Interface LoggingConfiguration.Builder

All Superinterfaces:
Buildable, CopyableBuilder<LoggingConfiguration.Builder,LoggingConfiguration>, SdkBuilder<LoggingConfiguration.Builder,LoggingConfiguration>, SdkPojo
Enclosing class:
LoggingConfiguration
@Mutable @NotThreadSafe public static interface LoggingConfiguration.Builder extends SdkPojo, CopyableBuilder<LoggingConfiguration.Builder,LoggingConfiguration>

  • Method Details

    • resourceArn

      LoggingConfiguration.Builder resourceArn(String resourceArn)

      The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.

      Parameters:
      resourceArn - The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • logDestinationConfigs

      LoggingConfiguration.Builder logDestinationConfigs(Collection<String> logDestinationConfigs)

      The logging destination configuration that you want to associate with the web ACL.

      You can associate one logging destination to a web ACL.

      Parameters:
      logDestinationConfigs - The logging destination configuration that you want to associate with the web ACL.

      You can associate one logging destination to a web ACL.

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • logDestinationConfigs

      LoggingConfiguration.Builder logDestinationConfigs(String... logDestinationConfigs)

      The logging destination configuration that you want to associate with the web ACL.

      You can associate one logging destination to a web ACL.

      Parameters:
      logDestinationConfigs - The logging destination configuration that you want to associate with the web ACL.

      You can associate one logging destination to a web ACL.

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • redactedFields

      LoggingConfiguration.Builder redactedFields(Collection<FieldToMatch> redactedFields)

      The parts of the request that you want to keep out of the logs.

      For example, if you redact the SingleHeader field, the HEADER field in the logs will be REDACTED for all rules that use the SingleHeader FieldToMatch setting.

      If you configure data protection for the web ACL, the protection applies to the data that WAF sends to the logs.

      Redaction applies only to the component that's specified in the rule's FieldToMatch setting, so the SingleHeader redaction doesn't apply to rules that use the Headers FieldToMatch.

      You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, and Method.

      This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.

      Parameters:
      redactedFields - The parts of the request that you want to keep out of the logs.

      For example, if you redact the SingleHeader field, the HEADER field in the logs will be REDACTED for all rules that use the SingleHeader FieldToMatch setting.

      If you configure data protection for the web ACL, the protection applies to the data that WAF sends to the logs.

      Redaction applies only to the component that's specified in the rule's FieldToMatch setting, so the SingleHeader redaction doesn't apply to rules that use the Headers FieldToMatch.

      You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, and Method.

      This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • redactedFields

      LoggingConfiguration.Builder redactedFields(FieldToMatch... redactedFields)

      The parts of the request that you want to keep out of the logs.

      For example, if you redact the SingleHeader field, the HEADER field in the logs will be REDACTED for all rules that use the SingleHeader FieldToMatch setting.

      If you configure data protection for the web ACL, the protection applies to the data that WAF sends to the logs.

      Redaction applies only to the component that's specified in the rule's FieldToMatch setting, so the SingleHeader redaction doesn't apply to rules that use the Headers FieldToMatch.

      You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, and Method.

      This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.

      Parameters:
      redactedFields - The parts of the request that you want to keep out of the logs.

      For example, if you redact the SingleHeader field, the HEADER field in the logs will be REDACTED for all rules that use the SingleHeader FieldToMatch setting.

      If you configure data protection for the web ACL, the protection applies to the data that WAF sends to the logs.

      Redaction applies only to the component that's specified in the rule's FieldToMatch setting, so the SingleHeader redaction doesn't apply to rules that use the Headers FieldToMatch.

      You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, and Method.

      This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • redactedFields

      LoggingConfiguration.Builder redactedFields(Consumer<FieldToMatch.Builder>... redactedFields)

      The parts of the request that you want to keep out of the logs.

      For example, if you redact the SingleHeader field, the HEADER field in the logs will be REDACTED for all rules that use the SingleHeader FieldToMatch setting.

      If you configure data protection for the web ACL, the protection applies to the data that WAF sends to the logs.

      Redaction applies only to the component that's specified in the rule's FieldToMatch setting, so the SingleHeader redaction doesn't apply to rules that use the Headers FieldToMatch.

      You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, and Method.

      This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.

      This is a convenience method that creates an instance of the FieldToMatch.Builder avoiding the need to create one manually via FieldToMatch.builder().

      When the Consumer completes, SdkBuilder.build() is called immediately and its result is passed to redactedFields(List<FieldToMatch>).

      Parameters:
      redactedFields - a consumer that will call methods on FieldToMatch.Builder
      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also:

    • managedByFirewallManager

      LoggingConfiguration.Builder managedByFirewallManager(Boolean managedByFirewallManager)

      Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

      The logging configuration can be created by Firewall Manager for use with any web ACL that Firewall Manager is using for an WAF policy. Web ACLs that Firewall Manager creates and uses have their ManagedByFirewallManager property set to true. Web ACLs that were created by a customer account and then retrofitted by Firewall Manager for use by a policy have their RetrofittedByFirewallManager property set to true. For either case, any corresponding logging configuration will indicate ManagedByFirewallManager.

      Parameters:
      managedByFirewallManager - Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

      The logging configuration can be created by Firewall Manager for use with any web ACL that Firewall Manager is using for an WAF policy. Web ACLs that Firewall Manager creates and uses have their ManagedByFirewallManager property set to true. Web ACLs that were created by a customer account and then retrofitted by Firewall Manager for use by a policy have their RetrofittedByFirewallManager property set to true. For either case, any corresponding logging configuration will indicate ManagedByFirewallManager.

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • loggingFilter

      LoggingConfiguration.Builder loggingFilter(LoggingFilter loggingFilter)

      Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.

      Parameters:
      loggingFilter - Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • loggingFilter

      default LoggingConfiguration.Builder loggingFilter(Consumer<LoggingFilter.Builder> loggingFilter)

      Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.

      This is a convenience method that creates an instance of the LoggingFilter.Builder avoiding the need to create one manually via LoggingFilter.builder().

      When the Consumer completes, SdkBuilder.build() is called immediately and its result is passed to loggingFilter(LoggingFilter).

      Parameters:
      loggingFilter - a consumer that will call methods on LoggingFilter.Builder
      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also:

    • logType

      LoggingConfiguration.Builder logType(String logType)

      Used to distinguish between various logging options. Currently, there is one option.

      Default: WAF_LOGS

      Parameters:
      logType - Used to distinguish between various logging options. Currently, there is one option.

      Default: WAF_LOGS

      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also:

    • logType

      LoggingConfiguration.Builder logType(LogType logType)

      Used to distinguish between various logging options. Currently, there is one option.

      Default: WAF_LOGS

      Parameters:
      logType - Used to distinguish between various logging options. Currently, there is one option.

      Default: WAF_LOGS

      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also:

    • logScope

      LoggingConfiguration.Builder logScope(String logScope)

      The owner of the logging configuration, which must be set to CUSTOMER for the configurations that you manage.

      The log scope SECURITY_LAKE indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see Collecting data from Amazon Web Services services in the Amazon Security Lake user guide.

      Default: CUSTOMER

      Parameters:
      logScope - The owner of the logging configuration, which must be set to CUSTOMER for the configurations that you manage.

      The log scope SECURITY_LAKE indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see Collecting data from Amazon Web Services services in the Amazon Security Lake user guide.

      Default: CUSTOMER

      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also:

    • logScope

      LoggingConfiguration.Builder logScope(LogScope logScope)

      The owner of the logging configuration, which must be set to CUSTOMER for the configurations that you manage.

      The log scope SECURITY_LAKE indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see Collecting data from Amazon Web Services services in the Amazon Security Lake user guide.

      Default: CUSTOMER

      Parameters:
      logScope - The owner of the logging configuration, which must be set to CUSTOMER for the configurations that you manage.

      The log scope SECURITY_LAKE indicates a configuration that is managed through Amazon Security Lake. You can use Security Lake to collect log and event data from various sources for normalization, analysis, and management. For information, see Collecting data from Amazon Web Services services in the Amazon Security Lake user guide.

      Default: CUSTOMER

      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also: