com.amazonaws.services.networkfirewall.model.LogDestinationConfig Maven / Gradle / Ivy
Show all versions of aws-java-sdk-networkfirewall Show documentation
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.networkfirewall.model;
import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.protocol.StructuredPojo;
import com.amazonaws.protocol.ProtocolMarshaller;
/**
*
* Defines where Network Firewall sends logs for the firewall for one log type. This is used in
* LoggingConfiguration. You can send each type of log to an Amazon S3 bucket, a CloudWatch log group, or a
* Firehose delivery stream.
*
*
* Network Firewall generates logs for stateful rule groups. You can save alert, flow, and TLS log types.
*
*
* @see AWS API Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class LogDestinationConfig implements Serializable, Cloneable, StructuredPojo {
/**
*
* The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.
*
*
* -
*
* ALERT - Logs for traffic that matches your stateful rules and that have an action that sends an
* alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see
* StatefulRule.
*
*
* -
*
* FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for all
* network traffic that it receives. Each flow log record captures the network flow for a specific standard
* stateless rule group.
*
*
* -
*
* TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer
* Guide.
*
*
*
*/
private String logType;
/**
*
* The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log
* group, or a Firehose delivery stream.
*
*/
private String logDestinationType;
/**
*
* The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.
*
*
* -
*
* For an Amazon S3 bucket, provide the name of the bucket, with key bucketName, and optionally provide
* a prefix, with key prefix.
*
*
* The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix
* alerts:
*
*
* "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }
*
*
* -
*
* For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup. The
* following example specifies a log group named alert-log-group:
*
*
* "LogDestination": { "logGroup": "alert-log-group" }
*
*
* -
*
* For a Firehose delivery stream, provide the name of the delivery stream, with key deliveryStream.
* The following example specifies a delivery stream named alert-delivery-stream:
*
*
* "LogDestination": { "deliveryStream": "alert-delivery-stream" }
*
*
*
*/
private java.util.Map logDestination;
/**
*
* The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.
*
*
* -
*
* ALERT - Logs for traffic that matches your stateful rules and that have an action that sends an
* alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see
* StatefulRule.
*
*
* -
*
* FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for all
* network traffic that it receives. Each flow log record captures the network flow for a specific standard
* stateless rule group.
*
*
* -
*
* TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer
* Guide.
*
*
*
*
* @param logType
* The type of log to record. You can record the following types of logs from your Network Firewall stateful
* engine.
*
* -
*
* ALERT - Logs for traffic that matches your stateful rules and that have an action that sends
* an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information,
* see StatefulRule.
*
*
* -
*
* FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for
* all network traffic that it receives. Each flow log record captures the network flow for a specific
* standard stateless rule group.
*
*
* -
*
* TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer
* Guide.
*
*
* @see LogType
*/
public void setLogType(String logType) {
this.logType = logType;
}
/**
*
* The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.
*
*
* -
*
* ALERT - Logs for traffic that matches your stateful rules and that have an action that sends an
* alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see
* StatefulRule.
*
*
* -
*
* FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for all
* network traffic that it receives. Each flow log record captures the network flow for a specific standard
* stateless rule group.
*
*
* -
*
* TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer
* Guide.
*
*
*
*
* @return The type of log to record. You can record the following types of logs from your Network Firewall stateful
* engine.
*
* -
*
* ALERT - Logs for traffic that matches your stateful rules and that have an action that sends
* an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more
* information, see StatefulRule.
*
*
* -
*
* FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for
* all network traffic that it receives. Each flow log record captures the network flow for a specific
* standard stateless rule group.
*
*
* -
*
* TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer
* Guide.
*
*
* @see LogType
*/
public String getLogType() {
return this.logType;
}
/**
*
* The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.
*
*
* -
*
* ALERT - Logs for traffic that matches your stateful rules and that have an action that sends an
* alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see
* StatefulRule.
*
*
* -
*
* FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for all
* network traffic that it receives. Each flow log record captures the network flow for a specific standard
* stateless rule group.
*
*
* -
*
* TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer
* Guide.
*
*
*
*
* @param logType
* The type of log to record. You can record the following types of logs from your Network Firewall stateful
* engine.
*
* -
*
* ALERT - Logs for traffic that matches your stateful rules and that have an action that sends
* an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information,
* see StatefulRule.
*
*
* -
*
* FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for
* all network traffic that it receives. Each flow log record captures the network flow for a specific
* standard stateless rule group.
*
*
* -
*
* TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer
* Guide.
*
*
* @return Returns a reference to this object so that method calls can be chained together.
* @see LogType
*/
public LogDestinationConfig withLogType(String logType) {
setLogType(logType);
return this;
}
/**
*
* The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.
*
*
* -
*
* ALERT - Logs for traffic that matches your stateful rules and that have an action that sends an
* alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see
* StatefulRule.
*
*
* -
*
* FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for all
* network traffic that it receives. Each flow log record captures the network flow for a specific standard
* stateless rule group.
*
*
* -
*
* TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer
* Guide.
*
*
*
*
* @param logType
* The type of log to record. You can record the following types of logs from your Network Firewall stateful
* engine.
*
* -
*
* ALERT - Logs for traffic that matches your stateful rules and that have an action that sends
* an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information,
* see StatefulRule.
*
*
* -
*
* FLOW - Standard network traffic flow logs. The stateful rules engine records flow logs for
* all network traffic that it receives. Each flow log record captures the network flow for a specific
* standard stateless rule group.
*
*
* -
*
* TLS - Logs for events that are related to TLS inspection. For more information, see Inspecting SSL/TLS traffic with TLS inspection configurations in the Network Firewall Developer
* Guide.
*
*
* @return Returns a reference to this object so that method calls can be chained together.
* @see LogType
*/
public LogDestinationConfig withLogType(LogType logType) {
this.logType = logType.toString();
return this;
}
/**
*
* The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log
* group, or a Firehose delivery stream.
*
*
* @param logDestinationType
* The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a
* CloudWatch log group, or a Firehose delivery stream.
* @see LogDestinationType
*/
public void setLogDestinationType(String logDestinationType) {
this.logDestinationType = logDestinationType;
}
/**
*
* The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log
* group, or a Firehose delivery stream.
*
*
* @return The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a
* CloudWatch log group, or a Firehose delivery stream.
* @see LogDestinationType
*/
public String getLogDestinationType() {
return this.logDestinationType;
}
/**
*
* The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log
* group, or a Firehose delivery stream.
*
*
* @param logDestinationType
* The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a
* CloudWatch log group, or a Firehose delivery stream.
* @return Returns a reference to this object so that method calls can be chained together.
* @see LogDestinationType
*/
public LogDestinationConfig withLogDestinationType(String logDestinationType) {
setLogDestinationType(logDestinationType);
return this;
}
/**
*
* The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log
* group, or a Firehose delivery stream.
*
*
* @param logDestinationType
* The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a
* CloudWatch log group, or a Firehose delivery stream.
* @return Returns a reference to this object so that method calls can be chained together.
* @see LogDestinationType
*/
public LogDestinationConfig withLogDestinationType(LogDestinationType logDestinationType) {
this.logDestinationType = logDestinationType.toString();
return this;
}
/**
*
* The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.
*
*
* -
*
* For an Amazon S3 bucket, provide the name of the bucket, with key bucketName, and optionally provide
* a prefix, with key prefix.
*
*
* The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix
* alerts:
*
*
* "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }
*
*
* -
*
* For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup. The
* following example specifies a log group named alert-log-group:
*
*
* "LogDestination": { "logGroup": "alert-log-group" }
*
*
* -
*
* For a Firehose delivery stream, provide the name of the delivery stream, with key deliveryStream.
* The following example specifies a delivery stream named alert-delivery-stream:
*
*
* "LogDestination": { "deliveryStream": "alert-delivery-stream" }
*
*
*
*
* @return The named location for the logs, provided in a key:value mapping that is specific to the chosen
* destination type.
*
* -
*
* For an Amazon S3 bucket, provide the name of the bucket, with key bucketName, and optionally
* provide a prefix, with key prefix.
*
*
* The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix
* alerts:
*
*
* "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }
*
*
* -
*
* For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup.
* The following example specifies a log group named alert-log-group:
*
*
* "LogDestination": { "logGroup": "alert-log-group" }
*
*
* -
*
* For a Firehose delivery stream, provide the name of the delivery stream, with key
* deliveryStream. The following example specifies a delivery stream named
* alert-delivery-stream:
*
*
* "LogDestination": { "deliveryStream": "alert-delivery-stream" }
*
*
*/
public java.util.Map getLogDestination() {
return logDestination;
}
/**
*
* The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.
*
*
* -
*
* For an Amazon S3 bucket, provide the name of the bucket, with key bucketName, and optionally provide
* a prefix, with key prefix.
*
*
* The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix
* alerts:
*
*
* "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }
*
*
* -
*
* For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup. The
* following example specifies a log group named alert-log-group:
*
*
* "LogDestination": { "logGroup": "alert-log-group" }
*
*
* -
*
* For a Firehose delivery stream, provide the name of the delivery stream, with key deliveryStream.
* The following example specifies a delivery stream named alert-delivery-stream:
*
*
* "LogDestination": { "deliveryStream": "alert-delivery-stream" }
*
*
*
*
* @param logDestination
* The named location for the logs, provided in a key:value mapping that is specific to the chosen
* destination type.
*
* -
*
* For an Amazon S3 bucket, provide the name of the bucket, with key bucketName, and optionally
* provide a prefix, with key prefix.
*
*
* The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix
* alerts:
*
*
* "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }
*
*
* -
*
* For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup.
* The following example specifies a log group named alert-log-group:
*
*
* "LogDestination": { "logGroup": "alert-log-group" }
*
*
* -
*
* For a Firehose delivery stream, provide the name of the delivery stream, with key
* deliveryStream. The following example specifies a delivery stream named
* alert-delivery-stream:
*
*
* "LogDestination": { "deliveryStream": "alert-delivery-stream" }
*
*
*/
public void setLogDestination(java.util.Map logDestination) {
this.logDestination = logDestination;
}
/**
*
* The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.
*
*
* -
*
* For an Amazon S3 bucket, provide the name of the bucket, with key bucketName, and optionally provide
* a prefix, with key prefix.
*
*
* The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix
* alerts:
*
*
* "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }
*
*
* -
*
* For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup. The
* following example specifies a log group named alert-log-group:
*
*
* "LogDestination": { "logGroup": "alert-log-group" }
*
*
* -
*
* For a Firehose delivery stream, provide the name of the delivery stream, with key deliveryStream.
* The following example specifies a delivery stream named alert-delivery-stream:
*
*
* "LogDestination": { "deliveryStream": "alert-delivery-stream" }
*
*
*
*
* @param logDestination
* The named location for the logs, provided in a key:value mapping that is specific to the chosen
* destination type.
*
* -
*
* For an Amazon S3 bucket, provide the name of the bucket, with key bucketName, and optionally
* provide a prefix, with key prefix.
*
*
* The following example specifies an Amazon S3 bucket named DOC-EXAMPLE-BUCKET and the prefix
* alerts:
*
*
* "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }
*
*
* -
*
* For a CloudWatch log group, provide the name of the CloudWatch log group, with key logGroup.
* The following example specifies a log group named alert-log-group:
*
*
* "LogDestination": { "logGroup": "alert-log-group" }
*
*
* -
*
* For a Firehose delivery stream, provide the name of the delivery stream, with key
* deliveryStream. The following example specifies a delivery stream named
* alert-delivery-stream:
*
*
* "LogDestination": { "deliveryStream": "alert-delivery-stream" }
*
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public LogDestinationConfig withLogDestination(java.util.Map logDestination) {
setLogDestination(logDestination);
return this;
}
/**
* Add a single LogDestination entry
*
* @see LogDestinationConfig#withLogDestination
* @returns a reference to this object so that method calls can be chained together.
*/
public LogDestinationConfig addLogDestinationEntry(String key, String value) {
if (null == this.logDestination) {
this.logDestination = new java.util.HashMap();
}
if (this.logDestination.containsKey(key))
throw new IllegalArgumentException("Duplicated keys (" + key.toString() + ") are provided.");
this.logDestination.put(key, value);
return this;
}
/**
* Removes all the entries added into LogDestination.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public LogDestinationConfig clearLogDestinationEntries() {
this.logDestination = null;
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getLogType() != null)
sb.append("LogType: ").append(getLogType()).append(",");
if (getLogDestinationType() != null)
sb.append("LogDestinationType: ").append(getLogDestinationType()).append(",");
if (getLogDestination() != null)
sb.append("LogDestination: ").append(getLogDestination());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof LogDestinationConfig == false)
return false;
LogDestinationConfig other = (LogDestinationConfig) obj;
if (other.getLogType() == null ^ this.getLogType() == null)
return false;
if (other.getLogType() != null && other.getLogType().equals(this.getLogType()) == false)
return false;
if (other.getLogDestinationType() == null ^ this.getLogDestinationType() == null)
return false;
if (other.getLogDestinationType() != null && other.getLogDestinationType().equals(this.getLogDestinationType()) == false)
return false;
if (other.getLogDestination() == null ^ this.getLogDestination() == null)
return false;
if (other.getLogDestination() != null && other.getLogDestination().equals(this.getLogDestination()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getLogType() == null) ? 0 : getLogType().hashCode());
hashCode = prime * hashCode + ((getLogDestinationType() == null) ? 0 : getLogDestinationType().hashCode());
hashCode = prime * hashCode + ((getLogDestination() == null) ? 0 : getLogDestination().hashCode());
return hashCode;
}
@Override
public LogDestinationConfig clone() {
try {
return (LogDestinationConfig) super.clone();
} catch (CloneNotSupportedException e) {
throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e);
}
}
@com.amazonaws.annotation.SdkInternalApi
@Override
public void marshall(ProtocolMarshaller protocolMarshaller) {
com.amazonaws.services.networkfirewall.model.transform.LogDestinationConfigMarshaller.getInstance().marshall(this, protocolMarshaller);
}
}