aws-sdk-cloudtrail 1.57.0 → 1.59.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a22b3ee0c748589415556fe9ffd30a807f26d3700759c37c3177cb29e16d1f34
-  data.tar.gz: b14500389f2d7b9568725590bf931996e996b70ed693f88f66d86a14bc3b6764
+  metadata.gz: 91008a974e6b25be4a7e3d19899a3f68aa46e4d81e34615d935d34593c587a60
+  data.tar.gz: 1f89fb0da80a4f41caa95933ce9e803445857e0724762f7ccda50d3a06656b25
 SHA512:
-  metadata.gz: 524fc6a37005374605a0b008bc4bce2b708eb69e4b2ab26b69ff73ed83c07b11f6fd367c8c8187688deaaf3792c5804fc63e689820410947506ac5959d06c1f6
-  data.tar.gz: c6c72ef05ce7780d1113bbce246438c1eb395218550ba320ec7c78ff69d5d348040bca4fedb36be6f6786d241c120767c2374ca6db70d288d38a246de9c8b214
+  metadata.gz: e43c850ed7cb2f27e74f63211f5ab72ed5a8f2dc9dc33cd2151b6ee49e48196ea760f81b77c9a35b5a792474ad82394f29714d570a223ca11a4ca6b30cc33127
+  data.tar.gz: a6b091b701364f02209ca14bcea90783a56f09b2a87beadbfd2d36d4c87fa8930ad1d420c762f0e08bec9aa7d50a297e928e6ec8c9ef4af2a3fc6504fcdb59b9

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.59.0 (2023-05-18)
+------------------
+
+* Feature - Add ConflictException to PutEventSelectors, add (Channel/EDS)ARNInvalidException to Tag APIs. These exceptions provide customers with more specific error messages instead of internal errors.
+
+1.58.0 (2023-02-15)
+------------------
+
+* Feature - This release adds an InsufficientEncryptionPolicyException type to the StartImport endpoint
+
 1.57.0 (2023-01-31)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.57.0
+1.59.0

data/lib/aws-sdk-cloudtrail/client.rb

@@ -1292,11 +1292,11 @@ module Aws::CloudTrail
     #   you are logging data events.
     #
     # For more information about logging management and data events, see the
-    # following topics in the *CloudTrail User Guide*\:
+    # following topics in the *CloudTrail User Guide*:
     #
-    # * [Logging management events for trails ][1]
+    # * [Logging management events][1]
     #
-    # * [Logging data events for trails ][2]
+    # * [Logging data events][2]
     #
     #
     #
@@ -2215,9 +2215,14 @@ module Aws::CloudTrail
 
     # Configures an event selector or advanced event selectors for your
     # trail. Use event selectors or advanced event selectors to specify
-    # management and data event settings for your trail. By default, trails
-    # created without specific event selectors are configured to log all
-    # read and write management events, and no data events.
+    # management and data event settings for your trail. If you want your
+    # trail to log Insights events, be sure the event selector enables
+    # logging of the Insights event types you want configured for your
+    # trail. For more information about logging Insights events, see
+    # [Logging Insights events for trails][1] in the *CloudTrail User
+    # Guide*. By default, trails created without specific event selectors
+    # are configured to log all read and write management events, and no
+    # data events.
     #
     # When an event occurs in your account, CloudTrail evaluates the event
     # selectors or advanced event selectors in all trails. For each trail,
@@ -2247,23 +2252,24 @@ module Aws::CloudTrail
     # `InvalidHomeRegionException` exception is thrown.
     #
     # You can configure up to five event selectors for each trail. For more
-    # information, see [Logging management events for trails ][1], [Logging
-    # data events for trails ][2], and [Quotas in CloudTrail][3] in the
-    # *CloudTrail User Guide*.
+    # information, see [Logging management events][2], [Logging data
+    # events][3], and [Quotas in CloudTrail][4] in the *CloudTrail User
+    # Guide*.
     #
     # You can add advanced event selectors, and conditions for your advanced
     # event selectors, up to a maximum of 500 values for all conditions and
     # selectors on a trail. You can use either `AdvancedEventSelectors` or
     # `EventSelectors`, but not both. If you apply `AdvancedEventSelectors`
     # to a trail, any existing `EventSelectors` are overwritten. For more
-    # information about advanced event selectors, see [Logging data events
-    # for trails][2] in the *CloudTrail User Guide*.
+    # information about advanced event selectors, see [Logging data
+    # events][3] in the *CloudTrail User Guide*.
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html
-    # [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html
-    # [3]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html
+    # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-insights-events-with-cloudtrail.html
+    # [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html
+    # [3]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html
+    # [4]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html
     #
     # @option params [required, String] :trail_name
     #   Specifies the name of the trail or trail ARN. If you specify a trail
@@ -2299,8 +2305,8 @@ module Aws::CloudTrail
     #   selectors on a trail. You can use either `AdvancedEventSelectors` or
     #   `EventSelectors`, but not both. If you apply `AdvancedEventSelectors`
     #   to a trail, any existing `EventSelectors` are overwritten. For more
-    #   information about advanced event selectors, see [Logging data events
-    #   for trails][1] in the *CloudTrail User Guide*.
+    #   information about advanced event selectors, see [Logging data
+    #   events][1] in the *CloudTrail User Guide*.
     #
     #
     #
@@ -2391,6 +2397,12 @@ module Aws::CloudTrail
     # an empty list of insight types. The valid Insights event types in this
     # release are `ApiErrorRateInsight` and `ApiCallRateInsight`.
     #
+    # To log CloudTrail Insights events on API call volume, the trail must
+    # log `write` management events. To log CloudTrail Insights events on
+    # API error rate, the trail must log `read` or `write` management
+    # events. You can call `GetEventSelectors` on a trail to check whether
+    # the trail logs management events.
+    #
     # @option params [required, String] :trail_name
     #   The name of the CloudTrail trail for which you want to change or add
     #   Insights selectors.
@@ -2398,7 +2410,15 @@ module Aws::CloudTrail
     # @option params [required, Array<Types::InsightSelector>] :insight_selectors
     #   A JSON string that contains the insight types you want to log on a
     #   trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid
-    #   insight types.
+    #   Insight types.
+    #
+    #   The `ApiCallRateInsight` Insights type analyzes write-only management
+    #   API calls that are aggregated per minute against a baseline API call
+    #   volume.
+    #
+    #   The `ApiErrorRateInsight` Insights type analyzes management API calls
+    #   that result in error codes. The error is shown if the API call is
+    #   unsuccessful.
     #
     # @return [Types::PutInsightSelectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -3281,7 +3301,7 @@ module Aws::CloudTrail
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cloudtrail'
-      context[:gem_version] = '1.57.0'
+      context[:gem_version] = '1.59.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cloudtrail/client_api.rb

@@ -1160,6 +1160,8 @@ module Aws::CloudTrail
         o.output = Shapes::ShapeRef.new(shape: AddTagsResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: CloudTrailARNInvalidException)
+        o.errors << Shapes::ShapeRef.new(shape: EventDataStoreARNInvalidException)
+        o.errors << Shapes::ShapeRef.new(shape: ChannelARNInvalidException)
         o.errors << Shapes::ShapeRef.new(shape: ResourceTypeNotSupportedException)
         o.errors << Shapes::ShapeRef.new(shape: TagsLimitExceededException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidTrailNameException)
@@ -1641,6 +1643,8 @@ module Aws::CloudTrail
         o.output = Shapes::ShapeRef.new(shape: ListTagsResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: CloudTrailARNInvalidException)
+        o.errors << Shapes::ShapeRef.new(shape: EventDataStoreARNInvalidException)
+        o.errors << Shapes::ShapeRef.new(shape: ChannelARNInvalidException)
         o.errors << Shapes::ShapeRef.new(shape: ResourceTypeNotSupportedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidTrailNameException)
         o.errors << Shapes::ShapeRef.new(shape: InactiveEventDataStoreException)
@@ -1703,6 +1707,7 @@ module Aws::CloudTrail
         o.errors << Shapes::ShapeRef.new(shape: CloudTrailARNInvalidException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidHomeRegionException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidEventSelectorsException)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
         o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
         o.errors << Shapes::ShapeRef.new(shape: OperationNotPermittedException)
         o.errors << Shapes::ShapeRef.new(shape: NotOrganizationMasterAccountException)
@@ -1774,6 +1779,8 @@ module Aws::CloudTrail
         o.output = Shapes::ShapeRef.new(shape: RemoveTagsResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: CloudTrailARNInvalidException)
+        o.errors << Shapes::ShapeRef.new(shape: EventDataStoreARNInvalidException)
+        o.errors << Shapes::ShapeRef.new(shape: ChannelARNInvalidException)
         o.errors << Shapes::ShapeRef.new(shape: ResourceTypeNotSupportedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidTrailNameException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidTagParameterException)
@@ -1822,6 +1829,7 @@ module Aws::CloudTrail
         o.errors << Shapes::ShapeRef.new(shape: InvalidImportSourceException)
         o.errors << Shapes::ShapeRef.new(shape: ImportNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: InsufficientEncryptionPolicyException)
         o.errors << Shapes::ShapeRef.new(shape: OperationNotPermittedException)
         o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
         o.errors << Shapes::ShapeRef.new(shape: OperationNotPermittedException)

data/lib/aws-sdk-cloudtrail/endpoint_parameters.rb

@@ -50,9 +50,6 @@ module Aws::CloudTrail
 
     def initialize(options = {})
       self[:region] = options[:region]
-      if self[:region].nil?
-        raise ArgumentError, "Missing required EndpointParameter: :region"
-      end
       self[:use_dual_stack] = options[:use_dual_stack]
       self[:use_dual_stack] = false if self[:use_dual_stack].nil?
       if self[:use_dual_stack].nil?

data/lib/aws-sdk-cloudtrail/endpoint_provider.rb

@@ -14,42 +14,45 @@ module Aws::CloudTrail
       use_dual_stack = parameters.use_dual_stack
       use_fips = parameters.use_fips
       endpoint = parameters.endpoint
-      if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
-        if Aws::Endpoints::Matchers.set?(endpoint)
-          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
-            raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
-          end
-          if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
-            raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
-          end
-          return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
+      if Aws::Endpoints::Matchers.set?(endpoint)
+        if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+          raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
         end
-        if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
-          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
-            return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
-          end
-          raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
+        if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+          raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
         end
-        if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
-          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
-            if Aws::Endpoints::Matchers.string_equals?(region, "us-gov-east-1")
-              return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail.us-gov-east-1.amazonaws.com", headers: {}, properties: {})
+        return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
+      end
+      if Aws::Endpoints::Matchers.set?(region)
+        if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
+          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+              return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
             end
-            if Aws::Endpoints::Matchers.string_equals?(region, "us-gov-west-1")
-              return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail.us-gov-west-1.amazonaws.com", headers: {}, properties: {})
+            raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
+              if Aws::Endpoints::Matchers.string_equals?(region, "us-gov-east-1")
+                return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail.us-gov-east-1.amazonaws.com", headers: {}, properties: {})
+              end
+              if Aws::Endpoints::Matchers.string_equals?(region, "us-gov-west-1")
+                return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail.us-gov-west-1.amazonaws.com", headers: {}, properties: {})
+              end
+              return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
             end
-            return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+            raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
           end
-          raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
-        end
-        if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
-          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
-            return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+          if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+              return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
           end
-          raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
+          return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
         end
-        return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
       end
+      raise ArgumentError, "Invalid Configuration: Missing Region"
       raise ArgumentError, 'No endpoint could be resolved'
 
     end

data/lib/aws-sdk-cloudtrail/types.rb

@@ -77,8 +77,8 @@ module Aws::CloudTrail
     # Advanced event selectors let you create fine-grained selectors for the
     # following CloudTrail event record fields. They help you control costs
     # by logging only those events that are important to you. For more
-    # information about advanced event selectors, see [Logging data events
-    # for trails][1] in the *CloudTrail User Guide*.
+    # information about advanced event selectors, see [Logging data
+    # events][1] in the *CloudTrail User Guide*.
     #
     # * `readOnly`
     #
@@ -166,34 +166,40 @@ module Aws::CloudTrail
     #     CloudTrail data events. `resources.type` can only use the `Equals`
     #     operator, and the value can be one of the following:
     #
-    #     * `AWS::CloudTrail::Channel`
-    #
-    #     * `AWS::S3::Object`
+    #     * `AWS::DynamoDB::Table`
     #
     #     * `AWS::Lambda::Function`
     #
-    #     * `AWS::DynamoDB::Table`
+    #     * `AWS::S3::Object`
     #
-    #     * `AWS::S3Outposts::Object`
+    #     * `AWS::CloudTrail::Channel`
     #
-    #     * `AWS::ManagedBlockchain::Node`
+    #     * `AWS::Cognito::IdentityPool`
     #
-    #     * `AWS::S3ObjectLambda::AccessPoint`
+    #     * `AWS::DynamoDB::Stream`
     #
     #     * `AWS::EC2::Snapshot`
     #
-    #     * `AWS::S3::AccessPoint`
-    #
-    #     * `AWS::DynamoDB::Stream`
+    #     * `AWS::FinSpace::Environment`
     #
     #     * `AWS::Glue::Table`
     #
-    #     * `AWS::FinSpace::Environment`
+    #     * `AWS::GuardDuty::Detector`
+    #
+    #     * `AWS::KendraRanking::ExecutionPlan`
+    #
+    #     * `AWS::ManagedBlockchain::Node`
     #
     #     * `AWS::SageMaker::ExperimentTrialComponent`
     #
     #     * `AWS::SageMaker::FeatureGroup`
     #
+    #     * `AWS::S3::AccessPoint`
+    #
+    #     * `AWS::S3ObjectLambda::AccessPoint`
+    #
+    #     * `AWS::S3Outposts::Object`
+    #
     #     You can have only one `resources.type` field per selector. To log
     #     data events on more than one resource type, add another selector.
     #
@@ -214,30 +220,19 @@ module Aws::CloudTrail
     #
     #     * `arn:<partition>:s3:::<bucket_name>/<object_path>/`
     #
-    #     When `resources.type` equals `AWS::S3::AccessPoint`, and the
-    #     operator is set to `Equals` or `NotEquals`, the ARN must be in one
-    #     of the following formats. To log events on all objects in an S3
-    #     access point, we recommend that you use only the access point ARN,
-    #     don’t include the object path, and use the `StartsWith` or
-    #     `NotStartsWith` operators.
-    #
-    #     * `arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>`
-    #
-    #     * `arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>/object/<object_path>`
-    #
-    #     When resources.type equals `AWS::Lambda::Function`, and the
+    #     When resources.type equals `AWS::DynamoDB::Table`, and the
     #     operator is set to `Equals` or `NotEquals`, the ARN must be in the
     #     following format:
     #
-    #     * `arn:<partition>:lambda:<region>:<account_ID>:function:<function_name>`
+    #     * `arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>`
     #
     #     ^
     #
-    #     When resources.type equals `AWS::DynamoDB::Table`, and the
+    #     When resources.type equals `AWS::Lambda::Function`, and the
     #     operator is set to `Equals` or `NotEquals`, the ARN must be in the
     #     following format:
     #
-    #     * `arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>`
+    #     * `arn:<partition>:lambda:<region>:<account_ID>:function:<function_name>`
     #
     #     ^
     #
@@ -249,27 +244,19 @@ module Aws::CloudTrail
     #
     #     ^
     #
-    #     When `resources.type` equals `AWS::S3Outposts::Object`, and the
+    #     When resources.type equals `AWS::Cognito::IdentityPool`, and the
     #     operator is set to `Equals` or `NotEquals`, the ARN must be in the
     #     following format:
     #
-    #     * `arn:<partition>:s3-outposts:<region>:<account_ID>:<object_path>`
-    #
-    #     ^
-    #
-    #     When `resources.type` equals `AWS::ManagedBlockchain::Node`, and
-    #     the operator is set to `Equals` or `NotEquals`, the ARN must be in
-    #     the following format:
-    #
-    #     * `arn:<partition>:managedblockchain:<region>:<account_ID>:nodes/<node_ID>`
+    #     * `arn:<partition>:cognito-identity:<region>:<account_ID>:identitypool/<identity_pool_ID>`
     #
     #     ^
     #
-    #     When `resources.type` equals `AWS::S3ObjectLambda::AccessPoint`,
-    #     and the operator is set to `Equals` or `NotEquals`, the ARN must
-    #     be in the following format:
+    #     When `resources.type` equals `AWS::DynamoDB::Stream`, and the
+    #     operator is set to `Equals` or `NotEquals`, the ARN must be in the
+    #     following format:
     #
-    #     * `arn:<partition>:s3-object-lambda:<region>:<account_ID>:accesspoint/<access_point_name>`
+    #     * `arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time>`
     #
     #     ^
     #
@@ -281,11 +268,11 @@ module Aws::CloudTrail
     #
     #     ^
     #
-    #     When `resources.type` equals `AWS::DynamoDB::Stream`, and the
+    #     When `resources.type` equals `AWS::FinSpace::Environment`, and the
     #     operator is set to `Equals` or `NotEquals`, the ARN must be in the
     #     following format:
     #
-    #     * `arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time>`
+    #     * `arn:<partition>:finspace:<region>:<account_ID>:environment/<environment_ID>`
     #
     #     ^
     #
@@ -297,11 +284,27 @@ module Aws::CloudTrail
     #
     #     ^
     #
-    #     When `resources.type` equals `AWS::FinSpace::Environment`, and the
+    #     When `resources.type` equals `AWS::GuardDuty::Detector`, and the
     #     operator is set to `Equals` or `NotEquals`, the ARN must be in the
     #     following format:
     #
-    #     * `arn:<partition>:finspace:<region>:<account_ID>:environment/<environment_ID>`
+    #     * `arn:<partition>:guardduty:<region>:<account_ID>:detector/<detector_ID>`
+    #
+    #     ^
+    #
+    #     When `resources.type` equals `AWS::KendraRanking::ExecutionPlan`,
+    #     and the operator is set to `Equals` or `NotEquals`, the ARN must
+    #     be in the following format:
+    #
+    #     * `arn:<partition>:kendra-ranking:<region>:<account_ID>:rescore-execution-plan/<rescore_execution_plan_ID>`
+    #
+    #     ^
+    #
+    #     When `resources.type` equals `AWS::ManagedBlockchain::Node`, and
+    #     the operator is set to `Equals` or `NotEquals`, the ARN must be in
+    #     the following format:
+    #
+    #     * `arn:<partition>:managedblockchain:<region>:<account_ID>:nodes/<node_ID>`
     #
     #     ^
     #
@@ -321,6 +324,33 @@ module Aws::CloudTrail
     #     * `arn:<partition>:sagemaker:<region>:<account_ID>:feature-group/<feature_group_name>`
     #
     #     ^
+    #
+    #     When `resources.type` equals `AWS::S3::AccessPoint`, and the
+    #     operator is set to `Equals` or `NotEquals`, the ARN must be in one
+    #     of the following formats. To log events on all objects in an S3
+    #     access point, we recommend that you use only the access point ARN,
+    #     don’t include the object path, and use the `StartsWith` or
+    #     `NotStartsWith` operators.
+    #
+    #     * `arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>`
+    #
+    #     * `arn:<partition>:s3:<region>:<account_ID>:accesspoint/<access_point_name>/object/<object_path>`
+    #
+    #     When `resources.type` equals `AWS::S3ObjectLambda::AccessPoint`,
+    #     and the operator is set to `Equals` or `NotEquals`, the ARN must
+    #     be in the following format:
+    #
+    #     * `arn:<partition>:s3-object-lambda:<region>:<account_ID>:accesspoint/<access_point_name>`
+    #
+    #     ^
+    #
+    #     When `resources.type` equals `AWS::S3Outposts::Object`, and the
+    #     operator is set to `Equals` or `NotEquals`, the ARN must be in the
+    #     following format:
+    #
+    #     * `arn:<partition>:s3-outposts:<region>:<account_ID>:<object_path>`
+    #
+    #     ^
     #   @return [String]
     #
     # @!attribute [rw] equals
@@ -1085,11 +1115,11 @@ module Aws::CloudTrail
     #   The resource type in which you want to log data events. You can
     #   specify the following *basic* event selector resource types:
     #
-    #   * `AWS::S3::Object`
+    #   * `AWS::DynamoDB::Table`
     #
     #   * `AWS::Lambda::Function`
     #
-    #   * `AWS::DynamoDB::Table`
+    #   * `AWS::S3::Object`
     #
     #   The following resource types are also available through *advanced*
     #   event selectors. Basic event selector resource types are valid in
@@ -1099,25 +1129,31 @@ module Aws::CloudTrail
     #
     #   * `AWS::CloudTrail::Channel`
     #
-    #   * `AWS::S3Outposts::Object`
-    #
-    #   * `AWS::ManagedBlockchain::Node`
+    #   * `AWS::Cognito::IdentityPool`
     #
-    #   * `AWS::S3ObjectLambda::AccessPoint`
+    #   * `AWS::DynamoDB::Stream`
     #
     #   * `AWS::EC2::Snapshot`
     #
-    #   * `AWS::S3::AccessPoint`
-    #
-    #   * `AWS::DynamoDB::Stream`
+    #   * `AWS::FinSpace::Environment`
     #
     #   * `AWS::Glue::Table`
     #
-    #   * `AWS::FinSpace::Environment`
+    #   * `AWS::GuardDuty::Detector`
+    #
+    #   * `AWS::KendraRanking::ExecutionPlan`
+    #
+    #   * `AWS::ManagedBlockchain::Node`
     #
     #   * `AWS::SageMaker::ExperimentTrialComponent`
     #
     #   * `AWS::SageMaker::FeatureGroup`
+    #
+    #   * `AWS::S3::AccessPoint`
+    #
+    #   * `AWS::S3ObjectLambda::AccessPoint`
+    #
+    #   * `AWS::S3Outposts::Object`
     #   @return [String]
     #
     # @!attribute [rw] values
@@ -2475,12 +2511,20 @@ module Aws::CloudTrail
     #
     class InsightNotEnabledException < Aws::EmptyStructure; end
 
-    # A JSON string that contains a list of insight types that are logged on
-    # a trail.
+    # A JSON string that contains a list of Insights types that are logged
+    # on a trail.
     #
     # @!attribute [rw] insight_type
-    #   The type of insights to log on a trail. `ApiCallRateInsight` and
-    #   `ApiErrorRateInsight` are valid insight types.
+    #   The type of Insights events to log on a trail. `ApiCallRateInsight`
+    #   and `ApiErrorRateInsight` are valid Insight types.
+    #
+    #   The `ApiCallRateInsight` Insights type analyzes write-only
+    #   management API calls that are aggregated per minute against a
+    #   baseline API call volume.
+    #
+    #   The `ApiErrorRateInsight` Insights type analyzes management API
+    #   calls that result in error codes. The error is shown if the API call
+    #   is unsuccessful.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsightSelector AWS API Documentation
@@ -2491,10 +2535,9 @@ module Aws::CloudTrail
       include Aws::Structure
     end
 
-    # This exception is thrown when the IAM user or role that is used to
-    # create the organization resource lacks one or more required
-    # permissions for creating an organization resource in a required
-    # service.
+    # This exception is thrown when the IAM identity that is used to create
+    # the organization resource lacks one or more required permissions for
+    # creating an organization resource in a required service.
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/InsufficientDependencyServiceAccessPermissionException AWS API Documentation
     #
@@ -3350,8 +3393,8 @@ module Aws::CloudTrail
     #   `EventSelectors`, but not both. If you apply
     #   `AdvancedEventSelectors` to a trail, any existing `EventSelectors`
     #   are overwritten. For more information about advanced event
-    #   selectors, see [Logging data events for trails][1] in the
-    #   *CloudTrail User Guide*.
+    #   selectors, see [Logging data events][1] in the *CloudTrail User
+    #   Guide*.
     #
     #
     #
@@ -3401,7 +3444,15 @@ module Aws::CloudTrail
     # @!attribute [rw] insight_selectors
     #   A JSON string that contains the insight types you want to log on a
     #   trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid
-    #   insight types.
+    #   Insight types.
+    #
+    #   The `ApiCallRateInsight` Insights type analyzes write-only
+    #   management API calls that are aggregated per minute against a
+    #   baseline API call volume.
+    #
+    #   The `ApiErrorRateInsight` Insights type analyzes management API
+    #   calls that result in error codes. The error is shown if the API call
+    #   is unsuccessful.
     #   @return [Array<Types::InsightSelector>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectorsRequest AWS API Documentation

data/lib/aws-sdk-cloudtrail.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-cloudtrail/customizations'
 # @!group service
 module Aws::CloudTrail
 
-  GEM_VERSION = '1.57.0'
+  GEM_VERSION = '1.59.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-cloudtrail
 version: !ruby/object:Gem::Version
-  version: 1.57.0
+  version: 1.59.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-01-31 00:00:00.000000000 Z
+date: 2023-05-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core