aws-sdk-cloudwatchlogs 1.120.0 → 1.121.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b548ec7798101ff85512a1011bfed913b96a1551c84c40bf9d0c3b3a3dea52a5
-  data.tar.gz: d4467d8dde0382024c593dd1d3738e061fd486e71e2ef3c3947e05e4cbcfa82d
+  metadata.gz: 439c65a6971863a5a7818680b81dd64e5e6b7fe8329542f3511e98ff69ba9f3c
+  data.tar.gz: 231f0f2f03504186a92d5035940907aa61fe71111343807fb42e1b171e4b407d
 SHA512:
-  metadata.gz: 88695fa0001ecc33b3e11f1f20fd4b22bc2a44e440847d224cba14bbb1fa38770d869905545150d33f32154750d6f3bf6516b3cc6fe614637128b75677fb13fe
-  data.tar.gz: 44521b55eedf6cf0e392bc330c203247a599206e99015cc12adb1ff19e61ee011b9018328ab40e10da94f3a9b4fd4a75746968de3b09bf7f8789443fce615505
+  metadata.gz: 5a0dbb6c37a605bc699a20508c04e03f96dae5bac1d834db90437cb9c422921debaf92d8f54fa1cb78f106779a2a04eed13be48337fceeb322092cc203e50f92
+  data.tar.gz: ffb5b6b686d5ce69375a8aacb2462bff89c8bdb8deed982c763d39971e8511b0c819ff933e4cb9fe5b5f8e54dcaf12015f8bcdf8c7e146140bc3693b2ff7db51

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.121.0 (2025-07-18)
+------------------
+
+* Feature - CloudWatchLogs launches GetLogObject API with streaming support for efficient log data retrieval. Logs added support for new AccountPolicy type METRIC_EXTRACTION_POLICY. For more information, see CloudWatch Logs API documentation
+
 1.120.0 (2025-07-16)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.120.0
+1.121.0

data/lib/aws-sdk-cloudwatchlogs/client.rb

@@ -1186,7 +1186,7 @@ module Aws::CloudWatchLogs
     #
     #   resp = client.delete_account_policy({
     #     policy_name: "PolicyName", # required
-    #     policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY
+    #     policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY, METRIC_EXTRACTION_POLICY
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteAccountPolicy AWS API Documentation
@@ -1772,7 +1772,7 @@ module Aws::CloudWatchLogs
     # @example Request syntax with placeholder values
     #
     #   resp = client.describe_account_policies({
-    #     policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY
+    #     policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY, METRIC_EXTRACTION_POLICY
     #     policy_name: "PolicyName",
     #     account_identifiers: ["AccountId"],
     #     next_token: "NextToken",
@@ -1784,7 +1784,7 @@ module Aws::CloudWatchLogs
     #   resp.account_policies[0].policy_name #=> String
     #   resp.account_policies[0].policy_document #=> String
     #   resp.account_policies[0].last_updated_time #=> Integer
-    #   resp.account_policies[0].policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY", "FIELD_INDEX_POLICY", "TRANSFORMER_POLICY"
+    #   resp.account_policies[0].policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY", "FIELD_INDEX_POLICY", "TRANSFORMER_POLICY", "METRIC_EXTRACTION_POLICY"
     #   resp.account_policies[0].scope #=> String, one of "ALL"
     #   resp.account_policies[0].selection_criteria #=> String
     #   resp.account_policies[0].account_id #=> String
@@ -3634,6 +3634,180 @@ module Aws::CloudWatchLogs
       req.send_request(options)
     end
 
+    # Retrieves a large logging object (LLO) and streams it back. This API
+    # is used to fetch the content of large portions of log events that have
+    # been ingested through the PutOpenTelemetryLogs API. When log events
+    # contain fields that would cause the total event size to exceed 1MB,
+    # CloudWatch Logs automatically processes up to 10 fields, starting with
+    # the largest fields. Each field is truncated as needed to keep the
+    # total event size as close to 1MB as possible. The excess portions are
+    # stored as Large Log Objects (LLOs) and these fields are processed
+    # separately and LLO reference system fields (in the format
+    # `@ptr.$[path.to.field]`) are added. The path in the reference field
+    # reflects the original JSON structure where the large field was
+    # located. For example, this could be `@ptr.$['input']['message']`,
+    # `@ptr.$['AAA']['BBB']['CCC']['DDD']`, `@ptr.$['AAA']`, or any other
+    # path matching your log structure.
+    #
+    # @option params [Boolean] :unmask
+    #   A boolean flag that indicates whether to unmask sensitive log data.
+    #   When set to true, any masked or redacted data in the log object will
+    #   be displayed in its original form. Default is false.
+    #
+    # @option params [required, String] :log_object_pointer
+    #   A pointer to the specific log object to retrieve. This is a required
+    #   parameter that uniquely identifies the log object within CloudWatch
+    #   Logs. The pointer is typically obtained from a previous query or
+    #   filter operation.
+    #
+    # @return [Types::GetLogObjectResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetLogObjectResponse#field_stream #field_stream} => Types::GetLogObjectResponseStream
+    #
+    # @example EventStream Operation Example
+    #
+    #   # You can process the event once it arrives immediately, or wait until the
+    #   # full response is complete and iterate through the eventstream enumerator.
+    #
+    #   # To interact with event immediately, you need to register get_log_object
+    #   # with callbacks. Callbacks can be registered for specific events or for all
+    #   # events, including error events.
+    #
+    #   # Callbacks can be passed into the `:event_stream_handler` option or within a
+    #   # block statement attached to the #get_log_object call directly. Hybrid
+    #   # pattern of both is also supported.
+    #
+    #   # `:event_stream_handler` option takes in either a Proc object or
+    #   # Aws::CloudWatchLogs::EventStreams::GetLogObjectResponseStream object.
+    #
+    #   # Usage pattern a): Callbacks with a block attached to #get_log_object
+    #   # Example for registering callbacks for all event types and an error event
+    #   client.get_log_object(
+    #     # params input
+    #   ) do |stream|
+    #     stream.on_error_event do |event|
+    #       # catch unmodeled error event in the stream
+    #       raise event
+    #       # => Aws::Errors::EventError
+    #       # event.event_type => :error
+    #       # event.error_code => String
+    #       # event.error_message => String
+    #     end
+    #
+    #     stream.on_event do |event|
+    #       # process all events arrive
+    #       puts event.event_type
+    #       # ...
+    #     end
+    #   end
+    #
+    #   # Usage pattern b): Pass in `:event_stream_handler` for #get_log_object
+    #   #  1) Create a Aws::CloudWatchLogs::EventStreams::GetLogObjectResponseStream object
+    #   #  Example for registering callbacks with specific events
+    #
+    #   handler = Aws::CloudWatchLogs::EventStreams::GetLogObjectResponseStream.new
+    #   handler.on_fields_event do |event|
+    #     event # => Aws::CloudWatchLogs::Types::fields
+    #   end
+    #   handler.on_internal_streaming_exception_event do |event|
+    #     event # => Aws::CloudWatchLogs::Types::InternalStreamingException
+    #   end
+    #
+    #   client.get_log_object(
+    #     # params inputs
+    #     event_stream_handler: handler
+    #   )
+    #
+    #   #  2) Use a Ruby Proc object
+    #   #  Example for registering callbacks with specific events
+    #   handler = Proc.new do |stream|
+    #     stream.on_fields_event do |event|
+    #       event # => Aws::CloudWatchLogs::Types::fields
+    #     end
+    #     stream.on_internal_streaming_exception_event do |event|
+    #       event # => Aws::CloudWatchLogs::Types::InternalStreamingException
+    #     end
+    #   end
+    #
+    #   client.get_log_object(
+    #     # params inputs
+    #     event_stream_handler: handler
+    #   )
+    #
+    #   #  Usage pattern c): Hybrid pattern of a) and b)
+    #   handler = Aws::CloudWatchLogs::EventStreams::GetLogObjectResponseStream.new
+    #   handler.on_fields_event do |event|
+    #     event # => Aws::CloudWatchLogs::Types::fields
+    #   end
+    #   handler.on_internal_streaming_exception_event do |event|
+    #     event # => Aws::CloudWatchLogs::Types::InternalStreamingException
+    #   end
+    #
+    #   client.get_log_object(
+    #     # params input
+    #     event_stream_handler: handler
+    #   ) do |stream|
+    #     stream.on_error_event do |event|
+    #       # catch unmodeled error event in the stream
+    #       raise event
+    #       # => Aws::Errors::EventError
+    #       # event.event_type => :error
+    #       # event.error_code => String
+    #       # event.error_message => String
+    #     end
+    #   end
+    #
+    #   # You can also iterate through events after the response complete.
+    #   # Events are available at
+    #   resp.field_stream # => Enumerator
+    #   # For parameter input example, please refer to following request syntax.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_log_object({
+    #     unmask: false,
+    #     log_object_pointer: "LogObjectPointer", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   # All events are available at resp.field_stream:
+    #   resp.field_stream #=> Enumerator
+    #   resp.field_stream.event_types #=> [:fields, :internal_streaming_exception]
+    #
+    #   # For :fields event available at #on_fields_event callback and response eventstream enumerator:
+    #   event.data #=> String
+    #
+    #   # For :internal_streaming_exception event available at #on_internal_streaming_exception_event callback and response eventstream enumerator:
+    #   event.message #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogObject AWS API Documentation
+    #
+    # @overload get_log_object(params = {})
+    # @param [Hash] params ({})
+    def get_log_object(params = {}, options = {})
+      params = params.dup
+      event_stream_handler = case handler = params.delete(:event_stream_handler)
+        when EventStreams::GetLogObjectResponseStream then handler
+        when Proc then EventStreams::GetLogObjectResponseStream.new.tap(&handler)
+        when nil then EventStreams::GetLogObjectResponseStream.new
+        else
+          msg = "expected :event_stream_handler to be a block or "\
+                "instance of Aws::CloudWatchLogs::EventStreams::GetLogObjectResponseStream"\
+                ", got `#{handler.inspect}` instead"
+          raise ArgumentError, msg
+        end
+
+      yield(event_stream_handler) if block_given?
+
+      req = build_request(:get_log_object, params)
+
+      req.context[:event_stream_handler] = event_stream_handler
+      req.handlers.add(Aws::Binary::DecodeHandler, priority: 95)
+
+      req.send_request(options)
+    end
+
     # Retrieves all of the fields and values of a single log event. All
     # fields are retrieved, even if the original query that produced the
     # `logRecordPointer` retrieved only a subset of fields. Fields are
@@ -4284,8 +4458,9 @@ module Aws::CloudWatchLogs
     end
 
     # Creates an account-level data protection policy, subscription filter
-    # policy, or field index policy that applies to all log groups or a
-    # subset of log groups in the account.
+    # policy, field index policy, transformer policy, or metric extraction
+    # policy that applies to all log groups or a subset of log groups in the
+    # account.
     #
     # To use this operation, you must be signed on with the correct
     # permissions depending on the type of policy that you are creating.
@@ -4304,6 +4479,10 @@ module Aws::CloudWatchLogs
     # * To create a field index policy, you must have the
     #   `logs:PutIndexPolicy` and `logs:PutAccountPolicy` permissions.
     #
+    # * To create a metric extraction policy, you must have the
+    #   `logs:PutMetricExtractionPolicy` and `logs:PutAccountPolicy`
+    #   permissions.
+    #
     # **Data protection policy**
     #
     # A data protection policy can help safeguard sensitive data that's
@@ -4471,6 +4650,68 @@ module Aws::CloudWatchLogs
     # ignore the account-level policy that you create with
     # [PutAccountPolicy][11].
     #
+    # **Metric extraction policy**
+    #
+    # A metric extraction policy controls whether CloudWatch Metrics can be
+    # created through the Embedded Metrics Format (EMF) for log groups in
+    # your account. By default, EMF metric creation is enabled for all log
+    # groups. You can use metric extraction policies to disable EMF metric
+    # creation for your entire account or specific log groups.
+    #
+    # When a policy disables EMF metric creation for a log group, log events
+    # in the EMF format are still ingested, but no CloudWatch Metrics are
+    # created from them.
+    #
+    # Creating a policy disables metrics for AWS features that use EMF to
+    # create metrics, such as CloudWatch Container Insights and CloudWatch
+    # Application Signals. To prevent turning off those features by
+    # accident, we recommend that you exclude the underlying log-groups
+    # through a selection-criteria such as `LogGroupNamePrefix NOT IN
+    # ["/aws/containerinsights", "/aws/ecs/containerinsights",
+    # "/aws/application-signals/data"]`.
+    #
+    # Each account can have either one account-level metric extraction
+    # policy that applies to all log groups, or up to 5 policies that are
+    # each scoped to a subset of log groups with the `selectionCriteria`
+    # parameter. The selection criteria supports filtering by `LogGroupName`
+    # and `LogGroupNamePrefix` using the operators `IN` and `NOT IN`. You
+    # can specify up to 50 values in each `IN` or `NOT IN` list.
+    #
+    # The selection criteria can be specified in these formats:
+    #
+    # `LogGroupName IN ["log-group-1", "log-group-2"]`
+    #
+    # `LogGroupNamePrefix NOT IN ["/aws/prefix1", "/aws/prefix2"]`
+    #
+    # If you have multiple account-level metric extraction policies with
+    # selection criteria, no two of them can have overlapping criteria. For
+    # example, if you have one policy with selection criteria
+    # `LogGroupNamePrefix IN ["my-log"]`, you can't have another metric
+    # extraction policy with selection criteria `LogGroupNamePrefix IN
+    # ["/my-log-prod"]` or `LogGroupNamePrefix IN ["/my-logging"]`, as the
+    # set of log groups matching these prefixes would be a subset of the log
+    # groups matching the first policy's prefix, creating an overlap.
+    #
+    # When using `NOT IN`, only one policy with this operator is allowed per
+    # account.
+    #
+    # When combining policies with `IN` and `NOT IN` operators, the overlap
+    # check ensures that policies don't have conflicting effects. Two
+    # policies with `IN` and `NOT IN` operators do not overlap if and only
+    # if every value in the `IN `policy is completely contained within some
+    # value in the `NOT IN` policy. For example:
+    #
+    # * If you have a `NOT IN` policy for prefix `"/aws/lambda"`, you can
+    #   create an `IN` policy for the exact log group name
+    #   `"/aws/lambda/function1"` because the set of log groups matching
+    #   `"/aws/lambda/function1"` is a subset of the log groups matching
+    #   `"/aws/lambda"`.
+    #
+    # * If you have a `NOT IN` policy for prefix `"/aws/lambda"`, you cannot
+    #   create an `IN` policy for prefix `"/aws"` because the set of log
+    #   groups matching `"/aws"` is not a subset of the log groups matching
+    #   `"/aws/lambda"`.
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html
@@ -4606,7 +4847,7 @@ module Aws::CloudWatchLogs
     #   Use this parameter to apply the new policy to a subset of log groups
     #   in the account.
     #
-    #   Specifing `selectionCriteria` is valid only when you specify
+    #   Specifying `selectionCriteria` is valid only when you specify
     #   `SUBSCRIPTION_FILTER_POLICY`, `FIELD_INDEX_POLICY` or
     #   `TRANSFORMER_POLICY`for `policyType`.
     #
@@ -4636,7 +4877,7 @@ module Aws::CloudWatchLogs
     #   resp = client.put_account_policy({
     #     policy_name: "PolicyName", # required
     #     policy_document: "AccountPolicyDocument", # required
-    #     policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY
+    #     policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY, METRIC_EXTRACTION_POLICY
     #     scope: "ALL", # accepts ALL
     #     selection_criteria: "SelectionCriteria",
     #   })
@@ -4646,7 +4887,7 @@ module Aws::CloudWatchLogs
     #   resp.account_policy.policy_name #=> String
     #   resp.account_policy.policy_document #=> String
     #   resp.account_policy.last_updated_time #=> Integer
-    #   resp.account_policy.policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY", "FIELD_INDEX_POLICY", "TRANSFORMER_POLICY"
+    #   resp.account_policy.policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY", "FIELD_INDEX_POLICY", "TRANSFORMER_POLICY", "METRIC_EXTRACTION_POLICY"
     #   resp.account_policy.scope #=> String, one of "ALL"
     #   resp.account_policy.selection_criteria #=> String
     #   resp.account_policy.account_id #=> String
@@ -7021,9 +7262,9 @@ module Aws::CloudWatchLogs
     # To list the tags for a log group, use [ListTagsForResource][2]. To add
     # tags, use [TagResource][3].
     #
-    # CloudWatch Logs doesn't support IAM policies that prevent users from
-    # assigning specified tags to log groups using the
-    # `aws:Resource/key-name ` or `aws:TagKeys` condition keys.
+    # When using IAM policies to control tag management for CloudWatch Logs
+    # log groups, the condition keys `aws:Resource/key-name` and
+    # `aws:TagKeys` cannot be used to restrict which tags users can assign.
     #
     #
     #
@@ -7291,7 +7532,7 @@ module Aws::CloudWatchLogs
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-cloudwatchlogs'
-      context[:gem_version] = '1.120.0'
+      context[:gem_version] = '1.121.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cloudwatchlogs/client_api.rb

@@ -65,6 +65,7 @@ module Aws::CloudWatchLogs
     CreateLogGroupRequest = Shapes::StructureShape.new(name: 'CreateLogGroupRequest')
     CreateLogStreamRequest = Shapes::StructureShape.new(name: 'CreateLogStreamRequest')
     DashboardViewerPrincipals = Shapes::ListShape.new(name: 'DashboardViewerPrincipals')
+    Data = Shapes::BlobShape.new(name: 'Data')
     DataAlreadyAcceptedException = Shapes::StructureShape.new(name: 'DataAlreadyAcceptedException')
     DataProtectionPolicyDocument = Shapes::StringShape.new(name: 'DataProtectionPolicyDocument')
     DataProtectionStatus = Shapes::StringShape.new(name: 'DataProtectionStatus')
@@ -196,6 +197,7 @@ module Aws::CloudWatchLogs
     FieldIndex = Shapes::StructureShape.new(name: 'FieldIndex')
     FieldIndexName = Shapes::StringShape.new(name: 'FieldIndexName')
     FieldIndexes = Shapes::ListShape.new(name: 'FieldIndexes')
+    FieldsData = Shapes::StructureShape.new(name: 'FieldsData')
     FilterCount = Shapes::IntegerShape.new(name: 'FilterCount')
     FilterLogEventsRequest = Shapes::StructureShape.new(name: 'FilterLogEventsRequest')
     FilterLogEventsResponse = Shapes::StructureShape.new(name: 'FilterLogEventsResponse')
@@ -226,6 +228,9 @@ module Aws::CloudWatchLogs
     GetLogEventsResponse = Shapes::StructureShape.new(name: 'GetLogEventsResponse')
     GetLogGroupFieldsRequest = Shapes::StructureShape.new(name: 'GetLogGroupFieldsRequest')
     GetLogGroupFieldsResponse = Shapes::StructureShape.new(name: 'GetLogGroupFieldsResponse')
+    GetLogObjectRequest = Shapes::StructureShape.new(name: 'GetLogObjectRequest')
+    GetLogObjectResponse = Shapes::StructureShape.new(name: 'GetLogObjectResponse')
+    GetLogObjectResponseStream = Shapes::StructureShape.new(name: 'GetLogObjectResponseStream')
     GetLogRecordRequest = Shapes::StructureShape.new(name: 'GetLogRecordRequest')
     GetLogRecordResponse = Shapes::StructureShape.new(name: 'GetLogRecordResponse')
     GetQueryResultsRequest = Shapes::StructureShape.new(name: 'GetQueryResultsRequest')
@@ -255,6 +260,7 @@ module Aws::CloudWatchLogs
     IntegrationSummary = Shapes::StructureShape.new(name: 'IntegrationSummary')
     IntegrationType = Shapes::StringShape.new(name: 'IntegrationType')
     Interleaved = Shapes::BooleanShape.new(name: 'Interleaved')
+    InternalStreamingException = Shapes::StructureShape.new(name: 'InternalStreamingException')
     InvalidOperationException = Shapes::StructureShape.new(name: 'InvalidOperationException')
     InvalidParameterException = Shapes::StructureShape.new(name: 'InvalidParameterException')
     InvalidSequenceTokenException = Shapes::StructureShape.new(name: 'InvalidSequenceTokenException')
@@ -306,6 +312,7 @@ module Aws::CloudWatchLogs
     LogGroupSummaries = Shapes::ListShape.new(name: 'LogGroupSummaries')
     LogGroupSummary = Shapes::StructureShape.new(name: 'LogGroupSummary')
     LogGroups = Shapes::ListShape.new(name: 'LogGroups')
+    LogObjectPointer = Shapes::StringShape.new(name: 'LogObjectPointer')
     LogRecord = Shapes::MapShape.new(name: 'LogRecord')
     LogRecordPointer = Shapes::StringShape.new(name: 'LogRecordPointer')
     LogSamples = Shapes::ListShape.new(name: 'LogSamples')
@@ -1051,6 +1058,9 @@ module Aws::CloudWatchLogs
 
     FieldIndexes.member = Shapes::ShapeRef.new(shape: FieldIndex)
 
+    FieldsData.add_member(:data, Shapes::ShapeRef.new(shape: Data, location_name: "data"))
+    FieldsData.struct_class = Types::FieldsData
+
     FilterLogEventsRequest.add_member(:log_group_name, Shapes::ShapeRef.new(shape: LogGroupName, location_name: "logGroupName"))
     FilterLogEventsRequest.add_member(:log_group_identifier, Shapes::ShapeRef.new(shape: LogGroupIdentifier, location_name: "logGroupIdentifier"))
     FilterLogEventsRequest.add_member(:log_stream_names, Shapes::ShapeRef.new(shape: InputLogStreamNames, location_name: "logStreamNames"))
@@ -1157,6 +1167,17 @@ module Aws::CloudWatchLogs
     GetLogGroupFieldsResponse.add_member(:log_group_fields, Shapes::ShapeRef.new(shape: LogGroupFieldList, location_name: "logGroupFields"))
     GetLogGroupFieldsResponse.struct_class = Types::GetLogGroupFieldsResponse
 
+    GetLogObjectRequest.add_member(:unmask, Shapes::ShapeRef.new(shape: Unmask, location_name: "unmask"))
+    GetLogObjectRequest.add_member(:log_object_pointer, Shapes::ShapeRef.new(shape: LogObjectPointer, required: true, location_name: "logObjectPointer"))
+    GetLogObjectRequest.struct_class = Types::GetLogObjectRequest
+
+    GetLogObjectResponse.add_member(:field_stream, Shapes::ShapeRef.new(shape: GetLogObjectResponseStream, eventstream: true, location_name: "fieldStream"))
+    GetLogObjectResponse.struct_class = Types::GetLogObjectResponse
+
+    GetLogObjectResponseStream.add_member(:fields, Shapes::ShapeRef.new(shape: FieldsData, event: true, location_name: "fields"))
+    GetLogObjectResponseStream.add_member(:internal_streaming_exception, Shapes::ShapeRef.new(shape: InternalStreamingException, location_name: "InternalStreamingException"))
+    GetLogObjectResponseStream.struct_class = Types::GetLogObjectResponseStream
+
     GetLogRecordRequest.add_member(:log_record_pointer, Shapes::ShapeRef.new(shape: LogRecordPointer, required: true, location_name: "logRecordPointer"))
     GetLogRecordRequest.add_member(:unmask, Shapes::ShapeRef.new(shape: Unmask, location_name: "unmask"))
     GetLogRecordRequest.struct_class = Types::GetLogRecordRequest
@@ -1222,6 +1243,9 @@ module Aws::CloudWatchLogs
     IntegrationSummary.add_member(:integration_status, Shapes::ShapeRef.new(shape: IntegrationStatus, location_name: "integrationStatus"))
     IntegrationSummary.struct_class = Types::IntegrationSummary
 
+    InternalStreamingException.add_member(:message, Shapes::ShapeRef.new(shape: Message, location_name: "message"))
+    InternalStreamingException.struct_class = Types::InternalStreamingException
+
     InvalidOperationException.struct_class = Types::InvalidOperationException
 
     InvalidParameterException.struct_class = Types::InvalidParameterException
@@ -2690,6 +2714,22 @@ module Aws::CloudWatchLogs
         o.errors << Shapes::ShapeRef.new(shape: ServiceUnavailableException)
       end)
 
+      api.add_operation(:get_log_object, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetLogObject"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.endpoint_pattern = {
+          "hostPrefix" => "streaming-",
+        }
+        o.input = Shapes::ShapeRef.new(shape: GetLogObjectRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetLogObjectResponse)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidOperationException)
+      end)
+
       api.add_operation(:get_log_record, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetLogRecord"
         o.http_method = "POST"

data/lib/aws-sdk-cloudwatchlogs/errors.rb

@@ -30,6 +30,7 @@ module Aws::CloudWatchLogs
   # * {AccessDeniedException}
   # * {ConflictException}
   # * {DataAlreadyAcceptedException}
+  # * {InternalStreamingException}
   # * {InvalidOperationException}
   # * {InvalidParameterException}
   # * {InvalidSequenceTokenException}
@@ -88,6 +89,21 @@ module Aws::CloudWatchLogs
       end
     end
 
+    class InternalStreamingException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::CloudWatchLogs::Types::InternalStreamingException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
     class InvalidOperationException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context

data/lib/aws-sdk-cloudwatchlogs/event_streams.rb

@@ -9,6 +9,45 @@
 
 module Aws::CloudWatchLogs
   module EventStreams
+    class GetLogObjectResponseStream
+
+      def initialize
+        @event_emitter = Aws::EventEmitter.new
+      end
+
+      def on_fields_event(&block)
+        @event_emitter.on(:fields, block) if block_given?
+      end
+
+      def on_internal_streaming_exception_event(&block)
+        @event_emitter.on(:internal_streaming_exception, block) if block_given?
+      end
+
+      def on_error_event(&block)
+        @event_emitter.on(:error, block) if block_given?
+      end
+
+      def on_initial_response_event(&block)
+        @event_emitter.on(:initial_response, block) if block_given?
+      end
+
+      def on_unknown_event(&block)
+        @event_emitter.on(:unknown_event, block) if block_given?
+      end
+
+      def on_event(&block)
+        on_fields_event(&block)
+        on_internal_streaming_exception_event(&block)
+        on_error_event(&block)
+        on_initial_response_event(&block)
+        on_unknown_event(&block)
+      end
+
+      # @api private
+      # @return Aws::EventEmitter
+      attr_reader :event_emitter
+
+    end
     class StartLiveTailResponseStream
 
       def initialize

data/lib/aws-sdk-cloudwatchlogs/types.rb

@@ -2776,6 +2776,25 @@ module Aws::CloudWatchLogs
       include Aws::Structure
     end
 
+    # A structure containing the extracted fields from a log event. These
+    # fields are extracted based on the log format and can be used for
+    # structured querying and analysis.
+    #
+    # @!attribute [rw] data
+    #   The actual log data content returned in the streaming response. This
+    #   contains the fields and values of the log event in a structured
+    #   format that can be parsed and processed by the client.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/FieldsData AWS API Documentation
+    #
+    class FieldsData < Struct.new(
+      :data,
+      :event_type)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] log_group_name
     #   The name of the log group to search.
     #
@@ -3380,6 +3399,46 @@ module Aws::CloudWatchLogs
       include Aws::Structure
     end
 
+    # The parameters for the GetLogObject operation.
+    #
+    # @!attribute [rw] unmask
+    #   A boolean flag that indicates whether to unmask sensitive log data.
+    #   When set to true, any masked or redacted data in the log object will
+    #   be displayed in its original form. Default is false.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] log_object_pointer
+    #   A pointer to the specific log object to retrieve. This is a required
+    #   parameter that uniquely identifies the log object within CloudWatch
+    #   Logs. The pointer is typically obtained from a previous query or
+    #   filter operation.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogObjectRequest AWS API Documentation
+    #
+    class GetLogObjectRequest < Struct.new(
+      :unmask,
+      :log_object_pointer)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The response from the GetLogObject operation.
+    #
+    # @!attribute [rw] field_stream
+    #   A stream of structured log data returned by the GetLogObject
+    #   operation. This stream contains log events with their associated
+    #   metadata and extracted fields.
+    #   @return [Types::GetLogObjectResponseStream]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogObjectResponse AWS API Documentation
+    #
+    class GetLogObjectResponse < Struct.new(
+      :field_stream)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] log_record_pointer
     #   The pointer corresponding to the log event record you want to
     #   retrieve. You get this from the response of a `GetQueryResults`
@@ -3689,6 +3748,22 @@ module Aws::CloudWatchLogs
       include Aws::Structure
     end
 
+    # An internal error occurred during the streaming of log data. This
+    # exception is thrown when there's an issue with the internal streaming
+    # mechanism used by the GetLogObject operation.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/InternalStreamingException AWS API Documentation
+    #
+    class InternalStreamingException < Struct.new(
+      :message,
+      :event_type)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The operation is not valid on the specified resource.
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/InvalidOperationException AWS API Documentation
@@ -5991,7 +6066,7 @@ module Aws::CloudWatchLogs
     #   Use this parameter to apply the new policy to a subset of log groups
     #   in the account.
     #
-    #   Specifing `selectionCriteria` is valid only when you specify
+    #   Specifying `selectionCriteria` is valid only when you specify
     #   `SUBSCRIPTION_FILTER_POLICY`, `FIELD_INDEX_POLICY` or
     #   `TRANSFORMER_POLICY`for `policyType`.
     #
@@ -8297,6 +8372,26 @@ module Aws::CloudWatchLogs
     #
     class ValidationException < Aws::EmptyStructure; end
 
+    # A stream of structured log data returned by the GetLogObject
+    # operation. This stream contains log events with their associated
+    # metadata and extracted fields.
+    #
+    # EventStream is an Enumerator of Events.
+    #  #event_types #=> Array, returns all modeled event types in the stream
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogObjectResponseStream AWS API Documentation
+    #
+    class GetLogObjectResponseStream < Enumerator
+
+      def event_types
+        [
+          :fields,
+          :internal_streaming_exception
+        ]
+      end
+
+    end
+
     # This object includes the stream returned by your [StartLiveTail][1]
     # request.
     #

data/lib/aws-sdk-cloudwatchlogs.rb

@@ -55,7 +55,7 @@ module Aws::CloudWatchLogs
   autoload :Endpoints, 'aws-sdk-cloudwatchlogs/endpoints'
   autoload :EventStreams, 'aws-sdk-cloudwatchlogs/event_streams'
 
-  GEM_VERSION = '1.120.0'
+  GEM_VERSION = '1.121.0'
 
 end
 

data/sig/client.rbs

@@ -164,7 +164,7 @@ module Aws
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CloudWatchLogs/Client.html#delete_account_policy-instance_method
       def delete_account_policy: (
                                    policy_name: ::String,
-                                   policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY")
+                                   policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY" | "METRIC_EXTRACTION_POLICY")
                                  ) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
                                | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
 
@@ -293,7 +293,7 @@ module Aws
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CloudWatchLogs/Client.html#describe_account_policies-instance_method
       def describe_account_policies: (
-                                       policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY"),
+                                       policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY" | "METRIC_EXTRACTION_POLICY"),
                                        ?policy_name: ::String,
                                        ?account_identifiers: Array[::String],
                                        ?next_token: ::String
@@ -655,6 +655,17 @@ module Aws
                                 ) -> _GetLogGroupFieldsResponseSuccess
                               | (?Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetLogGroupFieldsResponseSuccess
 
+      interface _GetLogObjectResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::GetLogObjectResponse]
+        def field_stream: () -> Types::GetLogObjectResponseStream
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/CloudWatchLogs/Client.html#get_log_object-instance_method
+      def get_log_object: (
+                            ?unmask: bool,
+                            log_object_pointer: ::String
+                          ) -> _GetLogObjectResponseSuccess
+                        | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetLogObjectResponseSuccess
+
       interface _GetLogRecordResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::GetLogRecordResponse]
         def log_record: () -> ::Hash[::String, ::String]
@@ -789,7 +800,7 @@ module Aws
       def put_account_policy: (
                                 policy_name: ::String,
                                 policy_document: ::String,
-                                policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY"),
+                                policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY" | "METRIC_EXTRACTION_POLICY"),
                                 ?scope: ("ALL"),
                                 ?selection_criteria: ::String
                               ) -> _PutAccountPolicyResponseSuccess

data/sig/errors.rbs

@@ -18,6 +18,9 @@ module Aws
       class DataAlreadyAcceptedException < ::Aws::Errors::ServiceError
         def expected_sequence_token: () -> ::String
       end
+      class InternalStreamingException < ::Aws::Errors::ServiceError
+        def message: () -> ::String
+      end
       class InvalidOperationException < ::Aws::Errors::ServiceError
       end
       class InvalidParameterException < ::Aws::Errors::ServiceError

data/sig/types.rbs

@@ -15,7 +15,7 @@ module Aws::CloudWatchLogs
       attr_accessor policy_name: ::String
       attr_accessor policy_document: ::String
       attr_accessor last_updated_time: ::Integer
-      attr_accessor policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY")
+      attr_accessor policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY" | "METRIC_EXTRACTION_POLICY")
       attr_accessor scope: ("ALL")
       attr_accessor selection_criteria: ::String
       attr_accessor account_id: ::String
@@ -206,7 +206,7 @@ module Aws::CloudWatchLogs
 
     class DeleteAccountPolicyRequest
       attr_accessor policy_name: ::String
-      attr_accessor policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY")
+      attr_accessor policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY" | "METRIC_EXTRACTION_POLICY")
       SENSITIVE: []
     end
 
@@ -356,7 +356,7 @@ module Aws::CloudWatchLogs
     end
 
     class DescribeAccountPoliciesRequest
-      attr_accessor policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY")
+      attr_accessor policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY" | "METRIC_EXTRACTION_POLICY")
       attr_accessor policy_name: ::String
       attr_accessor account_identifiers: ::Array[::String]
       attr_accessor next_token: ::String
@@ -636,6 +636,12 @@ module Aws::CloudWatchLogs
       SENSITIVE: []
     end
 
+    class FieldsData
+      attr_accessor data: ::String
+      attr_accessor event_type: untyped
+      SENSITIVE: []
+    end
+
     class FilterLogEventsRequest
       attr_accessor log_group_name: ::String
       attr_accessor log_group_identifier: ::String
@@ -782,6 +788,17 @@ module Aws::CloudWatchLogs
       SENSITIVE: []
     end
 
+    class GetLogObjectRequest
+      attr_accessor unmask: bool
+      attr_accessor log_object_pointer: ::String
+      SENSITIVE: []
+    end
+
+    class GetLogObjectResponse
+      attr_accessor field_stream: Types::GetLogObjectResponseStream
+      SENSITIVE: []
+    end
+
     class GetLogRecordRequest
       attr_accessor log_record_pointer: ::String
       attr_accessor unmask: bool
@@ -859,6 +876,12 @@ module Aws::CloudWatchLogs
       SENSITIVE: []
     end
 
+    class InternalStreamingException
+      attr_accessor message: ::String
+      attr_accessor event_type: untyped
+      SENSITIVE: []
+    end
+
     class InvalidOperationException < Aws::EmptyStructure
     end
 
@@ -1279,7 +1302,7 @@ module Aws::CloudWatchLogs
     class PutAccountPolicyRequest
       attr_accessor policy_name: ::String
       attr_accessor policy_document: ::String
-      attr_accessor policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY")
+      attr_accessor policy_type: ("DATA_PROTECTION_POLICY" | "SUBSCRIPTION_FILTER_POLICY" | "FIELD_INDEX_POLICY" | "TRANSFORMER_POLICY" | "METRIC_EXTRACTION_POLICY")
       attr_accessor scope: ("ALL")
       attr_accessor selection_criteria: ::String
       SENSITIVE: []
@@ -1797,6 +1820,10 @@ module Aws::CloudWatchLogs
     class ValidationException < Aws::EmptyStructure
     end
 
+    class GetLogObjectResponseStream < Enumerator[untyped, untyped]
+      def event_types: () -> [:fields, :internal_streaming_exception]
+    end
+
     class StartLiveTailResponseStream < Enumerator[untyped, untyped]
       def event_types: () -> [:session_start, :session_update, :session_timeout_exception, :session_streaming_exception]
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-cloudwatchlogs
 version: !ruby/object:Gem::Version
-  version: 1.120.0
+  version: 1.121.0
 platform: ruby
 authors:
 - Amazon Web Services