Package software.amazon.awscdk.services.cloudtrail

Interface CfnTrail.AdvancedEventSelectorProperty

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
CfnTrail.AdvancedEventSelectorProperty.Jsii$Proxy
Enclosing class:
CfnTrail
@Stability(Stable) public static interface CfnTrail.AdvancedEventSelectorProperty extends software.amazon.jsii.JsiiSerializable
Advanced event selectors let you create fine-grained selectors for AWS CloudTrail management, data, and network activity events.

They help you control costs by logging only those events that are important to you. For more information about configuring advanced event selectors, see the Logging data events , Logging network activity events , and Logging management events topics in the AWS CloudTrail User Guide .

You cannot apply both event selectors and advanced event selectors to a trail.

Supported CloudTrail event record fields for management events

  • eventCategory (required)
  • eventSource
  • readOnly

The following additional fields are available for event data stores:

  • eventName
  • eventType
  • sessionCredentialFromConsole
  • userIdentity.arn

Supported CloudTrail event record fields for data events

  • eventCategory (required)
  • eventName
  • eventSource
  • eventType
  • resources.ARN
  • resources.type (required)
  • readOnly
  • sessionCredentialFromConsole
  • userIdentity.arn

Supported CloudTrail event record fields for network activity events

  • eventCategory (required)
  • eventSource (required)
  • eventName
  • errorCode - The only valid value for errorCode is VpceAccessDenied .
  • vpcEndpointId

For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is eventCategory .

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.cloudtrail.*;
 AdvancedEventSelectorProperty advancedEventSelectorProperty = AdvancedEventSelectorProperty.builder()
         .fieldSelectors(List.of(AdvancedFieldSelectorProperty.builder()
                 .field("field")
                 // the properties below are optional
                 .endsWith(List.of("endsWith"))
                 .equalTo(List.of("equalTo"))
                 .notEndsWith(List.of("notEndsWith"))
                 .notEquals(List.of("notEquals"))
                 .notStartsWith(List.of("notStartsWith"))
                 .startsWith(List.of("startsWith"))
                 .build()))
         // the properties below are optional
         .name("name")
         .build();

See Also: