aws-sdk-cloudtrail 1.93.0 → 1.95.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5d705020268454db88d9bb9274609b25d25e395bbe3ca13c9aa6e4e6a3fe2c71
-  data.tar.gz: 538ce499e46dcb1480052e747d11d16800b334815032508c460826bc1b06d760
+  metadata.gz: f56068834c783342fa9440675e3e4ff13169e842b6e25a4cc6aef0f82d64c6ac
+  data.tar.gz: 2da9e6afe6cf5981921e0c8da8f814611d51223606ceed93604523b98ebd8983
 SHA512:
-  metadata.gz: d72fc6316258e2d4ebf8d8b829f62149d26c3f344140fdc8d6dcd3b4db7116a83f6692993978ca140222217d52ee4f7d6dff75a4cf330c044cc79ed525d29192
-  data.tar.gz: f625284ab96c7bb3af40ef825160c1f0561b1471272146379af2d4ed3348b62e758567a87f0e1ff980981c75d2bd436c99eb6678a161f15abbcd5977b6990c36
+  metadata.gz: efca87aaaea31e43b03dbde31de0a3fcd0a984506ad2fb4cbaa3d30e15622bf86d5c50da31430db3989418a1db8f5cd3c47a51ebd71b919b68c68fe3e2998fa4
+  data.tar.gz: c35658a641e20469a6fe0f12f894d0bce38eec93ce6907dea5c4d69be0c8ff1d78e17e48e801eca08dc79055f081cb8e587d46b65bab5233561245fbd07eecd6

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.95.0 (2024-11-18)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.94.0 (2024-11-13)
+------------------
+
+* Feature - This release adds a new API GenerateQuery that generates a query from a natural language prompt about the event data in your event data store. This operation uses generative artificial intelligence (generative AI) to produce a ready-to-use SQL query from the prompt.
+
 1.93.0 (2024-10-18)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.93.0
+1.95.0

data/lib/aws-sdk-cloudtrail/client.rb

@@ -1185,6 +1185,7 @@ module Aws::CloudTrail
     #   * {Types::DescribeQueryResponse#error_message #error_message} => String
     #   * {Types::DescribeQueryResponse#delivery_s3_uri #delivery_s3_uri} => String
     #   * {Types::DescribeQueryResponse#delivery_status #delivery_status} => String
+    #   * {Types::DescribeQueryResponse#prompt #prompt} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -1207,6 +1208,7 @@ module Aws::CloudTrail
     #   resp.error_message #=> String
     #   resp.delivery_s3_uri #=> String
     #   resp.delivery_status #=> String, one of "SUCCESS", "FAILED", "FAILED_SIGNING_FILE", "PENDING", "RESOURCE_NOT_FOUND", "ACCESS_DENIED", "ACCESS_DENIED_SIGNING_FILE", "CANCELLED", "UNKNOWN"
+    #   resp.prompt #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeQuery AWS API Documentation
     #
@@ -1395,6 +1397,71 @@ module Aws::CloudTrail
       req.send_request(options)
     end
 
+    # Generates a query from a natural language prompt. This operation uses
+    # generative artificial intelligence (generative AI) to produce a
+    # ready-to-use SQL query from the prompt.
+    #
+    # The prompt can be a question or a statement about the event data in
+    # your event data store. For example, you can enter prompts like "What
+    # are my top errors in the past month?" and “Give me a list of users
+    # that used SNS.”
+    #
+    # The prompt must be in English. For information about limitations,
+    # permissions, and supported Regions, see [Create CloudTrail Lake
+    # queries from natural language prompts][1] in the <i>CloudTrail </i>
+    # user guide.
+    #
+    # <note markdown="1"> Do not include any personally identifying, confidential, or sensitive
+    # information in your prompts.
+    #
+    #  This feature uses generative AI large language models (LLMs); we
+    # recommend double-checking the LLM response.
+    #
+    #  </note>
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-query-generator.html
+    #
+    # @option params [required, Array<String>] :event_data_stores
+    #   The ARN (or ID suffix of the ARN) of the event data store that you
+    #   want to query. You can only specify one event data store.
+    #
+    # @option params [required, String] :prompt
+    #   The prompt that you want to use to generate the query. The prompt must
+    #   be in English. For example prompts, see [Example prompts][1] in the
+    #   <i>CloudTrail </i> user guide.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-query-generator.html#lake-query-generator-examples
+    #
+    # @return [Types::GenerateQueryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GenerateQueryResponse#query_statement #query_statement} => String
+    #   * {Types::GenerateQueryResponse#query_alias #query_alias} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.generate_query({
+    #     event_data_stores: ["EventDataStoreArn"], # required
+    #     prompt: "Prompt", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.query_statement #=> String
+    #   resp.query_alias #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GenerateQuery AWS API Documentation
+    #
+    # @overload generate_query(params = {})
+    # @param [Hash] params ({})
+    def generate_query(params = {}, options = {})
+      req = build_request(:generate_query, params)
+      req.send_request(options)
+    end
+
     # Returns information about a specific channel.
     #
     # @option params [required, String] :channel
@@ -3958,7 +4025,7 @@ module Aws::CloudTrail
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-cloudtrail'
-      context[:gem_version] = '1.93.0'
+      context[:gem_version] = '1.95.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cloudtrail/client_api.rb

@@ -93,6 +93,7 @@ module Aws::CloudTrail
     EventDataStoreFederationEnabledException = Shapes::StructureShape.new(name: 'EventDataStoreFederationEnabledException')
     EventDataStoreHasOngoingImportException = Shapes::StructureShape.new(name: 'EventDataStoreHasOngoingImportException')
     EventDataStoreKmsKeyId = Shapes::StringShape.new(name: 'EventDataStoreKmsKeyId')
+    EventDataStoreList = Shapes::ListShape.new(name: 'EventDataStoreList')
     EventDataStoreMaxLimitExceededException = Shapes::StructureShape.new(name: 'EventDataStoreMaxLimitExceededException')
     EventDataStoreName = Shapes::StringShape.new(name: 'EventDataStoreName')
     EventDataStoreNotFoundException = Shapes::StructureShape.new(name: 'EventDataStoreNotFoundException')
@@ -107,6 +108,9 @@ module Aws::CloudTrail
     ExcludeManagementEventSources = Shapes::ListShape.new(name: 'ExcludeManagementEventSources')
     FederationRoleArn = Shapes::StringShape.new(name: 'FederationRoleArn')
     FederationStatus = Shapes::StringShape.new(name: 'FederationStatus')
+    GenerateQueryRequest = Shapes::StructureShape.new(name: 'GenerateQueryRequest')
+    GenerateQueryResponse = Shapes::StructureShape.new(name: 'GenerateQueryResponse')
+    GenerateResponseException = Shapes::StructureShape.new(name: 'GenerateResponseException')
     GetChannelRequest = Shapes::StructureShape.new(name: 'GetChannelRequest')
     GetChannelResponse = Shapes::StructureShape.new(name: 'GetChannelResponse')
     GetEventDataStoreRequest = Shapes::StructureShape.new(name: 'GetEventDataStoreRequest')
@@ -230,6 +234,7 @@ module Aws::CloudTrail
     PartitionKeyList = Shapes::ListShape.new(name: 'PartitionKeyList')
     PartitionKeyName = Shapes::StringShape.new(name: 'PartitionKeyName')
     PartitionKeyType = Shapes::StringShape.new(name: 'PartitionKeyType')
+    Prompt = Shapes::StringShape.new(name: 'Prompt')
     PublicKey = Shapes::StructureShape.new(name: 'PublicKey')
     PublicKeyList = Shapes::ListShape.new(name: 'PublicKeyList')
     PutEventSelectorsRequest = Shapes::StructureShape.new(name: 'PutEventSelectorsRequest')
@@ -506,6 +511,7 @@ module Aws::CloudTrail
     DescribeQueryResponse.add_member(:error_message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "ErrorMessage"))
     DescribeQueryResponse.add_member(:delivery_s3_uri, Shapes::ShapeRef.new(shape: DeliveryS3Uri, location_name: "DeliveryS3Uri"))
     DescribeQueryResponse.add_member(:delivery_status, Shapes::ShapeRef.new(shape: DeliveryStatus, location_name: "DeliveryStatus"))
+    DescribeQueryResponse.add_member(:prompt, Shapes::ShapeRef.new(shape: Prompt, location_name: "Prompt"))
     DescribeQueryResponse.struct_class = Types::DescribeQueryResponse
 
     DescribeTrailsRequest.add_member(:trail_name_list, Shapes::ShapeRef.new(shape: TrailNameList, location_name: "trailNameList"))
@@ -568,6 +574,8 @@ module Aws::CloudTrail
 
     EventDataStoreHasOngoingImportException.struct_class = Types::EventDataStoreHasOngoingImportException
 
+    EventDataStoreList.member = Shapes::ShapeRef.new(shape: EventDataStoreArn)
+
     EventDataStoreMaxLimitExceededException.struct_class = Types::EventDataStoreMaxLimitExceededException
 
     EventDataStoreNotFoundException.struct_class = Types::EventDataStoreNotFoundException
@@ -588,6 +596,16 @@ module Aws::CloudTrail
 
     ExcludeManagementEventSources.member = Shapes::ShapeRef.new(shape: String)
 
+    GenerateQueryRequest.add_member(:event_data_stores, Shapes::ShapeRef.new(shape: EventDataStoreList, required: true, location_name: "EventDataStores"))
+    GenerateQueryRequest.add_member(:prompt, Shapes::ShapeRef.new(shape: Prompt, required: true, location_name: "Prompt"))
+    GenerateQueryRequest.struct_class = Types::GenerateQueryRequest
+
+    GenerateQueryResponse.add_member(:query_statement, Shapes::ShapeRef.new(shape: QueryStatement, location_name: "QueryStatement"))
+    GenerateQueryResponse.add_member(:query_alias, Shapes::ShapeRef.new(shape: QueryAlias, location_name: "QueryAlias"))
+    GenerateQueryResponse.struct_class = Types::GenerateQueryResponse
+
+    GenerateResponseException.struct_class = Types::GenerateResponseException
+
     GetChannelRequest.add_member(:channel, Shapes::ShapeRef.new(shape: ChannelArn, required: true, location_name: "Channel"))
     GetChannelRequest.struct_class = Types::GetChannelRequest
 
@@ -1567,6 +1585,22 @@ module Aws::CloudTrail
         o.errors << Shapes::ShapeRef.new(shape: EventDataStoreFederationEnabledException)
       end)
 
+      api.add_operation(:generate_query, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GenerateQuery"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: GenerateQueryRequest)
+        o.output = Shapes::ShapeRef.new(shape: GenerateQueryResponse)
+        o.errors << Shapes::ShapeRef.new(shape: EventDataStoreARNInvalidException)
+        o.errors << Shapes::ShapeRef.new(shape: EventDataStoreNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InactiveEventDataStoreException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: GenerateResponseException)
+        o.errors << Shapes::ShapeRef.new(shape: OperationNotPermittedException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: NoManagementAccountSLRExistsException)
+      end)
+
       api.add_operation(:get_channel, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetChannel"
         o.http_method = "POST"
@@ -1993,6 +2027,7 @@ module Aws::CloudTrail
         o.errors << Shapes::ShapeRef.new(shape: OperationNotPermittedException)
         o.errors << Shapes::ShapeRef.new(shape: NotOrganizationMasterAccountException)
         o.errors << Shapes::ShapeRef.new(shape: NoManagementAccountSLRExistsException)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
       end)
 
       api.add_operation(:restore_event_data_store, Seahorse::Model::Operation.new.tap do |o|

data/lib/aws-sdk-cloudtrail/errors.rb

@@ -52,6 +52,7 @@ module Aws::CloudTrail
   # * {EventDataStoreMaxLimitExceededException}
   # * {EventDataStoreNotFoundException}
   # * {EventDataStoreTerminationProtectedException}
+  # * {GenerateResponseException}
   # * {ImportNotFoundException}
   # * {InactiveEventDataStoreException}
   # * {InactiveQueryException}
@@ -367,6 +368,16 @@ module Aws::CloudTrail
       end
     end
 
+    class GenerateResponseException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::CloudTrail::Types::GenerateResponseException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+    end
+
     class ImportNotFoundException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context

data/lib/aws-sdk-cloudtrail/types.rb

@@ -99,6 +99,16 @@ module Aws::CloudTrail
     #
     # * `readOnly`
     #
+    # The following additional fields are available for event data stores:
+    #
+    # * `eventName`
+    #
+    # * `eventType`
+    #
+    # * `sessionCredentialFromConsole`
+    #
+    # * `userIdentity.arn`
+    #
     # **Supported CloudTrail event record fields for data events**
     #
     # * `eventCategory` (required)
@@ -111,6 +121,16 @@ module Aws::CloudTrail
     #
     # * `resources.ARN`
     #
+    # The following additional fields are available for event data stores:
+    #
+    # * `eventSource`
+    #
+    # * `eventType`
+    #
+    # * `sessionCredentialFromConsole`
+    #
+    # * `userIdentity.arn`
+    #
     # **Supported CloudTrail event record fields for network activity
     # events**
     #
@@ -170,11 +190,16 @@ module Aws::CloudTrail
     #   filtering is not supported.
     #
     #   For CloudTrail management events, supported fields include
-    #   `eventCategory` (required), `eventSource`, and `readOnly`.
+    #   `eventCategory` (required), `eventSource`, and `readOnly`. The
+    #   following additional fields are available for event data stores:
+    #   `eventName`, `eventType`, `sessionCredentialFromConsole`, and
+    #   `userIdentity.arn`.
     #
     #   For CloudTrail data events, supported fields include `eventCategory`
     #   (required), `resources.type` (required), `eventName`, `readOnly`,
-    #   and `resources.ARN`.
+    #   and `resources.ARN`. The following additional fields are available
+    #   for event data stores: `eventSource`, `eventType`,
+    #   `sessionCredentialFromConsole`, and `userIdentity.arn`.
     #
     #   For CloudTrail network activity events, supported fields include
     #   `eventCategory` (required), `eventSource` (required), `eventName`,
@@ -192,12 +217,17 @@ module Aws::CloudTrail
     #     only `write` events.
     #
     #   * <b> <code>eventSource</code> </b> - This field is only used for
-    #     management events and network activity events.
+    #     management events, data events (for event data stores only), and
+    #     network activity events.
     #
-    #     For management events, this is an optional field that can be set
-    #     to `NotEquals` `kms.amazonaws.com` to exclude KMS management
-    #     events, or `NotEquals` `rdsdata.amazonaws.com` to exclude RDS
-    #     management events.
+    #     For management events for trails, this is an optional field that
+    #     can be set to `NotEquals` `kms.amazonaws.com` to exclude KMS
+    #     management events, or `NotEquals` `rdsdata.amazonaws.com` to
+    #     exclude RDS management events.
+    #
+    #     For management and data events for event data stores, you can use
+    #     it to include or exclude any event source and can use any
+    #     operator.
     #
     #     For network activity events, this is a required field that only
     #     uses the `Equals` operator. Set this field to the event source for
@@ -214,12 +244,12 @@ module Aws::CloudTrail
     #     * `kms.amazonaws.com`
     #
     #     * `secretsmanager.amazonaws.com`
-    #
     #   * <b> <code>eventName</code> </b> - This is an optional field that
-    #     is only used for data events and network activity events. You can
-    #     use any operator with `eventName`. You can use it to filter in or
-    #     filter out specific events. You can have multiple values for this
-    #     field, separated by commas.
+    #     is only used for data events, management events (for event data
+    #     stores only), and network activity events. You can use any
+    #     operator with `eventName`. You can use it to filter in or filter out
+    #     specific events. You can have multiple values for this field,
+    #     separated by commas.
     #
     #   * <b> <code>eventCategory</code> </b> - This field is required and
     #     must be set to `Equals`.
@@ -231,7 +261,6 @@ module Aws::CloudTrail
     #
     #     * For CloudTrail network activity events, the value must be
     #       `NetworkActivity`.
-    #
     #     The following are used only for event data stores:
     #
     #     * For CloudTrail Insights events, the value must be `Insight`.
@@ -241,8 +270,13 @@ module Aws::CloudTrail
     #
     #     * For Audit Manager evidence, the value must be `Evidence`.
     #
-    #     * For non-Amazon Web Services events, the value must be
+    #     * For events outside of Amazon Web Services, the value must be
     #       `ActivityAuditLog`.
+    #   * <b> <code>eventType</code> </b> - This is an optional field
+    #     available only for event data stores, which is used to filter
+    #     management and data events on the event type. For information
+    #     about available event types, see [CloudTrail record contents][1]
+    #     in the *CloudTrail user guide*.
     #
     #   * <b> <code>errorCode</code> </b> - This field is only used to filter
     #     CloudTrail network activity events and is optional. This is the
@@ -250,161 +284,19 @@ module Aws::CloudTrail
     #     `VpceAccessDenied`. `errorCode` can only use the `Equals`
     #     operator.
     #
+    #   * <b> <code>sessionCredentialFromConsole</code> </b> - This is an
+    #     optional field available only for event data stores, which is used
+    #     to filter management and data events based on whether the events
+    #     originated from an Amazon Web Services Management Console session.
+    #     `sessionCredentialFromConsole` can only use the `Equals` and
+    #     `NotEquals` operators.
+    #
     #   * <b> <code>resources.type</code> </b> - This field is required for
     #     CloudTrail data events. `resources.type` can only use the `Equals`
     #     operator.
     #
-    #     The value can be one of the following:
-    #
-    #     * `AWS::AppConfig::Configuration`
-    #
-    #     * `AWS::B2BI::Transformer`
-    #
-    #     * `AWS::Bedrock::AgentAlias`
-    #
-    #     * `AWS::Bedrock::FlowAlias`
-    #
-    #     * `AWS::Bedrock::Guardrail`
-    #
-    #     * `AWS::Bedrock::KnowledgeBase`
-    #
-    #     * `AWS::Cassandra::Table`
-    #
-    #     * `AWS::CloudFront::KeyValueStore`
-    #
-    #     * `AWS::CloudTrail::Channel`
-    #
-    #     * `AWS::CloudWatch::Metric`
-    #
-    #     * `AWS::CodeWhisperer::Customization`
-    #
-    #     * `AWS::CodeWhisperer::Profile`
-    #
-    #     * `AWS::Cognito::IdentityPool`
-    #
-    #     * `AWS::DynamoDB::Stream`
-    #
-    #     * `AWS::DynamoDB::Table`
-    #
-    #     * `AWS::EC2::Snapshot`
-    #
-    #     * `AWS::EMRWAL::Workspace`
-    #
-    #     * `AWS::FinSpace::Environment`
-    #
-    #     * `AWS::Glue::Table`
-    #
-    #     * `AWS::GreengrassV2::ComponentVersion`
-    #
-    #     * `AWS::GreengrassV2::Deployment`
-    #
-    #     * `AWS::GuardDuty::Detector`
-    #
-    #     * `AWS::IoT::Certificate`
-    #
-    #     * `AWS::IoT::Thing`
-    #
-    #     * `AWS::IoTSiteWise::Asset`
-    #
-    #     * `AWS::IoTSiteWise::TimeSeries`
-    #
-    #     * `AWS::IoTTwinMaker::Entity`
-    #
-    #     * `AWS::IoTTwinMaker::Workspace`
-    #
-    #     * `AWS::KendraRanking::ExecutionPlan`
-    #
-    #     * `AWS::Kinesis::Stream`
-    #
-    #     * `AWS::Kinesis::StreamConsumer`
-    #
-    #     * `AWS::KinesisVideo::Stream`
-    #
-    #     * `AWS::Lambda::Function`
-    #
-    #     * `AWS::MachineLearning::MlModel`
-    #
-    #     * `AWS::ManagedBlockchain::Network`
-    #
-    #     * `AWS::ManagedBlockchain::Node`
-    #
-    #     * `AWS::MedicalImaging::Datastore`
-    #
-    #     * `AWS::NeptuneGraph::Graph`
-    #
-    #     * `AWS::One::UKey`
-    #
-    #     * `AWS::One::User`
-    #
-    #     * `AWS::PaymentCryptography::Alias`
-    #
-    #     * `AWS::PaymentCryptography::Key`
-    #
-    #     * `AWS::PCAConnectorAD::Connector`
-    #
-    #     * `AWS::PCAConnectorSCEP::Connector`
-    #
-    #     * `AWS::QApps:QApp`
-    #
-    #     * `AWS::QBusiness::Application`
-    #
-    #     * `AWS::QBusiness::DataSource`
-    #
-    #     * `AWS::QBusiness::Index`
-    #
-    #     * `AWS::QBusiness::WebExperience`
-    #
-    #     * `AWS::RDS::DBCluster`
-    #
-    #     * `AWS::RUM::AppMonitor`
-    #
-    #     * `AWS::S3::AccessPoint`
-    #
-    #     * `AWS::S3::Object`
-    #
-    #     * `AWS::S3Express::Object`
-    #
-    #     * `AWS::S3ObjectLambda::AccessPoint`
-    #
-    #     * `AWS::S3Outposts::Object`
-    #
-    #     * `AWS::SageMaker::Endpoint`
-    #
-    #     * `AWS::SageMaker::ExperimentTrialComponent`
-    #
-    #     * `AWS::SageMaker::FeatureGroup`
-    #
-    #     * `AWS::ServiceDiscovery::Namespace `
-    #
-    #     * `AWS::ServiceDiscovery::Service`
-    #
-    #     * `AWS::SCN::Instance`
-    #
-    #     * `AWS::SNS::PlatformEndpoint`
-    #
-    #     * `AWS::SNS::Topic`
-    #
-    #     * `AWS::SQS::Queue`
-    #
-    #     * `AWS::SSM::ManagedNode`
-    #
-    #     * `AWS::SSMMessages::ControlChannel`
-    #
-    #     * `AWS::StepFunctions::StateMachine`
-    #
-    #     * `AWS::SWF::Domain`
-    #
-    #     * `AWS::ThinClient::Device`
-    #
-    #     * `AWS::ThinClient::Environment`
-    #
-    #     * `AWS::Timestream::Database`
-    #
-    #     * `AWS::Timestream::Table`
-    #
-    #     * `AWS::VerifiedPermissions::PolicyStore`
-    #
-    #     * `AWS::XRay::Trace`
+    #     For a list of available resource types for data events, see [Data
+    #     events][2] in the *CloudTrail User Guide*.
     #
     #     You can have only one `resources.type` field per selector. To log
     #     events on more than one resource type, add another selector.
@@ -419,7 +311,7 @@ module Aws::CloudTrail
     #     matching value.
     #
     #     For information about filtering data events on the `resources.ARN`
-    #     field, see [Filtering data events by resources.ARN][1] in the
+    #     field, see [Filtering data events by resources.ARN][3] in the
     #     *CloudTrail User Guide*.
     #
     #     <note markdown="1"> You can't use the `resources.ARN` field to filter resource types
@@ -427,6 +319,13 @@ module Aws::CloudTrail
     #
     #      </note>
     #
+    #   * <b> <code>userIdentity.arn</code> </b> - This is an optional field
+    #     available only for event data stores, which is used to filter
+    #     management and data events on the userIdentity ARN. You can use
+    #     any operator with `userIdentity.arn`. For more information on the
+    #     userIdentity element, see [CloudTrail userIdentity element][4] in
+    #     the *CloudTrail User Guide*.
+    #
     #   * <b> <code>vpcEndpointId</code> </b> - This field is only used to
     #     filter CloudTrail network activity events and is optional. This
     #     field identifies the VPC endpoint that the request passed through.
@@ -434,7 +333,10 @@ module Aws::CloudTrail
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/filtering-data-events.html#filtering-data-events-resourcearn
+    #   [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-record-contents.html#ct-event-type
+    #   [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#logging-data-events
+    #   [3]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/filtering-data-events.html#filtering-data-events-resourcearn
+    #   [4]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html
     #   @return [String]
     #
     # @!attribute [rw] equals
@@ -1284,12 +1186,11 @@ module Aws::CloudTrail
     #   * `AWS::S3::Object`
     #
     #   Additional resource types are available through *advanced* event
-    #   selectors. For more information about these additional resource
-    #   types, see [AdvancedFieldSelector][1].
+    #   selectors. For more information, see [AdvancedEventSelector][1].
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedFieldSelector.html
+    #   [1]: https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html
     #   @return [String]
     #
     # @!attribute [rw] values
@@ -1514,6 +1415,16 @@ module Aws::CloudTrail
     #   The delivery status.
     #   @return [String]
     #
+    # @!attribute [rw] prompt
+    #   The prompt used for a generated query. For information about
+    #   generated queries, see [Create CloudTrail Lake queries from natural
+    #   language prompts][1] in the <i>CloudTrail </i> user guide.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-query-generator.html
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeQueryResponse AWS API Documentation
     #
     class DescribeQueryResponse < Struct.new(
@@ -1523,7 +1434,8 @@ module Aws::CloudTrail
       :query_statistics,
       :error_message,
       :delivery_s3_uri,
-      :delivery_status)
+      :delivery_status,
+      :prompt)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1970,6 +1882,56 @@ module Aws::CloudTrail
       include Aws::Structure
     end
 
+    # @!attribute [rw] event_data_stores
+    #   The ARN (or ID suffix of the ARN) of the event data store that you
+    #   want to query. You can only specify one event data store.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] prompt
+    #   The prompt that you want to use to generate the query. The prompt
+    #   must be in English. For example prompts, see [Example prompts][1] in
+    #   the <i>CloudTrail </i> user guide.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-query-generator.html#lake-query-generator-examples
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GenerateQueryRequest AWS API Documentation
+    #
+    class GenerateQueryRequest < Struct.new(
+      :event_data_stores,
+      :prompt)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] query_statement
+    #   The SQL query statement generated from the prompt.
+    #   @return [String]
+    #
+    # @!attribute [rw] query_alias
+    #   An alias that identifies the prompt. When you run the `StartQuery`
+    #   operation, you can pass in either the `QueryAlias` or
+    #   `QueryStatement` parameter.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GenerateQueryResponse AWS API Documentation
+    #
+    class GenerateQueryResponse < Struct.new(
+      :query_statement,
+      :query_alias)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # This exception is thrown when a valid query could not be generated for
+    # the provided prompt.
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GenerateResponseException AWS API Documentation
+    #
+    class GenerateResponseException < Aws::EmptyStructure; end
+
     # @!attribute [rw] channel
     #   The ARN or `UUID` of a channel.
     #   @return [String]

data/lib/aws-sdk-cloudtrail.rb

@@ -54,7 +54,7 @@ module Aws::CloudTrail
   autoload :EndpointProvider, 'aws-sdk-cloudtrail/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-cloudtrail/endpoints'
 
-  GEM_VERSION = '1.93.0'
+  GEM_VERSION = '1.95.0'
 
 end
 

data/sig/client.rbs

@@ -273,6 +273,7 @@ module Aws
         def error_message: () -> ::String
         def delivery_s3_uri: () -> ::String
         def delivery_status: () -> ("SUCCESS" | "FAILED" | "FAILED_SIGNING_FILE" | "PENDING" | "RESOURCE_NOT_FOUND" | "ACCESS_DENIED" | "ACCESS_DENIED_SIGNING_FILE" | "CANCELLED" | "UNKNOWN")
+        def prompt: () -> ::String
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CloudTrail/Client.html#describe_query-instance_method
       def describe_query: (
@@ -317,6 +318,18 @@ module Aws
                              ) -> _EnableFederationResponseSuccess
                            | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _EnableFederationResponseSuccess
 
+      interface _GenerateQueryResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::GenerateQueryResponse]
+        def query_statement: () -> ::String
+        def query_alias: () -> ::String
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CloudTrail/Client.html#generate_query-instance_method
+      def generate_query: (
+                            event_data_stores: Array[::String],
+                            prompt: ::String
+                          ) -> _GenerateQueryResponseSuccess
+                        | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GenerateQueryResponseSuccess
+
       interface _GetChannelResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::GetChannelResponse]
         def channel_arn: () -> ::String

data/sig/errors.rbs

@@ -61,6 +61,8 @@ module Aws
       end
       class EventDataStoreTerminationProtectedException < ::Aws::Errors::ServiceError
       end
+      class GenerateResponseException < ::Aws::Errors::ServiceError
+      end
       class ImportNotFoundException < ::Aws::Errors::ServiceError
       end
       class InactiveEventDataStoreException < ::Aws::Errors::ServiceError

data/sig/types.rbs

@@ -248,6 +248,7 @@ module Aws::CloudTrail
       attr_accessor error_message: ::String
       attr_accessor delivery_s3_uri: ::String
       attr_accessor delivery_status: ("SUCCESS" | "FAILED" | "FAILED_SIGNING_FILE" | "PENDING" | "RESOURCE_NOT_FOUND" | "ACCESS_DENIED" | "ACCESS_DENIED_SIGNING_FILE" | "CANCELLED" | "UNKNOWN")
+      attr_accessor prompt: ::String
       SENSITIVE: []
     end
 
@@ -348,6 +349,21 @@ module Aws::CloudTrail
       SENSITIVE: []
     end
 
+    class GenerateQueryRequest
+      attr_accessor event_data_stores: ::Array[::String]
+      attr_accessor prompt: ::String
+      SENSITIVE: []
+    end
+
+    class GenerateQueryResponse
+      attr_accessor query_statement: ::String
+      attr_accessor query_alias: ::String
+      SENSITIVE: []
+    end
+
+    class GenerateResponseException < Aws::EmptyStructure
+    end
+
     class GetChannelRequest
       attr_accessor channel: ::String
       SENSITIVE: []

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-cloudtrail
 version: !ruby/object:Gem::Version
-  version: 1.93.0
+  version: 1.95.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-10-18 00:00:00.000000000 Z
+date: 2024-11-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core