aws-sdk-cloudtrail 1.35.0 → 1.39.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-cloudtrail/client.rb +88 -69
- data/lib/aws-sdk-cloudtrail/types.rb +226 -177
- data/lib/aws-sdk-cloudtrail.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f5c656b7e96bf3ec90fbef8163d3eb493e201aba6d79e6aa8878421775e8724d
|
4
|
+
data.tar.gz: 2ce299b6b65c8091b5a2e3eece9ac36c3a1b77b91c386566e2ed99ed52bc0f3b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 32a4f46d96e16b4cf61545e68099868699be0b8722d027b63fae433b08ce6dab80aa5455f57e4d9cf0fe76e35ce55c4f7fedef6bfe86dfaa0b3609db462ae54a
|
7
|
+
data.tar.gz: 4cf145c34f04bce877bed196594c1872709f9f734e46fbac6b318b046075de22994d8a7efc660abe7b420ef50a144610201896a709b7ba7e6b03f6c0f7a1e4dc
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,26 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.39.0 (2021-10-18)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
8
|
+
|
9
|
+
1.38.0 (2021-09-01)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Documentation updates for CloudTrail
|
13
|
+
|
14
|
+
1.37.0 (2021-07-30)
|
15
|
+
------------------
|
16
|
+
|
17
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
18
|
+
|
19
|
+
1.36.0 (2021-07-28)
|
20
|
+
------------------
|
21
|
+
|
22
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
23
|
+
|
4
24
|
1.35.0 (2021-06-04)
|
5
25
|
------------------
|
6
26
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.39.0
|
@@ -342,9 +342,9 @@ module Aws::CloudTrail
|
|
342
342
|
# tag key. Tag key names must be unique for a trail; you cannot have two
|
343
343
|
# keys with the same name but different values. If you specify a key
|
344
344
|
# without a value, the tag will be created with the specified key and a
|
345
|
-
# value of null. You can tag a trail that applies to all
|
346
|
-
# only from the Region in which the trail was created
|
347
|
-
# home region).
|
345
|
+
# value of null. You can tag a trail that applies to all Amazon Web
|
346
|
+
# Services Regions only from the Region in which the trail was created
|
347
|
+
# (also known as its home region).
|
348
348
|
#
|
349
349
|
# @option params [required, String] :resource_id
|
350
350
|
# Specifies the ARN of the trail to which one or more tags will be
|
@@ -353,7 +353,7 @@ module Aws::CloudTrail
|
|
353
353
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
354
354
|
#
|
355
355
|
# @option params [Array<Types::Tag>] :tags_list
|
356
|
-
# Contains a list of
|
356
|
+
# Contains a list of tags, up to a limit of 50
|
357
357
|
#
|
358
358
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
359
359
|
#
|
@@ -393,7 +393,7 @@ module Aws::CloudTrail
|
|
393
393
|
# * Be between 3 and 128 characters
|
394
394
|
#
|
395
395
|
# * Have no adjacent periods, underscores or dashes. Names like
|
396
|
-
# `my-_namespace` and `my--namespace` are
|
396
|
+
# `my-_namespace` and `my--namespace` are not valid.
|
397
397
|
#
|
398
398
|
# * Not be in IP address format (for example, 192.168.5.4)
|
399
399
|
#
|
@@ -434,7 +434,7 @@ module Aws::CloudTrail
|
|
434
434
|
# default is false.
|
435
435
|
#
|
436
436
|
# <note markdown="1"> When you disable log file integrity validation, the chain of digest
|
437
|
-
# files is broken after one hour. CloudTrail
|
437
|
+
# files is broken after one hour. CloudTrail does not create digest
|
438
438
|
# files for log files that were delivered during a period in which log
|
439
439
|
# file integrity validation was disabled. For example, if you enable log
|
440
440
|
# file integrity validation at noon on January 1, disable it at noon on
|
@@ -449,7 +449,7 @@ module Aws::CloudTrail
|
|
449
449
|
# Specifies a log group name using an Amazon Resource Name (ARN), a
|
450
450
|
# unique identifier that represents the log group to which CloudTrail
|
451
451
|
# logs will be delivered. Not required unless you specify
|
452
|
-
# CloudWatchLogsRoleArn
|
452
|
+
# `CloudWatchLogsRoleArn`.
|
453
453
|
#
|
454
454
|
# @option params [String] :cloud_watch_logs_role_arn
|
455
455
|
# Specifies the role for the CloudWatch Logs endpoint to assume to write
|
@@ -461,6 +461,10 @@ module Aws::CloudTrail
|
|
461
461
|
# fully specified ARN to an alias, a fully specified ARN to a key, or a
|
462
462
|
# globally unique identifier.
|
463
463
|
#
|
464
|
+
# CloudTrail also supports KMS multi-Region keys. For more information
|
465
|
+
# about multi-Region keys, see [Using multi-Region keys][1] in the *Key
|
466
|
+
# Management Service Developer Guide*.
|
467
|
+
#
|
464
468
|
# Examples:
|
465
469
|
#
|
466
470
|
# * alias/MyAliasName
|
@@ -471,12 +475,16 @@ module Aws::CloudTrail
|
|
471
475
|
#
|
472
476
|
# * 12345678-1234-1234-1234-123456789012
|
473
477
|
#
|
478
|
+
#
|
479
|
+
#
|
480
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
|
481
|
+
#
|
474
482
|
# @option params [Boolean] :is_organization_trail
|
475
483
|
# Specifies whether the trail is created for all accounts in an
|
476
|
-
# organization in
|
477
|
-
# account. The default is false, and cannot be true unless the
|
478
|
-
# made on behalf of an
|
479
|
-
# organization in
|
484
|
+
# organization in Organizations, or only for the current Amazon Web
|
485
|
+
# Services account. The default is false, and cannot be true unless the
|
486
|
+
# call is made on behalf of an Amazon Web Services account that is the
|
487
|
+
# management account for an organization in Organizations.
|
480
488
|
#
|
481
489
|
# @option params [Array<Types::Tag>] :tags_list
|
482
490
|
# A list of tags.
|
@@ -551,7 +559,7 @@ module Aws::CloudTrail
|
|
551
559
|
#
|
552
560
|
# @option params [required, String] :name
|
553
561
|
# Specifies the name or the CloudTrail ARN of the trail to be deleted.
|
554
|
-
# The format of a trail ARN
|
562
|
+
# The following is the format of a trail ARN.
|
555
563
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
556
564
|
#
|
557
565
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
@@ -659,7 +667,7 @@ module Aws::CloudTrail
|
|
659
667
|
# you are logging data events.
|
660
668
|
#
|
661
669
|
# For more information, see [Logging Data and Management Events for
|
662
|
-
# Trails ][1] in the *
|
670
|
+
# Trails ][1] in the *CloudTrail User Guide*.
|
663
671
|
#
|
664
672
|
#
|
665
673
|
#
|
@@ -743,7 +751,7 @@ module Aws::CloudTrail
|
|
743
751
|
# exception `InsightNotEnabledException`
|
744
752
|
#
|
745
753
|
# For more information, see [Logging CloudTrail Insights Events for
|
746
|
-
# Trails ][1] in the *
|
754
|
+
# Trails ][1] in the *CloudTrail User Guide*.
|
747
755
|
#
|
748
756
|
#
|
749
757
|
#
|
@@ -850,7 +858,7 @@ module Aws::CloudTrail
|
|
850
858
|
# Specifies the name or the CloudTrail ARN of the trail for which you
|
851
859
|
# are requesting status. To get the status of a shadow trail (a
|
852
860
|
# replication of the trail in another region), you must specify its ARN.
|
853
|
-
# The format of a trail ARN
|
861
|
+
# The following is the format of a trail ARN.
|
854
862
|
#
|
855
863
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
856
864
|
#
|
@@ -914,10 +922,10 @@ module Aws::CloudTrail
|
|
914
922
|
# to validate digest files that were signed with its corresponding
|
915
923
|
# private key.
|
916
924
|
#
|
917
|
-
# <note markdown="1"> CloudTrail uses different private
|
918
|
-
# digest file is signed with a private key unique to its region.
|
919
|
-
#
|
920
|
-
#
|
925
|
+
# <note markdown="1"> CloudTrail uses different private and public key pairs per region.
|
926
|
+
# Each digest file is signed with a private key unique to its region.
|
927
|
+
# When you validate a digest file from a specific region, you must look
|
928
|
+
# in the same region for its corresponding public key.
|
921
929
|
#
|
922
930
|
# </note>
|
923
931
|
#
|
@@ -971,7 +979,7 @@ module Aws::CloudTrail
|
|
971
979
|
#
|
972
980
|
# @option params [required, Array<String>] :resource_id_list
|
973
981
|
# Specifies a list of trail ARNs whose tags will be listed. The list has
|
974
|
-
# a limit of 20 ARNs. The format of a trail ARN
|
982
|
+
# a limit of 20 ARNs. The following is the format of a trail ARN.
|
975
983
|
#
|
976
984
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
977
985
|
#
|
@@ -1054,7 +1062,7 @@ module Aws::CloudTrail
|
|
1054
1062
|
# in a region within the last 90 days. Lookup supports the following
|
1055
1063
|
# attributes for management events:
|
1056
1064
|
#
|
1057
|
-
# *
|
1065
|
+
# * Amazon Web Services access key
|
1058
1066
|
#
|
1059
1067
|
# * Event ID
|
1060
1068
|
#
|
@@ -1204,7 +1212,7 @@ module Aws::CloudTrail
|
|
1204
1212
|
#
|
1205
1213
|
# You can configure up to five event selectors for each trail. For more
|
1206
1214
|
# information, see [Logging data and management events for trails ][1]
|
1207
|
-
# and [Quotas in
|
1215
|
+
# and [Quotas in CloudTrail][2] in the *CloudTrail User Guide*.
|
1208
1216
|
#
|
1209
1217
|
# You can add advanced event selectors, and conditions for your advanced
|
1210
1218
|
# event selectors, up to a maximum of 500 values for all conditions and
|
@@ -1212,7 +1220,7 @@ module Aws::CloudTrail
|
|
1212
1220
|
# `EventSelectors`, but not both. If you apply `AdvancedEventSelectors`
|
1213
1221
|
# to a trail, any existing `EventSelectors` are overwritten. For more
|
1214
1222
|
# information about advanced event selectors, see [Logging data events
|
1215
|
-
# for trails][3] in the *
|
1223
|
+
# for trails][3] in the *CloudTrail User Guide*.
|
1216
1224
|
#
|
1217
1225
|
#
|
1218
1226
|
#
|
@@ -1232,11 +1240,11 @@ module Aws::CloudTrail
|
|
1232
1240
|
# * Be between 3 and 128 characters
|
1233
1241
|
#
|
1234
1242
|
# * Have no adjacent periods, underscores or dashes. Names like
|
1235
|
-
# `my-_namespace` and `my--namespace` are
|
1243
|
+
# `my-_namespace` and `my--namespace` are not valid.
|
1236
1244
|
#
|
1237
1245
|
# * Not be in IP address format (for example, 192.168.5.4)
|
1238
1246
|
#
|
1239
|
-
# If you specify a trail ARN, it must be in the format
|
1247
|
+
# If you specify a trail ARN, it must be in the following format.
|
1240
1248
|
#
|
1241
1249
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
1242
1250
|
#
|
@@ -1255,7 +1263,7 @@ module Aws::CloudTrail
|
|
1255
1263
|
# `EventSelectors`, but not both. If you apply `AdvancedEventSelectors`
|
1256
1264
|
# to a trail, any existing `EventSelectors` are overwritten. For more
|
1257
1265
|
# information about advanced event selectors, see [Logging data events
|
1258
|
-
# for trails][1] in the *
|
1266
|
+
# for trails][1] in the *CloudTrail User Guide*.
|
1259
1267
|
#
|
1260
1268
|
#
|
1261
1269
|
#
|
@@ -1343,17 +1351,17 @@ module Aws::CloudTrail
|
|
1343
1351
|
# Lets you enable Insights event logging by specifying the Insights
|
1344
1352
|
# selectors that you want to enable on an existing trail. You also use
|
1345
1353
|
# `PutInsightSelectors` to turn off Insights event logging, by passing
|
1346
|
-
# an empty list of insight types.
|
1347
|
-
#
|
1354
|
+
# an empty list of insight types. The valid Insights event type in this
|
1355
|
+
# release is `ApiCallRateInsight`.
|
1348
1356
|
#
|
1349
1357
|
# @option params [required, String] :trail_name
|
1350
1358
|
# The name of the CloudTrail trail for which you want to change or add
|
1351
1359
|
# Insights selectors.
|
1352
1360
|
#
|
1353
1361
|
# @option params [required, Array<Types::InsightSelector>] :insight_selectors
|
1354
|
-
# A JSON string that contains the
|
1355
|
-
# trail.
|
1356
|
-
#
|
1362
|
+
# A JSON string that contains the Insights types that you want to log on
|
1363
|
+
# a trail. The valid Insights type in this release is
|
1364
|
+
# `ApiCallRateInsight`.
|
1357
1365
|
#
|
1358
1366
|
# @return [Types::PutInsightSelectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1359
1367
|
#
|
@@ -1420,15 +1428,17 @@ module Aws::CloudTrail
|
|
1420
1428
|
req.send_request(options)
|
1421
1429
|
end
|
1422
1430
|
|
1423
|
-
# Starts the recording of
|
1424
|
-
# trail. For a trail that is enabled in all regions, this
|
1425
|
-
# be called from the region in which the trail was
|
1426
|
-
# operation cannot be called on the shadow trails
|
1427
|
-
# other regions) of a trail that is enabled in all
|
1431
|
+
# Starts the recording of Amazon Web Services API calls and log file
|
1432
|
+
# delivery for a trail. For a trail that is enabled in all regions, this
|
1433
|
+
# operation must be called from the region in which the trail was
|
1434
|
+
# created. This operation cannot be called on the shadow trails
|
1435
|
+
# (replicated trails in other regions) of a trail that is enabled in all
|
1436
|
+
# regions.
|
1428
1437
|
#
|
1429
1438
|
# @option params [required, String] :name
|
1430
1439
|
# Specifies the name or the CloudTrail ARN of the trail for which
|
1431
|
-
# CloudTrail logs
|
1440
|
+
# CloudTrail logs Amazon Web Services API calls. The following is the
|
1441
|
+
# format of a trail ARN.
|
1432
1442
|
#
|
1433
1443
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
1434
1444
|
#
|
@@ -1449,19 +1459,20 @@ module Aws::CloudTrail
|
|
1449
1459
|
req.send_request(options)
|
1450
1460
|
end
|
1451
1461
|
|
1452
|
-
# Suspends the recording of
|
1453
|
-
# specified trail. Under most circumstances, there is
|
1454
|
-
# this action. You can update a trail without stopping it
|
1455
|
-
# action is the only way to stop recording. For a trail
|
1456
|
-
# regions, this operation must be called from the region
|
1457
|
-
# trail was created, or an `InvalidHomeRegionException`
|
1458
|
-
# operation cannot be called on the shadow trails
|
1459
|
-
# other regions) of a trail enabled in all
|
1462
|
+
# Suspends the recording of Amazon Web Services API calls and log file
|
1463
|
+
# delivery for the specified trail. Under most circumstances, there is
|
1464
|
+
# no need to use this action. You can update a trail without stopping it
|
1465
|
+
# first. This action is the only way to stop recording. For a trail
|
1466
|
+
# enabled in all regions, this operation must be called from the region
|
1467
|
+
# in which the trail was created, or an `InvalidHomeRegionException`
|
1468
|
+
# will occur. This operation cannot be called on the shadow trails
|
1469
|
+
# (replicated trails in other regions) of a trail enabled in all
|
1470
|
+
# regions.
|
1460
1471
|
#
|
1461
1472
|
# @option params [required, String] :name
|
1462
1473
|
# Specifies the name or the CloudTrail ARN of the trail for which
|
1463
|
-
# CloudTrail will stop logging
|
1464
|
-
# is
|
1474
|
+
# CloudTrail will stop logging Amazon Web Services API calls. The
|
1475
|
+
# following is the format of a trail ARN.
|
1465
1476
|
#
|
1466
1477
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
1467
1478
|
#
|
@@ -1482,13 +1493,13 @@ module Aws::CloudTrail
|
|
1482
1493
|
req.send_request(options)
|
1483
1494
|
end
|
1484
1495
|
|
1485
|
-
# Updates
|
1486
|
-
#
|
1487
|
-
#
|
1488
|
-
# bucket
|
1489
|
-
#
|
1490
|
-
# region in which the trail was
|
1491
|
-
# `InvalidHomeRegionException` is thrown.
|
1496
|
+
# Updates trail settings that control what events you are logging, and
|
1497
|
+
# how to handle log files. Changes to a trail do not require stopping
|
1498
|
+
# the CloudTrail service. Use this action to designate an existing
|
1499
|
+
# bucket for log delivery. If the existing bucket has previously been a
|
1500
|
+
# target for CloudTrail log files, an IAM policy exists for the bucket.
|
1501
|
+
# `UpdateTrail` must be called from the region in which the trail was
|
1502
|
+
# created; otherwise, an `InvalidHomeRegionException` is thrown.
|
1492
1503
|
#
|
1493
1504
|
# @option params [required, String] :name
|
1494
1505
|
# Specifies the name of the trail or trail ARN. If `Name` is a trail
|
@@ -1502,11 +1513,11 @@ module Aws::CloudTrail
|
|
1502
1513
|
# * Be between 3 and 128 characters
|
1503
1514
|
#
|
1504
1515
|
# * Have no adjacent periods, underscores or dashes. Names like
|
1505
|
-
# `my-_namespace` and `my--namespace` are
|
1516
|
+
# `my-_namespace` and `my--namespace` are not valid.
|
1506
1517
|
#
|
1507
1518
|
# * Not be in IP address format (for example, 192.168.5.4)
|
1508
1519
|
#
|
1509
|
-
# If `Name` is a trail ARN, it must be in the format
|
1520
|
+
# If `Name` is a trail ARN, it must be in the following format.
|
1510
1521
|
#
|
1511
1522
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
1512
1523
|
#
|
@@ -1551,7 +1562,7 @@ module Aws::CloudTrail
|
|
1551
1562
|
# false.
|
1552
1563
|
#
|
1553
1564
|
# <note markdown="1"> When you disable log file integrity validation, the chain of digest
|
1554
|
-
# files is broken after one hour. CloudTrail
|
1565
|
+
# files is broken after one hour. CloudTrail does not create digest
|
1555
1566
|
# files for log files that were delivered during a period in which log
|
1556
1567
|
# file integrity validation was disabled. For example, if you enable log
|
1557
1568
|
# file integrity validation at noon on January 1, disable it at noon on
|
@@ -1565,8 +1576,8 @@ module Aws::CloudTrail
|
|
1565
1576
|
# @option params [String] :cloud_watch_logs_log_group_arn
|
1566
1577
|
# Specifies a log group name using an Amazon Resource Name (ARN), a
|
1567
1578
|
# unique identifier that represents the log group to which CloudTrail
|
1568
|
-
# logs
|
1569
|
-
# CloudWatchLogsRoleArn
|
1579
|
+
# logs are delivered. Not required unless you specify
|
1580
|
+
# `CloudWatchLogsRoleArn`.
|
1570
1581
|
#
|
1571
1582
|
# @option params [String] :cloud_watch_logs_role_arn
|
1572
1583
|
# Specifies the role for the CloudWatch Logs endpoint to assume to write
|
@@ -1578,6 +1589,10 @@ module Aws::CloudTrail
|
|
1578
1589
|
# fully specified ARN to an alias, a fully specified ARN to a key, or a
|
1579
1590
|
# globally unique identifier.
|
1580
1591
|
#
|
1592
|
+
# CloudTrail also supports KMS multi-Region keys. For more information
|
1593
|
+
# about multi-Region keys, see [Using multi-Region keys][1] in the *Key
|
1594
|
+
# Management Service Developer Guide*.
|
1595
|
+
#
|
1581
1596
|
# Examples:
|
1582
1597
|
#
|
1583
1598
|
# * alias/MyAliasName
|
@@ -1588,17 +1603,21 @@ module Aws::CloudTrail
|
|
1588
1603
|
#
|
1589
1604
|
# * 12345678-1234-1234-1234-123456789012
|
1590
1605
|
#
|
1606
|
+
#
|
1607
|
+
#
|
1608
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
|
1609
|
+
#
|
1591
1610
|
# @option params [Boolean] :is_organization_trail
|
1592
1611
|
# Specifies whether the trail is applied to all accounts in an
|
1593
|
-
# organization in
|
1594
|
-
# account. The default is false, and cannot be true unless the
|
1595
|
-
# made on behalf of an
|
1596
|
-
# organization in
|
1597
|
-
# trail and this is set to true
|
1598
|
-
#
|
1599
|
-
# organization
|
1600
|
-
# the
|
1601
|
-
# organization.
|
1612
|
+
# organization in Organizations, or only for the current Amazon Web
|
1613
|
+
# Services account. The default is false, and cannot be true unless the
|
1614
|
+
# call is made on behalf of an Amazon Web Services account that is the
|
1615
|
+
# management account for an organization in Organizations. If the trail
|
1616
|
+
# is not an organization trail and this is set to `true`, the trail will
|
1617
|
+
# be created in all Amazon Web Services accounts that belong to the
|
1618
|
+
# organization. If the trail is an organization trail and this is set to
|
1619
|
+
# `false`, the trail will remain in the current Amazon Web Services
|
1620
|
+
# account but be deleted from all member accounts in the organization.
|
1602
1621
|
#
|
1603
1622
|
# @return [Types::UpdateTrailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1604
1623
|
#
|
@@ -1670,7 +1689,7 @@ module Aws::CloudTrail
|
|
1670
1689
|
params: params,
|
1671
1690
|
config: config)
|
1672
1691
|
context[:gem_name] = 'aws-sdk-cloudtrail'
|
1673
|
-
context[:gem_version] = '1.
|
1692
|
+
context[:gem_version] = '1.39.0'
|
1674
1693
|
Seahorse::Client::Request.new(handlers, context)
|
1675
1694
|
end
|
1676
1695
|
|