aws-sdk-cloudtrail 1.52.0 → 1.54.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9fd98c848dea62b03bdbe8b53bd0697af08f98035546f4f0fd11bcac9b0916cc
-  data.tar.gz: 67792ad77475cb8ee735d3f66a6acc0c9fc7be108c65f7f6dd31c5487c33a2bf
+  metadata.gz: 2357c5e9e35b8c5cbf6a64ac888cf215932b2b2418229ca24024d47f53299e88
+  data.tar.gz: 419e1dfdcdffb6a5debf41a70310aca67a425ac99b0f4296486dd77a2a251f96
 SHA512:
-  metadata.gz: 3c8e1be6d40035da296cda86d2ef3f730721adf4c7b36c14b4c427f484183aaff97690116f9763293450b269f76edee57ce1ef6b469449044e4b5f736ce22329
-  data.tar.gz: 4660fc6a4bc8580998fc3fe02ea802a6d852d2957e5d70f0758cf4b3011d6122ebce0b2b5146dc5d6b81a48eff645d7d29be2af8246f2209fcb3033d463ddc3f
+  metadata.gz: 40dbaae6651fc52fa3f81c7dce43d85e83470319ad77d50333a459488bdedcbc09a8e8daae131928b5847f88ada570232cf61e5789684f058c43257cbc7b6f8a
+  data.tar.gz: caf162921ef02a74db0fc8cf26643f93c7f04f0c4651905ffd5986e1787fd8f57fa54e6f3ea861706dc2d487e78ce7a50a686df545f694c157e08f08d6626079

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.54.0 (2022-11-07)
+------------------
+
+* Feature - This release includes support for configuring a delegated administrator to manage an AWS Organizations organization CloudTrail trails and event data stores, and AWS Key Management Service encryption of CloudTrail Lake event data stores.
+
+1.53.0 (2022-10-25)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.52.0 (2022-10-19)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.52.0
+1.54.0

data/lib/aws-sdk-cloudtrail/client.rb

@@ -30,7 +30,7 @@ require 'aws-sdk-core/plugins/http_checksum.rb'
 require 'aws-sdk-core/plugins/checksum_algorithm.rb'
 require 'aws-sdk-core/plugins/defaults_mode.rb'
 require 'aws-sdk-core/plugins/recursion_detection.rb'
-require 'aws-sdk-core/plugins/signature_v4.rb'
+require 'aws-sdk-core/plugins/sign.rb'
 require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
 
 Aws::Plugins::GlobalConfiguration.add_identifier(:cloudtrail)
@@ -79,8 +79,9 @@ module Aws::CloudTrail
     add_plugin(Aws::Plugins::ChecksumAlgorithm)
     add_plugin(Aws::Plugins::DefaultsMode)
     add_plugin(Aws::Plugins::RecursionDetection)
-    add_plugin(Aws::Plugins::SignatureV4)
+    add_plugin(Aws::Plugins::Sign)
     add_plugin(Aws::Plugins::Protocols::JsonRpc)
+    add_plugin(Aws::CloudTrail::Plugins::Endpoints)
 
     # @overload initialize(options)
     #   @param [Hash] options
@@ -297,6 +298,19 @@ module Aws::CloudTrail
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Aws::TokenProvider] :token_provider
+    #     A Bearer Token Provider. This can be an instance of any one of the
+    #     following classes:
+    #
+    #     * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
+    #       tokens.
+    #
+    #     * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
+    #       access token generated from `aws login`.
+    #
+    #     When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
+    #     will be used to search for tokens configured for your profile in shared configuration files.
+    #
     #   @option options [Boolean] :use_dualstack_endpoint
     #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
     #     will be used if available.
@@ -310,6 +324,9 @@ module Aws::CloudTrail
     #     When `true`, request parameters are validated before
     #     sending the request.
     #
+    #   @option options [Aws::CloudTrail::EndpointProvider] :endpoint_provider
+    #     The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::CloudTrail::EndpointParameters`
+    #
     #   @option options [URI::HTTP,String] :http_proxy A proxy to send
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
@@ -409,7 +426,7 @@ module Aws::CloudTrail
     # cancel is also required. When you run `CancelQuery`, the query status
     # might show as `CANCELLED` even if the operation is not yet finished.
     #
-    # @option params [required, String] :event_data_store
+    # @option params [String] :event_data_store
     #   The ARN (or the ID suffix of the ARN) of an event data store on which
     #   the specified query is running.
     #
@@ -425,7 +442,7 @@ module Aws::CloudTrail
     # @example Request syntax with placeholder values
     #
     #   resp = client.cancel_query({
-    #     event_data_store: "EventDataStoreArn", # required
+    #     event_data_store: "EventDataStoreArn",
     #     query_id: "UUID", # required
     #   })
     #
@@ -479,6 +496,38 @@ module Aws::CloudTrail
     # @option params [Array<Types::Tag>] :tags_list
     #   A list of tags.
     #
+    # @option params [String] :kms_key_id
+    #   Specifies the KMS key ID to use to encrypt the events delivered by
+    #   CloudTrail. The value can be an alias name prefixed by `alias/`, a
+    #   fully specified ARN to an alias, a fully specified ARN to a key, or a
+    #   globally unique identifier.
+    #
+    #   Disabling or deleting the KMS key, or removing CloudTrail permissions
+    #   on the key, prevents CloudTrail from logging events to the event data
+    #   store, and prevents users from querying the data in the event data
+    #   store that was encrypted with the key. After you associate an event
+    #   data store with a KMS key, the KMS key cannot be removed or changed.
+    #   Before you disable or delete a KMS key that you are using with an
+    #   event data store, delete or back up your event data store.
+    #
+    #   CloudTrail also supports KMS multi-Region keys. For more information
+    #   about multi-Region keys, see [Using multi-Region keys][1] in the *Key
+    #   Management Service Developer Guide*.
+    #
+    #   Examples:
+    #
+    #   * `alias/MyAliasName`
+    #
+    #   * `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`
+    #
+    #   * `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
+    #
+    #   * `12345678-1234-1234-1234-123456789012`
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
+    #
     # @return [Types::CreateEventDataStoreResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateEventDataStoreResponse#event_data_store_arn #event_data_store_arn} => String
@@ -492,6 +541,7 @@ module Aws::CloudTrail
     #   * {Types::CreateEventDataStoreResponse#tags_list #tags_list} => Array&lt;Types::Tag&gt;
     #   * {Types::CreateEventDataStoreResponse#created_timestamp #created_timestamp} => Time
     #   * {Types::CreateEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
+    #   * {Types::CreateEventDataStoreResponse#kms_key_id #kms_key_id} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -523,6 +573,7 @@ module Aws::CloudTrail
     #         value: "TagValue",
     #       },
     #     ],
+    #     kms_key_id: "EventDataStoreKmsKeyId",
     #   })
     #
     # @example Response structure
@@ -555,6 +606,7 @@ module Aws::CloudTrail
     #   resp.tags_list[0].value #=> String
     #   resp.created_timestamp #=> Time
     #   resp.updated_timestamp #=> Time
+    #   resp.kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateEventDataStore AWS API Documentation
     #
@@ -801,12 +853,37 @@ module Aws::CloudTrail
       req.send_request(options)
     end
 
+    # Removes CloudTrail delegated administrator permissions from a member
+    # account in an organization.
+    #
+    # @option params [required, String] :delegated_admin_account_id
+    #   A delegated administrator account ID. This is a member account in an
+    #   organization that is currently designated as a delegated
+    #   administrator.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.deregister_organization_delegated_admin({
+    #     delegated_admin_account_id: "AccountId", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeregisterOrganizationDelegatedAdmin AWS API Documentation
+    #
+    # @overload deregister_organization_delegated_admin(params = {})
+    # @param [Hash] params ({})
+    def deregister_organization_delegated_admin(params = {}, options = {})
+      req = build_request(:deregister_organization_delegated_admin, params)
+      req.send_request(options)
+    end
+
     # Returns metadata about a query, including query run time in
     # milliseconds, number of events scanned and matched, and query status.
     # You must specify an ARN for `EventDataStore`, and a value for
     # `QueryID`.
     #
-    # @option params [required, String] :event_data_store
+    # @option params [String] :event_data_store
     #   The ARN (or the ID suffix of the ARN) of an event data store on which
     #   the specified query was run.
     #
@@ -826,7 +903,7 @@ module Aws::CloudTrail
     # @example Request syntax with placeholder values
     #
     #   resp = client.describe_query({
-    #     event_data_store: "EventDataStoreArn", # required
+    #     event_data_store: "EventDataStoreArn",
     #     query_id: "UUID", # required
     #   })
     #
@@ -931,7 +1008,7 @@ module Aws::CloudTrail
     # services create service-linked channels to get information about
     # CloudTrail events on your behalf. For more information about
     # service-linked channels, see [Viewing service-linked channels for
-    # CloudTrail by using the CLI.][1].
+    # CloudTrail by using the CLI][1].
     #
     #
     #
@@ -1008,6 +1085,7 @@ module Aws::CloudTrail
     #   * {Types::GetEventDataStoreResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
     #   * {Types::GetEventDataStoreResponse#created_timestamp #created_timestamp} => Time
     #   * {Types::GetEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
+    #   * {Types::GetEventDataStoreResponse#kms_key_id #kms_key_id} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -1042,6 +1120,7 @@ module Aws::CloudTrail
     #   resp.termination_protection_enabled #=> Boolean
     #   resp.created_timestamp #=> Time
     #   resp.updated_timestamp #=> Time
+    #   resp.kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventDataStore AWS API Documentation
     #
@@ -1262,7 +1341,7 @@ module Aws::CloudTrail
     # value returned by the `StartQuery` operation, and an ARN for
     # `EventDataStore`.
     #
-    # @option params [required, String] :event_data_store
+    # @option params [String] :event_data_store
     #   The ARN (or ID suffix of the ARN) of the event data store against
     #   which the query was run.
     #
@@ -1288,7 +1367,7 @@ module Aws::CloudTrail
     # @example Request syntax with placeholder values
     #
     #   resp = client.get_query_results({
-    #     event_data_store: "EventDataStoreArn", # required
+    #     event_data_store: "EventDataStoreArn",
     #     query_id: "UUID", # required
     #     next_token: "PaginationToken",
     #     max_query_results: 1,
@@ -2180,6 +2259,30 @@ module Aws::CloudTrail
       req.send_request(options)
     end
 
+    # Registers an organization’s member account as the CloudTrail delegated
+    # administrator.
+    #
+    # @option params [required, String] :member_account_id
+    #   An organization member account ID that you want to designate as a
+    #   delegated administrator.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.register_organization_delegated_admin({
+    #     member_account_id: "AccountId", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RegisterOrganizationDelegatedAdmin AWS API Documentation
+    #
+    # @overload register_organization_delegated_admin(params = {})
+    # @param [Hash] params ({})
+    def register_organization_delegated_admin(params = {}, options = {})
+      req = build_request(:register_organization_delegated_admin, params)
+      req.send_request(options)
+    end
+
     # Removes the specified tags from a trail or event data store.
     #
     # @option params [required, String] :resource_id
@@ -2240,6 +2343,7 @@ module Aws::CloudTrail
     #   * {Types::RestoreEventDataStoreResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
     #   * {Types::RestoreEventDataStoreResponse#created_timestamp #created_timestamp} => Time
     #   * {Types::RestoreEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
+    #   * {Types::RestoreEventDataStoreResponse#kms_key_id #kms_key_id} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -2274,6 +2378,7 @@ module Aws::CloudTrail
     #   resp.termination_protection_enabled #=> Boolean
     #   resp.created_timestamp #=> Time
     #   resp.updated_timestamp #=> Time
+    #   resp.kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RestoreEventDataStore AWS API Documentation
     #
@@ -2572,6 +2677,38 @@ module Aws::CloudTrail
     #   Indicates that termination protection is enabled and the event data
     #   store cannot be automatically deleted.
     #
+    # @option params [String] :kms_key_id
+    #   Specifies the KMS key ID to use to encrypt the events delivered by
+    #   CloudTrail. The value can be an alias name prefixed by `alias/`, a
+    #   fully specified ARN to an alias, a fully specified ARN to a key, or a
+    #   globally unique identifier.
+    #
+    #   Disabling or deleting the KMS key, or removing CloudTrail permissions
+    #   on the key, prevents CloudTrail from logging events to the event data
+    #   store, and prevents users from querying the data in the event data
+    #   store that was encrypted with the key. After you associate an event
+    #   data store with a KMS key, the KMS key cannot be removed or changed.
+    #   Before you disable or delete a KMS key that you are using with an
+    #   event data store, delete or back up your event data store.
+    #
+    #   CloudTrail also supports KMS multi-Region keys. For more information
+    #   about multi-Region keys, see [Using multi-Region keys][1] in the *Key
+    #   Management Service Developer Guide*.
+    #
+    #   Examples:
+    #
+    #   * `alias/MyAliasName`
+    #
+    #   * `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`
+    #
+    #   * `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
+    #
+    #   * `12345678-1234-1234-1234-123456789012`
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
+    #
     # @return [Types::UpdateEventDataStoreResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateEventDataStoreResponse#event_data_store_arn #event_data_store_arn} => String
@@ -2584,6 +2721,7 @@ module Aws::CloudTrail
     #   * {Types::UpdateEventDataStoreResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
     #   * {Types::UpdateEventDataStoreResponse#created_timestamp #created_timestamp} => Time
     #   * {Types::UpdateEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
+    #   * {Types::UpdateEventDataStoreResponse#kms_key_id #kms_key_id} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -2610,6 +2748,7 @@ module Aws::CloudTrail
     #     organization_enabled: false,
     #     retention_period: 1,
     #     termination_protection_enabled: false,
+    #     kms_key_id: "EventDataStoreKmsKeyId",
     #   })
     #
     # @example Response structure
@@ -2639,6 +2778,7 @@ module Aws::CloudTrail
     #   resp.termination_protection_enabled #=> Boolean
     #   resp.created_timestamp #=> Time
     #   resp.updated_timestamp #=> Time
+    #   resp.kms_key_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateEventDataStore AWS API Documentation
     #
@@ -2845,7 +2985,7 @@ module Aws::CloudTrail
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cloudtrail'
-      context[:gem_version] = '1.52.0'
+      context[:gem_version] = '1.54.0'
       Seahorse::Client::Request.new(handlers, context)
     end