Copyright	(c) 2013-2023 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	Safe-Inferred
Language	Haskell2010

Amazonka.AuditManager.Types.EvidenceFinderEnablement

Description

Documentation

data EvidenceFinderEnablement Source #

The settings object that specifies whether evidence finder is enabled. This object also describes the related event data store, and the backfill status for populating the event data store with evidence data.

See: newEvidenceFinderEnablement smart constructor.

Constructors

EvidenceFinderEnablement'

Fields

backfillStatus :: Maybe EvidenceFinderBackfillStatus
The current status of the evidence data backfill process.
The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past two years’ worth of evidence data so that your evidence can be queried.
- NOT_STARTED means that the backfill hasn’t started yet.
- IN_PROGRESS means that the backfill is in progress. This can take up to 7 days to complete, depending on the amount of evidence data.
- COMPLETED means that the backfill is complete. All of your past evidence is now queryable.
enablementStatus :: Maybe EvidenceFinderEnablementStatus
The current status of the evidence finder feature and the related event data store.
- ENABLE_IN_PROGRESS means that you requested to enable evidence finder. An event data store is currently being created to support evidence finder queries.
- ENABLED means that an event data store was successfully created and evidence finder is enabled. We recommend that you wait 7 days until the event data store is backfilled with your past two years’ worth of evidence data. You can use evidence finder in the meantime, but not all data might be available until the backfill is complete.
- DISABLE_IN_PROGRESS means that you requested to disable evidence finder, and your request is pending the deletion of the event data store.
- DISABLED means that you have permanently disabled evidence finder and the event data store has been deleted. You can't re-enable evidence finder after this point.
error :: Maybe Text
Represents any errors that occurred when enabling or disabling evidence finder.
eventDataStoreArn :: Maybe Text
The Amazon Resource Name (ARN) of the CloudTrail Lake event data store that’s used by evidence finder. The event data store is the lake of evidence data that evidence finder runs queries against.

Instances

Instances details

FromJSON EvidenceFinderEnablement Source #
Instance details Defined in Amazonka.AuditManager.Types.EvidenceFinderEnablement Methods parseJSON :: Value -> Parser EvidenceFinderEnablement # parseJSONList :: Value -> Parser [EvidenceFinderEnablement] #
Generic EvidenceFinderEnablement Source #
Instance details Defined in Amazonka.AuditManager.Types.EvidenceFinderEnablement Associated Types type Rep EvidenceFinderEnablement :: Type -> Type # Methods from :: EvidenceFinderEnablement -> Rep EvidenceFinderEnablement x # to :: Rep EvidenceFinderEnablement x -> EvidenceFinderEnablement #
Read EvidenceFinderEnablement Source #
Instance details Defined in Amazonka.AuditManager.Types.EvidenceFinderEnablement Methods readsPrec :: Int -> ReadS EvidenceFinderEnablement # readList :: ReadS [EvidenceFinderEnablement] # readPrec :: ReadPrec EvidenceFinderEnablement # readListPrec :: ReadPrec [EvidenceFinderEnablement] #
Show EvidenceFinderEnablement Source #
Instance details Defined in Amazonka.AuditManager.Types.EvidenceFinderEnablement Methods showsPrec :: Int -> EvidenceFinderEnablement -> ShowS # show :: EvidenceFinderEnablement -> String # showList :: [EvidenceFinderEnablement] -> ShowS #
NFData EvidenceFinderEnablement Source #
Instance details Defined in Amazonka.AuditManager.Types.EvidenceFinderEnablement Methods rnf :: EvidenceFinderEnablement -> () #
Eq EvidenceFinderEnablement Source #
Instance details Defined in Amazonka.AuditManager.Types.EvidenceFinderEnablement Methods (==) :: EvidenceFinderEnablement -> EvidenceFinderEnablement -> Bool # (/=) :: EvidenceFinderEnablement -> EvidenceFinderEnablement -> Bool #
Hashable EvidenceFinderEnablement Source #
Instance details Defined in Amazonka.AuditManager.Types.EvidenceFinderEnablement Methods hashWithSalt :: Int -> EvidenceFinderEnablement -> Int # hash :: EvidenceFinderEnablement -> Int #
type Rep EvidenceFinderEnablement Source #
Instance details Defined in Amazonka.AuditManager.Types.EvidenceFinderEnablement type Rep EvidenceFinderEnablement = D1 ('MetaData "EvidenceFinderEnablement" "Amazonka.AuditManager.Types.EvidenceFinderEnablement" "amazonka-auditmanager-2.0-FZ7GH2VR8PBBaoTT7BhtJQ" 'False) (C1 ('MetaCons "EvidenceFinderEnablement'" 'PrefixI 'True) ((S1 ('MetaSel ('Just "backfillStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe EvidenceFinderBackfillStatus)) :: S1 ('MetaSel ('Just "enablementStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe EvidenceFinderEnablementStatus))) :: (S1 ('MetaSel ('Just "error") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: S1 ('MetaSel ('Just "eventDataStoreArn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)))))

newEvidenceFinderEnablement :: EvidenceFinderEnablement Source #

Create a value of EvidenceFinderEnablement with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:backfillStatus:EvidenceFinderEnablement', evidenceFinderEnablement_backfillStatus - The current status of the evidence data backfill process.

The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past two years’ worth of evidence data so that your evidence can be queried.

NOT_STARTED means that the backfill hasn’t started yet.
IN_PROGRESS means that the backfill is in progress. This can take up to 7 days to complete, depending on the amount of evidence data.
COMPLETED means that the backfill is complete. All of your past evidence is now queryable.

$sel:enablementStatus:EvidenceFinderEnablement', evidenceFinderEnablement_enablementStatus - The current status of the evidence finder feature and the related event data store.

ENABLE_IN_PROGRESS means that you requested to enable evidence finder. An event data store is currently being created to support evidence finder queries.
ENABLED means that an event data store was successfully created and evidence finder is enabled. We recommend that you wait 7 days until the event data store is backfilled with your past two years’ worth of evidence data. You can use evidence finder in the meantime, but not all data might be available until the backfill is complete.
DISABLE_IN_PROGRESS means that you requested to disable evidence finder, and your request is pending the deletion of the event data store.
DISABLED means that you have permanently disabled evidence finder and the event data store has been deleted. You can't re-enable evidence finder after this point.

$sel:error:EvidenceFinderEnablement', evidenceFinderEnablement_error - Represents any errors that occurred when enabling or disabling evidence finder.

$sel:eventDataStoreArn:EvidenceFinderEnablement', evidenceFinderEnablement_eventDataStoreArn - The Amazon Resource Name (ARN) of the CloudTrail Lake event data store that’s used by evidence finder. The event data store is the lake of evidence data that evidence finder runs queries against.

evidenceFinderEnablement_backfillStatus :: Lens' EvidenceFinderEnablement (Maybe EvidenceFinderBackfillStatus) Source #

The current status of the evidence data backfill process.

The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past two years’ worth of evidence data so that your evidence can be queried.

NOT_STARTED means that the backfill hasn’t started yet.
IN_PROGRESS means that the backfill is in progress. This can take up to 7 days to complete, depending on the amount of evidence data.
COMPLETED means that the backfill is complete. All of your past evidence is now queryable.

evidenceFinderEnablement_enablementStatus :: Lens' EvidenceFinderEnablement (Maybe EvidenceFinderEnablementStatus) Source #

The current status of the evidence finder feature and the related event data store.

ENABLE_IN_PROGRESS means that you requested to enable evidence finder. An event data store is currently being created to support evidence finder queries.
ENABLED means that an event data store was successfully created and evidence finder is enabled. We recommend that you wait 7 days until the event data store is backfilled with your past two years’ worth of evidence data. You can use evidence finder in the meantime, but not all data might be available until the backfill is complete.
DISABLE_IN_PROGRESS means that you requested to disable evidence finder, and your request is pending the deletion of the event data store.
DISABLED means that you have permanently disabled evidence finder and the event data store has been deleted. You can't re-enable evidence finder after this point.

evidenceFinderEnablement_error :: Lens' EvidenceFinderEnablement (Maybe Text) Source #

Represents any errors that occurred when enabling or disabling evidence finder.

evidenceFinderEnablement_eventDataStoreArn :: Lens' EvidenceFinderEnablement (Maybe Text) Source #

The Amazon Resource Name (ARN) of the CloudTrail Lake event data store that’s used by evidence finder. The event data store is the lake of evidence data that evidence finder runs queries against.