aws-sdk-cloudwatchevents 1.7.0 → 1.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f61add5f1d667d8127d07182f58a48aaa9fbd6e9
-  data.tar.gz: ad66e0a7b20b3cccad2d5fb5da4bbdfce7b5b88d
+  metadata.gz: 515b9b918eb6b90e47280a25dc01c48bc132524e
+  data.tar.gz: d9327fc075594a6575b1da18e7dc12ca9eb76eb1
 SHA512:
-  metadata.gz: 761e98fcc68318a5407f4817635ee5d54e3fbee4a7e34b4e9f6bc593c8efb2601bc278b3aca718be0c7eb44d91b936495b40568a890eca148c1d78a7d372ce16
-  data.tar.gz: 40fcc4b0fea4de8e4772bd6b8bc0d07f684e12eb161de159d76ab41f926ec105a7bc34705406e31746048a006ce55d848ba3fba37fe0aa0372e818448c70215d
+  metadata.gz: 33519b982d51b00fa1e9d4eb624fccac27c3274813a1122428cdabb5835c685fd2487382ec1248f3447107b9e357a427363376be2b44d294ecc026f9e0ee7175
+  data.tar.gz: 5596f717cb14cdbf515927ad6cc3eaae2c1e4dca3328bdb5d00b7982d429ee01441db581de1344cd522b4000e337f5c740457af688c86bbcd767834b66e532f9

data/lib/aws-sdk-cloudwatchevents.rb

@@ -42,6 +42,6 @@ require_relative 'aws-sdk-cloudwatchevents/customizations'
 # @service
 module Aws::CloudWatchEvents
 
-  GEM_VERSION = '1.7.0'
+  GEM_VERSION = '1.8.0'
 
 end

data/lib/aws-sdk-cloudwatchevents/client.rb

@@ -540,17 +540,21 @@ module Aws::CloudWatchEvents
       req.send_request(options)
     end
 
-    # Running `PutPermission` permits the specified AWS account to put
-    # events to your account's default *event bus*. CloudWatch Events rules
-    # in your account are triggered by these events arriving to your default
-    # event bus.
+    # Running `PutPermission` permits the specified AWS account or AWS
+    # organization to put events to your account's default *event bus*.
+    # CloudWatch Events rules in your account are triggered by these events
+    # arriving to your default event bus.
     #
     # For another account to send events to your account, that external
     # account must have a CloudWatch Events rule with your account's
     # default event bus as a target.
     #
     # To enable multiple AWS accounts to put events to your default event
-    # bus, run `PutPermission` once for each of these accounts.
+    # bus, run `PutPermission` once for each of these accounts. Or, if all
+    # the accounts are members of the same AWS organization, you can run
+    # `PutPermission` once specifying `Principal` as "*" and specifying
+    # the AWS organization ID in `Condition`, to grant permissions to all
+    # accounts in that organization.
     #
     # The permission policy on the default event bus cannot exceed 10 KB in
     # size.
@@ -564,11 +568,12 @@ module Aws::CloudWatchEvents
     #   your default event bus. Specify "*" to permit any account to put
     #   events to your default event bus.
     #
-    #   If you specify "*", avoid creating rules that may match undesirable
-    #   events. To create more secure rules, make sure that the event pattern
-    #   for each rule contains an `account` field with a specific account ID
-    #   from which to receive events. Rules with an account field do not match
-    #   any events sent from other accounts.
+    #   If you specify "*" without specifying `Condition`, avoid creating
+    #   rules that may match undesirable events. To create more secure rules,
+    #   make sure that the event pattern for each rule contains an `account`
+    #   field with a specific account ID from which to receive events. Rules
+    #   with an account field do not match any events sent from other
+    #   accounts.
     #
     # @option params [required, String] :statement_id
     #   An identifier string for the external account that you are granting
@@ -576,6 +581,23 @@ module Aws::CloudWatchEvents
     #   external account, specify this `StatementId` when you run
     #   RemovePermission.
     #
+    # @option params [Types::Condition] :condition
+    #   This parameter enables you to limit the permission to accounts that
+    #   fulfill a certain condition, such as being a member of a certain AWS
+    #   organization. For more information about AWS Organizations, see [What
+    #   Is AWS Organizations][1] in the *AWS Organizations User Guide*.
+    #
+    #   If you specify `Condition` with an AWS organization ID, and specify
+    #   "*" as the value for `Principal`, you grant permission to all the
+    #   accounts in the named organization.
+    #
+    #   The `Condition` is a JSON string which must contain `Type`, `Key`, and
+    #   `Value` fields.
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -584,6 +606,11 @@ module Aws::CloudWatchEvents
     #     action: "Action", # required
     #     principal: "Principal", # required
     #     statement_id: "StatementId", # required
+    #     condition: {
+    #       type: "String", # required
+    #       key: "String", # required
+    #       value: "String", # required
+    #     },
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/events-2015-10-07/PutPermission AWS API Documentation
@@ -1000,7 +1027,7 @@ module Aws::CloudWatchEvents
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cloudwatchevents'
-      context[:gem_version] = '1.7.0'
+      context[:gem_version] = '1.8.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cloudwatchevents/client_api.rb

@@ -20,6 +20,7 @@ module Aws::CloudWatchEvents
     BatchRetryStrategy = Shapes::StructureShape.new(name: 'BatchRetryStrategy')
     Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     ConcurrentModificationException = Shapes::StructureShape.new(name: 'ConcurrentModificationException')
+    Condition = Shapes::StructureShape.new(name: 'Condition')
     DeleteRuleRequest = Shapes::StructureShape.new(name: 'DeleteRuleRequest')
     DescribeEventBusRequest = Shapes::StructureShape.new(name: 'DescribeEventBusRequest')
     DescribeEventBusResponse = Shapes::StructureShape.new(name: 'DescribeEventBusResponse')
@@ -124,6 +125,11 @@ module Aws::CloudWatchEvents
     BatchRetryStrategy.add_member(:attempts, Shapes::ShapeRef.new(shape: Integer, location_name: "Attempts"))
     BatchRetryStrategy.struct_class = Types::BatchRetryStrategy
 
+    Condition.add_member(:type, Shapes::ShapeRef.new(shape: String, required: true, location_name: "Type"))
+    Condition.add_member(:key, Shapes::ShapeRef.new(shape: String, required: true, location_name: "Key"))
+    Condition.add_member(:value, Shapes::ShapeRef.new(shape: String, required: true, location_name: "Value"))
+    Condition.struct_class = Types::Condition
+
     DeleteRuleRequest.add_member(:name, Shapes::ShapeRef.new(shape: RuleName, required: true, location_name: "Name"))
     DeleteRuleRequest.struct_class = Types::DeleteRuleRequest
 
@@ -225,6 +231,7 @@ module Aws::CloudWatchEvents
     PutPermissionRequest.add_member(:action, Shapes::ShapeRef.new(shape: Action, required: true, location_name: "Action"))
     PutPermissionRequest.add_member(:principal, Shapes::ShapeRef.new(shape: Principal, required: true, location_name: "Principal"))
     PutPermissionRequest.add_member(:statement_id, Shapes::ShapeRef.new(shape: StatementId, required: true, location_name: "StatementId"))
+    PutPermissionRequest.add_member(:condition, Shapes::ShapeRef.new(shape: Condition, location_name: "Condition"))
     PutPermissionRequest.struct_class = Types::PutPermissionRequest
 
     PutRuleRequest.add_member(:name, Shapes::ShapeRef.new(shape: RuleName, required: true, location_name: "Name"))

data/lib/aws-sdk-cloudwatchevents/types.rb

@@ -146,6 +146,49 @@ module Aws::CloudWatchEvents
       include Aws::Structure
     end
 
+    # A JSON string which you can use to limit the event bus permissions you
+    # are granting to only accounts that fulfill the condition. Currently,
+    # the only supported condition is membership in a certain AWS
+    # organization. The string must contain `Type`, `Key`, and `Value`
+    # fields. The `Value` field specifies the ID of the AWS organization.
+    # Following is an example value for `Condition`\:
+    #
+    # `'\{"Type" : "StringEquals", "Key": "aws:PrincipalOrgID", "Value":
+    # "o-1234567890"\}'`
+    #
+    # @note When making an API call, you may pass Condition
+    #   data as a hash:
+    #
+    #       {
+    #         type: "String", # required
+    #         key: "String", # required
+    #         value: "String", # required
+    #       }
+    #
+    # @!attribute [rw] type
+    #   Specifies the type of condition. Currently the only supported value
+    #   is `StringEquals`.
+    #   @return [String]
+    #
+    # @!attribute [rw] key
+    #   Specifies the key for the condition. Currently the only supported
+    #   key is `aws:PrincipalOrgID`.
+    #   @return [String]
+    #
+    # @!attribute [rw] value
+    #   Specifies the value for the key. Currently, this must be the ID of
+    #   the organization.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/events-2015-10-07/Condition AWS API Documentation
+    #
+    class Condition < Struct.new(
+      :type,
+      :key,
+      :value)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass DeleteRuleRequest
     #   data as a hash:
     #
@@ -788,6 +831,11 @@ module Aws::CloudWatchEvents
     #         action: "Action", # required
     #         principal: "Principal", # required
     #         statement_id: "StatementId", # required
+    #         condition: {
+    #           type: "String", # required
+    #           key: "String", # required
+    #           value: "String", # required
+    #         },
     #       }
     #
     # @!attribute [rw] action
@@ -800,11 +848,12 @@ module Aws::CloudWatchEvents
     #   your default event bus. Specify "*" to permit any account to put
     #   events to your default event bus.
     #
-    #   If you specify "*", avoid creating rules that may match
-    #   undesirable events. To create more secure rules, make sure that the
-    #   event pattern for each rule contains an `account` field with a
-    #   specific account ID from which to receive events. Rules with an
-    #   account field do not match any events sent from other accounts.
+    #   If you specify "*" without specifying `Condition`, avoid creating
+    #   rules that may match undesirable events. To create more secure
+    #   rules, make sure that the event pattern for each rule contains an
+    #   `account` field with a specific account ID from which to receive
+    #   events. Rules with an account field do not match any events sent
+    #   from other accounts.
     #   @return [String]
     #
     # @!attribute [rw] statement_id
@@ -814,12 +863,32 @@ module Aws::CloudWatchEvents
     #   RemovePermission.
     #   @return [String]
     #
+    # @!attribute [rw] condition
+    #   This parameter enables you to limit the permission to accounts that
+    #   fulfill a certain condition, such as being a member of a certain AWS
+    #   organization. For more information about AWS Organizations, see
+    #   [What Is AWS Organizations][1] in the *AWS Organizations User
+    #   Guide*.
+    #
+    #   If you specify `Condition` with an AWS organization ID, and specify
+    #   "*" as the value for `Principal`, you grant permission to all the
+    #   accounts in the named organization.
+    #
+    #   The `Condition` is a JSON string which must contain `Type`, `Key`,
+    #   and `Value` fields.
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html
+    #   @return [Types::Condition]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/events-2015-10-07/PutPermissionRequest AWS API Documentation
     #
     class PutPermissionRequest < Struct.new(
       :action,
       :principal,
-      :statement_id)
+      :statement_id,
+      :condition)
       include Aws::Structure
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-cloudwatchevents
 version: !ruby/object:Gem::Version
-  version: 1.7.0
+  version: 1.8.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-09-06 00:00:00.000000000 Z
+date: 2018-10-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core