aws-sdk-cloudtrail 1.94.0 → 1.96.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -454,19 +454,19 @@ module Aws::CloudTrail
454
454
 
455
455
  # @!group API Operations
456
456
 
457
- # Adds one or more tags to a trail, event data store, or channel, up to
458
- # a limit of 50. Overwrites an existing tag's value when a new value is
459
- # specified for an existing tag key. Tag key names must be unique; you
460
- # cannot have two keys with the same name but different values. If you
461
- # specify a key without a value, the tag will be created with the
462
- # specified key and a value of null. You can tag a trail or event data
463
- # store that applies to all Amazon Web Services Regions only from the
464
- # Region in which the trail or event data store was created (also known
465
- # as its home Region).
457
+ # Adds one or more tags to a trail, event data store, dashboard, or
458
+ # channel, up to a limit of 50. Overwrites an existing tag's value when
459
+ # a new value is specified for an existing tag key. Tag key names must
460
+ # be unique; you cannot have two keys with the same name but different
461
+ # values. If you specify a key without a value, the tag will be created
462
+ # with the specified key and a value of null. You can tag a trail or
463
+ # event data store that applies to all Amazon Web Services Regions only
464
+ # from the Region in which the trail or event data store was created
465
+ # (also known as its home Region).
466
466
  #
467
467
  # @option params [required, String] :resource_id
468
- # Specifies the ARN of the trail, event data store, or channel to which
469
- # one or more tags will be added.
468
+ # Specifies the ARN of the trail, event data store, dashboard, or
469
+ # channel to which one or more tags will be added.
470
470
  #
471
471
  # The format of a trail ARN is:
472
472
  # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
@@ -474,6 +474,9 @@ module Aws::CloudTrail
474
474
  # The format of an event data store ARN is:
475
475
  # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
476
476
  #
477
+ # The format of a dashboard ARN is:
478
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
479
+ #
477
480
  # The format of a channel ARN is:
478
481
  # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
479
482
  #
@@ -517,22 +520,28 @@ module Aws::CloudTrail
517
520
  # The ID of the query that you want to cancel. The `QueryId` comes from
518
521
  # the response of a `StartQuery` operation.
519
522
  #
523
+ # @option params [String] :event_data_store_owner_account_id
524
+ # The account ID of the event data store owner.
525
+ #
520
526
  # @return [Types::CancelQueryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
521
527
  #
522
528
  # * {Types::CancelQueryResponse#query_id #query_id} => String
523
529
  # * {Types::CancelQueryResponse#query_status #query_status} => String
530
+ # * {Types::CancelQueryResponse#event_data_store_owner_account_id #event_data_store_owner_account_id} => String
524
531
  #
525
532
  # @example Request syntax with placeholder values
526
533
  #
527
534
  # resp = client.cancel_query({
528
535
  # event_data_store: "EventDataStoreArn",
529
536
  # query_id: "UUID", # required
537
+ # event_data_store_owner_account_id: "AccountId",
530
538
  # })
531
539
  #
532
540
  # @example Response structure
533
541
  #
534
542
  # resp.query_id #=> String
535
543
  # resp.query_status #=> String, one of "QUEUED", "RUNNING", "FINISHED", "FAILED", "CANCELLED", "TIMED_OUT"
544
+ # resp.event_data_store_owner_account_id #=> String
536
545
  #
537
546
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CancelQuery AWS API Documentation
538
547
  #
@@ -619,6 +628,140 @@ module Aws::CloudTrail
619
628
  req.send_request(options)
620
629
  end
621
630
 
631
+ # Creates a custom dashboard or the Highlights dashboard.
632
+ #
633
+ # * **Custom dashboards** - Custom dashboards allow you to query events
634
+ # in any event data store type. You can add up to 10 widgets to a
635
+ # custom dashboard. You can manually refresh a custom dashboard, or
636
+ # you can set a refresh schedule.
637
+ #
638
+ # * **Highlights dashboard** - You can create the Highlights dashboard
639
+ # to see a summary of key user activities and API usage across all
640
+ # your event data stores. CloudTrail Lake manages the Highlights
641
+ # dashboard and refreshes the dashboard every 6 hours. To create the
642
+ # Highlights dashboard, you must set and enable a refresh schedule.
643
+ #
644
+ # CloudTrail runs queries to populate the dashboard's widgets during a
645
+ # manual or scheduled refresh. CloudTrail must be granted permissions to
646
+ # run the `StartQuery` operation on your behalf. To provide permissions,
647
+ # run the `PutResourcePolicy` operation to attach a resource-based
648
+ # policy to each event data store. For more information, see [Example:
649
+ # Allow CloudTrail to run queries to populate a dashboard][1] in the
650
+ # *CloudTrail User Guide*.
651
+ #
652
+ # To set a refresh schedule, CloudTrail must be granted permissions to
653
+ # run the `StartDashboardRefresh` operation to refresh the dashboard on
654
+ # your behalf. To provide permissions, run the `PutResourcePolicy`
655
+ # operation to attach a resource-based policy to the dashboard. For more
656
+ # information, see [ Resource-based policy example for a dashboard][2]
657
+ # in the *CloudTrail User Guide*.
658
+ #
659
+ # For more information about dashboards, see [CloudTrail Lake
660
+ # dashboards][3] in the *CloudTrail User Guide*.
661
+ #
662
+ #
663
+ #
664
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html#security_iam_resource-based-policy-examples-eds-dashboard
665
+ # [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html#security_iam_resource-based-policy-examples-dashboards
666
+ # [3]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-dashboard.html
667
+ #
668
+ # @option params [required, String] :name
669
+ # The name of the dashboard. The name must be unique to your account.
670
+ #
671
+ # To create the Highlights dashboard, the name must be
672
+ # `AWSCloudTrail-Highlights`.
673
+ #
674
+ # @option params [Types::RefreshSchedule] :refresh_schedule
675
+ # The refresh schedule configuration for the dashboard.
676
+ #
677
+ # To create the Highlights dashboard, you must set a refresh schedule
678
+ # and set the `Status` to `ENABLED`. The `Unit` for the refresh schedule
679
+ # must be `HOURS` and the `Value` must be `6`.
680
+ #
681
+ # @option params [Array<Types::Tag>] :tags_list
682
+ # A list of tags.
683
+ #
684
+ # @option params [Boolean] :termination_protection_enabled
685
+ # Specifies whether termination protection is enabled for the dashboard.
686
+ # If termination protection is enabled, you cannot delete the dashboard
687
+ # until termination protection is disabled.
688
+ #
689
+ # @option params [Array<Types::RequestWidget>] :widgets
690
+ # An array of widgets for a custom dashboard. A custom dashboard can
691
+ # have a maximum of ten widgets.
692
+ #
693
+ # You do not need to specify widgets for the Highlights dashboard.
694
+ #
695
+ # @return [Types::CreateDashboardResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
696
+ #
697
+ # * {Types::CreateDashboardResponse#dashboard_arn #dashboard_arn} => String
698
+ # * {Types::CreateDashboardResponse#name #name} => String
699
+ # * {Types::CreateDashboardResponse#type #type} => String
700
+ # * {Types::CreateDashboardResponse#widgets #widgets} => Array&lt;Types::Widget&gt;
701
+ # * {Types::CreateDashboardResponse#tags_list #tags_list} => Array&lt;Types::Tag&gt;
702
+ # * {Types::CreateDashboardResponse#refresh_schedule #refresh_schedule} => Types::RefreshSchedule
703
+ # * {Types::CreateDashboardResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
704
+ #
705
+ # @example Request syntax with placeholder values
706
+ #
707
+ # resp = client.create_dashboard({
708
+ # name: "DashboardName", # required
709
+ # refresh_schedule: {
710
+ # frequency: {
711
+ # unit: "HOURS", # accepts HOURS, DAYS
712
+ # value: 1,
713
+ # },
714
+ # status: "ENABLED", # accepts ENABLED, DISABLED
715
+ # time_of_day: "TimeOfDay",
716
+ # },
717
+ # tags_list: [
718
+ # {
719
+ # key: "TagKey", # required
720
+ # value: "TagValue",
721
+ # },
722
+ # ],
723
+ # termination_protection_enabled: false,
724
+ # widgets: [
725
+ # {
726
+ # query_statement: "QueryStatement", # required
727
+ # query_parameters: ["QueryParameter"],
728
+ # view_properties: { # required
729
+ # "ViewPropertiesKey" => "ViewPropertiesValue",
730
+ # },
731
+ # },
732
+ # ],
733
+ # })
734
+ #
735
+ # @example Response structure
736
+ #
737
+ # resp.dashboard_arn #=> String
738
+ # resp.name #=> String
739
+ # resp.type #=> String, one of "MANAGED", "CUSTOM"
740
+ # resp.widgets #=> Array
741
+ # resp.widgets[0].query_alias #=> String
742
+ # resp.widgets[0].query_statement #=> String
743
+ # resp.widgets[0].query_parameters #=> Array
744
+ # resp.widgets[0].query_parameters[0] #=> String
745
+ # resp.widgets[0].view_properties #=> Hash
746
+ # resp.widgets[0].view_properties["ViewPropertiesKey"] #=> String
747
+ # resp.tags_list #=> Array
748
+ # resp.tags_list[0].key #=> String
749
+ # resp.tags_list[0].value #=> String
750
+ # resp.refresh_schedule.frequency.unit #=> String, one of "HOURS", "DAYS"
751
+ # resp.refresh_schedule.frequency.value #=> Integer
752
+ # resp.refresh_schedule.status #=> String, one of "ENABLED", "DISABLED"
753
+ # resp.refresh_schedule.time_of_day #=> String
754
+ # resp.termination_protection_enabled #=> Boolean
755
+ #
756
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateDashboard AWS API Documentation
757
+ #
758
+ # @overload create_dashboard(params = {})
759
+ # @param [Hash] params ({})
760
+ def create_dashboard(params = {}, options = {})
761
+ req = build_request(:create_dashboard, params)
762
+ req.send_request(options)
763
+ end
764
+
622
765
  # Creates a new event data store.
623
766
  #
624
767
  # @option params [required, String] :name
@@ -1044,6 +1187,29 @@ module Aws::CloudTrail
1044
1187
  req.send_request(options)
1045
1188
  end
1046
1189
 
1190
+ # Deletes the specified dashboard. You cannot delete a dashboard that
1191
+ # has termination protection enabled.
1192
+ #
1193
+ # @option params [required, String] :dashboard_id
1194
+ # The name or ARN for the dashboard.
1195
+ #
1196
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1197
+ #
1198
+ # @example Request syntax with placeholder values
1199
+ #
1200
+ # resp = client.delete_dashboard({
1201
+ # dashboard_id: "DashboardArn", # required
1202
+ # })
1203
+ #
1204
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteDashboard AWS API Documentation
1205
+ #
1206
+ # @overload delete_dashboard(params = {})
1207
+ # @param [Hash] params ({})
1208
+ def delete_dashboard(params = {}, options = {})
1209
+ req = build_request(:delete_dashboard, params)
1210
+ req.send_request(options)
1211
+ end
1212
+
1047
1213
  # Disables the event data store specified by `EventDataStore`, which
1048
1214
  # accepts an event data store ARN. After you run `DeleteEventDataStore`,
1049
1215
  # the event data store enters a `PENDING_DELETION` state, and is
@@ -1080,13 +1246,21 @@ module Aws::CloudTrail
1080
1246
  req.send_request(options)
1081
1247
  end
1082
1248
 
1083
- # Deletes the resource-based policy attached to the CloudTrail channel.
1249
+ # Deletes the resource-based policy attached to the CloudTrail event
1250
+ # data store, dashboard, or channel.
1084
1251
  #
1085
1252
  # @option params [required, String] :resource_arn
1086
- # The Amazon Resource Name (ARN) of the CloudTrail channel you're
1087
- # deleting the resource-based policy from. The following is the format
1088
- # of a resource ARN:
1089
- # `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel`.
1253
+ # The Amazon Resource Name (ARN) of the CloudTrail event data store,
1254
+ # dashboard, or channel you're deleting the resource-based policy from.
1255
+ #
1256
+ # Example event data store ARN format:
1257
+ # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
1258
+ #
1259
+ # Example dashboard ARN format:
1260
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
1261
+ #
1262
+ # Example channel ARN format:
1263
+ # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
1090
1264
  #
1091
1265
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1092
1266
  #
@@ -1162,9 +1336,11 @@ module Aws::CloudTrail
1162
1336
  # If the query results were delivered to an S3 bucket, the response also
1163
1337
  # provides the S3 URI and the delivery status.
1164
1338
  #
1165
- # You must specify either a `QueryID` or a `QueryAlias`. Specifying the
1339
+ # You must specify either `QueryId` or `QueryAlias`. Specifying the
1166
1340
  # `QueryAlias` parameter returns information about the last query run
1167
- # for the alias.
1341
+ # for the alias. You can provide `RefreshId` along with `QueryAlias` to
1342
+ # view the query results of a dashboard query for the specified
1343
+ # `RefreshId`.
1168
1344
  #
1169
1345
  # @option params [String] :event_data_store
1170
1346
  # The ARN (or the ID suffix of the ARN) of an event data store on which
@@ -1176,6 +1352,12 @@ module Aws::CloudTrail
1176
1352
  # @option params [String] :query_alias
1177
1353
  # The alias that identifies a query template.
1178
1354
  #
1355
+ # @option params [String] :refresh_id
1356
+ # The ID of the dashboard refresh.
1357
+ #
1358
+ # @option params [String] :event_data_store_owner_account_id
1359
+ # The account ID of the event data store owner.
1360
+ #
1179
1361
  # @return [Types::DescribeQueryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1180
1362
  #
1181
1363
  # * {Types::DescribeQueryResponse#query_id #query_id} => String
@@ -1186,6 +1368,7 @@ module Aws::CloudTrail
1186
1368
  # * {Types::DescribeQueryResponse#delivery_s3_uri #delivery_s3_uri} => String
1187
1369
  # * {Types::DescribeQueryResponse#delivery_status #delivery_status} => String
1188
1370
  # * {Types::DescribeQueryResponse#prompt #prompt} => String
1371
+ # * {Types::DescribeQueryResponse#event_data_store_owner_account_id #event_data_store_owner_account_id} => String
1189
1372
  #
1190
1373
  # @example Request syntax with placeholder values
1191
1374
  #
@@ -1193,6 +1376,8 @@ module Aws::CloudTrail
1193
1376
  # event_data_store: "EventDataStoreArn",
1194
1377
  # query_id: "UUID",
1195
1378
  # query_alias: "QueryAlias",
1379
+ # refresh_id: "RefreshId",
1380
+ # event_data_store_owner_account_id: "AccountId",
1196
1381
  # })
1197
1382
  #
1198
1383
  # @example Response structure
@@ -1209,6 +1394,7 @@ module Aws::CloudTrail
1209
1394
  # resp.delivery_s3_uri #=> String
1210
1395
  # resp.delivery_status #=> String, one of "SUCCESS", "FAILED", "FAILED_SIGNING_FILE", "PENDING", "RESOURCE_NOT_FOUND", "ACCESS_DENIED", "ACCESS_DENIED_SIGNING_FILE", "CANCELLED", "UNKNOWN"
1211
1396
  # resp.prompt #=> String
1397
+ # resp.event_data_store_owner_account_id #=> String
1212
1398
  #
1213
1399
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeQuery AWS API Documentation
1214
1400
  #
@@ -1440,6 +1626,7 @@ module Aws::CloudTrail
1440
1626
  #
1441
1627
  # * {Types::GenerateQueryResponse#query_statement #query_statement} => String
1442
1628
  # * {Types::GenerateQueryResponse#query_alias #query_alias} => String
1629
+ # * {Types::GenerateQueryResponse#event_data_store_owner_account_id #event_data_store_owner_account_id} => String
1443
1630
  #
1444
1631
  # @example Request syntax with placeholder values
1445
1632
  #
@@ -1452,6 +1639,7 @@ module Aws::CloudTrail
1452
1639
  #
1453
1640
  # resp.query_statement #=> String
1454
1641
  # resp.query_alias #=> String
1642
+ # resp.event_data_store_owner_account_id #=> String
1455
1643
  #
1456
1644
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GenerateQuery AWS API Documentation
1457
1645
  #
@@ -1522,6 +1710,61 @@ module Aws::CloudTrail
1522
1710
  req.send_request(options)
1523
1711
  end
1524
1712
 
1713
+ # Returns the specified dashboard.
1714
+ #
1715
+ # @option params [required, String] :dashboard_id
1716
+ # The name or ARN for the dashboard.
1717
+ #
1718
+ # @return [Types::GetDashboardResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1719
+ #
1720
+ # * {Types::GetDashboardResponse#dashboard_arn #dashboard_arn} => String
1721
+ # * {Types::GetDashboardResponse#type #type} => String
1722
+ # * {Types::GetDashboardResponse#status #status} => String
1723
+ # * {Types::GetDashboardResponse#widgets #widgets} => Array&lt;Types::Widget&gt;
1724
+ # * {Types::GetDashboardResponse#refresh_schedule #refresh_schedule} => Types::RefreshSchedule
1725
+ # * {Types::GetDashboardResponse#created_timestamp #created_timestamp} => Time
1726
+ # * {Types::GetDashboardResponse#updated_timestamp #updated_timestamp} => Time
1727
+ # * {Types::GetDashboardResponse#last_refresh_id #last_refresh_id} => String
1728
+ # * {Types::GetDashboardResponse#last_refresh_failure_reason #last_refresh_failure_reason} => String
1729
+ # * {Types::GetDashboardResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
1730
+ #
1731
+ # @example Request syntax with placeholder values
1732
+ #
1733
+ # resp = client.get_dashboard({
1734
+ # dashboard_id: "DashboardArn", # required
1735
+ # })
1736
+ #
1737
+ # @example Response structure
1738
+ #
1739
+ # resp.dashboard_arn #=> String
1740
+ # resp.type #=> String, one of "MANAGED", "CUSTOM"
1741
+ # resp.status #=> String, one of "CREATING", "CREATED", "UPDATING", "UPDATED", "DELETING"
1742
+ # resp.widgets #=> Array
1743
+ # resp.widgets[0].query_alias #=> String
1744
+ # resp.widgets[0].query_statement #=> String
1745
+ # resp.widgets[0].query_parameters #=> Array
1746
+ # resp.widgets[0].query_parameters[0] #=> String
1747
+ # resp.widgets[0].view_properties #=> Hash
1748
+ # resp.widgets[0].view_properties["ViewPropertiesKey"] #=> String
1749
+ # resp.refresh_schedule.frequency.unit #=> String, one of "HOURS", "DAYS"
1750
+ # resp.refresh_schedule.frequency.value #=> Integer
1751
+ # resp.refresh_schedule.status #=> String, one of "ENABLED", "DISABLED"
1752
+ # resp.refresh_schedule.time_of_day #=> String
1753
+ # resp.created_timestamp #=> Time
1754
+ # resp.updated_timestamp #=> Time
1755
+ # resp.last_refresh_id #=> String
1756
+ # resp.last_refresh_failure_reason #=> String
1757
+ # resp.termination_protection_enabled #=> Boolean
1758
+ #
1759
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetDashboard AWS API Documentation
1760
+ #
1761
+ # @overload get_dashboard(params = {})
1762
+ # @param [Hash] params ({})
1763
+ def get_dashboard(params = {}, options = {})
1764
+ req = build_request(:get_dashboard, params)
1765
+ req.send_request(options)
1766
+ end
1767
+
1525
1768
  # Returns information about an event data store specified as either an
1526
1769
  # ARN or the ID portion of the ARN.
1527
1770
  #
@@ -1845,6 +2088,9 @@ module Aws::CloudTrail
1845
2088
  # @option params [Integer] :max_query_results
1846
2089
  # The maximum number of query results to display on a single page.
1847
2090
  #
2091
+ # @option params [String] :event_data_store_owner_account_id
2092
+ # The account ID of the event data store owner.
2093
+ #
1848
2094
  # @return [Types::GetQueryResultsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1849
2095
  #
1850
2096
  # * {Types::GetQueryResultsResponse#query_status #query_status} => String
@@ -1862,6 +2108,7 @@ module Aws::CloudTrail
1862
2108
  # query_id: "UUID", # required
1863
2109
  # next_token: "PaginationToken",
1864
2110
  # max_query_results: 1,
2111
+ # event_data_store_owner_account_id: "AccountId",
1865
2112
  # })
1866
2113
  #
1867
2114
  # @example Response structure
@@ -1887,17 +2134,26 @@ module Aws::CloudTrail
1887
2134
  end
1888
2135
 
1889
2136
  # Retrieves the JSON text of the resource-based policy document attached
1890
- # to the CloudTrail channel.
2137
+ # to the CloudTrail event data store, dashboard, or channel.
1891
2138
  #
1892
2139
  # @option params [required, String] :resource_arn
1893
- # The Amazon Resource Name (ARN) of the CloudTrail channel attached to
1894
- # the resource-based policy. The following is the format of a resource
1895
- # ARN: `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel`.
2140
+ # The Amazon Resource Name (ARN) of the CloudTrail event data store,
2141
+ # dashboard, or channel attached to the resource-based policy.
2142
+ #
2143
+ # Example event data store ARN format:
2144
+ # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
2145
+ #
2146
+ # Example dashboard ARN format:
2147
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
2148
+ #
2149
+ # Example channel ARN format:
2150
+ # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
1896
2151
  #
1897
2152
  # @return [Types::GetResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1898
2153
  #
1899
2154
  # * {Types::GetResourcePolicyResponse#resource_arn #resource_arn} => String
1900
2155
  # * {Types::GetResourcePolicyResponse#resource_policy #resource_policy} => String
2156
+ # * {Types::GetResourcePolicyResponse#delegated_admin_resource_policy #delegated_admin_resource_policy} => String
1901
2157
  #
1902
2158
  # @example Request syntax with placeholder values
1903
2159
  #
@@ -1909,6 +2165,7 @@ module Aws::CloudTrail
1909
2165
  #
1910
2166
  # resp.resource_arn #=> String
1911
2167
  # resp.resource_policy #=> String
2168
+ # resp.delegated_admin_resource_policy #=> String
1912
2169
  #
1913
2170
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetResourcePolicy AWS API Documentation
1914
2171
  #
@@ -1974,10 +2231,16 @@ module Aws::CloudTrail
1974
2231
  # Specifies the name or the CloudTrail ARN of the trail for which you
1975
2232
  # are requesting status. To get the status of a shadow trail (a
1976
2233
  # replication of the trail in another Region), you must specify its ARN.
1977
- # The following is the format of a trail ARN.
1978
2234
  #
2235
+ # The following is the format of a trail ARN:
1979
2236
  # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
1980
2237
  #
2238
+ # <note markdown="1"> If the trail is an organization trail and you are a member account in
2239
+ # the organization in Organizations, you must provide the full ARN of
2240
+ # that trail, and not just the name.
2241
+ #
2242
+ # </note>
2243
+ #
1981
2244
  # @return [Types::GetTrailStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1982
2245
  #
1983
2246
  # * {Types::GetTrailStatusResponse#is_logging #is_logging} => Boolean
@@ -2075,6 +2338,51 @@ module Aws::CloudTrail
2075
2338
  req.send_request(options)
2076
2339
  end
2077
2340
 
2341
+ # Returns information about all dashboards in the account, in the
2342
+ # current Region.
2343
+ #
2344
+ # @option params [String] :name_prefix
2345
+ # Specify a name prefix to filter on.
2346
+ #
2347
+ # @option params [String] :type
2348
+ # Specify a dashboard type to filter on: `CUSTOM` or `MANAGED`.
2349
+ #
2350
+ # @option params [String] :next_token
2351
+ # A token you can use to get the next page of dashboard results.
2352
+ #
2353
+ # @option params [Integer] :max_results
2354
+ # The maximum number of dashboards to display on a single page.
2355
+ #
2356
+ # @return [Types::ListDashboardsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2357
+ #
2358
+ # * {Types::ListDashboardsResponse#dashboards #dashboards} => Array&lt;Types::DashboardDetail&gt;
2359
+ # * {Types::ListDashboardsResponse#next_token #next_token} => String
2360
+ #
2361
+ # @example Request syntax with placeholder values
2362
+ #
2363
+ # resp = client.list_dashboards({
2364
+ # name_prefix: "DashboardName",
2365
+ # type: "MANAGED", # accepts MANAGED, CUSTOM
2366
+ # next_token: "PaginationToken",
2367
+ # max_results: 1,
2368
+ # })
2369
+ #
2370
+ # @example Response structure
2371
+ #
2372
+ # resp.dashboards #=> Array
2373
+ # resp.dashboards[0].dashboard_arn #=> String
2374
+ # resp.dashboards[0].type #=> String, one of "MANAGED", "CUSTOM"
2375
+ # resp.next_token #=> String
2376
+ #
2377
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListDashboards AWS API Documentation
2378
+ #
2379
+ # @overload list_dashboards(params = {})
2380
+ # @param [Hash] params ({})
2381
+ def list_dashboards(params = {}, options = {})
2382
+ req = build_request(:list_dashboards, params)
2383
+ req.send_request(options)
2384
+ end
2385
+
2078
2386
  # Returns information about all event data stores in the account, in the
2079
2387
  # current Region.
2080
2388
  #
@@ -2299,11 +2607,11 @@ module Aws::CloudTrail
2299
2607
  # error. The default is 3600 seconds.
2300
2608
  #
2301
2609
  # @option params [String] :data_type
2302
- # Type of datapoints to return. Valid values are `NonZeroData` and
2610
+ # Type of data points to return. Valid values are `NonZeroData` and
2303
2611
  # `FillWithZeros`. The default is `NonZeroData`.
2304
2612
  #
2305
2613
  # @option params [Integer] :max_results
2306
- # The maximum number of datapoints to return. Valid values are integers
2614
+ # The maximum number of data points to return. Valid values are integers
2307
2615
  # from 1 to 21600. The default value is 21600.
2308
2616
  #
2309
2617
  # @option params [String] :next_token
@@ -2484,12 +2792,12 @@ module Aws::CloudTrail
2484
2792
  req.send_request(options)
2485
2793
  end
2486
2794
 
2487
- # Lists the tags for the specified trails, event data stores, or
2488
- # channels in the current Region.
2795
+ # Lists the tags for the specified trails, event data stores,
2796
+ # dashboards, or channels in the current Region.
2489
2797
  #
2490
2798
  # @option params [required, Array<String>] :resource_id_list
2491
- # Specifies a list of trail, event data store, or channel ARNs whose
2492
- # tags will be listed. The list has a limit of 20 ARNs.
2799
+ # Specifies a list of trail, event data store, dashboard, or channel
2800
+ # ARNs whose tags will be listed. The list has a limit of 20 ARNs.
2493
2801
  #
2494
2802
  # Example trail ARN format:
2495
2803
  # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
@@ -2497,6 +2805,9 @@ module Aws::CloudTrail
2497
2805
  # Example event data store ARN format:
2498
2806
  # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
2499
2807
  #
2808
+ # Example dashboard ARN format:
2809
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
2810
+ #
2500
2811
  # Example channel ARN format:
2501
2812
  # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
2502
2813
  #
@@ -3019,39 +3330,44 @@ module Aws::CloudTrail
3019
3330
  req.send_request(options)
3020
3331
  end
3021
3332
 
3022
- # Attaches a resource-based permission policy to a CloudTrail channel
3023
- # that is used for an integration with an event source outside of Amazon
3024
- # Web Services. For more information about resource-based policies, see
3025
- # [CloudTrail resource-based policy examples][1] in the *CloudTrail User
3026
- # Guide*.
3333
+ # Attaches a resource-based permission policy to a CloudTrail event data
3334
+ # store, dashboard, or channel. For more information about
3335
+ # resource-based policies, see [CloudTrail resource-based policy
3336
+ # examples][1] in the *CloudTrail User Guide*.
3027
3337
  #
3028
3338
  #
3029
3339
  #
3030
3340
  # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html
3031
3341
  #
3032
3342
  # @option params [required, String] :resource_arn
3033
- # The Amazon Resource Name (ARN) of the CloudTrail channel attached to
3034
- # the resource-based policy. The following is the format of a resource
3035
- # ARN: `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel`.
3343
+ # The Amazon Resource Name (ARN) of the CloudTrail event data store,
3344
+ # dashboard, or channel attached to the resource-based policy.
3345
+ #
3346
+ # Example event data store ARN format:
3347
+ # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
3348
+ #
3349
+ # Example dashboard ARN format:
3350
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
3351
+ #
3352
+ # Example channel ARN format:
3353
+ # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
3036
3354
  #
3037
3355
  # @option params [required, String] :resource_policy
3038
3356
  # A JSON-formatted string for an Amazon Web Services resource-based
3039
3357
  # policy.
3040
3358
  #
3041
- # The following are requirements for the resource policy:
3359
+ # For example resource-based policies, see [CloudTrail resource-based
3360
+ # policy examples][1] in the *CloudTrail User Guide*.
3042
3361
  #
3043
- # * Contains only one action: cloudtrail-data:PutAuditEvents
3044
3362
  #
3045
- # * Contains at least one statement. The policy can have a maximum of 20
3046
- # statements.
3047
3363
  #
3048
- # * Each statement contains at least one principal. A statement can have
3049
- # a maximum of 50 principals.
3364
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html
3050
3365
  #
3051
3366
  # @return [Types::PutResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3052
3367
  #
3053
3368
  # * {Types::PutResourcePolicyResponse#resource_arn #resource_arn} => String
3054
3369
  # * {Types::PutResourcePolicyResponse#resource_policy #resource_policy} => String
3370
+ # * {Types::PutResourcePolicyResponse#delegated_admin_resource_policy #delegated_admin_resource_policy} => String
3055
3371
  #
3056
3372
  # @example Request syntax with placeholder values
3057
3373
  #
@@ -3064,6 +3380,7 @@ module Aws::CloudTrail
3064
3380
  #
3065
3381
  # resp.resource_arn #=> String
3066
3382
  # resp.resource_policy #=> String
3383
+ # resp.delegated_admin_resource_policy #=> String
3067
3384
  #
3068
3385
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutResourcePolicy AWS API Documentation
3069
3386
  #
@@ -3102,11 +3419,12 @@ module Aws::CloudTrail
3102
3419
  req.send_request(options)
3103
3420
  end
3104
3421
 
3105
- # Removes the specified tags from a trail, event data store, or channel.
3422
+ # Removes the specified tags from a trail, event data store, dashboard,
3423
+ # or channel.
3106
3424
  #
3107
3425
  # @option params [required, String] :resource_id
3108
- # Specifies the ARN of the trail, event data store, or channel from
3109
- # which tags should be removed.
3426
+ # Specifies the ARN of the trail, event data store, dashboard, or
3427
+ # channel from which tags should be removed.
3110
3428
  #
3111
3429
  # Example trail ARN format:
3112
3430
  # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
@@ -3114,6 +3432,9 @@ module Aws::CloudTrail
3114
3432
  # Example event data store ARN format:
3115
3433
  # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
3116
3434
  #
3435
+ # Example dashboard ARN format:
3436
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
3437
+ #
3117
3438
  # Example channel ARN format:
3118
3439
  # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
3119
3440
  #
@@ -3213,6 +3534,59 @@ module Aws::CloudTrail
3213
3534
  req.send_request(options)
3214
3535
  end
3215
3536
 
3537
+ # Starts a refresh of the specified dashboard.
3538
+ #
3539
+ # Each time a dashboard is refreshed, CloudTrail runs queries to
3540
+ # populate the dashboard's widgets. CloudTrail must be granted
3541
+ # permissions to run the `StartQuery` operation on your behalf. To
3542
+ # provide permissions, run the `PutResourcePolicy` operation to attach a
3543
+ # resource-based policy to each event data store. For more information,
3544
+ # see [Example: Allow CloudTrail to run queries to populate a
3545
+ # dashboard][1] in the *CloudTrail User Guide*.
3546
+ #
3547
+ #
3548
+ #
3549
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html#security_iam_resource-based-policy-examples-eds-dashboard
3550
+ #
3551
+ # @option params [required, String] :dashboard_id
3552
+ # The name or ARN of the dashboard.
3553
+ #
3554
+ # @option params [Hash<String,String>] :query_parameter_values
3555
+ # The query parameter values for the dashboard
3556
+ #
3557
+ # For custom dashboards, the following query parameters are valid:
3558
+ # `$StartTime$`, `$EndTime$`, and `$Period$`.
3559
+ #
3560
+ # For managed dashboards, the following query parameters are valid:
3561
+ # `$StartTime$`, `$EndTime$`, `$Period$`, and `$EventDataStoreId$`. The
3562
+ # `$EventDataStoreId$` query parameter is required.
3563
+ #
3564
+ # @return [Types::StartDashboardRefreshResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3565
+ #
3566
+ # * {Types::StartDashboardRefreshResponse#refresh_id #refresh_id} => String
3567
+ #
3568
+ # @example Request syntax with placeholder values
3569
+ #
3570
+ # resp = client.start_dashboard_refresh({
3571
+ # dashboard_id: "DashboardArn", # required
3572
+ # query_parameter_values: {
3573
+ # "QueryParameterKey" => "QueryParameterValue",
3574
+ # },
3575
+ # })
3576
+ #
3577
+ # @example Response structure
3578
+ #
3579
+ # resp.refresh_id #=> String
3580
+ #
3581
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartDashboardRefresh AWS API Documentation
3582
+ #
3583
+ # @overload start_dashboard_refresh(params = {})
3584
+ # @param [Hash] params ({})
3585
+ def start_dashboard_refresh(params = {}, options = {})
3586
+ req = build_request(:start_dashboard_refresh, params)
3587
+ req.send_request(options)
3588
+ end
3589
+
3216
3590
  # Starts the ingestion of live events on an event data store specified
3217
3591
  # as either an ARN or the ID portion of the ARN. To start ingestion, the
3218
3592
  # event data store `Status` must be `STOPPED_INGESTION` and the
@@ -3400,9 +3774,13 @@ module Aws::CloudTrail
3400
3774
  # @option params [Array<String>] :query_parameters
3401
3775
  # The query parameters for the specified `QueryAlias`.
3402
3776
  #
3777
+ # @option params [String] :event_data_store_owner_account_id
3778
+ # The account ID of the event data store owner.
3779
+ #
3403
3780
  # @return [Types::StartQueryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3404
3781
  #
3405
3782
  # * {Types::StartQueryResponse#query_id #query_id} => String
3783
+ # * {Types::StartQueryResponse#event_data_store_owner_account_id #event_data_store_owner_account_id} => String
3406
3784
  #
3407
3785
  # @example Request syntax with placeholder values
3408
3786
  #
@@ -3411,11 +3789,13 @@ module Aws::CloudTrail
3411
3789
  # delivery_s3_uri: "DeliveryS3Uri",
3412
3790
  # query_alias: "QueryAlias",
3413
3791
  # query_parameters: ["QueryParameter"],
3792
+ # event_data_store_owner_account_id: "AccountId",
3414
3793
  # })
3415
3794
  #
3416
3795
  # @example Response structure
3417
3796
  #
3418
3797
  # resp.query_id #=> String
3798
+ # resp.event_data_store_owner_account_id #=> String
3419
3799
  #
3420
3800
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartQuery AWS API Documentation
3421
3801
  #
@@ -3588,6 +3968,114 @@ module Aws::CloudTrail
3588
3968
  req.send_request(options)
3589
3969
  end
3590
3970
 
3971
+ # Updates the specified dashboard.
3972
+ #
3973
+ # To set a refresh schedule, CloudTrail must be granted permissions to
3974
+ # run the `StartDashboardRefresh` operation to refresh the dashboard on
3975
+ # your behalf. To provide permissions, run the `PutResourcePolicy`
3976
+ # operation to attach a resource-based policy to the dashboard. For more
3977
+ # information, see [ Resource-based policy example for a dashboard][1]
3978
+ # in the *CloudTrail User Guide*.
3979
+ #
3980
+ # CloudTrail runs queries to populate the dashboard's widgets during a
3981
+ # manual or scheduled refresh. CloudTrail must be granted permissions to
3982
+ # run the `StartQuery` operation on your behalf. To provide permissions,
3983
+ # run the `PutResourcePolicy` operation to attach a resource-based
3984
+ # policy to each event data store. For more information, see [Example:
3985
+ # Allow CloudTrail to run queries to populate a dashboard][2] in the
3986
+ # *CloudTrail User Guide*.
3987
+ #
3988
+ #
3989
+ #
3990
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html#security_iam_resource-based-policy-examples-dashboards
3991
+ # [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html#security_iam_resource-based-policy-examples-eds-dashboard
3992
+ #
3993
+ # @option params [required, String] :dashboard_id
3994
+ # The name or ARN of the dashboard.
3995
+ #
3996
+ # @option params [Array<Types::RequestWidget>] :widgets
3997
+ # An array of widgets for the dashboard. A custom dashboard can have a
3998
+ # maximum of 10 widgets.
3999
+ #
4000
+ # To add new widgets, pass in an array that includes the existing
4001
+ # widgets along with any new widgets. Run the `GetDashboard` operation
4002
+ # to get the list of widgets for the dashboard.
4003
+ #
4004
+ # To remove widgets, pass in an array that includes the existing widgets
4005
+ # minus the widgets you want removed.
4006
+ #
4007
+ # @option params [Types::RefreshSchedule] :refresh_schedule
4008
+ # The refresh schedule configuration for the dashboard.
4009
+ #
4010
+ # @option params [Boolean] :termination_protection_enabled
4011
+ # Specifies whether termination protection is enabled for the dashboard.
4012
+ # If termination protection is enabled, you cannot delete the dashboard
4013
+ # until termination protection is disabled.
4014
+ #
4015
+ # @return [Types::UpdateDashboardResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4016
+ #
4017
+ # * {Types::UpdateDashboardResponse#dashboard_arn #dashboard_arn} => String
4018
+ # * {Types::UpdateDashboardResponse#name #name} => String
4019
+ # * {Types::UpdateDashboardResponse#type #type} => String
4020
+ # * {Types::UpdateDashboardResponse#widgets #widgets} => Array&lt;Types::Widget&gt;
4021
+ # * {Types::UpdateDashboardResponse#refresh_schedule #refresh_schedule} => Types::RefreshSchedule
4022
+ # * {Types::UpdateDashboardResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
4023
+ # * {Types::UpdateDashboardResponse#created_timestamp #created_timestamp} => Time
4024
+ # * {Types::UpdateDashboardResponse#updated_timestamp #updated_timestamp} => Time
4025
+ #
4026
+ # @example Request syntax with placeholder values
4027
+ #
4028
+ # resp = client.update_dashboard({
4029
+ # dashboard_id: "DashboardArn", # required
4030
+ # widgets: [
4031
+ # {
4032
+ # query_statement: "QueryStatement", # required
4033
+ # query_parameters: ["QueryParameter"],
4034
+ # view_properties: { # required
4035
+ # "ViewPropertiesKey" => "ViewPropertiesValue",
4036
+ # },
4037
+ # },
4038
+ # ],
4039
+ # refresh_schedule: {
4040
+ # frequency: {
4041
+ # unit: "HOURS", # accepts HOURS, DAYS
4042
+ # value: 1,
4043
+ # },
4044
+ # status: "ENABLED", # accepts ENABLED, DISABLED
4045
+ # time_of_day: "TimeOfDay",
4046
+ # },
4047
+ # termination_protection_enabled: false,
4048
+ # })
4049
+ #
4050
+ # @example Response structure
4051
+ #
4052
+ # resp.dashboard_arn #=> String
4053
+ # resp.name #=> String
4054
+ # resp.type #=> String, one of "MANAGED", "CUSTOM"
4055
+ # resp.widgets #=> Array
4056
+ # resp.widgets[0].query_alias #=> String
4057
+ # resp.widgets[0].query_statement #=> String
4058
+ # resp.widgets[0].query_parameters #=> Array
4059
+ # resp.widgets[0].query_parameters[0] #=> String
4060
+ # resp.widgets[0].view_properties #=> Hash
4061
+ # resp.widgets[0].view_properties["ViewPropertiesKey"] #=> String
4062
+ # resp.refresh_schedule.frequency.unit #=> String, one of "HOURS", "DAYS"
4063
+ # resp.refresh_schedule.frequency.value #=> Integer
4064
+ # resp.refresh_schedule.status #=> String, one of "ENABLED", "DISABLED"
4065
+ # resp.refresh_schedule.time_of_day #=> String
4066
+ # resp.termination_protection_enabled #=> Boolean
4067
+ # resp.created_timestamp #=> Time
4068
+ # resp.updated_timestamp #=> Time
4069
+ #
4070
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateDashboard AWS API Documentation
4071
+ #
4072
+ # @overload update_dashboard(params = {})
4073
+ # @param [Hash] params ({})
4074
+ def update_dashboard(params = {}, options = {})
4075
+ req = build_request(:update_dashboard, params)
4076
+ req.send_request(options)
4077
+ end
4078
+
3591
4079
  # Updates an event data store. The required `EventDataStore` value is an
3592
4080
  # ARN or the ID portion of the ARN. Other parameters are optional, but
3593
4081
  # at least one optional parameter must be specified, or CloudTrail
@@ -4025,7 +4513,7 @@ module Aws::CloudTrail
4025
4513
  tracer: tracer
4026
4514
  )
4027
4515
  context[:gem_name] = 'aws-sdk-cloudtrail'
4028
- context[:gem_version] = '1.94.0'
4516
+ context[:gem_version] = '1.96.0'
4029
4517
  Seahorse::Client::Request.new(handlers, context)
4030
4518
  end
4031
4519