com.amazonaws.services.cloudtrail.model.DataResource Maven / Gradle / Ivy
Show all versions of aws-java-sdk-cloudtrail Show documentation
/*
* Copyright 2018-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.cloudtrail.model;
import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.protocol.StructuredPojo;
import com.amazonaws.protocol.ProtocolMarshaller;
/**
*
* The Amazon S3 buckets, Lambda functions, or Amazon DynamoDB tables that you specify in your event selectors for your
* trail to log data events. Data events provide information about the resource operations performed on or within a
* resource itself. These are also known as data plane operations. You can specify up to 250 data resources for a trail.
*
*
*
* The total number of allowed data resources is 250. This number can be distributed between 1 and 5 event selectors,
* but the total cannot exceed 250 across all selectors for the trail.
*
*
* If you are using advanced event selectors, the maximum total number of values for all conditions, across all advanced
* event selectors for the trail, is 500.
*
*
*
* The following example demonstrates how logging works when you configure logging of all data events for an S3 bucket
* named bucket-1. In this example, the CloudTrail user specified an empty prefix, and the option to log
* both Read and Write data events.
*
*
* -
*
* A user uploads an image file to bucket-1.
*
*
* -
*
* The PutObject API operation is an Amazon S3 object-level API. It is recorded as a data event in
* CloudTrail. Because the CloudTrail user specified an S3 bucket with an empty prefix, events that occur on any object
* in that bucket are logged. The trail processes and logs the event.
*
*
* -
*
* A user uploads an object to an Amazon S3 bucket named arn:aws:s3:::bucket-2.
*
*
* -
*
* The PutObject API operation occurred for an object in an S3 bucket that the CloudTrail user didn't
* specify for the trail. The trail doesn’t log the event.
*
*
*
*
* The following example demonstrates how logging works when you configure logging of Lambda data events for a Lambda
* function named MyLambdaFunction, but not for all Lambda functions.
*
*
* -
*
* A user runs a script that includes a call to the MyLambdaFunction function and the
* MyOtherLambdaFunction function.
*
*
* -
*
* The Invoke API operation on MyLambdaFunction is an Lambda API. It is recorded as a data event in
* CloudTrail. Because the CloudTrail user specified logging data events for MyLambdaFunction, any invocations of
* that function are logged. The trail processes and logs the event.
*
*
* -
*
* The Invoke API operation on MyOtherLambdaFunction is an Lambda API. Because the CloudTrail user
* did not specify logging data events for all Lambda functions, the Invoke operation for
* MyOtherLambdaFunction does not match the function specified for the trail. The trail doesn’t log the event.
*
*
*
*
* @see AWS API
* Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class DataResource implements Serializable, Cloneable, StructuredPojo {
/**
*
* The resource type in which you want to log data events. You can specify the following basic event selector
* resource types:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
*
*
* The following resource types are also available through advanced event selectors. Basic event selector
* resource types are valid in advanced event selectors, but advanced event selector resource types are not valid in
* basic event selectors. For more information, see AdvancedFieldSelector.
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*/
private String type;
/**
*
* An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects.
*
*
* -
*
* To log data events for all objects in all S3 buckets in your Amazon Web Services account, specify the prefix as
* arn:aws:s3.
*
*
*
* This also enables logging of data event activity performed by any user or role in your Amazon Web Services
* account, even if that activity is performed on a bucket that belongs to another Amazon Web Services account.
*
*
* -
*
* To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as
* arn:aws:s3:::bucket-1/. The trail logs data events for all objects in this S3 bucket.
*
*
* -
*
* To log data events for specific objects, specify the S3 bucket and object prefix such as
* arn:aws:s3:::bucket-1/example-images. The trail logs data events for objects in this S3 bucket that
* match the prefix.
*
*
* -
*
* To log data events for all Lambda functions in your Amazon Web Services account, specify the prefix as
* arn:aws:lambda.
*
*
*
* This also enables logging of Invoke activity performed by any user or role in your Amazon Web
* Services account, even if that activity is performed on a function that belongs to another Amazon Web Services
* account.
*
*
* -
*
* To log data events for a specific Lambda function, specify the function ARN.
*
*
*
* Lambda function ARNs are exact. For example, if you specify a function ARN
* arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events will only be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld. They will not be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
*
*
* -
*
* To log data events for all DynamoDB tables in your Amazon Web Services account, specify the prefix as
* arn:aws:dynamodb.
*
*
*
*/
private com.amazonaws.internal.SdkInternalList values;
/**
*
* The resource type in which you want to log data events. You can specify the following basic event selector
* resource types:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
*
*
* The following resource types are also available through advanced event selectors. Basic event selector
* resource types are valid in advanced event selectors, but advanced event selector resource types are not valid in
* basic event selectors. For more information, see AdvancedFieldSelector.
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*
* @param type
* The resource type in which you want to log data events. You can specify the following basic event
* selector resource types:
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
*
*
* The following resource types are also available through advanced event selectors. Basic event
* selector resource types are valid in advanced event selectors, but advanced event selector resource types
* are not valid in basic event selectors. For more information, see AdvancedFieldSelector.
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*/
public void setType(String type) {
this.type = type;
}
/**
*
* The resource type in which you want to log data events. You can specify the following basic event selector
* resource types:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
*
*
* The following resource types are also available through advanced event selectors. Basic event selector
* resource types are valid in advanced event selectors, but advanced event selector resource types are not valid in
* basic event selectors. For more information, see AdvancedFieldSelector.
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*
* @return The resource type in which you want to log data events. You can specify the following basic event
* selector resource types:
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
*
*
* The following resource types are also available through advanced event selectors. Basic event
* selector resource types are valid in advanced event selectors, but advanced event selector resource types
* are not valid in basic event selectors. For more information, see AdvancedFieldSelector.
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*/
public String getType() {
return this.type;
}
/**
*
* The resource type in which you want to log data events. You can specify the following basic event selector
* resource types:
*
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
*
*
* The following resource types are also available through advanced event selectors. Basic event selector
* resource types are valid in advanced event selectors, but advanced event selector resource types are not valid in
* basic event selectors. For more information, see AdvancedFieldSelector.
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
*
*
* @param type
* The resource type in which you want to log data events. You can specify the following basic event
* selector resource types:
*
* -
*
* AWS::DynamoDB::Table
*
*
* -
*
* AWS::Lambda::Function
*
*
* -
*
* AWS::S3::Object
*
*
*
*
* The following resource types are also available through advanced event selectors. Basic event
* selector resource types are valid in advanced event selectors, but advanced event selector resource types
* are not valid in basic event selectors. For more information, see AdvancedFieldSelector.
*
*
* -
*
* AWS::CloudTrail::Channel
*
*
* -
*
* AWS::CodeWhisperer::Profile
*
*
* -
*
* AWS::Cognito::IdentityPool
*
*
* -
*
* AWS::DynamoDB::Stream
*
*
* -
*
* AWS::EC2::Snapshot
*
*
* -
*
* AWS::EMRWAL::Workspace
*
*
* -
*
* AWS::FinSpace::Environment
*
*
* -
*
* AWS::Glue::Table
*
*
* -
*
* AWS::GuardDuty::Detector
*
*
* -
*
* AWS::KendraRanking::ExecutionPlan
*
*
* -
*
* AWS::ManagedBlockchain::Network
*
*
* -
*
* AWS::ManagedBlockchain::Node
*
*
* -
*
* AWS::MedicalImaging::Datastore
*
*
* -
*
* AWS::SageMaker::ExperimentTrialComponent
*
*
* -
*
* AWS::SageMaker::FeatureGroup
*
*
* -
*
* AWS::S3::AccessPoint
*
*
* -
*
* AWS::S3ObjectLambda::AccessPoint
*
*
* -
*
* AWS::S3Outposts::Object
*
*
* -
*
* AWS::SSMMessages::ControlChannel
*
*
* -
*
* AWS::VerifiedPermissions::PolicyStore
*
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public DataResource withType(String type) {
setType(type);
return this;
}
/**
*
* An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects.
*
*
* -
*
* To log data events for all objects in all S3 buckets in your Amazon Web Services account, specify the prefix as
* arn:aws:s3.
*
*
*
* This also enables logging of data event activity performed by any user or role in your Amazon Web Services
* account, even if that activity is performed on a bucket that belongs to another Amazon Web Services account.
*
*
* -
*
* To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as
* arn:aws:s3:::bucket-1/. The trail logs data events for all objects in this S3 bucket.
*
*
* -
*
* To log data events for specific objects, specify the S3 bucket and object prefix such as
* arn:aws:s3:::bucket-1/example-images. The trail logs data events for objects in this S3 bucket that
* match the prefix.
*
*
* -
*
* To log data events for all Lambda functions in your Amazon Web Services account, specify the prefix as
* arn:aws:lambda.
*
*
*
* This also enables logging of Invoke activity performed by any user or role in your Amazon Web
* Services account, even if that activity is performed on a function that belongs to another Amazon Web Services
* account.
*
*
* -
*
* To log data events for a specific Lambda function, specify the function ARN.
*
*
*
* Lambda function ARNs are exact. For example, if you specify a function ARN
* arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events will only be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld. They will not be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
*
*
* -
*
* To log data events for all DynamoDB tables in your Amazon Web Services account, specify the prefix as
* arn:aws:dynamodb.
*
*
*
*
* @return An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects.
*
* -
*
* To log data events for all objects in all S3 buckets in your Amazon Web Services account, specify the
* prefix as arn:aws:s3.
*
*
*
* This also enables logging of data event activity performed by any user or role in your Amazon Web
* Services account, even if that activity is performed on a bucket that belongs to another Amazon Web
* Services account.
*
*
* -
*
* To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as
* arn:aws:s3:::bucket-1/. The trail logs data events for all objects in this S3 bucket.
*
*
* -
*
* To log data events for specific objects, specify the S3 bucket and object prefix such as
* arn:aws:s3:::bucket-1/example-images. The trail logs data events for objects in this S3
* bucket that match the prefix.
*
*
* -
*
* To log data events for all Lambda functions in your Amazon Web Services account, specify the prefix as
* arn:aws:lambda.
*
*
*
* This also enables logging of Invoke activity performed by any user or role in your Amazon
* Web Services account, even if that activity is performed on a function that belongs to another Amazon Web
* Services account.
*
*
* -
*
* To log data events for a specific Lambda function, specify the function ARN.
*
*
*
* Lambda function ARNs are exact. For example, if you specify a function ARN
* arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events will only be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld. They will not be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
*
*
* -
*
* To log data events for all DynamoDB tables in your Amazon Web Services account, specify the prefix as
* arn:aws:dynamodb.
*
*
*/
public java.util.List getValues() {
if (values == null) {
values = new com.amazonaws.internal.SdkInternalList();
}
return values;
}
/**
*
* An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects.
*
*
* -
*
* To log data events for all objects in all S3 buckets in your Amazon Web Services account, specify the prefix as
* arn:aws:s3.
*
*
*
* This also enables logging of data event activity performed by any user or role in your Amazon Web Services
* account, even if that activity is performed on a bucket that belongs to another Amazon Web Services account.
*
*
* -
*
* To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as
* arn:aws:s3:::bucket-1/. The trail logs data events for all objects in this S3 bucket.
*
*
* -
*
* To log data events for specific objects, specify the S3 bucket and object prefix such as
* arn:aws:s3:::bucket-1/example-images. The trail logs data events for objects in this S3 bucket that
* match the prefix.
*
*
* -
*
* To log data events for all Lambda functions in your Amazon Web Services account, specify the prefix as
* arn:aws:lambda.
*
*
*
* This also enables logging of Invoke activity performed by any user or role in your Amazon Web
* Services account, even if that activity is performed on a function that belongs to another Amazon Web Services
* account.
*
*
* -
*
* To log data events for a specific Lambda function, specify the function ARN.
*
*
*
* Lambda function ARNs are exact. For example, if you specify a function ARN
* arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events will only be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld. They will not be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
*
*
* -
*
* To log data events for all DynamoDB tables in your Amazon Web Services account, specify the prefix as
* arn:aws:dynamodb.
*
*
*
*
* @param values
* An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects.
*
* -
*
* To log data events for all objects in all S3 buckets in your Amazon Web Services account, specify the
* prefix as arn:aws:s3.
*
*
*
* This also enables logging of data event activity performed by any user or role in your Amazon Web Services
* account, even if that activity is performed on a bucket that belongs to another Amazon Web Services
* account.
*
*
* -
*
* To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as
* arn:aws:s3:::bucket-1/. The trail logs data events for all objects in this S3 bucket.
*
*
* -
*
* To log data events for specific objects, specify the S3 bucket and object prefix such as
* arn:aws:s3:::bucket-1/example-images. The trail logs data events for objects in this S3
* bucket that match the prefix.
*
*
* -
*
* To log data events for all Lambda functions in your Amazon Web Services account, specify the prefix as
* arn:aws:lambda.
*
*
*
* This also enables logging of Invoke activity performed by any user or role in your Amazon Web
* Services account, even if that activity is performed on a function that belongs to another Amazon Web
* Services account.
*
*
* -
*
* To log data events for a specific Lambda function, specify the function ARN.
*
*
*
* Lambda function ARNs are exact. For example, if you specify a function ARN
* arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events will only be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld. They will not be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
*
*
* -
*
* To log data events for all DynamoDB tables in your Amazon Web Services account, specify the prefix as
* arn:aws:dynamodb.
*
*
*/
public void setValues(java.util.Collection values) {
if (values == null) {
this.values = null;
return;
}
this.values = new com.amazonaws.internal.SdkInternalList(values);
}
/**
*
* An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects.
*
*
* -
*
* To log data events for all objects in all S3 buckets in your Amazon Web Services account, specify the prefix as
* arn:aws:s3.
*
*
*
* This also enables logging of data event activity performed by any user or role in your Amazon Web Services
* account, even if that activity is performed on a bucket that belongs to another Amazon Web Services account.
*
*
* -
*
* To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as
* arn:aws:s3:::bucket-1/. The trail logs data events for all objects in this S3 bucket.
*
*
* -
*
* To log data events for specific objects, specify the S3 bucket and object prefix such as
* arn:aws:s3:::bucket-1/example-images. The trail logs data events for objects in this S3 bucket that
* match the prefix.
*
*
* -
*
* To log data events for all Lambda functions in your Amazon Web Services account, specify the prefix as
* arn:aws:lambda.
*
*
*
* This also enables logging of Invoke activity performed by any user or role in your Amazon Web
* Services account, even if that activity is performed on a function that belongs to another Amazon Web Services
* account.
*
*
* -
*
* To log data events for a specific Lambda function, specify the function ARN.
*
*
*
* Lambda function ARNs are exact. For example, if you specify a function ARN
* arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events will only be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld. They will not be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
*
*
* -
*
* To log data events for all DynamoDB tables in your Amazon Web Services account, specify the prefix as
* arn:aws:dynamodb.
*
*
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setValues(java.util.Collection)} or {@link #withValues(java.util.Collection)} if you want to override the
* existing values.
*
*
* @param values
* An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects.
*
* -
*
* To log data events for all objects in all S3 buckets in your Amazon Web Services account, specify the
* prefix as arn:aws:s3.
*
*
*
* This also enables logging of data event activity performed by any user or role in your Amazon Web Services
* account, even if that activity is performed on a bucket that belongs to another Amazon Web Services
* account.
*
*
* -
*
* To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as
* arn:aws:s3:::bucket-1/. The trail logs data events for all objects in this S3 bucket.
*
*
* -
*
* To log data events for specific objects, specify the S3 bucket and object prefix such as
* arn:aws:s3:::bucket-1/example-images. The trail logs data events for objects in this S3
* bucket that match the prefix.
*
*
* -
*
* To log data events for all Lambda functions in your Amazon Web Services account, specify the prefix as
* arn:aws:lambda.
*
*
*
* This also enables logging of Invoke activity performed by any user or role in your Amazon Web
* Services account, even if that activity is performed on a function that belongs to another Amazon Web
* Services account.
*
*
* -
*
* To log data events for a specific Lambda function, specify the function ARN.
*
*
*
* Lambda function ARNs are exact. For example, if you specify a function ARN
* arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events will only be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld. They will not be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
*
*
* -
*
* To log data events for all DynamoDB tables in your Amazon Web Services account, specify the prefix as
* arn:aws:dynamodb.
*
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public DataResource withValues(String... values) {
if (this.values == null) {
setValues(new com.amazonaws.internal.SdkInternalList(values.length));
}
for (String ele : values) {
this.values.add(ele);
}
return this;
}
/**
*
* An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects.
*
*
* -
*
* To log data events for all objects in all S3 buckets in your Amazon Web Services account, specify the prefix as
* arn:aws:s3.
*
*
*
* This also enables logging of data event activity performed by any user or role in your Amazon Web Services
* account, even if that activity is performed on a bucket that belongs to another Amazon Web Services account.
*
*
* -
*
* To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as
* arn:aws:s3:::bucket-1/. The trail logs data events for all objects in this S3 bucket.
*
*
* -
*
* To log data events for specific objects, specify the S3 bucket and object prefix such as
* arn:aws:s3:::bucket-1/example-images. The trail logs data events for objects in this S3 bucket that
* match the prefix.
*
*
* -
*
* To log data events for all Lambda functions in your Amazon Web Services account, specify the prefix as
* arn:aws:lambda.
*
*
*
* This also enables logging of Invoke activity performed by any user or role in your Amazon Web
* Services account, even if that activity is performed on a function that belongs to another Amazon Web Services
* account.
*
*
* -
*
* To log data events for a specific Lambda function, specify the function ARN.
*
*
*
* Lambda function ARNs are exact. For example, if you specify a function ARN
* arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events will only be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld. They will not be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
*
*
* -
*
* To log data events for all DynamoDB tables in your Amazon Web Services account, specify the prefix as
* arn:aws:dynamodb.
*
*
*
*
* @param values
* An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects.
*
* -
*
* To log data events for all objects in all S3 buckets in your Amazon Web Services account, specify the
* prefix as arn:aws:s3.
*
*
*
* This also enables logging of data event activity performed by any user or role in your Amazon Web Services
* account, even if that activity is performed on a bucket that belongs to another Amazon Web Services
* account.
*
*
* -
*
* To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as
* arn:aws:s3:::bucket-1/. The trail logs data events for all objects in this S3 bucket.
*
*
* -
*
* To log data events for specific objects, specify the S3 bucket and object prefix such as
* arn:aws:s3:::bucket-1/example-images. The trail logs data events for objects in this S3
* bucket that match the prefix.
*
*
* -
*
* To log data events for all Lambda functions in your Amazon Web Services account, specify the prefix as
* arn:aws:lambda.
*
*
*
* This also enables logging of Invoke activity performed by any user or role in your Amazon Web
* Services account, even if that activity is performed on a function that belongs to another Amazon Web
* Services account.
*
*
* -
*
* To log data events for a specific Lambda function, specify the function ARN.
*
*
*
* Lambda function ARNs are exact. For example, if you specify a function ARN
* arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events will only be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld. They will not be logged for
* arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
*
*
* -
*
* To log data events for all DynamoDB tables in your Amazon Web Services account, specify the prefix as
* arn:aws:dynamodb.
*
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public DataResource withValues(java.util.Collection values) {
setValues(values);
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getType() != null)
sb.append("Type: ").append(getType()).append(",");
if (getValues() != null)
sb.append("Values: ").append(getValues());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof DataResource == false)
return false;
DataResource other = (DataResource) obj;
if (other.getType() == null ^ this.getType() == null)
return false;
if (other.getType() != null && other.getType().equals(this.getType()) == false)
return false;
if (other.getValues() == null ^ this.getValues() == null)
return false;
if (other.getValues() != null && other.getValues().equals(this.getValues()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getType() == null) ? 0 : getType().hashCode());
hashCode = prime * hashCode + ((getValues() == null) ? 0 : getValues().hashCode());
return hashCode;
}
@Override
public DataResource clone() {
try {
return (DataResource) super.clone();
} catch (CloneNotSupportedException e) {
throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e);
}
}
@com.amazonaws.annotation.SdkInternalApi
@Override
public void marshall(ProtocolMarshaller protocolMarshaller) {
com.amazonaws.services.cloudtrail.model.transform.DataResourceMarshaller.getInstance().marshall(this, protocolMarshaller);
}
}