aws-sdk-cloudtrail 1.53.0 → 1.54.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-cloudtrail/client.rb +131 -8
  5. data/lib/aws-sdk-cloudtrail/client_api.rb +119 -3
  6. data/lib/aws-sdk-cloudtrail/endpoint_parameters.rb +0 -3
  7. data/lib/aws-sdk-cloudtrail/endpoint_provider.rb +83 -83
  8. data/lib/aws-sdk-cloudtrail/endpoints.rb +28 -0
  9. data/lib/aws-sdk-cloudtrail/errors.rb +77 -0
  10. data/lib/aws-sdk-cloudtrail/plugins/endpoints.rb +4 -0
  11. data/lib/aws-sdk-cloudtrail/types.rb +229 -10
  12. data/lib/aws-sdk-cloudtrail.rb +1 -1
  13. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dcc317a919c81e8b866f2758f10b89e15326810b869dcc7356de1d3570da32b8
4
- data.tar.gz: 0a45e1cec8f918696364fa0b670b1d44935b7c3c814b56f173d712294fac0d42
3
+ metadata.gz: 2357c5e9e35b8c5cbf6a64ac888cf215932b2b2418229ca24024d47f53299e88
4
+ data.tar.gz: 419e1dfdcdffb6a5debf41a70310aca67a425ac99b0f4296486dd77a2a251f96
5
5
  SHA512:
6
- metadata.gz: 824b8ff8e53e01922f28c7bc0651fcf65b1733199bd499cf3bfe3394e39902f9d1f724c02e233b74c1542b9a296df6d89b7fe837d208d1dd16381f48efae88be
7
- data.tar.gz: 047107d8079b4f8f6d6d623c6e71fa58a7331d26327f0055001018ef62ef1f3aed35be78180798f65b02a9555481066b2ee4e4470369ad51815c638b7778aa89
6
+ metadata.gz: 40dbaae6651fc52fa3f81c7dce43d85e83470319ad77d50333a459488bdedcbc09a8e8daae131928b5847f88ada570232cf61e5789684f058c43257cbc7b6f8a
7
+ data.tar.gz: caf162921ef02a74db0fc8cf26643f93c7f04f0c4651905ffd5986e1787fd8f57fa54e6f3ea861706dc2d487e78ce7a50a686df545f694c157e08f08d6626079
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.54.0 (2022-11-07)
5
+ ------------------
6
+
7
+ * Feature - This release includes support for configuring a delegated administrator to manage an AWS Organizations organization CloudTrail trails and event data stores, and AWS Key Management Service encryption of CloudTrail Lake event data stores.
8
+
4
9
  1.53.0 (2022-10-25)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.53.0
1
+ 1.54.0
data/lib/aws-sdk-cloudtrail/client.rb CHANGED
@@ -426,7 +426,7 @@ module Aws::CloudTrail
426
426
  # cancel is also required. When you run `CancelQuery`, the query status
427
427
  # might show as `CANCELLED` even if the operation is not yet finished.
428
428
  #
429
- # @option params [required, String] :event_data_store
429
+ # @option params [String] :event_data_store
430
430
  # The ARN (or the ID suffix of the ARN) of an event data store on which
431
431
  # the specified query is running.
432
432
  #
@@ -442,7 +442,7 @@ module Aws::CloudTrail
442
442
  # @example Request syntax with placeholder values
443
443
  #
444
444
  # resp = client.cancel_query({
445
- # event_data_store: "EventDataStoreArn", # required
445
+ # event_data_store: "EventDataStoreArn",
446
446
  # query_id: "UUID", # required
447
447
  # })
448
448
  #
@@ -496,6 +496,38 @@ module Aws::CloudTrail
496
496
  # @option params [Array<Types::Tag>] :tags_list
497
497
  # A list of tags.
498
498
  #
499
+ # @option params [String] :kms_key_id
500
+ # Specifies the KMS key ID to use to encrypt the events delivered by
501
+ # CloudTrail. The value can be an alias name prefixed by `alias/`, a
502
+ # fully specified ARN to an alias, a fully specified ARN to a key, or a
503
+ # globally unique identifier.
504
+ #
505
+ # Disabling or deleting the KMS key, or removing CloudTrail permissions
506
+ # on the key, prevents CloudTrail from logging events to the event data
507
+ # store, and prevents users from querying the data in the event data
508
+ # store that was encrypted with the key. After you associate an event
509
+ # data store with a KMS key, the KMS key cannot be removed or changed.
510
+ # Before you disable or delete a KMS key that you are using with an
511
+ # event data store, delete or back up your event data store.
512
+ #
513
+ # CloudTrail also supports KMS multi-Region keys. For more information
514
+ # about multi-Region keys, see [Using multi-Region keys][1] in the *Key
515
+ # Management Service Developer Guide*.
516
+ #
517
+ # Examples:
518
+ #
519
+ # * `alias/MyAliasName`
520
+ #
521
+ # * `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`
522
+ #
523
+ # * `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
524
+ #
525
+ # * `12345678-1234-1234-1234-123456789012`
526
+ #
527
+ #
528
+ #
529
+ # [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
530
+ #
499
531
  # @return [Types::CreateEventDataStoreResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
500
532
  #
501
533
  # * {Types::CreateEventDataStoreResponse#event_data_store_arn #event_data_store_arn} => String
@@ -509,6 +541,7 @@ module Aws::CloudTrail
509
541
  # * {Types::CreateEventDataStoreResponse#tags_list #tags_list} => Array&lt;Types::Tag&gt;
510
542
  # * {Types::CreateEventDataStoreResponse#created_timestamp #created_timestamp} => Time
511
543
  # * {Types::CreateEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
544
+ # * {Types::CreateEventDataStoreResponse#kms_key_id #kms_key_id} => String
512
545
  #
513
546
  # @example Request syntax with placeholder values
514
547
  #
@@ -540,6 +573,7 @@ module Aws::CloudTrail
540
573
  # value: "TagValue",
541
574
  # },
542
575
  # ],
576
+ # kms_key_id: "EventDataStoreKmsKeyId",
543
577
  # })
544
578
  #
545
579
  # @example Response structure
@@ -572,6 +606,7 @@ module Aws::CloudTrail
572
606
  # resp.tags_list[0].value #=> String
573
607
  # resp.created_timestamp #=> Time
574
608
  # resp.updated_timestamp #=> Time
609
+ # resp.kms_key_id #=> String
575
610
  #
576
611
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateEventDataStore AWS API Documentation
577
612
  #
@@ -818,12 +853,37 @@ module Aws::CloudTrail
818
853
  req.send_request(options)
819
854
  end
820
855
 
856
+ # Removes CloudTrail delegated administrator permissions from a member
857
+ # account in an organization.
858
+ #
859
+ # @option params [required, String] :delegated_admin_account_id
860
+ # A delegated administrator account ID. This is a member account in an
861
+ # organization that is currently designated as a delegated
862
+ # administrator.
863
+ #
864
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
865
+ #
866
+ # @example Request syntax with placeholder values
867
+ #
868
+ # resp = client.deregister_organization_delegated_admin({
869
+ # delegated_admin_account_id: "AccountId", # required
870
+ # })
871
+ #
872
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeregisterOrganizationDelegatedAdmin AWS API Documentation
873
+ #
874
+ # @overload deregister_organization_delegated_admin(params = {})
875
+ # @param [Hash] params ({})
876
+ def deregister_organization_delegated_admin(params = {}, options = {})
877
+ req = build_request(:deregister_organization_delegated_admin, params)
878
+ req.send_request(options)
879
+ end
880
+
821
881
  # Returns metadata about a query, including query run time in
822
882
  # milliseconds, number of events scanned and matched, and query status.
823
883
  # You must specify an ARN for `EventDataStore`, and a value for
824
884
  # `QueryID`.
825
885
  #
826
- # @option params [required, String] :event_data_store
886
+ # @option params [String] :event_data_store
827
887
  # The ARN (or the ID suffix of the ARN) of an event data store on which
828
888
  # the specified query was run.
829
889
  #
@@ -843,7 +903,7 @@ module Aws::CloudTrail
843
903
  # @example Request syntax with placeholder values
844
904
  #
845
905
  # resp = client.describe_query({
846
- # event_data_store: "EventDataStoreArn", # required
906
+ # event_data_store: "EventDataStoreArn",
847
907
  # query_id: "UUID", # required
848
908
  # })
849
909
  #
@@ -948,7 +1008,7 @@ module Aws::CloudTrail
948
1008
  # services create service-linked channels to get information about
949
1009
  # CloudTrail events on your behalf. For more information about
950
1010
  # service-linked channels, see [Viewing service-linked channels for
951
- # CloudTrail by using the CLI.][1].
1011
+ # CloudTrail by using the CLI][1].
952
1012
  #
953
1013
  #
954
1014
  #
@@ -1025,6 +1085,7 @@ module Aws::CloudTrail
1025
1085
  # * {Types::GetEventDataStoreResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
1026
1086
  # * {Types::GetEventDataStoreResponse#created_timestamp #created_timestamp} => Time
1027
1087
  # * {Types::GetEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
1088
+ # * {Types::GetEventDataStoreResponse#kms_key_id #kms_key_id} => String
1028
1089
  #
1029
1090
  # @example Request syntax with placeholder values
1030
1091
  #
@@ -1059,6 +1120,7 @@ module Aws::CloudTrail
1059
1120
  # resp.termination_protection_enabled #=> Boolean
1060
1121
  # resp.created_timestamp #=> Time
1061
1122
  # resp.updated_timestamp #=> Time
1123
+ # resp.kms_key_id #=> String
1062
1124
  #
1063
1125
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventDataStore AWS API Documentation
1064
1126
  #
@@ -1279,7 +1341,7 @@ module Aws::CloudTrail
1279
1341
  # value returned by the `StartQuery` operation, and an ARN for
1280
1342
  # `EventDataStore`.
1281
1343
  #
1282
- # @option params [required, String] :event_data_store
1344
+ # @option params [String] :event_data_store
1283
1345
  # The ARN (or ID suffix of the ARN) of the event data store against
1284
1346
  # which the query was run.
1285
1347
  #
@@ -1305,7 +1367,7 @@ module Aws::CloudTrail
1305
1367
  # @example Request syntax with placeholder values
1306
1368
  #
1307
1369
  # resp = client.get_query_results({
1308
- # event_data_store: "EventDataStoreArn", # required
1370
+ # event_data_store: "EventDataStoreArn",
1309
1371
  # query_id: "UUID", # required
1310
1372
  # next_token: "PaginationToken",
1311
1373
  # max_query_results: 1,
@@ -2197,6 +2259,30 @@ module Aws::CloudTrail
2197
2259
  req.send_request(options)
2198
2260
  end
2199
2261
 
2262
+ # Registers an organization’s member account as the CloudTrail delegated
2263
+ # administrator.
2264
+ #
2265
+ # @option params [required, String] :member_account_id
2266
+ # An organization member account ID that you want to designate as a
2267
+ # delegated administrator.
2268
+ #
2269
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2270
+ #
2271
+ # @example Request syntax with placeholder values
2272
+ #
2273
+ # resp = client.register_organization_delegated_admin({
2274
+ # member_account_id: "AccountId", # required
2275
+ # })
2276
+ #
2277
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RegisterOrganizationDelegatedAdmin AWS API Documentation
2278
+ #
2279
+ # @overload register_organization_delegated_admin(params = {})
2280
+ # @param [Hash] params ({})
2281
+ def register_organization_delegated_admin(params = {}, options = {})
2282
+ req = build_request(:register_organization_delegated_admin, params)
2283
+ req.send_request(options)
2284
+ end
2285
+
2200
2286
  # Removes the specified tags from a trail or event data store.
2201
2287
  #
2202
2288
  # @option params [required, String] :resource_id
@@ -2257,6 +2343,7 @@ module Aws::CloudTrail
2257
2343
  # * {Types::RestoreEventDataStoreResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
2258
2344
  # * {Types::RestoreEventDataStoreResponse#created_timestamp #created_timestamp} => Time
2259
2345
  # * {Types::RestoreEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
2346
+ # * {Types::RestoreEventDataStoreResponse#kms_key_id #kms_key_id} => String
2260
2347
  #
2261
2348
  # @example Request syntax with placeholder values
2262
2349
  #
@@ -2291,6 +2378,7 @@ module Aws::CloudTrail
2291
2378
  # resp.termination_protection_enabled #=> Boolean
2292
2379
  # resp.created_timestamp #=> Time
2293
2380
  # resp.updated_timestamp #=> Time
2381
+ # resp.kms_key_id #=> String
2294
2382
  #
2295
2383
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RestoreEventDataStore AWS API Documentation
2296
2384
  #
@@ -2589,6 +2677,38 @@ module Aws::CloudTrail
2589
2677
  # Indicates that termination protection is enabled and the event data
2590
2678
  # store cannot be automatically deleted.
2591
2679
  #
2680
+ # @option params [String] :kms_key_id
2681
+ # Specifies the KMS key ID to use to encrypt the events delivered by
2682
+ # CloudTrail. The value can be an alias name prefixed by `alias/`, a
2683
+ # fully specified ARN to an alias, a fully specified ARN to a key, or a
2684
+ # globally unique identifier.
2685
+ #
2686
+ # Disabling or deleting the KMS key, or removing CloudTrail permissions
2687
+ # on the key, prevents CloudTrail from logging events to the event data
2688
+ # store, and prevents users from querying the data in the event data
2689
+ # store that was encrypted with the key. After you associate an event
2690
+ # data store with a KMS key, the KMS key cannot be removed or changed.
2691
+ # Before you disable or delete a KMS key that you are using with an
2692
+ # event data store, delete or back up your event data store.
2693
+ #
2694
+ # CloudTrail also supports KMS multi-Region keys. For more information
2695
+ # about multi-Region keys, see [Using multi-Region keys][1] in the *Key
2696
+ # Management Service Developer Guide*.
2697
+ #
2698
+ # Examples:
2699
+ #
2700
+ # * `alias/MyAliasName`
2701
+ #
2702
+ # * `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`
2703
+ #
2704
+ # * `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`
2705
+ #
2706
+ # * `12345678-1234-1234-1234-123456789012`
2707
+ #
2708
+ #
2709
+ #
2710
+ # [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
2711
+ #
2592
2712
  # @return [Types::UpdateEventDataStoreResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2593
2713
  #
2594
2714
  # * {Types::UpdateEventDataStoreResponse#event_data_store_arn #event_data_store_arn} => String
@@ -2601,6 +2721,7 @@ module Aws::CloudTrail
2601
2721
  # * {Types::UpdateEventDataStoreResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
2602
2722
  # * {Types::UpdateEventDataStoreResponse#created_timestamp #created_timestamp} => Time
2603
2723
  # * {Types::UpdateEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
2724
+ # * {Types::UpdateEventDataStoreResponse#kms_key_id #kms_key_id} => String
2604
2725
  #
2605
2726
  # @example Request syntax with placeholder values
2606
2727
  #
@@ -2627,6 +2748,7 @@ module Aws::CloudTrail
2627
2748
  # organization_enabled: false,
2628
2749
  # retention_period: 1,
2629
2750
  # termination_protection_enabled: false,
2751
+ # kms_key_id: "EventDataStoreKmsKeyId",
2630
2752
  # })
2631
2753
  #
2632
2754
  # @example Response structure
@@ -2656,6 +2778,7 @@ module Aws::CloudTrail
2656
2778
  # resp.termination_protection_enabled #=> Boolean
2657
2779
  # resp.created_timestamp #=> Time
2658
2780
  # resp.updated_timestamp #=> Time
2781
+ # resp.kms_key_id #=> String
2659
2782
  #
2660
2783
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateEventDataStore AWS API Documentation
2661
2784
  #
@@ -2862,7 +2985,7 @@ module Aws::CloudTrail
2862
2985
  params: params,
2863
2986
  config: config)
2864
2987
  context[:gem_name] = 'aws-sdk-cloudtrail'
2865
- context[:gem_version] = '1.53.0'
2988
+ context[:gem_version] = '1.54.0'
2866
2989
  Seahorse::Client::Request.new(handlers, context)
2867
2990
  end
2868
2991