aws-sdk-cloudtrail 1.42.0 → 1.69.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +138 -1
- data/VERSION +1 -1
- data/lib/aws-sdk-cloudtrail/client.rb +1874 -137
- data/lib/aws-sdk-cloudtrail/client_api.rb +1196 -5
- data/lib/aws-sdk-cloudtrail/endpoint_parameters.rb +66 -0
- data/lib/aws-sdk-cloudtrail/endpoint_provider.rb +60 -0
- data/lib/aws-sdk-cloudtrail/endpoints.rb +660 -0
- data/lib/aws-sdk-cloudtrail/errors.rb +396 -0
- data/lib/aws-sdk-cloudtrail/plugins/endpoints.rb +160 -0
- data/lib/aws-sdk-cloudtrail/types.rb +2822 -588
- data/lib/aws-sdk-cloudtrail.rb +5 -1
- metadata +8 -4
@@ -10,26 +10,48 @@
|
|
10
10
|
module Aws::CloudTrail
|
11
11
|
module Types
|
12
12
|
|
13
|
-
#
|
13
|
+
# This exception is thrown when you start a new import and a previous
|
14
|
+
# import is still in progress.
|
14
15
|
#
|
15
|
-
# @
|
16
|
-
# data as a hash:
|
16
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/AccountHasOngoingImportException AWS API Documentation
|
17
17
|
#
|
18
|
-
|
19
|
-
|
20
|
-
#
|
21
|
-
#
|
22
|
-
#
|
23
|
-
#
|
24
|
-
#
|
25
|
-
|
26
|
-
|
18
|
+
class AccountHasOngoingImportException < Aws::EmptyStructure; end
|
19
|
+
|
20
|
+
# This exception is thrown when the specified account is not found or
|
21
|
+
# not part of an organization.
|
22
|
+
#
|
23
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/AccountNotFoundException AWS API Documentation
|
24
|
+
#
|
25
|
+
class AccountNotFoundException < Aws::EmptyStructure; end
|
26
|
+
|
27
|
+
# This exception is thrown when the specified account is not registered
|
28
|
+
# as the CloudTrail delegated administrator.
|
29
|
+
#
|
30
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/AccountNotRegisteredException AWS API Documentation
|
31
|
+
#
|
32
|
+
class AccountNotRegisteredException < Aws::EmptyStructure; end
|
33
|
+
|
34
|
+
# This exception is thrown when the account is already registered as the
|
35
|
+
# CloudTrail delegated administrator.
|
36
|
+
#
|
37
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/AccountRegisteredException AWS API Documentation
|
38
|
+
#
|
39
|
+
class AccountRegisteredException < Aws::EmptyStructure; end
|
40
|
+
|
41
|
+
# Specifies the tags to add to a trail, event data store, or channel.
|
27
42
|
#
|
28
43
|
# @!attribute [rw] resource_id
|
29
|
-
# Specifies the ARN of the trail
|
30
|
-
#
|
44
|
+
# Specifies the ARN of the trail, event data store, or channel to
|
45
|
+
# which one or more tags will be added.
|
31
46
|
#
|
47
|
+
# The format of a trail ARN is:
|
32
48
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
49
|
+
#
|
50
|
+
# The format of an event data store ARN is:
|
51
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
|
52
|
+
#
|
53
|
+
# The format of a channel ARN is:
|
54
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
|
33
55
|
# @return [String]
|
34
56
|
#
|
35
57
|
# @!attribute [rw] tags_list
|
@@ -55,8 +77,8 @@ module Aws::CloudTrail
|
|
55
77
|
# Advanced event selectors let you create fine-grained selectors for the
|
56
78
|
# following CloudTrail event record fields. They help you control costs
|
57
79
|
# by logging only those events that are important to you. For more
|
58
|
-
# information about advanced event selectors, see [Logging data
|
59
|
-
#
|
80
|
+
# information about advanced event selectors, see [Logging data
|
81
|
+
# events][1] in the *CloudTrail User Guide*.
|
60
82
|
#
|
61
83
|
# * `readOnly`
|
62
84
|
#
|
@@ -77,24 +99,6 @@ module Aws::CloudTrail
|
|
77
99
|
#
|
78
100
|
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html
|
79
101
|
#
|
80
|
-
# @note When making an API call, you may pass AdvancedEventSelector
|
81
|
-
# data as a hash:
|
82
|
-
#
|
83
|
-
# {
|
84
|
-
# name: "SelectorName",
|
85
|
-
# field_selectors: [ # required
|
86
|
-
# {
|
87
|
-
# field: "SelectorField", # required
|
88
|
-
# equals: ["OperatorValue"],
|
89
|
-
# starts_with: ["OperatorValue"],
|
90
|
-
# ends_with: ["OperatorValue"],
|
91
|
-
# not_equals: ["OperatorValue"],
|
92
|
-
# not_starts_with: ["OperatorValue"],
|
93
|
-
# not_ends_with: ["OperatorValue"],
|
94
|
-
# },
|
95
|
-
# ],
|
96
|
-
# }
|
97
|
-
#
|
98
102
|
# @!attribute [rw] name
|
99
103
|
# An optional, descriptive name for an advanced event selector, such
|
100
104
|
# as "Log data events for only two S3 buckets".
|
@@ -115,28 +119,25 @@ module Aws::CloudTrail
|
|
115
119
|
|
116
120
|
# A single selector statement in an advanced event selector.
|
117
121
|
#
|
118
|
-
#
|
119
|
-
#
|
122
|
+
# @!attribute [rw] field
|
123
|
+
# A field in a CloudTrail event record on which to filter events to be
|
124
|
+
# logged. For event data stores for Config configuration items, Audit
|
125
|
+
# Manager evidence, or non-Amazon Web Services events, the field is
|
126
|
+
# used only for selecting events as filtering is not supported.
|
120
127
|
#
|
121
|
-
#
|
122
|
-
#
|
123
|
-
#
|
124
|
-
# starts_with: ["OperatorValue"],
|
125
|
-
# ends_with: ["OperatorValue"],
|
126
|
-
# not_equals: ["OperatorValue"],
|
127
|
-
# not_starts_with: ["OperatorValue"],
|
128
|
-
# not_ends_with: ["OperatorValue"],
|
129
|
-
# }
|
128
|
+
# For CloudTrail event records, supported fields include `readOnly`,
|
129
|
+
# `eventCategory`, `eventSource` (for management events), `eventName`,
|
130
|
+
# `resources.type`, and `resources.ARN`.
|
130
131
|
#
|
131
|
-
#
|
132
|
-
#
|
133
|
-
#
|
134
|
-
# (for management events), `eventName`, `resources.type`, and
|
135
|
-
# `resources.ARN`.
|
132
|
+
# For event data stores for Config configuration items, Audit Manager
|
133
|
+
# evidence, or non-Amazon Web Services events, the only supported
|
134
|
+
# field is `eventCategory`.
|
136
135
|
#
|
137
136
|
# * <b> <code>readOnly</code> </b> - Optional. Can be set to `Equals`
|
138
|
-
# a value of `true` or `false`.
|
139
|
-
# and `write` events.
|
137
|
+
# a value of `true` or `false`. If you do not add this field,
|
138
|
+
# CloudTrail logs both `read` and `write` events. A value of `true`
|
139
|
+
# logs only `read` events. A value of `false` logs only `write`
|
140
|
+
# events.
|
140
141
|
#
|
141
142
|
# * <b> <code>eventSource</code> </b> - For filtering management
|
142
143
|
# events only. This can be set only to `NotEquals`
|
@@ -147,30 +148,69 @@ module Aws::CloudTrail
|
|
147
148
|
# CloudTrail, such as `PutBucket` or `GetSnapshotBlock`. You can
|
148
149
|
# have multiple values for this field, separated by commas.
|
149
150
|
#
|
150
|
-
# * <b> <code>eventCategory</code> </b> - This is required
|
151
|
-
# set to `Equals
|
151
|
+
# * <b> <code>eventCategory</code> </b> - This is required and must be
|
152
|
+
# set to `Equals`.
|
152
153
|
#
|
153
|
-
#
|
154
|
-
#
|
155
|
-
# can be one of the following:
|
154
|
+
# * For CloudTrail event records, the value must be `Management` or
|
155
|
+
# `Data`.
|
156
156
|
#
|
157
|
-
# *
|
157
|
+
# * For Config configuration items, the value must be
|
158
|
+
# `ConfigurationItem`.
|
158
159
|
#
|
159
|
-
# * `
|
160
|
+
# * For Audit Manager evidence, the value must be `Evidence`.
|
161
|
+
#
|
162
|
+
# * For non-Amazon Web Services events, the value must be
|
163
|
+
# `ActivityAuditLog`.
|
164
|
+
#
|
165
|
+
# * <b> <code>resources.type</code> </b> - This field is required for
|
166
|
+
# CloudTrail data events. `resources.type` can only use the `Equals`
|
167
|
+
# operator, and the value can be one of the following:
|
160
168
|
#
|
161
169
|
# * `AWS::DynamoDB::Table`
|
162
170
|
#
|
163
|
-
# * `AWS::
|
171
|
+
# * `AWS::Lambda::Function`
|
164
172
|
#
|
165
|
-
# * `AWS::
|
173
|
+
# * `AWS::S3::Object`
|
166
174
|
#
|
167
|
-
# * `AWS::
|
175
|
+
# * `AWS::CloudTrail::Channel`
|
176
|
+
#
|
177
|
+
# * `AWS::CodeWhisperer::Profile`
|
178
|
+
#
|
179
|
+
# * `AWS::Cognito::IdentityPool`
|
180
|
+
#
|
181
|
+
# * `AWS::DynamoDB::Stream`
|
168
182
|
#
|
169
183
|
# * `AWS::EC2::Snapshot`
|
170
184
|
#
|
185
|
+
# * `AWS::EMRWAL::Workspace`
|
186
|
+
#
|
187
|
+
# * `AWS::FinSpace::Environment`
|
188
|
+
#
|
189
|
+
# * `AWS::Glue::Table`
|
190
|
+
#
|
191
|
+
# * `AWS::GuardDuty::Detector`
|
192
|
+
#
|
193
|
+
# * `AWS::KendraRanking::ExecutionPlan`
|
194
|
+
#
|
195
|
+
# * `AWS::ManagedBlockchain::Network`
|
196
|
+
#
|
197
|
+
# * `AWS::ManagedBlockchain::Node`
|
198
|
+
#
|
199
|
+
# * `AWS::MedicalImaging::Datastore`
|
200
|
+
#
|
201
|
+
# * `AWS::SageMaker::ExperimentTrialComponent`
|
202
|
+
#
|
203
|
+
# * `AWS::SageMaker::FeatureGroup`
|
204
|
+
#
|
171
205
|
# * `AWS::S3::AccessPoint`
|
172
206
|
#
|
173
|
-
# * `AWS::
|
207
|
+
# * `AWS::S3ObjectLambda::AccessPoint`
|
208
|
+
#
|
209
|
+
# * `AWS::S3Outposts::Object`
|
210
|
+
#
|
211
|
+
# * `AWS::SSMMessages::ControlChannel`
|
212
|
+
#
|
213
|
+
# * `AWS::VerifiedPermissions::PolicyStore`
|
174
214
|
#
|
175
215
|
# You can have only one `resources.type` field per selector. To log
|
176
216
|
# data events on more than one resource type, add another selector.
|
@@ -192,16 +232,13 @@ module Aws::CloudTrail
|
|
192
232
|
#
|
193
233
|
# * `arn:<partition>:s3:::<bucket_name>/<object_path>/`
|
194
234
|
#
|
195
|
-
# When
|
196
|
-
# operator is set to `Equals` or `NotEquals`, the ARN must be in
|
197
|
-
#
|
198
|
-
# access point, we recommend that you use only the access point ARN,
|
199
|
-
# don’t include the object path, and use the `StartsWith` or
|
200
|
-
# `NotStartsWith` operators.
|
235
|
+
# When resources.type equals `AWS::DynamoDB::Table`, and the
|
236
|
+
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
237
|
+
# following format:
|
201
238
|
#
|
202
|
-
# * `arn:<partition>:
|
239
|
+
# * `arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>`
|
203
240
|
#
|
204
|
-
#
|
241
|
+
# ^
|
205
242
|
#
|
206
243
|
# When resources.type equals `AWS::Lambda::Function`, and the
|
207
244
|
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
@@ -211,19 +248,91 @@ module Aws::CloudTrail
|
|
211
248
|
#
|
212
249
|
# ^
|
213
250
|
#
|
214
|
-
# When resources.type equals `AWS::
|
251
|
+
# When resources.type equals `AWS::CloudTrail::Channel`, and the
|
215
252
|
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
216
253
|
# following format:
|
217
254
|
#
|
218
|
-
# * `arn:<partition>:
|
255
|
+
# * `arn:<partition>:cloudtrail:<region>:<account_ID>:channel/<channel_UUID>`
|
219
256
|
#
|
220
257
|
# ^
|
221
258
|
#
|
222
|
-
# When
|
259
|
+
# When resources.type equals `AWS::CodeWhisperer::Profile`, and the
|
223
260
|
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
224
261
|
# following format:
|
225
262
|
#
|
226
|
-
# * `arn:<partition>:
|
263
|
+
# * `arn:<partition>:codewhisperer:<region>:<account_ID>:profile/<profile_ID>`
|
264
|
+
#
|
265
|
+
# ^
|
266
|
+
#
|
267
|
+
# When resources.type equals `AWS::Cognito::IdentityPool`, and the
|
268
|
+
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
269
|
+
# following format:
|
270
|
+
#
|
271
|
+
# * `arn:<partition>:cognito-identity:<region>:<account_ID>:identitypool/<identity_pool_ID>`
|
272
|
+
#
|
273
|
+
# ^
|
274
|
+
#
|
275
|
+
# When `resources.type` equals `AWS::DynamoDB::Stream`, and the
|
276
|
+
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
277
|
+
# following format:
|
278
|
+
#
|
279
|
+
# * `arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time>`
|
280
|
+
#
|
281
|
+
# ^
|
282
|
+
#
|
283
|
+
# When `resources.type` equals `AWS::EC2::Snapshot`, and the
|
284
|
+
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
285
|
+
# following format:
|
286
|
+
#
|
287
|
+
# * `arn:<partition>:ec2:<region>::snapshot/<snapshot_ID>`
|
288
|
+
#
|
289
|
+
# ^
|
290
|
+
#
|
291
|
+
# When `resources.type` equals `AWS::EMRWAL::Workspace`, and the
|
292
|
+
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
293
|
+
# following format:
|
294
|
+
#
|
295
|
+
# * `arn:<partition>:emrwal:<region>::workspace/<workspace_name>`
|
296
|
+
#
|
297
|
+
# ^
|
298
|
+
#
|
299
|
+
# When `resources.type` equals `AWS::FinSpace::Environment`, and the
|
300
|
+
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
301
|
+
# following format:
|
302
|
+
#
|
303
|
+
# * `arn:<partition>:finspace:<region>:<account_ID>:environment/<environment_ID>`
|
304
|
+
#
|
305
|
+
# ^
|
306
|
+
#
|
307
|
+
# When `resources.type` equals `AWS::Glue::Table`, and the operator
|
308
|
+
# is set to `Equals` or `NotEquals`, the ARN must be in the
|
309
|
+
# following format:
|
310
|
+
#
|
311
|
+
# * `arn:<partition>:glue:<region>:<account_ID>:table/<database_name>/<table_name>`
|
312
|
+
#
|
313
|
+
# ^
|
314
|
+
#
|
315
|
+
# When `resources.type` equals `AWS::GuardDuty::Detector`, and the
|
316
|
+
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
317
|
+
# following format:
|
318
|
+
#
|
319
|
+
# * `arn:<partition>:guardduty:<region>:<account_ID>:detector/<detector_ID>`
|
320
|
+
#
|
321
|
+
# ^
|
322
|
+
#
|
323
|
+
# When `resources.type` equals `AWS::KendraRanking::ExecutionPlan`,
|
324
|
+
# and the operator is set to `Equals` or `NotEquals`, the ARN must
|
325
|
+
# be in the following format:
|
326
|
+
#
|
327
|
+
# * `arn:<partition>:kendra-ranking:<region>:<account_ID>:rescore-execution-plan/<rescore_execution_plan_ID>`
|
328
|
+
#
|
329
|
+
# ^
|
330
|
+
#
|
331
|
+
# When `resources.type` equals `AWS::ManagedBlockchain::Network`,
|
332
|
+
# and the operator is set to `Equals` or `NotEquals`, the ARN must
|
333
|
+
# be in the following format:
|
334
|
+
#
|
335
|
+
# * `arn:<partition>:managedblockchain:::networks/<network_name>`
|
227
336
|
#
|
228
337
|
# ^
|
229
338
|
#
|
@@ -235,6 +344,42 @@ module Aws::CloudTrail
|
|
235
344
|
#
|
236
345
|
# ^
|
237
346
|
#
|
347
|
+
# When `resources.type` equals `AWS::MedicalImaging::Datastore`, and
|
348
|
+
# the operator is set to `Equals` or `NotEquals`, the ARN must be in
|
349
|
+
# the following format:
|
350
|
+
#
|
351
|
+
# * `arn:<partition>:medical-imaging:<region>:<account_ID>:datastore/<data_store_ID>`
|
352
|
+
#
|
353
|
+
# ^
|
354
|
+
#
|
355
|
+
# When `resources.type` equals
|
356
|
+
# `AWS::SageMaker::ExperimentTrialComponent`, and the operator is
|
357
|
+
# set to `Equals` or `NotEquals`, the ARN must be in the following
|
358
|
+
# format:
|
359
|
+
#
|
360
|
+
# * `arn:<partition>:sagemaker:<region>:<account_ID>:experiment-trial-component/<experiment_trial_component_name>`
|
361
|
+
#
|
362
|
+
# ^
|
363
|
+
#
|
364
|
+
# When `resources.type` equals `AWS::SageMaker::FeatureGroup`, and
|
365
|
+
# the operator is set to `Equals` or `NotEquals`, the ARN must be in
|
366
|
+
# the following format:
|
367
|
+
#
|
368
|
+
# * `arn:<partition>:sagemaker:<region>:<account_ID>:feature-group/<feature_group_name>`
|
369
|
+
#
|
370
|
+
# ^
|
371
|
+
#
|
372
|
+
# When `resources.type` equals `AWS::S3::AccessPoint`, and the
|
373
|
+
# operator is set to `Equals` or `NotEquals`, the ARN must be in one
|
374
|
+
# of the following formats. To log events on all objects in an S3
|
375
|
+
# access point, we recommend that you use only the access point ARN,
|
376
|
+
# don’t include the object path, and use the `StartsWith` or
|
377
|
+
# `NotStartsWith` operators.
|
378
|
+
#
|
379
|
+
# * `arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>`
|
380
|
+
#
|
381
|
+
# * `arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>/object/<object_path>`
|
382
|
+
#
|
238
383
|
# When `resources.type` equals `AWS::S3ObjectLambda::AccessPoint`,
|
239
384
|
# and the operator is set to `Equals` or `NotEquals`, the ARN must
|
240
385
|
# be in the following format:
|
@@ -243,19 +388,28 @@ module Aws::CloudTrail
|
|
243
388
|
#
|
244
389
|
# ^
|
245
390
|
#
|
246
|
-
# When `resources.type` equals `AWS::
|
391
|
+
# When `resources.type` equals `AWS::S3Outposts::Object`, and the
|
247
392
|
# operator is set to `Equals` or `NotEquals`, the ARN must be in the
|
248
393
|
# following format:
|
249
394
|
#
|
250
|
-
# * `arn:<partition>:
|
395
|
+
# * `arn:<partition>:s3-outposts:<region>:<account_ID>:<object_path>`
|
251
396
|
#
|
252
397
|
# ^
|
253
398
|
#
|
254
|
-
# When `resources.type` equals `AWS::
|
255
|
-
# operator is set to `Equals` or `NotEquals`, the ARN must
|
256
|
-
# following format:
|
399
|
+
# When `resources.type` equals `AWS::SSMMessages::ControlChannel`,
|
400
|
+
# and the operator is set to `Equals` or `NotEquals`, the ARN must
|
401
|
+
# be in the following format:
|
257
402
|
#
|
258
|
-
# * `arn:<partition>:
|
403
|
+
# * `arn:<partition>:ssmmessages:<region>:<account_ID>:control-channel/<channel_ID>`
|
404
|
+
#
|
405
|
+
# ^
|
406
|
+
#
|
407
|
+
# When resources.type equals
|
408
|
+
# `AWS::VerifiedPermissions::PolicyStore`, and the operator is set
|
409
|
+
# to `Equals` or `NotEquals`, the ARN must be in the following
|
410
|
+
# format:
|
411
|
+
#
|
412
|
+
# * `arn:<partition>:verifiedpermissions:<region>:<account_ID>:policy-store/<policy_store_UUID>`
|
259
413
|
#
|
260
414
|
# ^
|
261
415
|
# @return [String]
|
@@ -306,11 +460,122 @@ module Aws::CloudTrail
|
|
306
460
|
include Aws::Structure
|
307
461
|
end
|
308
462
|
|
463
|
+
# @!attribute [rw] event_data_store
|
464
|
+
# The ARN (or the ID suffix of the ARN) of an event data store on
|
465
|
+
# which the specified query is running.
|
466
|
+
# @return [String]
|
467
|
+
#
|
468
|
+
# @!attribute [rw] query_id
|
469
|
+
# The ID of the query that you want to cancel. The `QueryId` comes
|
470
|
+
# from the response of a `StartQuery` operation.
|
471
|
+
# @return [String]
|
472
|
+
#
|
473
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CancelQueryRequest AWS API Documentation
|
474
|
+
#
|
475
|
+
class CancelQueryRequest < Struct.new(
|
476
|
+
:event_data_store,
|
477
|
+
:query_id)
|
478
|
+
SENSITIVE = []
|
479
|
+
include Aws::Structure
|
480
|
+
end
|
481
|
+
|
482
|
+
# @!attribute [rw] query_id
|
483
|
+
# The ID of the canceled query.
|
484
|
+
# @return [String]
|
485
|
+
#
|
486
|
+
# @!attribute [rw] query_status
|
487
|
+
# Shows the status of a query after a `CancelQuery` request.
|
488
|
+
# Typically, the values shown are either `RUNNING` or `CANCELLED`.
|
489
|
+
# @return [String]
|
490
|
+
#
|
491
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CancelQueryResponse AWS API Documentation
|
492
|
+
#
|
493
|
+
class CancelQueryResponse < Struct.new(
|
494
|
+
:query_id,
|
495
|
+
:query_status)
|
496
|
+
SENSITIVE = []
|
497
|
+
include Aws::Structure
|
498
|
+
end
|
499
|
+
|
500
|
+
# This exception is thrown when the management account of an
|
501
|
+
# organization is registered as the CloudTrail delegated administrator.
|
502
|
+
#
|
503
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CannotDelegateManagementAccountException AWS API Documentation
|
504
|
+
#
|
505
|
+
class CannotDelegateManagementAccountException < Aws::EmptyStructure; end
|
506
|
+
|
507
|
+
# Contains information about a returned CloudTrail channel.
|
508
|
+
#
|
509
|
+
# @!attribute [rw] channel_arn
|
510
|
+
# The Amazon Resource Name (ARN) of a channel.
|
511
|
+
# @return [String]
|
512
|
+
#
|
513
|
+
# @!attribute [rw] name
|
514
|
+
# The name of the CloudTrail channel. For service-linked channels, the
|
515
|
+
# name is `aws-service-channel/service-name/custom-suffix` where
|
516
|
+
# `service-name` represents the name of the Amazon Web Services
|
517
|
+
# service that created the channel and `custom-suffix` represents the
|
518
|
+
# suffix created by the Amazon Web Services service.
|
519
|
+
# @return [String]
|
520
|
+
#
|
521
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/Channel AWS API Documentation
|
522
|
+
#
|
523
|
+
class Channel < Struct.new(
|
524
|
+
:channel_arn,
|
525
|
+
:name)
|
526
|
+
SENSITIVE = []
|
527
|
+
include Aws::Structure
|
528
|
+
end
|
529
|
+
|
530
|
+
# This exception is thrown when the specified value of `ChannelARN` is
|
531
|
+
# not valid.
|
532
|
+
#
|
533
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ChannelARNInvalidException AWS API Documentation
|
534
|
+
#
|
535
|
+
class ChannelARNInvalidException < Aws::EmptyStructure; end
|
536
|
+
|
537
|
+
# This exception is thrown when the provided channel already exists.
|
538
|
+
#
|
539
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ChannelAlreadyExistsException AWS API Documentation
|
540
|
+
#
|
541
|
+
class ChannelAlreadyExistsException < Aws::EmptyStructure; end
|
542
|
+
|
543
|
+
# This exception is thrown when the specified event data store cannot
|
544
|
+
# yet be deleted because it is in use by a channel.
|
545
|
+
#
|
546
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ChannelExistsForEDSException AWS API Documentation
|
547
|
+
#
|
548
|
+
class ChannelExistsForEDSException < Aws::EmptyStructure; end
|
549
|
+
|
550
|
+
# This exception is thrown when the maximum number of channels limit is
|
551
|
+
# exceeded.
|
552
|
+
#
|
553
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ChannelMaxLimitExceededException AWS API Documentation
|
554
|
+
#
|
555
|
+
class ChannelMaxLimitExceededException < Aws::EmptyStructure; end
|
556
|
+
|
557
|
+
# This exception is thrown when CloudTrail cannot find the specified
|
558
|
+
# channel.
|
559
|
+
#
|
560
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ChannelNotFoundException AWS API Documentation
|
561
|
+
#
|
562
|
+
class ChannelNotFoundException < Aws::EmptyStructure; end
|
563
|
+
|
309
564
|
# This exception is thrown when an operation is called with a trail ARN
|
310
565
|
# that is not valid. The following is the format of a trail ARN.
|
311
566
|
#
|
312
567
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
313
568
|
#
|
569
|
+
# This exception is also thrown when you call `AddTags` or `RemoveTags`
|
570
|
+
# on a trail, event data store, or channel with a resource ARN that is
|
571
|
+
# not valid.
|
572
|
+
#
|
573
|
+
# The following is the format of an event data store ARN:
|
574
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
|
575
|
+
#
|
576
|
+
# The following is the format of a channel ARN:
|
577
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
|
578
|
+
#
|
314
579
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CloudTrailARNInvalidException AWS API Documentation
|
315
580
|
#
|
316
581
|
class CloudTrailARNInvalidException < Aws::EmptyStructure; end
|
@@ -338,7 +603,7 @@ module Aws::CloudTrail
|
|
338
603
|
#
|
339
604
|
class CloudTrailInvalidClientTokenIdException < Aws::EmptyStructure; end
|
340
605
|
|
341
|
-
# Cannot set a CloudWatch Logs delivery for this
|
606
|
+
# Cannot set a CloudWatch Logs delivery for this Region.
|
342
607
|
#
|
343
608
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CloudWatchLogsDeliveryUnavailableException AWS API Documentation
|
344
609
|
#
|
@@ -346,92 +611,344 @@ module Aws::CloudTrail
|
|
346
611
|
|
347
612
|
# This exception is thrown when the specified resource is not ready for
|
348
613
|
# an operation. This can occur when you try to run an operation on a
|
349
|
-
#
|
350
|
-
#
|
351
|
-
# again.
|
614
|
+
# resource before CloudTrail has time to fully load the resource, or
|
615
|
+
# because another operation is modifying the resource. If this exception
|
616
|
+
# occurs, wait a few minutes, and then try the operation again.
|
352
617
|
#
|
353
618
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ConflictException AWS API Documentation
|
354
619
|
#
|
355
620
|
class ConflictException < Aws::EmptyStructure; end
|
356
621
|
|
357
|
-
# Specifies the settings for each trail.
|
358
|
-
#
|
359
|
-
# @note When making an API call, you may pass CreateTrailRequest
|
360
|
-
# data as a hash:
|
361
|
-
#
|
362
|
-
# {
|
363
|
-
# name: "String", # required
|
364
|
-
# s3_bucket_name: "String", # required
|
365
|
-
# s3_key_prefix: "String",
|
366
|
-
# sns_topic_name: "String",
|
367
|
-
# include_global_service_events: false,
|
368
|
-
# is_multi_region_trail: false,
|
369
|
-
# enable_log_file_validation: false,
|
370
|
-
# cloud_watch_logs_log_group_arn: "String",
|
371
|
-
# cloud_watch_logs_role_arn: "String",
|
372
|
-
# kms_key_id: "String",
|
373
|
-
# is_organization_trail: false,
|
374
|
-
# tags_list: [
|
375
|
-
# {
|
376
|
-
# key: "String", # required
|
377
|
-
# value: "String",
|
378
|
-
# },
|
379
|
-
# ],
|
380
|
-
# }
|
381
|
-
#
|
382
622
|
# @!attribute [rw] name
|
383
|
-
#
|
384
|
-
#
|
623
|
+
# The name of the channel.
|
624
|
+
# @return [String]
|
385
625
|
#
|
386
|
-
#
|
387
|
-
#
|
626
|
+
# @!attribute [rw] source
|
627
|
+
# The name of the partner or external event source. You cannot change
|
628
|
+
# this name after you create the channel. A maximum of one channel is
|
629
|
+
# allowed per source.
|
388
630
|
#
|
389
|
-
#
|
631
|
+
# A source can be either `Custom` for all valid non-Amazon Web
|
632
|
+
# Services events, or the name of a partner event source. For
|
633
|
+
# information about the source names for available partners, see
|
634
|
+
# [Additional information about integration partners][1] in the
|
635
|
+
# CloudTrail User Guide.
|
390
636
|
#
|
391
|
-
# * Be between 3 and 128 characters
|
392
637
|
#
|
393
|
-
# * Have no adjacent periods, underscores or dashes. Names like
|
394
|
-
# `my-_namespace` and `my--namespace` are not valid.
|
395
638
|
#
|
396
|
-
#
|
639
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-integration.html#cloudtrail-lake-partner-information
|
397
640
|
# @return [String]
|
398
641
|
#
|
399
|
-
# @!attribute [rw]
|
400
|
-
#
|
401
|
-
#
|
642
|
+
# @!attribute [rw] destinations
|
643
|
+
# One or more event data stores to which events arriving through a
|
644
|
+
# channel will be logged.
|
645
|
+
# @return [Array<Types::Destination>]
|
402
646
|
#
|
647
|
+
# @!attribute [rw] tags
|
648
|
+
# A list of tags.
|
649
|
+
# @return [Array<Types::Tag>]
|
403
650
|
#
|
651
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateChannelRequest AWS API Documentation
|
404
652
|
#
|
405
|
-
|
653
|
+
class CreateChannelRequest < Struct.new(
|
654
|
+
:name,
|
655
|
+
:source,
|
656
|
+
:destinations,
|
657
|
+
:tags)
|
658
|
+
SENSITIVE = []
|
659
|
+
include Aws::Structure
|
660
|
+
end
|
661
|
+
|
662
|
+
# @!attribute [rw] channel_arn
|
663
|
+
# The Amazon Resource Name (ARN) of the new channel.
|
406
664
|
# @return [String]
|
407
665
|
#
|
408
|
-
# @!attribute [rw]
|
409
|
-
#
|
410
|
-
# bucket you have designated for log file delivery. For more
|
411
|
-
# information, see [Finding Your CloudTrail Log Files][1]. The maximum
|
412
|
-
# length is 200 characters.
|
413
|
-
#
|
414
|
-
#
|
415
|
-
#
|
416
|
-
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html
|
666
|
+
# @!attribute [rw] name
|
667
|
+
# The name of the new channel.
|
417
668
|
# @return [String]
|
418
669
|
#
|
419
|
-
# @!attribute [rw]
|
420
|
-
#
|
421
|
-
# of log file delivery. The maximum length is 256 characters.
|
670
|
+
# @!attribute [rw] source
|
671
|
+
# The partner or external event source name.
|
422
672
|
# @return [String]
|
423
673
|
#
|
424
|
-
# @!attribute [rw]
|
425
|
-
#
|
426
|
-
#
|
427
|
-
# @return [
|
428
|
-
#
|
429
|
-
# @!attribute [rw]
|
430
|
-
#
|
431
|
-
#
|
432
|
-
#
|
433
|
-
#
|
434
|
-
#
|
674
|
+
# @!attribute [rw] destinations
|
675
|
+
# The event data stores that log the events arriving through the
|
676
|
+
# channel.
|
677
|
+
# @return [Array<Types::Destination>]
|
678
|
+
#
|
679
|
+
# @!attribute [rw] tags
|
680
|
+
# A list of tags.
|
681
|
+
# @return [Array<Types::Tag>]
|
682
|
+
#
|
683
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateChannelResponse AWS API Documentation
|
684
|
+
#
|
685
|
+
class CreateChannelResponse < Struct.new(
|
686
|
+
:channel_arn,
|
687
|
+
:name,
|
688
|
+
:source,
|
689
|
+
:destinations,
|
690
|
+
:tags)
|
691
|
+
SENSITIVE = []
|
692
|
+
include Aws::Structure
|
693
|
+
end
|
694
|
+
|
695
|
+
# @!attribute [rw] name
|
696
|
+
# The name of the event data store.
|
697
|
+
# @return [String]
|
698
|
+
#
|
699
|
+
# @!attribute [rw] advanced_event_selectors
|
700
|
+
# The advanced event selectors to use to select the events for the
|
701
|
+
# data store. You can configure up to five advanced event selectors
|
702
|
+
# for each event data store.
|
703
|
+
#
|
704
|
+
# For more information about how to use advanced event selectors to
|
705
|
+
# log CloudTrail events, see [Log events by using advanced event
|
706
|
+
# selectors][1] in the CloudTrail User Guide.
|
707
|
+
#
|
708
|
+
# For more information about how to use advanced event selectors to
|
709
|
+
# include Config configuration items in your event data store, see
|
710
|
+
# [Create an event data store for Config configuration items][2] in
|
711
|
+
# the CloudTrail User Guide.
|
712
|
+
#
|
713
|
+
# For more information about how to use advanced event selectors to
|
714
|
+
# include non-Amazon Web Services events in your event data store, see
|
715
|
+
# [Create an integration to log events from outside Amazon Web
|
716
|
+
# Services][3] in the CloudTrail User Guide.
|
717
|
+
#
|
718
|
+
#
|
719
|
+
#
|
720
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced
|
721
|
+
# [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-lake-cli.html#lake-cli-create-eds-config
|
722
|
+
# [3]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-lake-cli.html#lake-cli-create-integration
|
723
|
+
# @return [Array<Types::AdvancedEventSelector>]
|
724
|
+
#
|
725
|
+
# @!attribute [rw] multi_region_enabled
|
726
|
+
# Specifies whether the event data store includes events from all
|
727
|
+
# Regions, or only from the Region in which the event data store is
|
728
|
+
# created.
|
729
|
+
# @return [Boolean]
|
730
|
+
#
|
731
|
+
# @!attribute [rw] organization_enabled
|
732
|
+
# Specifies whether an event data store collects events logged for an
|
733
|
+
# organization in Organizations.
|
734
|
+
# @return [Boolean]
|
735
|
+
#
|
736
|
+
# @!attribute [rw] retention_period
|
737
|
+
# The retention period of the event data store, in days. You can set a
|
738
|
+
# retention period of up to 2557 days, the equivalent of seven years.
|
739
|
+
# CloudTrail Lake determines whether to retain an event by checking if
|
740
|
+
# the `eventTime` of the event is within the specified retention
|
741
|
+
# period. For example, if you set a retention period of 90 days,
|
742
|
+
# CloudTrail will remove events when the `eventTime` is older than 90
|
743
|
+
# days.
|
744
|
+
#
|
745
|
+
# <note markdown="1"> If you plan to copy trail events to this event data store, we
|
746
|
+
# recommend that you consider both the age of the events that you want
|
747
|
+
# to copy as well as how long you want to keep the copied events in
|
748
|
+
# your event data store. For example, if you copy trail events that
|
749
|
+
# are 5 years old and specify a retention period of 7 years, the event
|
750
|
+
# data store will retain those events for two years.
|
751
|
+
#
|
752
|
+
# </note>
|
753
|
+
# @return [Integer]
|
754
|
+
#
|
755
|
+
# @!attribute [rw] termination_protection_enabled
|
756
|
+
# Specifies whether termination protection is enabled for the event
|
757
|
+
# data store. If termination protection is enabled, you cannot delete
|
758
|
+
# the event data store until termination protection is disabled.
|
759
|
+
# @return [Boolean]
|
760
|
+
#
|
761
|
+
# @!attribute [rw] tags_list
|
762
|
+
# A list of tags.
|
763
|
+
# @return [Array<Types::Tag>]
|
764
|
+
#
|
765
|
+
# @!attribute [rw] kms_key_id
|
766
|
+
# Specifies the KMS key ID to use to encrypt the events delivered by
|
767
|
+
# CloudTrail. The value can be an alias name prefixed by `alias/`, a
|
768
|
+
# fully specified ARN to an alias, a fully specified ARN to a key, or
|
769
|
+
# a globally unique identifier.
|
770
|
+
#
|
771
|
+
# Disabling or deleting the KMS key, or removing CloudTrail
|
772
|
+
# permissions on the key, prevents CloudTrail from logging events to
|
773
|
+
# the event data store, and prevents users from querying the data in
|
774
|
+
# the event data store that was encrypted with the key. After you
|
775
|
+
# associate an event data store with a KMS key, the KMS key cannot be
|
776
|
+
# removed or changed. Before you disable or delete a KMS key that you
|
777
|
+
# are using with an event data store, delete or back up your event
|
778
|
+
# data store.
|
779
|
+
#
|
780
|
+
# CloudTrail also supports KMS multi-Region keys. For more information
|
781
|
+
# about multi-Region keys, see [Using multi-Region keys][1] in the
|
782
|
+
# *Key Management Service Developer Guide*.
|
783
|
+
#
|
784
|
+
# Examples:
|
785
|
+
#
|
786
|
+
# * `alias/MyAliasName`
|
787
|
+
#
|
788
|
+
# * `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`
|
789
|
+
#
|
790
|
+
# * `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
|
791
|
+
#
|
792
|
+
# * `12345678-1234-1234-1234-123456789012`
|
793
|
+
#
|
794
|
+
#
|
795
|
+
#
|
796
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
|
797
|
+
# @return [String]
|
798
|
+
#
|
799
|
+
# @!attribute [rw] start_ingestion
|
800
|
+
# Specifies whether the event data store should start ingesting live
|
801
|
+
# events. The default is true.
|
802
|
+
# @return [Boolean]
|
803
|
+
#
|
804
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateEventDataStoreRequest AWS API Documentation
|
805
|
+
#
|
806
|
+
class CreateEventDataStoreRequest < Struct.new(
|
807
|
+
:name,
|
808
|
+
:advanced_event_selectors,
|
809
|
+
:multi_region_enabled,
|
810
|
+
:organization_enabled,
|
811
|
+
:retention_period,
|
812
|
+
:termination_protection_enabled,
|
813
|
+
:tags_list,
|
814
|
+
:kms_key_id,
|
815
|
+
:start_ingestion)
|
816
|
+
SENSITIVE = []
|
817
|
+
include Aws::Structure
|
818
|
+
end
|
819
|
+
|
820
|
+
# @!attribute [rw] event_data_store_arn
|
821
|
+
# The ARN of the event data store.
|
822
|
+
# @return [String]
|
823
|
+
#
|
824
|
+
# @!attribute [rw] name
|
825
|
+
# The name of the event data store.
|
826
|
+
# @return [String]
|
827
|
+
#
|
828
|
+
# @!attribute [rw] status
|
829
|
+
# The status of event data store creation.
|
830
|
+
# @return [String]
|
831
|
+
#
|
832
|
+
# @!attribute [rw] advanced_event_selectors
|
833
|
+
# The advanced event selectors that were used to select the events for
|
834
|
+
# the data store.
|
835
|
+
# @return [Array<Types::AdvancedEventSelector>]
|
836
|
+
#
|
837
|
+
# @!attribute [rw] multi_region_enabled
|
838
|
+
# Indicates whether the event data store collects events from all
|
839
|
+
# Regions, or only from the Region in which it was created.
|
840
|
+
# @return [Boolean]
|
841
|
+
#
|
842
|
+
# @!attribute [rw] organization_enabled
|
843
|
+
# Indicates whether an event data store is collecting logged events
|
844
|
+
# for an organization in Organizations.
|
845
|
+
# @return [Boolean]
|
846
|
+
#
|
847
|
+
# @!attribute [rw] retention_period
|
848
|
+
# The retention period of an event data store, in days.
|
849
|
+
# @return [Integer]
|
850
|
+
#
|
851
|
+
# @!attribute [rw] termination_protection_enabled
|
852
|
+
# Indicates whether termination protection is enabled for the event
|
853
|
+
# data store.
|
854
|
+
# @return [Boolean]
|
855
|
+
#
|
856
|
+
# @!attribute [rw] tags_list
|
857
|
+
# A list of tags.
|
858
|
+
# @return [Array<Types::Tag>]
|
859
|
+
#
|
860
|
+
# @!attribute [rw] created_timestamp
|
861
|
+
# The timestamp that shows when the event data store was created.
|
862
|
+
# @return [Time]
|
863
|
+
#
|
864
|
+
# @!attribute [rw] updated_timestamp
|
865
|
+
# The timestamp that shows when an event data store was updated, if
|
866
|
+
# applicable. `UpdatedTimestamp` is always either the same or newer
|
867
|
+
# than the time shown in `CreatedTimestamp`.
|
868
|
+
# @return [Time]
|
869
|
+
#
|
870
|
+
# @!attribute [rw] kms_key_id
|
871
|
+
# Specifies the KMS key ID that encrypts the events delivered by
|
872
|
+
# CloudTrail. The value is a fully specified ARN to a KMS key in the
|
873
|
+
# following format.
|
874
|
+
#
|
875
|
+
# `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
|
876
|
+
# @return [String]
|
877
|
+
#
|
878
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateEventDataStoreResponse AWS API Documentation
|
879
|
+
#
|
880
|
+
class CreateEventDataStoreResponse < Struct.new(
|
881
|
+
:event_data_store_arn,
|
882
|
+
:name,
|
883
|
+
:status,
|
884
|
+
:advanced_event_selectors,
|
885
|
+
:multi_region_enabled,
|
886
|
+
:organization_enabled,
|
887
|
+
:retention_period,
|
888
|
+
:termination_protection_enabled,
|
889
|
+
:tags_list,
|
890
|
+
:created_timestamp,
|
891
|
+
:updated_timestamp,
|
892
|
+
:kms_key_id)
|
893
|
+
SENSITIVE = []
|
894
|
+
include Aws::Structure
|
895
|
+
end
|
896
|
+
|
897
|
+
# Specifies the settings for each trail.
|
898
|
+
#
|
899
|
+
# @!attribute [rw] name
|
900
|
+
# Specifies the name of the trail. The name must meet the following
|
901
|
+
# requirements:
|
902
|
+
#
|
903
|
+
# * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.),
|
904
|
+
# underscores (\_), or dashes (-)
|
905
|
+
#
|
906
|
+
# * Start with a letter or number, and end with a letter or number
|
907
|
+
#
|
908
|
+
# * Be between 3 and 128 characters
|
909
|
+
#
|
910
|
+
# * Have no adjacent periods, underscores or dashes. Names like
|
911
|
+
# `my-_namespace` and `my--namespace` are not valid.
|
912
|
+
#
|
913
|
+
# * Not be in IP address format (for example, 192.168.5.4)
|
914
|
+
# @return [String]
|
915
|
+
#
|
916
|
+
# @!attribute [rw] s3_bucket_name
|
917
|
+
# Specifies the name of the Amazon S3 bucket designated for publishing
|
918
|
+
# log files. See [Amazon S3 Bucket Naming Requirements][1].
|
919
|
+
#
|
920
|
+
#
|
921
|
+
#
|
922
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html
|
923
|
+
# @return [String]
|
924
|
+
#
|
925
|
+
# @!attribute [rw] s3_key_prefix
|
926
|
+
# Specifies the Amazon S3 key prefix that comes after the name of the
|
927
|
+
# bucket you have designated for log file delivery. For more
|
928
|
+
# information, see [Finding Your CloudTrail Log Files][1]. The maximum
|
929
|
+
# length is 200 characters.
|
930
|
+
#
|
931
|
+
#
|
932
|
+
#
|
933
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html
|
934
|
+
# @return [String]
|
935
|
+
#
|
936
|
+
# @!attribute [rw] sns_topic_name
|
937
|
+
# Specifies the name of the Amazon SNS topic defined for notification
|
938
|
+
# of log file delivery. The maximum length is 256 characters.
|
939
|
+
# @return [String]
|
940
|
+
#
|
941
|
+
# @!attribute [rw] include_global_service_events
|
942
|
+
# Specifies whether the trail is publishing events from global
|
943
|
+
# services such as IAM to the log files.
|
944
|
+
# @return [Boolean]
|
945
|
+
#
|
946
|
+
# @!attribute [rw] is_multi_region_trail
|
947
|
+
# Specifies whether the trail is created in the current Region or in
|
948
|
+
# all Regions. The default is false, which creates a trail only in the
|
949
|
+
# Region where you are signed in. As a best practice, consider
|
950
|
+
# creating trails that log events in all Regions.
|
951
|
+
# @return [Boolean]
|
435
952
|
#
|
436
953
|
# @!attribute [rw] enable_log_file_validation
|
437
954
|
# Specifies whether log file integrity validation is enabled. The
|
@@ -453,18 +970,21 @@ module Aws::CloudTrail
|
|
453
970
|
# @!attribute [rw] cloud_watch_logs_log_group_arn
|
454
971
|
# Specifies a log group name using an Amazon Resource Name (ARN), a
|
455
972
|
# unique identifier that represents the log group to which CloudTrail
|
456
|
-
# logs will be delivered.
|
457
|
-
#
|
973
|
+
# logs will be delivered. You must use a log group that exists in your
|
974
|
+
# account.
|
975
|
+
#
|
976
|
+
# Not required unless you specify `CloudWatchLogsRoleArn`.
|
458
977
|
# @return [String]
|
459
978
|
#
|
460
979
|
# @!attribute [rw] cloud_watch_logs_role_arn
|
461
980
|
# Specifies the role for the CloudWatch Logs endpoint to assume to
|
462
|
-
# write to a user's log group.
|
981
|
+
# write to a user's log group. You must use a role that exists in
|
982
|
+
# your account.
|
463
983
|
# @return [String]
|
464
984
|
#
|
465
985
|
# @!attribute [rw] kms_key_id
|
466
986
|
# Specifies the KMS key ID to use to encrypt the logs delivered by
|
467
|
-
# CloudTrail. The value can be an alias name prefixed by
|
987
|
+
# CloudTrail. The value can be an alias name prefixed by `alias/`, a
|
468
988
|
# fully specified ARN to an alias, a fully specified ARN to a key, or
|
469
989
|
# a globally unique identifier.
|
470
990
|
#
|
@@ -474,13 +994,13 @@ module Aws::CloudTrail
|
|
474
994
|
#
|
475
995
|
# Examples:
|
476
996
|
#
|
477
|
-
# * alias/MyAliasName
|
997
|
+
# * `alias/MyAliasName`
|
478
998
|
#
|
479
|
-
# * arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
|
999
|
+
# * `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`
|
480
1000
|
#
|
481
|
-
# * arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
|
1001
|
+
# * `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
|
482
1002
|
#
|
483
|
-
# * 12345678-1234-1234-1234-123456789012
|
1003
|
+
# * `12345678-1234-1234-1234-123456789012`
|
484
1004
|
#
|
485
1005
|
#
|
486
1006
|
#
|
@@ -492,7 +1012,8 @@ module Aws::CloudTrail
|
|
492
1012
|
# organization in Organizations, or only for the current Amazon Web
|
493
1013
|
# Services account. The default is false, and cannot be true unless
|
494
1014
|
# the call is made on behalf of an Amazon Web Services account that is
|
495
|
-
# the management account
|
1015
|
+
# the management account or delegated administrator account for an
|
1016
|
+
# organization in Organizations.
|
496
1017
|
# @return [Boolean]
|
497
1018
|
#
|
498
1019
|
# @!attribute [rw] tags_list
|
@@ -541,7 +1062,7 @@ module Aws::CloudTrail
|
|
541
1062
|
# @return [String]
|
542
1063
|
#
|
543
1064
|
# @!attribute [rw] sns_topic_name
|
544
|
-
# This field is no longer in use. Use SnsTopicARN
|
1065
|
+
# This field is no longer in use. Use `SnsTopicARN`.
|
545
1066
|
# @return [String]
|
546
1067
|
#
|
547
1068
|
# @!attribute [rw] sns_topic_arn
|
@@ -558,7 +1079,7 @@ module Aws::CloudTrail
|
|
558
1079
|
# @return [Boolean]
|
559
1080
|
#
|
560
1081
|
# @!attribute [rw] is_multi_region_trail
|
561
|
-
# Specifies whether the trail exists in one
|
1082
|
+
# Specifies whether the trail exists in one Region or in all Regions.
|
562
1083
|
# @return [Boolean]
|
563
1084
|
#
|
564
1085
|
# @!attribute [rw] trail_arn
|
@@ -583,7 +1104,7 @@ module Aws::CloudTrail
|
|
583
1104
|
# @return [String]
|
584
1105
|
#
|
585
1106
|
# @!attribute [rw] kms_key_id
|
586
|
-
# Specifies the KMS key ID that encrypts the
|
1107
|
+
# Specifies the KMS key ID that encrypts the events delivered by
|
587
1108
|
# CloudTrail. The value is a fully specified ARN to a KMS key in the
|
588
1109
|
# following format.
|
589
1110
|
#
|
@@ -623,7 +1144,7 @@ module Aws::CloudTrail
|
|
623
1144
|
#
|
624
1145
|
# <note markdown="1"> The total number of allowed data resources is 250. This number can be
|
625
1146
|
# distributed between 1 and 5 event selectors, but the total cannot
|
626
|
-
# exceed 250 across all selectors.
|
1147
|
+
# exceed 250 across all selectors for the trail.
|
627
1148
|
#
|
628
1149
|
# If you are using advanced event selectors, the maximum total number of
|
629
1150
|
# values for all conditions, across all advanced event selectors for the
|
@@ -671,41 +1192,65 @@ module Aws::CloudTrail
|
|
671
1192
|
# *MyOtherLambdaFunction* does not match the function specified for
|
672
1193
|
# the trail. The trail doesn’t log the event.
|
673
1194
|
#
|
674
|
-
# @note When making an API call, you may pass DataResource
|
675
|
-
# data as a hash:
|
676
|
-
#
|
677
|
-
# {
|
678
|
-
# type: "String",
|
679
|
-
# values: ["String"],
|
680
|
-
# }
|
681
|
-
#
|
682
1195
|
# @!attribute [rw] type
|
683
1196
|
# The resource type in which you want to log data events. You can
|
684
1197
|
# specify the following *basic* event selector resource types:
|
685
1198
|
#
|
686
|
-
# * `AWS::
|
1199
|
+
# * `AWS::DynamoDB::Table`
|
687
1200
|
#
|
688
1201
|
# * `AWS::Lambda::Function`
|
689
1202
|
#
|
690
|
-
# * `AWS::
|
1203
|
+
# * `AWS::S3::Object`
|
691
1204
|
#
|
692
|
-
# The following resource types are also
|
1205
|
+
# The following resource types are also available through *advanced*
|
693
1206
|
# event selectors. Basic event selector resource types are valid in
|
694
1207
|
# advanced event selectors, but advanced event selector resource types
|
695
1208
|
# are not valid in basic event selectors. For more information, see
|
696
|
-
# AdvancedFieldSelector
|
1209
|
+
# [AdvancedFieldSelector][1].
|
697
1210
|
#
|
698
|
-
# * `AWS::
|
1211
|
+
# * `AWS::CloudTrail::Channel`
|
699
1212
|
#
|
700
|
-
# * `AWS::
|
1213
|
+
# * `AWS::CodeWhisperer::Profile`
|
701
1214
|
#
|
702
|
-
# * `AWS::
|
1215
|
+
# * `AWS::Cognito::IdentityPool`
|
1216
|
+
#
|
1217
|
+
# * `AWS::DynamoDB::Stream`
|
703
1218
|
#
|
704
1219
|
# * `AWS::EC2::Snapshot`
|
705
1220
|
#
|
1221
|
+
# * `AWS::EMRWAL::Workspace`
|
1222
|
+
#
|
1223
|
+
# * `AWS::FinSpace::Environment`
|
1224
|
+
#
|
1225
|
+
# * `AWS::Glue::Table`
|
1226
|
+
#
|
1227
|
+
# * `AWS::GuardDuty::Detector`
|
1228
|
+
#
|
1229
|
+
# * `AWS::KendraRanking::ExecutionPlan`
|
1230
|
+
#
|
1231
|
+
# * `AWS::ManagedBlockchain::Network`
|
1232
|
+
#
|
1233
|
+
# * `AWS::ManagedBlockchain::Node`
|
1234
|
+
#
|
1235
|
+
# * `AWS::MedicalImaging::Datastore`
|
1236
|
+
#
|
1237
|
+
# * `AWS::SageMaker::ExperimentTrialComponent`
|
1238
|
+
#
|
1239
|
+
# * `AWS::SageMaker::FeatureGroup`
|
1240
|
+
#
|
706
1241
|
# * `AWS::S3::AccessPoint`
|
707
1242
|
#
|
708
|
-
# * `AWS::
|
1243
|
+
# * `AWS::S3ObjectLambda::AccessPoint`
|
1244
|
+
#
|
1245
|
+
# * `AWS::S3Outposts::Object`
|
1246
|
+
#
|
1247
|
+
# * `AWS::SSMMessages::ControlChannel`
|
1248
|
+
#
|
1249
|
+
# * `AWS::VerifiedPermissions::PolicyStore`
|
1250
|
+
#
|
1251
|
+
#
|
1252
|
+
#
|
1253
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedFieldSelector.html
|
709
1254
|
# @return [String]
|
710
1255
|
#
|
711
1256
|
# @!attribute [rw] values
|
@@ -713,8 +1258,7 @@ module Aws::CloudTrail
|
|
713
1258
|
# strings for the specified objects.
|
714
1259
|
#
|
715
1260
|
# * To log data events for all objects in all S3 buckets in your
|
716
|
-
# Amazon Web Services account, specify the prefix as
|
717
|
-
# `arn:aws:s3:::`.
|
1261
|
+
# Amazon Web Services account, specify the prefix as `arn:aws:s3`.
|
718
1262
|
#
|
719
1263
|
# <note markdown="1"> This also enables logging of data event activity performed by any
|
720
1264
|
# user or role in your Amazon Web Services account, even if that
|
@@ -769,14 +1313,66 @@ module Aws::CloudTrail
|
|
769
1313
|
include Aws::Structure
|
770
1314
|
end
|
771
1315
|
|
772
|
-
#
|
1316
|
+
# This exception is thrown when the maximum number of CloudTrail
|
1317
|
+
# delegated administrators is reached.
|
1318
|
+
#
|
1319
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DelegatedAdminAccountLimitExceededException AWS API Documentation
|
1320
|
+
#
|
1321
|
+
class DelegatedAdminAccountLimitExceededException < Aws::EmptyStructure; end
|
1322
|
+
|
1323
|
+
# @!attribute [rw] channel
|
1324
|
+
# The ARN or the `UUID` value of the channel that you want to delete.
|
1325
|
+
# @return [String]
|
1326
|
+
#
|
1327
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteChannelRequest AWS API Documentation
|
1328
|
+
#
|
1329
|
+
class DeleteChannelRequest < Struct.new(
|
1330
|
+
:channel)
|
1331
|
+
SENSITIVE = []
|
1332
|
+
include Aws::Structure
|
1333
|
+
end
|
1334
|
+
|
1335
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteChannelResponse AWS API Documentation
|
1336
|
+
#
|
1337
|
+
class DeleteChannelResponse < Aws::EmptyStructure; end
|
1338
|
+
|
1339
|
+
# @!attribute [rw] event_data_store
|
1340
|
+
# The ARN (or the ID suffix of the ARN) of the event data store to
|
1341
|
+
# delete.
|
1342
|
+
# @return [String]
|
1343
|
+
#
|
1344
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteEventDataStoreRequest AWS API Documentation
|
1345
|
+
#
|
1346
|
+
class DeleteEventDataStoreRequest < Struct.new(
|
1347
|
+
:event_data_store)
|
1348
|
+
SENSITIVE = []
|
1349
|
+
include Aws::Structure
|
1350
|
+
end
|
1351
|
+
|
1352
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteEventDataStoreResponse AWS API Documentation
|
1353
|
+
#
|
1354
|
+
class DeleteEventDataStoreResponse < Aws::EmptyStructure; end
|
1355
|
+
|
1356
|
+
# @!attribute [rw] resource_arn
|
1357
|
+
# The Amazon Resource Name (ARN) of the CloudTrail channel you're
|
1358
|
+
# deleting the resource-based policy from. The following is the format
|
1359
|
+
# of a resource ARN:
|
1360
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel`.
|
1361
|
+
# @return [String]
|
773
1362
|
#
|
774
|
-
# @
|
775
|
-
#
|
1363
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteResourcePolicyRequest AWS API Documentation
|
1364
|
+
#
|
1365
|
+
class DeleteResourcePolicyRequest < Struct.new(
|
1366
|
+
:resource_arn)
|
1367
|
+
SENSITIVE = []
|
1368
|
+
include Aws::Structure
|
1369
|
+
end
|
1370
|
+
|
1371
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteResourcePolicyResponse AWS API Documentation
|
776
1372
|
#
|
777
|
-
|
778
|
-
|
779
|
-
#
|
1373
|
+
class DeleteResourcePolicyResponse < Aws::EmptyStructure; end
|
1374
|
+
|
1375
|
+
# The request that specifies the name of a trail to delete.
|
780
1376
|
#
|
781
1377
|
# @!attribute [rw] name
|
782
1378
|
# Specifies the name or the CloudTrail ARN of the trail to be deleted.
|
@@ -799,47 +1395,133 @@ module Aws::CloudTrail
|
|
799
1395
|
#
|
800
1396
|
class DeleteTrailResponse < Aws::EmptyStructure; end
|
801
1397
|
|
802
|
-
#
|
1398
|
+
# Removes CloudTrail delegated administrator permissions from a
|
1399
|
+
# specified member account in an organization that is currently
|
1400
|
+
# designated as a delegated administrator.
|
1401
|
+
#
|
1402
|
+
# @!attribute [rw] delegated_admin_account_id
|
1403
|
+
# A delegated administrator account ID. This is a member account in an
|
1404
|
+
# organization that is currently designated as a delegated
|
1405
|
+
# administrator.
|
1406
|
+
# @return [String]
|
803
1407
|
#
|
804
|
-
# @
|
805
|
-
# data as a hash:
|
1408
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeregisterOrganizationDelegatedAdminRequest AWS API Documentation
|
806
1409
|
#
|
807
|
-
|
808
|
-
|
809
|
-
|
810
|
-
|
1410
|
+
class DeregisterOrganizationDelegatedAdminRequest < Struct.new(
|
1411
|
+
:delegated_admin_account_id)
|
1412
|
+
SENSITIVE = []
|
1413
|
+
include Aws::Structure
|
1414
|
+
end
|
1415
|
+
|
1416
|
+
# Returns the following response if successful. Otherwise, returns an
|
1417
|
+
# error.
|
811
1418
|
#
|
812
|
-
#
|
813
|
-
# Specifies a list of trail names, trail ARNs, or both, of the trails
|
814
|
-
# to describe. The format of a trail ARN is:
|
1419
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeregisterOrganizationDelegatedAdminResponse AWS API Documentation
|
815
1420
|
#
|
816
|
-
|
1421
|
+
class DeregisterOrganizationDelegatedAdminResponse < Aws::EmptyStructure; end
|
1422
|
+
|
1423
|
+
# @!attribute [rw] event_data_store
|
1424
|
+
# The ARN (or the ID suffix of the ARN) of an event data store on
|
1425
|
+
# which the specified query was run.
|
1426
|
+
# @return [String]
|
817
1427
|
#
|
818
|
-
#
|
819
|
-
#
|
1428
|
+
# @!attribute [rw] query_id
|
1429
|
+
# The query ID.
|
1430
|
+
# @return [String]
|
820
1431
|
#
|
821
|
-
#
|
822
|
-
#
|
1432
|
+
# @!attribute [rw] query_alias
|
1433
|
+
# The alias that identifies a query template.
|
1434
|
+
# @return [String]
|
823
1435
|
#
|
824
|
-
#
|
825
|
-
# true, then information for all trails in the current region and
|
826
|
-
# any associated shadow trails in other regions is returned.
|
1436
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeQueryRequest AWS API Documentation
|
827
1437
|
#
|
828
|
-
|
829
|
-
|
830
|
-
|
831
|
-
|
1438
|
+
class DescribeQueryRequest < Struct.new(
|
1439
|
+
:event_data_store,
|
1440
|
+
:query_id,
|
1441
|
+
:query_alias)
|
1442
|
+
SENSITIVE = []
|
1443
|
+
include Aws::Structure
|
1444
|
+
end
|
1445
|
+
|
1446
|
+
# @!attribute [rw] query_id
|
1447
|
+
# The ID of the query.
|
1448
|
+
# @return [String]
|
832
1449
|
#
|
833
|
-
#
|
834
|
-
#
|
1450
|
+
# @!attribute [rw] query_string
|
1451
|
+
# The SQL code of a query.
|
1452
|
+
# @return [String]
|
835
1453
|
#
|
836
|
-
# @!attribute [rw]
|
837
|
-
#
|
838
|
-
#
|
839
|
-
#
|
840
|
-
#
|
1454
|
+
# @!attribute [rw] query_status
|
1455
|
+
# The status of a query. Values for `QueryStatus` include `QUEUED`,
|
1456
|
+
# `RUNNING`, `FINISHED`, `FAILED`, `TIMED_OUT`, or `CANCELLED`
|
1457
|
+
# @return [String]
|
1458
|
+
#
|
1459
|
+
# @!attribute [rw] query_statistics
|
1460
|
+
# Metadata about a query, including the number of events that were
|
1461
|
+
# matched, the total number of events scanned, the query run time in
|
1462
|
+
# milliseconds, and the query's creation time.
|
1463
|
+
# @return [Types::QueryStatisticsForDescribeQuery]
|
1464
|
+
#
|
1465
|
+
# @!attribute [rw] error_message
|
1466
|
+
# The error message returned if a query failed.
|
1467
|
+
# @return [String]
|
1468
|
+
#
|
1469
|
+
# @!attribute [rw] delivery_s3_uri
|
1470
|
+
# The URI for the S3 bucket where CloudTrail delivered query results,
|
1471
|
+
# if applicable.
|
1472
|
+
# @return [String]
|
1473
|
+
#
|
1474
|
+
# @!attribute [rw] delivery_status
|
1475
|
+
# The delivery status.
|
1476
|
+
# @return [String]
|
1477
|
+
#
|
1478
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeQueryResponse AWS API Documentation
|
1479
|
+
#
|
1480
|
+
class DescribeQueryResponse < Struct.new(
|
1481
|
+
:query_id,
|
1482
|
+
:query_string,
|
1483
|
+
:query_status,
|
1484
|
+
:query_statistics,
|
1485
|
+
:error_message,
|
1486
|
+
:delivery_s3_uri,
|
1487
|
+
:delivery_status)
|
1488
|
+
SENSITIVE = []
|
1489
|
+
include Aws::Structure
|
1490
|
+
end
|
1491
|
+
|
1492
|
+
# Returns information about the trail.
|
1493
|
+
#
|
1494
|
+
# @!attribute [rw] trail_name_list
|
1495
|
+
# Specifies a list of trail names, trail ARNs, or both, of the trails
|
1496
|
+
# to describe. The format of a trail ARN is:
|
1497
|
+
#
|
1498
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
1499
|
+
#
|
1500
|
+
# If an empty list is specified, information for the trail in the
|
1501
|
+
# current Region is returned.
|
1502
|
+
#
|
1503
|
+
# * If an empty list is specified and `IncludeShadowTrails` is false,
|
1504
|
+
# then information for all trails in the current Region is returned.
|
1505
|
+
#
|
1506
|
+
# * If an empty list is specified and IncludeShadowTrails is null or
|
1507
|
+
# true, then information for all trails in the current Region and
|
1508
|
+
# any associated shadow trails in other Regions is returned.
|
1509
|
+
#
|
1510
|
+
# <note markdown="1"> If one or more trail names are specified, information is returned
|
1511
|
+
# only if the names match the names of trails belonging only to the
|
1512
|
+
# current Region and current account. To return information about a
|
1513
|
+
# trail in another Region, you must specify its trail ARN.
|
1514
|
+
#
|
1515
|
+
# </note>
|
1516
|
+
# @return [Array<String>]
|
1517
|
+
#
|
1518
|
+
# @!attribute [rw] include_shadow_trails
|
1519
|
+
# Specifies whether to include shadow trails in the response. A shadow
|
1520
|
+
# trail is the replication in a Region of a trail that was created in
|
1521
|
+
# a different Region, or in the case of an organization trail, the
|
1522
|
+
# replication of an organization trail in member accounts. If you do
|
841
1523
|
# not include shadow trails, organization trails in a member account
|
842
|
-
# and
|
1524
|
+
# and Region replication trails will not be returned. The default is
|
843
1525
|
# true.
|
844
1526
|
# @return [Boolean]
|
845
1527
|
#
|
@@ -872,6 +1554,31 @@ module Aws::CloudTrail
|
|
872
1554
|
include Aws::Structure
|
873
1555
|
end
|
874
1556
|
|
1557
|
+
# Contains information about the destination receiving events.
|
1558
|
+
#
|
1559
|
+
# @!attribute [rw] type
|
1560
|
+
# The type of destination for events arriving from a channel. For
|
1561
|
+
# channels used for a CloudTrail Lake integration, the value is
|
1562
|
+
# `EventDataStore`. For service-linked channels, the value is
|
1563
|
+
# `AWS_SERVICE`.
|
1564
|
+
# @return [String]
|
1565
|
+
#
|
1566
|
+
# @!attribute [rw] location
|
1567
|
+
# For channels used for a CloudTrail Lake integration, the location is
|
1568
|
+
# the ARN of an event data store that receives events from a channel.
|
1569
|
+
# For service-linked channels, the location is the name of the Amazon
|
1570
|
+
# Web Services service.
|
1571
|
+
# @return [String]
|
1572
|
+
#
|
1573
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/Destination AWS API Documentation
|
1574
|
+
#
|
1575
|
+
class Destination < Struct.new(
|
1576
|
+
:type,
|
1577
|
+
:location)
|
1578
|
+
SENSITIVE = []
|
1579
|
+
include Aws::Structure
|
1580
|
+
end
|
1581
|
+
|
875
1582
|
# Contains information about an event that was returned by a lookup
|
876
1583
|
# request. The result includes a representation of a CloudTrail event.
|
877
1584
|
#
|
@@ -931,6 +1638,118 @@ module Aws::CloudTrail
|
|
931
1638
|
include Aws::Structure
|
932
1639
|
end
|
933
1640
|
|
1641
|
+
# A storage lake of event data against which you can run complex
|
1642
|
+
# SQL-based queries. An event data store can include events that you
|
1643
|
+
# have logged on your account from the last 90 to 2557 days (about three
|
1644
|
+
# months to up to seven years). To select events for an event data
|
1645
|
+
# store, use [advanced event selectors][1].
|
1646
|
+
#
|
1647
|
+
#
|
1648
|
+
#
|
1649
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced
|
1650
|
+
#
|
1651
|
+
# @!attribute [rw] event_data_store_arn
|
1652
|
+
# The ARN of the event data store.
|
1653
|
+
# @return [String]
|
1654
|
+
#
|
1655
|
+
# @!attribute [rw] name
|
1656
|
+
# The name of the event data store.
|
1657
|
+
# @return [String]
|
1658
|
+
#
|
1659
|
+
# @!attribute [rw] termination_protection_enabled
|
1660
|
+
# Indicates whether the event data store is protected from
|
1661
|
+
# termination.
|
1662
|
+
# @return [Boolean]
|
1663
|
+
#
|
1664
|
+
# @!attribute [rw] status
|
1665
|
+
# The status of an event data store.
|
1666
|
+
# @return [String]
|
1667
|
+
#
|
1668
|
+
# @!attribute [rw] advanced_event_selectors
|
1669
|
+
# The advanced event selectors that were used to select events for the
|
1670
|
+
# data store.
|
1671
|
+
# @return [Array<Types::AdvancedEventSelector>]
|
1672
|
+
#
|
1673
|
+
# @!attribute [rw] multi_region_enabled
|
1674
|
+
# Indicates whether the event data store includes events from all
|
1675
|
+
# Regions, or only from the Region in which it was created.
|
1676
|
+
# @return [Boolean]
|
1677
|
+
#
|
1678
|
+
# @!attribute [rw] organization_enabled
|
1679
|
+
# Indicates that an event data store is collecting logged events for
|
1680
|
+
# an organization.
|
1681
|
+
# @return [Boolean]
|
1682
|
+
#
|
1683
|
+
# @!attribute [rw] retention_period
|
1684
|
+
# The retention period, in days.
|
1685
|
+
# @return [Integer]
|
1686
|
+
#
|
1687
|
+
# @!attribute [rw] created_timestamp
|
1688
|
+
# The timestamp of the event data store's creation.
|
1689
|
+
# @return [Time]
|
1690
|
+
#
|
1691
|
+
# @!attribute [rw] updated_timestamp
|
1692
|
+
# The timestamp showing when an event data store was updated, if
|
1693
|
+
# applicable. `UpdatedTimestamp` is always either the same or newer
|
1694
|
+
# than the time shown in `CreatedTimestamp`.
|
1695
|
+
# @return [Time]
|
1696
|
+
#
|
1697
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/EventDataStore AWS API Documentation
|
1698
|
+
#
|
1699
|
+
class EventDataStore < Struct.new(
|
1700
|
+
:event_data_store_arn,
|
1701
|
+
:name,
|
1702
|
+
:termination_protection_enabled,
|
1703
|
+
:status,
|
1704
|
+
:advanced_event_selectors,
|
1705
|
+
:multi_region_enabled,
|
1706
|
+
:organization_enabled,
|
1707
|
+
:retention_period,
|
1708
|
+
:created_timestamp,
|
1709
|
+
:updated_timestamp)
|
1710
|
+
SENSITIVE = []
|
1711
|
+
include Aws::Structure
|
1712
|
+
end
|
1713
|
+
|
1714
|
+
# The specified event data store ARN is not valid or does not map to an
|
1715
|
+
# event data store in your account.
|
1716
|
+
#
|
1717
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/EventDataStoreARNInvalidException AWS API Documentation
|
1718
|
+
#
|
1719
|
+
class EventDataStoreARNInvalidException < Aws::EmptyStructure; end
|
1720
|
+
|
1721
|
+
# An event data store with that name already exists.
|
1722
|
+
#
|
1723
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/EventDataStoreAlreadyExistsException AWS API Documentation
|
1724
|
+
#
|
1725
|
+
class EventDataStoreAlreadyExistsException < Aws::EmptyStructure; end
|
1726
|
+
|
1727
|
+
# This exception is thrown when you try to update or delete an event
|
1728
|
+
# data store that currently has an import in progress.
|
1729
|
+
#
|
1730
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/EventDataStoreHasOngoingImportException AWS API Documentation
|
1731
|
+
#
|
1732
|
+
class EventDataStoreHasOngoingImportException < Aws::EmptyStructure; end
|
1733
|
+
|
1734
|
+
# Your account has used the maximum number of event data stores.
|
1735
|
+
#
|
1736
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/EventDataStoreMaxLimitExceededException AWS API Documentation
|
1737
|
+
#
|
1738
|
+
class EventDataStoreMaxLimitExceededException < Aws::EmptyStructure; end
|
1739
|
+
|
1740
|
+
# The specified event data store was not found.
|
1741
|
+
#
|
1742
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/EventDataStoreNotFoundException AWS API Documentation
|
1743
|
+
#
|
1744
|
+
class EventDataStoreNotFoundException < Aws::EmptyStructure; end
|
1745
|
+
|
1746
|
+
# The event data store cannot be deleted because termination protection
|
1747
|
+
# is enabled for it.
|
1748
|
+
#
|
1749
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/EventDataStoreTerminationProtectedException AWS API Documentation
|
1750
|
+
#
|
1751
|
+
class EventDataStoreTerminationProtectedException < Aws::EmptyStructure; end
|
1752
|
+
|
934
1753
|
# Use event selectors to further specify the management and data event
|
935
1754
|
# settings for your trail. By default, trails created without specific
|
936
1755
|
# event selectors will be configured to log all read and write
|
@@ -945,21 +1764,6 @@ module Aws::CloudTrail
|
|
945
1764
|
# You cannot apply both event selectors and advanced event selectors to
|
946
1765
|
# a trail.
|
947
1766
|
#
|
948
|
-
# @note When making an API call, you may pass EventSelector
|
949
|
-
# data as a hash:
|
950
|
-
#
|
951
|
-
# {
|
952
|
-
# read_write_type: "ReadOnly", # accepts ReadOnly, WriteOnly, All
|
953
|
-
# include_management_events: false,
|
954
|
-
# data_resources: [
|
955
|
-
# {
|
956
|
-
# type: "String",
|
957
|
-
# values: ["String"],
|
958
|
-
# },
|
959
|
-
# ],
|
960
|
-
# exclude_management_event_sources: ["String"],
|
961
|
-
# }
|
962
|
-
#
|
963
1767
|
# @!attribute [rw] read_write_type
|
964
1768
|
# Specify if you want your trail to log read-only events, write-only
|
965
1769
|
# events, or all. For example, the EC2 `GetConsoleOutput` is a
|
@@ -980,12 +1784,12 @@ module Aws::CloudTrail
|
|
980
1784
|
#
|
981
1785
|
# The first copy of management events is free. You are charged for
|
982
1786
|
# additional copies of management events that you are logging on any
|
983
|
-
# subsequent trail in the same
|
1787
|
+
# subsequent trail in the same Region. For more information about
|
984
1788
|
# CloudTrail pricing, see [CloudTrail Pricing][2].
|
985
1789
|
#
|
986
1790
|
#
|
987
1791
|
#
|
988
|
-
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-
|
1792
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html
|
989
1793
|
# [2]: http://aws.amazon.com/cloudtrail/pricing/
|
990
1794
|
# @return [Boolean]
|
991
1795
|
#
|
@@ -1002,7 +1806,7 @@ module Aws::CloudTrail
|
|
1002
1806
|
#
|
1003
1807
|
#
|
1004
1808
|
#
|
1005
|
-
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-
|
1809
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html
|
1006
1810
|
# [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html
|
1007
1811
|
# @return [Array<Types::DataResource>]
|
1008
1812
|
#
|
@@ -1013,7 +1817,8 @@ module Aws::CloudTrail
|
|
1013
1817
|
# Management Service or Amazon RDS Data API events by containing
|
1014
1818
|
# `kms.amazonaws.com` or `rdsdata.amazonaws.com`. By default,
|
1015
1819
|
# `ExcludeManagementEventSources` is empty, and KMS and Amazon RDS
|
1016
|
-
# Data API events are logged to your trail.
|
1820
|
+
# Data API events are logged to your trail. You can exclude management
|
1821
|
+
# event sources only in Regions that support the event source.
|
1017
1822
|
# @return [Array<String>]
|
1018
1823
|
#
|
1019
1824
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/EventSelector AWS API Documentation
|
@@ -1027,13 +1832,150 @@ module Aws::CloudTrail
|
|
1027
1832
|
include Aws::Structure
|
1028
1833
|
end
|
1029
1834
|
|
1030
|
-
#
|
1031
|
-
#
|
1835
|
+
# @!attribute [rw] channel
|
1836
|
+
# The ARN or `UUID` of a channel.
|
1837
|
+
# @return [String]
|
1838
|
+
#
|
1839
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetChannelRequest AWS API Documentation
|
1840
|
+
#
|
1841
|
+
class GetChannelRequest < Struct.new(
|
1842
|
+
:channel)
|
1843
|
+
SENSITIVE = []
|
1844
|
+
include Aws::Structure
|
1845
|
+
end
|
1846
|
+
|
1847
|
+
# @!attribute [rw] channel_arn
|
1848
|
+
# The ARN of an channel returned by a `GetChannel` request.
|
1849
|
+
# @return [String]
|
1850
|
+
#
|
1851
|
+
# @!attribute [rw] name
|
1852
|
+
# The name of the CloudTrail channel. For service-linked channels, the
|
1853
|
+
# name is `aws-service-channel/service-name/custom-suffix` where
|
1854
|
+
# `service-name` represents the name of the Amazon Web Services
|
1855
|
+
# service that created the channel and `custom-suffix` represents the
|
1856
|
+
# suffix generated by the Amazon Web Services service.
|
1857
|
+
# @return [String]
|
1858
|
+
#
|
1859
|
+
# @!attribute [rw] source
|
1860
|
+
# The source for the CloudTrail channel.
|
1861
|
+
# @return [String]
|
1862
|
+
#
|
1863
|
+
# @!attribute [rw] source_config
|
1864
|
+
# Provides information about the advanced event selectors configured
|
1865
|
+
# for the channel, and whether the channel applies to all Regions or a
|
1866
|
+
# single Region.
|
1867
|
+
# @return [Types::SourceConfig]
|
1868
|
+
#
|
1869
|
+
# @!attribute [rw] destinations
|
1870
|
+
# The destinations for the channel. For channels created for
|
1871
|
+
# integrations, the destinations are the event data stores that log
|
1872
|
+
# events arriving through the channel. For service-linked channels,
|
1873
|
+
# the destination is the Amazon Web Services service that created the
|
1874
|
+
# service-linked channel to receive events.
|
1875
|
+
# @return [Array<Types::Destination>]
|
1876
|
+
#
|
1877
|
+
# @!attribute [rw] ingestion_status
|
1878
|
+
# A table showing information about the most recent successful and
|
1879
|
+
# failed attempts to ingest events.
|
1880
|
+
# @return [Types::IngestionStatus]
|
1881
|
+
#
|
1882
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetChannelResponse AWS API Documentation
|
1883
|
+
#
|
1884
|
+
class GetChannelResponse < Struct.new(
|
1885
|
+
:channel_arn,
|
1886
|
+
:name,
|
1887
|
+
:source,
|
1888
|
+
:source_config,
|
1889
|
+
:destinations,
|
1890
|
+
:ingestion_status)
|
1891
|
+
SENSITIVE = []
|
1892
|
+
include Aws::Structure
|
1893
|
+
end
|
1894
|
+
|
1895
|
+
# @!attribute [rw] event_data_store
|
1896
|
+
# The ARN (or ID suffix of the ARN) of the event data store about
|
1897
|
+
# which you want information.
|
1898
|
+
# @return [String]
|
1899
|
+
#
|
1900
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventDataStoreRequest AWS API Documentation
|
1901
|
+
#
|
1902
|
+
class GetEventDataStoreRequest < Struct.new(
|
1903
|
+
:event_data_store)
|
1904
|
+
SENSITIVE = []
|
1905
|
+
include Aws::Structure
|
1906
|
+
end
|
1907
|
+
|
1908
|
+
# @!attribute [rw] event_data_store_arn
|
1909
|
+
# The event data store Amazon Resource Number (ARN).
|
1910
|
+
# @return [String]
|
1032
1911
|
#
|
1033
|
-
#
|
1034
|
-
#
|
1035
|
-
#
|
1912
|
+
# @!attribute [rw] name
|
1913
|
+
# The name of the event data store.
|
1914
|
+
# @return [String]
|
1915
|
+
#
|
1916
|
+
# @!attribute [rw] status
|
1917
|
+
# The status of an event data store.
|
1918
|
+
# @return [String]
|
1919
|
+
#
|
1920
|
+
# @!attribute [rw] advanced_event_selectors
|
1921
|
+
# The advanced event selectors used to select events for the data
|
1922
|
+
# store.
|
1923
|
+
# @return [Array<Types::AdvancedEventSelector>]
|
1924
|
+
#
|
1925
|
+
# @!attribute [rw] multi_region_enabled
|
1926
|
+
# Indicates whether the event data store includes events from all
|
1927
|
+
# Regions, or only from the Region in which it was created.
|
1928
|
+
# @return [Boolean]
|
1929
|
+
#
|
1930
|
+
# @!attribute [rw] organization_enabled
|
1931
|
+
# Indicates whether an event data store is collecting logged events
|
1932
|
+
# for an organization in Organizations.
|
1933
|
+
# @return [Boolean]
|
1934
|
+
#
|
1935
|
+
# @!attribute [rw] retention_period
|
1936
|
+
# The retention period of the event data store, in days.
|
1937
|
+
# @return [Integer]
|
1938
|
+
#
|
1939
|
+
# @!attribute [rw] termination_protection_enabled
|
1940
|
+
# Indicates that termination protection is enabled.
|
1941
|
+
# @return [Boolean]
|
1942
|
+
#
|
1943
|
+
# @!attribute [rw] created_timestamp
|
1944
|
+
# The timestamp of the event data store's creation.
|
1945
|
+
# @return [Time]
|
1946
|
+
#
|
1947
|
+
# @!attribute [rw] updated_timestamp
|
1948
|
+
# Shows the time that an event data store was updated, if applicable.
|
1949
|
+
# `UpdatedTimestamp` is always either the same or newer than the time
|
1950
|
+
# shown in `CreatedTimestamp`.
|
1951
|
+
# @return [Time]
|
1952
|
+
#
|
1953
|
+
# @!attribute [rw] kms_key_id
|
1954
|
+
# Specifies the KMS key ID that encrypts the events delivered by
|
1955
|
+
# CloudTrail. The value is a fully specified ARN to a KMS key in the
|
1956
|
+
# following format.
|
1957
|
+
#
|
1958
|
+
# `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
|
1959
|
+
# @return [String]
|
1036
1960
|
#
|
1961
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventDataStoreResponse AWS API Documentation
|
1962
|
+
#
|
1963
|
+
class GetEventDataStoreResponse < Struct.new(
|
1964
|
+
:event_data_store_arn,
|
1965
|
+
:name,
|
1966
|
+
:status,
|
1967
|
+
:advanced_event_selectors,
|
1968
|
+
:multi_region_enabled,
|
1969
|
+
:organization_enabled,
|
1970
|
+
:retention_period,
|
1971
|
+
:termination_protection_enabled,
|
1972
|
+
:created_timestamp,
|
1973
|
+
:updated_timestamp,
|
1974
|
+
:kms_key_id)
|
1975
|
+
SENSITIVE = []
|
1976
|
+
include Aws::Structure
|
1977
|
+
end
|
1978
|
+
|
1037
1979
|
# @!attribute [rw] trail_name
|
1038
1980
|
# Specifies the name of the trail or trail ARN. If you specify a trail
|
1039
1981
|
# name, the string must meet the following requirements:
|
@@ -1085,13 +2027,78 @@ module Aws::CloudTrail
|
|
1085
2027
|
include Aws::Structure
|
1086
2028
|
end
|
1087
2029
|
|
1088
|
-
#
|
1089
|
-
#
|
2030
|
+
# @!attribute [rw] import_id
|
2031
|
+
# The ID for the import.
|
2032
|
+
# @return [String]
|
2033
|
+
#
|
2034
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetImportRequest AWS API Documentation
|
2035
|
+
#
|
2036
|
+
class GetImportRequest < Struct.new(
|
2037
|
+
:import_id)
|
2038
|
+
SENSITIVE = []
|
2039
|
+
include Aws::Structure
|
2040
|
+
end
|
2041
|
+
|
2042
|
+
# @!attribute [rw] import_id
|
2043
|
+
# The ID of the import.
|
2044
|
+
# @return [String]
|
2045
|
+
#
|
2046
|
+
# @!attribute [rw] destinations
|
2047
|
+
# The ARN of the destination event data store.
|
2048
|
+
# @return [Array<String>]
|
2049
|
+
#
|
2050
|
+
# @!attribute [rw] import_source
|
2051
|
+
# The source S3 bucket.
|
2052
|
+
# @return [Types::ImportSource]
|
2053
|
+
#
|
2054
|
+
# @!attribute [rw] start_event_time
|
2055
|
+
# Used with `EndEventTime` to bound a `StartImport` request, and limit
|
2056
|
+
# imported trail events to only those events logged within a specified
|
2057
|
+
# time period.
|
2058
|
+
# @return [Time]
|
2059
|
+
#
|
2060
|
+
# @!attribute [rw] end_event_time
|
2061
|
+
# Used with `StartEventTime` to bound a `StartImport` request, and
|
2062
|
+
# limit imported trail events to only those events logged within a
|
2063
|
+
# specified time period.
|
2064
|
+
# @return [Time]
|
2065
|
+
#
|
2066
|
+
# @!attribute [rw] import_status
|
2067
|
+
# The status of the import.
|
2068
|
+
# @return [String]
|
2069
|
+
#
|
2070
|
+
# @!attribute [rw] created_timestamp
|
2071
|
+
# The timestamp of the import's creation.
|
2072
|
+
# @return [Time]
|
1090
2073
|
#
|
1091
|
-
#
|
1092
|
-
#
|
1093
|
-
#
|
2074
|
+
# @!attribute [rw] updated_timestamp
|
2075
|
+
# The timestamp of when the import was updated.
|
2076
|
+
# @return [Time]
|
1094
2077
|
#
|
2078
|
+
# @!attribute [rw] import_statistics
|
2079
|
+
# Provides statistics for the import. CloudTrail does not update
|
2080
|
+
# import statistics in real-time. Returned values for parameters such
|
2081
|
+
# as `EventsCompleted` may be lower than the actual value, because
|
2082
|
+
# CloudTrail updates statistics incrementally over the course of the
|
2083
|
+
# import.
|
2084
|
+
# @return [Types::ImportStatistics]
|
2085
|
+
#
|
2086
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetImportResponse AWS API Documentation
|
2087
|
+
#
|
2088
|
+
class GetImportResponse < Struct.new(
|
2089
|
+
:import_id,
|
2090
|
+
:destinations,
|
2091
|
+
:import_source,
|
2092
|
+
:start_event_time,
|
2093
|
+
:end_event_time,
|
2094
|
+
:import_status,
|
2095
|
+
:created_timestamp,
|
2096
|
+
:updated_timestamp,
|
2097
|
+
:import_statistics)
|
2098
|
+
SENSITIVE = []
|
2099
|
+
include Aws::Structure
|
2100
|
+
end
|
2101
|
+
|
1095
2102
|
# @!attribute [rw] trail_name
|
1096
2103
|
# Specifies the name of the trail or trail ARN. If you specify a trail
|
1097
2104
|
# name, the string must meet the following requirements:
|
@@ -1128,8 +2135,8 @@ module Aws::CloudTrail
|
|
1128
2135
|
#
|
1129
2136
|
# @!attribute [rw] insight_selectors
|
1130
2137
|
# A JSON string that contains the insight types you want to log on a
|
1131
|
-
# trail. In this release,
|
1132
|
-
# insight
|
2138
|
+
# trail. In this release, `ApiErrorRateInsight` and
|
2139
|
+
# `ApiCallRateInsight` are supported as insight types.
|
1133
2140
|
# @return [Array<Types::InsightSelector>]
|
1134
2141
|
#
|
1135
2142
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetInsightSelectorsResponse AWS API Documentation
|
@@ -1141,13 +2148,100 @@ module Aws::CloudTrail
|
|
1141
2148
|
include Aws::Structure
|
1142
2149
|
end
|
1143
2150
|
|
1144
|
-
#
|
1145
|
-
# data
|
2151
|
+
# @!attribute [rw] event_data_store
|
2152
|
+
# The ARN (or ID suffix of the ARN) of the event data store against
|
2153
|
+
# which the query was run.
|
2154
|
+
# @return [String]
|
2155
|
+
#
|
2156
|
+
# @!attribute [rw] query_id
|
2157
|
+
# The ID of the query for which you want to get results.
|
2158
|
+
# @return [String]
|
2159
|
+
#
|
2160
|
+
# @!attribute [rw] next_token
|
2161
|
+
# A token you can use to get the next page of query results.
|
2162
|
+
# @return [String]
|
2163
|
+
#
|
2164
|
+
# @!attribute [rw] max_query_results
|
2165
|
+
# The maximum number of query results to display on a single page.
|
2166
|
+
# @return [Integer]
|
2167
|
+
#
|
2168
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetQueryResultsRequest AWS API Documentation
|
2169
|
+
#
|
2170
|
+
class GetQueryResultsRequest < Struct.new(
|
2171
|
+
:event_data_store,
|
2172
|
+
:query_id,
|
2173
|
+
:next_token,
|
2174
|
+
:max_query_results)
|
2175
|
+
SENSITIVE = []
|
2176
|
+
include Aws::Structure
|
2177
|
+
end
|
2178
|
+
|
2179
|
+
# @!attribute [rw] query_status
|
2180
|
+
# The status of the query. Values include `QUEUED`, `RUNNING`,
|
2181
|
+
# `FINISHED`, `FAILED`, `TIMED_OUT`, or `CANCELLED`.
|
2182
|
+
# @return [String]
|
2183
|
+
#
|
2184
|
+
# @!attribute [rw] query_statistics
|
2185
|
+
# Shows the count of query results.
|
2186
|
+
# @return [Types::QueryStatistics]
|
2187
|
+
#
|
2188
|
+
# @!attribute [rw] query_result_rows
|
2189
|
+
# Contains the individual event results of the query.
|
2190
|
+
# @return [Array<Array<Hash<String,String>>>]
|
2191
|
+
#
|
2192
|
+
# @!attribute [rw] next_token
|
2193
|
+
# A token you can use to get the next page of query results.
|
2194
|
+
# @return [String]
|
2195
|
+
#
|
2196
|
+
# @!attribute [rw] error_message
|
2197
|
+
# The error message returned if a query failed.
|
2198
|
+
# @return [String]
|
2199
|
+
#
|
2200
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetQueryResultsResponse AWS API Documentation
|
2201
|
+
#
|
2202
|
+
class GetQueryResultsResponse < Struct.new(
|
2203
|
+
:query_status,
|
2204
|
+
:query_statistics,
|
2205
|
+
:query_result_rows,
|
2206
|
+
:next_token,
|
2207
|
+
:error_message)
|
2208
|
+
SENSITIVE = []
|
2209
|
+
include Aws::Structure
|
2210
|
+
end
|
2211
|
+
|
2212
|
+
# @!attribute [rw] resource_arn
|
2213
|
+
# The Amazon Resource Name (ARN) of the CloudTrail channel attached to
|
2214
|
+
# the resource-based policy. The following is the format of a resource
|
2215
|
+
# ARN: `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel`.
|
2216
|
+
# @return [String]
|
2217
|
+
#
|
2218
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetResourcePolicyRequest AWS API Documentation
|
2219
|
+
#
|
2220
|
+
class GetResourcePolicyRequest < Struct.new(
|
2221
|
+
:resource_arn)
|
2222
|
+
SENSITIVE = []
|
2223
|
+
include Aws::Structure
|
2224
|
+
end
|
2225
|
+
|
2226
|
+
# @!attribute [rw] resource_arn
|
2227
|
+
# The Amazon Resource Name (ARN) of the CloudTrail channel attached to
|
2228
|
+
# resource-based policy.
|
2229
|
+
# @return [String]
|
1146
2230
|
#
|
1147
|
-
#
|
1148
|
-
#
|
1149
|
-
#
|
2231
|
+
# @!attribute [rw] resource_policy
|
2232
|
+
# A JSON-formatted string that contains the resource-based policy
|
2233
|
+
# attached to the CloudTrail channel.
|
2234
|
+
# @return [String]
|
2235
|
+
#
|
2236
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetResourcePolicyResponse AWS API Documentation
|
1150
2237
|
#
|
2238
|
+
class GetResourcePolicyResponse < Struct.new(
|
2239
|
+
:resource_arn,
|
2240
|
+
:resource_policy)
|
2241
|
+
SENSITIVE = []
|
2242
|
+
include Aws::Structure
|
2243
|
+
end
|
2244
|
+
|
1151
2245
|
# @!attribute [rw] name
|
1152
2246
|
# The name or the Amazon Resource Name (ARN) of the trail for which
|
1153
2247
|
# you want to retrieve settings information.
|
@@ -1175,17 +2269,10 @@ module Aws::CloudTrail
|
|
1175
2269
|
|
1176
2270
|
# The name of a trail about which you want the current status.
|
1177
2271
|
#
|
1178
|
-
# @note When making an API call, you may pass GetTrailStatusRequest
|
1179
|
-
# data as a hash:
|
1180
|
-
#
|
1181
|
-
# {
|
1182
|
-
# name: "String", # required
|
1183
|
-
# }
|
1184
|
-
#
|
1185
2272
|
# @!attribute [rw] name
|
1186
2273
|
# Specifies the name or the CloudTrail ARN of the trail for which you
|
1187
2274
|
# are requesting status. To get the status of a shadow trail (a
|
1188
|
-
# replication of the trail in another
|
2275
|
+
# replication of the trail in another Region), you must specify its
|
1189
2276
|
# ARN. The following is the format of a trail ARN.
|
1190
2277
|
#
|
1191
2278
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
@@ -1339,55 +2426,227 @@ module Aws::CloudTrail
|
|
1339
2426
|
include Aws::Structure
|
1340
2427
|
end
|
1341
2428
|
|
1342
|
-
#
|
1343
|
-
# Insights events enabled, the operation throws the exception
|
1344
|
-
# `InsightNotEnabledException`.
|
1345
|
-
#
|
1346
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsightNotEnabledException AWS API Documentation
|
2429
|
+
# Provides information about an import failure.
|
1347
2430
|
#
|
1348
|
-
|
1349
|
-
|
1350
|
-
#
|
1351
|
-
# a trail.
|
2431
|
+
# @!attribute [rw] location
|
2432
|
+
# The location of the failure in the S3 bucket.
|
2433
|
+
# @return [String]
|
1352
2434
|
#
|
1353
|
-
#
|
1354
|
-
#
|
2435
|
+
# @!attribute [rw] status
|
2436
|
+
# The status of the import.
|
2437
|
+
# @return [String]
|
1355
2438
|
#
|
1356
|
-
#
|
1357
|
-
#
|
1358
|
-
#
|
2439
|
+
# @!attribute [rw] error_type
|
2440
|
+
# The type of import error.
|
2441
|
+
# @return [String]
|
1359
2442
|
#
|
1360
|
-
# @!attribute [rw]
|
1361
|
-
#
|
1362
|
-
# type in this release is `ApiCallRateInsight`.
|
2443
|
+
# @!attribute [rw] error_message
|
2444
|
+
# Provides the reason the import failed.
|
1363
2445
|
# @return [String]
|
1364
2446
|
#
|
1365
|
-
#
|
2447
|
+
# @!attribute [rw] last_updated_time
|
2448
|
+
# When the import was last updated.
|
2449
|
+
# @return [Time]
|
1366
2450
|
#
|
1367
|
-
|
1368
|
-
|
2451
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ImportFailureListItem AWS API Documentation
|
2452
|
+
#
|
2453
|
+
class ImportFailureListItem < Struct.new(
|
2454
|
+
:location,
|
2455
|
+
:status,
|
2456
|
+
:error_type,
|
2457
|
+
:error_message,
|
2458
|
+
:last_updated_time)
|
1369
2459
|
SENSITIVE = []
|
1370
2460
|
include Aws::Structure
|
1371
2461
|
end
|
1372
2462
|
|
1373
|
-
#
|
1374
|
-
# create the organization trail is lacking one or more required
|
1375
|
-
# permissions for creating an organization trail in a required service.
|
1376
|
-
# For more information, see [Prepare For Creating a Trail For Your
|
1377
|
-
# Organization][1].
|
2463
|
+
# The specified import was not found.
|
1378
2464
|
#
|
2465
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ImportNotFoundException AWS API Documentation
|
1379
2466
|
#
|
2467
|
+
class ImportNotFoundException < Aws::EmptyStructure; end
|
2468
|
+
|
2469
|
+
# The import source.
|
1380
2470
|
#
|
1381
|
-
# [
|
2471
|
+
# @!attribute [rw] s3
|
2472
|
+
# The source S3 bucket.
|
2473
|
+
# @return [Types::S3ImportSource]
|
1382
2474
|
#
|
1383
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/
|
2475
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ImportSource AWS API Documentation
|
1384
2476
|
#
|
1385
|
-
class
|
2477
|
+
class ImportSource < Struct.new(
|
2478
|
+
:s3)
|
2479
|
+
SENSITIVE = []
|
2480
|
+
include Aws::Structure
|
2481
|
+
end
|
1386
2482
|
|
1387
|
-
#
|
1388
|
-
#
|
2483
|
+
# Provides statistics for the specified `ImportID`. CloudTrail does not
|
2484
|
+
# update import statistics in real-time. Returned values for parameters
|
2485
|
+
# such as `EventsCompleted` may be lower than the actual value, because
|
2486
|
+
# CloudTrail updates statistics incrementally over the course of the
|
2487
|
+
# import.
|
2488
|
+
#
|
2489
|
+
# @!attribute [rw] prefixes_found
|
2490
|
+
# The number of S3 prefixes found for the import.
|
2491
|
+
# @return [Integer]
|
1389
2492
|
#
|
1390
|
-
#
|
2493
|
+
# @!attribute [rw] prefixes_completed
|
2494
|
+
# The number of S3 prefixes that completed import.
|
2495
|
+
# @return [Integer]
|
2496
|
+
#
|
2497
|
+
# @!attribute [rw] files_completed
|
2498
|
+
# The number of log files that completed import.
|
2499
|
+
# @return [Integer]
|
2500
|
+
#
|
2501
|
+
# @!attribute [rw] events_completed
|
2502
|
+
# The number of trail events imported into the event data store.
|
2503
|
+
# @return [Integer]
|
2504
|
+
#
|
2505
|
+
# @!attribute [rw] failed_entries
|
2506
|
+
# The number of failed entries.
|
2507
|
+
# @return [Integer]
|
2508
|
+
#
|
2509
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ImportStatistics AWS API Documentation
|
2510
|
+
#
|
2511
|
+
class ImportStatistics < Struct.new(
|
2512
|
+
:prefixes_found,
|
2513
|
+
:prefixes_completed,
|
2514
|
+
:files_completed,
|
2515
|
+
:events_completed,
|
2516
|
+
:failed_entries)
|
2517
|
+
SENSITIVE = []
|
2518
|
+
include Aws::Structure
|
2519
|
+
end
|
2520
|
+
|
2521
|
+
# Contains information about an import that was returned by a lookup
|
2522
|
+
# request.
|
2523
|
+
#
|
2524
|
+
# @!attribute [rw] import_id
|
2525
|
+
# The ID of the import.
|
2526
|
+
# @return [String]
|
2527
|
+
#
|
2528
|
+
# @!attribute [rw] import_status
|
2529
|
+
# The status of the import.
|
2530
|
+
# @return [String]
|
2531
|
+
#
|
2532
|
+
# @!attribute [rw] destinations
|
2533
|
+
# The ARN of the destination event data store.
|
2534
|
+
# @return [Array<String>]
|
2535
|
+
#
|
2536
|
+
# @!attribute [rw] created_timestamp
|
2537
|
+
# The timestamp of the import's creation.
|
2538
|
+
# @return [Time]
|
2539
|
+
#
|
2540
|
+
# @!attribute [rw] updated_timestamp
|
2541
|
+
# The timestamp of the import's last update.
|
2542
|
+
# @return [Time]
|
2543
|
+
#
|
2544
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ImportsListItem AWS API Documentation
|
2545
|
+
#
|
2546
|
+
class ImportsListItem < Struct.new(
|
2547
|
+
:import_id,
|
2548
|
+
:import_status,
|
2549
|
+
:destinations,
|
2550
|
+
:created_timestamp,
|
2551
|
+
:updated_timestamp)
|
2552
|
+
SENSITIVE = []
|
2553
|
+
include Aws::Structure
|
2554
|
+
end
|
2555
|
+
|
2556
|
+
# The event data store is inactive.
|
2557
|
+
#
|
2558
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InactiveEventDataStoreException AWS API Documentation
|
2559
|
+
#
|
2560
|
+
class InactiveEventDataStoreException < Aws::EmptyStructure; end
|
2561
|
+
|
2562
|
+
# The specified query cannot be canceled because it is in the
|
2563
|
+
# `FINISHED`, `FAILED`, `TIMED_OUT`, or `CANCELLED` state.
|
2564
|
+
#
|
2565
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InactiveQueryException AWS API Documentation
|
2566
|
+
#
|
2567
|
+
class InactiveQueryException < Aws::EmptyStructure; end
|
2568
|
+
|
2569
|
+
# A table showing information about the most recent successful and
|
2570
|
+
# failed attempts to ingest events.
|
2571
|
+
#
|
2572
|
+
# @!attribute [rw] latest_ingestion_success_time
|
2573
|
+
# The time stamp of the most recent successful ingestion of events for
|
2574
|
+
# the channel.
|
2575
|
+
# @return [Time]
|
2576
|
+
#
|
2577
|
+
# @!attribute [rw] latest_ingestion_success_event_id
|
2578
|
+
# The event ID of the most recent successful ingestion of events.
|
2579
|
+
# @return [String]
|
2580
|
+
#
|
2581
|
+
# @!attribute [rw] latest_ingestion_error_code
|
2582
|
+
# The error code for the most recent failure to ingest events.
|
2583
|
+
# @return [String]
|
2584
|
+
#
|
2585
|
+
# @!attribute [rw] latest_ingestion_attempt_time
|
2586
|
+
# The time stamp of the most recent attempt to ingest events on the
|
2587
|
+
# channel.
|
2588
|
+
# @return [Time]
|
2589
|
+
#
|
2590
|
+
# @!attribute [rw] latest_ingestion_attempt_event_id
|
2591
|
+
# The event ID of the most recent attempt to ingest events.
|
2592
|
+
# @return [String]
|
2593
|
+
#
|
2594
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/IngestionStatus AWS API Documentation
|
2595
|
+
#
|
2596
|
+
class IngestionStatus < Struct.new(
|
2597
|
+
:latest_ingestion_success_time,
|
2598
|
+
:latest_ingestion_success_event_id,
|
2599
|
+
:latest_ingestion_error_code,
|
2600
|
+
:latest_ingestion_attempt_time,
|
2601
|
+
:latest_ingestion_attempt_event_id)
|
2602
|
+
SENSITIVE = []
|
2603
|
+
include Aws::Structure
|
2604
|
+
end
|
2605
|
+
|
2606
|
+
# If you run `GetInsightSelectors` on a trail that does not have
|
2607
|
+
# Insights events enabled, the operation throws the exception
|
2608
|
+
# `InsightNotEnabledException`.
|
2609
|
+
#
|
2610
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsightNotEnabledException AWS API Documentation
|
2611
|
+
#
|
2612
|
+
class InsightNotEnabledException < Aws::EmptyStructure; end
|
2613
|
+
|
2614
|
+
# A JSON string that contains a list of Insights types that are logged
|
2615
|
+
# on a trail.
|
2616
|
+
#
|
2617
|
+
# @!attribute [rw] insight_type
|
2618
|
+
# The type of Insights events to log on a trail. `ApiCallRateInsight`
|
2619
|
+
# and `ApiErrorRateInsight` are valid Insight types.
|
2620
|
+
#
|
2621
|
+
# The `ApiCallRateInsight` Insights type analyzes write-only
|
2622
|
+
# management API calls that are aggregated per minute against a
|
2623
|
+
# baseline API call volume.
|
2624
|
+
#
|
2625
|
+
# The `ApiErrorRateInsight` Insights type analyzes management API
|
2626
|
+
# calls that result in error codes. The error is shown if the API call
|
2627
|
+
# is unsuccessful.
|
2628
|
+
# @return [String]
|
2629
|
+
#
|
2630
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsightSelector AWS API Documentation
|
2631
|
+
#
|
2632
|
+
class InsightSelector < Struct.new(
|
2633
|
+
:insight_type)
|
2634
|
+
SENSITIVE = []
|
2635
|
+
include Aws::Structure
|
2636
|
+
end
|
2637
|
+
|
2638
|
+
# This exception is thrown when the IAM identity that is used to create
|
2639
|
+
# the organization resource lacks one or more required permissions for
|
2640
|
+
# creating an organization resource in a required service.
|
2641
|
+
#
|
2642
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsufficientDependencyServiceAccessPermissionException AWS API Documentation
|
2643
|
+
#
|
2644
|
+
class InsufficientDependencyServiceAccessPermissionException < Aws::EmptyStructure; end
|
2645
|
+
|
2646
|
+
# This exception is thrown when the policy on the S3 bucket or KMS key
|
2647
|
+
# does not have sufficient permissions for the operation.
|
2648
|
+
#
|
2649
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsufficientEncryptionPolicyException AWS API Documentation
|
1391
2650
|
#
|
1392
2651
|
class InsufficientEncryptionPolicyException < Aws::EmptyStructure; end
|
1393
2652
|
|
@@ -1418,6 +2677,19 @@ module Aws::CloudTrail
|
|
1418
2677
|
#
|
1419
2678
|
class InvalidCloudWatchLogsRoleArnException < Aws::EmptyStructure; end
|
1420
2679
|
|
2680
|
+
# A date range for the query was specified that is not valid. Be sure
|
2681
|
+
# that the start time is chronologically before the end time. For more
|
2682
|
+
# information about writing a query, see [Create or edit a query][1] in
|
2683
|
+
# the *CloudTrail User Guide*.
|
2684
|
+
#
|
2685
|
+
#
|
2686
|
+
#
|
2687
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html
|
2688
|
+
#
|
2689
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidDateRangeException AWS API Documentation
|
2690
|
+
#
|
2691
|
+
class InvalidDateRangeException < Aws::EmptyStructure; end
|
2692
|
+
|
1421
2693
|
# Occurs if an event category that is not valid is specified as a value
|
1422
2694
|
# of `EventCategory`.
|
1423
2695
|
#
|
@@ -1425,6 +2697,19 @@ module Aws::CloudTrail
|
|
1425
2697
|
#
|
1426
2698
|
class InvalidEventCategoryException < Aws::EmptyStructure; end
|
1427
2699
|
|
2700
|
+
# This exception is thrown when event categories of specified event data
|
2701
|
+
# stores are not valid.
|
2702
|
+
#
|
2703
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidEventDataStoreCategoryException AWS API Documentation
|
2704
|
+
#
|
2705
|
+
class InvalidEventDataStoreCategoryException < Aws::EmptyStructure; end
|
2706
|
+
|
2707
|
+
# The event data store is not in a status that supports the operation.
|
2708
|
+
#
|
2709
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidEventDataStoreStatusException AWS API Documentation
|
2710
|
+
#
|
2711
|
+
class InvalidEventDataStoreStatusException < Aws::EmptyStructure; end
|
2712
|
+
|
1428
2713
|
# This exception is thrown when the `PutEventSelectors` operation is
|
1429
2714
|
# called with a number of event selectors, advanced event selectors, or
|
1430
2715
|
# data resources that is not valid. The combination of event selectors
|
@@ -1456,12 +2741,19 @@ module Aws::CloudTrail
|
|
1456
2741
|
class InvalidEventSelectorsException < Aws::EmptyStructure; end
|
1457
2742
|
|
1458
2743
|
# This exception is thrown when an operation is called on a trail from a
|
1459
|
-
#
|
2744
|
+
# Region other than the Region in which the trail was created.
|
1460
2745
|
#
|
1461
2746
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidHomeRegionException AWS API Documentation
|
1462
2747
|
#
|
1463
2748
|
class InvalidHomeRegionException < Aws::EmptyStructure; end
|
1464
2749
|
|
2750
|
+
# This exception is thrown when the provided source S3 bucket is not
|
2751
|
+
# valid for import.
|
2752
|
+
#
|
2753
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidImportSourceException AWS API Documentation
|
2754
|
+
#
|
2755
|
+
class InvalidImportSourceException < Aws::EmptyStructure; end
|
2756
|
+
|
1465
2757
|
# The formatting or syntax of the `InsightSelectors` JSON statement in
|
1466
2758
|
# your `PutInsightSelectors` or `GetInsightSelectors` request is not
|
1467
2759
|
# valid, or the specified insight type in the `InsightSelectors`
|
@@ -1504,6 +2796,30 @@ module Aws::CloudTrail
|
|
1504
2796
|
#
|
1505
2797
|
class InvalidParameterCombinationException < Aws::EmptyStructure; end
|
1506
2798
|
|
2799
|
+
# The request includes a parameter that is not valid.
|
2800
|
+
#
|
2801
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidParameterException AWS API Documentation
|
2802
|
+
#
|
2803
|
+
class InvalidParameterException < Aws::EmptyStructure; end
|
2804
|
+
|
2805
|
+
# The query that was submitted has validation errors, or uses incorrect
|
2806
|
+
# syntax or unsupported keywords. For more information about writing a
|
2807
|
+
# query, see [Create or edit a query][1] in the *CloudTrail User Guide*.
|
2808
|
+
#
|
2809
|
+
#
|
2810
|
+
#
|
2811
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html
|
2812
|
+
#
|
2813
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidQueryStatementException AWS API Documentation
|
2814
|
+
#
|
2815
|
+
class InvalidQueryStatementException < Aws::EmptyStructure; end
|
2816
|
+
|
2817
|
+
# The query status is not valid for the operation.
|
2818
|
+
#
|
2819
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidQueryStatusException AWS API Documentation
|
2820
|
+
#
|
2821
|
+
class InvalidQueryStatusException < Aws::EmptyStructure; end
|
2822
|
+
|
1507
2823
|
# This exception is thrown when the provided S3 bucket name is not
|
1508
2824
|
# valid.
|
1509
2825
|
#
|
@@ -1524,6 +2840,13 @@ module Aws::CloudTrail
|
|
1524
2840
|
#
|
1525
2841
|
class InvalidSnsTopicNameException < Aws::EmptyStructure; end
|
1526
2842
|
|
2843
|
+
# This exception is thrown when the specified value of `Source` is not
|
2844
|
+
# valid.
|
2845
|
+
#
|
2846
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InvalidSourceException AWS API Documentation
|
2847
|
+
#
|
2848
|
+
class InvalidSourceException < Aws::EmptyStructure; end
|
2849
|
+
|
1527
2850
|
# This exception is thrown when the specified tag key or values are not
|
1528
2851
|
# valid. It can also occur if there are duplicate tags or too many tags
|
1529
2852
|
# on the resource.
|
@@ -1566,7 +2889,7 @@ module Aws::CloudTrail
|
|
1566
2889
|
class InvalidTrailNameException < Aws::EmptyStructure; end
|
1567
2890
|
|
1568
2891
|
# This exception is thrown when there is an issue with the specified KMS
|
1569
|
-
# key and the trail can
|
2892
|
+
# key and the trail or event data store can't be updated.
|
1570
2893
|
#
|
1571
2894
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/KmsException AWS API Documentation
|
1572
2895
|
#
|
@@ -1579,24 +2902,175 @@ module Aws::CloudTrail
|
|
1579
2902
|
class KmsKeyDisabledException < Aws::EmptyStructure; end
|
1580
2903
|
|
1581
2904
|
# This exception is thrown when the KMS key does not exist, when the S3
|
1582
|
-
# bucket and the KMS key are not in the same
|
2905
|
+
# bucket and the KMS key are not in the same Region, or when the KMS key
|
1583
2906
|
# associated with the Amazon SNS topic either does not exist or is not
|
1584
|
-
# in the same
|
2907
|
+
# in the same Region.
|
1585
2908
|
#
|
1586
2909
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/KmsKeyNotFoundException AWS API Documentation
|
1587
2910
|
#
|
1588
2911
|
class KmsKeyNotFoundException < Aws::EmptyStructure; end
|
1589
2912
|
|
1590
|
-
#
|
2913
|
+
# @!attribute [rw] max_results
|
2914
|
+
# The maximum number of CloudTrail channels to display on a single
|
2915
|
+
# page.
|
2916
|
+
# @return [Integer]
|
2917
|
+
#
|
2918
|
+
# @!attribute [rw] next_token
|
2919
|
+
# The token to use to get the next page of results after a previous
|
2920
|
+
# API call. This token must be passed in with the same parameters that
|
2921
|
+
# were specified in the original call. For example, if the original
|
2922
|
+
# call specified an AttributeKey of 'Username' with a value of
|
2923
|
+
# 'root', the call with NextToken should include those same
|
2924
|
+
# parameters.
|
2925
|
+
# @return [String]
|
2926
|
+
#
|
2927
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListChannelsRequest AWS API Documentation
|
2928
|
+
#
|
2929
|
+
class ListChannelsRequest < Struct.new(
|
2930
|
+
:max_results,
|
2931
|
+
:next_token)
|
2932
|
+
SENSITIVE = []
|
2933
|
+
include Aws::Structure
|
2934
|
+
end
|
2935
|
+
|
2936
|
+
# @!attribute [rw] channels
|
2937
|
+
# The list of channels in the account.
|
2938
|
+
# @return [Array<Types::Channel>]
|
1591
2939
|
#
|
1592
|
-
#
|
1593
|
-
#
|
2940
|
+
# @!attribute [rw] next_token
|
2941
|
+
# The token to use to get the next page of results after a previous
|
2942
|
+
# API call.
|
2943
|
+
# @return [String]
|
2944
|
+
#
|
2945
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListChannelsResponse AWS API Documentation
|
2946
|
+
#
|
2947
|
+
class ListChannelsResponse < Struct.new(
|
2948
|
+
:channels,
|
2949
|
+
:next_token)
|
2950
|
+
SENSITIVE = []
|
2951
|
+
include Aws::Structure
|
2952
|
+
end
|
2953
|
+
|
2954
|
+
# @!attribute [rw] next_token
|
2955
|
+
# A token you can use to get the next page of event data store
|
2956
|
+
# results.
|
2957
|
+
# @return [String]
|
2958
|
+
#
|
2959
|
+
# @!attribute [rw] max_results
|
2960
|
+
# The maximum number of event data stores to display on a single page.
|
2961
|
+
# @return [Integer]
|
2962
|
+
#
|
2963
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListEventDataStoresRequest AWS API Documentation
|
2964
|
+
#
|
2965
|
+
class ListEventDataStoresRequest < Struct.new(
|
2966
|
+
:next_token,
|
2967
|
+
:max_results)
|
2968
|
+
SENSITIVE = []
|
2969
|
+
include Aws::Structure
|
2970
|
+
end
|
2971
|
+
|
2972
|
+
# @!attribute [rw] event_data_stores
|
2973
|
+
# Contains information about event data stores in the account, in the
|
2974
|
+
# current Region.
|
2975
|
+
# @return [Array<Types::EventDataStore>]
|
2976
|
+
#
|
2977
|
+
# @!attribute [rw] next_token
|
2978
|
+
# A token you can use to get the next page of results.
|
2979
|
+
# @return [String]
|
2980
|
+
#
|
2981
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListEventDataStoresResponse AWS API Documentation
|
2982
|
+
#
|
2983
|
+
class ListEventDataStoresResponse < Struct.new(
|
2984
|
+
:event_data_stores,
|
2985
|
+
:next_token)
|
2986
|
+
SENSITIVE = []
|
2987
|
+
include Aws::Structure
|
2988
|
+
end
|
2989
|
+
|
2990
|
+
# @!attribute [rw] import_id
|
2991
|
+
# The ID of the import.
|
2992
|
+
# @return [String]
|
2993
|
+
#
|
2994
|
+
# @!attribute [rw] max_results
|
2995
|
+
# The maximum number of failures to display on a single page.
|
2996
|
+
# @return [Integer]
|
2997
|
+
#
|
2998
|
+
# @!attribute [rw] next_token
|
2999
|
+
# A token you can use to get the next page of import failures.
|
3000
|
+
# @return [String]
|
3001
|
+
#
|
3002
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListImportFailuresRequest AWS API Documentation
|
3003
|
+
#
|
3004
|
+
class ListImportFailuresRequest < Struct.new(
|
3005
|
+
:import_id,
|
3006
|
+
:max_results,
|
3007
|
+
:next_token)
|
3008
|
+
SENSITIVE = []
|
3009
|
+
include Aws::Structure
|
3010
|
+
end
|
3011
|
+
|
3012
|
+
# @!attribute [rw] failures
|
3013
|
+
# Contains information about the import failures.
|
3014
|
+
# @return [Array<Types::ImportFailureListItem>]
|
3015
|
+
#
|
3016
|
+
# @!attribute [rw] next_token
|
3017
|
+
# A token you can use to get the next page of results.
|
3018
|
+
# @return [String]
|
3019
|
+
#
|
3020
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListImportFailuresResponse AWS API Documentation
|
3021
|
+
#
|
3022
|
+
class ListImportFailuresResponse < Struct.new(
|
3023
|
+
:failures,
|
3024
|
+
:next_token)
|
3025
|
+
SENSITIVE = []
|
3026
|
+
include Aws::Structure
|
3027
|
+
end
|
3028
|
+
|
3029
|
+
# @!attribute [rw] max_results
|
3030
|
+
# The maximum number of imports to display on a single page.
|
3031
|
+
# @return [Integer]
|
3032
|
+
#
|
3033
|
+
# @!attribute [rw] destination
|
3034
|
+
# The ARN of the destination event data store.
|
3035
|
+
# @return [String]
|
3036
|
+
#
|
3037
|
+
# @!attribute [rw] import_status
|
3038
|
+
# The status of the import.
|
3039
|
+
# @return [String]
|
3040
|
+
#
|
3041
|
+
# @!attribute [rw] next_token
|
3042
|
+
# A token you can use to get the next page of import results.
|
3043
|
+
# @return [String]
|
3044
|
+
#
|
3045
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListImportsRequest AWS API Documentation
|
3046
|
+
#
|
3047
|
+
class ListImportsRequest < Struct.new(
|
3048
|
+
:max_results,
|
3049
|
+
:destination,
|
3050
|
+
:import_status,
|
3051
|
+
:next_token)
|
3052
|
+
SENSITIVE = []
|
3053
|
+
include Aws::Structure
|
3054
|
+
end
|
3055
|
+
|
3056
|
+
# @!attribute [rw] imports
|
3057
|
+
# The list of returned imports.
|
3058
|
+
# @return [Array<Types::ImportsListItem>]
|
3059
|
+
#
|
3060
|
+
# @!attribute [rw] next_token
|
3061
|
+
# A token you can use to get the next page of import results.
|
3062
|
+
# @return [String]
|
1594
3063
|
#
|
1595
|
-
#
|
1596
|
-
#
|
1597
|
-
|
1598
|
-
|
1599
|
-
|
3064
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListImportsResponse AWS API Documentation
|
3065
|
+
#
|
3066
|
+
class ListImportsResponse < Struct.new(
|
3067
|
+
:imports,
|
3068
|
+
:next_token)
|
3069
|
+
SENSITIVE = []
|
3070
|
+
include Aws::Structure
|
3071
|
+
end
|
3072
|
+
|
3073
|
+
# Requests the public keys for a specified time range.
|
1600
3074
|
#
|
1601
3075
|
# @!attribute [rw] start_time
|
1602
3076
|
# Optionally specifies, in UTC, the start of the time range to look up
|
@@ -1648,21 +3122,80 @@ module Aws::CloudTrail
|
|
1648
3122
|
include Aws::Structure
|
1649
3123
|
end
|
1650
3124
|
|
1651
|
-
#
|
3125
|
+
# @!attribute [rw] event_data_store
|
3126
|
+
# The ARN (or the ID suffix of the ARN) of an event data store on
|
3127
|
+
# which queries were run.
|
3128
|
+
# @return [String]
|
3129
|
+
#
|
3130
|
+
# @!attribute [rw] next_token
|
3131
|
+
# A token you can use to get the next page of results.
|
3132
|
+
# @return [String]
|
3133
|
+
#
|
3134
|
+
# @!attribute [rw] max_results
|
3135
|
+
# The maximum number of queries to show on a page.
|
3136
|
+
# @return [Integer]
|
3137
|
+
#
|
3138
|
+
# @!attribute [rw] start_time
|
3139
|
+
# Use with `EndTime` to bound a `ListQueries` request, and limit its
|
3140
|
+
# results to only those queries run within a specified time period.
|
3141
|
+
# @return [Time]
|
3142
|
+
#
|
3143
|
+
# @!attribute [rw] end_time
|
3144
|
+
# Use with `StartTime` to bound a `ListQueries` request, and limit its
|
3145
|
+
# results to only those queries run within a specified time period.
|
3146
|
+
# @return [Time]
|
3147
|
+
#
|
3148
|
+
# @!attribute [rw] query_status
|
3149
|
+
# The status of queries that you want to return in results. Valid
|
3150
|
+
# values for `QueryStatus` include `QUEUED`, `RUNNING`, `FINISHED`,
|
3151
|
+
# `FAILED`, `TIMED_OUT`, or `CANCELLED`.
|
3152
|
+
# @return [String]
|
3153
|
+
#
|
3154
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListQueriesRequest AWS API Documentation
|
3155
|
+
#
|
3156
|
+
class ListQueriesRequest < Struct.new(
|
3157
|
+
:event_data_store,
|
3158
|
+
:next_token,
|
3159
|
+
:max_results,
|
3160
|
+
:start_time,
|
3161
|
+
:end_time,
|
3162
|
+
:query_status)
|
3163
|
+
SENSITIVE = []
|
3164
|
+
include Aws::Structure
|
3165
|
+
end
|
3166
|
+
|
3167
|
+
# @!attribute [rw] queries
|
3168
|
+
# Lists matching query results, and shows query ID, status, and
|
3169
|
+
# creation time of each query.
|
3170
|
+
# @return [Array<Types::Query>]
|
3171
|
+
#
|
3172
|
+
# @!attribute [rw] next_token
|
3173
|
+
# A token you can use to get the next page of results.
|
3174
|
+
# @return [String]
|
1652
3175
|
#
|
1653
|
-
# @
|
1654
|
-
# data as a hash:
|
3176
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListQueriesResponse AWS API Documentation
|
1655
3177
|
#
|
1656
|
-
|
1657
|
-
|
1658
|
-
|
1659
|
-
|
3178
|
+
class ListQueriesResponse < Struct.new(
|
3179
|
+
:queries,
|
3180
|
+
:next_token)
|
3181
|
+
SENSITIVE = []
|
3182
|
+
include Aws::Structure
|
3183
|
+
end
|
3184
|
+
|
3185
|
+
# Specifies a list of tags to return.
|
1660
3186
|
#
|
1661
3187
|
# @!attribute [rw] resource_id_list
|
1662
|
-
# Specifies a list of trail
|
1663
|
-
#
|
3188
|
+
# Specifies a list of trail, event data store, or channel ARNs whose
|
3189
|
+
# tags will be listed. The list has a limit of 20 ARNs.
|
1664
3190
|
#
|
3191
|
+
# Example trail ARN format:
|
1665
3192
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
3193
|
+
#
|
3194
|
+
# Example event data store ARN format:
|
3195
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
|
3196
|
+
#
|
3197
|
+
# Example channel ARN format:
|
3198
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
|
1666
3199
|
# @return [Array<String>]
|
1667
3200
|
#
|
1668
3201
|
# @!attribute [rw] next_token
|
@@ -1698,19 +3231,12 @@ module Aws::CloudTrail
|
|
1698
3231
|
include Aws::Structure
|
1699
3232
|
end
|
1700
3233
|
|
1701
|
-
# @note When making an API call, you may pass ListTrailsRequest
|
1702
|
-
# data as a hash:
|
1703
|
-
#
|
1704
|
-
# {
|
1705
|
-
# next_token: "String",
|
1706
|
-
# }
|
1707
|
-
#
|
1708
3234
|
# @!attribute [rw] next_token
|
1709
3235
|
# The token to use to get the next page of results after a previous
|
1710
3236
|
# API call. This token must be passed in with the same parameters that
|
1711
|
-
# were specified in the
|
1712
|
-
#
|
1713
|
-
#
|
3237
|
+
# were specified in the original call. For example, if the original
|
3238
|
+
# call specified an AttributeKey of 'Username' with a value of
|
3239
|
+
# 'root', the call with NextToken should include those same
|
1714
3240
|
# parameters.
|
1715
3241
|
# @return [String]
|
1716
3242
|
#
|
@@ -1723,7 +3249,7 @@ module Aws::CloudTrail
|
|
1723
3249
|
end
|
1724
3250
|
|
1725
3251
|
# @!attribute [rw] trails
|
1726
|
-
# Returns the name, ARN, and home
|
3252
|
+
# Returns the name, ARN, and home Region of trails in the current
|
1727
3253
|
# account.
|
1728
3254
|
# @return [Array<Types::TrailInfo>]
|
1729
3255
|
#
|
@@ -1747,14 +3273,6 @@ module Aws::CloudTrail
|
|
1747
3273
|
|
1748
3274
|
# Specifies an attribute and value that filter the events returned.
|
1749
3275
|
#
|
1750
|
-
# @note When making an API call, you may pass LookupAttribute
|
1751
|
-
# data as a hash:
|
1752
|
-
#
|
1753
|
-
# {
|
1754
|
-
# attribute_key: "EventId", # required, accepts EventId, EventName, ReadOnly, Username, ResourceType, ResourceName, EventSource, AccessKeyId
|
1755
|
-
# attribute_value: "String", # required
|
1756
|
-
# }
|
1757
|
-
#
|
1758
3276
|
# @!attribute [rw] attribute_key
|
1759
3277
|
# Specifies an attribute on which to filter the events returned.
|
1760
3278
|
# @return [String]
|
@@ -1774,23 +3292,6 @@ module Aws::CloudTrail
|
|
1774
3292
|
|
1775
3293
|
# Contains a request for LookupEvents.
|
1776
3294
|
#
|
1777
|
-
# @note When making an API call, you may pass LookupEventsRequest
|
1778
|
-
# data as a hash:
|
1779
|
-
#
|
1780
|
-
# {
|
1781
|
-
# lookup_attributes: [
|
1782
|
-
# {
|
1783
|
-
# attribute_key: "EventId", # required, accepts EventId, EventName, ReadOnly, Username, ResourceType, ResourceName, EventSource, AccessKeyId
|
1784
|
-
# attribute_value: "String", # required
|
1785
|
-
# },
|
1786
|
-
# ],
|
1787
|
-
# start_time: Time.now,
|
1788
|
-
# end_time: Time.now,
|
1789
|
-
# event_category: "insight", # accepts insight
|
1790
|
-
# max_results: 1,
|
1791
|
-
# next_token: "NextToken",
|
1792
|
-
# }
|
1793
|
-
#
|
1794
3295
|
# @!attribute [rw] lookup_attributes
|
1795
3296
|
# Contains a list of lookup attributes. Currently the list can contain
|
1796
3297
|
# only one item.
|
@@ -1823,9 +3324,9 @@ module Aws::CloudTrail
|
|
1823
3324
|
# @!attribute [rw] next_token
|
1824
3325
|
# The token to use to get the next page of results after a previous
|
1825
3326
|
# API call. This token must be passed in with the same parameters that
|
1826
|
-
# were specified in the
|
1827
|
-
#
|
1828
|
-
#
|
3327
|
+
# were specified in the original call. For example, if the original
|
3328
|
+
# call specified an AttributeKey of 'Username' with a value of
|
3329
|
+
# 'root', the call with NextToken should include those same
|
1829
3330
|
# parameters.
|
1830
3331
|
# @return [String]
|
1831
3332
|
#
|
@@ -1868,21 +3369,44 @@ module Aws::CloudTrail
|
|
1868
3369
|
include Aws::Structure
|
1869
3370
|
end
|
1870
3371
|
|
3372
|
+
# You are already running the maximum number of concurrent queries. The
|
3373
|
+
# maximum number of concurrent queries is 10. Wait a minute for some
|
3374
|
+
# queries to finish, and then run the query again.
|
3375
|
+
#
|
3376
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/MaxConcurrentQueriesException AWS API Documentation
|
3377
|
+
#
|
3378
|
+
class MaxConcurrentQueriesException < Aws::EmptyStructure; end
|
3379
|
+
|
1871
3380
|
# This exception is thrown when the maximum number of trails is reached.
|
1872
3381
|
#
|
1873
3382
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/MaximumNumberOfTrailsExceededException AWS API Documentation
|
1874
3383
|
#
|
1875
3384
|
class MaximumNumberOfTrailsExceededException < Aws::EmptyStructure; end
|
1876
3385
|
|
1877
|
-
# This exception is thrown when the
|
1878
|
-
#
|
1879
|
-
# management account for an organization in Organizations. For more
|
1880
|
-
# information, see [Prepare For Creating a Trail For Your
|
1881
|
-
# Organization][1].
|
3386
|
+
# This exception is thrown when the management account does not have a
|
3387
|
+
# service-linked role.
|
1882
3388
|
#
|
3389
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/NoManagementAccountSLRExistsException AWS API Documentation
|
1883
3390
|
#
|
3391
|
+
class NoManagementAccountSLRExistsException < Aws::EmptyStructure; end
|
3392
|
+
|
3393
|
+
# This exception is thrown when the account making the request is not
|
3394
|
+
# the organization's management account.
|
1884
3395
|
#
|
1885
|
-
#
|
3396
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/NotOrganizationManagementAccountException AWS API Documentation
|
3397
|
+
#
|
3398
|
+
class NotOrganizationManagementAccountException < Aws::EmptyStructure; end
|
3399
|
+
|
3400
|
+
# This exception is thrown when the Amazon Web Services account making
|
3401
|
+
# the request to create or update an organization trail or event data
|
3402
|
+
# store is not the management account for an organization in
|
3403
|
+
# Organizations. For more information, see [Prepare For Creating a Trail
|
3404
|
+
# For Your Organization][1] or [Create an event data store][2].
|
3405
|
+
#
|
3406
|
+
#
|
3407
|
+
#
|
3408
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html
|
3409
|
+
# [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store.html
|
1886
3410
|
#
|
1887
3411
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/NotOrganizationMasterAccountException AWS API Documentation
|
1888
3412
|
#
|
@@ -1897,12 +3421,7 @@ module Aws::CloudTrail
|
|
1897
3421
|
|
1898
3422
|
# This exception is thrown when Organizations is not configured to
|
1899
3423
|
# support all features. All features must be enabled in Organizations to
|
1900
|
-
# support creating an organization trail
|
1901
|
-
# [Prepare For Creating a Trail For Your Organization][1].
|
1902
|
-
#
|
1903
|
-
#
|
1904
|
-
#
|
1905
|
-
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html
|
3424
|
+
# support creating an organization trail or event data store.
|
1906
3425
|
#
|
1907
3426
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/OrganizationNotInAllFeaturesModeException AWS API Documentation
|
1908
3427
|
#
|
@@ -1946,42 +3465,6 @@ module Aws::CloudTrail
|
|
1946
3465
|
include Aws::Structure
|
1947
3466
|
end
|
1948
3467
|
|
1949
|
-
# @note When making an API call, you may pass PutEventSelectorsRequest
|
1950
|
-
# data as a hash:
|
1951
|
-
#
|
1952
|
-
# {
|
1953
|
-
# trail_name: "String", # required
|
1954
|
-
# event_selectors: [
|
1955
|
-
# {
|
1956
|
-
# read_write_type: "ReadOnly", # accepts ReadOnly, WriteOnly, All
|
1957
|
-
# include_management_events: false,
|
1958
|
-
# data_resources: [
|
1959
|
-
# {
|
1960
|
-
# type: "String",
|
1961
|
-
# values: ["String"],
|
1962
|
-
# },
|
1963
|
-
# ],
|
1964
|
-
# exclude_management_event_sources: ["String"],
|
1965
|
-
# },
|
1966
|
-
# ],
|
1967
|
-
# advanced_event_selectors: [
|
1968
|
-
# {
|
1969
|
-
# name: "SelectorName",
|
1970
|
-
# field_selectors: [ # required
|
1971
|
-
# {
|
1972
|
-
# field: "SelectorField", # required
|
1973
|
-
# equals: ["OperatorValue"],
|
1974
|
-
# starts_with: ["OperatorValue"],
|
1975
|
-
# ends_with: ["OperatorValue"],
|
1976
|
-
# not_equals: ["OperatorValue"],
|
1977
|
-
# not_starts_with: ["OperatorValue"],
|
1978
|
-
# not_ends_with: ["OperatorValue"],
|
1979
|
-
# },
|
1980
|
-
# ],
|
1981
|
-
# },
|
1982
|
-
# ],
|
1983
|
-
# }
|
1984
|
-
#
|
1985
3468
|
# @!attribute [rw] trail_name
|
1986
3469
|
# Specifies the name of the trail or trail ARN. If you specify a trail
|
1987
3470
|
# name, the string must meet the following requirements:
|
@@ -2020,8 +3503,8 @@ module Aws::CloudTrail
|
|
2020
3503
|
# `EventSelectors`, but not both. If you apply
|
2021
3504
|
# `AdvancedEventSelectors` to a trail, any existing `EventSelectors`
|
2022
3505
|
# are overwritten. For more information about advanced event
|
2023
|
-
# selectors, see [Logging data events
|
2024
|
-
#
|
3506
|
+
# selectors, see [Logging data events][1] in the *CloudTrail User
|
3507
|
+
# Guide*.
|
2025
3508
|
#
|
2026
3509
|
#
|
2027
3510
|
#
|
@@ -2063,89 +3546,621 @@ module Aws::CloudTrail
|
|
2063
3546
|
include Aws::Structure
|
2064
3547
|
end
|
2065
3548
|
|
2066
|
-
#
|
2067
|
-
#
|
3549
|
+
# @!attribute [rw] trail_name
|
3550
|
+
# The name of the CloudTrail trail for which you want to change or add
|
3551
|
+
# Insights selectors.
|
3552
|
+
# @return [String]
|
3553
|
+
#
|
3554
|
+
# @!attribute [rw] insight_selectors
|
3555
|
+
# A JSON string that contains the insight types you want to log on a
|
3556
|
+
# trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid
|
3557
|
+
# Insight types.
|
3558
|
+
#
|
3559
|
+
# The `ApiCallRateInsight` Insights type analyzes write-only
|
3560
|
+
# management API calls that are aggregated per minute against a
|
3561
|
+
# baseline API call volume.
|
3562
|
+
#
|
3563
|
+
# The `ApiErrorRateInsight` Insights type analyzes management API
|
3564
|
+
# calls that result in error codes. The error is shown if the API call
|
3565
|
+
# is unsuccessful.
|
3566
|
+
# @return [Array<Types::InsightSelector>]
|
3567
|
+
#
|
3568
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectorsRequest AWS API Documentation
|
3569
|
+
#
|
3570
|
+
class PutInsightSelectorsRequest < Struct.new(
|
3571
|
+
:trail_name,
|
3572
|
+
:insight_selectors)
|
3573
|
+
SENSITIVE = []
|
3574
|
+
include Aws::Structure
|
3575
|
+
end
|
3576
|
+
|
3577
|
+
# @!attribute [rw] trail_arn
|
3578
|
+
# The Amazon Resource Name (ARN) of a trail for which you want to
|
3579
|
+
# change or add Insights selectors.
|
3580
|
+
# @return [String]
|
3581
|
+
#
|
3582
|
+
# @!attribute [rw] insight_selectors
|
3583
|
+
# A JSON string that contains the Insights event types that you want
|
3584
|
+
# to log on a trail. The valid Insights types in this release are
|
3585
|
+
# `ApiErrorRateInsight` and `ApiCallRateInsight`.
|
3586
|
+
# @return [Array<Types::InsightSelector>]
|
3587
|
+
#
|
3588
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectorsResponse AWS API Documentation
|
3589
|
+
#
|
3590
|
+
class PutInsightSelectorsResponse < Struct.new(
|
3591
|
+
:trail_arn,
|
3592
|
+
:insight_selectors)
|
3593
|
+
SENSITIVE = []
|
3594
|
+
include Aws::Structure
|
3595
|
+
end
|
3596
|
+
|
3597
|
+
# @!attribute [rw] resource_arn
|
3598
|
+
# The Amazon Resource Name (ARN) of the CloudTrail channel attached to
|
3599
|
+
# the resource-based policy. The following is the format of a resource
|
3600
|
+
# ARN: `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel`.
|
3601
|
+
# @return [String]
|
3602
|
+
#
|
3603
|
+
# @!attribute [rw] resource_policy
|
3604
|
+
# A JSON-formatted string for an Amazon Web Services resource-based
|
3605
|
+
# policy.
|
3606
|
+
#
|
3607
|
+
# The following are requirements for the resource policy:
|
3608
|
+
#
|
3609
|
+
# * Contains only one action: cloudtrail-data:PutAuditEvents
|
3610
|
+
#
|
3611
|
+
# * Contains at least one statement. The policy can have a maximum of
|
3612
|
+
# 20 statements.
|
3613
|
+
#
|
3614
|
+
# * Each statement contains at least one principal. A statement can
|
3615
|
+
# have a maximum of 50 principals.
|
3616
|
+
# @return [String]
|
3617
|
+
#
|
3618
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutResourcePolicyRequest AWS API Documentation
|
3619
|
+
#
|
3620
|
+
class PutResourcePolicyRequest < Struct.new(
|
3621
|
+
:resource_arn,
|
3622
|
+
:resource_policy)
|
3623
|
+
SENSITIVE = []
|
3624
|
+
include Aws::Structure
|
3625
|
+
end
|
3626
|
+
|
3627
|
+
# @!attribute [rw] resource_arn
|
3628
|
+
# The Amazon Resource Name (ARN) of the CloudTrail channel attached to
|
3629
|
+
# the resource-based policy.
|
3630
|
+
# @return [String]
|
3631
|
+
#
|
3632
|
+
# @!attribute [rw] resource_policy
|
3633
|
+
# The JSON-formatted string of the Amazon Web Services resource-based
|
3634
|
+
# policy attached to the CloudTrail channel.
|
3635
|
+
# @return [String]
|
3636
|
+
#
|
3637
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutResourcePolicyResponse AWS API Documentation
|
3638
|
+
#
|
3639
|
+
class PutResourcePolicyResponse < Struct.new(
|
3640
|
+
:resource_arn,
|
3641
|
+
:resource_policy)
|
3642
|
+
SENSITIVE = []
|
3643
|
+
include Aws::Structure
|
3644
|
+
end
|
3645
|
+
|
3646
|
+
# A SQL string of criteria about events that you want to collect in an
|
3647
|
+
# event data store.
|
3648
|
+
#
|
3649
|
+
# @!attribute [rw] query_id
|
3650
|
+
# The ID of a query.
|
3651
|
+
# @return [String]
|
3652
|
+
#
|
3653
|
+
# @!attribute [rw] query_status
|
3654
|
+
# The status of the query. This can be `QUEUED`, `RUNNING`,
|
3655
|
+
# `FINISHED`, `FAILED`, `TIMED_OUT`, or `CANCELLED`.
|
3656
|
+
# @return [String]
|
3657
|
+
#
|
3658
|
+
# @!attribute [rw] creation_time
|
3659
|
+
# The creation time of a query.
|
3660
|
+
# @return [Time]
|
3661
|
+
#
|
3662
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/Query AWS API Documentation
|
3663
|
+
#
|
3664
|
+
class Query < Struct.new(
|
3665
|
+
:query_id,
|
3666
|
+
:query_status,
|
3667
|
+
:creation_time)
|
3668
|
+
SENSITIVE = []
|
3669
|
+
include Aws::Structure
|
3670
|
+
end
|
3671
|
+
|
3672
|
+
# The query ID does not exist or does not map to a query.
|
3673
|
+
#
|
3674
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/QueryIdNotFoundException AWS API Documentation
|
3675
|
+
#
|
3676
|
+
class QueryIdNotFoundException < Aws::EmptyStructure; end
|
3677
|
+
|
3678
|
+
# Metadata about a query, such as the number of results.
|
3679
|
+
#
|
3680
|
+
# @!attribute [rw] results_count
|
3681
|
+
# The number of results returned.
|
3682
|
+
# @return [Integer]
|
3683
|
+
#
|
3684
|
+
# @!attribute [rw] total_results_count
|
3685
|
+
# The total number of results returned by a query.
|
3686
|
+
# @return [Integer]
|
3687
|
+
#
|
3688
|
+
# @!attribute [rw] bytes_scanned
|
3689
|
+
# The total bytes that the query scanned in the event data store. This
|
3690
|
+
# value matches the number of bytes for which your account is billed
|
3691
|
+
# for the query, unless the query is still running.
|
3692
|
+
# @return [Integer]
|
3693
|
+
#
|
3694
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/QueryStatistics AWS API Documentation
|
3695
|
+
#
|
3696
|
+
class QueryStatistics < Struct.new(
|
3697
|
+
:results_count,
|
3698
|
+
:total_results_count,
|
3699
|
+
:bytes_scanned)
|
3700
|
+
SENSITIVE = []
|
3701
|
+
include Aws::Structure
|
3702
|
+
end
|
3703
|
+
|
3704
|
+
# Gets metadata about a query, including the number of events that were
|
3705
|
+
# matched, the total number of events scanned, the query run time in
|
3706
|
+
# milliseconds, and the query's creation time.
|
3707
|
+
#
|
3708
|
+
# @!attribute [rw] events_matched
|
3709
|
+
# The number of events that matched a query.
|
3710
|
+
# @return [Integer]
|
3711
|
+
#
|
3712
|
+
# @!attribute [rw] events_scanned
|
3713
|
+
# The number of events that the query scanned in the event data store.
|
3714
|
+
# @return [Integer]
|
3715
|
+
#
|
3716
|
+
# @!attribute [rw] bytes_scanned
|
3717
|
+
# The total bytes that the query scanned in the event data store. This
|
3718
|
+
# value matches the number of bytes for which your account is billed
|
3719
|
+
# for the query, unless the query is still running.
|
3720
|
+
# @return [Integer]
|
3721
|
+
#
|
3722
|
+
# @!attribute [rw] execution_time_in_millis
|
3723
|
+
# The query's run time, in milliseconds.
|
3724
|
+
# @return [Integer]
|
3725
|
+
#
|
3726
|
+
# @!attribute [rw] creation_time
|
3727
|
+
# The creation time of the query.
|
3728
|
+
# @return [Time]
|
3729
|
+
#
|
3730
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/QueryStatisticsForDescribeQuery AWS API Documentation
|
3731
|
+
#
|
3732
|
+
class QueryStatisticsForDescribeQuery < Struct.new(
|
3733
|
+
:events_matched,
|
3734
|
+
:events_scanned,
|
3735
|
+
:bytes_scanned,
|
3736
|
+
:execution_time_in_millis,
|
3737
|
+
:creation_time)
|
3738
|
+
SENSITIVE = []
|
3739
|
+
include Aws::Structure
|
3740
|
+
end
|
3741
|
+
|
3742
|
+
# Specifies an organization member account ID as a CloudTrail delegated
|
3743
|
+
# administrator.
|
3744
|
+
#
|
3745
|
+
# @!attribute [rw] member_account_id
|
3746
|
+
# An organization member account ID that you want to designate as a
|
3747
|
+
# delegated administrator.
|
3748
|
+
# @return [String]
|
3749
|
+
#
|
3750
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RegisterOrganizationDelegatedAdminRequest AWS API Documentation
|
3751
|
+
#
|
3752
|
+
class RegisterOrganizationDelegatedAdminRequest < Struct.new(
|
3753
|
+
:member_account_id)
|
3754
|
+
SENSITIVE = []
|
3755
|
+
include Aws::Structure
|
3756
|
+
end
|
3757
|
+
|
3758
|
+
# Returns the following response if successful. Otherwise, returns an
|
3759
|
+
# error.
|
3760
|
+
#
|
3761
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RegisterOrganizationDelegatedAdminResponse AWS API Documentation
|
3762
|
+
#
|
3763
|
+
class RegisterOrganizationDelegatedAdminResponse < Aws::EmptyStructure; end
|
3764
|
+
|
3765
|
+
# Specifies the tags to remove from a trail, event data store, or
|
3766
|
+
# channel.
|
3767
|
+
#
|
3768
|
+
# @!attribute [rw] resource_id
|
3769
|
+
# Specifies the ARN of the trail, event data store, or channel from
|
3770
|
+
# which tags should be removed.
|
3771
|
+
#
|
3772
|
+
# Example trail ARN format:
|
3773
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
3774
|
+
#
|
3775
|
+
# Example event data store ARN format:
|
3776
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
|
3777
|
+
#
|
3778
|
+
# Example channel ARN format:
|
3779
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
|
3780
|
+
# @return [String]
|
3781
|
+
#
|
3782
|
+
# @!attribute [rw] tags_list
|
3783
|
+
# Specifies a list of tags to be removed.
|
3784
|
+
# @return [Array<Types::Tag>]
|
3785
|
+
#
|
3786
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RemoveTagsRequest AWS API Documentation
|
3787
|
+
#
|
3788
|
+
class RemoveTagsRequest < Struct.new(
|
3789
|
+
:resource_id,
|
3790
|
+
:tags_list)
|
3791
|
+
SENSITIVE = []
|
3792
|
+
include Aws::Structure
|
3793
|
+
end
|
3794
|
+
|
3795
|
+
# Returns the objects or data listed below if successful. Otherwise,
|
3796
|
+
# returns an error.
|
3797
|
+
#
|
3798
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RemoveTagsResponse AWS API Documentation
|
3799
|
+
#
|
3800
|
+
class RemoveTagsResponse < Aws::EmptyStructure; end
|
3801
|
+
|
3802
|
+
# Specifies the type and name of a resource referenced by an event.
|
3803
|
+
#
|
3804
|
+
# @!attribute [rw] resource_type
|
3805
|
+
# The type of a resource referenced by the event returned. When the
|
3806
|
+
# resource type cannot be determined, null is returned. Some examples
|
3807
|
+
# of resource types are: **Instance** for EC2, **Trail** for
|
3808
|
+
# CloudTrail, **DBInstance** for Amazon RDS, and **AccessKey** for
|
3809
|
+
# IAM. To learn more about how to look up and filter events by the
|
3810
|
+
# resource types supported for a service, see [Filtering CloudTrail
|
3811
|
+
# Events][1].
|
3812
|
+
#
|
3813
|
+
#
|
3814
|
+
#
|
3815
|
+
# [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events-console.html#filtering-cloudtrail-events
|
3816
|
+
# @return [String]
|
3817
|
+
#
|
3818
|
+
# @!attribute [rw] resource_name
|
3819
|
+
# The name of the resource referenced by the event returned. These are
|
3820
|
+
# user-created names whose values will depend on the environment. For
|
3821
|
+
# example, the resource name might be "auto-scaling-test-group" for
|
3822
|
+
# an Auto Scaling Group or "i-1234567" for an EC2 Instance.
|
3823
|
+
# @return [String]
|
3824
|
+
#
|
3825
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/Resource AWS API Documentation
|
3826
|
+
#
|
3827
|
+
class Resource < Struct.new(
|
3828
|
+
:resource_type,
|
3829
|
+
:resource_name)
|
3830
|
+
SENSITIVE = []
|
3831
|
+
include Aws::Structure
|
3832
|
+
end
|
3833
|
+
|
3834
|
+
# This exception is thrown when the provided resource does not exist, or
|
3835
|
+
# the ARN format of the resource is not valid. The following is the
|
3836
|
+
# valid format for a resource ARN:
|
3837
|
+
# `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel`.
|
3838
|
+
#
|
3839
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ResourceARNNotValidException AWS API Documentation
|
3840
|
+
#
|
3841
|
+
class ResourceARNNotValidException < Aws::EmptyStructure; end
|
3842
|
+
|
3843
|
+
# This exception is thrown when the specified resource is not found.
|
3844
|
+
#
|
3845
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ResourceNotFoundException AWS API Documentation
|
3846
|
+
#
|
3847
|
+
class ResourceNotFoundException < Aws::EmptyStructure; end
|
3848
|
+
|
3849
|
+
# This exception is thrown when the specified resource policy is not
|
3850
|
+
# found.
|
3851
|
+
#
|
3852
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ResourcePolicyNotFoundException AWS API Documentation
|
3853
|
+
#
|
3854
|
+
class ResourcePolicyNotFoundException < Aws::EmptyStructure; end
|
3855
|
+
|
3856
|
+
# This exception is thrown when the resouce-based policy has syntax
|
3857
|
+
# errors, or contains a principal that is not valid.
|
3858
|
+
#
|
3859
|
+
# The following are requirements for the resource policy:
|
3860
|
+
#
|
3861
|
+
# * Contains only one action: cloudtrail-data:PutAuditEvents
|
3862
|
+
#
|
3863
|
+
# * Contains at least one statement. The policy can have a maximum of 20
|
3864
|
+
# statements.
|
3865
|
+
#
|
3866
|
+
# * Each statement contains at least one principal. A statement can have
|
3867
|
+
# a maximum of 50 principals.
|
3868
|
+
#
|
3869
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ResourcePolicyNotValidException AWS API Documentation
|
3870
|
+
#
|
3871
|
+
class ResourcePolicyNotValidException < Aws::EmptyStructure; end
|
3872
|
+
|
3873
|
+
# A resource tag.
|
3874
|
+
#
|
3875
|
+
# @!attribute [rw] resource_id
|
3876
|
+
# Specifies the ARN of the resource.
|
3877
|
+
# @return [String]
|
3878
|
+
#
|
3879
|
+
# @!attribute [rw] tags_list
|
3880
|
+
# A list of tags.
|
3881
|
+
# @return [Array<Types::Tag>]
|
3882
|
+
#
|
3883
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ResourceTag AWS API Documentation
|
3884
|
+
#
|
3885
|
+
class ResourceTag < Struct.new(
|
3886
|
+
:resource_id,
|
3887
|
+
:tags_list)
|
3888
|
+
SENSITIVE = []
|
3889
|
+
include Aws::Structure
|
3890
|
+
end
|
3891
|
+
|
3892
|
+
# This exception is thrown when the specified resource type is not
|
3893
|
+
# supported by CloudTrail.
|
3894
|
+
#
|
3895
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ResourceTypeNotSupportedException AWS API Documentation
|
3896
|
+
#
|
3897
|
+
class ResourceTypeNotSupportedException < Aws::EmptyStructure; end
|
3898
|
+
|
3899
|
+
# @!attribute [rw] event_data_store
|
3900
|
+
# The ARN (or the ID suffix of the ARN) of the event data store that
|
3901
|
+
# you want to restore.
|
3902
|
+
# @return [String]
|
3903
|
+
#
|
3904
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RestoreEventDataStoreRequest AWS API Documentation
|
3905
|
+
#
|
3906
|
+
class RestoreEventDataStoreRequest < Struct.new(
|
3907
|
+
:event_data_store)
|
3908
|
+
SENSITIVE = []
|
3909
|
+
include Aws::Structure
|
3910
|
+
end
|
3911
|
+
|
3912
|
+
# @!attribute [rw] event_data_store_arn
|
3913
|
+
# The event data store ARN.
|
3914
|
+
# @return [String]
|
3915
|
+
#
|
3916
|
+
# @!attribute [rw] name
|
3917
|
+
# The name of the event data store.
|
3918
|
+
# @return [String]
|
3919
|
+
#
|
3920
|
+
# @!attribute [rw] status
|
3921
|
+
# The status of the event data store.
|
3922
|
+
# @return [String]
|
3923
|
+
#
|
3924
|
+
# @!attribute [rw] advanced_event_selectors
|
3925
|
+
# The advanced event selectors that were used to select events.
|
3926
|
+
# @return [Array<Types::AdvancedEventSelector>]
|
3927
|
+
#
|
3928
|
+
# @!attribute [rw] multi_region_enabled
|
3929
|
+
# Indicates whether the event data store is collecting events from all
|
3930
|
+
# Regions, or only from the Region in which the event data store was
|
3931
|
+
# created.
|
3932
|
+
# @return [Boolean]
|
3933
|
+
#
|
3934
|
+
# @!attribute [rw] organization_enabled
|
3935
|
+
# Indicates whether an event data store is collecting logged events
|
3936
|
+
# for an organization in Organizations.
|
3937
|
+
# @return [Boolean]
|
3938
|
+
#
|
3939
|
+
# @!attribute [rw] retention_period
|
3940
|
+
# The retention period, in days.
|
3941
|
+
# @return [Integer]
|
3942
|
+
#
|
3943
|
+
# @!attribute [rw] termination_protection_enabled
|
3944
|
+
# Indicates that termination protection is enabled and the event data
|
3945
|
+
# store cannot be automatically deleted.
|
3946
|
+
# @return [Boolean]
|
3947
|
+
#
|
3948
|
+
# @!attribute [rw] created_timestamp
|
3949
|
+
# The timestamp of an event data store's creation.
|
3950
|
+
# @return [Time]
|
3951
|
+
#
|
3952
|
+
# @!attribute [rw] updated_timestamp
|
3953
|
+
# The timestamp that shows when an event data store was updated, if
|
3954
|
+
# applicable. `UpdatedTimestamp` is always either the same or newer
|
3955
|
+
# than the time shown in `CreatedTimestamp`.
|
3956
|
+
# @return [Time]
|
3957
|
+
#
|
3958
|
+
# @!attribute [rw] kms_key_id
|
3959
|
+
# Specifies the KMS key ID that encrypts the events delivered by
|
3960
|
+
# CloudTrail. The value is a fully specified ARN to a KMS key in the
|
3961
|
+
# following format.
|
3962
|
+
#
|
3963
|
+
# `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
|
3964
|
+
# @return [String]
|
3965
|
+
#
|
3966
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RestoreEventDataStoreResponse AWS API Documentation
|
3967
|
+
#
|
3968
|
+
class RestoreEventDataStoreResponse < Struct.new(
|
3969
|
+
:event_data_store_arn,
|
3970
|
+
:name,
|
3971
|
+
:status,
|
3972
|
+
:advanced_event_selectors,
|
3973
|
+
:multi_region_enabled,
|
3974
|
+
:organization_enabled,
|
3975
|
+
:retention_period,
|
3976
|
+
:termination_protection_enabled,
|
3977
|
+
:created_timestamp,
|
3978
|
+
:updated_timestamp,
|
3979
|
+
:kms_key_id)
|
3980
|
+
SENSITIVE = []
|
3981
|
+
include Aws::Structure
|
3982
|
+
end
|
3983
|
+
|
3984
|
+
# This exception is thrown when the specified S3 bucket does not exist.
|
3985
|
+
#
|
3986
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/S3BucketDoesNotExistException AWS API Documentation
|
3987
|
+
#
|
3988
|
+
class S3BucketDoesNotExistException < Aws::EmptyStructure; end
|
3989
|
+
|
3990
|
+
# The settings for the source S3 bucket.
|
3991
|
+
#
|
3992
|
+
# @!attribute [rw] s3_location_uri
|
3993
|
+
# The URI for the source S3 bucket.
|
3994
|
+
# @return [String]
|
3995
|
+
#
|
3996
|
+
# @!attribute [rw] s3_bucket_region
|
3997
|
+
# The Region associated with the source S3 bucket.
|
3998
|
+
# @return [String]
|
3999
|
+
#
|
4000
|
+
# @!attribute [rw] s3_bucket_access_role_arn
|
4001
|
+
# The IAM ARN role used to access the source S3 bucket.
|
4002
|
+
# @return [String]
|
4003
|
+
#
|
4004
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/S3ImportSource AWS API Documentation
|
4005
|
+
#
|
4006
|
+
class S3ImportSource < Struct.new(
|
4007
|
+
:s3_location_uri,
|
4008
|
+
:s3_bucket_region,
|
4009
|
+
:s3_bucket_access_role_arn)
|
4010
|
+
SENSITIVE = []
|
4011
|
+
include Aws::Structure
|
4012
|
+
end
|
4013
|
+
|
4014
|
+
# Contains configuration information about the channel.
|
4015
|
+
#
|
4016
|
+
# @!attribute [rw] apply_to_all_regions
|
4017
|
+
# Specifies whether the channel applies to a single Region or to all
|
4018
|
+
# Regions.
|
4019
|
+
# @return [Boolean]
|
4020
|
+
#
|
4021
|
+
# @!attribute [rw] advanced_event_selectors
|
4022
|
+
# The advanced event selectors that are configured for the channel.
|
4023
|
+
# @return [Array<Types::AdvancedEventSelector>]
|
4024
|
+
#
|
4025
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/SourceConfig AWS API Documentation
|
4026
|
+
#
|
4027
|
+
class SourceConfig < Struct.new(
|
4028
|
+
:apply_to_all_regions,
|
4029
|
+
:advanced_event_selectors)
|
4030
|
+
SENSITIVE = []
|
4031
|
+
include Aws::Structure
|
4032
|
+
end
|
4033
|
+
|
4034
|
+
# @!attribute [rw] event_data_store
|
4035
|
+
# The ARN (or ID suffix of the ARN) of the event data store for which
|
4036
|
+
# you want to start ingestion.
|
4037
|
+
# @return [String]
|
4038
|
+
#
|
4039
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartEventDataStoreIngestionRequest AWS API Documentation
|
4040
|
+
#
|
4041
|
+
class StartEventDataStoreIngestionRequest < Struct.new(
|
4042
|
+
:event_data_store)
|
4043
|
+
SENSITIVE = []
|
4044
|
+
include Aws::Structure
|
4045
|
+
end
|
4046
|
+
|
4047
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartEventDataStoreIngestionResponse AWS API Documentation
|
4048
|
+
#
|
4049
|
+
class StartEventDataStoreIngestionResponse < Aws::EmptyStructure; end
|
4050
|
+
|
4051
|
+
# @!attribute [rw] destinations
|
4052
|
+
# The ARN of the destination event data store. Use this parameter for
|
4053
|
+
# a new import.
|
4054
|
+
# @return [Array<String>]
|
4055
|
+
#
|
4056
|
+
# @!attribute [rw] import_source
|
4057
|
+
# The source S3 bucket for the import. Use this parameter for a new
|
4058
|
+
# import.
|
4059
|
+
# @return [Types::ImportSource]
|
4060
|
+
#
|
4061
|
+
# @!attribute [rw] start_event_time
|
4062
|
+
# Use with `EndEventTime` to bound a `StartImport` request, and limit
|
4063
|
+
# imported trail events to only those events logged within a specified
|
4064
|
+
# time period. When you specify a time range, CloudTrail checks the
|
4065
|
+
# prefix and log file names to verify the names contain a date between
|
4066
|
+
# the specified `StartEventTime` and `EndEventTime` before attempting
|
4067
|
+
# to import events.
|
4068
|
+
# @return [Time]
|
2068
4069
|
#
|
2069
|
-
#
|
2070
|
-
#
|
2071
|
-
#
|
2072
|
-
#
|
2073
|
-
#
|
2074
|
-
#
|
2075
|
-
#
|
2076
|
-
#
|
4070
|
+
# @!attribute [rw] end_event_time
|
4071
|
+
# Use with `StartEventTime` to bound a `StartImport` request, and
|
4072
|
+
# limit imported trail events to only those events logged within a
|
4073
|
+
# specified time period. When you specify a time range, CloudTrail
|
4074
|
+
# checks the prefix and log file names to verify the names contain a
|
4075
|
+
# date between the specified `StartEventTime` and `EndEventTime`
|
4076
|
+
# before attempting to import events.
|
4077
|
+
# @return [Time]
|
2077
4078
|
#
|
2078
|
-
# @!attribute [rw]
|
2079
|
-
# The
|
2080
|
-
#
|
4079
|
+
# @!attribute [rw] import_id
|
4080
|
+
# The ID of the import. Use this parameter when you are retrying an
|
4081
|
+
# import.
|
2081
4082
|
# @return [String]
|
2082
4083
|
#
|
2083
|
-
#
|
2084
|
-
# A JSON string that contains the Insights types that you want to log
|
2085
|
-
# on a trail. The valid Insights type in this release is
|
2086
|
-
# `ApiCallRateInsight`.
|
2087
|
-
# @return [Array<Types::InsightSelector>]
|
2088
|
-
#
|
2089
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectorsRequest AWS API Documentation
|
4084
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartImportRequest AWS API Documentation
|
2090
4085
|
#
|
2091
|
-
class
|
2092
|
-
:
|
2093
|
-
:
|
4086
|
+
class StartImportRequest < Struct.new(
|
4087
|
+
:destinations,
|
4088
|
+
:import_source,
|
4089
|
+
:start_event_time,
|
4090
|
+
:end_event_time,
|
4091
|
+
:import_id)
|
2094
4092
|
SENSITIVE = []
|
2095
4093
|
include Aws::Structure
|
2096
4094
|
end
|
2097
4095
|
|
2098
|
-
# @!attribute [rw]
|
2099
|
-
# The
|
2100
|
-
# change or add Insights selectors.
|
4096
|
+
# @!attribute [rw] import_id
|
4097
|
+
# The ID of the import.
|
2101
4098
|
# @return [String]
|
2102
4099
|
#
|
2103
|
-
# @!attribute [rw]
|
2104
|
-
#
|
2105
|
-
#
|
2106
|
-
# `ApiCallRateInsight`.
|
2107
|
-
# @return [Array<Types::InsightSelector>]
|
4100
|
+
# @!attribute [rw] destinations
|
4101
|
+
# The ARN of the destination event data store.
|
4102
|
+
# @return [Array<String>]
|
2108
4103
|
#
|
2109
|
-
#
|
4104
|
+
# @!attribute [rw] import_source
|
4105
|
+
# The source S3 bucket for the import.
|
4106
|
+
# @return [Types::ImportSource]
|
2110
4107
|
#
|
2111
|
-
|
2112
|
-
|
2113
|
-
|
4108
|
+
# @!attribute [rw] start_event_time
|
4109
|
+
# Used with `EndEventTime` to bound a `StartImport` request, and limit
|
4110
|
+
# imported trail events to only those events logged within a specified
|
4111
|
+
# time period.
|
4112
|
+
# @return [Time]
|
4113
|
+
#
|
4114
|
+
# @!attribute [rw] end_event_time
|
4115
|
+
# Used with `StartEventTime` to bound a `StartImport` request, and
|
4116
|
+
# limit imported trail events to only those events logged within a
|
4117
|
+
# specified time period.
|
4118
|
+
# @return [Time]
|
4119
|
+
#
|
4120
|
+
# @!attribute [rw] import_status
|
4121
|
+
# Shows the status of the import after a `StartImport` request. An
|
4122
|
+
# import finishes with a status of `COMPLETED` if there were no
|
4123
|
+
# failures, or `FAILED` if there were failures.
|
4124
|
+
# @return [String]
|
4125
|
+
#
|
4126
|
+
# @!attribute [rw] created_timestamp
|
4127
|
+
# The timestamp for the import's creation.
|
4128
|
+
# @return [Time]
|
4129
|
+
#
|
4130
|
+
# @!attribute [rw] updated_timestamp
|
4131
|
+
# The timestamp of the import's last update, if applicable.
|
4132
|
+
# @return [Time]
|
4133
|
+
#
|
4134
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartImportResponse AWS API Documentation
|
4135
|
+
#
|
4136
|
+
class StartImportResponse < Struct.new(
|
4137
|
+
:import_id,
|
4138
|
+
:destinations,
|
4139
|
+
:import_source,
|
4140
|
+
:start_event_time,
|
4141
|
+
:end_event_time,
|
4142
|
+
:import_status,
|
4143
|
+
:created_timestamp,
|
4144
|
+
:updated_timestamp)
|
2114
4145
|
SENSITIVE = []
|
2115
4146
|
include Aws::Structure
|
2116
4147
|
end
|
2117
4148
|
|
2118
|
-
#
|
2119
|
-
#
|
2120
|
-
# @note When making an API call, you may pass RemoveTagsRequest
|
2121
|
-
# data as a hash:
|
2122
|
-
#
|
2123
|
-
# {
|
2124
|
-
# resource_id: "String", # required
|
2125
|
-
# tags_list: [
|
2126
|
-
# {
|
2127
|
-
# key: "String", # required
|
2128
|
-
# value: "String",
|
2129
|
-
# },
|
2130
|
-
# ],
|
2131
|
-
# }
|
4149
|
+
# The request to CloudTrail to start logging Amazon Web Services API
|
4150
|
+
# calls for an account.
|
2132
4151
|
#
|
2133
|
-
# @!attribute [rw]
|
2134
|
-
# Specifies the ARN of the trail
|
2135
|
-
#
|
4152
|
+
# @!attribute [rw] name
|
4153
|
+
# Specifies the name or the CloudTrail ARN of the trail for which
|
4154
|
+
# CloudTrail logs Amazon Web Services API calls. The following is the
|
4155
|
+
# format of a trail ARN.
|
2136
4156
|
#
|
2137
4157
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
|
2138
4158
|
# @return [String]
|
2139
4159
|
#
|
2140
|
-
#
|
2141
|
-
# Specifies a list of tags to be removed.
|
2142
|
-
# @return [Array<Types::Tag>]
|
2143
|
-
#
|
2144
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RemoveTagsRequest AWS API Documentation
|
4160
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartLoggingRequest AWS API Documentation
|
2145
4161
|
#
|
2146
|
-
class
|
2147
|
-
:
|
2148
|
-
:tags_list)
|
4162
|
+
class StartLoggingRequest < Struct.new(
|
4163
|
+
:name)
|
2149
4164
|
SENSITIVE = []
|
2150
4165
|
include Aws::Structure
|
2151
4166
|
end
|
@@ -2153,123 +4168,138 @@ module Aws::CloudTrail
|
|
2153
4168
|
# Returns the objects or data listed below if successful. Otherwise,
|
2154
4169
|
# returns an error.
|
2155
4170
|
#
|
2156
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/
|
4171
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartLoggingResponse AWS API Documentation
|
2157
4172
|
#
|
2158
|
-
class
|
4173
|
+
class StartLoggingResponse < Aws::EmptyStructure; end
|
2159
4174
|
|
2160
|
-
#
|
2161
|
-
#
|
2162
|
-
#
|
2163
|
-
# The type of a resource referenced by the event returned. When the
|
2164
|
-
# resource type cannot be determined, null is returned. Some examples
|
2165
|
-
# of resource types are: **Instance** for EC2, **Trail** for
|
2166
|
-
# CloudTrail, **DBInstance** for Amazon RDS, and **AccessKey** for
|
2167
|
-
# IAM. To learn more about how to look up and filter events by the
|
2168
|
-
# resource types supported for a service, see [Filtering CloudTrail
|
2169
|
-
# Events][1].
|
2170
|
-
#
|
2171
|
-
#
|
4175
|
+
# @!attribute [rw] query_statement
|
4176
|
+
# The SQL code of your query.
|
4177
|
+
# @return [String]
|
2172
4178
|
#
|
2173
|
-
#
|
4179
|
+
# @!attribute [rw] delivery_s3_uri
|
4180
|
+
# The URI for the S3 bucket where CloudTrail delivers the query
|
4181
|
+
# results.
|
2174
4182
|
# @return [String]
|
2175
4183
|
#
|
2176
|
-
# @!attribute [rw]
|
2177
|
-
# The
|
2178
|
-
# user-created names whose values will depend on the environment. For
|
2179
|
-
# example, the resource name might be "auto-scaling-test-group" for
|
2180
|
-
# an Auto Scaling Group or "i-1234567" for an EC2 Instance.
|
4184
|
+
# @!attribute [rw] query_alias
|
4185
|
+
# The alias that identifies a query template.
|
2181
4186
|
# @return [String]
|
2182
4187
|
#
|
2183
|
-
#
|
4188
|
+
# @!attribute [rw] query_parameters
|
4189
|
+
# The query parameters for the specified `QueryAlias`.
|
4190
|
+
# @return [Array<String>]
|
2184
4191
|
#
|
2185
|
-
|
2186
|
-
|
2187
|
-
|
4192
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartQueryRequest AWS API Documentation
|
4193
|
+
#
|
4194
|
+
class StartQueryRequest < Struct.new(
|
4195
|
+
:query_statement,
|
4196
|
+
:delivery_s3_uri,
|
4197
|
+
:query_alias,
|
4198
|
+
:query_parameters)
|
2188
4199
|
SENSITIVE = []
|
2189
4200
|
include Aws::Structure
|
2190
4201
|
end
|
2191
4202
|
|
2192
|
-
#
|
4203
|
+
# @!attribute [rw] query_id
|
4204
|
+
# The ID of the started query.
|
4205
|
+
# @return [String]
|
2193
4206
|
#
|
2194
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/
|
4207
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartQueryResponse AWS API Documentation
|
2195
4208
|
#
|
2196
|
-
class
|
4209
|
+
class StartQueryResponse < Struct.new(
|
4210
|
+
:query_id)
|
4211
|
+
SENSITIVE = []
|
4212
|
+
include Aws::Structure
|
4213
|
+
end
|
2197
4214
|
|
2198
|
-
#
|
2199
|
-
#
|
2200
|
-
#
|
2201
|
-
# Specifies the ARN of the resource.
|
4215
|
+
# @!attribute [rw] event_data_store
|
4216
|
+
# The ARN (or ID suffix of the ARN) of the event data store for which
|
4217
|
+
# you want to stop ingestion.
|
2202
4218
|
# @return [String]
|
2203
4219
|
#
|
2204
|
-
#
|
2205
|
-
# A list of tags.
|
2206
|
-
# @return [Array<Types::Tag>]
|
2207
|
-
#
|
2208
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ResourceTag AWS API Documentation
|
4220
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StopEventDataStoreIngestionRequest AWS API Documentation
|
2209
4221
|
#
|
2210
|
-
class
|
2211
|
-
:
|
2212
|
-
:tags_list)
|
4222
|
+
class StopEventDataStoreIngestionRequest < Struct.new(
|
4223
|
+
:event_data_store)
|
2213
4224
|
SENSITIVE = []
|
2214
4225
|
include Aws::Structure
|
2215
4226
|
end
|
2216
4227
|
|
2217
|
-
#
|
2218
|
-
# supported by CloudTrail.
|
2219
|
-
#
|
2220
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ResourceTypeNotSupportedException AWS API Documentation
|
4228
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StopEventDataStoreIngestionResponse AWS API Documentation
|
2221
4229
|
#
|
2222
|
-
class
|
4230
|
+
class StopEventDataStoreIngestionResponse < Aws::EmptyStructure; end
|
2223
4231
|
|
2224
|
-
#
|
4232
|
+
# @!attribute [rw] import_id
|
4233
|
+
# The ID of the import.
|
4234
|
+
# @return [String]
|
2225
4235
|
#
|
2226
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/
|
4236
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StopImportRequest AWS API Documentation
|
2227
4237
|
#
|
2228
|
-
class
|
4238
|
+
class StopImportRequest < Struct.new(
|
4239
|
+
:import_id)
|
4240
|
+
SENSITIVE = []
|
4241
|
+
include Aws::Structure
|
4242
|
+
end
|
2229
4243
|
|
2230
|
-
#
|
2231
|
-
#
|
2232
|
-
#
|
2233
|
-
# @note When making an API call, you may pass StartLoggingRequest
|
2234
|
-
# data as a hash:
|
4244
|
+
# @!attribute [rw] import_id
|
4245
|
+
# The ID for the import.
|
4246
|
+
# @return [String]
|
2235
4247
|
#
|
2236
|
-
#
|
2237
|
-
#
|
2238
|
-
#
|
4248
|
+
# @!attribute [rw] import_source
|
4249
|
+
# The source S3 bucket for the import.
|
4250
|
+
# @return [Types::ImportSource]
|
2239
4251
|
#
|
2240
|
-
# @!attribute [rw]
|
2241
|
-
#
|
2242
|
-
#
|
2243
|
-
# format of a trail ARN.
|
4252
|
+
# @!attribute [rw] destinations
|
4253
|
+
# The ARN of the destination event data store.
|
4254
|
+
# @return [Array<String>]
|
2244
4255
|
#
|
2245
|
-
#
|
4256
|
+
# @!attribute [rw] import_status
|
4257
|
+
# The status of the import.
|
2246
4258
|
# @return [String]
|
2247
4259
|
#
|
2248
|
-
#
|
4260
|
+
# @!attribute [rw] created_timestamp
|
4261
|
+
# The timestamp of the import's creation.
|
4262
|
+
# @return [Time]
|
2249
4263
|
#
|
2250
|
-
|
2251
|
-
|
4264
|
+
# @!attribute [rw] updated_timestamp
|
4265
|
+
# The timestamp of the import's last update.
|
4266
|
+
# @return [Time]
|
4267
|
+
#
|
4268
|
+
# @!attribute [rw] start_event_time
|
4269
|
+
# Used with `EndEventTime` to bound a `StartImport` request, and limit
|
4270
|
+
# imported trail events to only those events logged within a specified
|
4271
|
+
# time period.
|
4272
|
+
# @return [Time]
|
4273
|
+
#
|
4274
|
+
# @!attribute [rw] end_event_time
|
4275
|
+
# Used with `StartEventTime` to bound a `StartImport` request, and
|
4276
|
+
# limit imported trail events to only those events logged within a
|
4277
|
+
# specified time period.
|
4278
|
+
# @return [Time]
|
4279
|
+
#
|
4280
|
+
# @!attribute [rw] import_statistics
|
4281
|
+
# Returns information on the stopped import.
|
4282
|
+
# @return [Types::ImportStatistics]
|
4283
|
+
#
|
4284
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StopImportResponse AWS API Documentation
|
4285
|
+
#
|
4286
|
+
class StopImportResponse < Struct.new(
|
4287
|
+
:import_id,
|
4288
|
+
:import_source,
|
4289
|
+
:destinations,
|
4290
|
+
:import_status,
|
4291
|
+
:created_timestamp,
|
4292
|
+
:updated_timestamp,
|
4293
|
+
:start_event_time,
|
4294
|
+
:end_event_time,
|
4295
|
+
:import_statistics)
|
2252
4296
|
SENSITIVE = []
|
2253
4297
|
include Aws::Structure
|
2254
4298
|
end
|
2255
4299
|
|
2256
|
-
# Returns the objects or data listed below if successful. Otherwise,
|
2257
|
-
# returns an error.
|
2258
|
-
#
|
2259
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartLoggingResponse AWS API Documentation
|
2260
|
-
#
|
2261
|
-
class StartLoggingResponse < Aws::EmptyStructure; end
|
2262
|
-
|
2263
4300
|
# Passes the request to CloudTrail to stop logging Amazon Web Services
|
2264
4301
|
# API calls for the specified account.
|
2265
4302
|
#
|
2266
|
-
# @note When making an API call, you may pass StopLoggingRequest
|
2267
|
-
# data as a hash:
|
2268
|
-
#
|
2269
|
-
# {
|
2270
|
-
# name: "String", # required
|
2271
|
-
# }
|
2272
|
-
#
|
2273
4303
|
# @!attribute [rw] name
|
2274
4304
|
# Specifies the name or the CloudTrail ARN of the trail for which
|
2275
4305
|
# CloudTrail will stop logging Amazon Web Services API calls. The
|
@@ -2294,15 +4324,7 @@ module Aws::CloudTrail
|
|
2294
4324
|
class StopLoggingResponse < Aws::EmptyStructure; end
|
2295
4325
|
|
2296
4326
|
# A custom key-value pair associated with a resource such as a
|
2297
|
-
# CloudTrail trail.
|
2298
|
-
#
|
2299
|
-
# @note When making an API call, you may pass Tag
|
2300
|
-
# data as a hash:
|
2301
|
-
#
|
2302
|
-
# {
|
2303
|
-
# key: "String", # required
|
2304
|
-
# value: "String",
|
2305
|
-
# }
|
4327
|
+
# CloudTrail trail, event data store, or channel.
|
2306
4328
|
#
|
2307
4329
|
# @!attribute [rw] key
|
2308
4330
|
# The key in a key-value pair. The key must be must be no longer than
|
@@ -2324,13 +4346,19 @@ module Aws::CloudTrail
|
|
2324
4346
|
include Aws::Structure
|
2325
4347
|
end
|
2326
4348
|
|
2327
|
-
# The number of tags per trail
|
2328
|
-
# Currently, the limit is 50.
|
4349
|
+
# The number of tags per trail, event data store, or channel has
|
4350
|
+
# exceeded the permitted amount. Currently, the limit is 50.
|
2329
4351
|
#
|
2330
4352
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/TagsLimitExceededException AWS API Documentation
|
2331
4353
|
#
|
2332
4354
|
class TagsLimitExceededException < Aws::EmptyStructure; end
|
2333
4355
|
|
4356
|
+
# This exception is thrown when the request rate exceeds the limit.
|
4357
|
+
#
|
4358
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ThrottlingException AWS API Documentation
|
4359
|
+
#
|
4360
|
+
class ThrottlingException < Aws::EmptyStructure; end
|
4361
|
+
|
2334
4362
|
# The settings for a trail.
|
2335
4363
|
#
|
2336
4364
|
# @!attribute [rw] name
|
@@ -2359,7 +4387,7 @@ module Aws::CloudTrail
|
|
2359
4387
|
# @return [String]
|
2360
4388
|
#
|
2361
4389
|
# @!attribute [rw] sns_topic_name
|
2362
|
-
# This field is no longer in use. Use SnsTopicARN
|
4390
|
+
# This field is no longer in use. Use `SnsTopicARN`.
|
2363
4391
|
# @return [String]
|
2364
4392
|
#
|
2365
4393
|
# @!attribute [rw] sns_topic_arn
|
@@ -2376,12 +4404,12 @@ module Aws::CloudTrail
|
|
2376
4404
|
# @return [Boolean]
|
2377
4405
|
#
|
2378
4406
|
# @!attribute [rw] is_multi_region_trail
|
2379
|
-
# Specifies whether the trail exists only in one
|
2380
|
-
# all
|
4407
|
+
# Specifies whether the trail exists only in one Region or exists in
|
4408
|
+
# all Regions.
|
2381
4409
|
# @return [Boolean]
|
2382
4410
|
#
|
2383
4411
|
# @!attribute [rw] home_region
|
2384
|
-
# The
|
4412
|
+
# The Region in which the trail was created.
|
2385
4413
|
# @return [String]
|
2386
4414
|
#
|
2387
4415
|
# @!attribute [rw] trail_arn
|
@@ -2456,7 +4484,7 @@ module Aws::CloudTrail
|
|
2456
4484
|
class TrailAlreadyExistsException < Aws::EmptyStructure; end
|
2457
4485
|
|
2458
4486
|
# Information about a CloudTrail trail, including the trail's name,
|
2459
|
-
# home
|
4487
|
+
# home Region, and Amazon Resource Name (ARN).
|
2460
4488
|
#
|
2461
4489
|
# @!attribute [rw] trail_arn
|
2462
4490
|
# The ARN of a trail.
|
@@ -2500,24 +4528,227 @@ module Aws::CloudTrail
|
|
2500
4528
|
#
|
2501
4529
|
class UnsupportedOperationException < Aws::EmptyStructure; end
|
2502
4530
|
|
2503
|
-
#
|
4531
|
+
# @!attribute [rw] channel
|
4532
|
+
# The ARN or ID (the ARN suffix) of the channel that you want to
|
4533
|
+
# update.
|
4534
|
+
# @return [String]
|
4535
|
+
#
|
4536
|
+
# @!attribute [rw] destinations
|
4537
|
+
# The ARNs of event data stores that you want to log events arriving
|
4538
|
+
# through the channel.
|
4539
|
+
# @return [Array<Types::Destination>]
|
4540
|
+
#
|
4541
|
+
# @!attribute [rw] name
|
4542
|
+
# Changes the name of the channel.
|
4543
|
+
# @return [String]
|
4544
|
+
#
|
4545
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateChannelRequest AWS API Documentation
|
4546
|
+
#
|
4547
|
+
class UpdateChannelRequest < Struct.new(
|
4548
|
+
:channel,
|
4549
|
+
:destinations,
|
4550
|
+
:name)
|
4551
|
+
SENSITIVE = []
|
4552
|
+
include Aws::Structure
|
4553
|
+
end
|
4554
|
+
|
4555
|
+
# @!attribute [rw] channel_arn
|
4556
|
+
# The ARN of the channel that was updated.
|
4557
|
+
# @return [String]
|
4558
|
+
#
|
4559
|
+
# @!attribute [rw] name
|
4560
|
+
# The name of the channel that was updated.
|
4561
|
+
# @return [String]
|
4562
|
+
#
|
4563
|
+
# @!attribute [rw] source
|
4564
|
+
# The event source of the channel that was updated.
|
4565
|
+
# @return [String]
|
4566
|
+
#
|
4567
|
+
# @!attribute [rw] destinations
|
4568
|
+
# The event data stores that log events arriving through the channel.
|
4569
|
+
# @return [Array<Types::Destination>]
|
4570
|
+
#
|
4571
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateChannelResponse AWS API Documentation
|
4572
|
+
#
|
4573
|
+
class UpdateChannelResponse < Struct.new(
|
4574
|
+
:channel_arn,
|
4575
|
+
:name,
|
4576
|
+
:source,
|
4577
|
+
:destinations)
|
4578
|
+
SENSITIVE = []
|
4579
|
+
include Aws::Structure
|
4580
|
+
end
|
4581
|
+
|
4582
|
+
# @!attribute [rw] event_data_store
|
4583
|
+
# The ARN (or the ID suffix of the ARN) of the event data store that
|
4584
|
+
# you want to update.
|
4585
|
+
# @return [String]
|
4586
|
+
#
|
4587
|
+
# @!attribute [rw] name
|
4588
|
+
# The event data store name.
|
4589
|
+
# @return [String]
|
4590
|
+
#
|
4591
|
+
# @!attribute [rw] advanced_event_selectors
|
4592
|
+
# The advanced event selectors used to select events for the event
|
4593
|
+
# data store. You can configure up to five advanced event selectors
|
4594
|
+
# for each event data store.
|
4595
|
+
# @return [Array<Types::AdvancedEventSelector>]
|
4596
|
+
#
|
4597
|
+
# @!attribute [rw] multi_region_enabled
|
4598
|
+
# Specifies whether an event data store collects events from all
|
4599
|
+
# Regions, or only from the Region in which it was created.
|
4600
|
+
# @return [Boolean]
|
4601
|
+
#
|
4602
|
+
# @!attribute [rw] organization_enabled
|
4603
|
+
# Specifies whether an event data store collects events logged for an
|
4604
|
+
# organization in Organizations.
|
4605
|
+
# @return [Boolean]
|
4606
|
+
#
|
4607
|
+
# @!attribute [rw] retention_period
|
4608
|
+
# The retention period of the event data store, in days. You can set a
|
4609
|
+
# retention period of up to 2557 days, the equivalent of seven years.
|
4610
|
+
# CloudTrail Lake determines whether to retain an event by checking if
|
4611
|
+
# the `eventTime` of the event is within the specified retention
|
4612
|
+
# period. For example, if you set a retention period of 90 days,
|
4613
|
+
# CloudTrail will remove events when the `eventTime` is older than 90
|
4614
|
+
# days.
|
4615
|
+
#
|
4616
|
+
# <note markdown="1"> If you decrease the retention period of an event data store,
|
4617
|
+
# CloudTrail will remove any events with an `eventTime` older than the
|
4618
|
+
# new retention period. For example, if the previous retention period
|
4619
|
+
# was 365 days and you decrease it to 100 days, CloudTrail will remove
|
4620
|
+
# events with an `eventTime` older than 100 days.
|
4621
|
+
#
|
4622
|
+
# </note>
|
4623
|
+
# @return [Integer]
|
4624
|
+
#
|
4625
|
+
# @!attribute [rw] termination_protection_enabled
|
4626
|
+
# Indicates that termination protection is enabled and the event data
|
4627
|
+
# store cannot be automatically deleted.
|
4628
|
+
# @return [Boolean]
|
4629
|
+
#
|
4630
|
+
# @!attribute [rw] kms_key_id
|
4631
|
+
# Specifies the KMS key ID to use to encrypt the events delivered by
|
4632
|
+
# CloudTrail. The value can be an alias name prefixed by `alias/`, a
|
4633
|
+
# fully specified ARN to an alias, a fully specified ARN to a key, or
|
4634
|
+
# a globally unique identifier.
|
4635
|
+
#
|
4636
|
+
# Disabling or deleting the KMS key, or removing CloudTrail
|
4637
|
+
# permissions on the key, prevents CloudTrail from logging events to
|
4638
|
+
# the event data store, and prevents users from querying the data in
|
4639
|
+
# the event data store that was encrypted with the key. After you
|
4640
|
+
# associate an event data store with a KMS key, the KMS key cannot be
|
4641
|
+
# removed or changed. Before you disable or delete a KMS key that you
|
4642
|
+
# are using with an event data store, delete or back up your event
|
4643
|
+
# data store.
|
4644
|
+
#
|
4645
|
+
# CloudTrail also supports KMS multi-Region keys. For more information
|
4646
|
+
# about multi-Region keys, see [Using multi-Region keys][1] in the
|
4647
|
+
# *Key Management Service Developer Guide*.
|
4648
|
+
#
|
4649
|
+
# Examples:
|
4650
|
+
#
|
4651
|
+
# * `alias/MyAliasName`
|
4652
|
+
#
|
4653
|
+
# * `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`
|
4654
|
+
#
|
4655
|
+
# * `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
|
4656
|
+
#
|
4657
|
+
# * `12345678-1234-1234-1234-123456789012`
|
4658
|
+
#
|
4659
|
+
#
|
4660
|
+
#
|
4661
|
+
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
|
4662
|
+
# @return [String]
|
4663
|
+
#
|
4664
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateEventDataStoreRequest AWS API Documentation
|
4665
|
+
#
|
4666
|
+
class UpdateEventDataStoreRequest < Struct.new(
|
4667
|
+
:event_data_store,
|
4668
|
+
:name,
|
4669
|
+
:advanced_event_selectors,
|
4670
|
+
:multi_region_enabled,
|
4671
|
+
:organization_enabled,
|
4672
|
+
:retention_period,
|
4673
|
+
:termination_protection_enabled,
|
4674
|
+
:kms_key_id)
|
4675
|
+
SENSITIVE = []
|
4676
|
+
include Aws::Structure
|
4677
|
+
end
|
4678
|
+
|
4679
|
+
# @!attribute [rw] event_data_store_arn
|
4680
|
+
# The ARN of the event data store.
|
4681
|
+
# @return [String]
|
4682
|
+
#
|
4683
|
+
# @!attribute [rw] name
|
4684
|
+
# The name of the event data store.
|
4685
|
+
# @return [String]
|
4686
|
+
#
|
4687
|
+
# @!attribute [rw] status
|
4688
|
+
# The status of an event data store.
|
4689
|
+
# @return [String]
|
2504
4690
|
#
|
2505
|
-
#
|
2506
|
-
#
|
2507
|
-
#
|
2508
|
-
#
|
2509
|
-
#
|
2510
|
-
#
|
2511
|
-
#
|
2512
|
-
#
|
2513
|
-
#
|
2514
|
-
#
|
2515
|
-
#
|
2516
|
-
#
|
2517
|
-
#
|
2518
|
-
#
|
2519
|
-
#
|
2520
|
-
#
|
4691
|
+
# @!attribute [rw] advanced_event_selectors
|
4692
|
+
# The advanced event selectors that are applied to the event data
|
4693
|
+
# store.
|
4694
|
+
# @return [Array<Types::AdvancedEventSelector>]
|
4695
|
+
#
|
4696
|
+
# @!attribute [rw] multi_region_enabled
|
4697
|
+
# Indicates whether the event data store includes events from all
|
4698
|
+
# Regions, or only from the Region in which it was created.
|
4699
|
+
# @return [Boolean]
|
4700
|
+
#
|
4701
|
+
# @!attribute [rw] organization_enabled
|
4702
|
+
# Indicates whether an event data store is collecting logged events
|
4703
|
+
# for an organization in Organizations.
|
4704
|
+
# @return [Boolean]
|
4705
|
+
#
|
4706
|
+
# @!attribute [rw] retention_period
|
4707
|
+
# The retention period, in days.
|
4708
|
+
# @return [Integer]
|
4709
|
+
#
|
4710
|
+
# @!attribute [rw] termination_protection_enabled
|
4711
|
+
# Indicates whether termination protection is enabled for the event
|
4712
|
+
# data store.
|
4713
|
+
# @return [Boolean]
|
4714
|
+
#
|
4715
|
+
# @!attribute [rw] created_timestamp
|
4716
|
+
# The timestamp that shows when an event data store was first created.
|
4717
|
+
# @return [Time]
|
4718
|
+
#
|
4719
|
+
# @!attribute [rw] updated_timestamp
|
4720
|
+
# The timestamp that shows when the event data store was last updated.
|
4721
|
+
# `UpdatedTimestamp` is always either the same or newer than the time
|
4722
|
+
# shown in `CreatedTimestamp`.
|
4723
|
+
# @return [Time]
|
4724
|
+
#
|
4725
|
+
# @!attribute [rw] kms_key_id
|
4726
|
+
# Specifies the KMS key ID that encrypts the events delivered by
|
4727
|
+
# CloudTrail. The value is a fully specified ARN to a KMS key in the
|
4728
|
+
# following format.
|
4729
|
+
#
|
4730
|
+
# `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
|
4731
|
+
# @return [String]
|
4732
|
+
#
|
4733
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateEventDataStoreResponse AWS API Documentation
|
4734
|
+
#
|
4735
|
+
class UpdateEventDataStoreResponse < Struct.new(
|
4736
|
+
:event_data_store_arn,
|
4737
|
+
:name,
|
4738
|
+
:status,
|
4739
|
+
:advanced_event_selectors,
|
4740
|
+
:multi_region_enabled,
|
4741
|
+
:organization_enabled,
|
4742
|
+
:retention_period,
|
4743
|
+
:termination_protection_enabled,
|
4744
|
+
:created_timestamp,
|
4745
|
+
:updated_timestamp,
|
4746
|
+
:kms_key_id)
|
4747
|
+
SENSITIVE = []
|
4748
|
+
include Aws::Structure
|
4749
|
+
end
|
4750
|
+
|
4751
|
+
# Specifies settings to update for the trail.
|
2521
4752
|
#
|
2522
4753
|
# @!attribute [rw] name
|
2523
4754
|
# Specifies the name of the trail or trail ARN. If `Name` is a trail
|
@@ -2571,14 +4802,14 @@ module Aws::CloudTrail
|
|
2571
4802
|
# @return [Boolean]
|
2572
4803
|
#
|
2573
4804
|
# @!attribute [rw] is_multi_region_trail
|
2574
|
-
# Specifies whether the trail applies only to the current
|
2575
|
-
# all
|
2576
|
-
# current
|
2577
|
-
# (replications of the trail) will be created in the other
|
2578
|
-
# the trail exists in all
|
2579
|
-
# trail will remain in the
|
2580
|
-
# trails in other
|
2581
|
-
# consider using trails that log events in all
|
4805
|
+
# Specifies whether the trail applies only to the current Region or to
|
4806
|
+
# all Regions. The default is false. If the trail exists only in the
|
4807
|
+
# current Region and this value is set to true, shadow trails
|
4808
|
+
# (replications of the trail) will be created in the other Regions. If
|
4809
|
+
# the trail exists in all Regions and this value is set to false, the
|
4810
|
+
# trail will remain in the Region where it was created, and its shadow
|
4811
|
+
# trails in other Regions will be deleted. As a best practice,
|
4812
|
+
# consider using trails that log events in all Regions.
|
2582
4813
|
# @return [Boolean]
|
2583
4814
|
#
|
2584
4815
|
# @!attribute [rw] enable_log_file_validation
|
@@ -2601,13 +4832,16 @@ module Aws::CloudTrail
|
|
2601
4832
|
# @!attribute [rw] cloud_watch_logs_log_group_arn
|
2602
4833
|
# Specifies a log group name using an Amazon Resource Name (ARN), a
|
2603
4834
|
# unique identifier that represents the log group to which CloudTrail
|
2604
|
-
# logs are delivered.
|
2605
|
-
#
|
4835
|
+
# logs are delivered. You must use a log group that exists in your
|
4836
|
+
# account.
|
4837
|
+
#
|
4838
|
+
# Not required unless you specify `CloudWatchLogsRoleArn`.
|
2606
4839
|
# @return [String]
|
2607
4840
|
#
|
2608
4841
|
# @!attribute [rw] cloud_watch_logs_role_arn
|
2609
4842
|
# Specifies the role for the CloudWatch Logs endpoint to assume to
|
2610
|
-
# write to a user's log group.
|
4843
|
+
# write to a user's log group. You must use a role that exists in
|
4844
|
+
# your account.
|
2611
4845
|
# @return [String]
|
2612
4846
|
#
|
2613
4847
|
# @!attribute [rw] kms_key_id
|
@@ -2640,13 +4874,13 @@ module Aws::CloudTrail
|
|
2640
4874
|
# organization in Organizations, or only for the current Amazon Web
|
2641
4875
|
# Services account. The default is false, and cannot be true unless
|
2642
4876
|
# the call is made on behalf of an Amazon Web Services account that is
|
2643
|
-
# the management account
|
2644
|
-
#
|
2645
|
-
# trail will be created in all
|
2646
|
-
# belong to the organization. If the
|
2647
|
-
# and this is set to `false`, the trail
|
2648
|
-
# Amazon Web Services account but be
|
2649
|
-
# in the organization.
|
4877
|
+
# the management account or delegated administrator account for an
|
4878
|
+
# organization in Organizations. If the trail is not an organization
|
4879
|
+
# trail and this is set to `true`, the trail will be created in all
|
4880
|
+
# Amazon Web Services accounts that belong to the organization. If the
|
4881
|
+
# trail is an organization trail and this is set to `false`, the trail
|
4882
|
+
# will remain in the current Amazon Web Services account but be
|
4883
|
+
# deleted from all member accounts in the organization.
|
2650
4884
|
# @return [Boolean]
|
2651
4885
|
#
|
2652
4886
|
# @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateTrailRequest AWS API Documentation
|
@@ -2690,7 +4924,7 @@ module Aws::CloudTrail
|
|
2690
4924
|
# @return [String]
|
2691
4925
|
#
|
2692
4926
|
# @!attribute [rw] sns_topic_name
|
2693
|
-
# This field is no longer in use. Use
|
4927
|
+
# This field is no longer in use. Use `SnsTopicARN`.
|
2694
4928
|
# @return [String]
|
2695
4929
|
#
|
2696
4930
|
# @!attribute [rw] sns_topic_arn
|
@@ -2707,7 +4941,7 @@ module Aws::CloudTrail
|
|
2707
4941
|
# @return [Boolean]
|
2708
4942
|
#
|
2709
4943
|
# @!attribute [rw] is_multi_region_trail
|
2710
|
-
# Specifies whether the trail exists in one
|
4944
|
+
# Specifies whether the trail exists in one Region or in all Regions.
|
2711
4945
|
# @return [Boolean]
|
2712
4946
|
#
|
2713
4947
|
# @!attribute [rw] trail_arn
|