Package software.amazon.awssdk.services.auditmanager.model

Class EvidenceFinderEnablement

java.lang.Object
software.amazon.awssdk.services.auditmanager.model.EvidenceFinderEnablement
All Implemented Interfaces:
Serializable, SdkPojo, ToCopyableBuilder<EvidenceFinderEnablement.Builder,EvidenceFinderEnablement>
@Generated("software.amazon.awssdk:codegen") public final class EvidenceFinderEnablement extends Object implements SdkPojo, Serializable, ToCopyableBuilder<EvidenceFinderEnablement.Builder,EvidenceFinderEnablement>

The settings object that specifies whether evidence finder is enabled. This object also describes the related event data store, and the backfill status for populating the event data store with evidence data.

See Also:

  • Method Details

    • eventDataStoreArn

      public final String eventDataStoreArn()

      The Amazon Resource Name (ARN) of the CloudTrail Lake event data store that’s used by evidence finder. The event data store is the lake of evidence data that evidence finder runs queries against.

      Returns:
      The Amazon Resource Name (ARN) of the CloudTrail Lake event data store that’s used by evidence finder. The event data store is the lake of evidence data that evidence finder runs queries against.

    • enablementStatus

      public final EvidenceFinderEnablementStatus enablementStatus()

      The current status of the evidence finder feature and the related event data store.

      • ENABLE_IN_PROGRESS means that you requested to enable evidence finder. An event data store is currently being created to support evidence finder queries.

      • ENABLED means that an event data store was successfully created and evidence finder is enabled. We recommend that you wait 7 days until the event data store is backfilled with your past two years’ worth of evidence data. You can use evidence finder in the meantime, but not all data might be available until the backfill is complete.

      • DISABLE_IN_PROGRESS means that you requested to disable evidence finder, and your request is pending the deletion of the event data store.

      • DISABLED means that you have permanently disabled evidence finder and the event data store has been deleted. You can't re-enable evidence finder after this point.

      If the service returns an enum value that is not available in the current SDK version, enablementStatus will return EvidenceFinderEnablementStatus.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from enablementStatusAsString().

      Returns:
      The current status of the evidence finder feature and the related event data store.

      • ENABLE_IN_PROGRESS means that you requested to enable evidence finder. An event data store is currently being created to support evidence finder queries.

      • ENABLED means that an event data store was successfully created and evidence finder is enabled. We recommend that you wait 7 days until the event data store is backfilled with your past two years’ worth of evidence data. You can use evidence finder in the meantime, but not all data might be available until the backfill is complete.

      • DISABLE_IN_PROGRESS means that you requested to disable evidence finder, and your request is pending the deletion of the event data store.

      • DISABLED means that you have permanently disabled evidence finder and the event data store has been deleted. You can't re-enable evidence finder after this point.

      See Also:

    • enablementStatusAsString

      public final String enablementStatusAsString()

      The current status of the evidence finder feature and the related event data store.

      • ENABLE_IN_PROGRESS means that you requested to enable evidence finder. An event data store is currently being created to support evidence finder queries.

      • ENABLED means that an event data store was successfully created and evidence finder is enabled. We recommend that you wait 7 days until the event data store is backfilled with your past two years’ worth of evidence data. You can use evidence finder in the meantime, but not all data might be available until the backfill is complete.

      • DISABLE_IN_PROGRESS means that you requested to disable evidence finder, and your request is pending the deletion of the event data store.

      • DISABLED means that you have permanently disabled evidence finder and the event data store has been deleted. You can't re-enable evidence finder after this point.

      If the service returns an enum value that is not available in the current SDK version, enablementStatus will return EvidenceFinderEnablementStatus.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from enablementStatusAsString().

      Returns:
      The current status of the evidence finder feature and the related event data store.

      • ENABLE_IN_PROGRESS means that you requested to enable evidence finder. An event data store is currently being created to support evidence finder queries.

      • ENABLED means that an event data store was successfully created and evidence finder is enabled. We recommend that you wait 7 days until the event data store is backfilled with your past two years’ worth of evidence data. You can use evidence finder in the meantime, but not all data might be available until the backfill is complete.

      • DISABLE_IN_PROGRESS means that you requested to disable evidence finder, and your request is pending the deletion of the event data store.

      • DISABLED means that you have permanently disabled evidence finder and the event data store has been deleted. You can't re-enable evidence finder after this point.

      See Also:

    • backfillStatus

      public final EvidenceFinderBackfillStatus backfillStatus()

      The current status of the evidence data backfill process.

      The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past two years’ worth of evidence data so that your evidence can be queried.

      • NOT_STARTED means that the backfill hasn’t started yet.

      • IN_PROGRESS means that the backfill is in progress. This can take up to 7 days to complete, depending on the amount of evidence data.

      • COMPLETED means that the backfill is complete. All of your past evidence is now queryable.

      If the service returns an enum value that is not available in the current SDK version, backfillStatus will return EvidenceFinderBackfillStatus.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from backfillStatusAsString().

      Returns:
      The current status of the evidence data backfill process.

      The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past two years’ worth of evidence data so that your evidence can be queried.

      • NOT_STARTED means that the backfill hasn’t started yet.

      • IN_PROGRESS means that the backfill is in progress. This can take up to 7 days to complete, depending on the amount of evidence data.

      • COMPLETED means that the backfill is complete. All of your past evidence is now queryable.

      See Also:

    • backfillStatusAsString

      public final String backfillStatusAsString()

      The current status of the evidence data backfill process.

      The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past two years’ worth of evidence data so that your evidence can be queried.

      • NOT_STARTED means that the backfill hasn’t started yet.

      • IN_PROGRESS means that the backfill is in progress. This can take up to 7 days to complete, depending on the amount of evidence data.

      • COMPLETED means that the backfill is complete. All of your past evidence is now queryable.

      If the service returns an enum value that is not available in the current SDK version, backfillStatus will return EvidenceFinderBackfillStatus.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from backfillStatusAsString().

      Returns:
      The current status of the evidence data backfill process.

      The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past two years’ worth of evidence data so that your evidence can be queried.

      • NOT_STARTED means that the backfill hasn’t started yet.

      • IN_PROGRESS means that the backfill is in progress. This can take up to 7 days to complete, depending on the amount of evidence data.

      • COMPLETED means that the backfill is complete. All of your past evidence is now queryable.

      See Also:

    • error

      public final String error()

      Represents any errors that occurred when enabling or disabling evidence finder.

      Returns:
      Represents any errors that occurred when enabling or disabling evidence finder.

    • toBuilder

      public EvidenceFinderEnablement.Builder toBuilder()
      Description copied from interface: ToCopyableBuilder
      Take this object and create a builder that contains all of the current property values of this object.
      Specified by:
      toBuilder in interface ToCopyableBuilder<EvidenceFinderEnablement.Builder,EvidenceFinderEnablement>
      Returns:
      a builder for type T

    • builder

      public static EvidenceFinderEnablement.Builder builder()

    • serializableBuilderClass

      public static Class<? extends EvidenceFinderEnablement.Builder> serializableBuilderClass()

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class Object

    • equalsBySdkFields

      public final boolean equalsBySdkFields(Object obj)
      Description copied from interface: SdkPojo
      Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

      If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

      Specified by:
      equalsBySdkFields in interface SdkPojo
      Parameters:
      obj - the object to be compared with
      Returns:
      true if the other object equals to this object by sdk fields, false otherwise.

    • toString

      public final String toString()
      Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
      Overrides:
      toString in class Object

    • getValueForField

      public final <T> Optional<T> getValueForField(String fieldName, Class<T> clazz)

    • sdkFields

      public final List<SdkField<?>> sdkFields()
      Specified by:
      sdkFields in interface SdkPojo
      Returns:
      List of SdkField in this POJO. May be empty list but should never be null.