aws-sdk-cloudtrail 1.69.0 → 1.71.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4b24cb672b25c72e3db7577e21748e2fda21e947e97d28e877288f3fb3920fa3
-  data.tar.gz: 589f160ef8f987c1e04b30bc8ecebe6b748003908c6eddba386e55922d004fbd
+  metadata.gz: 05c2e2236239fc3f96708d5e6b3eb9def2976cc03d206e330744db0de62f043b
+  data.tar.gz: 6f456dda1b142c0f5eb882c869419c300d4b500bfe7bc4350374c4aa24084815
 SHA512:
-  metadata.gz: 2eb1970c37645e3e7afbabbf4b4d4cd09ccecad94853f8c6b1f08dcb36f41bfe4982d15a3f155ad9e3a0119d3214a3ee809bc2bc68de7c6f0cd2907fef06c1f1
-  data.tar.gz: 5a24aa6853d60a7d6db173a6e902dda48216e049369ca2f12c2bd2e418f430232514a3561ce279c3ac857fd95f8a59c3c3d88501e55ee92aa53b44314c0aecad
+  metadata.gz: 75a0dfc065eca3804c4698e945e93062cdd44701b086273c91ff720614af254be1377980b66bbb04df7f4d748e8e434a46530f623a7b1ee508f259352ccb739e
+  data.tar.gz: 1283b44089ba4d85f1cdbb08e077449757b81715cebe8ff62d62cd3b1e8f2d075d8dea25222161f1e007cd3867a0885cb1a0452eed3bcdf7e9956a617219097e

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.71.0 (2023-11-15)
+------------------
+
+* Feature - The Lake Repricing feature lets customers configure a BillingMode for an event data store. The BillingMode determines the cost for ingesting and storing events and the default and maximum retention period for the event data store.
+
+1.70.0 (2023-11-09)
+------------------
+
+* Feature - The Insights in Lake feature lets customers enable CloudTrail Insights on a source CloudTrail Lake event data store and create a destination event data store to collect Insights events based on unusual management event activity in the source event data store.
+
 1.69.0 (2023-09-27)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.69.0
+1.71.0

data/lib/aws-sdk-cloudtrail/client.rb

@@ -603,8 +603,12 @@ module Aws::CloudTrail
     #   organization in Organizations.
     #
     # @option params [Integer] :retention_period
-    #   The retention period of the event data store, in days. You can set a
+    #   The retention period of the event data store, in days. If
+    #   `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING`, you can set a
+    #   retention period of up to 3653 days, the equivalent of 10 years. If
+    #   `BillingMode` is set to `FIXED_RETENTION_PRICING`, you can set a
     #   retention period of up to 2557 days, the equivalent of seven years.
+    #
     #   CloudTrail Lake determines whether to retain an event by checking if
     #   the `eventTime` of the event is within the specified retention period.
     #   For example, if you set a retention period of 90 days, CloudTrail will
@@ -663,6 +667,33 @@ module Aws::CloudTrail
     #   Specifies whether the event data store should start ingesting live
     #   events. The default is true.
     #
+    # @option params [String] :billing_mode
+    #   The billing mode for the event data store determines the cost for
+    #   ingesting events and the default and maximum retention period for the
+    #   event data store.
+    #
+    #   The following are the possible values:
+    #
+    #   * `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally
+    #     recommended if you want a flexible retention period of up to 3653
+    #     days (about 10 years). The default retention period for this billing
+    #     mode is 366 days.
+    #
+    #   * `FIXED_RETENTION_PRICING` - This billing mode is recommended if you
+    #     expect to ingest more than 25 TB of event data per month and need a
+    #     retention period of up to 2557 days (about 7 years). The default
+    #     retention period for this billing mode is 2557 days.
+    #
+    #   The default value is `EXTENDABLE_RETENTION_PRICING`.
+    #
+    #   For more information about CloudTrail pricing, see [CloudTrail
+    #   Pricing][1] and [Managing CloudTrail Lake costs][2].
+    #
+    #
+    #
+    #   [1]: http://aws.amazon.com/cloudtrail/pricing/
+    #   [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html
+    #
     # @return [Types::CreateEventDataStoreResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateEventDataStoreResponse#event_data_store_arn #event_data_store_arn} => String
@@ -677,6 +708,7 @@ module Aws::CloudTrail
     #   * {Types::CreateEventDataStoreResponse#created_timestamp #created_timestamp} => Time
     #   * {Types::CreateEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
     #   * {Types::CreateEventDataStoreResponse#kms_key_id #kms_key_id} => String
+    #   * {Types::CreateEventDataStoreResponse#billing_mode #billing_mode} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -710,6 +742,7 @@ module Aws::CloudTrail
     #     ],
     #     kms_key_id: "EventDataStoreKmsKeyId",
     #     start_ingestion: false,
+    #     billing_mode: "EXTENDABLE_RETENTION_PRICING", # accepts EXTENDABLE_RETENTION_PRICING, FIXED_RETENTION_PRICING
     #   })
     #
     # @example Response structure
@@ -743,6 +776,7 @@ module Aws::CloudTrail
     #   resp.created_timestamp #=> Time
     #   resp.updated_timestamp #=> Time
     #   resp.kms_key_id #=> String
+    #   resp.billing_mode #=> String, one of "EXTENDABLE_RETENTION_PRICING", "FIXED_RETENTION_PRICING"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateEventDataStore AWS API Documentation
     #
@@ -828,6 +862,11 @@ module Aws::CloudTrail
     #
     #   Not required unless you specify `CloudWatchLogsRoleArn`.
     #
+    #   <note markdown="1"> Only the management account can configure a CloudWatch Logs log group
+    #   for an organization trail.
+    #
+    #    </note>
+    #
     # @option params [String] :cloud_watch_logs_role_arn
     #   Specifies the role for the CloudWatch Logs endpoint to assume to write
     #   to a user's log group. You must use a role that exists in your
@@ -1279,6 +1318,7 @@ module Aws::CloudTrail
     #   * {Types::GetEventDataStoreResponse#created_timestamp #created_timestamp} => Time
     #   * {Types::GetEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
     #   * {Types::GetEventDataStoreResponse#kms_key_id #kms_key_id} => String
+    #   * {Types::GetEventDataStoreResponse#billing_mode #billing_mode} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -1314,6 +1354,7 @@ module Aws::CloudTrail
     #   resp.created_timestamp #=> Time
     #   resp.updated_timestamp #=> Time
     #   resp.kms_key_id #=> String
+    #   resp.billing_mode #=> String, one of "EXTENDABLE_RETENTION_PRICING", "FIXED_RETENTION_PRICING"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventDataStore AWS API Documentation
     #
@@ -1471,20 +1512,26 @@ module Aws::CloudTrail
     end
 
     # Describes the settings for the Insights event selectors that you
-    # configured for your trail. `GetInsightSelectors` shows if CloudTrail
-    # Insights event logging is enabled on the trail, and if it is, which
-    # insight types are enabled. If you run `GetInsightSelectors` on a trail
-    # that does not have Insights events enabled, the operation throws the
-    # exception `InsightNotEnabledException`
+    # configured for your trail or event data store. `GetInsightSelectors`
+    # shows if CloudTrail Insights event logging is enabled on the trail or
+    # event data store, and if it is, which Insights types are enabled. If
+    # you run `GetInsightSelectors` on a trail or event data store that does
+    # not have Insights events enabled, the operation throws the exception
+    # `InsightNotEnabledException`
+    #
+    # Specify either the `EventDataStore` parameter to get Insights event
+    # selectors for an event data store, or the `TrailName` parameter to the
+    # get Insights event selectors for a trail. You cannot specify these
+    # parameters together.
     #
-    # For more information, see [Logging CloudTrail Insights Events for
-    # Trails ][1] in the *CloudTrail User Guide*.
+    # For more information, see [Logging CloudTrail Insights events][1] in
+    # the *CloudTrail User Guide*.
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-insights-events-with-cloudtrail.html
     #
-    # @option params [required, String] :trail_name
+    # @option params [String] :trail_name
     #   Specifies the name of the trail or trail ARN. If you specify a trail
     #   name, the string must meet the following requirements:
     #
@@ -1504,15 +1551,26 @@ module Aws::CloudTrail
     #
     #   `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
     #
+    #   You cannot use this parameter with the `EventDataStore` parameter.
+    #
+    # @option params [String] :event_data_store
+    #   Specifies the ARN (or ID suffix of the ARN) of the event data store
+    #   for which you want to get Insights selectors.
+    #
+    #   You cannot use this parameter with the `TrailName` parameter.
+    #
     # @return [Types::GetInsightSelectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::GetInsightSelectorsResponse#trail_arn #trail_arn} => String
     #   * {Types::GetInsightSelectorsResponse#insight_selectors #insight_selectors} => Array&lt;Types::InsightSelector&gt;
+    #   * {Types::GetInsightSelectorsResponse#event_data_store_arn #event_data_store_arn} => String
+    #   * {Types::GetInsightSelectorsResponse#insights_destination #insights_destination} => String
     #
     # @example Request syntax with placeholder values
     #
     #   resp = client.get_insight_selectors({
-    #     trail_name: "String", # required
+    #     trail_name: "String",
+    #     event_data_store: "EventDataStoreArn",
     #   })
     #
     # @example Response structure
@@ -1520,6 +1578,8 @@ module Aws::CloudTrail
     #   resp.trail_arn #=> String
     #   resp.insight_selectors #=> Array
     #   resp.insight_selectors[0].insight_type #=> String, one of "ApiCallRateInsight", "ApiErrorRateInsight"
+    #   resp.event_data_store_arn #=> String
+    #   resp.insights_destination #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetInsightSelectors AWS API Documentation
     #
@@ -2149,8 +2209,16 @@ module Aws::CloudTrail
 
     # Looks up [management events][1] or [CloudTrail Insights events][2]
     # that are captured by CloudTrail. You can look up events that occurred
-    # in a Region within the last 90 days. Lookup supports the following
-    # attributes for management events:
+    # in a Region within the last 90 days.
+    #
+    # <note markdown="1"> `LookupEvents` returns recent Insights events for trails that enable
+    # Insights. To view Insights events for an event data store, you can run
+    # queries on your Insights event data store, and you can also view the
+    # Lake dashboard for Insights.
+    #
+    #  </note>
+    #
+    # Lookup supports the following attributes for management events:
     #
     # * Amazon Web Services access key
     #
@@ -2446,25 +2514,51 @@ module Aws::CloudTrail
     end
 
     # Lets you enable Insights event logging by specifying the Insights
-    # selectors that you want to enable on an existing trail. You also use
-    # `PutInsightSelectors` to turn off Insights event logging, by passing
-    # an empty list of insight types. The valid Insights event types in this
-    # release are `ApiErrorRateInsight` and `ApiCallRateInsight`.
+    # selectors that you want to enable on an existing trail or event data
+    # store. You also use `PutInsightSelectors` to turn off Insights event
+    # logging, by passing an empty list of Insights types. The valid
+    # Insights event types are `ApiErrorRateInsight` and
+    # `ApiCallRateInsight`.
+    #
+    # To enable Insights on an event data store, you must specify the ARNs
+    # (or ID suffix of the ARNs) for the source event data store
+    # (`EventDataStore`) and the destination event data store
+    # (`InsightsDestination`). The source event data store logs management
+    # events and enables Insights. The destination event data store logs
+    # Insights events based upon the management event activity of the source
+    # event data store. The source and destination event data stores must
+    # belong to the same Amazon Web Services account.
+    #
+    # To log Insights events for a trail, you must specify the name
+    # (`TrailName`) of the CloudTrail trail for which you want to change or
+    # add Insights selectors.
+    #
+    # To log CloudTrail Insights events on API call volume, the trail or
+    # event data store must log `write` management events. To log CloudTrail
+    # Insights events on API error rate, the trail or event data store must
+    # log `read` or `write` management events. You can call
+    # `GetEventSelectors` on a trail to check whether the trail logs
+    # management events. You can call `GetEventDataStore` on an event data
+    # store to check whether the event data store logs management events.
+    #
+    # For more information, see [Logging CloudTrail Insights events][1] in
+    # the *CloudTrail User Guide*.
     #
-    # To log CloudTrail Insights events on API call volume, the trail must
-    # log `write` management events. To log CloudTrail Insights events on
-    # API error rate, the trail must log `read` or `write` management
-    # events. You can call `GetEventSelectors` on a trail to check whether
-    # the trail logs management events.
     #
-    # @option params [required, String] :trail_name
+    #
+    # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-insights-events-with-cloudtrail.html
+    #
+    # @option params [String] :trail_name
     #   The name of the CloudTrail trail for which you want to change or add
     #   Insights selectors.
     #
+    #   You cannot use this parameter with the `EventDataStore` and
+    #   `InsightsDestination` parameters.
+    #
     # @option params [required, Array<Types::InsightSelector>] :insight_selectors
-    #   A JSON string that contains the insight types you want to log on a
-    #   trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid
-    #   Insight types.
+    #   A JSON string that contains the Insights types you want to log on a
+    #   trail or event data store. `ApiCallRateInsight` and
+    #   `ApiErrorRateInsight` are valid Insight types.
     #
     #   The `ApiCallRateInsight` Insights type analyzes write-only management
     #   API calls that are aggregated per minute against a baseline API call
@@ -2474,20 +2568,40 @@ module Aws::CloudTrail
     #   that result in error codes. The error is shown if the API call is
     #   unsuccessful.
     #
+    # @option params [String] :event_data_store
+    #   The ARN (or ID suffix of the ARN) of the source event data store for
+    #   which you want to change or add Insights selectors. To enable Insights
+    #   on an event data store, you must provide both the `EventDataStore` and
+    #   `InsightsDestination` parameters.
+    #
+    #   You cannot use this parameter with the `TrailName` parameter.
+    #
+    # @option params [String] :insights_destination
+    #   The ARN (or ID suffix of the ARN) of the destination event data store
+    #   that logs Insights events. To enable Insights on an event data store,
+    #   you must provide both the `EventDataStore` and `InsightsDestination`
+    #   parameters.
+    #
+    #   You cannot use this parameter with the `TrailName` parameter.
+    #
     # @return [Types::PutInsightSelectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::PutInsightSelectorsResponse#trail_arn #trail_arn} => String
     #   * {Types::PutInsightSelectorsResponse#insight_selectors #insight_selectors} => Array&lt;Types::InsightSelector&gt;
+    #   * {Types::PutInsightSelectorsResponse#event_data_store_arn #event_data_store_arn} => String
+    #   * {Types::PutInsightSelectorsResponse#insights_destination #insights_destination} => String
     #
     # @example Request syntax with placeholder values
     #
     #   resp = client.put_insight_selectors({
-    #     trail_name: "String", # required
+    #     trail_name: "String",
     #     insight_selectors: [ # required
     #       {
     #         insight_type: "ApiCallRateInsight", # accepts ApiCallRateInsight, ApiErrorRateInsight
     #       },
     #     ],
+    #     event_data_store: "EventDataStoreArn",
+    #     insights_destination: "EventDataStoreArn",
     #   })
     #
     # @example Response structure
@@ -2495,6 +2609,8 @@ module Aws::CloudTrail
     #   resp.trail_arn #=> String
     #   resp.insight_selectors #=> Array
     #   resp.insight_selectors[0].insight_type #=> String, one of "ApiCallRateInsight", "ApiErrorRateInsight"
+    #   resp.event_data_store_arn #=> String
+    #   resp.insights_destination #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectors AWS API Documentation
     #
@@ -2560,8 +2676,12 @@ module Aws::CloudTrail
       req.send_request(options)
     end
 
-    # Registers an organization’s member account as the CloudTrail delegated
-    # administrator.
+    # Registers an organization’s member account as the CloudTrail
+    # [delegated administrator][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-delegated-administrator.html
     #
     # @option params [required, String] :member_account_id
     #   An organization member account ID that you want to designate as a
@@ -2648,6 +2768,7 @@ module Aws::CloudTrail
     #   * {Types::RestoreEventDataStoreResponse#created_timestamp #created_timestamp} => Time
     #   * {Types::RestoreEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
     #   * {Types::RestoreEventDataStoreResponse#kms_key_id #kms_key_id} => String
+    #   * {Types::RestoreEventDataStoreResponse#billing_mode #billing_mode} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -2683,6 +2804,7 @@ module Aws::CloudTrail
     #   resp.created_timestamp #=> Time
     #   resp.updated_timestamp #=> Time
     #   resp.kms_key_id #=> String
+    #   resp.billing_mode #=> String, one of "EXTENDABLE_RETENTION_PRICING", "FIXED_RETENTION_PRICING"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RestoreEventDataStore AWS API Documentation
     #
@@ -3069,13 +3191,15 @@ module Aws::CloudTrail
     # ARN or the ID portion of the ARN. Other parameters are optional, but
     # at least one optional parameter must be specified, or CloudTrail
     # throws an error. `RetentionPeriod` is in days, and valid values are
-    # integers between 90 and 2557. By default, `TerminationProtection` is
-    # enabled.
+    # integers between 7 and 3653 if the `BillingMode` is set to
+    # `EXTENDABLE_RETENTION_PRICING`, or between 7 and 2557 if `BillingMode`
+    # is set to `FIXED_RETENTION_PRICING`. By default,
+    # `TerminationProtection` is enabled.
     #
     # For event data stores for CloudTrail events, `AdvancedEventSelectors`
-    # includes or excludes management and data events in your event data
-    # store. For more information about `AdvancedEventSelectors`, see
-    # [AdvancedEventSelectors][1].
+    # includes or excludes management, data, or Insights events in your
+    # event data store. For more information about `AdvancedEventSelectors`,
+    # see [AdvancedEventSelectors][1].
     #
     # For event data stores for Config configuration items, Audit Manager
     # evidence, or non-Amazon Web Services events, `AdvancedEventSelectors`
@@ -3105,9 +3229,20 @@ module Aws::CloudTrail
     #   Specifies whether an event data store collects events logged for an
     #   organization in Organizations.
     #
+    #   <note markdown="1"> Only the management account for the organization can convert an
+    #   organization event data store to a non-organization event data store,
+    #   or convert a non-organization event data store to an organization
+    #   event data store.
+    #
+    #    </note>
+    #
     # @option params [Integer] :retention_period
-    #   The retention period of the event data store, in days. You can set a
+    #   The retention period of the event data store, in days. If
+    #   `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING`, you can set a
+    #   retention period of up to 3653 days, the equivalent of 10 years. If
+    #   `BillingMode` is set to `FIXED_RETENTION_PRICING`, you can set a
     #   retention period of up to 2557 days, the equivalent of seven years.
+    #
     #   CloudTrail Lake determines whether to retain an event by checking if
     #   the `eventTime` of the event is within the specified retention period.
     #   For example, if you set a retention period of 90 days, CloudTrail will
@@ -3157,6 +3292,40 @@ module Aws::CloudTrail
     #
     #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
     #
+    # @option params [String] :billing_mode
+    #   <note markdown="1"> You can't change the billing mode from `EXTENDABLE_RETENTION_PRICING`
+    #   to `FIXED_RETENTION_PRICING`. If `BillingMode` is set to
+    #   `EXTENDABLE_RETENTION_PRICING` and you want to use
+    #   `FIXED_RETENTION_PRICING` instead, you'll need to stop ingestion on
+    #   the event data store and create a new event data store that uses
+    #   `FIXED_RETENTION_PRICING`.
+    #
+    #    </note>
+    #
+    #   The billing mode for the event data store determines the cost for
+    #   ingesting events and the default and maximum retention period for the
+    #   event data store.
+    #
+    #   The following are the possible values:
+    #
+    #   * `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally
+    #     recommended if you want a flexible retention period of up to 3653
+    #     days (about 10 years). The default retention period for this billing
+    #     mode is 366 days.
+    #
+    #   * `FIXED_RETENTION_PRICING` - This billing mode is recommended if you
+    #     expect to ingest more than 25 TB of event data per month and need a
+    #     retention period of up to 2557 days (about 7 years). The default
+    #     retention period for this billing mode is 2557 days.
+    #
+    #   For more information about CloudTrail pricing, see [CloudTrail
+    #   Pricing][1] and [Managing CloudTrail Lake costs][2].
+    #
+    #
+    #
+    #   [1]: http://aws.amazon.com/cloudtrail/pricing/
+    #   [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html
+    #
     # @return [Types::UpdateEventDataStoreResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateEventDataStoreResponse#event_data_store_arn #event_data_store_arn} => String
@@ -3170,6 +3339,7 @@ module Aws::CloudTrail
     #   * {Types::UpdateEventDataStoreResponse#created_timestamp #created_timestamp} => Time
     #   * {Types::UpdateEventDataStoreResponse#updated_timestamp #updated_timestamp} => Time
     #   * {Types::UpdateEventDataStoreResponse#kms_key_id #kms_key_id} => String
+    #   * {Types::UpdateEventDataStoreResponse#billing_mode #billing_mode} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -3197,6 +3367,7 @@ module Aws::CloudTrail
     #     retention_period: 1,
     #     termination_protection_enabled: false,
     #     kms_key_id: "EventDataStoreKmsKeyId",
+    #     billing_mode: "EXTENDABLE_RETENTION_PRICING", # accepts EXTENDABLE_RETENTION_PRICING, FIXED_RETENTION_PRICING
     #   })
     #
     # @example Response structure
@@ -3227,6 +3398,7 @@ module Aws::CloudTrail
     #   resp.created_timestamp #=> Time
     #   resp.updated_timestamp #=> Time
     #   resp.kms_key_id #=> String
+    #   resp.billing_mode #=> String, one of "EXTENDABLE_RETENTION_PRICING", "FIXED_RETENTION_PRICING"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateEventDataStore AWS API Documentation
     #
@@ -3325,6 +3497,11 @@ module Aws::CloudTrail
     #
     #   Not required unless you specify `CloudWatchLogsRoleArn`.
     #
+    #   <note markdown="1"> Only the management account can configure a CloudWatch Logs log group
+    #   for an organization trail.
+    #
+    #    </note>
+    #
     # @option params [String] :cloud_watch_logs_role_arn
     #   Specifies the role for the CloudWatch Logs endpoint to assume to write
     #   to a user's log group. You must use a role that exists in your
@@ -3359,13 +3536,18 @@ module Aws::CloudTrail
     #   organization in Organizations, or only for the current Amazon Web
     #   Services account. The default is false, and cannot be true unless the
     #   call is made on behalf of an Amazon Web Services account that is the
-    #   management account or delegated administrator account for an
-    #   organization in Organizations. If the trail is not an organization
-    #   trail and this is set to `true`, the trail will be created in all
-    #   Amazon Web Services accounts that belong to the organization. If the
-    #   trail is an organization trail and this is set to `false`, the trail
-    #   will remain in the current Amazon Web Services account but be deleted
-    #   from all member accounts in the organization.
+    #   management account for an organization in Organizations. If the trail
+    #   is not an organization trail and this is set to `true`, the trail will
+    #   be created in all Amazon Web Services accounts that belong to the
+    #   organization. If the trail is an organization trail and this is set to
+    #   `false`, the trail will remain in the current Amazon Web Services
+    #   account but be deleted from all member accounts in the organization.
+    #
+    #   <note markdown="1"> Only the management account for the organization can convert an
+    #   organization trail to a non-organization trail, or convert a
+    #   non-organization trail to an organization trail.
+    #
+    #    </note>
     #
     # @return [Types::UpdateTrailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -3437,7 +3619,7 @@ module Aws::CloudTrail
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cloudtrail'
-      context[:gem_version] = '1.69.0'
+      context[:gem_version] = '1.71.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cloudtrail/client_api.rb

@@ -24,6 +24,7 @@ module Aws::CloudTrail
     AdvancedEventSelectors = Shapes::ListShape.new(name: 'AdvancedEventSelectors')
     AdvancedFieldSelector = Shapes::StructureShape.new(name: 'AdvancedFieldSelector')
     AdvancedFieldSelectors = Shapes::ListShape.new(name: 'AdvancedFieldSelectors')
+    BillingMode = Shapes::StringShape.new(name: 'BillingMode')
     Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     ByteBuffer = Shapes::BlobShape.new(name: 'ByteBuffer')
     CancelQueryRequest = Shapes::StructureShape.new(name: 'CancelQueryRequest')
@@ -381,6 +382,7 @@ module Aws::CloudTrail
     CreateEventDataStoreRequest.add_member(:tags_list, Shapes::ShapeRef.new(shape: TagsList, location_name: "TagsList"))
     CreateEventDataStoreRequest.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: EventDataStoreKmsKeyId, location_name: "KmsKeyId"))
     CreateEventDataStoreRequest.add_member(:start_ingestion, Shapes::ShapeRef.new(shape: Boolean, location_name: "StartIngestion"))
+    CreateEventDataStoreRequest.add_member(:billing_mode, Shapes::ShapeRef.new(shape: BillingMode, location_name: "BillingMode"))
     CreateEventDataStoreRequest.struct_class = Types::CreateEventDataStoreRequest
 
     CreateEventDataStoreResponse.add_member(:event_data_store_arn, Shapes::ShapeRef.new(shape: EventDataStoreArn, location_name: "EventDataStoreArn"))
@@ -395,6 +397,7 @@ module Aws::CloudTrail
     CreateEventDataStoreResponse.add_member(:created_timestamp, Shapes::ShapeRef.new(shape: Date, location_name: "CreatedTimestamp"))
     CreateEventDataStoreResponse.add_member(:updated_timestamp, Shapes::ShapeRef.new(shape: Date, location_name: "UpdatedTimestamp"))
     CreateEventDataStoreResponse.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: EventDataStoreKmsKeyId, location_name: "KmsKeyId"))
+    CreateEventDataStoreResponse.add_member(:billing_mode, Shapes::ShapeRef.new(shape: BillingMode, location_name: "BillingMode"))
     CreateEventDataStoreResponse.struct_class = Types::CreateEventDataStoreResponse
 
     CreateTrailRequest.add_member(:name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "Name"))
@@ -562,6 +565,7 @@ module Aws::CloudTrail
     GetEventDataStoreResponse.add_member(:created_timestamp, Shapes::ShapeRef.new(shape: Date, location_name: "CreatedTimestamp"))
     GetEventDataStoreResponse.add_member(:updated_timestamp, Shapes::ShapeRef.new(shape: Date, location_name: "UpdatedTimestamp"))
     GetEventDataStoreResponse.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: EventDataStoreKmsKeyId, location_name: "KmsKeyId"))
+    GetEventDataStoreResponse.add_member(:billing_mode, Shapes::ShapeRef.new(shape: BillingMode, location_name: "BillingMode"))
     GetEventDataStoreResponse.struct_class = Types::GetEventDataStoreResponse
 
     GetEventSelectorsRequest.add_member(:trail_name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "TrailName"))
@@ -586,11 +590,14 @@ module Aws::CloudTrail
     GetImportResponse.add_member(:import_statistics, Shapes::ShapeRef.new(shape: ImportStatistics, location_name: "ImportStatistics"))
     GetImportResponse.struct_class = Types::GetImportResponse
 
-    GetInsightSelectorsRequest.add_member(:trail_name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "TrailName"))
+    GetInsightSelectorsRequest.add_member(:trail_name, Shapes::ShapeRef.new(shape: String, location_name: "TrailName"))
+    GetInsightSelectorsRequest.add_member(:event_data_store, Shapes::ShapeRef.new(shape: EventDataStoreArn, location_name: "EventDataStore"))
     GetInsightSelectorsRequest.struct_class = Types::GetInsightSelectorsRequest
 
     GetInsightSelectorsResponse.add_member(:trail_arn, Shapes::ShapeRef.new(shape: String, location_name: "TrailARN"))
     GetInsightSelectorsResponse.add_member(:insight_selectors, Shapes::ShapeRef.new(shape: InsightSelectors, location_name: "InsightSelectors"))
+    GetInsightSelectorsResponse.add_member(:event_data_store_arn, Shapes::ShapeRef.new(shape: EventDataStoreArn, location_name: "EventDataStoreArn"))
+    GetInsightSelectorsResponse.add_member(:insights_destination, Shapes::ShapeRef.new(shape: EventDataStoreArn, location_name: "InsightsDestination"))
     GetInsightSelectorsResponse.struct_class = Types::GetInsightSelectorsResponse
 
     GetQueryResultsRequest.add_member(:event_data_store, Shapes::ShapeRef.new(shape: EventDataStoreArn, deprecated: true, location_name: "EventDataStore", metadata: {"deprecatedMessage"=>"EventDataStore is no longer required by GetQueryResultsRequest"}))
@@ -882,12 +889,16 @@ module Aws::CloudTrail
     PutEventSelectorsResponse.add_member(:advanced_event_selectors, Shapes::ShapeRef.new(shape: AdvancedEventSelectors, location_name: "AdvancedEventSelectors"))
     PutEventSelectorsResponse.struct_class = Types::PutEventSelectorsResponse
 
-    PutInsightSelectorsRequest.add_member(:trail_name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "TrailName"))
+    PutInsightSelectorsRequest.add_member(:trail_name, Shapes::ShapeRef.new(shape: String, location_name: "TrailName"))
     PutInsightSelectorsRequest.add_member(:insight_selectors, Shapes::ShapeRef.new(shape: InsightSelectors, required: true, location_name: "InsightSelectors"))
+    PutInsightSelectorsRequest.add_member(:event_data_store, Shapes::ShapeRef.new(shape: EventDataStoreArn, location_name: "EventDataStore"))
+    PutInsightSelectorsRequest.add_member(:insights_destination, Shapes::ShapeRef.new(shape: EventDataStoreArn, location_name: "InsightsDestination"))
     PutInsightSelectorsRequest.struct_class = Types::PutInsightSelectorsRequest
 
     PutInsightSelectorsResponse.add_member(:trail_arn, Shapes::ShapeRef.new(shape: String, location_name: "TrailARN"))
     PutInsightSelectorsResponse.add_member(:insight_selectors, Shapes::ShapeRef.new(shape: InsightSelectors, location_name: "InsightSelectors"))
+    PutInsightSelectorsResponse.add_member(:event_data_store_arn, Shapes::ShapeRef.new(shape: EventDataStoreArn, location_name: "EventDataStoreArn"))
+    PutInsightSelectorsResponse.add_member(:insights_destination, Shapes::ShapeRef.new(shape: EventDataStoreArn, location_name: "InsightsDestination"))
     PutInsightSelectorsResponse.struct_class = Types::PutInsightSelectorsResponse
 
     PutResourcePolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "ResourceArn"))
@@ -977,6 +988,7 @@ module Aws::CloudTrail
     RestoreEventDataStoreResponse.add_member(:created_timestamp, Shapes::ShapeRef.new(shape: Date, location_name: "CreatedTimestamp"))
     RestoreEventDataStoreResponse.add_member(:updated_timestamp, Shapes::ShapeRef.new(shape: Date, location_name: "UpdatedTimestamp"))
     RestoreEventDataStoreResponse.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: EventDataStoreKmsKeyId, location_name: "KmsKeyId"))
+    RestoreEventDataStoreResponse.add_member(:billing_mode, Shapes::ShapeRef.new(shape: BillingMode, location_name: "BillingMode"))
     RestoreEventDataStoreResponse.struct_class = Types::RestoreEventDataStoreResponse
 
     S3BucketDoesNotExistException.struct_class = Types::S3BucketDoesNotExistException
@@ -1116,6 +1128,7 @@ module Aws::CloudTrail
     UpdateEventDataStoreRequest.add_member(:retention_period, Shapes::ShapeRef.new(shape: RetentionPeriod, location_name: "RetentionPeriod"))
     UpdateEventDataStoreRequest.add_member(:termination_protection_enabled, Shapes::ShapeRef.new(shape: TerminationProtectionEnabled, location_name: "TerminationProtectionEnabled"))
     UpdateEventDataStoreRequest.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: EventDataStoreKmsKeyId, location_name: "KmsKeyId"))
+    UpdateEventDataStoreRequest.add_member(:billing_mode, Shapes::ShapeRef.new(shape: BillingMode, location_name: "BillingMode"))
     UpdateEventDataStoreRequest.struct_class = Types::UpdateEventDataStoreRequest
 
     UpdateEventDataStoreResponse.add_member(:event_data_store_arn, Shapes::ShapeRef.new(shape: EventDataStoreArn, location_name: "EventDataStoreArn"))
@@ -1129,6 +1142,7 @@ module Aws::CloudTrail
     UpdateEventDataStoreResponse.add_member(:created_timestamp, Shapes::ShapeRef.new(shape: Date, location_name: "CreatedTimestamp"))
     UpdateEventDataStoreResponse.add_member(:updated_timestamp, Shapes::ShapeRef.new(shape: Date, location_name: "UpdatedTimestamp"))
     UpdateEventDataStoreResponse.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: EventDataStoreKmsKeyId, location_name: "KmsKeyId"))
+    UpdateEventDataStoreResponse.add_member(:billing_mode, Shapes::ShapeRef.new(shape: BillingMode, location_name: "BillingMode"))
     UpdateEventDataStoreResponse.struct_class = Types::UpdateEventDataStoreResponse
 
     UpdateTrailRequest.add_member(:name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "Name"))
@@ -1476,6 +1490,8 @@ module Aws::CloudTrail
         o.http_request_uri = "/"
         o.input = Shapes::ShapeRef.new(shape: GetInsightSelectorsRequest)
         o.output = Shapes::ShapeRef.new(shape: GetInsightSelectorsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterCombinationException)
         o.errors << Shapes::ShapeRef.new(shape: TrailNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidTrailNameException)
         o.errors << Shapes::ShapeRef.new(shape: CloudTrailARNInvalidException)
@@ -1751,6 +1767,8 @@ module Aws::CloudTrail
         o.http_request_uri = "/"
         o.input = Shapes::ShapeRef.new(shape: PutInsightSelectorsRequest)
         o.output = Shapes::ShapeRef.new(shape: PutInsightSelectorsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterCombinationException)
         o.errors << Shapes::ShapeRef.new(shape: TrailNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidTrailNameException)
         o.errors << Shapes::ShapeRef.new(shape: CloudTrailARNInvalidException)
@@ -2003,6 +2021,7 @@ module Aws::CloudTrail
         o.errors << Shapes::ShapeRef.new(shape: EventDataStoreARNInvalidException)
         o.errors << Shapes::ShapeRef.new(shape: EventDataStoreNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidEventSelectorsException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidInsightSelectorsException)
         o.errors << Shapes::ShapeRef.new(shape: EventDataStoreHasOngoingImportException)
         o.errors << Shapes::ShapeRef.new(shape: InactiveEventDataStoreException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)

data/lib/aws-sdk-cloudtrail/endpoint_provider.rb

@@ -32,7 +32,7 @@ module Aws::CloudTrail
             raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
           end
           if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
-            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
+            if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
               if Aws::Endpoints::Matchers.string_equals?(region, "us-gov-east-1")
                 return Aws::Endpoints::Endpoint.new(url: "https://cloudtrail.us-gov-east-1.amazonaws.com", headers: {}, properties: {})
               end