aws-sdk-cloudtrail 1.19.0 → 1.24.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -6,6 +6,7 @@
6
6
  # WARNING ABOUT GENERATED CODE
7
7
 
8
8
  module Aws::CloudTrail
9
+
9
10
  class Resource
10
11
 
11
12
  # @param options ({})
@@ -49,6 +49,35 @@ module Aws::CloudTrail
49
49
  #
50
50
  class AddTagsResponse < Aws::EmptyStructure; end
51
51
 
52
+ # This exception is thrown when an operation is called with an invalid
53
+ # trail ARN. The format of a trail ARN is:
54
+ #
55
+ # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
56
+ #
57
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CloudTrailARNInvalidException AWS API Documentation
58
+ #
59
+ class CloudTrailARNInvalidException < Aws::EmptyStructure; end
60
+
61
+ # This exception is thrown when trusted access has not been enabled
62
+ # between AWS CloudTrail and AWS Organizations. For more information,
63
+ # see [Enabling Trusted Access with Other AWS Services][1] and [Prepare
64
+ # For Creating a Trail For Your Organization][2].
65
+ #
66
+ #
67
+ #
68
+ # [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html
69
+ # [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html
70
+ #
71
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CloudTrailAccessNotEnabledException AWS API Documentation
72
+ #
73
+ class CloudTrailAccessNotEnabledException < Aws::EmptyStructure; end
74
+
75
+ # Cannot set a CloudWatch Logs delivery for this region.
76
+ #
77
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CloudWatchLogsDeliveryUnavailableException AWS API Documentation
78
+ #
79
+ class CloudWatchLogsDeliveryUnavailableException < Aws::EmptyStructure; end
80
+
52
81
  # Specifies the settings for each trail.
53
82
  #
54
83
  # @note When making an API call, you may pass CreateTrailRequest
@@ -301,9 +330,9 @@ module Aws::CloudTrail
301
330
 
302
331
  # The Amazon S3 buckets or AWS Lambda functions that you specify in your
303
332
  # event selectors for your trail to log data events. Data events provide
304
- # insight into the resource operations performed on or within a resource
305
- # itself. These are also known as data plane operations. You can specify
306
- # up to 250 data resources for a trail.
333
+ # information about the resource operations performed on or within a
334
+ # resource itself. These are also known as data plane operations. You
335
+ # can specify up to 250 data resources for a trail.
307
336
  #
308
337
  # <note markdown="1"> The total number of allowed data resources is 250. This number can be
309
338
  # distributed between 1 and 5 event selectors, but the total cannot
@@ -503,7 +532,12 @@ module Aws::CloudTrail
503
532
  # returns an error.
504
533
  #
505
534
  # @!attribute [rw] trail_list
506
- # The list of trail objects.
535
+ # The list of trail objects. Trail objects with string values are only
536
+ # returned if values for the objects exist in a trail's
537
+ # configuration. For example, `SNSTopicName` and `SNSTopicARN` are
538
+ # only returned in results if a trail is configured to send SNS
539
+ # notifications. Similarly, `KMSKeyId` only appears in results if a
540
+ # trail's log files are encrypted with AWS KMS-managed keys.
507
541
  # @return [Array<Types::Trail>]
508
542
  #
509
543
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeTrailsResponse AWS API Documentation
@@ -594,6 +628,7 @@ module Aws::CloudTrail
594
628
  # values: ["String"],
595
629
  # },
596
630
  # ],
631
+ # exclude_management_event_sources: ["String"],
597
632
  # }
598
633
  #
599
634
  # @!attribute [rw] read_write_type
@@ -636,12 +671,22 @@ module Aws::CloudTrail
636
671
  # [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html
637
672
  # @return [Array<Types::DataResource>]
638
673
  #
674
+ # @!attribute [rw] exclude_management_event_sources
675
+ # An optional list of service event sources from which you do not want
676
+ # management events to be logged on your trail. In this release, the
677
+ # list can be empty (disables the filter), or it can filter out AWS
678
+ # Key Management Service events by containing `"kms.amazonaws.com"`.
679
+ # By default, `ExcludeManagementEventSources` is empty, and AWS KMS
680
+ # events are included in events that are logged to your trail.
681
+ # @return [Array<String>]
682
+ #
639
683
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/EventSelector AWS API Documentation
640
684
  #
641
685
  class EventSelector < Struct.new(
642
686
  :read_write_type,
643
687
  :include_management_events,
644
- :data_resources)
688
+ :data_resources,
689
+ :exclude_management_event_sources)
645
690
  include Aws::Structure
646
691
  end
647
692
 
@@ -696,6 +741,60 @@ module Aws::CloudTrail
696
741
  include Aws::Structure
697
742
  end
698
743
 
744
+ # @note When making an API call, you may pass GetInsightSelectorsRequest
745
+ # data as a hash:
746
+ #
747
+ # {
748
+ # trail_name: "String", # required
749
+ # }
750
+ #
751
+ # @!attribute [rw] trail_name
752
+ # Specifies the name of the trail or trail ARN. If you specify a trail
753
+ # name, the string must meet the following requirements:
754
+ #
755
+ # * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.),
756
+ # underscores (\_), or dashes (-)
757
+ #
758
+ # * Start with a letter or number, and end with a letter or number
759
+ #
760
+ # * Be between 3 and 128 characters
761
+ #
762
+ # * Have no adjacent periods, underscores or dashes. Names like
763
+ # `my-_namespace` and `my--namespace` are not valid.
764
+ #
765
+ # * Not be in IP address format (for example, 192.168.5.4)
766
+ #
767
+ # If you specify a trail ARN, it must be in the format:
768
+ #
769
+ # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
770
+ # @return [String]
771
+ #
772
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetInsightSelectorsRequest AWS API Documentation
773
+ #
774
+ class GetInsightSelectorsRequest < Struct.new(
775
+ :trail_name)
776
+ include Aws::Structure
777
+ end
778
+
779
+ # @!attribute [rw] trail_arn
780
+ # The Amazon Resource Name (ARN) of a trail for which you want to get
781
+ # Insights selectors.
782
+ # @return [String]
783
+ #
784
+ # @!attribute [rw] insight_selectors
785
+ # A JSON string that contains the insight types you want to log on a
786
+ # trail. In this release, only `ApiCallRateInsight` is supported as an
787
+ # insight type.
788
+ # @return [Array<Types::InsightSelector>]
789
+ #
790
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetInsightSelectorsResponse AWS API Documentation
791
+ #
792
+ class GetInsightSelectorsResponse < Struct.new(
793
+ :trail_arn,
794
+ :insight_selectors)
795
+ include Aws::Structure
796
+ end
797
+
699
798
  # @note When making an API call, you may pass GetTrailRequest
700
799
  # data as a hash:
701
800
  #
@@ -889,6 +988,245 @@ module Aws::CloudTrail
889
988
  include Aws::Structure
890
989
  end
891
990
 
991
+ # If you run `GetInsightSelectors` on a trail that does not have
992
+ # Insights events enabled, the operation throws the exception
993
+ # `InsightNotEnabledException`.
994
+ #
995
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsightNotEnabledException AWS API Documentation
996
+ #
997
+ class InsightNotEnabledException < Aws::EmptyStructure; end
998
+
999
+ # A JSON string that contains a list of insight types that are logged on
1000
+ # a trail.
1001
+ #
1002
+ # @note When making an API call, you may pass InsightSelector
1003
+ # data as a hash:
1004
+ #
1005
+ # {
1006
+ # insight_type: "ApiCallRateInsight", # accepts ApiCallRateInsight
1007
+ # }
1008
+ #
1009
+ # @!attribute [rw] insight_type
1010
+ # The type of insights to log on a trail. In this release, only
1011
+ # `ApiCallRateInsight` is supported as an insight type.
1012
+ # @return [String]
1013
+ #
1014
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsightSelector AWS API Documentation
1015
+ #
1016
+ class InsightSelector < Struct.new(
1017
+ :insight_type)
1018
+ include Aws::Structure
1019
+ end
1020
+
1021
+ # This exception is thrown when the IAM user or role that is used to
1022
+ # create the organization trail is lacking one or more required
1023
+ # permissions for creating an organization trail in a required service.
1024
+ # For more information, see [Prepare For Creating a Trail For Your
1025
+ # Organization][1].
1026
+ #
1027
+ #
1028
+ #
1029
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html
1030
+ #
1031
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsufficientDependencyServiceAccessPermissionException AWS API Documentation
1032
+ #
1033
+ class InsufficientDependencyServiceAccessPermissionException < Aws::EmptyStructure; end
1034
+
1035
+ # This exception is thrown when the policy on the S3 bucket or KMS key
1036
+ # is not sufficient.
1037
+ #
1038
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsufficientEncryptionPolicyException AWS API Documentation
1039
+ #
1040
+ class InsufficientEncryptionPolicyException < Aws::EmptyStructure; end
1041
+
1042
+ # This exception is thrown when the policy on the S3 bucket is not
1043
+ # sufficient.
1044
+ #
1045
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsufficientS3BucketPolicyException AWS API Documentation
1046
+ #
1047
+ class InsufficientS3BucketPolicyException < Aws::EmptyStructure; end
1048
+
1049
+ # This exception is thrown when the policy on the SNS topic is not
1050
+ # sufficient.
1051
+ #
1052
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsufficientSnsTopicPolicyException AWS API Documentation
1053
+ #
1054
+ class InsufficientSnsTopicPolicyException < Aws::EmptyStructure; end
1055
+
1056
+ # This exception is thrown when the provided CloudWatch log group is not
1057
+ # valid.
1058
+ #
1059
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidCloudWatchLogsLogGroupArnException AWS API Documentation
1060
+ #
1061
+ class InvalidCloudWatchLogsLogGroupArnException < Aws::EmptyStructure; end
1062
+
1063
+ # This exception is thrown when the provided role is not valid.
1064
+ #
1065
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidCloudWatchLogsRoleArnException AWS API Documentation
1066
+ #
1067
+ class InvalidCloudWatchLogsRoleArnException < Aws::EmptyStructure; end
1068
+
1069
+ # Occurs if an event category that is not valid is specified as a value
1070
+ # of `EventCategory`.
1071
+ #
1072
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidEventCategoryException AWS API Documentation
1073
+ #
1074
+ class InvalidEventCategoryException < Aws::EmptyStructure; end
1075
+
1076
+ # This exception is thrown when the `PutEventSelectors` operation is
1077
+ # called with a number of event selectors or data resources that is not
1078
+ # valid. The combination of event selectors and data resources is not
1079
+ # valid. A trail can have up to 5 event selectors. A trail is limited to
1080
+ # 250 data resources. These data resources can be distributed across
1081
+ # event selectors, but the overall total cannot exceed 250.
1082
+ #
1083
+ # You can:
1084
+ #
1085
+ # * Specify a valid number of event selectors (1 to 5) for a trail.
1086
+ #
1087
+ # * Specify a valid number of data resources (1 to 250) for an event
1088
+ # selector. The limit of number of resources on an individual event
1089
+ # selector is configurable up to 250. However, this upper limit is
1090
+ # allowed only if the total number of data resources does not exceed
1091
+ # 250 across all event selectors for a trail.
1092
+ #
1093
+ # * Specify a valid value for a parameter. For example, specifying the
1094
+ # `ReadWriteType` parameter with a value of `read-only` is invalid.
1095
+ #
1096
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidEventSelectorsException AWS API Documentation
1097
+ #
1098
+ class InvalidEventSelectorsException < Aws::EmptyStructure; end
1099
+
1100
+ # This exception is thrown when an operation is called on a trail from a
1101
+ # region other than the region in which the trail was created.
1102
+ #
1103
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidHomeRegionException AWS API Documentation
1104
+ #
1105
+ class InvalidHomeRegionException < Aws::EmptyStructure; end
1106
+
1107
+ # The formatting or syntax of the `InsightSelectors` JSON statement in
1108
+ # your `PutInsightSelectors` or `GetInsightSelectors` request is not
1109
+ # valid, or the specified insight type in the `InsightSelectors`
1110
+ # statement is not a valid insight type.
1111
+ #
1112
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidInsightSelectorsException AWS API Documentation
1113
+ #
1114
+ class InvalidInsightSelectorsException < Aws::EmptyStructure; end
1115
+
1116
+ # This exception is thrown when the KMS key ARN is invalid.
1117
+ #
1118
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidKmsKeyIdException AWS API Documentation
1119
+ #
1120
+ class InvalidKmsKeyIdException < Aws::EmptyStructure; end
1121
+
1122
+ # Occurs when an invalid lookup attribute is specified.
1123
+ #
1124
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidLookupAttributesException AWS API Documentation
1125
+ #
1126
+ class InvalidLookupAttributesException < Aws::EmptyStructure; end
1127
+
1128
+ # This exception is thrown if the limit specified is invalid.
1129
+ #
1130
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidMaxResultsException AWS API Documentation
1131
+ #
1132
+ class InvalidMaxResultsException < Aws::EmptyStructure; end
1133
+
1134
+ # Invalid token or token that was previously used in a request with
1135
+ # different parameters. This exception is thrown if the token is
1136
+ # invalid.
1137
+ #
1138
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidNextTokenException AWS API Documentation
1139
+ #
1140
+ class InvalidNextTokenException < Aws::EmptyStructure; end
1141
+
1142
+ # This exception is thrown when the combination of parameters provided
1143
+ # is not valid.
1144
+ #
1145
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidParameterCombinationException AWS API Documentation
1146
+ #
1147
+ class InvalidParameterCombinationException < Aws::EmptyStructure; end
1148
+
1149
+ # This exception is thrown when the provided S3 bucket name is not
1150
+ # valid.
1151
+ #
1152
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidS3BucketNameException AWS API Documentation
1153
+ #
1154
+ class InvalidS3BucketNameException < Aws::EmptyStructure; end
1155
+
1156
+ # This exception is thrown when the provided S3 prefix is not valid.
1157
+ #
1158
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidS3PrefixException AWS API Documentation
1159
+ #
1160
+ class InvalidS3PrefixException < Aws::EmptyStructure; end
1161
+
1162
+ # This exception is thrown when the provided SNS topic name is not
1163
+ # valid.
1164
+ #
1165
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidSnsTopicNameException AWS API Documentation
1166
+ #
1167
+ class InvalidSnsTopicNameException < Aws::EmptyStructure; end
1168
+
1169
+ # This exception is thrown when the specified tag key or values are not
1170
+ # valid. It can also occur if there are duplicate tags or too many tags
1171
+ # on the resource.
1172
+ #
1173
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidTagParameterException AWS API Documentation
1174
+ #
1175
+ class InvalidTagParameterException < Aws::EmptyStructure; end
1176
+
1177
+ # Occurs if the timestamp values are invalid. Either the start time
1178
+ # occurs after the end time or the time range is outside the range of
1179
+ # possible values.
1180
+ #
1181
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidTimeRangeException AWS API Documentation
1182
+ #
1183
+ class InvalidTimeRangeException < Aws::EmptyStructure; end
1184
+
1185
+ # Reserved for future use.
1186
+ #
1187
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidTokenException AWS API Documentation
1188
+ #
1189
+ class InvalidTokenException < Aws::EmptyStructure; end
1190
+
1191
+ # This exception is thrown when the provided trail name is not valid.
1192
+ # Trail names must meet the following requirements:
1193
+ #
1194
+ # * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.),
1195
+ # underscores (\_), or dashes (-)
1196
+ #
1197
+ # * Start with a letter or number, and end with a letter or number
1198
+ #
1199
+ # * Be between 3 and 128 characters
1200
+ #
1201
+ # * Have no adjacent periods, underscores or dashes. Names like
1202
+ # `my-_namespace` and `my--namespace` are invalid.
1203
+ #
1204
+ # * Not be in IP address format (for example, 192.168.5.4)
1205
+ #
1206
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidTrailNameException AWS API Documentation
1207
+ #
1208
+ class InvalidTrailNameException < Aws::EmptyStructure; end
1209
+
1210
+ # This exception is thrown when there is an issue with the specified KMS
1211
+ # key and the trail can’t be updated.
1212
+ #
1213
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/KmsException AWS API Documentation
1214
+ #
1215
+ class KmsException < Aws::EmptyStructure; end
1216
+
1217
+ # This exception is no longer in use.
1218
+ #
1219
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/KmsKeyDisabledException AWS API Documentation
1220
+ #
1221
+ class KmsKeyDisabledException < Aws::EmptyStructure; end
1222
+
1223
+ # This exception is thrown when the KMS key does not exist, or when the
1224
+ # S3 bucket and the KMS key are not in the same region.
1225
+ #
1226
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/KmsKeyNotFoundException AWS API Documentation
1227
+ #
1228
+ class KmsKeyNotFoundException < Aws::EmptyStructure; end
1229
+
892
1230
  # Requests the public keys for a specified time range.
893
1231
  #
894
1232
  # @note When making an API call, you may pass ListPublicKeysRequest
@@ -1004,6 +1342,12 @@ module Aws::CloudTrail
1004
1342
  # }
1005
1343
  #
1006
1344
  # @!attribute [rw] next_token
1345
+ # The token to use to get the next page of results after a previous
1346
+ # API call. This token must be passed in with the same parameters that
1347
+ # were specified in the the original call. For example, if the
1348
+ # original call specified an AttributeKey of 'Username' with a value
1349
+ # of 'root', the call with NextToken should include those same
1350
+ # parameters.
1007
1351
  # @return [String]
1008
1352
  #
1009
1353
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListTrailsRequest AWS API Documentation
@@ -1019,6 +1363,12 @@ module Aws::CloudTrail
1019
1363
  # @return [Array<Types::TrailInfo>]
1020
1364
  #
1021
1365
  # @!attribute [rw] next_token
1366
+ # The token to use to get the next page of results after a previous
1367
+ # API call. If the token does not appear, there are no more results to
1368
+ # return. The token must be passed in with the same parameters as the
1369
+ # previous call. For example, if the original call specified an
1370
+ # AttributeKey of 'Username' with a value of 'root', the call with
1371
+ # NextToken should include those same parameters.
1022
1372
  # @return [String]
1023
1373
  #
1024
1374
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListTrailsResponse AWS API Documentation
@@ -1069,6 +1419,7 @@ module Aws::CloudTrail
1069
1419
  # ],
1070
1420
  # start_time: Time.now,
1071
1421
  # end_time: Time.now,
1422
+ # event_category: "insight", # accepts insight
1072
1423
  # max_results: 1,
1073
1424
  # next_token: "NextToken",
1074
1425
  # }
@@ -1090,6 +1441,13 @@ module Aws::CloudTrail
1090
1441
  # start time, an error is returned.
1091
1442
  # @return [Time]
1092
1443
  #
1444
+ # @!attribute [rw] event_category
1445
+ # Specifies the event category. If you do not specify an event
1446
+ # category, events of the category are not returned in the response.
1447
+ # For example, if you do not specify `insight` as the value of
1448
+ # `EventCategory`, no Insights events are returned.
1449
+ # @return [String]
1450
+ #
1093
1451
  # @!attribute [rw] max_results
1094
1452
  # The number of events to return. Possible values are 1 through 50.
1095
1453
  # The default is 50.
@@ -1110,6 +1468,7 @@ module Aws::CloudTrail
1110
1468
  :lookup_attributes,
1111
1469
  :start_time,
1112
1470
  :end_time,
1471
+ :event_category,
1113
1472
  :max_results,
1114
1473
  :next_token)
1115
1474
  include Aws::Structure
@@ -1140,6 +1499,53 @@ module Aws::CloudTrail
1140
1499
  include Aws::Structure
1141
1500
  end
1142
1501
 
1502
+ # This exception is thrown when the maximum number of trails is reached.
1503
+ #
1504
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/MaximumNumberOfTrailsExceededException AWS API Documentation
1505
+ #
1506
+ class MaximumNumberOfTrailsExceededException < Aws::EmptyStructure; end
1507
+
1508
+ # This exception is thrown when the AWS account making the request to
1509
+ # create or update an organization trail is not the master account for
1510
+ # an organization in AWS Organizations. For more information, see
1511
+ # [Prepare For Creating a Trail For Your Organization][1].
1512
+ #
1513
+ #
1514
+ #
1515
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html
1516
+ #
1517
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/NotOrganizationMasterAccountException AWS API Documentation
1518
+ #
1519
+ class NotOrganizationMasterAccountException < Aws::EmptyStructure; end
1520
+
1521
+ # This exception is thrown when the requested operation is not
1522
+ # permitted.
1523
+ #
1524
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/OperationNotPermittedException AWS API Documentation
1525
+ #
1526
+ class OperationNotPermittedException < Aws::EmptyStructure; end
1527
+
1528
+ # This exception is thrown when AWS Organizations is not configured to
1529
+ # support all features. All features must be enabled in AWS Organization
1530
+ # to support creating an organization trail. For more information, see
1531
+ # [Prepare For Creating a Trail For Your Organization][1].
1532
+ #
1533
+ #
1534
+ #
1535
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html
1536
+ #
1537
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/OrganizationNotInAllFeaturesModeException AWS API Documentation
1538
+ #
1539
+ class OrganizationNotInAllFeaturesModeException < Aws::EmptyStructure; end
1540
+
1541
+ # This exception is thrown when the request is made from an AWS account
1542
+ # that is not a member of an organization. To make this request, sign in
1543
+ # using the credentials of an account that belongs to an organization.
1544
+ #
1545
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/OrganizationsNotInUseException AWS API Documentation
1546
+ #
1547
+ class OrganizationsNotInUseException < Aws::EmptyStructure; end
1548
+
1143
1549
  # Contains information about a returned public key.
1144
1550
  #
1145
1551
  # @!attribute [rw] value
@@ -1183,6 +1589,7 @@ module Aws::CloudTrail
1183
1589
  # values: ["String"],
1184
1590
  # },
1185
1591
  # ],
1592
+ # exclude_management_event_sources: ["String"],
1186
1593
  # },
1187
1594
  # ],
1188
1595
  # }
@@ -1240,6 +1647,56 @@ module Aws::CloudTrail
1240
1647
  include Aws::Structure
1241
1648
  end
1242
1649
 
1650
+ # @note When making an API call, you may pass PutInsightSelectorsRequest
1651
+ # data as a hash:
1652
+ #
1653
+ # {
1654
+ # trail_name: "String", # required
1655
+ # insight_selectors: [ # required
1656
+ # {
1657
+ # insight_type: "ApiCallRateInsight", # accepts ApiCallRateInsight
1658
+ # },
1659
+ # ],
1660
+ # }
1661
+ #
1662
+ # @!attribute [rw] trail_name
1663
+ # The name of the CloudTrail trail for which you want to change or add
1664
+ # Insights selectors.
1665
+ # @return [String]
1666
+ #
1667
+ # @!attribute [rw] insight_selectors
1668
+ # A JSON string that contains the insight types you want to log on a
1669
+ # trail. In this release, only `ApiCallRateInsight` is supported as an
1670
+ # insight type.
1671
+ # @return [Array<Types::InsightSelector>]
1672
+ #
1673
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectorsRequest AWS API Documentation
1674
+ #
1675
+ class PutInsightSelectorsRequest < Struct.new(
1676
+ :trail_name,
1677
+ :insight_selectors)
1678
+ include Aws::Structure
1679
+ end
1680
+
1681
+ # @!attribute [rw] trail_arn
1682
+ # The Amazon Resource Name (ARN) of a trail for which you want to
1683
+ # change or add Insights selectors.
1684
+ # @return [String]
1685
+ #
1686
+ # @!attribute [rw] insight_selectors
1687
+ # A JSON string that contains the insight types you want to log on a
1688
+ # trail. In this release, only `ApiCallRateInsight` is supported as an
1689
+ # insight type.
1690
+ # @return [Array<Types::InsightSelector>]
1691
+ #
1692
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectorsResponse AWS API Documentation
1693
+ #
1694
+ class PutInsightSelectorsResponse < Struct.new(
1695
+ :trail_arn,
1696
+ :insight_selectors)
1697
+ include Aws::Structure
1698
+ end
1699
+
1243
1700
  # Specifies the tags to remove from a trail.
1244
1701
  #
1245
1702
  # @note When making an API call, you may pass RemoveTagsRequest
@@ -1311,6 +1768,12 @@ module Aws::CloudTrail
1311
1768
  include Aws::Structure
1312
1769
  end
1313
1770
 
1771
+ # This exception is thrown when the specified resource is not found.
1772
+ #
1773
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ResourceNotFoundException AWS API Documentation
1774
+ #
1775
+ class ResourceNotFoundException < Aws::EmptyStructure; end
1776
+
1314
1777
  # A resource tag.
1315
1778
  #
1316
1779
  # @!attribute [rw] resource_id
@@ -1329,6 +1792,19 @@ module Aws::CloudTrail
1329
1792
  include Aws::Structure
1330
1793
  end
1331
1794
 
1795
+ # This exception is thrown when the specified resource type is not
1796
+ # supported by CloudTrail.
1797
+ #
1798
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ResourceTypeNotSupportedException AWS API Documentation
1799
+ #
1800
+ class ResourceTypeNotSupportedException < Aws::EmptyStructure; end
1801
+
1802
+ # This exception is thrown when the specified S3 bucket does not exist.
1803
+ #
1804
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/S3BucketDoesNotExistException AWS API Documentation
1805
+ #
1806
+ class S3BucketDoesNotExistException < Aws::EmptyStructure; end
1807
+
1332
1808
  # The request to CloudTrail to start logging AWS API calls for an
1333
1809
  # account.
1334
1810
  #
@@ -1422,6 +1898,13 @@ module Aws::CloudTrail
1422
1898
  include Aws::Structure
1423
1899
  end
1424
1900
 
1901
+ # The number of tags per trail has exceeded the permitted amount.
1902
+ # Currently, the limit is 50.
1903
+ #
1904
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/TagsLimitExceededException AWS API Documentation
1905
+ #
1906
+ class TagsLimitExceededException < Aws::EmptyStructure; end
1907
+
1425
1908
  # The settings for a trail.
1426
1909
  #
1427
1910
  # @!attribute [rw] name
@@ -1507,6 +1990,11 @@ module Aws::CloudTrail
1507
1990
  # Specifies if the trail has custom event selectors.
1508
1991
  # @return [Boolean]
1509
1992
  #
1993
+ # @!attribute [rw] has_insight_selectors
1994
+ # Specifies whether a trail has insight types specified in an
1995
+ # `InsightSelector` list.
1996
+ # @return [Boolean]
1997
+ #
1510
1998
  # @!attribute [rw] is_organization_trail
1511
1999
  # Specifies whether the trail is an organization trail.
1512
2000
  # @return [Boolean]
@@ -1528,10 +2016,17 @@ module Aws::CloudTrail
1528
2016
  :cloud_watch_logs_role_arn,
1529
2017
  :kms_key_id,
1530
2018
  :has_custom_event_selectors,
2019
+ :has_insight_selectors,
1531
2020
  :is_organization_trail)
1532
2021
  include Aws::Structure
1533
2022
  end
1534
2023
 
2024
+ # This exception is thrown when the specified trail already exists.
2025
+ #
2026
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/TrailAlreadyExistsException AWS API Documentation
2027
+ #
2028
+ class TrailAlreadyExistsException < Aws::EmptyStructure; end
2029
+
1535
2030
  # Information about a CloudTrail trail, including the trail's name,
1536
2031
  # home region, and Amazon Resource Name (ARN).
1537
2032
  #
@@ -1556,6 +2051,26 @@ module Aws::CloudTrail
1556
2051
  include Aws::Structure
1557
2052
  end
1558
2053
 
2054
+ # This exception is thrown when the trail with the given name is not
2055
+ # found.
2056
+ #
2057
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/TrailNotFoundException AWS API Documentation
2058
+ #
2059
+ class TrailNotFoundException < Aws::EmptyStructure; end
2060
+
2061
+ # This exception is no longer in use.
2062
+ #
2063
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/TrailNotProvidedException AWS API Documentation
2064
+ #
2065
+ class TrailNotProvidedException < Aws::EmptyStructure; end
2066
+
2067
+ # This exception is thrown when the requested operation is not
2068
+ # supported.
2069
+ #
2070
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UnsupportedOperationException AWS API Documentation
2071
+ #
2072
+ class UnsupportedOperationException < Aws::EmptyStructure; end
2073
+
1559
2074
  # Specifies settings to update for the trail.
1560
2075
  #
1561
2076
  # @note When making an API call, you may pass UpdateTrailRequest