aws-sdk-cloudtrail 1.37.0 → 1.41.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-cloudtrail/client.rb +100 -72
- data/lib/aws-sdk-cloudtrail/types.rb +273 -183
- data/lib/aws-sdk-cloudtrail.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4b92a07ba9edecc0f52afbd727f08d54ef9a7fa9b454c4cc9ffc869a55591302
|
|
4
|
+
data.tar.gz: f46b705efdd6fc51f9a19b3c88029f438749e0a24302c1bec024e0b706536d77
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2a035d3ed2d768d321bce056e729bb568d30deb1144505650c3f549679a2a445e43047cf3ad1fa8053231ed3c374853c94a6357e6909b3dcd2e222047fb0a4ec
|
|
7
|
+
data.tar.gz: f1e2e103fd8439529afd282a707144cbb7e0be545ff61f8e790a9c6a0f3dbb9b78e8e21f8467b9eb82b29b30839f9f1bd3ff826f9e11573395a4c939e4030724
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,26 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.41.0 (2021-11-16)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - CloudTrail Insights now supports ApiErrorRateInsight, which enables customers to identify unusual activity in their AWS account based on API error codes and their rate.
|
|
8
|
+
|
|
9
|
+
1.40.0 (2021-11-04)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
13
|
+
|
|
14
|
+
1.39.0 (2021-10-18)
|
|
15
|
+
------------------
|
|
16
|
+
|
|
17
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
18
|
+
|
|
19
|
+
1.38.0 (2021-09-01)
|
|
20
|
+
------------------
|
|
21
|
+
|
|
22
|
+
* Feature - Documentation updates for CloudTrail
|
|
23
|
+
|
|
4
24
|
1.37.0 (2021-07-30)
|
|
5
25
|
------------------
|
|
6
26
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.41.0
|
|
@@ -285,6 +285,15 @@ module Aws::CloudTrail
|
|
|
285
285
|
# ** Please note ** When response stubbing is enabled, no HTTP
|
|
286
286
|
# requests are made, and retries are disabled.
|
|
287
287
|
#
|
|
288
|
+
# @option options [Boolean] :use_dualstack_endpoint
|
|
289
|
+
# When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
|
|
290
|
+
# will be used if available.
|
|
291
|
+
#
|
|
292
|
+
# @option options [Boolean] :use_fips_endpoint
|
|
293
|
+
# When set to `true`, fips compatible endpoints will be used if available.
|
|
294
|
+
# When a `fips` region is used, the region is normalized and this config
|
|
295
|
+
# is set to `true`.
|
|
296
|
+
#
|
|
288
297
|
# @option options [Boolean] :validate_params (true)
|
|
289
298
|
# When `true`, request parameters are validated before
|
|
290
299
|
# sending the request.
|
|
@@ -342,9 +351,9 @@ module Aws::CloudTrail
|
|
|
342
351
|
# tag key. Tag key names must be unique for a trail; you cannot have two
|
|
343
352
|
# keys with the same name but different values. If you specify a key
|
|
344
353
|
# without a value, the tag will be created with the specified key and a
|
|
345
|
-
# value of null. You can tag a trail that applies to all
|
|
346
|
-
# only from the Region in which the trail was created
|
|
347
|
-
# home region).
|
|
354
|
+
# value of null. You can tag a trail that applies to all Amazon Web
|
|
355
|
+
# Services Regions only from the Region in which the trail was created
|
|
356
|
+
# (also known as its home region).
|
|
348
357
|
#
|
|
349
358
|
# @option params [required, String] :resource_id
|
|
350
359
|
# Specifies the ARN of the trail to which one or more tags will be
|
|
@@ -353,7 +362,7 @@ module Aws::CloudTrail
|
|
|
353
362
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
|
354
363
|
#
|
|
355
364
|
# @option params [Array<Types::Tag>] :tags_list
|
|
356
|
-
# Contains a list of
|
|
365
|
+
# Contains a list of tags, up to a limit of 50
|
|
357
366
|
#
|
|
358
367
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
359
368
|
#
|
|
@@ -393,7 +402,7 @@ module Aws::CloudTrail
|
|
|
393
402
|
# * Be between 3 and 128 characters
|
|
394
403
|
#
|
|
395
404
|
# * Have no adjacent periods, underscores or dashes. Names like
|
|
396
|
-
# `my-_namespace` and `my--namespace` are
|
|
405
|
+
# `my-_namespace` and `my--namespace` are not valid.
|
|
397
406
|
#
|
|
398
407
|
# * Not be in IP address format (for example, 192.168.5.4)
|
|
399
408
|
#
|
|
@@ -434,7 +443,7 @@ module Aws::CloudTrail
|
|
|
434
443
|
# default is false.
|
|
435
444
|
#
|
|
436
445
|
# <note markdown="1"> When you disable log file integrity validation, the chain of digest
|
|
437
|
-
# files is broken after one hour. CloudTrail
|
|
446
|
+
# files is broken after one hour. CloudTrail does not create digest
|
|
438
447
|
# files for log files that were delivered during a period in which log
|
|
439
448
|
# file integrity validation was disabled. For example, if you enable log
|
|
440
449
|
# file integrity validation at noon on January 1, disable it at noon on
|
|
@@ -449,7 +458,7 @@ module Aws::CloudTrail
|
|
|
449
458
|
# Specifies a log group name using an Amazon Resource Name (ARN), a
|
|
450
459
|
# unique identifier that represents the log group to which CloudTrail
|
|
451
460
|
# logs will be delivered. Not required unless you specify
|
|
452
|
-
# CloudWatchLogsRoleArn
|
|
461
|
+
# `CloudWatchLogsRoleArn`.
|
|
453
462
|
#
|
|
454
463
|
# @option params [String] :cloud_watch_logs_role_arn
|
|
455
464
|
# Specifies the role for the CloudWatch Logs endpoint to assume to write
|
|
@@ -461,6 +470,10 @@ module Aws::CloudTrail
|
|
|
461
470
|
# fully specified ARN to an alias, a fully specified ARN to a key, or a
|
|
462
471
|
# globally unique identifier.
|
|
463
472
|
#
|
|
473
|
+
# CloudTrail also supports KMS multi-Region keys. For more information
|
|
474
|
+
# about multi-Region keys, see [Using multi-Region keys][1] in the *Key
|
|
475
|
+
# Management Service Developer Guide*.
|
|
476
|
+
#
|
|
464
477
|
# Examples:
|
|
465
478
|
#
|
|
466
479
|
# * alias/MyAliasName
|
|
@@ -471,12 +484,16 @@ module Aws::CloudTrail
|
|
|
471
484
|
#
|
|
472
485
|
# * 12345678-1234-1234-1234-123456789012
|
|
473
486
|
#
|
|
487
|
+
#
|
|
488
|
+
#
|
|
489
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
|
|
490
|
+
#
|
|
474
491
|
# @option params [Boolean] :is_organization_trail
|
|
475
492
|
# Specifies whether the trail is created for all accounts in an
|
|
476
|
-
# organization in
|
|
477
|
-
# account. The default is false, and cannot be true unless the
|
|
478
|
-
# made on behalf of an
|
|
479
|
-
# organization in
|
|
493
|
+
# organization in Organizations, or only for the current Amazon Web
|
|
494
|
+
# Services account. The default is false, and cannot be true unless the
|
|
495
|
+
# call is made on behalf of an Amazon Web Services account that is the
|
|
496
|
+
# management account for an organization in Organizations.
|
|
480
497
|
#
|
|
481
498
|
# @option params [Array<Types::Tag>] :tags_list
|
|
482
499
|
# A list of tags.
|
|
@@ -551,7 +568,7 @@ module Aws::CloudTrail
|
|
|
551
568
|
#
|
|
552
569
|
# @option params [required, String] :name
|
|
553
570
|
# Specifies the name or the CloudTrail ARN of the trail to be deleted.
|
|
554
|
-
# The format of a trail ARN
|
|
571
|
+
# The following is the format of a trail ARN.
|
|
555
572
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
|
556
573
|
#
|
|
557
574
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
@@ -659,7 +676,7 @@ module Aws::CloudTrail
|
|
|
659
676
|
# you are logging data events.
|
|
660
677
|
#
|
|
661
678
|
# For more information, see [Logging Data and Management Events for
|
|
662
|
-
# Trails ][1] in the *
|
|
679
|
+
# Trails ][1] in the *CloudTrail User Guide*.
|
|
663
680
|
#
|
|
664
681
|
#
|
|
665
682
|
#
|
|
@@ -743,7 +760,7 @@ module Aws::CloudTrail
|
|
|
743
760
|
# exception `InsightNotEnabledException`
|
|
744
761
|
#
|
|
745
762
|
# For more information, see [Logging CloudTrail Insights Events for
|
|
746
|
-
# Trails ][1] in the *
|
|
763
|
+
# Trails ][1] in the *CloudTrail User Guide*.
|
|
747
764
|
#
|
|
748
765
|
#
|
|
749
766
|
#
|
|
@@ -784,7 +801,7 @@ module Aws::CloudTrail
|
|
|
784
801
|
#
|
|
785
802
|
# resp.trail_arn #=> String
|
|
786
803
|
# resp.insight_selectors #=> Array
|
|
787
|
-
# resp.insight_selectors[0].insight_type #=> String, one of "ApiCallRateInsight"
|
|
804
|
+
# resp.insight_selectors[0].insight_type #=> String, one of "ApiCallRateInsight", "ApiErrorRateInsight"
|
|
788
805
|
#
|
|
789
806
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetInsightSelectors AWS API Documentation
|
|
790
807
|
#
|
|
@@ -850,7 +867,7 @@ module Aws::CloudTrail
|
|
|
850
867
|
# Specifies the name or the CloudTrail ARN of the trail for which you
|
|
851
868
|
# are requesting status. To get the status of a shadow trail (a
|
|
852
869
|
# replication of the trail in another region), you must specify its ARN.
|
|
853
|
-
# The format of a trail ARN
|
|
870
|
+
# The following is the format of a trail ARN.
|
|
854
871
|
#
|
|
855
872
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
|
856
873
|
#
|
|
@@ -914,10 +931,10 @@ module Aws::CloudTrail
|
|
|
914
931
|
# to validate digest files that were signed with its corresponding
|
|
915
932
|
# private key.
|
|
916
933
|
#
|
|
917
|
-
# <note markdown="1"> CloudTrail uses different private
|
|
918
|
-
# digest file is signed with a private key unique to its region.
|
|
919
|
-
#
|
|
920
|
-
#
|
|
934
|
+
# <note markdown="1"> CloudTrail uses different private and public key pairs per region.
|
|
935
|
+
# Each digest file is signed with a private key unique to its region.
|
|
936
|
+
# When you validate a digest file from a specific region, you must look
|
|
937
|
+
# in the same region for its corresponding public key.
|
|
921
938
|
#
|
|
922
939
|
# </note>
|
|
923
940
|
#
|
|
@@ -971,7 +988,7 @@ module Aws::CloudTrail
|
|
|
971
988
|
#
|
|
972
989
|
# @option params [required, Array<String>] :resource_id_list
|
|
973
990
|
# Specifies a list of trail ARNs whose tags will be listed. The list has
|
|
974
|
-
# a limit of 20 ARNs. The format of a trail ARN
|
|
991
|
+
# a limit of 20 ARNs. The following is the format of a trail ARN.
|
|
975
992
|
#
|
|
976
993
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
|
977
994
|
#
|
|
@@ -1054,7 +1071,7 @@ module Aws::CloudTrail
|
|
|
1054
1071
|
# in a region within the last 90 days. Lookup supports the following
|
|
1055
1072
|
# attributes for management events:
|
|
1056
1073
|
#
|
|
1057
|
-
# *
|
|
1074
|
+
# * Amazon Web Services access key
|
|
1058
1075
|
#
|
|
1059
1076
|
# * Event ID
|
|
1060
1077
|
#
|
|
@@ -1204,7 +1221,7 @@ module Aws::CloudTrail
|
|
|
1204
1221
|
#
|
|
1205
1222
|
# You can configure up to five event selectors for each trail. For more
|
|
1206
1223
|
# information, see [Logging data and management events for trails ][1]
|
|
1207
|
-
# and [Quotas in
|
|
1224
|
+
# and [Quotas in CloudTrail][2] in the *CloudTrail User Guide*.
|
|
1208
1225
|
#
|
|
1209
1226
|
# You can add advanced event selectors, and conditions for your advanced
|
|
1210
1227
|
# event selectors, up to a maximum of 500 values for all conditions and
|
|
@@ -1212,7 +1229,7 @@ module Aws::CloudTrail
|
|
|
1212
1229
|
# `EventSelectors`, but not both. If you apply `AdvancedEventSelectors`
|
|
1213
1230
|
# to a trail, any existing `EventSelectors` are overwritten. For more
|
|
1214
1231
|
# information about advanced event selectors, see [Logging data events
|
|
1215
|
-
# for trails][3] in the *
|
|
1232
|
+
# for trails][3] in the *CloudTrail User Guide*.
|
|
1216
1233
|
#
|
|
1217
1234
|
#
|
|
1218
1235
|
#
|
|
@@ -1232,11 +1249,11 @@ module Aws::CloudTrail
|
|
|
1232
1249
|
# * Be between 3 and 128 characters
|
|
1233
1250
|
#
|
|
1234
1251
|
# * Have no adjacent periods, underscores or dashes. Names like
|
|
1235
|
-
# `my-_namespace` and `my--namespace` are
|
|
1252
|
+
# `my-_namespace` and `my--namespace` are not valid.
|
|
1236
1253
|
#
|
|
1237
1254
|
# * Not be in IP address format (for example, 192.168.5.4)
|
|
1238
1255
|
#
|
|
1239
|
-
# If you specify a trail ARN, it must be in the format
|
|
1256
|
+
# If you specify a trail ARN, it must be in the following format.
|
|
1240
1257
|
#
|
|
1241
1258
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
|
1242
1259
|
#
|
|
@@ -1255,7 +1272,7 @@ module Aws::CloudTrail
|
|
|
1255
1272
|
# `EventSelectors`, but not both. If you apply `AdvancedEventSelectors`
|
|
1256
1273
|
# to a trail, any existing `EventSelectors` are overwritten. For more
|
|
1257
1274
|
# information about advanced event selectors, see [Logging data events
|
|
1258
|
-
# for trails][1] in the *
|
|
1275
|
+
# for trails][1] in the *CloudTrail User Guide*.
|
|
1259
1276
|
#
|
|
1260
1277
|
#
|
|
1261
1278
|
#
|
|
@@ -1343,17 +1360,17 @@ module Aws::CloudTrail
|
|
|
1343
1360
|
# Lets you enable Insights event logging by specifying the Insights
|
|
1344
1361
|
# selectors that you want to enable on an existing trail. You also use
|
|
1345
1362
|
# `PutInsightSelectors` to turn off Insights event logging, by passing
|
|
1346
|
-
# an empty list of insight types.
|
|
1347
|
-
#
|
|
1363
|
+
# an empty list of insight types. The valid Insights event type in this
|
|
1364
|
+
# release is `ApiCallRateInsight`.
|
|
1348
1365
|
#
|
|
1349
1366
|
# @option params [required, String] :trail_name
|
|
1350
1367
|
# The name of the CloudTrail trail for which you want to change or add
|
|
1351
1368
|
# Insights selectors.
|
|
1352
1369
|
#
|
|
1353
1370
|
# @option params [required, Array<Types::InsightSelector>] :insight_selectors
|
|
1354
|
-
# A JSON string that contains the
|
|
1355
|
-
# trail.
|
|
1356
|
-
#
|
|
1371
|
+
# A JSON string that contains the Insights types that you want to log on
|
|
1372
|
+
# a trail. The valid Insights type in this release is
|
|
1373
|
+
# `ApiCallRateInsight`.
|
|
1357
1374
|
#
|
|
1358
1375
|
# @return [Types::PutInsightSelectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1359
1376
|
#
|
|
@@ -1366,7 +1383,7 @@ module Aws::CloudTrail
|
|
|
1366
1383
|
# trail_name: "String", # required
|
|
1367
1384
|
# insight_selectors: [ # required
|
|
1368
1385
|
# {
|
|
1369
|
-
# insight_type: "ApiCallRateInsight", # accepts ApiCallRateInsight
|
|
1386
|
+
# insight_type: "ApiCallRateInsight", # accepts ApiCallRateInsight, ApiErrorRateInsight
|
|
1370
1387
|
# },
|
|
1371
1388
|
# ],
|
|
1372
1389
|
# })
|
|
@@ -1375,7 +1392,7 @@ module Aws::CloudTrail
|
|
|
1375
1392
|
#
|
|
1376
1393
|
# resp.trail_arn #=> String
|
|
1377
1394
|
# resp.insight_selectors #=> Array
|
|
1378
|
-
# resp.insight_selectors[0].insight_type #=> String, one of "ApiCallRateInsight"
|
|
1395
|
+
# resp.insight_selectors[0].insight_type #=> String, one of "ApiCallRateInsight", "ApiErrorRateInsight"
|
|
1379
1396
|
#
|
|
1380
1397
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectors AWS API Documentation
|
|
1381
1398
|
#
|
|
@@ -1420,15 +1437,17 @@ module Aws::CloudTrail
|
|
|
1420
1437
|
req.send_request(options)
|
|
1421
1438
|
end
|
|
1422
1439
|
|
|
1423
|
-
# Starts the recording of
|
|
1424
|
-
# trail. For a trail that is enabled in all regions, this
|
|
1425
|
-
# be called from the region in which the trail was
|
|
1426
|
-
# operation cannot be called on the shadow trails
|
|
1427
|
-
# other regions) of a trail that is enabled in all
|
|
1440
|
+
# Starts the recording of Amazon Web Services API calls and log file
|
|
1441
|
+
# delivery for a trail. For a trail that is enabled in all regions, this
|
|
1442
|
+
# operation must be called from the region in which the trail was
|
|
1443
|
+
# created. This operation cannot be called on the shadow trails
|
|
1444
|
+
# (replicated trails in other regions) of a trail that is enabled in all
|
|
1445
|
+
# regions.
|
|
1428
1446
|
#
|
|
1429
1447
|
# @option params [required, String] :name
|
|
1430
1448
|
# Specifies the name or the CloudTrail ARN of the trail for which
|
|
1431
|
-
# CloudTrail logs
|
|
1449
|
+
# CloudTrail logs Amazon Web Services API calls. The following is the
|
|
1450
|
+
# format of a trail ARN.
|
|
1432
1451
|
#
|
|
1433
1452
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
|
1434
1453
|
#
|
|
@@ -1449,19 +1468,20 @@ module Aws::CloudTrail
|
|
|
1449
1468
|
req.send_request(options)
|
|
1450
1469
|
end
|
|
1451
1470
|
|
|
1452
|
-
# Suspends the recording of
|
|
1453
|
-
# specified trail. Under most circumstances, there is
|
|
1454
|
-
# this action. You can update a trail without stopping it
|
|
1455
|
-
# action is the only way to stop recording. For a trail
|
|
1456
|
-
# regions, this operation must be called from the region
|
|
1457
|
-
# trail was created, or an `InvalidHomeRegionException`
|
|
1458
|
-
# operation cannot be called on the shadow trails
|
|
1459
|
-
# other regions) of a trail enabled in all
|
|
1471
|
+
# Suspends the recording of Amazon Web Services API calls and log file
|
|
1472
|
+
# delivery for the specified trail. Under most circumstances, there is
|
|
1473
|
+
# no need to use this action. You can update a trail without stopping it
|
|
1474
|
+
# first. This action is the only way to stop recording. For a trail
|
|
1475
|
+
# enabled in all regions, this operation must be called from the region
|
|
1476
|
+
# in which the trail was created, or an `InvalidHomeRegionException`
|
|
1477
|
+
# will occur. This operation cannot be called on the shadow trails
|
|
1478
|
+
# (replicated trails in other regions) of a trail enabled in all
|
|
1479
|
+
# regions.
|
|
1460
1480
|
#
|
|
1461
1481
|
# @option params [required, String] :name
|
|
1462
1482
|
# Specifies the name or the CloudTrail ARN of the trail for which
|
|
1463
|
-
# CloudTrail will stop logging
|
|
1464
|
-
# is
|
|
1483
|
+
# CloudTrail will stop logging Amazon Web Services API calls. The
|
|
1484
|
+
# following is the format of a trail ARN.
|
|
1465
1485
|
#
|
|
1466
1486
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
|
1467
1487
|
#
|
|
@@ -1482,13 +1502,13 @@ module Aws::CloudTrail
|
|
|
1482
1502
|
req.send_request(options)
|
|
1483
1503
|
end
|
|
1484
1504
|
|
|
1485
|
-
# Updates
|
|
1486
|
-
#
|
|
1487
|
-
#
|
|
1488
|
-
# bucket
|
|
1489
|
-
#
|
|
1490
|
-
# region in which the trail was
|
|
1491
|
-
# `InvalidHomeRegionException` is thrown.
|
|
1505
|
+
# Updates trail settings that control what events you are logging, and
|
|
1506
|
+
# how to handle log files. Changes to a trail do not require stopping
|
|
1507
|
+
# the CloudTrail service. Use this action to designate an existing
|
|
1508
|
+
# bucket for log delivery. If the existing bucket has previously been a
|
|
1509
|
+
# target for CloudTrail log files, an IAM policy exists for the bucket.
|
|
1510
|
+
# `UpdateTrail` must be called from the region in which the trail was
|
|
1511
|
+
# created; otherwise, an `InvalidHomeRegionException` is thrown.
|
|
1492
1512
|
#
|
|
1493
1513
|
# @option params [required, String] :name
|
|
1494
1514
|
# Specifies the name of the trail or trail ARN. If `Name` is a trail
|
|
@@ -1502,11 +1522,11 @@ module Aws::CloudTrail
|
|
|
1502
1522
|
# * Be between 3 and 128 characters
|
|
1503
1523
|
#
|
|
1504
1524
|
# * Have no adjacent periods, underscores or dashes. Names like
|
|
1505
|
-
# `my-_namespace` and `my--namespace` are
|
|
1525
|
+
# `my-_namespace` and `my--namespace` are not valid.
|
|
1506
1526
|
#
|
|
1507
1527
|
# * Not be in IP address format (for example, 192.168.5.4)
|
|
1508
1528
|
#
|
|
1509
|
-
# If `Name` is a trail ARN, it must be in the format
|
|
1529
|
+
# If `Name` is a trail ARN, it must be in the following format.
|
|
1510
1530
|
#
|
|
1511
1531
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
|
1512
1532
|
#
|
|
@@ -1551,7 +1571,7 @@ module Aws::CloudTrail
|
|
|
1551
1571
|
# false.
|
|
1552
1572
|
#
|
|
1553
1573
|
# <note markdown="1"> When you disable log file integrity validation, the chain of digest
|
|
1554
|
-
# files is broken after one hour. CloudTrail
|
|
1574
|
+
# files is broken after one hour. CloudTrail does not create digest
|
|
1555
1575
|
# files for log files that were delivered during a period in which log
|
|
1556
1576
|
# file integrity validation was disabled. For example, if you enable log
|
|
1557
1577
|
# file integrity validation at noon on January 1, disable it at noon on
|
|
@@ -1565,8 +1585,8 @@ module Aws::CloudTrail
|
|
|
1565
1585
|
# @option params [String] :cloud_watch_logs_log_group_arn
|
|
1566
1586
|
# Specifies a log group name using an Amazon Resource Name (ARN), a
|
|
1567
1587
|
# unique identifier that represents the log group to which CloudTrail
|
|
1568
|
-
# logs
|
|
1569
|
-
# CloudWatchLogsRoleArn
|
|
1588
|
+
# logs are delivered. Not required unless you specify
|
|
1589
|
+
# `CloudWatchLogsRoleArn`.
|
|
1570
1590
|
#
|
|
1571
1591
|
# @option params [String] :cloud_watch_logs_role_arn
|
|
1572
1592
|
# Specifies the role for the CloudWatch Logs endpoint to assume to write
|
|
@@ -1578,6 +1598,10 @@ module Aws::CloudTrail
|
|
|
1578
1598
|
# fully specified ARN to an alias, a fully specified ARN to a key, or a
|
|
1579
1599
|
# globally unique identifier.
|
|
1580
1600
|
#
|
|
1601
|
+
# CloudTrail also supports KMS multi-Region keys. For more information
|
|
1602
|
+
# about multi-Region keys, see [Using multi-Region keys][1] in the *Key
|
|
1603
|
+
# Management Service Developer Guide*.
|
|
1604
|
+
#
|
|
1581
1605
|
# Examples:
|
|
1582
1606
|
#
|
|
1583
1607
|
# * alias/MyAliasName
|
|
@@ -1588,17 +1612,21 @@ module Aws::CloudTrail
|
|
|
1588
1612
|
#
|
|
1589
1613
|
# * 12345678-1234-1234-1234-123456789012
|
|
1590
1614
|
#
|
|
1615
|
+
#
|
|
1616
|
+
#
|
|
1617
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
|
|
1618
|
+
#
|
|
1591
1619
|
# @option params [Boolean] :is_organization_trail
|
|
1592
1620
|
# Specifies whether the trail is applied to all accounts in an
|
|
1593
|
-
# organization in
|
|
1594
|
-
# account. The default is false, and cannot be true unless the
|
|
1595
|
-
# made on behalf of an
|
|
1596
|
-
# organization in
|
|
1597
|
-
# trail and this is set to true
|
|
1598
|
-
#
|
|
1599
|
-
# organization
|
|
1600
|
-
# the
|
|
1601
|
-
# organization.
|
|
1621
|
+
# organization in Organizations, or only for the current Amazon Web
|
|
1622
|
+
# Services account. The default is false, and cannot be true unless the
|
|
1623
|
+
# call is made on behalf of an Amazon Web Services account that is the
|
|
1624
|
+
# management account for an organization in Organizations. If the trail
|
|
1625
|
+
# is not an organization trail and this is set to `true`, the trail will
|
|
1626
|
+
# be created in all Amazon Web Services accounts that belong to the
|
|
1627
|
+
# organization. If the trail is an organization trail and this is set to
|
|
1628
|
+
# `false`, the trail will remain in the current Amazon Web Services
|
|
1629
|
+
# account but be deleted from all member accounts in the organization.
|
|
1602
1630
|
#
|
|
1603
1631
|
# @return [Types::UpdateTrailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1604
1632
|
#
|
|
@@ -1670,7 +1698,7 @@ module Aws::CloudTrail
|
|
|
1670
1698
|
params: params,
|
|
1671
1699
|
config: config)
|
|
1672
1700
|
context[:gem_name] = 'aws-sdk-cloudtrail'
|
|
1673
|
-
context[:gem_version] = '1.
|
|
1701
|
+
context[:gem_version] = '1.41.0'
|
|
1674
1702
|
Seahorse::Client::Request.new(handlers, context)
|
|
1675
1703
|
end
|
|
1676
1704
|
|