/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include namespace Aws { namespace CloudWatchLogs { namespace Model { /** */ class PutDataProtectionPolicyRequest : public CloudWatchLogsRequest { public: AWS_CLOUDWATCHLOGS_API PutDataProtectionPolicyRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "PutDataProtectionPolicy"; } AWS_CLOUDWATCHLOGS_API Aws::String SerializePayload() const override; AWS_CLOUDWATCHLOGS_API Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const override; /** *

Specify either the log group name or log group ARN.

*/ inline const Aws::String& GetLogGroupIdentifier() const{ return m_logGroupIdentifier; } /** *

Specify either the log group name or log group ARN.

*/ inline bool LogGroupIdentifierHasBeenSet() const { return m_logGroupIdentifierHasBeenSet; } /** *

Specify either the log group name or log group ARN.

*/ inline void SetLogGroupIdentifier(const Aws::String& value) { m_logGroupIdentifierHasBeenSet = true; m_logGroupIdentifier = value; } /** *

Specify either the log group name or log group ARN.

*/ inline void SetLogGroupIdentifier(Aws::String&& value) { m_logGroupIdentifierHasBeenSet = true; m_logGroupIdentifier = std::move(value); } /** *

Specify either the log group name or log group ARN.

*/ inline void SetLogGroupIdentifier(const char* value) { m_logGroupIdentifierHasBeenSet = true; m_logGroupIdentifier.assign(value); } /** *

Specify either the log group name or log group ARN.

*/ inline PutDataProtectionPolicyRequest& WithLogGroupIdentifier(const Aws::String& value) { SetLogGroupIdentifier(value); return *this;} /** *

Specify either the log group name or log group ARN.

*/ inline PutDataProtectionPolicyRequest& WithLogGroupIdentifier(Aws::String&& value) { SetLogGroupIdentifier(std::move(value)); return *this;} /** *

Specify either the log group name or log group ARN.

*/ inline PutDataProtectionPolicyRequest& WithLogGroupIdentifier(const char* value) { SetLogGroupIdentifier(value); return *this;} /** *

Specify the data protection policy, in JSON.

This policy must include * two JSON blocks:

The first block must include both a * DataIdentifer array and an Operation property with an * Audit action. The DataIdentifer array lists the types * of sensitive data that you want to mask. For more information about the * available options, see Types * of data that you can mask.

The Operation property with * an Audit action is required to find the sensitive data terms. This * Audit action must contain a FindingsDestination * object. You can optionally use that FindingsDestination object to * list one or more destinations to send audit findings to. If you specify * destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, * they must already exist.
The second block must include both a * DataIdentifer array and an Operation property with an * Deidentify action. The DataIdentifer array must * exactly match the DataIdentifer array in the first block of the * policy.

The Operation property with the * Deidentify action is what actually masks the data, and it must * contain the "MaskConfig": {} object. The "MaskConfig": * {} object must be empty.

For an example data * protection policy, see the Examples section on this page.

The contents of the two DataIdentifer arrays must match * exactly.

In addition to the two JSON blocks, the * policyDocument can also include Name, * Description, and Version fields. The Name * is used as a dimension when CloudWatch Logs reports audit findings metrics to * CloudWatch.

The JSON specified in policyDocument can be up * to 30,720 characters.

*/ inline const Aws::String& GetPolicyDocument() const{ return m_policyDocument; } /** *

Specify the data protection policy, in JSON.

This policy must include * two JSON blocks:

The first block must include both a * DataIdentifer array and an Operation property with an * Audit action. The DataIdentifer array lists the types * of sensitive data that you want to mask. For more information about the * available options, see Types * of data that you can mask.

The Operation property with * an Audit action is required to find the sensitive data terms. This * Audit action must contain a FindingsDestination * object. You can optionally use that FindingsDestination object to * list one or more destinations to send audit findings to. If you specify * destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, * they must already exist.
The second block must include both a * DataIdentifer array and an Operation property with an * Deidentify action. The DataIdentifer array must * exactly match the DataIdentifer array in the first block of the * policy.

The Operation property with the * Deidentify action is what actually masks the data, and it must * contain the "MaskConfig": {} object. The "MaskConfig": * {} object must be empty.

For an example data * protection policy, see the Examples section on this page.

The contents of the two DataIdentifer arrays must match * exactly.

The JSON specified in policyDocument can be up * to 30,720 characters.

*/ inline bool PolicyDocumentHasBeenSet() const { return m_policyDocumentHasBeenSet; } /** *

Specify the data protection policy, in JSON.

This policy must include * two JSON blocks:

The first block must include both a * DataIdentifer array and an Operation property with an * Audit action. The DataIdentifer array lists the types * of sensitive data that you want to mask. For more information about the * available options, see Types * of data that you can mask.

The Operation property with * an Audit action is required to find the sensitive data terms. This * Audit action must contain a FindingsDestination * object. You can optionally use that FindingsDestination object to * list one or more destinations to send audit findings to. If you specify * destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, * they must already exist.
The second block must include both a * DataIdentifer array and an Operation property with an * Deidentify action. The DataIdentifer array must * exactly match the DataIdentifer array in the first block of the * policy.

The Operation property with the * Deidentify action is what actually masks the data, and it must * contain the "MaskConfig": {} object. The "MaskConfig": * {} object must be empty.

For an example data * protection policy, see the Examples section on this page.

The contents of the two DataIdentifer arrays must match * exactly.

The JSON specified in policyDocument can be up * to 30,720 characters.

*/ inline void SetPolicyDocument(const Aws::String& value) { m_policyDocumentHasBeenSet = true; m_policyDocument = value; } /** *

Specify the data protection policy, in JSON.

This policy must include * two JSON blocks:

The first block must include both a * DataIdentifer array and an Operation property with an * Audit action. The DataIdentifer array lists the types * of sensitive data that you want to mask. For more information about the * available options, see Types * of data that you can mask.

The Operation property with * an Audit action is required to find the sensitive data terms. This * Audit action must contain a FindingsDestination * object. You can optionally use that FindingsDestination object to * list one or more destinations to send audit findings to. If you specify * destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, * they must already exist.
The second block must include both a * DataIdentifer array and an Operation property with an * Deidentify action. The DataIdentifer array must * exactly match the DataIdentifer array in the first block of the * policy.

The Operation property with the * Deidentify action is what actually masks the data, and it must * contain the "MaskConfig": {} object. The "MaskConfig": * {} object must be empty.

For an example data * protection policy, see the Examples section on this page.

The contents of the two DataIdentifer arrays must match * exactly.

The JSON specified in policyDocument can be up * to 30,720 characters.

*/ inline void SetPolicyDocument(Aws::String&& value) { m_policyDocumentHasBeenSet = true; m_policyDocument = std::move(value); } /** *

Specify the data protection policy, in JSON.

This policy must include * two JSON blocks:

The first block must include both a * DataIdentifer array and an Operation property with an * Audit action. The DataIdentifer array lists the types * of sensitive data that you want to mask. For more information about the * available options, see Types * of data that you can mask.

The Operation property with * an Audit action is required to find the sensitive data terms. This * Audit action must contain a FindingsDestination * object. You can optionally use that FindingsDestination object to * list one or more destinations to send audit findings to. If you specify * destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, * they must already exist.
The second block must include both a * DataIdentifer array and an Operation property with an * Deidentify action. The DataIdentifer array must * exactly match the DataIdentifer array in the first block of the * policy.

The Operation property with the * Deidentify action is what actually masks the data, and it must * contain the "MaskConfig": {} object. The "MaskConfig": * {} object must be empty.

For an example data * protection policy, see the Examples section on this page.

The contents of the two DataIdentifer arrays must match * exactly.

The JSON specified in policyDocument can be up * to 30,720 characters.

*/ inline void SetPolicyDocument(const char* value) { m_policyDocumentHasBeenSet = true; m_policyDocument.assign(value); } /** *

Specify the data protection policy, in JSON.

This policy must include * two JSON blocks:

The first block must include both a * DataIdentifer array and an Operation property with an * Audit action. The DataIdentifer array lists the types * of sensitive data that you want to mask. For more information about the * available options, see Types * of data that you can mask.

The Operation property with * an Audit action is required to find the sensitive data terms. This * Audit action must contain a FindingsDestination * object. You can optionally use that FindingsDestination object to * list one or more destinations to send audit findings to. If you specify * destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, * they must already exist.
The second block must include both a * DataIdentifer array and an Operation property with an * Deidentify action. The DataIdentifer array must * exactly match the DataIdentifer array in the first block of the * policy.

The Operation property with the * Deidentify action is what actually masks the data, and it must * contain the "MaskConfig": {} object. The "MaskConfig": * {} object must be empty.

For an example data * protection policy, see the Examples section on this page.

The contents of the two DataIdentifer arrays must match * exactly.

The JSON specified in policyDocument can be up * to 30,720 characters.

*/ inline PutDataProtectionPolicyRequest& WithPolicyDocument(const Aws::String& value) { SetPolicyDocument(value); return *this;} /** *

Specify the data protection policy, in JSON.

This policy must include * two JSON blocks:

The first block must include both a * DataIdentifer array and an Operation property with an * Audit action. The DataIdentifer array lists the types * of sensitive data that you want to mask. For more information about the * available options, see Types * of data that you can mask.

The Operation property with * an Audit action is required to find the sensitive data terms. This * Audit action must contain a FindingsDestination * object. You can optionally use that FindingsDestination object to * list one or more destinations to send audit findings to. If you specify * destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, * they must already exist.
The second block must include both a * DataIdentifer array and an Operation property with an * Deidentify action. The DataIdentifer array must * exactly match the DataIdentifer array in the first block of the * policy.

The Operation property with the * Deidentify action is what actually masks the data, and it must * contain the "MaskConfig": {} object. The "MaskConfig": * {} object must be empty.

For an example data * protection policy, see the Examples section on this page.

The contents of the two DataIdentifer arrays must match * exactly.

The JSON specified in policyDocument can be up * to 30,720 characters.

*/ inline PutDataProtectionPolicyRequest& WithPolicyDocument(Aws::String&& value) { SetPolicyDocument(std::move(value)); return *this;} /** *

Specify the data protection policy, in JSON.

This policy must include * two JSON blocks:

The first block must include both a * DataIdentifer array and an Operation property with an * Audit action. The DataIdentifer array lists the types * of sensitive data that you want to mask. For more information about the * available options, see Types * of data that you can mask.

The Operation property with * an Audit action is required to find the sensitive data terms. This * Audit action must contain a FindingsDestination * object. You can optionally use that FindingsDestination object to * list one or more destinations to send audit findings to. If you specify * destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, * they must already exist.
The second block must include both a * DataIdentifer array and an Operation property with an * Deidentify action. The DataIdentifer array must * exactly match the DataIdentifer array in the first block of the * policy.

The Operation property with the * Deidentify action is what actually masks the data, and it must * contain the "MaskConfig": {} object. The "MaskConfig": * {} object must be empty.

For an example data * protection policy, see the Examples section on this page.

The contents of the two DataIdentifer arrays must match * exactly.

The JSON specified in policyDocument can be up * to 30,720 characters.

*/ inline PutDataProtectionPolicyRequest& WithPolicyDocument(const char* value) { SetPolicyDocument(value); return *this;} private: Aws::String m_logGroupIdentifier; bool m_logGroupIdentifierHasBeenSet = false; Aws::String m_policyDocument; bool m_policyDocumentHasBeenSet = false; }; } // namespace Model } // namespace CloudWatchLogs } // namespace Aws