aws-sdk-cloudtrail 1.3.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: baa9fd28d6ab374b96b72762c303f695709e3173
-  data.tar.gz: 63b101f54a8a98d0122321f1fd385684501ab1f2
+  metadata.gz: 9e85e39980d3f103dc77fc20071fb5ea4353a38e
+  data.tar.gz: 4d530700c634c9a34d35250d0d884dee80557c48
 SHA512:
-  metadata.gz: 180e744859c3174319d06351ed7a0a789cd88b32409e6cdd8bb8bdc7da2d415780c1e2d962f655110b9add6a5e3d99ee622fd0e945ac614a987cf5780e1ecfa5
-  data.tar.gz: 7a0de47550b15f5db7a0af6bbb7e83187ba39e964539f2e8a1ed2ea8fda606986c5de377f090ad51e36f344799ed1a08f1b5887e16be3e949d0be968006edc09
+  metadata.gz: e6282a87993caa6e5c60183c6cfc9af55637358d01830ca1c613e2b3c6af997d31ce65f897bf40ac905b141cd9bf81912265803a2160dffe47271dd821f4cdd6
+  data.tar.gz: 6315a776825a7a3a62c62ad7491230c668be9048947c93fc0762b7441e6038fd6ba05f26bb7704aae711022e10f93fba9ed20e50f5f933bc1896b42188d8febc

data/lib/aws-sdk-cloudtrail.rb

@@ -42,6 +42,6 @@ require_relative 'aws-sdk-cloudtrail/customizations'
 # @service
 module Aws::CloudTrail
 
-  GEM_VERSION = '1.3.0'
+  GEM_VERSION = '1.4.0'
 
 end

data/lib/aws-sdk-cloudtrail/client.rb

@@ -197,7 +197,7 @@ module Aws::CloudTrail
     #   Specifies the ARN of the trail to which one or more tags will be
     #   added. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     # @option params [Array<Types::Tag>] :tags_list
     #   Contains a list of CloudTrail tags, up to a limit of 50
@@ -311,9 +311,9 @@ module Aws::CloudTrail
     #
     #   * alias/MyAliasName
     #
-    #   * arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
+    #   * arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
     #
-    #   * arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012
+    #   * arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
     #
     #   * 12345678-1234-1234-1234-123456789012
     #
@@ -379,7 +379,7 @@ module Aws::CloudTrail
     # @option params [required, String] :name
     #   Specifies the name or the CloudTrail ARN of the trail to be deleted.
     #   The format of a trail ARN is:
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -405,7 +405,7 @@ module Aws::CloudTrail
     #   Specifies a list of trail names, trail ARNs, or both, of the trails to
     #   describe. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     #   If an empty list is specified, information for the trail in the
     #   current region is returned.
@@ -471,12 +471,14 @@ module Aws::CloudTrail
     # your trail. The information returned for your event selectors includes
     # the following:
     #
-    # * The S3 objects that you are logging for data events.
+    # * If your event selector includes read-only events, write-only events,
+    #   or all events. This applies to both management events and data
+    #   events.
     #
     # * If your event selector includes management events.
     #
-    # * If your event selector includes read-only events, write-only events,
-    #   or all.
+    # * If your event selector includes data events, the Amazon S3 objects
+    #   or AWS Lambda functions that you are logging for data events.
     #
     # For more information, see [Logging Data and Management Events for
     # Trails ][1] in the *AWS CloudTrail User Guide*.
@@ -497,13 +499,13 @@ module Aws::CloudTrail
     #   * Be between 3 and 128 characters
     #
     #   * Have no adjacent periods, underscores or dashes. Names like
-    #     `my-_namespace` and `my--namespace` are invalid.
+    #     `my-_namespace` and `my--namespace` are not valid.
     #
     #   * Not be in IP address format (for example, 192.168.5.4)
     #
     #   If you specify a trail ARN, it must be in the format:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     # @return [Types::GetEventSelectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -549,7 +551,7 @@ module Aws::CloudTrail
     #   replication of the trail in another region), you must specify its ARN.
     #   The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     # @return [Types::GetTrailStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -668,7 +670,7 @@ module Aws::CloudTrail
     #   Specifies a list of trail ARNs whose tags will be listed. The list has
     #   a limit of 20 ARNs. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     # @option params [String] :next_token
     #   Reserved for future use.
@@ -703,11 +705,11 @@ module Aws::CloudTrail
       req.send_request(options)
     end
 
-    # Looks up API activity events captured by CloudTrail that create,
-    # update, or delete resources in your account. Events for a region can
-    # be looked up for the times in which you had CloudTrail turned on in
-    # that region during the last seven days. Lookup supports the following
-    # attributes:
+    # Looks up [management events][1] captured by CloudTrail. Events for a
+    # region can be looked up in that region during the last 90 days. Lookup
+    # supports the following attributes:
+    #
+    # * AWS access key
     #
     # * Event ID
     #
@@ -715,6 +717,8 @@ module Aws::CloudTrail
     #
     # * Event source
     #
+    # * Read only
+    #
     # * Resource name
     #
     # * Resource type
@@ -722,7 +726,7 @@ module Aws::CloudTrail
     # * User name
     #
     # All attributes are optional. The default number of results returned is
-    # 10, with a maximum of 50 possible. The response includes a token that
+    # 50, with a maximum of 50 possible. The response includes a token that
     # you can use to get the next page of results.
     #
     # The rate of lookup requests is limited to one per second per account.
@@ -732,6 +736,10 @@ module Aws::CloudTrail
     # available for lookup if CloudTrail logging was not enabled when the
     # events occurred.
     #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-concepts.html#cloudtrail-concepts-management-events
+    #
     # @option params [Array<Types::LookupAttribute>] :lookup_attributes
     #   Contains a list of lookup attributes. Currently the list can contain
     #   only one item.
@@ -748,7 +756,7 @@ module Aws::CloudTrail
     #
     # @option params [Integer] :max_results
     #   The number of events to return. Possible values are 1 through 50. The
-    #   default is 10.
+    #   default is 50.
     #
     # @option params [String] :next_token
     #   The token to use to get the next page of results after a previous API
@@ -767,7 +775,7 @@ module Aws::CloudTrail
     #   resp = client.lookup_events({
     #     lookup_attributes: [
     #       {
-    #         attribute_key: "EventId", # required, accepts EventId, EventName, Username, ResourceType, ResourceName, EventSource
+    #         attribute_key: "EventId", # required, accepts EventId, EventName, ReadOnly, Username, ResourceType, ResourceName, EventSource, AccessKeyId
     #         attribute_value: "String", # required
     #       },
     #     ],
@@ -782,6 +790,8 @@ module Aws::CloudTrail
     #   resp.events #=> Array
     #   resp.events[0].event_id #=> String
     #   resp.events[0].event_name #=> String
+    #   resp.events[0].read_only #=> String
+    #   resp.events[0].access_key_id #=> String
     #   resp.events[0].event_time #=> Time
     #   resp.events[0].event_source #=> String
     #   resp.events[0].username #=> String
@@ -801,12 +811,15 @@ module Aws::CloudTrail
     end
 
     # Configures an event selector for your trail. Use event selectors to
-    # specify whether you want your trail to log management and/or data
-    # events. When an event occurs in your account, CloudTrail evaluates the
-    # event selectors in all trails. For each trail, if the event matches
-    # any event selector, the trail processes and logs the event. If the
-    # event doesn't match any event selector, the trail doesn't log the
-    # event.
+    # further specify the management and data event settings for your trail.
+    # By default, trails created without specific event selectors will be
+    # configured to log all read and write management events, and no data
+    # events.
+    #
+    # When an event occurs in your account, CloudTrail evaluates the event
+    # selectors in all trails. For each trail, if the event matches any
+    # event selector, the trail processes and logs the event. If the event
+    # doesn't match any event selector, the trail doesn't log the event.
     #
     # Example
     #
@@ -831,11 +844,12 @@ module Aws::CloudTrail
     #
     # You can configure up to five event selectors for each trail. For more
     # information, see [Logging Data and Management Events for Trails ][1]
-    # in the *AWS CloudTrail User Guide*.
+    # and [Limits in AWS CloudTrail][2] in the *AWS CloudTrail User Guide*.
     #
     #
     #
     # [1]: http://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html
+    # [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html
     #
     # @option params [required, String] :trail_name
     #   Specifies the name of the trail or trail ARN. If you specify a trail
@@ -855,7 +869,7 @@ module Aws::CloudTrail
     #
     #   If you specify a trail ARN, it must be in the format:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     # @option params [required, Array<Types::EventSelector>] :event_selectors
     #   Specifies the settings for your event selectors. You can configure up
@@ -910,7 +924,7 @@ module Aws::CloudTrail
     #   Specifies the ARN of the trail from which tags should be removed. The
     #   format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     # @option params [Array<Types::Tag>] :tags_list
     #   Specifies a list of tags to be removed.
@@ -948,7 +962,7 @@ module Aws::CloudTrail
     #   Specifies the name or the CloudTrail ARN of the trail for which
     #   CloudTrail logs AWS API calls. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -981,7 +995,7 @@ module Aws::CloudTrail
     #   CloudTrail will stop logging AWS API calls. The format of a trail ARN
     #   is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -1026,7 +1040,7 @@ module Aws::CloudTrail
     #
     #   If `Name` is a trail ARN, it must be in the format:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     # @option params [String] :s3_bucket_name
     #   Specifies the name of the Amazon S3 bucket designated for publishing
@@ -1099,9 +1113,9 @@ module Aws::CloudTrail
     #
     #   * alias/MyAliasName
     #
-    #   * arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
+    #   * arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
     #
-    #   * arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012
+    #   * arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
     #
     #   * 12345678-1234-1234-1234-123456789012
     #
@@ -1172,7 +1186,7 @@ module Aws::CloudTrail
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cloudtrail'
-      context[:gem_version] = '1.3.0'
+      context[:gem_version] = '1.4.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cloudtrail/client_api.rb

@@ -157,6 +157,8 @@ module Aws::CloudTrail
 
     Event.add_member(:event_id, Shapes::ShapeRef.new(shape: String, location_name: "EventId"))
     Event.add_member(:event_name, Shapes::ShapeRef.new(shape: String, location_name: "EventName"))
+    Event.add_member(:read_only, Shapes::ShapeRef.new(shape: String, location_name: "ReadOnly"))
+    Event.add_member(:access_key_id, Shapes::ShapeRef.new(shape: String, location_name: "AccessKeyId"))
     Event.add_member(:event_time, Shapes::ShapeRef.new(shape: Date, location_name: "EventTime"))
     Event.add_member(:event_source, Shapes::ShapeRef.new(shape: String, location_name: "EventSource"))
     Event.add_member(:username, Shapes::ShapeRef.new(shape: String, location_name: "Username"))
@@ -347,6 +349,7 @@ module Aws::CloudTrail
         "protocol" => "json",
         "serviceAbbreviation" => "CloudTrail",
         "serviceFullName" => "AWS CloudTrail",
+        "serviceId" => "CloudTrail",
         "signatureVersion" => "v4",
         "targetPrefix" => "com.amazonaws.cloudtrail.v20131101.CloudTrail_20131101",
         "uid" => "cloudtrail-2013-11-01",

data/lib/aws-sdk-cloudtrail/types.rb

@@ -27,7 +27,7 @@ module Aws::CloudTrail
     #   Specifies the ARN of the trail to which one or more tags will be
     #   added. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @!attribute [rw] tags_list
@@ -158,9 +158,9 @@ module Aws::CloudTrail
     #
     #   * alias/MyAliasName
     #
-    #   * arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
+    #   * arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
     #
-    #   * arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012
+    #   * arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
     #
     #   * 12345678-1234-1234-1234-123456789012
     #   @return [String]
@@ -212,7 +212,7 @@ module Aws::CloudTrail
     #   send notifications when log files are delivered. The format of a
     #   topic ARN is:
     #
-    #   `arn:aws:sns:us-east-1:123456789012:MyTopic`
+    #   `arn:aws:sns:us-east-2:123456789012:MyTopic`
     #   @return [String]
     #
     # @!attribute [rw] include_global_service_events
@@ -228,7 +228,7 @@ module Aws::CloudTrail
     #   Specifies the ARN of the trail that was created. The format of a
     #   trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @!attribute [rw] log_file_validation_enabled
@@ -250,7 +250,7 @@ module Aws::CloudTrail
     #   CloudTrail. The value is a fully specified ARN to a KMS key in the
     #   format:
     #
-    #   `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`
+    #   `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateTrailResponse AWS API Documentation
@@ -271,28 +271,57 @@ module Aws::CloudTrail
       include Aws::Structure
     end
 
-    # The Amazon S3 objects that you specify in your event selectors for
-    # your trail to log data events. Data events are object-level API
-    # operations that access S3 objects, such as `GetObject`,
-    # `DeleteObject`, and `PutObject`. You can specify up to 250 S3 buckets
-    # and object prefixes for a trail.
+    # The Amazon S3 buckets or AWS Lambda functions that you specify in your
+    # event selectors for your trail to log data events. Data events provide
+    # insight into the resource operations performed on or within a resource
+    # itself. These are also known as data plane operations. You can specify
+    # up to 250 data resources for a trail.
     #
-    # Example
+    # <note markdown="1"> The total number of allowed data resources is 250. This number can be
+    # distributed between 1 and 5 event selectors, but the total cannot
+    # exceed 250 across all selectors.
     #
-    # 1.  You create an event selector for a trail and specify an S3 bucket
-    #     and an empty prefix, such as `arn:aws:s3:::bucket-1/`.
+    #  </note>
     #
-    # 2.  You upload an image file to `bucket-1`.
+    # The following example demonstrates how logging works when you
+    # configure logging of all data events for an S3 bucket named
+    # `bucket-1`. In this example, the CloudTrail user spcified an empty
+    # prefix, and the option to log both `Read` and `Write` data events.
     #
-    # 3.  The `PutObject` API operation occurs on an object in the S3 bucket
-    #     that you specified in the event selector. The trail processes and
-    #     logs the event.
+    # 1.  A user uploads an image file to `bucket-1`.
     #
-    # 4.  You upload another image file to a different S3 bucket named
+    # 2.  The `PutObject` API operation is an Amazon S3 object-level API. It
+    #     is recorded as a data event in CloudTrail. Because the CloudTrail
+    #     user specified an S3 bucket with an empty prefix, events that
+    #     occur on any object in that bucket are logged. The trail processes
+    #     and logs the event.
+    #
+    # 3.  A user uploads an object to an Amazon S3 bucket named
     #     `arn:aws:s3:::bucket-2`.
     #
-    # 5.  The event occurs on an object in an S3 bucket that you didn't
-    #     specify in the event selector. The trail doesn’t log the event.
+    # 4.  The `PutObject` API operation occurred for an object in an S3
+    #     bucket that the CloudTrail user didn't specify for the trail. The
+    #     trail doesn’t log the event.
+    #
+    # The following example demonstrates how logging works when you
+    # configure logging of AWS Lambda data events for a Lambda function
+    # named *MyLambdaFunction*, but not for all AWS Lambda functions.
+    #
+    # 1.  A user runs a script that includes a call to the
+    #     *MyLambdaFunction* function and the *MyOtherLambdaFunction*
+    #     function.
+    #
+    # 2.  The `Invoke` API operation on *MyLambdaFunction* is an AWS Lambda
+    #     API. It is recorded as a data event in CloudTrail. Because the
+    #     CloudTrail user specified logging data events for
+    #     *MyLambdaFunction*, any invocations of that function are logged.
+    #     The trail processes and logs the event.
+    #
+    # 3.  The `Invoke` API operation on *MyOtherLambdaFunction* is an AWS
+    #     Lambda API. Because the CloudTrail user did not specify logging
+    #     data events for all Lambda functions, the `Invoke` operation for
+    #     *MyOtherLambdaFunction* does not match the function specified for
+    #     the trail. The trail doesn’t log the event.
     #
     # @note When making an API call, you may pass DataResource
     #   data as a hash:
@@ -304,20 +333,58 @@ module Aws::CloudTrail
     #
     # @!attribute [rw] type
     #   The resource type in which you want to log data events. You can
-    #   specify only the following value: `AWS::S3::Object`.
+    #   specify `AWS::S3::Object` or `AWS::Lambda::Function` resources.
     #   @return [String]
     #
     # @!attribute [rw] values
-    #   A list of ARN-like strings for the specified S3 objects.
+    #   An array of Amazon Resource Name (ARN) strings or partial ARN
+    #   strings for the specified objects.
+    #
+    #   * To log data events for all objects in all S3 buckets in your AWS
+    #     account, specify the prefix as `arn:aws:s3:::`.
+    #
+    #     <note markdown="1"> This will also enable logging of data event activity performed by
+    #     any user or role in your AWS account, even if that activity is
+    #     performed on a bucket that belongs to another AWS account.
+    #
+    #      </note>
+    #
+    #   * To log data events for all objects in all S3 buckets that include
+    #     *my-bucket* in their names, specify the prefix as
+    #     `aws:s3:::my-bucket`. The trail logs data events for all objects
+    #     in all buckets whose name contains a match for *my-bucket*.
+    #
+    #   * To log data events for all objects in an S3 bucket, specify the
+    #     bucket and an empty object prefix such as
+    #     `arn:aws:s3:::bucket-1/`. The trail logs data events for all
+    #     objects in this S3 bucket.
     #
-    #   To log data events for all objects in an S3 bucket, specify the
-    #   bucket and an empty object prefix such as `arn:aws:s3:::bucket-1/`.
-    #   The trail logs data events for all objects in this S3 bucket.
+    #   * To log data events for specific objects, specify the S3 bucket and
+    #     object prefix such as `arn:aws:s3:::bucket-1/example-images`. The
+    #     trail logs data events for objects in this S3 bucket that match
+    #     the prefix.
     #
-    #   To log data events for specific objects, specify the S3 bucket and
-    #   object prefix such as `arn:aws:s3:::bucket-1/example-images`. The
-    #   trail logs data events for objects in this S3 bucket that match the
-    #   prefix.
+    #   * To log data events for all functions in your AWS account, specify
+    #     the prefix as `arn:aws:lambda`.
+    #
+    #     <note markdown="1"> This will also enable logging of `Invoke` activity performed by
+    #     any user or role in your AWS account, even if that activity is
+    #     performed on a function that belongs to another AWS account.
+    #
+    #      </note>
+    #
+    #   * To log data eents for a specific Lambda function, specify the
+    #     function ARN.
+    #
+    #     <note markdown="1"> Lambda function ARNs are exact. Unlike S3, you cannot use
+    #     matching. For example, if you specify a function ARN
+    #     *arn:aws:lambda:us-west-2:111111111111:function:helloworld*, data
+    #     events will only be logged for
+    #     *arn:aws:lambda:us-west-2:111111111111:function:helloworld*. They
+    #     will not be logged for
+    #     *arn:aws:lambda:us-west-2:111111111111:function:helloworld2*.
+    #
+    #      </note>
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DataResource AWS API Documentation
@@ -340,7 +407,7 @@ module Aws::CloudTrail
     # @!attribute [rw] name
     #   Specifies the name or the CloudTrail ARN of the trail to be deleted.
     #   The format of a trail ARN is:
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteTrailRequest AWS API Documentation
@@ -371,7 +438,7 @@ module Aws::CloudTrail
     #   Specifies a list of trail names, trail ARNs, or both, of the trails
     #   to describe. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
     #   If an empty list is specified, information for the trail in the
     #   current region is returned.
@@ -430,6 +497,17 @@ module Aws::CloudTrail
     #   The name of the event returned.
     #   @return [String]
     #
+    # @!attribute [rw] read_only
+    #   Information about whether the event is a write event or a read
+    #   event.
+    #   @return [String]
+    #
+    # @!attribute [rw] access_key_id
+    #   The AWS access key ID that was used to sign the request. If the
+    #   request was made with temporary security credentials, this is the
+    #   access key ID of the temporary credentials.
+    #   @return [String]
+    #
     # @!attribute [rw] event_time
     #   The date and time of the event returned.
     #   @return [Time]
@@ -456,6 +534,8 @@ module Aws::CloudTrail
     class Event < Struct.new(
       :event_id,
       :event_name,
+      :read_only,
+      :access_key_id,
       :event_time,
       :event_source,
       :username,
@@ -464,12 +544,14 @@ module Aws::CloudTrail
       include Aws::Structure
     end
 
-    # Use event selectors to specify whether you want your trail to log
-    # management and/or data events. When an event occurs in your account,
-    # CloudTrail evaluates the event selector for all trails. For each
-    # trail, if the event matches any event selector, the trail processes
-    # and logs the event. If the event doesn't match any event selector,
-    # the trail doesn't log the event.
+    # Use event selectors to further specify the management and data event
+    # settings for your trail. By default, trails created without specific
+    # event selectors will be configured to log all read and write
+    # management events, and no data events. When an event occurs in your
+    # account, CloudTrail evaluates the event selector for all trails. For
+    # each trail, if the event matches any event selector, the trail
+    # processes and logs the event. If the event doesn't match any event
+    # selector, the trail doesn't log the event.
     #
     # You can configure up to five event selectors for a trail.
     #
@@ -511,15 +593,20 @@ module Aws::CloudTrail
     #   @return [Boolean]
     #
     # @!attribute [rw] data_resources
-    #   CloudTrail supports logging only data events for S3 objects. You can
-    #   specify up to 250 S3 buckets and object prefixes for a trail.
+    #   CloudTrail supports data event logging for Amazon S3 objects and AWS
+    #   Lambda functions. You can specify up to 250 resources for an
+    #   individual event selector, but the total number of data resources
+    #   cannot exceed 250 across all event selectors in a trail. This limit
+    #   does not apply if you configure resource logging for all data
+    #   events.
     #
-    #   For more information, see [Data Events][1] in the *AWS CloudTrail
-    #   User Guide*.
+    #   For more information, see [Data Events][1] and [Limits in AWS
+    #   CloudTrail][2] in the *AWS CloudTrail User Guide*.
     #
     #
     #
     #   [1]: http://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html#logging-data-events
+    #   [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html
     #   @return [Array<Types::DataResource>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/EventSelector AWS API Documentation
@@ -550,13 +637,13 @@ module Aws::CloudTrail
     #   * Be between 3 and 128 characters
     #
     #   * Have no adjacent periods, underscores or dashes. Names like
-    #     `my-_namespace` and `my--namespace` are invalid.
+    #     `my-_namespace` and `my--namespace` are not valid.
     #
     #   * Not be in IP address format (for example, 192.168.5.4)
     #
     #   If you specify a trail ARN, it must be in the format:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventSelectorsRequest AWS API Documentation
@@ -597,7 +684,7 @@ module Aws::CloudTrail
     #   replication of the trail in another region), you must specify its
     #   ARN. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetTrailStatusRequest AWS API Documentation
@@ -818,7 +905,7 @@ module Aws::CloudTrail
     #   Specifies a list of trail ARNs whose tags will be listed. The list
     #   has a limit of 20 ARNs. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [Array<String>]
     #
     # @!attribute [rw] next_token
@@ -858,7 +945,7 @@ module Aws::CloudTrail
     #   data as a hash:
     #
     #       {
-    #         attribute_key: "EventId", # required, accepts EventId, EventName, Username, ResourceType, ResourceName, EventSource
+    #         attribute_key: "EventId", # required, accepts EventId, EventName, ReadOnly, Username, ResourceType, ResourceName, EventSource, AccessKeyId
     #         attribute_value: "String", # required
     #       }
     #
@@ -886,7 +973,7 @@ module Aws::CloudTrail
     #       {
     #         lookup_attributes: [
     #           {
-    #             attribute_key: "EventId", # required, accepts EventId, EventName, Username, ResourceType, ResourceName, EventSource
+    #             attribute_key: "EventId", # required, accepts EventId, EventName, ReadOnly, Username, ResourceType, ResourceName, EventSource, AccessKeyId
     #             attribute_value: "String", # required
     #           },
     #         ],
@@ -915,7 +1002,7 @@ module Aws::CloudTrail
     #
     # @!attribute [rw] max_results
     #   The number of events to return. Possible values are 1 through 50.
-    #   The default is 10.
+    #   The default is 50.
     #   @return [Integer]
     #
     # @!attribute [rw] next_token
@@ -1028,7 +1115,7 @@ module Aws::CloudTrail
     #
     #   If you specify a trail ARN, it must be in the format:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @!attribute [rw] event_selectors
@@ -1048,7 +1135,7 @@ module Aws::CloudTrail
     #   Specifies the ARN of the trail that was updated with event
     #   selectors. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @!attribute [rw] event_selectors
@@ -1082,7 +1169,7 @@ module Aws::CloudTrail
     #   Specifies the ARN of the trail from which tags should be removed.
     #   The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @!attribute [rw] tags_list
@@ -1166,7 +1253,7 @@ module Aws::CloudTrail
     #   Specifies the name or the CloudTrail ARN of the trail for which
     #   CloudTrail logs AWS API calls. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartLoggingRequest AWS API Documentation
@@ -1198,7 +1285,7 @@ module Aws::CloudTrail
     #   CloudTrail will stop logging AWS API calls. The format of a trail
     #   ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StopLoggingRequest AWS API Documentation
@@ -1281,7 +1368,7 @@ module Aws::CloudTrail
     #   send notifications when log files are delivered. The format of a
     #   topic ARN is:
     #
-    #   `arn:aws:sns:us-east-1:123456789012:MyTopic`
+    #   `arn:aws:sns:us-east-2:123456789012:MyTopic`
     #   @return [String]
     #
     # @!attribute [rw] include_global_service_events
@@ -1301,7 +1388,7 @@ module Aws::CloudTrail
     # @!attribute [rw] trail_arn
     #   Specifies the ARN of the trail. The format of a trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @!attribute [rw] log_file_validation_enabled
@@ -1323,7 +1410,7 @@ module Aws::CloudTrail
     #   CloudTrail. The value is a fully specified ARN to a KMS key in the
     #   format:
     #
-    #   `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`
+    #   `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
     #   @return [String]
     #
     # @!attribute [rw] has_custom_event_selectors
@@ -1386,7 +1473,7 @@ module Aws::CloudTrail
     #
     #   If `Name` is a trail ARN, it must be in the format:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @!attribute [rw] s3_bucket_name
@@ -1468,9 +1555,9 @@ module Aws::CloudTrail
     #
     #   * alias/MyAliasName
     #
-    #   * arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
+    #   * arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
     #
-    #   * arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012
+    #   * arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
     #
     #   * 12345678-1234-1234-1234-123456789012
     #   @return [String]
@@ -1522,7 +1609,7 @@ module Aws::CloudTrail
     #   send notifications when log files are delivered. The format of a
     #   topic ARN is:
     #
-    #   `arn:aws:sns:us-east-1:123456789012:MyTopic`
+    #   `arn:aws:sns:us-east-2:123456789012:MyTopic`
     #   @return [String]
     #
     # @!attribute [rw] include_global_service_events
@@ -1538,7 +1625,7 @@ module Aws::CloudTrail
     #   Specifies the ARN of the trail that was updated. The format of a
     #   trail ARN is:
     #
-    #   `arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail`
+    #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #   @return [String]
     #
     # @!attribute [rw] log_file_validation_enabled
@@ -1560,7 +1647,7 @@ module Aws::CloudTrail
     #   CloudTrail. The value is a fully specified ARN to a KMS key in the
     #   format:
     #
-    #   `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`
+    #   `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateTrailResponse AWS API Documentation

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-cloudtrail
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.4.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-09-06 00:00:00.000000000 Z
+date: 2018-10-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core