* -
*
* readOnly - Optional. Can be set to Equals a value of true or
* false. If you do not add this field, CloudTrail logs both read and write
* events. A value of true logs only read events. A value of false logs only
* write events.
*
*
* -
*
* eventSource - For filtering management events only. This can be set only to
* NotEquals kms.amazonaws.com.
*
*
* -
*
* eventName - Can use any operator. You can use it to filter in or filter out any data event
* logged to CloudTrail, such as PutBucket or GetSnapshotBlock. You can have multiple
* values for this field, separated by commas.
*
*
* -
*
* eventCategory - This is required and must be set to Equals.
*
*
* -
*
* For CloudTrail event records, the value must be Management or Data.
*
*
* -
*
* For Config configuration items, the value must be ConfigurationItem.
*
*
* -
*
* For Audit Manager evidence, the value must be Evidence.
*
*
* -
*
* For non-Amazon Web Services events, the value must be ActivityAuditLog.
*
*
*
*
* -
*
* resources.type - This field is required for CloudTrail data events.
* resources.type can only use the Equals operator, and the value can be one of the
* following:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*
* You can have only one resources.type field per selector. To log data events on more than one resource
* type, add another selector.
*
*
* -
*
* resources.ARN - You can use any operator with resources.ARN, but if you use
* Equals or NotEquals, the value must exactly match the ARN of a valid resource of the
* type you've specified in the template as the value of resources.type. For example, if resources.type equals
* AWS::S3::Object, the ARN must be in one of the following formats. To log all data events for all
* objects in a specific S3 bucket, use the StartsWith operator, and include only the bucket ARN as the
* matching value.
*
*
* The trailing slash is intentional; do not exclude it. Replace the text between less than and greater than symbols
* (<>) with resource-specific information.
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/<object_path>/
*
*
*
*
* When resources.type equals AWS::DynamoDB::Table, and the operator is set to Equals or
* NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>
*
*
*
*
* When resources.type equals AWS::Lambda::Function, and the operator is set to Equals or
* NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:lambda:<region>:<account_ID>:function:<function_name>
*
*
*
*
* When resources.type equals AWS::CloudTrail::Channel, and the operator is set to Equals
* or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cloudtrail:<region>:<account_ID>:channel/<channel_UUID>
*
*
*
*
* When resources.type equals AWS::CodeWhisperer::Profile, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:codewhisperer:<region>:<account_ID>:profile/<profile_ID>
*
*
*
*
* When resources.type equals AWS::Cognito::IdentityPool, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cognito-identity:<region>:<account_ID>:identitypool/<identity_pool_ID>
*
*
*
*
* When resources.type equals AWS::DynamoDB::Stream, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time>
*
*
*
*
* When resources.type equals AWS::EC2::Snapshot, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ec2:<region>::snapshot/<snapshot_ID>
*
*
*
*
* When resources.type equals AWS::EMRWAL::Workspace, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:emrwal:<region>::workspace/<workspace_name>
*
*
*
*
* When resources.type equals AWS::FinSpace::Environment, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:finspace:<region>:<account_ID>:environment/<environment_ID>
*
*
*
*
* When resources.type equals AWS::Glue::Table, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:glue:<region>:<account_ID>:table/<database_name>/<table_name>
*
*
*
*
* When resources.type equals AWS::GuardDuty::Detector, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:guardduty:<region>:<account_ID>:detector/<detector_ID>
*
*
*
*
* When resources.type equals AWS::KendraRanking::ExecutionPlan, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:kendra-ranking:<region>:<account_ID>:rescore-execution-plan/<rescore_execution_plan_ID>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Network, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:::networks/<network_name>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Node, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:<region>:<account_ID>:nodes/<node_ID>
*
*
*
*
* When resources.type equals AWS::MedicalImaging::Datastore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:medical-imaging:<region>:<account_ID>:datastore/<data_store_ID>
*
*
*
*
* When resources.type equals AWS::SageMaker::ExperimentTrialComponent, and the operator
* is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:experiment-trial-component/<experiment_trial_component_name>
*
*
*
*
* When resources.type equals AWS::SageMaker::FeatureGroup, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:feature-group/<feature_group_name>
*
*
*
*
* When resources.type equals AWS::S3::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in one of the following formats. To log events on
* all objects in an S3 access point, we recommend that you use only the access point ARN, don’t include the object
* path, and use the StartsWith or NotStartsWith operators.
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>/object/<object_path>
*
*
*
*
* When resources.type equals AWS::S3ObjectLambda::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-object-lambda:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
*
*
* When resources.type equals AWS::S3Outposts::Object, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-outposts:<region>:<account_ID>:<object_path>
*
*
*
*
* When resources.type equals AWS::SSMMessages::ControlChannel, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ssmmessages:<region>:<account_ID>:control-channel/<channel_ID>
*
*
*
*
* When resources.type equals AWS::VerifiedPermissions::PolicyStore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:verifiedpermissions:<region>:<account_ID>:policy-store/<policy_store_UUID>
*
*
*
*
*
*
* @param field
* A field in a CloudTrail event record on which to filter events to be logged. For event data stores for
* Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used
* only for selecting events as filtering is not supported.
*
* For CloudTrail event records, supported fields include readOnly, eventCategory,
* eventSource (for management events), eventName, resources.type, and
* resources.ARN.
*
*
* For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services
* events, the only supported field is eventCategory.
*
*
* -
*
* readOnly - Optional. Can be set to Equals a value of true
* or false. If you do not add this field, CloudTrail logs both read and
* write events. A value of true logs only read events. A value of
* false logs only write events.
*
*
* -
*
* eventSource - For filtering management events only. This can be set only to
* NotEquals kms.amazonaws.com.
*
*
* -
*
* eventName - Can use any operator. You can use it to filter in or filter out any data
* event logged to CloudTrail, such as PutBucket or GetSnapshotBlock. You can have
* multiple values for this field, separated by commas.
*
*
* -
*
* eventCategory - This is required and must be set to Equals.
*
*
* -
*
* For CloudTrail event records, the value must be Management or Data.
*
*
* -
*
* For Config configuration items, the value must be ConfigurationItem.
*
*
* -
*
* For Audit Manager evidence, the value must be Evidence.
*
*
* -
*
* For non-Amazon Web Services events, the value must be ActivityAuditLog.
*
*
*
*
* -
*
* resources.type - This field is required for CloudTrail data events.
* resources.type can only use the Equals operator, and the value can be one of the
* following:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*
* You can have only one resources.type field per selector. To log data events on more than one
* resource type, add another selector.
*
*
* -
*
* resources.ARN - You can use any operator with resources.ARN, but if you
* use Equals or NotEquals, the value must exactly match the ARN of a valid
* resource of the type you've specified in the template as the value of resources.type. For example, if
* resources.type equals AWS::S3::Object, the ARN must be in one of the following formats. To
* log all data events for all objects in a specific S3 bucket, use the StartsWith operator, and
* include only the bucket ARN as the matching value.
*
*
* The trailing slash is intentional; do not exclude it. Replace the text between less than and greater than
* symbols (<>) with resource-specific information.
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/<object_path>/
*
*
*
*
* When resources.type equals AWS::DynamoDB::Table, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>
*
*
*
*
* When resources.type equals AWS::Lambda::Function, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:lambda:<region>:<account_ID>:function:<function_name>
*
*
*
*
* When resources.type equals AWS::CloudTrail::Channel, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cloudtrail:<region>:<account_ID>:channel/<channel_UUID>
*
*
*
*
* When resources.type equals AWS::CodeWhisperer::Profile, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:codewhisperer:<region>:<account_ID>:profile/<profile_ID>
*
*
*
*
* When resources.type equals AWS::Cognito::IdentityPool, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cognito-identity:<region>:<account_ID>:identitypool/<identity_pool_ID>
*
*
*
*
* When resources.type equals AWS::DynamoDB::Stream, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time>
*
*
*
*
* When resources.type equals AWS::EC2::Snapshot, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ec2:<region>::snapshot/<snapshot_ID>
*
*
*
*
* When resources.type equals AWS::EMRWAL::Workspace, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:emrwal:<region>::workspace/<workspace_name>
*
*
*
*
* When resources.type equals AWS::FinSpace::Environment, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:finspace:<region>:<account_ID>:environment/<environment_ID>
*
*
*
*
* When resources.type equals AWS::Glue::Table, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:glue:<region>:<account_ID>:table/<database_name>/<table_name>
*
*
*
*
* When resources.type equals AWS::GuardDuty::Detector, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:guardduty:<region>:<account_ID>:detector/<detector_ID>
*
*
*
*
* When resources.type equals AWS::KendraRanking::ExecutionPlan, and the operator
* is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:kendra-ranking:<region>:<account_ID>:rescore-execution-plan/<rescore_execution_plan_ID>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Network, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:::networks/<network_name>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Node, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:<region>:<account_ID>:nodes/<node_ID>
*
*
*
*
* When resources.type equals AWS::MedicalImaging::Datastore, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:medical-imaging:<region>:<account_ID>:datastore/<data_store_ID>
*
*
*
*
* When resources.type equals AWS::SageMaker::ExperimentTrialComponent, and the
* operator is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:experiment-trial-component/<experiment_trial_component_name>
*
*
*
*
* When resources.type equals AWS::SageMaker::FeatureGroup, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:feature-group/<feature_group_name>
*
*
*
*
* When resources.type equals AWS::S3::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in one of the following formats. To log
* events on all objects in an S3 access point, we recommend that you use only the access point ARN, don’t
* include the object path, and use the StartsWith or NotStartsWith operators.
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>/object/<object_path>
*
*
*
*
* When resources.type equals AWS::S3ObjectLambda::AccessPoint, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-object-lambda:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
*
*
* When resources.type equals AWS::S3Outposts::Object, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-outposts:<region>:<account_ID>:<object_path>
*
*
*
*
* When resources.type equals AWS::SSMMessages::ControlChannel, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ssmmessages:<region>:<account_ID>:control-channel/<channel_ID>
*
*
*
*
* When resources.type equals AWS::VerifiedPermissions::PolicyStore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:verifiedpermissions:<region>:<account_ID>:policy-store/<policy_store_UUID>
*
*
*
*
*/
public void setField(String field) {
this.field = field;
}
/**
*
* A field in a CloudTrail event record on which to filter events to be logged. For event data stores for Config
* configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used only for
* selecting events as filtering is not supported.
*
*
* For CloudTrail event records, supported fields include readOnly, eventCategory,
* eventSource (for management events), eventName, resources.type, and
* resources.ARN.
*
*
* For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events,
* the only supported field is eventCategory.
*
*
* -
*
* readOnly - Optional. Can be set to Equals a value of true or
* false. If you do not add this field, CloudTrail logs both read and write
* events. A value of true logs only read events. A value of false logs only
* write events.
*
*
* -
*
* eventSource - For filtering management events only. This can be set only to
* NotEquals kms.amazonaws.com.
*
*
* -
*
* eventName - Can use any operator. You can use it to filter in or filter out any data event
* logged to CloudTrail, such as PutBucket or GetSnapshotBlock. You can have multiple
* values for this field, separated by commas.
*
*
* -
*
* eventCategory - This is required and must be set to Equals.
*
*
* -
*
* For CloudTrail event records, the value must be Management or Data.
*
*
* -
*
* For Config configuration items, the value must be ConfigurationItem.
*
*
* -
*
* For Audit Manager evidence, the value must be Evidence.
*
*
* -
*
* For non-Amazon Web Services events, the value must be ActivityAuditLog.
*
*
*
*
* -
*
* resources.type - This field is required for CloudTrail data events.
* resources.type can only use the Equals operator, and the value can be one of the
* following:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*
* You can have only one resources.type field per selector. To log data events on more than one resource
* type, add another selector.
*
*
* -
*
* resources.ARN - You can use any operator with resources.ARN, but if you use
* Equals or NotEquals, the value must exactly match the ARN of a valid resource of the
* type you've specified in the template as the value of resources.type. For example, if resources.type equals
* AWS::S3::Object, the ARN must be in one of the following formats. To log all data events for all
* objects in a specific S3 bucket, use the StartsWith operator, and include only the bucket ARN as the
* matching value.
*
*
* The trailing slash is intentional; do not exclude it. Replace the text between less than and greater than symbols
* (<>) with resource-specific information.
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/<object_path>/
*
*
*
*
* When resources.type equals AWS::DynamoDB::Table, and the operator is set to Equals or
* NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>
*
*
*
*
* When resources.type equals AWS::Lambda::Function, and the operator is set to Equals or
* NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:lambda:<region>:<account_ID>:function:<function_name>
*
*
*
*
* When resources.type equals AWS::CloudTrail::Channel, and the operator is set to Equals
* or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cloudtrail:<region>:<account_ID>:channel/<channel_UUID>
*
*
*
*
* When resources.type equals AWS::CodeWhisperer::Profile, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:codewhisperer:<region>:<account_ID>:profile/<profile_ID>
*
*
*
*
* When resources.type equals AWS::Cognito::IdentityPool, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cognito-identity:<region>:<account_ID>:identitypool/<identity_pool_ID>
*
*
*
*
* When resources.type equals AWS::DynamoDB::Stream, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time>
*
*
*
*
* When resources.type equals AWS::EC2::Snapshot, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ec2:<region>::snapshot/<snapshot_ID>
*
*
*
*
* When resources.type equals AWS::EMRWAL::Workspace, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:emrwal:<region>::workspace/<workspace_name>
*
*
*
*
* When resources.type equals AWS::FinSpace::Environment, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:finspace:<region>:<account_ID>:environment/<environment_ID>
*
*
*
*
* When resources.type equals AWS::Glue::Table, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:glue:<region>:<account_ID>:table/<database_name>/<table_name>
*
*
*
*
* When resources.type equals AWS::GuardDuty::Detector, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:guardduty:<region>:<account_ID>:detector/<detector_ID>
*
*
*
*
* When resources.type equals AWS::KendraRanking::ExecutionPlan, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:kendra-ranking:<region>:<account_ID>:rescore-execution-plan/<rescore_execution_plan_ID>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Network, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:::networks/<network_name>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Node, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:<region>:<account_ID>:nodes/<node_ID>
*
*
*
*
* When resources.type equals AWS::MedicalImaging::Datastore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:medical-imaging:<region>:<account_ID>:datastore/<data_store_ID>
*
*
*
*
* When resources.type equals AWS::SageMaker::ExperimentTrialComponent, and the operator
* is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:experiment-trial-component/<experiment_trial_component_name>
*
*
*
*
* When resources.type equals AWS::SageMaker::FeatureGroup, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:feature-group/<feature_group_name>
*
*
*
*
* When resources.type equals AWS::S3::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in one of the following formats. To log events on
* all objects in an S3 access point, we recommend that you use only the access point ARN, don’t include the object
* path, and use the StartsWith or NotStartsWith operators.
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>/object/<object_path>
*
*
*
*
* When resources.type equals AWS::S3ObjectLambda::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-object-lambda:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
*
*
* When resources.type equals AWS::S3Outposts::Object, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-outposts:<region>:<account_ID>:<object_path>
*
*
*
*
* When resources.type equals AWS::SSMMessages::ControlChannel, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ssmmessages:<region>:<account_ID>:control-channel/<channel_ID>
*
*
*
*
* When resources.type equals AWS::VerifiedPermissions::PolicyStore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:verifiedpermissions:<region>:<account_ID>:policy-store/<policy_store_UUID>
*
*
*
*
*
*
* @return A field in a CloudTrail event record on which to filter events to be logged. For event data stores for
* Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used
* only for selecting events as filtering is not supported.
*
* For CloudTrail event records, supported fields include readOnly, eventCategory,
* eventSource (for management events), eventName, resources.type,
* and resources.ARN.
*
*
* For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services
* events, the only supported field is eventCategory.
*
*
* -
*
* readOnly - Optional. Can be set to Equals a value of true
* or false. If you do not add this field, CloudTrail logs both read and
* write events. A value of true logs only read events. A value of
* false logs only write events.
*
*
* -
*
* eventSource - For filtering management events only. This can be set only to
* NotEquals kms.amazonaws.com.
*
*
* -
*
* eventName - Can use any operator. You can use it to filter in or filter out any data
* event logged to CloudTrail, such as PutBucket or GetSnapshotBlock. You can have
* multiple values for this field, separated by commas.
*
*
* -
*
* eventCategory - This is required and must be set to Equals.
*
*
* -
*
* For CloudTrail event records, the value must be Management or Data.
*
*
* -
*
* For Config configuration items, the value must be ConfigurationItem.
*
*
* -
*
* For Audit Manager evidence, the value must be Evidence.
*
*
* -
*
* For non-Amazon Web Services events, the value must be ActivityAuditLog.
*
*
*
*
* -
*
* resources.type - This field is required for CloudTrail data events.
* resources.type can only use the Equals operator, and the value can be one of
* the following:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*
* You can have only one resources.type field per selector. To log data events on more than one
* resource type, add another selector.
*
*
* -
*
* resources.ARN - You can use any operator with resources.ARN, but if
* you use Equals or NotEquals, the value must exactly match the ARN of a valid
* resource of the type you've specified in the template as the value of resources.type. For example, if
* resources.type equals AWS::S3::Object, the ARN must be in one of the following formats. To
* log all data events for all objects in a specific S3 bucket, use the StartsWith operator,
* and include only the bucket ARN as the matching value.
*
*
* The trailing slash is intentional; do not exclude it. Replace the text between less than and greater than
* symbols (<>) with resource-specific information.
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/<object_path>/
*
*
*
*
* When resources.type equals AWS::DynamoDB::Table, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>
*
*
*
*
* When resources.type equals AWS::Lambda::Function, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:lambda:<region>:<account_ID>:function:<function_name>
*
*
*
*
* When resources.type equals AWS::CloudTrail::Channel, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cloudtrail:<region>:<account_ID>:channel/<channel_UUID>
*
*
*
*
* When resources.type equals AWS::CodeWhisperer::Profile, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:codewhisperer:<region>:<account_ID>:profile/<profile_ID>
*
*
*
*
* When resources.type equals AWS::Cognito::IdentityPool, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cognito-identity:<region>:<account_ID>:identitypool/<identity_pool_ID>
*
*
*
*
* When resources.type equals AWS::DynamoDB::Stream, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time>
*
*
*
*
* When resources.type equals AWS::EC2::Snapshot, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ec2:<region>::snapshot/<snapshot_ID>
*
*
*
*
* When resources.type equals AWS::EMRWAL::Workspace, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:emrwal:<region>::workspace/<workspace_name>
*
*
*
*
* When resources.type equals AWS::FinSpace::Environment, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:finspace:<region>:<account_ID>:environment/<environment_ID>
*
*
*
*
* When resources.type equals AWS::Glue::Table, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:glue:<region>:<account_ID>:table/<database_name>/<table_name>
*
*
*
*
* When resources.type equals AWS::GuardDuty::Detector, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:guardduty:<region>:<account_ID>:detector/<detector_ID>
*
*
*
*
* When resources.type equals AWS::KendraRanking::ExecutionPlan, and the operator
* is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:kendra-ranking:<region>:<account_ID>:rescore-execution-plan/<rescore_execution_plan_ID>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Network, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:::networks/<network_name>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Node, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:<region>:<account_ID>:nodes/<node_ID>
*
*
*
*
* When resources.type equals AWS::MedicalImaging::Datastore, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:medical-imaging:<region>:<account_ID>:datastore/<data_store_ID>
*
*
*
*
* When resources.type equals AWS::SageMaker::ExperimentTrialComponent, and the
* operator is set to Equals or NotEquals, the ARN must be in the following
* format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:experiment-trial-component/<experiment_trial_component_name>
*
*
*
*
* When resources.type equals AWS::SageMaker::FeatureGroup, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:feature-group/<feature_group_name>
*
*
*
*
* When resources.type equals AWS::S3::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in one of the following formats. To log
* events on all objects in an S3 access point, we recommend that you use only the access point ARN, don’t
* include the object path, and use the StartsWith or NotStartsWith operators.
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>/object/<object_path>
*
*
*
*
* When resources.type equals AWS::S3ObjectLambda::AccessPoint, and the operator
* is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-object-lambda:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
*
*
* When resources.type equals AWS::S3Outposts::Object, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-outposts:<region>:<account_ID>:<object_path>
*
*
*
*
* When resources.type equals AWS::SSMMessages::ControlChannel, and the operator
* is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ssmmessages:<region>:<account_ID>:control-channel/<channel_ID>
*
*
*
*
* When resources.type equals AWS::VerifiedPermissions::PolicyStore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:verifiedpermissions:<region>:<account_ID>:policy-store/<policy_store_UUID>
*
*
*
*
*/
public String getField() {
return this.field;
}
/**
*
* A field in a CloudTrail event record on which to filter events to be logged. For event data stores for Config
* configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used only for
* selecting events as filtering is not supported.
*
*
* For CloudTrail event records, supported fields include readOnly, eventCategory,
* eventSource (for management events), eventName, resources.type, and
* resources.ARN.
*
*
* For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events,
* the only supported field is eventCategory.
*
*
* -
*
* readOnly - Optional. Can be set to Equals a value of true or
* false. If you do not add this field, CloudTrail logs both read and write
* events. A value of true logs only read events. A value of false logs only
* write events.
*
*
* -
*
* eventSource - For filtering management events only. This can be set only to
* NotEquals kms.amazonaws.com.
*
*
* -
*
* eventName - Can use any operator. You can use it to filter in or filter out any data event
* logged to CloudTrail, such as PutBucket or GetSnapshotBlock. You can have multiple
* values for this field, separated by commas.
*
*
* -
*
* eventCategory - This is required and must be set to Equals.
*
*
* -
*
* For CloudTrail event records, the value must be Management or Data.
*
*
* -
*
* For Config configuration items, the value must be ConfigurationItem.
*
*
* -
*
* For Audit Manager evidence, the value must be Evidence.
*
*
* -
*
* For non-Amazon Web Services events, the value must be ActivityAuditLog.
*
*
*
*
* -
*
* resources.type - This field is required for CloudTrail data events.
* resources.type can only use the Equals operator, and the value can be one of the
* following:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*
* You can have only one resources.type field per selector. To log data events on more than one resource
* type, add another selector.
*
*
* -
*
* resources.ARN - You can use any operator with resources.ARN, but if you use
* Equals or NotEquals, the value must exactly match the ARN of a valid resource of the
* type you've specified in the template as the value of resources.type. For example, if resources.type equals
* AWS::S3::Object, the ARN must be in one of the following formats. To log all data events for all
* objects in a specific S3 bucket, use the StartsWith operator, and include only the bucket ARN as the
* matching value.
*
*
* The trailing slash is intentional; do not exclude it. Replace the text between less than and greater than symbols
* (<>) with resource-specific information.
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/<object_path>/
*
*
*
*
* When resources.type equals AWS::DynamoDB::Table, and the operator is set to Equals or
* NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>
*
*
*
*
* When resources.type equals AWS::Lambda::Function, and the operator is set to Equals or
* NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:lambda:<region>:<account_ID>:function:<function_name>
*
*
*
*
* When resources.type equals AWS::CloudTrail::Channel, and the operator is set to Equals
* or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cloudtrail:<region>:<account_ID>:channel/<channel_UUID>
*
*
*
*
* When resources.type equals AWS::CodeWhisperer::Profile, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:codewhisperer:<region>:<account_ID>:profile/<profile_ID>
*
*
*
*
* When resources.type equals AWS::Cognito::IdentityPool, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cognito-identity:<region>:<account_ID>:identitypool/<identity_pool_ID>
*
*
*
*
* When resources.type equals AWS::DynamoDB::Stream, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time>
*
*
*
*
* When resources.type equals AWS::EC2::Snapshot, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ec2:<region>::snapshot/<snapshot_ID>
*
*
*
*
* When resources.type equals AWS::EMRWAL::Workspace, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:emrwal:<region>::workspace/<workspace_name>
*
*
*
*
* When resources.type equals AWS::FinSpace::Environment, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:finspace:<region>:<account_ID>:environment/<environment_ID>
*
*
*
*
* When resources.type equals AWS::Glue::Table, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:glue:<region>:<account_ID>:table/<database_name>/<table_name>
*
*
*
*
* When resources.type equals AWS::GuardDuty::Detector, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:guardduty:<region>:<account_ID>:detector/<detector_ID>
*
*
*
*
* When resources.type equals AWS::KendraRanking::ExecutionPlan, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:kendra-ranking:<region>:<account_ID>:rescore-execution-plan/<rescore_execution_plan_ID>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Network, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:::networks/<network_name>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Node, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:<region>:<account_ID>:nodes/<node_ID>
*
*
*
*
* When resources.type equals AWS::MedicalImaging::Datastore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:medical-imaging:<region>:<account_ID>:datastore/<data_store_ID>
*
*
*
*
* When resources.type equals AWS::SageMaker::ExperimentTrialComponent, and the operator
* is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:experiment-trial-component/<experiment_trial_component_name>
*
*
*
*
* When resources.type equals AWS::SageMaker::FeatureGroup, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:feature-group/<feature_group_name>
*
*
*
*
* When resources.type equals AWS::S3::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in one of the following formats. To log events on
* all objects in an S3 access point, we recommend that you use only the access point ARN, don’t include the object
* path, and use the StartsWith or NotStartsWith operators.
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>/object/<object_path>
*
*
*
*
* When resources.type equals AWS::S3ObjectLambda::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-object-lambda:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
*
*
* When resources.type equals AWS::S3Outposts::Object, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-outposts:<region>:<account_ID>:<object_path>
*
*
*
*
* When resources.type equals AWS::SSMMessages::ControlChannel, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ssmmessages:<region>:<account_ID>:control-channel/<channel_ID>
*
*
*
*
* When resources.type equals AWS::VerifiedPermissions::PolicyStore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:verifiedpermissions:<region>:<account_ID>:policy-store/<policy_store_UUID>
*
*
*
*
*
*
* @param field
* A field in a CloudTrail event record on which to filter events to be logged. For event data stores for
* Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used
* only for selecting events as filtering is not supported.
*
* For CloudTrail event records, supported fields include readOnly, eventCategory,
* eventSource (for management events), eventName, resources.type, and
* resources.ARN.
*
*
* For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services
* events, the only supported field is eventCategory.
*
*
* -
*
* readOnly - Optional. Can be set to Equals a value of true
* or false. If you do not add this field, CloudTrail logs both read and
* write events. A value of true logs only read events. A value of
* false logs only write events.
*
*
* -
*
* eventSource - For filtering management events only. This can be set only to
* NotEquals kms.amazonaws.com.
*
*
* -
*
* eventName - Can use any operator. You can use it to filter in or filter out any data
* event logged to CloudTrail, such as PutBucket or GetSnapshotBlock. You can have
* multiple values for this field, separated by commas.
*
*
* -
*
* eventCategory - This is required and must be set to Equals.
*
*
* -
*
* For CloudTrail event records, the value must be Management or Data.
*
*
* -
*
* For Config configuration items, the value must be ConfigurationItem.
*
*
* -
*
* For Audit Manager evidence, the value must be Evidence.
*
*
* -
*
* For non-Amazon Web Services events, the value must be ActivityAuditLog.
*
*
*
*
* -
*
* resources.type - This field is required for CloudTrail data events.
* resources.type can only use the Equals operator, and the value can be one of the
* following:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*
* You can have only one resources.type field per selector. To log data events on more than one
* resource type, add another selector.
*
*
* -
*
* resources.ARN - You can use any operator with resources.ARN, but if you
* use Equals or NotEquals, the value must exactly match the ARN of a valid
* resource of the type you've specified in the template as the value of resources.type. For example, if
* resources.type equals AWS::S3::Object, the ARN must be in one of the following formats. To
* log all data events for all objects in a specific S3 bucket, use the StartsWith operator, and
* include only the bucket ARN as the matching value.
*
*
* The trailing slash is intentional; do not exclude it. Replace the text between less than and greater than
* symbols (<>) with resource-specific information.
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/
*
*
* -
*
* arn:<partition>:s3:::<bucket_name>/<object_path>/
*
*
*
*
* When resources.type equals AWS::DynamoDB::Table, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>
*
*
*
*
* When resources.type equals AWS::Lambda::Function, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:lambda:<region>:<account_ID>:function:<function_name>
*
*
*
*
* When resources.type equals AWS::CloudTrail::Channel, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cloudtrail:<region>:<account_ID>:channel/<channel_UUID>
*
*
*
*
* When resources.type equals AWS::CodeWhisperer::Profile, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:codewhisperer:<region>:<account_ID>:profile/<profile_ID>
*
*
*
*
* When resources.type equals AWS::Cognito::IdentityPool, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:cognito-identity:<region>:<account_ID>:identitypool/<identity_pool_ID>
*
*
*
*
* When resources.type equals AWS::DynamoDB::Stream, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time>
*
*
*
*
* When resources.type equals AWS::EC2::Snapshot, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ec2:<region>::snapshot/<snapshot_ID>
*
*
*
*
* When resources.type equals AWS::EMRWAL::Workspace, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:emrwal:<region>::workspace/<workspace_name>
*
*
*
*
* When resources.type equals AWS::FinSpace::Environment, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:finspace:<region>:<account_ID>:environment/<environment_ID>
*
*
*
*
* When resources.type equals AWS::Glue::Table, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:glue:<region>:<account_ID>:table/<database_name>/<table_name>
*
*
*
*
* When resources.type equals AWS::GuardDuty::Detector, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:guardduty:<region>:<account_ID>:detector/<detector_ID>
*
*
*
*
* When resources.type equals AWS::KendraRanking::ExecutionPlan, and the operator
* is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:kendra-ranking:<region>:<account_ID>:rescore-execution-plan/<rescore_execution_plan_ID>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Network, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:::networks/<network_name>
*
*
*
*
* When resources.type equals AWS::ManagedBlockchain::Node, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:managedblockchain:<region>:<account_ID>:nodes/<node_ID>
*
*
*
*
* When resources.type equals AWS::MedicalImaging::Datastore, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:medical-imaging:<region>:<account_ID>:datastore/<data_store_ID>
*
*
*
*
* When resources.type equals AWS::SageMaker::ExperimentTrialComponent, and the
* operator is set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:experiment-trial-component/<experiment_trial_component_name>
*
*
*
*
* When resources.type equals AWS::SageMaker::FeatureGroup, and the operator is set
* to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:sagemaker:<region>:<account_ID>:feature-group/<feature_group_name>
*
*
*
*
* When resources.type equals AWS::S3::AccessPoint, and the operator is set to
* Equals or NotEquals, the ARN must be in one of the following formats. To log
* events on all objects in an S3 access point, we recommend that you use only the access point ARN, don’t
* include the object path, and use the StartsWith or NotStartsWith operators.
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
* -
*
* arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>/object/<object_path>
*
*
*
*
* When resources.type equals AWS::S3ObjectLambda::AccessPoint, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-object-lambda:<region>:<account_ID>:accesspoint/<access_point_name>
*
*
*
*
* When resources.type equals AWS::S3Outposts::Object, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:s3-outposts:<region>:<account_ID>:<object_path>
*
*
*
*
* When resources.type equals AWS::SSMMessages::ControlChannel, and the operator is
* set to Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:ssmmessages:<region>:<account_ID>:control-channel/<channel_ID>
*
*
*
*
* When resources.type equals AWS::VerifiedPermissions::PolicyStore, and the operator is set to
* Equals or NotEquals, the ARN must be in the following format:
*
*
* -
*
* arn:<partition>:verifiedpermissions:<region>:<account_ID>:policy-store/<policy_store_UUID>
*
*
*
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withField(String field) {
setField(field);
return this;
}
/**
*
* An operator that includes events that match the exact value of the event record field specified as the value of
* Field. This is the only valid operator that you can use with the readOnly,
* eventCategory, and resources.type fields.
*
*
* @return An operator that includes events that match the exact value of the event record field specified as the
* value of Field. This is the only valid operator that you can use with the
* readOnly, eventCategory, and resources.type fields.
*/
public java.util.List getEquals() {
if (equals == null) {
equals = new com.amazonaws.internal.SdkInternalList();
}
return equals;
}
/**
*
* An operator that includes events that match the exact value of the event record field specified as the value of
* Field. This is the only valid operator that you can use with the readOnly,
* eventCategory, and resources.type fields.
*
*
* @param equals
* An operator that includes events that match the exact value of the event record field specified as the
* value of Field. This is the only valid operator that you can use with the
* readOnly, eventCategory, and resources.type fields.
*/
public void setEquals(java.util.Collection equals) {
if (equals == null) {
this.equals = null;
return;
}
this.equals = new com.amazonaws.internal.SdkInternalList(equals);
}
/**
*
* An operator that includes events that match the exact value of the event record field specified as the value of
* Field. This is the only valid operator that you can use with the readOnly,
* eventCategory, and resources.type fields.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setEquals(java.util.Collection)} or {@link #withEquals(java.util.Collection)} if you want to override the
* existing values.
*
*
* @param equals
* An operator that includes events that match the exact value of the event record field specified as the
* value of Field. This is the only valid operator that you can use with the
* readOnly, eventCategory, and resources.type fields.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withEquals(String... equals) {
if (this.equals == null) {
setEquals(new com.amazonaws.internal.SdkInternalList(equals.length));
}
for (String ele : equals) {
this.equals.add(ele);
}
return this;
}
/**
*
* An operator that includes events that match the exact value of the event record field specified as the value of
* Field. This is the only valid operator that you can use with the readOnly,
* eventCategory, and resources.type fields.
*
*
* @param equals
* An operator that includes events that match the exact value of the event record field specified as the
* value of Field. This is the only valid operator that you can use with the
* readOnly, eventCategory, and resources.type fields.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withEquals(java.util.Collection equals) {
setEquals(equals);
return this;
}
/**
*
* An operator that includes events that match the first few characters of the event record field specified as the
* value of Field.
*
*
* @return An operator that includes events that match the first few characters of the event record field specified
* as the value of Field.
*/
public java.util.List getStartsWith() {
if (startsWith == null) {
startsWith = new com.amazonaws.internal.SdkInternalList();
}
return startsWith;
}
/**
*
* An operator that includes events that match the first few characters of the event record field specified as the
* value of Field.
*
*
* @param startsWith
* An operator that includes events that match the first few characters of the event record field specified
* as the value of Field.
*/
public void setStartsWith(java.util.Collection startsWith) {
if (startsWith == null) {
this.startsWith = null;
return;
}
this.startsWith = new com.amazonaws.internal.SdkInternalList(startsWith);
}
/**
*
* An operator that includes events that match the first few characters of the event record field specified as the
* value of Field.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setStartsWith(java.util.Collection)} or {@link #withStartsWith(java.util.Collection)} if you want to
* override the existing values.
*
*
* @param startsWith
* An operator that includes events that match the first few characters of the event record field specified
* as the value of Field.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withStartsWith(String... startsWith) {
if (this.startsWith == null) {
setStartsWith(new com.amazonaws.internal.SdkInternalList(startsWith.length));
}
for (String ele : startsWith) {
this.startsWith.add(ele);
}
return this;
}
/**
*
* An operator that includes events that match the first few characters of the event record field specified as the
* value of Field.
*
*
* @param startsWith
* An operator that includes events that match the first few characters of the event record field specified
* as the value of Field.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withStartsWith(java.util.Collection startsWith) {
setStartsWith(startsWith);
return this;
}
/**
*
* An operator that includes events that match the last few characters of the event record field specified as the
* value of Field.
*
*
* @return An operator that includes events that match the last few characters of the event record field specified
* as the value of Field.
*/
public java.util.List getEndsWith() {
if (endsWith == null) {
endsWith = new com.amazonaws.internal.SdkInternalList();
}
return endsWith;
}
/**
*
* An operator that includes events that match the last few characters of the event record field specified as the
* value of Field.
*
*
* @param endsWith
* An operator that includes events that match the last few characters of the event record field specified as
* the value of Field.
*/
public void setEndsWith(java.util.Collection endsWith) {
if (endsWith == null) {
this.endsWith = null;
return;
}
this.endsWith = new com.amazonaws.internal.SdkInternalList(endsWith);
}
/**
*
* An operator that includes events that match the last few characters of the event record field specified as the
* value of Field.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setEndsWith(java.util.Collection)} or {@link #withEndsWith(java.util.Collection)} if you want to override
* the existing values.
*
*
* @param endsWith
* An operator that includes events that match the last few characters of the event record field specified as
* the value of Field.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withEndsWith(String... endsWith) {
if (this.endsWith == null) {
setEndsWith(new com.amazonaws.internal.SdkInternalList(endsWith.length));
}
for (String ele : endsWith) {
this.endsWith.add(ele);
}
return this;
}
/**
*
* An operator that includes events that match the last few characters of the event record field specified as the
* value of Field.
*
*
* @param endsWith
* An operator that includes events that match the last few characters of the event record field specified as
* the value of Field.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withEndsWith(java.util.Collection endsWith) {
setEndsWith(endsWith);
return this;
}
/**
*
* An operator that excludes events that match the exact value of the event record field specified as the value of
* Field.
*
*
* @return An operator that excludes events that match the exact value of the event record field specified as the
* value of Field.
*/
public java.util.List getNotEquals() {
if (notEquals == null) {
notEquals = new com.amazonaws.internal.SdkInternalList();
}
return notEquals;
}
/**
*
* An operator that excludes events that match the exact value of the event record field specified as the value of
* Field.
*
*
* @param notEquals
* An operator that excludes events that match the exact value of the event record field specified as the
* value of Field.
*/
public void setNotEquals(java.util.Collection notEquals) {
if (notEquals == null) {
this.notEquals = null;
return;
}
this.notEquals = new com.amazonaws.internal.SdkInternalList(notEquals);
}
/**
*
* An operator that excludes events that match the exact value of the event record field specified as the value of
* Field.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setNotEquals(java.util.Collection)} or {@link #withNotEquals(java.util.Collection)} if you want to
* override the existing values.
*
*
* @param notEquals
* An operator that excludes events that match the exact value of the event record field specified as the
* value of Field.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withNotEquals(String... notEquals) {
if (this.notEquals == null) {
setNotEquals(new com.amazonaws.internal.SdkInternalList(notEquals.length));
}
for (String ele : notEquals) {
this.notEquals.add(ele);
}
return this;
}
/**
*
* An operator that excludes events that match the exact value of the event record field specified as the value of
* Field.
*
*
* @param notEquals
* An operator that excludes events that match the exact value of the event record field specified as the
* value of Field.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withNotEquals(java.util.Collection notEquals) {
setNotEquals(notEquals);
return this;
}
/**
*
* An operator that excludes events that match the first few characters of the event record field specified as the
* value of Field.
*
*
* @return An operator that excludes events that match the first few characters of the event record field specified
* as the value of Field.
*/
public java.util.List getNotStartsWith() {
if (notStartsWith == null) {
notStartsWith = new com.amazonaws.internal.SdkInternalList();
}
return notStartsWith;
}
/**
*
* An operator that excludes events that match the first few characters of the event record field specified as the
* value of Field.
*
*
* @param notStartsWith
* An operator that excludes events that match the first few characters of the event record field specified
* as the value of Field.
*/
public void setNotStartsWith(java.util.Collection notStartsWith) {
if (notStartsWith == null) {
this.notStartsWith = null;
return;
}
this.notStartsWith = new com.amazonaws.internal.SdkInternalList(notStartsWith);
}
/**
*
* An operator that excludes events that match the first few characters of the event record field specified as the
* value of Field.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setNotStartsWith(java.util.Collection)} or {@link #withNotStartsWith(java.util.Collection)} if you want
* to override the existing values.
*
*
* @param notStartsWith
* An operator that excludes events that match the first few characters of the event record field specified
* as the value of Field.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withNotStartsWith(String... notStartsWith) {
if (this.notStartsWith == null) {
setNotStartsWith(new com.amazonaws.internal.SdkInternalList(notStartsWith.length));
}
for (String ele : notStartsWith) {
this.notStartsWith.add(ele);
}
return this;
}
/**
*
* An operator that excludes events that match the first few characters of the event record field specified as the
* value of Field.
*
*
* @param notStartsWith
* An operator that excludes events that match the first few characters of the event record field specified
* as the value of Field.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withNotStartsWith(java.util.Collection notStartsWith) {
setNotStartsWith(notStartsWith);
return this;
}
/**
*
* An operator that excludes events that match the last few characters of the event record field specified as the
* value of Field.
*
*
* @return An operator that excludes events that match the last few characters of the event record field specified
* as the value of Field.
*/
public java.util.List getNotEndsWith() {
if (notEndsWith == null) {
notEndsWith = new com.amazonaws.internal.SdkInternalList();
}
return notEndsWith;
}
/**
*
* An operator that excludes events that match the last few characters of the event record field specified as the
* value of Field.
*
*
* @param notEndsWith
* An operator that excludes events that match the last few characters of the event record field specified as
* the value of Field.
*/
public void setNotEndsWith(java.util.Collection notEndsWith) {
if (notEndsWith == null) {
this.notEndsWith = null;
return;
}
this.notEndsWith = new com.amazonaws.internal.SdkInternalList(notEndsWith);
}
/**
*
* An operator that excludes events that match the last few characters of the event record field specified as the
* value of Field.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setNotEndsWith(java.util.Collection)} or {@link #withNotEndsWith(java.util.Collection)} if you want to
* override the existing values.
*
*
* @param notEndsWith
* An operator that excludes events that match the last few characters of the event record field specified as
* the value of Field.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withNotEndsWith(String... notEndsWith) {
if (this.notEndsWith == null) {
setNotEndsWith(new com.amazonaws.internal.SdkInternalList(notEndsWith.length));
}
for (String ele : notEndsWith) {
this.notEndsWith.add(ele);
}
return this;
}
/**
*
* An operator that excludes events that match the last few characters of the event record field specified as the
* value of Field.
*
*
* @param notEndsWith
* An operator that excludes events that match the last few characters of the event record field specified as
* the value of Field.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AdvancedFieldSelector withNotEndsWith(java.util.Collection notEndsWith) {
setNotEndsWith(notEndsWith);
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getField() != null)
sb.append("Field: ").append(getField()).append(",");
if (getEquals() != null)
sb.append("Equals: ").append(getEquals()).append(",");
if (getStartsWith() != null)
sb.append("StartsWith: ").append(getStartsWith()).append(",");
if (getEndsWith() != null)
sb.append("EndsWith: ").append(getEndsWith()).append(",");
if (getNotEquals() != null)
sb.append("NotEquals: ").append(getNotEquals()).append(",");
if (getNotStartsWith() != null)
sb.append("NotStartsWith: ").append(getNotStartsWith()).append(",");
if (getNotEndsWith() != null)
sb.append("NotEndsWith: ").append(getNotEndsWith());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof AdvancedFieldSelector == false)
return false;
AdvancedFieldSelector other = (AdvancedFieldSelector) obj;
if (other.getField() == null ^ this.getField() == null)
return false;
if (other.getField() != null && other.getField().equals(this.getField()) == false)
return false;
if (other.getEquals() == null ^ this.getEquals() == null)
return false;
if (other.getEquals() != null && other.getEquals().equals(this.getEquals()) == false)
return false;
if (other.getStartsWith() == null ^ this.getStartsWith() == null)
return false;
if (other.getStartsWith() != null && other.getStartsWith().equals(this.getStartsWith()) == false)
return false;
if (other.getEndsWith() == null ^ this.getEndsWith() == null)
return false;
if (other.getEndsWith() != null && other.getEndsWith().equals(this.getEndsWith()) == false)
return false;
if (other.getNotEquals() == null ^ this.getNotEquals() == null)
return false;
if (other.getNotEquals() != null && other.getNotEquals().equals(this.getNotEquals()) == false)
return false;
if (other.getNotStartsWith() == null ^ this.getNotStartsWith() == null)
return false;
if (other.getNotStartsWith() != null && other.getNotStartsWith().equals(this.getNotStartsWith()) == false)
return false;
if (other.getNotEndsWith() == null ^ this.getNotEndsWith() == null)
return false;
if (other.getNotEndsWith() != null && other.getNotEndsWith().equals(this.getNotEndsWith()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getField() == null) ? 0 : getField().hashCode());
hashCode = prime * hashCode + ((getEquals() == null) ? 0 : getEquals().hashCode());
hashCode = prime * hashCode + ((getStartsWith() == null) ? 0 : getStartsWith().hashCode());
hashCode = prime * hashCode + ((getEndsWith() == null) ? 0 : getEndsWith().hashCode());
hashCode = prime * hashCode + ((getNotEquals() == null) ? 0 : getNotEquals().hashCode());
hashCode = prime * hashCode + ((getNotStartsWith() == null) ? 0 : getNotStartsWith().hashCode());
hashCode = prime * hashCode + ((getNotEndsWith() == null) ? 0 : getNotEndsWith().hashCode());
return hashCode;
}
@Override
public AdvancedFieldSelector clone() {
try {
return (AdvancedFieldSelector) super.clone();
} catch (CloneNotSupportedException e) {
throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e);
}
}
@com.amazonaws.annotation.SdkInternalApi
@Override
public void marshall(ProtocolMarshaller protocolMarshaller) {
com.amazonaws.services.cloudtrail.model.transform.AdvancedFieldSelectorMarshaller.getInstance().marshall(this, protocolMarshaller);
}
}