aws-sdk-cloudtrail 1.94.0 → 1.96.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -454,19 +454,19 @@ module Aws::CloudTrail
454
454
 
455
455
  # @!group API Operations
456
456
 
457
- # Adds one or more tags to a trail, event data store, or channel, up to
458
- # a limit of 50. Overwrites an existing tag's value when a new value is
459
- # specified for an existing tag key. Tag key names must be unique; you
460
- # cannot have two keys with the same name but different values. If you
461
- # specify a key without a value, the tag will be created with the
462
- # specified key and a value of null. You can tag a trail or event data
463
- # store that applies to all Amazon Web Services Regions only from the
464
- # Region in which the trail or event data store was created (also known
465
- # as its home Region).
457
+ # Adds one or more tags to a trail, event data store, dashboard, or
458
+ # channel, up to a limit of 50. Overwrites an existing tag's value when
459
+ # a new value is specified for an existing tag key. Tag key names must
460
+ # be unique; you cannot have two keys with the same name but different
461
+ # values. If you specify a key without a value, the tag will be created
462
+ # with the specified key and a value of null. You can tag a trail or
463
+ # event data store that applies to all Amazon Web Services Regions only
464
+ # from the Region in which the trail or event data store was created
465
+ # (also known as its home Region).
466
466
  #
467
467
  # @option params [required, String] :resource_id
468
- # Specifies the ARN of the trail, event data store, or channel to which
469
- # one or more tags will be added.
468
+ # Specifies the ARN of the trail, event data store, dashboard, or
469
+ # channel to which one or more tags will be added.
470
470
  #
471
471
  # The format of a trail ARN is:
472
472
  # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
@@ -474,6 +474,9 @@ module Aws::CloudTrail
474
474
  # The format of an event data store ARN is:
475
475
  # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
476
476
  #
477
+ # The format of a dashboard ARN is:
478
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
479
+ #
477
480
  # The format of a channel ARN is:
478
481
  # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
479
482
  #
@@ -517,22 +520,28 @@ module Aws::CloudTrail
517
520
  # The ID of the query that you want to cancel. The `QueryId` comes from
518
521
  # the response of a `StartQuery` operation.
519
522
  #
523
+ # @option params [String] :event_data_store_owner_account_id
524
+ # The account ID of the event data store owner.
525
+ #
520
526
  # @return [Types::CancelQueryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
521
527
  #
522
528
  # * {Types::CancelQueryResponse#query_id #query_id} => String
523
529
  # * {Types::CancelQueryResponse#query_status #query_status} => String
530
+ # * {Types::CancelQueryResponse#event_data_store_owner_account_id #event_data_store_owner_account_id} => String
524
531
  #
525
532
  # @example Request syntax with placeholder values
526
533
  #
527
534
  # resp = client.cancel_query({
528
535
  # event_data_store: "EventDataStoreArn",
529
536
  # query_id: "UUID", # required
537
+ # event_data_store_owner_account_id: "AccountId",
530
538
  # })
531
539
  #
532
540
  # @example Response structure
533
541
  #
534
542
  # resp.query_id #=> String
535
543
  # resp.query_status #=> String, one of "QUEUED", "RUNNING", "FINISHED", "FAILED", "CANCELLED", "TIMED_OUT"
544
+ # resp.event_data_store_owner_account_id #=> String
536
545
  #
537
546
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CancelQuery AWS API Documentation
538
547
  #
@@ -619,6 +628,140 @@ module Aws::CloudTrail
619
628
  req.send_request(options)
620
629
  end
621
630
 
631
+ # Creates a custom dashboard or the Highlights dashboard.
632
+ #
633
+ # * **Custom dashboards** - Custom dashboards allow you to query events
634
+ # in any event data store type. You can add up to 10 widgets to a
635
+ # custom dashboard. You can manually refresh a custom dashboard, or
636
+ # you can set a refresh schedule.
637
+ #
638
+ # * **Highlights dashboard** - You can create the Highlights dashboard
639
+ # to see a summary of key user activities and API usage across all
640
+ # your event data stores. CloudTrail Lake manages the Highlights
641
+ # dashboard and refreshes the dashboard every 6 hours. To create the
642
+ # Highlights dashboard, you must set and enable a refresh schedule.
643
+ #
644
+ # CloudTrail runs queries to populate the dashboard's widgets during a
645
+ # manual or scheduled refresh. CloudTrail must be granted permissions to
646
+ # run the `StartQuery` operation on your behalf. To provide permissions,
647
+ # run the `PutResourcePolicy` operation to attach a resource-based
648
+ # policy to each event data store. For more information, see [Example:
649
+ # Allow CloudTrail to run queries to populate a dashboard][1] in the
650
+ # *CloudTrail User Guide*.
651
+ #
652
+ # To set a refresh schedule, CloudTrail must be granted permissions to
653
+ # run the `StartDashboardRefresh` operation to refresh the dashboard on
654
+ # your behalf. To provide permissions, run the `PutResourcePolicy`
655
+ # operation to attach a resource-based policy to the dashboard. For more
656
+ # information, see [ Resource-based policy example for a dashboard][2]
657
+ # in the *CloudTrail User Guide*.
658
+ #
659
+ # For more information about dashboards, see [CloudTrail Lake
660
+ # dashboards][3] in the *CloudTrail User Guide*.
661
+ #
662
+ #
663
+ #
664
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html#security_iam_resource-based-policy-examples-eds-dashboard
665
+ # [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html#security_iam_resource-based-policy-examples-dashboards
666
+ # [3]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-dashboard.html
667
+ #
668
+ # @option params [required, String] :name
669
+ # The name of the dashboard. The name must be unique to your account.
670
+ #
671
+ # To create the Highlights dashboard, the name must be
672
+ # `AWSCloudTrail-Highlights`.
673
+ #
674
+ # @option params [Types::RefreshSchedule] :refresh_schedule
675
+ # The refresh schedule configuration for the dashboard.
676
+ #
677
+ # To create the Highlights dashboard, you must set a refresh schedule
678
+ # and set the `Status` to `ENABLED`. The `Unit` for the refresh schedule
679
+ # must be `HOURS` and the `Value` must be `6`.
680
+ #
681
+ # @option params [Array<Types::Tag>] :tags_list
682
+ # A list of tags.
683
+ #
684
+ # @option params [Boolean] :termination_protection_enabled
685
+ # Specifies whether termination protection is enabled for the dashboard.
686
+ # If termination protection is enabled, you cannot delete the dashboard
687
+ # until termination protection is disabled.
688
+ #
689
+ # @option params [Array<Types::RequestWidget>] :widgets
690
+ # An array of widgets for a custom dashboard. A custom dashboard can
691
+ # have a maximum of ten widgets.
692
+ #
693
+ # You do not need to specify widgets for the Highlights dashboard.
694
+ #
695
+ # @return [Types::CreateDashboardResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
696
+ #
697
+ # * {Types::CreateDashboardResponse#dashboard_arn #dashboard_arn} => String
698
+ # * {Types::CreateDashboardResponse#name #name} => String
699
+ # * {Types::CreateDashboardResponse#type #type} => String
700
+ # * {Types::CreateDashboardResponse#widgets #widgets} => Array&lt;Types::Widget&gt;
701
+ # * {Types::CreateDashboardResponse#tags_list #tags_list} => Array&lt;Types::Tag&gt;
702
+ # * {Types::CreateDashboardResponse#refresh_schedule #refresh_schedule} => Types::RefreshSchedule
703
+ # * {Types::CreateDashboardResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
704
+ #
705
+ # @example Request syntax with placeholder values
706
+ #
707
+ # resp = client.create_dashboard({
708
+ # name: "DashboardName", # required
709
+ # refresh_schedule: {
710
+ # frequency: {
711
+ # unit: "HOURS", # accepts HOURS, DAYS
712
+ # value: 1,
713
+ # },
714
+ # status: "ENABLED", # accepts ENABLED, DISABLED
715
+ # time_of_day: "TimeOfDay",
716
+ # },
717
+ # tags_list: [
718
+ # {
719
+ # key: "TagKey", # required
720
+ # value: "TagValue",
721
+ # },
722
+ # ],
723
+ # termination_protection_enabled: false,
724
+ # widgets: [
725
+ # {
726
+ # query_statement: "QueryStatement", # required
727
+ # query_parameters: ["QueryParameter"],
728
+ # view_properties: { # required
729
+ # "ViewPropertiesKey" => "ViewPropertiesValue",
730
+ # },
731
+ # },
732
+ # ],
733
+ # })
734
+ #
735
+ # @example Response structure
736
+ #
737
+ # resp.dashboard_arn #=> String
738
+ # resp.name #=> String
739
+ # resp.type #=> String, one of "MANAGED", "CUSTOM"
740
+ # resp.widgets #=> Array
741
+ # resp.widgets[0].query_alias #=> String
742
+ # resp.widgets[0].query_statement #=> String
743
+ # resp.widgets[0].query_parameters #=> Array
744
+ # resp.widgets[0].query_parameters[0] #=> String
745
+ # resp.widgets[0].view_properties #=> Hash
746
+ # resp.widgets[0].view_properties["ViewPropertiesKey"] #=> String
747
+ # resp.tags_list #=> Array
748
+ # resp.tags_list[0].key #=> String
749
+ # resp.tags_list[0].value #=> String
750
+ # resp.refresh_schedule.frequency.unit #=> String, one of "HOURS", "DAYS"
751
+ # resp.refresh_schedule.frequency.value #=> Integer
752
+ # resp.refresh_schedule.status #=> String, one of "ENABLED", "DISABLED"
753
+ # resp.refresh_schedule.time_of_day #=> String
754
+ # resp.termination_protection_enabled #=> Boolean
755
+ #
756
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateDashboard AWS API Documentation
757
+ #
758
+ # @overload create_dashboard(params = {})
759
+ # @param [Hash] params ({})
760
+ def create_dashboard(params = {}, options = {})
761
+ req = build_request(:create_dashboard, params)
762
+ req.send_request(options)
763
+ end
764
+
622
765
  # Creates a new event data store.
623
766
  #
624
767
  # @option params [required, String] :name
@@ -1044,6 +1187,29 @@ module Aws::CloudTrail
1044
1187
  req.send_request(options)
1045
1188
  end
1046
1189
 
1190
+ # Deletes the specified dashboard. You cannot delete a dashboard that
1191
+ # has termination protection enabled.
1192
+ #
1193
+ # @option params [required, String] :dashboard_id
1194
+ # The name or ARN for the dashboard.
1195
+ #
1196
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1197
+ #
1198
+ # @example Request syntax with placeholder values
1199
+ #
1200
+ # resp = client.delete_dashboard({
1201
+ # dashboard_id: "DashboardArn", # required
1202
+ # })
1203
+ #
1204
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteDashboard AWS API Documentation
1205
+ #
1206
+ # @overload delete_dashboard(params = {})
1207
+ # @param [Hash] params ({})
1208
+ def delete_dashboard(params = {}, options = {})
1209
+ req = build_request(:delete_dashboard, params)
1210
+ req.send_request(options)
1211
+ end
1212
+
1047
1213
  # Disables the event data store specified by `EventDataStore`, which
1048
1214
  # accepts an event data store ARN. After you run `DeleteEventDataStore`,
1049
1215
  # the event data store enters a `PENDING_DELETION` state, and is
@@ -1080,13 +1246,21 @@ module Aws::CloudTrail
1080
1246
  req.send_request(options)
1081
1247
  end
1082
1248
 
1083
- # Deletes the resource-based policy attached to the CloudTrail channel.
1249
+ # Deletes the resource-based policy attached to the CloudTrail event
1250
+ # data store, dashboard, or channel.
1084
1251
  #
1085
1252
  # @option params [required, String] :resource_arn
1086
- # The Amazon Resource Name (ARN) of the CloudTrail channel you're
1087
- # deleting the resource-based policy from. The following is the format
1088
- # of a resource ARN:
1089
- # `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel`.
1253
+ # The Amazon Resource Name (ARN) of the CloudTrail event data store,
1254
+ # dashboard, or channel you're deleting the resource-based policy from.
1255
+ #
1256
+ # Example event data store ARN format:
1257
+ # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
1258
+ #
1259
+ # Example dashboard ARN format:
1260
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
1261
+ #
1262
+ # Example channel ARN format:
1263
+ # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
1090
1264
  #
1091
1265
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1092
1266
  #
@@ -1162,9 +1336,11 @@ module Aws::CloudTrail
1162
1336
  # If the query results were delivered to an S3 bucket, the response also
1163
1337
  # provides the S3 URI and the delivery status.
1164
1338
  #
1165
- # You must specify either a `QueryID` or a `QueryAlias`. Specifying the
1339
+ # You must specify either `QueryId` or `QueryAlias`. Specifying the
1166
1340
  # `QueryAlias` parameter returns information about the last query run
1167
- # for the alias.
1341
+ # for the alias. You can provide `RefreshId` along with `QueryAlias` to
1342
+ # view the query results of a dashboard query for the specified
1343
+ # `RefreshId`.
1168
1344
  #
1169
1345
  # @option params [String] :event_data_store
1170
1346
  # The ARN (or the ID suffix of the ARN) of an event data store on which
@@ -1176,6 +1352,12 @@ module Aws::CloudTrail
1176
1352
  # @option params [String] :query_alias
1177
1353
  # The alias that identifies a query template.
1178
1354
  #
1355
+ # @option params [String] :refresh_id
1356
+ # The ID of the dashboard refresh.
1357
+ #
1358
+ # @option params [String] :event_data_store_owner_account_id
1359
+ # The account ID of the event data store owner.
1360
+ #
1179
1361
  # @return [Types::DescribeQueryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1180
1362
  #
1181
1363
  # * {Types::DescribeQueryResponse#query_id #query_id} => String
@@ -1186,6 +1368,7 @@ module Aws::CloudTrail
1186
1368
  # * {Types::DescribeQueryResponse#delivery_s3_uri #delivery_s3_uri} => String
1187
1369
  # * {Types::DescribeQueryResponse#delivery_status #delivery_status} => String
1188
1370
  # * {Types::DescribeQueryResponse#prompt #prompt} => String
1371
+ # * {Types::DescribeQueryResponse#event_data_store_owner_account_id #event_data_store_owner_account_id} => String
1189
1372
  #
1190
1373
  # @example Request syntax with placeholder values
1191
1374
  #
@@ -1193,6 +1376,8 @@ module Aws::CloudTrail
1193
1376
  # event_data_store: "EventDataStoreArn",
1194
1377
  # query_id: "UUID",
1195
1378
  # query_alias: "QueryAlias",
1379
+ # refresh_id: "RefreshId",
1380
+ # event_data_store_owner_account_id: "AccountId",
1196
1381
  # })
1197
1382
  #
1198
1383
  # @example Response structure
@@ -1209,6 +1394,7 @@ module Aws::CloudTrail
1209
1394
  # resp.delivery_s3_uri #=> String
1210
1395
  # resp.delivery_status #=> String, one of "SUCCESS", "FAILED", "FAILED_SIGNING_FILE", "PENDING", "RESOURCE_NOT_FOUND", "ACCESS_DENIED", "ACCESS_DENIED_SIGNING_FILE", "CANCELLED", "UNKNOWN"
1211
1396
  # resp.prompt #=> String
1397
+ # resp.event_data_store_owner_account_id #=> String
1212
1398
  #
1213
1399
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeQuery AWS API Documentation
1214
1400
  #
@@ -1440,6 +1626,7 @@ module Aws::CloudTrail
1440
1626
  #
1441
1627
  # * {Types::GenerateQueryResponse#query_statement #query_statement} => String
1442
1628
  # * {Types::GenerateQueryResponse#query_alias #query_alias} => String
1629
+ # * {Types::GenerateQueryResponse#event_data_store_owner_account_id #event_data_store_owner_account_id} => String
1443
1630
  #
1444
1631
  # @example Request syntax with placeholder values
1445
1632
  #
@@ -1452,6 +1639,7 @@ module Aws::CloudTrail
1452
1639
  #
1453
1640
  # resp.query_statement #=> String
1454
1641
  # resp.query_alias #=> String
1642
+ # resp.event_data_store_owner_account_id #=> String
1455
1643
  #
1456
1644
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GenerateQuery AWS API Documentation
1457
1645
  #
@@ -1522,6 +1710,61 @@ module Aws::CloudTrail
1522
1710
  req.send_request(options)
1523
1711
  end
1524
1712
 
1713
+ # Returns the specified dashboard.
1714
+ #
1715
+ # @option params [required, String] :dashboard_id
1716
+ # The name or ARN for the dashboard.
1717
+ #
1718
+ # @return [Types::GetDashboardResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1719
+ #
1720
+ # * {Types::GetDashboardResponse#dashboard_arn #dashboard_arn} => String
1721
+ # * {Types::GetDashboardResponse#type #type} => String
1722
+ # * {Types::GetDashboardResponse#status #status} => String
1723
+ # * {Types::GetDashboardResponse#widgets #widgets} => Array&lt;Types::Widget&gt;
1724
+ # * {Types::GetDashboardResponse#refresh_schedule #refresh_schedule} => Types::RefreshSchedule
1725
+ # * {Types::GetDashboardResponse#created_timestamp #created_timestamp} => Time
1726
+ # * {Types::GetDashboardResponse#updated_timestamp #updated_timestamp} => Time
1727
+ # * {Types::GetDashboardResponse#last_refresh_id #last_refresh_id} => String
1728
+ # * {Types::GetDashboardResponse#last_refresh_failure_reason #last_refresh_failure_reason} => String
1729
+ # * {Types::GetDashboardResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
1730
+ #
1731
+ # @example Request syntax with placeholder values
1732
+ #
1733
+ # resp = client.get_dashboard({
1734
+ # dashboard_id: "DashboardArn", # required
1735
+ # })
1736
+ #
1737
+ # @example Response structure
1738
+ #
1739
+ # resp.dashboard_arn #=> String
1740
+ # resp.type #=> String, one of "MANAGED", "CUSTOM"
1741
+ # resp.status #=> String, one of "CREATING", "CREATED", "UPDATING", "UPDATED", "DELETING"
1742
+ # resp.widgets #=> Array
1743
+ # resp.widgets[0].query_alias #=> String
1744
+ # resp.widgets[0].query_statement #=> String
1745
+ # resp.widgets[0].query_parameters #=> Array
1746
+ # resp.widgets[0].query_parameters[0] #=> String
1747
+ # resp.widgets[0].view_properties #=> Hash
1748
+ # resp.widgets[0].view_properties["ViewPropertiesKey"] #=> String
1749
+ # resp.refresh_schedule.frequency.unit #=> String, one of "HOURS", "DAYS"
1750
+ # resp.refresh_schedule.frequency.value #=> Integer
1751
+ # resp.refresh_schedule.status #=> String, one of "ENABLED", "DISABLED"
1752
+ # resp.refresh_schedule.time_of_day #=> String
1753
+ # resp.created_timestamp #=> Time
1754
+ # resp.updated_timestamp #=> Time
1755
+ # resp.last_refresh_id #=> String
1756
+ # resp.last_refresh_failure_reason #=> String
1757
+ # resp.termination_protection_enabled #=> Boolean
1758
+ #
1759
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetDashboard AWS API Documentation
1760
+ #
1761
+ # @overload get_dashboard(params = {})
1762
+ # @param [Hash] params ({})
1763
+ def get_dashboard(params = {}, options = {})
1764
+ req = build_request(:get_dashboard, params)
1765
+ req.send_request(options)
1766
+ end
1767
+
1525
1768
  # Returns information about an event data store specified as either an
1526
1769
  # ARN or the ID portion of the ARN.
1527
1770
  #
@@ -1845,6 +2088,9 @@ module Aws::CloudTrail
1845
2088
  # @option params [Integer] :max_query_results
1846
2089
  # The maximum number of query results to display on a single page.
1847
2090
  #
2091
+ # @option params [String] :event_data_store_owner_account_id
2092
+ # The account ID of the event data store owner.
2093
+ #
1848
2094
  # @return [Types::GetQueryResultsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1849
2095
  #
1850
2096
  # * {Types::GetQueryResultsResponse#query_status #query_status} => String
@@ -1862,6 +2108,7 @@ module Aws::CloudTrail
1862
2108
  # query_id: "UUID", # required
1863
2109
  # next_token: "PaginationToken",
1864
2110
  # max_query_results: 1,
2111
+ # event_data_store_owner_account_id: "AccountId",
1865
2112
  # })
1866
2113
  #
1867
2114
  # @example Response structure
@@ -1887,17 +2134,26 @@ module Aws::CloudTrail
1887
2134
  end
1888
2135
 
1889
2136
  # Retrieves the JSON text of the resource-based policy document attached
1890
- # to the CloudTrail channel.
2137
+ # to the CloudTrail event data store, dashboard, or channel.
1891
2138
  #
1892
2139
  # @option params [required, String] :resource_arn
1893
- # The Amazon Resource Name (ARN) of the CloudTrail channel attached to
1894
- # the resource-based policy. The following is the format of a resource
1895
- # ARN: `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel`.
2140
+ # The Amazon Resource Name (ARN) of the CloudTrail event data store,
2141
+ # dashboard, or channel attached to the resource-based policy.
2142
+ #
2143
+ # Example event data store ARN format:
2144
+ # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
2145
+ #
2146
+ # Example dashboard ARN format:
2147
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
2148
+ #
2149
+ # Example channel ARN format:
2150
+ # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
1896
2151
  #
1897
2152
  # @return [Types::GetResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1898
2153
  #
1899
2154
  # * {Types::GetResourcePolicyResponse#resource_arn #resource_arn} => String
1900
2155
  # * {Types::GetResourcePolicyResponse#resource_policy #resource_policy} => String
2156
+ # * {Types::GetResourcePolicyResponse#delegated_admin_resource_policy #delegated_admin_resource_policy} => String
1901
2157
  #
1902
2158
  # @example Request syntax with placeholder values
1903
2159
  #
@@ -1909,6 +2165,7 @@ module Aws::CloudTrail
1909
2165
  #
1910
2166
  # resp.resource_arn #=> String
1911
2167
  # resp.resource_policy #=> String
2168
+ # resp.delegated_admin_resource_policy #=> String
1912
2169
  #
1913
2170
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetResourcePolicy AWS API Documentation
1914
2171
  #
@@ -1974,10 +2231,16 @@ module Aws::CloudTrail
1974
2231
  # Specifies the name or the CloudTrail ARN of the trail for which you
1975
2232
  # are requesting status. To get the status of a shadow trail (a
1976
2233
  # replication of the trail in another Region), you must specify its ARN.
1977
- # The following is the format of a trail ARN.
1978
2234
  #
2235
+ # The following is the format of a trail ARN:
1979
2236
  # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
1980
2237
  #
2238
+ # <note markdown="1"> If the trail is an organization trail and you are a member account in
2239
+ # the organization in Organizations, you must provide the full ARN of
2240
+ # that trail, and not just the name.
2241
+ #
2242
+ # </note>
2243
+ #
1981
2244
  # @return [Types::GetTrailStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1982
2245
  #
1983
2246
  # * {Types::GetTrailStatusResponse#is_logging #is_logging} => Boolean
@@ -2075,6 +2338,51 @@ module Aws::CloudTrail
2075
2338
  req.send_request(options)
2076
2339
  end
2077
2340
 
2341
+ # Returns information about all dashboards in the account, in the
2342
+ # current Region.
2343
+ #
2344
+ # @option params [String] :name_prefix
2345
+ # Specify a name prefix to filter on.
2346
+ #
2347
+ # @option params [String] :type
2348
+ # Specify a dashboard type to filter on: `CUSTOM` or `MANAGED`.
2349
+ #
2350
+ # @option params [String] :next_token
2351
+ # A token you can use to get the next page of dashboard results.
2352
+ #
2353
+ # @option params [Integer] :max_results
2354
+ # The maximum number of dashboards to display on a single page.
2355
+ #
2356
+ # @return [Types::ListDashboardsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2357
+ #
2358
+ # * {Types::ListDashboardsResponse#dashboards #dashboards} => Array&lt;Types::DashboardDetail&gt;
2359
+ # * {Types::ListDashboardsResponse#next_token #next_token} => String
2360
+ #
2361
+ # @example Request syntax with placeholder values
2362
+ #
2363
+ # resp = client.list_dashboards({
2364
+ # name_prefix: "DashboardName",
2365
+ # type: "MANAGED", # accepts MANAGED, CUSTOM
2366
+ # next_token: "PaginationToken",
2367
+ # max_results: 1,
2368
+ # })
2369
+ #
2370
+ # @example Response structure
2371
+ #
2372
+ # resp.dashboards #=> Array
2373
+ # resp.dashboards[0].dashboard_arn #=> String
2374
+ # resp.dashboards[0].type #=> String, one of "MANAGED", "CUSTOM"
2375
+ # resp.next_token #=> String
2376
+ #
2377
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListDashboards AWS API Documentation
2378
+ #
2379
+ # @overload list_dashboards(params = {})
2380
+ # @param [Hash] params ({})
2381
+ def list_dashboards(params = {}, options = {})
2382
+ req = build_request(:list_dashboards, params)
2383
+ req.send_request(options)
2384
+ end
2385
+
2078
2386
  # Returns information about all event data stores in the account, in the
2079
2387
  # current Region.
2080
2388
  #
@@ -2299,11 +2607,11 @@ module Aws::CloudTrail
2299
2607
  # error. The default is 3600 seconds.
2300
2608
  #
2301
2609
  # @option params [String] :data_type
2302
- # Type of datapoints to return. Valid values are `NonZeroData` and
2610
+ # Type of data points to return. Valid values are `NonZeroData` and
2303
2611
  # `FillWithZeros`. The default is `NonZeroData`.
2304
2612
  #
2305
2613
  # @option params [Integer] :max_results
2306
- # The maximum number of datapoints to return. Valid values are integers
2614
+ # The maximum number of data points to return. Valid values are integers
2307
2615
  # from 1 to 21600. The default value is 21600.
2308
2616
  #
2309
2617
  # @option params [String] :next_token
@@ -2484,12 +2792,12 @@ module Aws::CloudTrail
2484
2792
  req.send_request(options)
2485
2793
  end
2486
2794
 
2487
- # Lists the tags for the specified trails, event data stores, or
2488
- # channels in the current Region.
2795
+ # Lists the tags for the specified trails, event data stores,
2796
+ # dashboards, or channels in the current Region.
2489
2797
  #
2490
2798
  # @option params [required, Array<String>] :resource_id_list
2491
- # Specifies a list of trail, event data store, or channel ARNs whose
2492
- # tags will be listed. The list has a limit of 20 ARNs.
2799
+ # Specifies a list of trail, event data store, dashboard, or channel
2800
+ # ARNs whose tags will be listed. The list has a limit of 20 ARNs.
2493
2801
  #
2494
2802
  # Example trail ARN format:
2495
2803
  # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
@@ -2497,6 +2805,9 @@ module Aws::CloudTrail
2497
2805
  # Example event data store ARN format:
2498
2806
  # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
2499
2807
  #
2808
+ # Example dashboard ARN format:
2809
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
2810
+ #
2500
2811
  # Example channel ARN format:
2501
2812
  # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
2502
2813
  #
@@ -3019,39 +3330,44 @@ module Aws::CloudTrail
3019
3330
  req.send_request(options)
3020
3331
  end
3021
3332
 
3022
- # Attaches a resource-based permission policy to a CloudTrail channel
3023
- # that is used for an integration with an event source outside of Amazon
3024
- # Web Services. For more information about resource-based policies, see
3025
- # [CloudTrail resource-based policy examples][1] in the *CloudTrail User
3026
- # Guide*.
3333
+ # Attaches a resource-based permission policy to a CloudTrail event data
3334
+ # store, dashboard, or channel. For more information about
3335
+ # resource-based policies, see [CloudTrail resource-based policy
3336
+ # examples][1] in the *CloudTrail User Guide*.
3027
3337
  #
3028
3338
  #
3029
3339
  #
3030
3340
  # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html
3031
3341
  #
3032
3342
  # @option params [required, String] :resource_arn
3033
- # The Amazon Resource Name (ARN) of the CloudTrail channel attached to
3034
- # the resource-based policy. The following is the format of a resource
3035
- # ARN: `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel`.
3343
+ # The Amazon Resource Name (ARN) of the CloudTrail event data store,
3344
+ # dashboard, or channel attached to the resource-based policy.
3345
+ #
3346
+ # Example event data store ARN format:
3347
+ # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
3348
+ #
3349
+ # Example dashboard ARN format:
3350
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
3351
+ #
3352
+ # Example channel ARN format:
3353
+ # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
3036
3354
  #
3037
3355
  # @option params [required, String] :resource_policy
3038
3356
  # A JSON-formatted string for an Amazon Web Services resource-based
3039
3357
  # policy.
3040
3358
  #
3041
- # The following are requirements for the resource policy:
3359
+ # For example resource-based policies, see [CloudTrail resource-based
3360
+ # policy examples][1] in the *CloudTrail User Guide*.
3042
3361
  #
3043
- # * Contains only one action: cloudtrail-data:PutAuditEvents
3044
3362
  #
3045
- # * Contains at least one statement. The policy can have a maximum of 20
3046
- # statements.
3047
3363
  #
3048
- # * Each statement contains at least one principal. A statement can have
3049
- # a maximum of 50 principals.
3364
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html
3050
3365
  #
3051
3366
  # @return [Types::PutResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3052
3367
  #
3053
3368
  # * {Types::PutResourcePolicyResponse#resource_arn #resource_arn} => String
3054
3369
  # * {Types::PutResourcePolicyResponse#resource_policy #resource_policy} => String
3370
+ # * {Types::PutResourcePolicyResponse#delegated_admin_resource_policy #delegated_admin_resource_policy} => String
3055
3371
  #
3056
3372
  # @example Request syntax with placeholder values
3057
3373
  #
@@ -3064,6 +3380,7 @@ module Aws::CloudTrail
3064
3380
  #
3065
3381
  # resp.resource_arn #=> String
3066
3382
  # resp.resource_policy #=> String
3383
+ # resp.delegated_admin_resource_policy #=> String
3067
3384
  #
3068
3385
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutResourcePolicy AWS API Documentation
3069
3386
  #
@@ -3102,11 +3419,12 @@ module Aws::CloudTrail
3102
3419
  req.send_request(options)
3103
3420
  end
3104
3421
 
3105
- # Removes the specified tags from a trail, event data store, or channel.
3422
+ # Removes the specified tags from a trail, event data store, dashboard,
3423
+ # or channel.
3106
3424
  #
3107
3425
  # @option params [required, String] :resource_id
3108
- # Specifies the ARN of the trail, event data store, or channel from
3109
- # which tags should be removed.
3426
+ # Specifies the ARN of the trail, event data store, dashboard, or
3427
+ # channel from which tags should be removed.
3110
3428
  #
3111
3429
  # Example trail ARN format:
3112
3430
  # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`
@@ -3114,6 +3432,9 @@ module Aws::CloudTrail
3114
3432
  # Example event data store ARN format:
3115
3433
  # `arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE`
3116
3434
  #
3435
+ # Example dashboard ARN format:
3436
+ # `arn:aws:cloudtrail:us-east-1:123456789012:dashboard/exampleDash`
3437
+ #
3117
3438
  # Example channel ARN format:
3118
3439
  # `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890`
3119
3440
  #
@@ -3213,6 +3534,59 @@ module Aws::CloudTrail
3213
3534
  req.send_request(options)
3214
3535
  end
3215
3536
 
3537
+ # Starts a refresh of the specified dashboard.
3538
+ #
3539
+ # Each time a dashboard is refreshed, CloudTrail runs queries to
3540
+ # populate the dashboard's widgets. CloudTrail must be granted
3541
+ # permissions to run the `StartQuery` operation on your behalf. To
3542
+ # provide permissions, run the `PutResourcePolicy` operation to attach a
3543
+ # resource-based policy to each event data store. For more information,
3544
+ # see [Example: Allow CloudTrail to run queries to populate a
3545
+ # dashboard][1] in the *CloudTrail User Guide*.
3546
+ #
3547
+ #
3548
+ #
3549
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html#security_iam_resource-based-policy-examples-eds-dashboard
3550
+ #
3551
+ # @option params [required, String] :dashboard_id
3552
+ # The name or ARN of the dashboard.
3553
+ #
3554
+ # @option params [Hash<String,String>] :query_parameter_values
3555
+ # The query parameter values for the dashboard
3556
+ #
3557
+ # For custom dashboards, the following query parameters are valid:
3558
+ # `$StartTime$`, `$EndTime$`, and `$Period$`.
3559
+ #
3560
+ # For managed dashboards, the following query parameters are valid:
3561
+ # `$StartTime$`, `$EndTime$`, `$Period$`, and `$EventDataStoreId$`. The
3562
+ # `$EventDataStoreId$` query parameter is required.
3563
+ #
3564
+ # @return [Types::StartDashboardRefreshResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3565
+ #
3566
+ # * {Types::StartDashboardRefreshResponse#refresh_id #refresh_id} => String
3567
+ #
3568
+ # @example Request syntax with placeholder values
3569
+ #
3570
+ # resp = client.start_dashboard_refresh({
3571
+ # dashboard_id: "DashboardArn", # required
3572
+ # query_parameter_values: {
3573
+ # "QueryParameterKey" => "QueryParameterValue",
3574
+ # },
3575
+ # })
3576
+ #
3577
+ # @example Response structure
3578
+ #
3579
+ # resp.refresh_id #=> String
3580
+ #
3581
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartDashboardRefresh AWS API Documentation
3582
+ #
3583
+ # @overload start_dashboard_refresh(params = {})
3584
+ # @param [Hash] params ({})
3585
+ def start_dashboard_refresh(params = {}, options = {})
3586
+ req = build_request(:start_dashboard_refresh, params)
3587
+ req.send_request(options)
3588
+ end
3589
+
3216
3590
  # Starts the ingestion of live events on an event data store specified
3217
3591
  # as either an ARN or the ID portion of the ARN. To start ingestion, the
3218
3592
  # event data store `Status` must be `STOPPED_INGESTION` and the
@@ -3400,9 +3774,13 @@ module Aws::CloudTrail
3400
3774
  # @option params [Array<String>] :query_parameters
3401
3775
  # The query parameters for the specified `QueryAlias`.
3402
3776
  #
3777
+ # @option params [String] :event_data_store_owner_account_id
3778
+ # The account ID of the event data store owner.
3779
+ #
3403
3780
  # @return [Types::StartQueryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3404
3781
  #
3405
3782
  # * {Types::StartQueryResponse#query_id #query_id} => String
3783
+ # * {Types::StartQueryResponse#event_data_store_owner_account_id #event_data_store_owner_account_id} => String
3406
3784
  #
3407
3785
  # @example Request syntax with placeholder values
3408
3786
  #
@@ -3411,11 +3789,13 @@ module Aws::CloudTrail
3411
3789
  # delivery_s3_uri: "DeliveryS3Uri",
3412
3790
  # query_alias: "QueryAlias",
3413
3791
  # query_parameters: ["QueryParameter"],
3792
+ # event_data_store_owner_account_id: "AccountId",
3414
3793
  # })
3415
3794
  #
3416
3795
  # @example Response structure
3417
3796
  #
3418
3797
  # resp.query_id #=> String
3798
+ # resp.event_data_store_owner_account_id #=> String
3419
3799
  #
3420
3800
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartQuery AWS API Documentation
3421
3801
  #
@@ -3588,6 +3968,114 @@ module Aws::CloudTrail
3588
3968
  req.send_request(options)
3589
3969
  end
3590
3970
 
3971
+ # Updates the specified dashboard.
3972
+ #
3973
+ # To set a refresh schedule, CloudTrail must be granted permissions to
3974
+ # run the `StartDashboardRefresh` operation to refresh the dashboard on
3975
+ # your behalf. To provide permissions, run the `PutResourcePolicy`
3976
+ # operation to attach a resource-based policy to the dashboard. For more
3977
+ # information, see [ Resource-based policy example for a dashboard][1]
3978
+ # in the *CloudTrail User Guide*.
3979
+ #
3980
+ # CloudTrail runs queries to populate the dashboard's widgets during a
3981
+ # manual or scheduled refresh. CloudTrail must be granted permissions to
3982
+ # run the `StartQuery` operation on your behalf. To provide permissions,
3983
+ # run the `PutResourcePolicy` operation to attach a resource-based
3984
+ # policy to each event data store. For more information, see [Example:
3985
+ # Allow CloudTrail to run queries to populate a dashboard][2] in the
3986
+ # *CloudTrail User Guide*.
3987
+ #
3988
+ #
3989
+ #
3990
+ # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html#security_iam_resource-based-policy-examples-dashboards
3991
+ # [2]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/security_iam_resource-based-policy-examples.html#security_iam_resource-based-policy-examples-eds-dashboard
3992
+ #
3993
+ # @option params [required, String] :dashboard_id
3994
+ # The name or ARN of the dashboard.
3995
+ #
3996
+ # @option params [Array<Types::RequestWidget>] :widgets
3997
+ # An array of widgets for the dashboard. A custom dashboard can have a
3998
+ # maximum of 10 widgets.
3999
+ #
4000
+ # To add new widgets, pass in an array that includes the existing
4001
+ # widgets along with any new widgets. Run the `GetDashboard` operation
4002
+ # to get the list of widgets for the dashboard.
4003
+ #
4004
+ # To remove widgets, pass in an array that includes the existing widgets
4005
+ # minus the widgets you want removed.
4006
+ #
4007
+ # @option params [Types::RefreshSchedule] :refresh_schedule
4008
+ # The refresh schedule configuration for the dashboard.
4009
+ #
4010
+ # @option params [Boolean] :termination_protection_enabled
4011
+ # Specifies whether termination protection is enabled for the dashboard.
4012
+ # If termination protection is enabled, you cannot delete the dashboard
4013
+ # until termination protection is disabled.
4014
+ #
4015
+ # @return [Types::UpdateDashboardResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4016
+ #
4017
+ # * {Types::UpdateDashboardResponse#dashboard_arn #dashboard_arn} => String
4018
+ # * {Types::UpdateDashboardResponse#name #name} => String
4019
+ # * {Types::UpdateDashboardResponse#type #type} => String
4020
+ # * {Types::UpdateDashboardResponse#widgets #widgets} => Array&lt;Types::Widget&gt;
4021
+ # * {Types::UpdateDashboardResponse#refresh_schedule #refresh_schedule} => Types::RefreshSchedule
4022
+ # * {Types::UpdateDashboardResponse#termination_protection_enabled #termination_protection_enabled} => Boolean
4023
+ # * {Types::UpdateDashboardResponse#created_timestamp #created_timestamp} => Time
4024
+ # * {Types::UpdateDashboardResponse#updated_timestamp #updated_timestamp} => Time
4025
+ #
4026
+ # @example Request syntax with placeholder values
4027
+ #
4028
+ # resp = client.update_dashboard({
4029
+ # dashboard_id: "DashboardArn", # required
4030
+ # widgets: [
4031
+ # {
4032
+ # query_statement: "QueryStatement", # required
4033
+ # query_parameters: ["QueryParameter"],
4034
+ # view_properties: { # required
4035
+ # "ViewPropertiesKey" => "ViewPropertiesValue",
4036
+ # },
4037
+ # },
4038
+ # ],
4039
+ # refresh_schedule: {
4040
+ # frequency: {
4041
+ # unit: "HOURS", # accepts HOURS, DAYS
4042
+ # value: 1,
4043
+ # },
4044
+ # status: "ENABLED", # accepts ENABLED, DISABLED
4045
+ # time_of_day: "TimeOfDay",
4046
+ # },
4047
+ # termination_protection_enabled: false,
4048
+ # })
4049
+ #
4050
+ # @example Response structure
4051
+ #
4052
+ # resp.dashboard_arn #=> String
4053
+ # resp.name #=> String
4054
+ # resp.type #=> String, one of "MANAGED", "CUSTOM"
4055
+ # resp.widgets #=> Array
4056
+ # resp.widgets[0].query_alias #=> String
4057
+ # resp.widgets[0].query_statement #=> String
4058
+ # resp.widgets[0].query_parameters #=> Array
4059
+ # resp.widgets[0].query_parameters[0] #=> String
4060
+ # resp.widgets[0].view_properties #=> Hash
4061
+ # resp.widgets[0].view_properties["ViewPropertiesKey"] #=> String
4062
+ # resp.refresh_schedule.frequency.unit #=> String, one of "HOURS", "DAYS"
4063
+ # resp.refresh_schedule.frequency.value #=> Integer
4064
+ # resp.refresh_schedule.status #=> String, one of "ENABLED", "DISABLED"
4065
+ # resp.refresh_schedule.time_of_day #=> String
4066
+ # resp.termination_protection_enabled #=> Boolean
4067
+ # resp.created_timestamp #=> Time
4068
+ # resp.updated_timestamp #=> Time
4069
+ #
4070
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateDashboard AWS API Documentation
4071
+ #
4072
+ # @overload update_dashboard(params = {})
4073
+ # @param [Hash] params ({})
4074
+ def update_dashboard(params = {}, options = {})
4075
+ req = build_request(:update_dashboard, params)
4076
+ req.send_request(options)
4077
+ end
4078
+
3591
4079
  # Updates an event data store. The required `EventDataStore` value is an
3592
4080
  # ARN or the ID portion of the ARN. Other parameters are optional, but
3593
4081
  # at least one optional parameter must be specified, or CloudTrail
@@ -4025,7 +4513,7 @@ module Aws::CloudTrail
4025
4513
  tracer: tracer
4026
4514
  )
4027
4515
  context[:gem_name] = 'aws-sdk-cloudtrail'
4028
- context[:gem_version] = '1.94.0'
4516
+ context[:gem_version] = '1.96.0'
4029
4517
  Seahorse::Client::Request.new(handlers, context)
4030
4518
  end
4031
4519