aws-sdk-cloudwatchlogs 1.40.0 → 1.44.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2f70d72a6b41de13d049dab9fae4fb957c1f9e4d2247e719567c63f5e11c0043
-  data.tar.gz: e3b36abebe016f0112d34e76e75b114593ff54efd57ef37504c7873d230da468
+  metadata.gz: 2b53cd0ed00817e7a3a578da98970372835120baf8213b2c3d740253b2352b1f
+  data.tar.gz: db879b8a853bba93646734cfbbfb1859fa8671a63acbb6b9df2173f0180bdb3e
 SHA512:
-  metadata.gz: 86611f15456318b9513d7f897426d0d1e75408620a073c15a7e13e204968811d8822c1f11535cbedcb2b0fb82b9969bbc308fc44953d05dc7311208d6fc19f53
-  data.tar.gz: fdd3e927269f4e1a4c3d92734aba74dfc2b590ddaccb386469e8c98220ea770a2569e0405ba110b485a97b725c80dd315d82011b03b75aa6714110acf3c33a2a
+  metadata.gz: db6210ec6c5194c6a1ff96dfa66af9219ce979d3019babaa9e1713aa854aef519f6b131e8870f8c368851ffc0499685e268ed08c112cdc98a27c7568a701d88e
+  data.tar.gz: 87f5db69bfb43a4141d09c5ce0fe8c3c7fe3bb676b4a6d20c98b633ac1e28d3d32e6ca82b05e7fd55f58ab8bd520176b0d818cb7838336bef43242a98e5a076d

data/CHANGELOG.md

@@ -1,6 +1,26 @@
 Unreleased Changes
 ------------------
 
+1.44.0 (2021-08-17)
+------------------
+
+* Feature - Documentation-only update for CloudWatch Logs
+
+1.43.0 (2021-07-30)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.42.0 (2021-07-28)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.41.0 (2021-05-24)
+------------------
+
+* Feature - This release provides dimensions and unit support for metric filters.
+
 1.40.0 (2021-03-10)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.40.0
+1.44.0

data/lib/aws-sdk-cloudwatchlogs.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-cloudwatchlogs/customizations'
 # @!group service
 module Aws::CloudWatchLogs
 
-  GEM_VERSION = '1.40.0'
+  GEM_VERSION = '1.44.0'
 
 end

data/lib/aws-sdk-cloudwatchlogs/client.rb

@@ -337,16 +337,15 @@ module Aws::CloudWatchLogs
 
     # @!group API Operations
 
-    # Associates the specified AWS Key Management Service (AWS KMS) customer
-    # master key (CMK) with the specified log group.
+    # Associates the specified Key Management Service customer master key
+    # (CMK) with the specified log group.
     #
-    # Associating an AWS KMS CMK with a log group overrides any existing
+    # Associating an KMS CMK with a log group overrides any existing
     # associations between the log group and a CMK. After a CMK is
     # associated with a log group, all newly ingested data for the log group
     # is encrypted using the CMK. This association is stored as long as the
-    # data encrypted with the CMK is still within Amazon CloudWatch Logs.
-    # This enables Amazon CloudWatch Logs to decrypt this data whenever it
-    # is requested.
+    # data encrypted with the CMK is still within CloudWatch Logs. This
+    # enables CloudWatch Logs to decrypt this data whenever it is requested.
     #
     # CloudWatch Logs supports only symmetric CMKs. Do not use an associate
     # an asymmetric CMK with your log group. For more information, see
@@ -368,8 +367,8 @@ module Aws::CloudWatchLogs
     # @option params [required, String] :kms_key_id
     #   The Amazon Resource Name (ARN) of the CMK to use when encrypting log
     #   data. This must be a symmetric CMK. For more information, see [Amazon
-    #   Resource Names - AWS Key Management Service (AWS KMS)][1] and [Using
-    #   Symmetric and Asymmetric Keys][2].
+    #   Resource Names - Key Management Service][1] and [Using Symmetric and
+    #   Asymmetric Keys][2].
     #
     #
     #
@@ -460,13 +459,13 @@ module Aws::CloudWatchLogs
     #   timestamp earlier than this time are not exported.
     #
     # @option params [required, Integer] :to
-    #   The end time of the range for the request, expressed as the number of
-    #   milliseconds after Jan 1, 1970 00:00:00 UTC. Events with a timestamp
-    #   later than this time are not exported.
+    #   The end time of the range for the request, expreswatchlogsdocused as
+    #   the number of milliseconds after Jan 1, 1970 00:00:00 UTC. Events with
+    #   a timestamp later than this time are not exported.
     #
     # @option params [required, String] :destination
     #   The name of S3 bucket for the exported log data. The bucket must be in
-    #   the same AWS region.
+    #   the same Amazon Web Services region.
     #
     # @option params [String] :destination_prefix
     #   The prefix used as the start of the key for every object exported. If
@@ -506,7 +505,8 @@ module Aws::CloudWatchLogs
     #
     # You must use the following guidelines when naming a log group:
     #
-    # * Log group names must be unique within a region for an AWS account.
+    # * Log group names must be unique within a region for an Amazon Web
+    #   Services account.
     #
     # * Log group names can be between 1 and 512 characters long.
     #
@@ -518,11 +518,11 @@ module Aws::CloudWatchLogs
     # group never expire. To set a retention policy so that events expire
     # and are deleted after a specified time, use [PutRetentionPolicy][1].
     #
-    # If you associate a AWS Key Management Service (AWS KMS) customer
-    # master key (CMK) with the log group, ingested data is encrypted using
-    # the CMK. This association is stored as long as the data encrypted with
-    # the CMK is still within Amazon CloudWatch Logs. This enables Amazon
-    # CloudWatch Logs to decrypt this data whenever it is requested.
+    # If you associate a Key Management Service customer master key (CMK)
+    # with the log group, ingested data is encrypted using the CMK. This
+    # association is stored as long as the data encrypted with the CMK is
+    # still within CloudWatch Logs. This enables CloudWatch Logs to decrypt
+    # this data whenever it is requested.
     #
     # If you attempt to associate a CMK with the log group but the CMK does
     # not exist or the CMK is disabled, you receive an
@@ -542,8 +542,8 @@ module Aws::CloudWatchLogs
     #
     # @option params [String] :kms_key_id
     #   The Amazon Resource Name (ARN) of the CMK to use when encrypting log
-    #   data. For more information, see [Amazon Resource Names - AWS Key
-    #   Management Service (AWS KMS)][1].
+    #   data. For more information, see [Amazon Resource Names - Key
+    #   Management Service][1].
     #
     #
     #
@@ -552,6 +552,16 @@ module Aws::CloudWatchLogs
     # @option params [Hash<String,String>] :tags
     #   The key-value pairs to use for the tags.
     #
+    #   CloudWatch Logs doesn’t support IAM policies that prevent users from
+    #   assigning specified tags to log groups using the
+    #   `aws:Resource/key-name ` or `aws:TagKeys` condition keys. For more
+    #   information about using tags to control access, see [Controlling
+    #   access to Amazon Web Services resources using tags][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -941,6 +951,17 @@ module Aws::CloudWatchLogs
     # filter the results by prefix. The results are ASCII-sorted by log
     # group name.
     #
+    # CloudWatch Logs doesn’t support IAM policies that control access to
+    # the `DescribeLogGroups` action by using the `aws:ResourceTag/key-name
+    # ` condition key. Other CloudWatch Logs actions do support the use of
+    # the `aws:ResourceTag/key-name ` condition key to control access. For
+    # more information about using tags to control access, see [Controlling
+    # access to Amazon Web Services resources using tags][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html
+    #
     # @option params [String] :log_group_name_prefix
     #   The prefix to match.
     #
@@ -1011,10 +1032,10 @@ module Aws::CloudWatchLogs
     #   If you order the results by event time, you cannot specify the
     #   `logStreamNamePrefix` parameter.
     #
-    #   `lastEventTimeStamp` represents the time of the most recent log event
+    #   `lastEventTimestamp` represents the time of the most recent log event
     #   in the log stream in CloudWatch Logs. This number is expressed as the
     #   number of milliseconds after Jan 1, 1970 00:00:00 UTC.
-    #   `lastEventTimeStamp` updates on an eventual consistency basis. It
+    #   `lastEventTimestamp` updates on an eventual consistency basis. It
     #   typically updates in less than an hour from ingestion, but in rare
     #   situations might take longer.
     #
@@ -1128,6 +1149,9 @@ module Aws::CloudWatchLogs
     #   resp.metric_filters[0].metric_transformations[0].metric_namespace #=> String
     #   resp.metric_filters[0].metric_transformations[0].metric_value #=> String
     #   resp.metric_filters[0].metric_transformations[0].default_value #=> Float
+    #   resp.metric_filters[0].metric_transformations[0].dimensions #=> Hash
+    #   resp.metric_filters[0].metric_transformations[0].dimensions["DimensionsKey"] #=> String
+    #   resp.metric_filters[0].metric_transformations[0].unit #=> String, one of "Seconds", "Microseconds", "Milliseconds", "Bytes", "Kilobytes", "Megabytes", "Gigabytes", "Terabytes", "Bits", "Kilobits", "Megabits", "Gigabits", "Terabits", "Percent", "Count", "Bytes/Second", "Kilobytes/Second", "Megabytes/Second", "Gigabytes/Second", "Terabytes/Second", "Bits/Second", "Kilobits/Second", "Megabits/Second", "Gigabits/Second", "Terabits/Second", "Count/Second", "None"
     #   resp.metric_filters[0].creation_time #=> Integer
     #   resp.metric_filters[0].log_group_name #=> String
     #   resp.next_token #=> String
@@ -1170,7 +1194,7 @@ module Aws::CloudWatchLogs
     #
     #   resp = client.describe_queries({
     #     log_group_name: "LogGroupName",
-    #     status: "Scheduled", # accepts Scheduled, Running, Complete, Failed, Cancelled
+    #     status: "Scheduled", # accepts Scheduled, Running, Complete, Failed, Cancelled, Timeout, Unknown
     #     max_results: 1,
     #     next_token: "NextToken",
     #   })
@@ -1180,7 +1204,7 @@ module Aws::CloudWatchLogs
     #   resp.queries #=> Array
     #   resp.queries[0].query_id #=> String
     #   resp.queries[0].query_string #=> String
-    #   resp.queries[0].status #=> String, one of "Scheduled", "Running", "Complete", "Failed", "Cancelled"
+    #   resp.queries[0].status #=> String, one of "Scheduled", "Running", "Complete", "Failed", "Cancelled", "Timeout", "Unknown"
     #   resp.queries[0].create_time #=> Integer
     #   resp.queries[0].log_group_name #=> String
     #   resp.next_token #=> String
@@ -1341,14 +1365,13 @@ module Aws::CloudWatchLogs
       req.send_request(options)
     end
 
-    # Disassociates the associated AWS Key Management Service (AWS KMS)
-    # customer master key (CMK) from the specified log group.
+    # Disassociates the associated Key Management Service customer master
+    # key (CMK) from the specified log group.
     #
-    # After the AWS KMS CMK is disassociated from the log group, AWS
-    # CloudWatch Logs stops encrypting newly ingested data for the log
-    # group. All previously ingested data remains encrypted, and AWS
-    # CloudWatch Logs requires permissions for the CMK whenever the
-    # encrypted data is requested.
+    # After the KMS CMK is disassociated from the log group, CloudWatch Logs
+    # stops encrypting newly ingested data for the log group. All previously
+    # ingested data remains encrypted, and CloudWatch Logs requires
+    # permissions for the CMK whenever the encrypted data is requested.
     #
     # Note that it can take up to 5 minutes for this operation to take
     # effect.
@@ -1413,9 +1436,6 @@ module Aws::CloudWatchLogs
     #   after Jan 1, 1970 00:00:00 UTC. Events with a timestamp before this
     #   time are not returned.
     #
-    #   If you omit `startTime` and `endTime` the most recent log events are
-    #   retrieved, to up 1 MB or 10,000 log events.
-    #
     # @option params [Integer] :end_time
     #   The end of the time range, expressed as the number of milliseconds
     #   after Jan 1, 1970 00:00:00 UTC. Events with a timestamp later than
@@ -1524,9 +1544,6 @@ module Aws::CloudWatchLogs
     #   The token for the next set of items to return. (You received this
     #   token from a previous call.)
     #
-    #   Using this token works only when you specify `true` for
-    #   `startFromHead`.
-    #
     # @option params [Integer] :limit
     #   The maximum number of log events returned. If you don't specify a
     #   value, the maximum is as many log events as can fit in a response size
@@ -1537,8 +1554,9 @@ module Aws::CloudWatchLogs
     #   the value is false, the latest log events are returned first. The
     #   default value is false.
     #
-    #   If you are using `nextToken` in this operation, you must specify
-    #   `true` for `startFromHead`.
+    #   If you are using a previous `nextForwardToken` value as the
+    #   `nextToken` in this operation, you must specify `true` for
+    #   `startFromHead`.
     #
     # @return [Types::GetLogEventsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1600,8 +1618,8 @@ module Aws::CloudWatchLogs
     #
     # @option params [Integer] :time
     #   The time to set as the center of the query. If you specify `time`, the
-    #   8 minutes before and 8 minutes after this time are searched. If you
-    #   omit `time`, the past 15 minutes are queried.
+    #   15 minutes before this time are queries. If you omit `time` the 8
+    #   minutes before and 8 minutes after this time are searched.
     #
     #   The `time` value is specified as epoch time, the number of seconds
     #   since January 1, 1970, 00:00:00 UTC.
@@ -1714,7 +1732,7 @@ module Aws::CloudWatchLogs
     #   resp.statistics.records_matched #=> Float
     #   resp.statistics.records_scanned #=> Float
     #   resp.statistics.bytes_scanned #=> Float
-    #   resp.status #=> String, one of "Scheduled", "Running", "Complete", "Failed", "Cancelled"
+    #   resp.status #=> String, one of "Scheduled", "Running", "Complete", "Failed", "Cancelled", "Timeout", "Unknown"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetQueryResults AWS API Documentation
     #
@@ -1823,6 +1841,11 @@ module Aws::CloudWatchLogs
     # used to authorize claims to register a subscription filter against a
     # given destination.
     #
+    # If multiple Amazon Web Services accounts are sending logs to this
+    # destination, each sender account must be listed separately in the
+    # policy. The policy does not support specifying `*` as the Principal or
+    # the use of the `aws:PrincipalOrgId` global key.
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html
@@ -1878,9 +1901,9 @@ module Aws::CloudWatchLogs
     # * The log events in the batch must be in chronological order by their
     #   timestamp. The timestamp is the time the event occurred, expressed
     #   as the number of milliseconds after Jan 1, 1970 00:00:00 UTC. (In
-    #   AWS Tools for PowerShell and the AWS SDK for .NET, the timestamp is
-    #   specified in .NET format: yyyy-mm-ddThh:mm:ss. For example,
-    #   2017-09-15T13:45:30.)
+    #   Amazon Web Services Tools for PowerShell and the Amazon Web Services
+    #   SDK for .NET, the timestamp is specified in .NET format:
+    #   yyyy-mm-ddThh:mm:ss. For example, 2017-09-15T13:45:30.)
     #
     # * A batch of log events in a single request cannot span more than 24
     #   hours. Otherwise, the operation fails.
@@ -1891,7 +1914,8 @@ module Aws::CloudWatchLogs
     #   requests are throttled. This quota can't be changed.
     #
     # If a call to `PutLogEvents` returns "UnrecognizedClientException"
-    # the most likely cause is an invalid AWS access key ID or secret key.
+    # the most likely cause is an invalid Amazon Web Services access key ID
+    # or secret key.
     #
     # @option params [required, String] :log_group_name
     #   The name of the log group.
@@ -1957,9 +1981,27 @@ module Aws::CloudWatchLogs
     # The maximum number of metric filters that can be associated with a log
     # group is 100.
     #
+    # When you create a metric filter, you can also optionally assign a unit
+    # and dimensions to the metric that is created.
+    #
+    # Metrics extracted from log events are charged as custom metrics. To
+    # prevent unexpected high charges, do not specify high-cardinality
+    # fields such as `IPAddress` or `requestID` as dimensions. Each
+    # different value found for a dimension is treated as a separate metric
+    # and accrues charges as a separate custom metric.
+    #
+    #  To help prevent accidental high charges, Amazon disables a metric
+    # filter if it generates 1000 different name/value pairs for the
+    # dimensions that you have specified within a certain amount of time.
+    #
+    #  You can also set up a billing alarm to alert you if your charges are
+    # higher than expected. For more information, see [ Creating a Billing
+    # Alarm to Monitor Your Estimated Amazon Web Services Charges][2].
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html
+    # [2]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html
     #
     # @option params [required, String] :log_group_name
     #   The name of the log group.
@@ -1988,6 +2030,10 @@ module Aws::CloudWatchLogs
     #         metric_namespace: "MetricNamespace", # required
     #         metric_value: "MetricValue", # required
     #         default_value: 1.0,
+    #         dimensions: {
+    #           "DimensionsKey" => "DimensionsValue",
+    #         },
+    #         unit: "Seconds", # accepts Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, None
     #       },
     #     ],
     #   })
@@ -2087,9 +2133,10 @@ module Aws::CloudWatchLogs
       req.send_request(options)
     end
 
-    # Creates or updates a resource policy allowing other AWS services to
-    # put log events to this account, such as Amazon Route 53. An account
-    # can have up to 10 resource policies per AWS Region.
+    # Creates or updates a resource policy allowing other Amazon Web
+    # Services services to put log events to this account, such as Amazon
+    # Route 53. An account can have up to 10 resource policies per Amazon
+    # Web Services Region.
     #
     # @option params [String] :policy_name
     #   Name of the new policy. This parameter is required.
@@ -2104,10 +2151,27 @@ module Aws::CloudWatchLogs
     #   `"logArn"` with the ARN of your CloudWatch Logs resource, such as a
     #   log group or log stream.
     #
+    #   CloudWatch Logs also supports [aws:SourceArn][1] and
+    #   [aws:SourceAccount][2] condition context keys.
+    #
+    #   In the example resource policy, you would replace the value of
+    #   `SourceArn` with the resource making the call from Route 53 to
+    #   CloudWatch Logs and replace the value of `SourceAccount` with the
+    #   Amazon Web Services account ID making that call.
+    #
+    #
+    #
     #   `\{ "Version": "2012-10-17", "Statement": [ \{ "Sid":
     #   "Route53LogsToCloudWatchLogs", "Effect": "Allow", "Principal": \{
-    #   "Service": [ "route53.amazonaws.com" ] \},
-    #   "Action":"logs:PutLogEvents", "Resource": "logArn" \} ] \} `
+    #   "Service": [ "route53.amazonaws.com" ] \}, "Action":
+    #   "logs:PutLogEvents", "Resource": "logArn", "Condition": \{ "ArnLike":
+    #   \{ "aws:SourceArn": "myRoute53ResourceArn" \}, "StringEquals": \{
+    #   "aws:SourceAccount": "myAwsAccountId" \} \} \} ] \}`
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourcearn
+    #   [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceaccount
     #
     # @return [Types::PutResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2147,8 +2211,12 @@ module Aws::CloudWatchLogs
     #   group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180,
     #   365, 400, 545, 731, 1827, and 3653.
     #
-    #   If you omit `retentionInDays` in a `PutRetentionPolicy` operation, the
-    #   events in the log group are always retained and never expire.
+    #   To set a log group to never have log events expire, use
+    #   [DeleteRetentionPolicy][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -2186,13 +2254,12 @@ module Aws::CloudWatchLogs
     # * An Amazon Kinesis Firehose delivery stream that belongs to the same
     #   account as the subscription filter, for same-account delivery.
     #
-    # * An AWS Lambda function that belongs to the same account as the
+    # * An Lambda function that belongs to the same account as the
     #   subscription filter, for same-account delivery.
     #
-    # There can only be one subscription filter associated with a log group.
-    # If you are updating an existing filter, you must specify the correct
-    # name in `filterName`. Otherwise, the call fails because you cannot
-    # associate a second filter with a log group.
+    # Each log group can have up to two subscription filters associated with
+    # it. If you are updating an existing filter, you must specify the
+    # correct name in `filterName`.
     #
     # To perform a `PutSubscriptionFilter` operation, you must also have the
     # `iam:PassRole` permission.
@@ -2206,10 +2273,9 @@ module Aws::CloudWatchLogs
     #
     # @option params [required, String] :filter_name
     #   A name for the subscription filter. If you are updating an existing
-    #   filter, you must specify the correct name in `filterName`. Otherwise,
-    #   the call fails because you cannot associate a second filter with a log
-    #   group. To find the name of the filter currently associated with a log
-    #   group, use [DescribeSubscriptionFilters][1].
+    #   filter, you must specify the correct name in `filterName`. To find the
+    #   name of the filter currently associated with a log group, use
+    #   [DescribeSubscriptionFilters][1].
     #
     #
     #
@@ -2228,11 +2294,20 @@ module Aws::CloudWatchLogs
     #   * A logical destination (specified using an ARN) belonging to a
     #     different account, for cross-account delivery.
     #
+    #     If you are setting up a cross-account subscription, the destination
+    #     must have an IAM policy associated with it that allows the sender to
+    #     send logs to the destination. For more information, see
+    #     [PutDestinationPolicy][1].
+    #
     #   * An Amazon Kinesis Firehose delivery stream belonging to the same
     #     account as the subscription filter, for same-account delivery.
     #
-    #   * An AWS Lambda function belonging to the same account as the
-    #     subscription filter, for same-account delivery.
+    #   * A Lambda function belonging to the same account as the subscription
+    #     filter, for same-account delivery.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestinationPolicy.html
     #
     # @option params [String] :role_arn
     #   The ARN of an IAM role that grants CloudWatch Logs permissions to
@@ -2385,11 +2460,18 @@ module Aws::CloudWatchLogs
     # For more information about tags, see [Tag Log Groups in Amazon
     # CloudWatch Logs][3] in the *Amazon CloudWatch Logs User Guide*.
     #
+    # CloudWatch Logs doesn’t support IAM policies that prevent users from
+    # assigning specified tags to log groups using the
+    # `aws:Resource/key-name ` or `aws:TagKeys` condition keys. For more
+    # information about using tags to control access, see [Controlling
+    # access to Amazon Web Services resources using tags][4].
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsLogGroup.html
     # [2]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagLogGroup.html
     # [3]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html#log-group-tagging
+    # [4]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html
     #
     # @option params [required, String] :log_group_name
     #   The name of the log group.
@@ -2463,6 +2545,10 @@ module Aws::CloudWatchLogs
     # To list the tags for a log group, use [ListTagsLogGroup][1]. To add
     # tags, use [TagLogGroup][2].
     #
+    # CloudWatch Logs doesn’t support IAM policies that prevent users from
+    # assigning specified tags to log groups using the
+    # `aws:Resource/key-name ` or `aws:TagKeys` condition keys.
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsLogGroup.html
@@ -2505,7 +2591,7 @@ module Aws::CloudWatchLogs
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cloudwatchlogs'
-      context[:gem_version] = '1.40.0'
+      context[:gem_version] = '1.44.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cloudwatchlogs/client_api.rb

@@ -58,6 +58,9 @@ module Aws::CloudWatchLogs
     DestinationArn = Shapes::StringShape.new(name: 'DestinationArn')
     DestinationName = Shapes::StringShape.new(name: 'DestinationName')
     Destinations = Shapes::ListShape.new(name: 'Destinations')
+    Dimensions = Shapes::MapShape.new(name: 'Dimensions')
+    DimensionsKey = Shapes::StringShape.new(name: 'DimensionsKey')
+    DimensionsValue = Shapes::StringShape.new(name: 'DimensionsValue')
     DisassociateKmsKeyRequest = Shapes::StructureShape.new(name: 'DisassociateKmsKeyRequest')
     Distribution = Shapes::StringShape.new(name: 'Distribution')
     EventId = Shapes::StringShape.new(name: 'EventId')
@@ -173,6 +176,7 @@ module Aws::CloudWatchLogs
     SearchedLogStreams = Shapes::ListShape.new(name: 'SearchedLogStreams')
     SequenceToken = Shapes::StringShape.new(name: 'SequenceToken')
     ServiceUnavailableException = Shapes::StructureShape.new(name: 'ServiceUnavailableException')
+    StandardUnit = Shapes::StringShape.new(name: 'StandardUnit')
     StartFromHead = Shapes::BooleanShape.new(name: 'StartFromHead')
     StartQueryRequest = Shapes::StructureShape.new(name: 'StartQueryRequest')
     StartQueryResponse = Shapes::StructureShape.new(name: 'StartQueryResponse')
@@ -358,6 +362,9 @@ module Aws::CloudWatchLogs
 
     Destinations.member = Shapes::ShapeRef.new(shape: Destination)
 
+    Dimensions.key = Shapes::ShapeRef.new(shape: DimensionsKey)
+    Dimensions.value = Shapes::ShapeRef.new(shape: DimensionsValue)
+
     DisassociateKmsKeyRequest.add_member(:log_group_name, Shapes::ShapeRef.new(shape: LogGroupName, required: true, location_name: "logGroupName"))
     DisassociateKmsKeyRequest.struct_class = Types::DisassociateKmsKeyRequest
 
@@ -525,6 +532,8 @@ module Aws::CloudWatchLogs
     MetricTransformation.add_member(:metric_namespace, Shapes::ShapeRef.new(shape: MetricNamespace, required: true, location_name: "metricNamespace"))
     MetricTransformation.add_member(:metric_value, Shapes::ShapeRef.new(shape: MetricValue, required: true, location_name: "metricValue"))
     MetricTransformation.add_member(:default_value, Shapes::ShapeRef.new(shape: DefaultValue, location_name: "defaultValue"))
+    MetricTransformation.add_member(:dimensions, Shapes::ShapeRef.new(shape: Dimensions, location_name: "dimensions"))
+    MetricTransformation.add_member(:unit, Shapes::ShapeRef.new(shape: StandardUnit, location_name: "unit"))
     MetricTransformation.struct_class = Types::MetricTransformation
 
     MetricTransformations.member = Shapes::ShapeRef.new(shape: MetricTransformation)

data/lib/aws-sdk-cloudwatchlogs/customizations.rb

@@ -2,7 +2,7 @@
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing for info on making contributions:
-# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
 #
 # WARNING ABOUT GENERATED CODE
 

data/lib/aws-sdk-cloudwatchlogs/types.rb

@@ -25,8 +25,8 @@ module Aws::CloudWatchLogs
     # @!attribute [rw] kms_key_id
     #   The Amazon Resource Name (ARN) of the CMK to use when encrypting log
     #   data. This must be a symmetric CMK. For more information, see
-    #   [Amazon Resource Names - AWS Key Management Service (AWS KMS)][1]
-    #   and [Using Symmetric and Asymmetric Keys][2].
+    #   [Amazon Resource Names - Key Management Service][1] and [Using
+    #   Symmetric and Asymmetric Keys][2].
     #
     #
     #
@@ -95,14 +95,14 @@ module Aws::CloudWatchLogs
     #   @return [Integer]
     #
     # @!attribute [rw] to
-    #   The end time of the range for the request, expressed as the number
-    #   of milliseconds after Jan 1, 1970 00:00:00 UTC. Events with a
-    #   timestamp later than this time are not exported.
+    #   The end time of the range for the request, expreswatchlogsdocused as
+    #   the number of milliseconds after Jan 1, 1970 00:00:00 UTC. Events
+    #   with a timestamp later than this time are not exported.
     #   @return [Integer]
     #
     # @!attribute [rw] destination
     #   The name of S3 bucket for the exported log data. The bucket must be
-    #   in the same AWS region.
+    #   in the same Amazon Web Services region.
     #   @return [String]
     #
     # @!attribute [rw] destination_prefix
@@ -153,8 +153,8 @@ module Aws::CloudWatchLogs
     #
     # @!attribute [rw] kms_key_id
     #   The Amazon Resource Name (ARN) of the CMK to use when encrypting log
-    #   data. For more information, see [Amazon Resource Names - AWS Key
-    #   Management Service (AWS KMS)][1].
+    #   data. For more information, see [Amazon Resource Names - Key
+    #   Management Service][1].
     #
     #
     #
@@ -163,6 +163,16 @@ module Aws::CloudWatchLogs
     #
     # @!attribute [rw] tags
     #   The key-value pairs to use for the tags.
+    #
+    #   CloudWatch Logs doesn’t support IAM policies that prevent users from
+    #   assigning specified tags to log groups using the
+    #   `aws:Resource/key-name ` or `aws:TagKeys` condition keys. For more
+    #   information about using tags to control access, see [Controlling
+    #   access to Amazon Web Services resources using tags][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html
     #   @return [Hash<String,String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/CreateLogGroupRequest AWS API Documentation
@@ -597,10 +607,10 @@ module Aws::CloudWatchLogs
     #   If you order the results by event time, you cannot specify the
     #   `logStreamNamePrefix` parameter.
     #
-    #   `lastEventTimeStamp` represents the time of the most recent log
+    #   `lastEventTimestamp` represents the time of the most recent log
     #   event in the log stream in CloudWatch Logs. This number is expressed
     #   as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
-    #   `lastEventTimeStamp` updates on an eventual consistency basis. It
+    #   `lastEventTimestamp` updates on an eventual consistency basis. It
     #   typically updates in less than an hour from ingestion, but in rare
     #   situations might take longer.
     #   @return [String]
@@ -732,7 +742,7 @@ module Aws::CloudWatchLogs
     #
     #       {
     #         log_group_name: "LogGroupName",
-    #         status: "Scheduled", # accepts Scheduled, Running, Complete, Failed, Cancelled
+    #         status: "Scheduled", # accepts Scheduled, Running, Complete, Failed, Cancelled, Timeout, Unknown
     #         max_results: 1,
     #         next_token: "NextToken",
     #       }
@@ -959,8 +969,8 @@ module Aws::CloudWatchLogs
     #   @return [String]
     #
     # @!attribute [rw] access_policy
-    #   An IAM policy document that governs which AWS accounts can create
-    #   subscription filters against this destination.
+    #   An IAM policy document that governs which Amazon Web Services
+    #   accounts can create subscription filters against this destination.
     #   @return [String]
     #
     # @!attribute [rw] arn
@@ -1144,9 +1154,6 @@ module Aws::CloudWatchLogs
     #   The start of the time range, expressed as the number of milliseconds
     #   after Jan 1, 1970 00:00:00 UTC. Events with a timestamp before this
     #   time are not returned.
-    #
-    #   If you omit `startTime` and `endTime` the most recent log events are
-    #   retrieved, to up 1 MB or 10,000 log events.
     #   @return [Integer]
     #
     # @!attribute [rw] end_time
@@ -1307,9 +1314,6 @@ module Aws::CloudWatchLogs
     # @!attribute [rw] next_token
     #   The token for the next set of items to return. (You received this
     #   token from a previous call.)
-    #
-    #   Using this token works only when you specify `true` for
-    #   `startFromHead`.
     #   @return [String]
     #
     # @!attribute [rw] limit
@@ -1323,8 +1327,9 @@ module Aws::CloudWatchLogs
     #   the value is false, the latest log events are returned first. The
     #   default value is false.
     #
-    #   If you are using `nextToken` in this operation, you must specify
-    #   `true` for `startFromHead`.
+    #   If you are using a previous `nextForwardToken` value as the
+    #   `nextToken` in this operation, you must specify `true` for
+    #   `startFromHead`.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogEventsRequest AWS API Documentation
@@ -1382,8 +1387,8 @@ module Aws::CloudWatchLogs
     #
     # @!attribute [rw] time
     #   The time to set as the center of the query. If you specify `time`,
-    #   the 8 minutes before and 8 minutes after this time are searched. If
-    #   you omit `time`, the past 15 minutes are queried.
+    #   the 15 minutes before this time are queries. If you omit `time` the
+    #   8 minutes before and 8 minutes after this time are searched.
     #
     #   The `time` value is specified as epoch time, the number of seconds
     #   since January 1, 1970, 00:00:00 UTC.
@@ -1611,8 +1616,12 @@ module Aws::CloudWatchLogs
     #   group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150,
     #   180, 365, 400, 545, 731, 1827, and 3653.
     #
-    #   If you omit `retentionInDays` in a `PutRetentionPolicy` operation,
-    #   the events in the log group are always retained and never expire.
+    #   To set a log group to never have log events expire, use
+    #   [DeleteRetentionPolicy][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html
     #   @return [Integer]
     #
     # @!attribute [rw] metric_filter_count
@@ -1829,6 +1838,10 @@ module Aws::CloudWatchLogs
     #         metric_namespace: "MetricNamespace", # required
     #         metric_value: "MetricValue", # required
     #         default_value: 1.0,
+    #         dimensions: {
+    #           "DimensionsKey" => "DimensionsValue",
+    #         },
+    #         unit: "Seconds", # accepts Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, None
     #       }
     #
     # @!attribute [rw] metric_name
@@ -1855,13 +1868,44 @@ module Aws::CloudWatchLogs
     #   log event. This value can be null.
     #   @return [Float]
     #
+    # @!attribute [rw] dimensions
+    #   The fields to use as dimensions for the metric. One metric filter
+    #   can include as many as three dimensions.
+    #
+    #   Metrics extracted from log events are charged as custom metrics. To
+    #   prevent unexpected high charges, do not specify high-cardinality
+    #   fields such as `IPAddress` or `requestID` as dimensions. Each
+    #   different value found for a dimension is treated as a separate
+    #   metric and accrues charges as a separate custom metric.
+    #
+    #    To help prevent accidental high charges, Amazon disables a metric
+    #   filter if it generates 1000 different name/value pairs for the
+    #   dimensions that you have specified within a certain amount of time.
+    #
+    #    You can also set up a billing alarm to alert you if your charges
+    #   are
+    #   higher than expected. For more information, see [ Creating a Billing
+    #   Alarm to Monitor Your Estimated Amazon Web Services Charges][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html
+    #   @return [Hash<String,String>]
+    #
+    # @!attribute [rw] unit
+    #   The unit to assign to the metric. If you omit this, the unit is set
+    #   as `None`.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/MetricTransformation AWS API Documentation
     #
     class MetricTransformation < Struct.new(
       :metric_name,
       :metric_namespace,
       :metric_value,
-      :default_value)
+      :default_value,
+      :dimensions,
+      :unit)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2053,6 +2097,10 @@ module Aws::CloudWatchLogs
     #             metric_namespace: "MetricNamespace", # required
     #             metric_value: "MetricValue", # required
     #             default_value: 1.0,
+    #             dimensions: {
+    #               "DimensionsKey" => "DimensionsValue",
+    #             },
+    #             unit: "Seconds", # accepts Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, None
     #           },
     #         ],
     #       }
@@ -2185,10 +2233,28 @@ module Aws::CloudWatchLogs
     #   Replace `"logArn"` with the ARN of your CloudWatch Logs resource,
     #   such as a log group or log stream.
     #
+    #   CloudWatch Logs also supports [aws:SourceArn][1] and
+    #   [aws:SourceAccount][2] condition context keys.
+    #
+    #   In the example resource policy, you would replace the value of
+    #   `SourceArn` with the resource making the call from Route 53 to
+    #   CloudWatch Logs and replace the value of `SourceAccount` with the
+    #   Amazon Web Services account ID making that call.
+    #
+    #
+    #
     #   `\{ "Version": "2012-10-17", "Statement": [ \{ "Sid":
     #   "Route53LogsToCloudWatchLogs", "Effect": "Allow", "Principal": \{
-    #   "Service": [ "route53.amazonaws.com" ] \},
-    #   "Action":"logs:PutLogEvents", "Resource": "logArn" \} ] \} `
+    #   "Service": [ "route53.amazonaws.com" ] \}, "Action":
+    #   "logs:PutLogEvents", "Resource": "logArn", "Condition": \{
+    #   "ArnLike": \{ "aws:SourceArn": "myRoute53ResourceArn" \},
+    #   "StringEquals": \{ "aws:SourceAccount": "myAwsAccountId" \} \} \} ]
+    #   \}`
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourcearn
+    #   [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceaccount
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutResourcePolicyRequest AWS API Documentation
@@ -2229,8 +2295,12 @@ module Aws::CloudWatchLogs
     #   group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150,
     #   180, 365, 400, 545, 731, 1827, and 3653.
     #
-    #   If you omit `retentionInDays` in a `PutRetentionPolicy` operation,
-    #   the events in the log group are always retained and never expire.
+    #   To set a log group to never have log events expire, use
+    #   [DeleteRetentionPolicy][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html
     #   @return [Integer]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutRetentionPolicyRequest AWS API Documentation
@@ -2260,10 +2330,9 @@ module Aws::CloudWatchLogs
     #
     # @!attribute [rw] filter_name
     #   A name for the subscription filter. If you are updating an existing
-    #   filter, you must specify the correct name in `filterName`.
-    #   Otherwise, the call fails because you cannot associate a second
-    #   filter with a log group. To find the name of the filter currently
-    #   associated with a log group, use [DescribeSubscriptionFilters][1].
+    #   filter, you must specify the correct name in `filterName`. To find
+    #   the name of the filter currently associated with a log group, use
+    #   [DescribeSubscriptionFilters][1].
     #
     #
     #
@@ -2284,11 +2353,20 @@ module Aws::CloudWatchLogs
     #   * A logical destination (specified using an ARN) belonging to a
     #     different account, for cross-account delivery.
     #
+    #     If you are setting up a cross-account subscription, the
+    #     destination must have an IAM policy associated with it that allows
+    #     the sender to send logs to the destination. For more information,
+    #     see [PutDestinationPolicy][1].
+    #
     #   * An Amazon Kinesis Firehose delivery stream belonging to the same
     #     account as the subscription filter, for same-account delivery.
     #
-    #   * An AWS Lambda function belonging to the same account as the
+    #   * A Lambda function belonging to the same account as the
     #     subscription filter, for same-account delivery.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestinationPolicy.html
     #   @return [String]
     #
     # @!attribute [rw] role_arn
@@ -2801,7 +2879,8 @@ module Aws::CloudWatchLogs
       include Aws::Structure
     end
 
-    # The most likely cause is an invalid AWS access key ID or secret key.
+    # The most likely cause is an invalid Amazon Web Services access key ID
+    # or secret key.
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UnrecognizedClientException AWS API Documentation
     #

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-cloudwatchlogs
 version: !ruby/object:Gem::Version
-  version: 1.40.0
+  version: 1.44.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-03-10 00:00:00.000000000 Z
+date: 2021-08-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.112.0
+        version: 3.119.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.112.0
+        version: 3.119.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement
@@ -66,8 +66,8 @@ homepage: https://github.com/aws/aws-sdk-ruby
 licenses:
 - Apache-2.0
 metadata:
-  source_code_uri: https://github.com/aws/aws-sdk-ruby/tree/master/gems/aws-sdk-cloudwatchlogs
-  changelog_uri: https://github.com/aws/aws-sdk-ruby/tree/master/gems/aws-sdk-cloudwatchlogs/CHANGELOG.md
+  source_code_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-cloudwatchlogs
+  changelog_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-cloudwatchlogs/CHANGELOG.md
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -83,8 +83,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6.2
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: AWS SDK for Ruby - Amazon CloudWatch Logs