aws-sdk-securitylake 1.2.0 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '016699452e81a8726a1c9635e073487f5c83d8192a767d6563e0c896f7159b61'
4
- data.tar.gz: '083eaed03acae97620a3190fcd76238aa23f2ea68544ad65655d466de80051d0'
3
+ metadata.gz: 8e03124dc46bcd925d122233bba64cdecbdbd6a5e8ba745bd6cf94c93c3f6a3f
4
+ data.tar.gz: 287808dabd2c67fa87b964aa8b32e92610a7e0e2a6435060ddfc8a44784431f7
5
5
  SHA512:
6
- metadata.gz: d06b3f6200c7d7422859ad9f58994968ec21ad01f22bf3069bd34c9650201a280e9f3dc55fb8c74547d2c9a5a1f9ad41a6c3012dc76256a29632cf3797cb8c22
7
- data.tar.gz: 9c7811471abfdb6ba19518f83efaf81add2e45902c9cb61e6ceace0772cbcdbfe2620789c95807302f68cefa49637d9a3a82a1ec90c643e7fbb44b39b2a39210
6
+ metadata.gz: f9220866188d7bff17acdabe8491ff73de708b5dc172241076425cf4b268a59917d1fb37a854b09268a490e63b15920aeaf890e29dae69a4fc80656fbeab2382
7
+ data.tar.gz: c4047ca0d0406b3e59a07fe88957ec5f2199c54cbd7a24e27aa0068ad5a8cd890514f9313424a4b1018a7b754a672414944fb70b379e9660488d783db8b3dc2b
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.3.0 (2023-03-15)
5
+ ------------------
6
+
7
+ * Feature - Make Create/Get/ListSubscribers APIs return resource share ARN and name so they can be used to validate the RAM resource share to accept. GetDatalake can be used to track status of UpdateDatalake and DeleteDatalake requests.
8
+
4
9
  1.2.0 (2023-01-18)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.2.0
1
+ 1.3.0
@@ -701,6 +701,8 @@ module Aws::SecurityLake
701
701
  #
702
702
  # @return [Types::CreateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
703
703
  #
704
+ # * {Types::CreateSubscriberResponse#resource_share_arn #resource_share_arn} => String
705
+ # * {Types::CreateSubscriberResponse#resource_share_name #resource_share_name} => String
704
706
  # * {Types::CreateSubscriberResponse#role_arn #role_arn} => String
705
707
  # * {Types::CreateSubscriberResponse#s3_bucket_arn #s3_bucket_arn} => String
706
708
  # * {Types::CreateSubscriberResponse#sns_arn #sns_arn} => String
@@ -724,6 +726,8 @@ module Aws::SecurityLake
724
726
  #
725
727
  # @example Response structure
726
728
  #
729
+ # resp.resource_share_arn #=> String
730
+ # resp.resource_share_name #=> String
727
731
  # resp.role_arn #=> String
728
732
  # resp.s3_bucket_arn #=> String
729
733
  # resp.sns_arn #=> String
@@ -739,7 +743,8 @@ module Aws::SecurityLake
739
743
  end
740
744
 
741
745
  # Notifies the subscriber when new data is written to the data lake for
742
- # the sources that the subscriber consumes in Security Lake.
746
+ # the sources that the subscriber consumes in Security Lake. You can
747
+ # create only one subscriber notification per subscriber.
743
748
  #
744
749
  # @option params [Boolean] :create_sqs
745
750
  # Create an Amazon Simple Queue Service queue.
@@ -755,14 +760,21 @@ module Aws::SecurityLake
755
760
  #
756
761
  # @option params [String] :role_arn
757
762
  # The Amazon Resource Name (ARN) of the EventBridge API destinations IAM
758
- # role that you created.
763
+ # role that you created. For more information about ARNs and how to use
764
+ # them in policies, see [Managing data access][1] and [Amazon Web
765
+ # Services Managed Policies][2] in the Amazon Security Lake User Guide.
766
+ #
767
+ #
768
+ #
769
+ # [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
770
+ # [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
759
771
  #
760
772
  # @option params [String] :subscription_endpoint
761
773
  # The subscription endpoint in Security Lake. If you prefer notification
762
774
  # with an HTTPs endpoint, populate this field.
763
775
  #
764
776
  # @option params [required, String] :subscription_id
765
- # The subscription ID for the notification subscription/
777
+ # The subscription ID for the notification subscription.
766
778
  #
767
779
  # @return [Types::CreateSubscriptionNotificationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
768
780
  #
@@ -927,27 +939,16 @@ module Aws::SecurityLake
927
939
  req.send_request(options)
928
940
  end
929
941
 
930
- # Automatically deletes Amazon Security Lake to stop collecting security
931
- # data. When you delete Amazon Security Lake from your account, Security
932
- # Lake is disabled in all Regions. Also, this API automatically takes
933
- # steps to remove the account from Security Lake .
934
- #
935
- # This operation disables security data collection from sources, deletes
936
- # data stored, and stops making data accessible to subscribers. Security
937
- # Lake also deletes all the existing settings and resources that it
938
- # stores or maintains for your Amazon Web Services account in the
939
- # current Region, including security log and event data. The
940
- # `DeleteDatalake` operation does not delete the Amazon S3 bucket, which
941
- # is owned by your Amazon Web Services account. For more information,
942
- # see the [Amazon Security Lake User Guide][1].
943
- #
944
- #
945
- #
946
- # [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/disable-security-lake.html
942
+ # `DeleteDatalakeAutoEnable` removes automatic enablement of
943
+ # configuration settings for new member accounts (but keeps settings for
944
+ # the delegated administrator) from Amazon Security Lake. You must run
945
+ # this API using credentials of the delegated administrator. When you
946
+ # run this API, new member accounts that are added after the
947
+ # organization enables Security Lake won't contribute to the data lake.
947
948
  #
948
949
  # @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :remove_from_configuration_for_new_accounts
949
- # Delete Amazon Security Lake with the specified configuration settings
950
- # to stop ingesting security data for new accounts in Security Lake.
950
+ # Remove automatic enablement of configuration settings for new member
951
+ # accounts in Security Lake.
951
952
  #
952
953
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
953
954
  #
@@ -1087,6 +1088,10 @@ module Aws::SecurityLake
1087
1088
  # resp.configurations["Region"].status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
1088
1089
  # resp.configurations["Region"].tags_map #=> Hash
1089
1090
  # resp.configurations["Region"].tags_map["String"] #=> String
1091
+ # resp.configurations["Region"].update_status.last_update_failure.code #=> String
1092
+ # resp.configurations["Region"].update_status.last_update_failure.reason #=> String
1093
+ # resp.configurations["Region"].update_status.last_update_request_id #=> String
1094
+ # resp.configurations["Region"].update_status.last_update_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
1090
1095
  #
1091
1096
  # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalake AWS API Documentation
1092
1097
  #
@@ -1247,6 +1252,8 @@ module Aws::SecurityLake
1247
1252
  # resp.subscriber.account_id #=> String
1248
1253
  # resp.subscriber.created_at #=> Time
1249
1254
  # resp.subscriber.external_id #=> String
1255
+ # resp.subscriber.resource_share_arn #=> String
1256
+ # resp.subscriber.resource_share_name #=> String
1250
1257
  # resp.subscriber.role_arn #=> String
1251
1258
  # resp.subscriber.s3_bucket_arn #=> String
1252
1259
  # resp.subscriber.sns_arn #=> String
@@ -1429,6 +1436,8 @@ module Aws::SecurityLake
1429
1436
  # resp.subscribers[0].account_id #=> String
1430
1437
  # resp.subscribers[0].created_at #=> Time
1431
1438
  # resp.subscribers[0].external_id #=> String
1439
+ # resp.subscribers[0].resource_share_arn #=> String
1440
+ # resp.subscribers[0].resource_share_name #=> String
1432
1441
  # resp.subscribers[0].role_arn #=> String
1433
1442
  # resp.subscribers[0].s3_bucket_arn #=> String
1434
1443
  # resp.subscribers[0].sns_arn #=> String
@@ -1596,6 +1605,8 @@ module Aws::SecurityLake
1596
1605
  # resp.subscriber.account_id #=> String
1597
1606
  # resp.subscriber.created_at #=> Time
1598
1607
  # resp.subscriber.external_id #=> String
1608
+ # resp.subscriber.resource_share_arn #=> String
1609
+ # resp.subscriber.resource_share_name #=> String
1599
1610
  # resp.subscriber.role_arn #=> String
1600
1611
  # resp.subscriber.s3_bucket_arn #=> String
1601
1612
  # resp.subscriber.sns_arn #=> String
@@ -1619,8 +1630,9 @@ module Aws::SecurityLake
1619
1630
  req.send_request(options)
1620
1631
  end
1621
1632
 
1622
- # Creates a new subscription notification or adds the existing
1623
- # subscription notification setting for the specified subscription ID.
1633
+ # Updates an existing notification method for the subscription (SQS or
1634
+ # HTTPs endpoint) or switches the notification subscription endpoint for
1635
+ # a subscriber.
1624
1636
  #
1625
1637
  # @option params [Boolean] :create_sqs
1626
1638
  # Create a new subscription notification for the specified subscription
@@ -1637,6 +1649,14 @@ module Aws::SecurityLake
1637
1649
  #
1638
1650
  # @option params [String] :role_arn
1639
1651
  # The Amazon Resource Name (ARN) specifying the role of the subscriber.
1652
+ # For more information about ARNs and how to use them in policies, see,
1653
+ # see the [Managing data access][1] and [Amazon Web Services Managed
1654
+ # Policies][2]in the Amazon Security Lake User Guide.
1655
+ #
1656
+ #
1657
+ #
1658
+ # [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
1659
+ # [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
1640
1660
  #
1641
1661
  # @option params [String] :subscription_endpoint
1642
1662
  # The subscription endpoint in Security Lake.
@@ -1687,7 +1707,7 @@ module Aws::SecurityLake
1687
1707
  params: params,
1688
1708
  config: config)
1689
1709
  context[:gem_name] = 'aws-sdk-securitylake'
1690
- context[:gem_version] = '1.2.0'
1710
+ context[:gem_version] = '1.3.0'
1691
1711
  Seahorse::Client::Request.new(handlers, context)
1692
1712
  end
1693
1713
 
@@ -97,6 +97,7 @@ module Aws::SecurityLake
97
97
  LakeConfigurationRequestMap = Shapes::MapShape.new(name: 'LakeConfigurationRequestMap')
98
98
  LakeConfigurationResponse = Shapes::StructureShape.new(name: 'LakeConfigurationResponse')
99
99
  LakeConfigurationResponseMap = Shapes::MapShape.new(name: 'LakeConfigurationResponseMap')
100
+ LastUpdateFailure = Shapes::StructureShape.new(name: 'LastUpdateFailure')
100
101
  ListDatalakeExceptionsRequest = Shapes::StructureShape.new(name: 'ListDatalakeExceptionsRequest')
101
102
  ListDatalakeExceptionsResponse = Shapes::StructureShape.new(name: 'ListDatalakeExceptionsResponse')
102
103
  ListLogSourcesRequest = Shapes::StructureShape.new(name: 'ListLogSourcesRequest')
@@ -112,6 +113,8 @@ module Aws::SecurityLake
112
113
  RegionSet = Shapes::ListShape.new(name: 'RegionSet')
113
114
  RegionSourceTypesAccountsList = Shapes::ListShape.new(name: 'RegionSourceTypesAccountsList')
114
115
  ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
116
+ ResourceShareArn = Shapes::StringShape.new(name: 'ResourceShareArn')
117
+ ResourceShareName = Shapes::StringShape.new(name: 'ResourceShareName')
115
118
  RetentionSetting = Shapes::StructureShape.new(name: 'RetentionSetting')
116
119
  RetentionSettingList = Shapes::ListShape.new(name: 'RetentionSettingList')
117
120
  RetentionSettingRetentionPeriodInteger = Shapes::IntegerShape.new(name: 'RetentionSettingRetentionPeriodInteger')
@@ -142,6 +145,7 @@ module Aws::SecurityLake
142
145
  UpdateDatalakeExceptionsSubscriptionResponse = Shapes::StructureShape.new(name: 'UpdateDatalakeExceptionsSubscriptionResponse')
143
146
  UpdateDatalakeRequest = Shapes::StructureShape.new(name: 'UpdateDatalakeRequest')
144
147
  UpdateDatalakeResponse = Shapes::StructureShape.new(name: 'UpdateDatalakeResponse')
148
+ UpdateStatus = Shapes::StructureShape.new(name: 'UpdateStatus')
145
149
  UpdateSubscriberRequest = Shapes::StructureShape.new(name: 'UpdateSubscriberRequest')
146
150
  UpdateSubscriberRequestSubscriberNameString = Shapes::StringShape.new(name: 'UpdateSubscriberRequestSubscriberNameString')
147
151
  UpdateSubscriberResponse = Shapes::StructureShape.new(name: 'UpdateSubscriberResponse')
@@ -155,6 +159,7 @@ module Aws::SecurityLake
155
159
  ValueSet = Shapes::ListShape.new(name: 'ValueSet')
156
160
  settingsStatus = Shapes::StringShape.new(name: 'settingsStatus')
157
161
 
162
+ AccessDeniedException.add_member(:error_code, Shapes::ShapeRef.new(shape: String, location_name: "errorCode"))
158
163
  AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
159
164
  AccessDeniedException.struct_class = Types::AccessDeniedException
160
165
 
@@ -256,6 +261,8 @@ module Aws::SecurityLake
256
261
  CreateSubscriberRequest.add_member(:subscriber_name, Shapes::ShapeRef.new(shape: CreateSubscriberRequestSubscriberNameString, required: true, location_name: "subscriberName"))
257
262
  CreateSubscriberRequest.struct_class = Types::CreateSubscriberRequest
258
263
 
264
+ CreateSubscriberResponse.add_member(:resource_share_arn, Shapes::ShapeRef.new(shape: ResourceShareArn, location_name: "resourceShareArn"))
265
+ CreateSubscriberResponse.add_member(:resource_share_name, Shapes::ShapeRef.new(shape: ResourceShareName, location_name: "resourceShareName"))
259
266
  CreateSubscriberResponse.add_member(:role_arn, Shapes::ShapeRef.new(shape: RoleArn, location_name: "roleArn"))
260
267
  CreateSubscriberResponse.add_member(:s3_bucket_arn, Shapes::ShapeRef.new(shape: S3BucketArn, location_name: "s3BucketArn"))
261
268
  CreateSubscriberResponse.add_member(:sns_arn, Shapes::ShapeRef.new(shape: SnsTopicArn, location_name: "snsArn"))
@@ -398,11 +405,16 @@ module Aws::SecurityLake
398
405
  LakeConfigurationResponse.add_member(:s3_bucket_arn, Shapes::ShapeRef.new(shape: S3BucketArn, location_name: "s3BucketArn"))
399
406
  LakeConfigurationResponse.add_member(:status, Shapes::ShapeRef.new(shape: settingsStatus, location_name: "status"))
400
407
  LakeConfigurationResponse.add_member(:tags_map, Shapes::ShapeRef.new(shape: TagsMap, location_name: "tagsMap"))
408
+ LakeConfigurationResponse.add_member(:update_status, Shapes::ShapeRef.new(shape: UpdateStatus, location_name: "updateStatus"))
401
409
  LakeConfigurationResponse.struct_class = Types::LakeConfigurationResponse
402
410
 
403
411
  LakeConfigurationResponseMap.key = Shapes::ShapeRef.new(shape: Region)
404
412
  LakeConfigurationResponseMap.value = Shapes::ShapeRef.new(shape: LakeConfigurationResponse)
405
413
 
414
+ LastUpdateFailure.add_member(:code, Shapes::ShapeRef.new(shape: String, location_name: "code"))
415
+ LastUpdateFailure.add_member(:reason, Shapes::ShapeRef.new(shape: String, location_name: "reason"))
416
+ LastUpdateFailure.struct_class = Types::LastUpdateFailure
417
+
406
418
  ListDatalakeExceptionsRequest.add_member(:max_failures, Shapes::ShapeRef.new(shape: Integer, location_name: "maxFailures"))
407
419
  ListDatalakeExceptionsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: SafeString, location_name: "nextToken"))
408
420
  ListDatalakeExceptionsRequest.add_member(:region_set, Shapes::ShapeRef.new(shape: RegionSet, location_name: "regionSet"))
@@ -483,6 +495,8 @@ module Aws::SecurityLake
483
495
  SubscriberResource.add_member(:account_id, Shapes::ShapeRef.new(shape: AwsAccountId, required: true, location_name: "accountId"))
484
496
  SubscriberResource.add_member(:created_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "createdAt"))
485
497
  SubscriberResource.add_member(:external_id, Shapes::ShapeRef.new(shape: SafeString, location_name: "externalId"))
498
+ SubscriberResource.add_member(:resource_share_arn, Shapes::ShapeRef.new(shape: ResourceShareArn, location_name: "resourceShareArn"))
499
+ SubscriberResource.add_member(:resource_share_name, Shapes::ShapeRef.new(shape: ResourceShareName, location_name: "resourceShareName"))
486
500
  SubscriberResource.add_member(:role_arn, Shapes::ShapeRef.new(shape: RoleArn, location_name: "roleArn"))
487
501
  SubscriberResource.add_member(:s3_bucket_arn, Shapes::ShapeRef.new(shape: S3BucketArn, location_name: "s3BucketArn"))
488
502
  SubscriberResource.add_member(:sns_arn, Shapes::ShapeRef.new(shape: SnsTopicArn, location_name: "snsArn"))
@@ -524,6 +538,11 @@ module Aws::SecurityLake
524
538
 
525
539
  UpdateDatalakeResponse.struct_class = Types::UpdateDatalakeResponse
526
540
 
541
+ UpdateStatus.add_member(:last_update_failure, Shapes::ShapeRef.new(shape: LastUpdateFailure, location_name: "lastUpdateFailure"))
542
+ UpdateStatus.add_member(:last_update_request_id, Shapes::ShapeRef.new(shape: String, location_name: "lastUpdateRequestId"))
543
+ UpdateStatus.add_member(:last_update_status, Shapes::ShapeRef.new(shape: settingsStatus, location_name: "lastUpdateStatus"))
544
+ UpdateStatus.struct_class = Types::UpdateStatus
545
+
527
546
  UpdateSubscriberRequest.add_member(:external_id, Shapes::ShapeRef.new(shape: SafeString, location_name: "externalId"))
528
547
  UpdateSubscriberRequest.add_member(:id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "id"))
529
548
  UpdateSubscriberRequest.add_member(:source_types, Shapes::ShapeRef.new(shape: SourceTypeList, required: true, location_name: "sourceTypes"))
@@ -50,9 +50,6 @@ module Aws::SecurityLake
50
50
 
51
51
  def initialize(options = {})
52
52
  self[:region] = options[:region]
53
- if self[:region].nil?
54
- raise ArgumentError, "Missing required EndpointParameter: :region"
55
- end
56
53
  self[:use_dual_stack] = options[:use_dual_stack]
57
54
  self[:use_dual_stack] = false if self[:use_dual_stack].nil?
58
55
  if self[:use_dual_stack].nil?
@@ -14,36 +14,39 @@ module Aws::SecurityLake
14
14
  use_dual_stack = parameters.use_dual_stack
15
15
  use_fips = parameters.use_fips
16
16
  endpoint = parameters.endpoint
17
- if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
18
- if Aws::Endpoints::Matchers.set?(endpoint)
19
- if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
20
- raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
21
- end
22
- if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
23
- raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
24
- end
25
- return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
26
- end
27
- if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
28
- if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
29
- return Aws::Endpoints::Endpoint.new(url: "https://securitylake-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
30
- end
31
- raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
32
- end
17
+ if Aws::Endpoints::Matchers.set?(endpoint)
33
18
  if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
34
- if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
35
- return Aws::Endpoints::Endpoint.new(url: "https://securitylake-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
36
- end
37
- raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
19
+ raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
38
20
  end
39
21
  if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
40
- if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
41
- return Aws::Endpoints::Endpoint.new(url: "https://securitylake.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
22
+ raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
23
+ end
24
+ return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
25
+ end
26
+ if Aws::Endpoints::Matchers.set?(region)
27
+ if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
28
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
29
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
30
+ return Aws::Endpoints::Endpoint.new(url: "https://securitylake-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
31
+ end
32
+ raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
33
+ end
34
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
35
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
36
+ return Aws::Endpoints::Endpoint.new(url: "https://securitylake-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
37
+ end
38
+ raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
39
+ end
40
+ if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
41
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
42
+ return Aws::Endpoints::Endpoint.new(url: "https://securitylake.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
43
+ end
44
+ raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
42
45
  end
43
- raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
46
+ return Aws::Endpoints::Endpoint.new(url: "https://securitylake.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
44
47
  end
45
- return Aws::Endpoints::Endpoint.new(url: "https://securitylake.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
46
48
  end
49
+ raise ArgumentError, "Invalid Configuration: Missing Region"
47
50
  raise ArgumentError, 'No endpoint could be resolved'
48
51
 
49
52
  end
@@ -58,6 +58,11 @@ module Aws::SecurityLake
58
58
  super(context, message, data)
59
59
  end
60
60
 
61
+ # @return [String]
62
+ def error_code
63
+ @data[:error_code]
64
+ end
65
+
61
66
  # @return [String]
62
67
  def message
63
68
  @message || @data[:message]
@@ -17,12 +17,18 @@ module Aws::SecurityLake
17
17
  # Services action. An implicit denial occurs when there is no applicable
18
18
  # Deny statement and also no applicable Allow statement.
19
19
  #
20
+ # @!attribute [rw] error_code
21
+ # A coded string to provide more information about the access denied
22
+ # exception. You can use the error code to check the exception type.
23
+ # @return [String]
24
+ #
20
25
  # @!attribute [rw] message
21
26
  # @return [String]
22
27
  #
23
28
  # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/AccessDeniedException AWS API Documentation
24
29
  #
25
30
  class AccessDeniedException < Struct.new(
31
+ :error_code,
26
32
  :message)
27
33
  SENSITIVE = []
28
34
  include Aws::Structure
@@ -452,15 +458,24 @@ module Aws::SecurityLake
452
458
  include Aws::Structure
453
459
  end
454
460
 
461
+ # @!attribute [rw] resource_share_arn
462
+ # The Amazon Resource Name (ARN) which uniquely defines the AWS RAM
463
+ # resource share. Before accepting the RAM resource share invitation,
464
+ # you can view details related to the RAM resource share.
465
+ # @return [String]
466
+ #
467
+ # @!attribute [rw] resource_share_name
468
+ # The name of the resource share.
469
+ # @return [String]
470
+ #
455
471
  # @!attribute [rw] role_arn
456
472
  # The Amazon Resource Name (ARN) created by you to provide to the
457
473
  # subscriber. For more information about ARNs and how to use them in
458
- # policies, see [IAM identifiers in the Identity and Access Management
459
- # (IAM) User Guide][1]. .
474
+ # policies, see [Amazon Security Lake User Guide][1].
460
475
  #
461
476
  #
462
477
  #
463
- # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html
478
+ # [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html
464
479
  # @return [String]
465
480
  #
466
481
  # @!attribute [rw] s3_bucket_arn
@@ -478,6 +493,8 @@ module Aws::SecurityLake
478
493
  # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberResponse AWS API Documentation
479
494
  #
480
495
  class CreateSubscriberResponse < Struct.new(
496
+ :resource_share_arn,
497
+ :resource_share_name,
481
498
  :role_arn,
482
499
  :s3_bucket_arn,
483
500
  :sns_arn,
@@ -504,7 +521,15 @@ module Aws::SecurityLake
504
521
  #
505
522
  # @!attribute [rw] role_arn
506
523
  # The Amazon Resource Name (ARN) of the EventBridge API destinations
507
- # IAM role that you created.
524
+ # IAM role that you created. For more information about ARNs and how
525
+ # to use them in policies, see [Managing data access][1] and [Amazon
526
+ # Web Services Managed Policies][2] in the Amazon Security Lake User
527
+ # Guide.
528
+ #
529
+ #
530
+ #
531
+ # [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
532
+ # [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
508
533
  # @return [String]
509
534
  #
510
535
  # @!attribute [rw] subscription_endpoint
@@ -513,7 +538,7 @@ module Aws::SecurityLake
513
538
  # @return [String]
514
539
  #
515
540
  # @!attribute [rw] subscription_id
516
- # The subscription ID for the notification subscription/
541
+ # The subscription ID for the notification subscription.
517
542
  # @return [String]
518
543
  #
519
544
  # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriptionNotificationConfigurationRequest AWS API Documentation
@@ -619,9 +644,8 @@ module Aws::SecurityLake
619
644
  end
620
645
 
621
646
  # @!attribute [rw] remove_from_configuration_for_new_accounts
622
- # Delete Amazon Security Lake with the specified configuration
623
- # settings to stop ingesting security data for new accounts in
624
- # Security Lake.
647
+ # Remove automatic enablement of configuration settings for new member
648
+ # accounts in Security Lake.
625
649
  # @return [Array<Types::AutoEnableNewRegionConfiguration>]
626
650
  #
627
651
  # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeAutoEnableRequest AWS API Documentation
@@ -1056,6 +1080,11 @@ module Aws::SecurityLake
1056
1080
  # define.
1057
1081
  # @return [Hash<String,String>]
1058
1082
  #
1083
+ # @!attribute [rw] update_status
1084
+ # The status of the last `UpdateDatalake `or `DeleteDatalake` API
1085
+ # request.
1086
+ # @return [Types::UpdateStatus]
1087
+ #
1059
1088
  # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/LakeConfigurationResponse AWS API Documentation
1060
1089
  #
1061
1090
  class LakeConfigurationResponse < Struct.new(
@@ -1065,7 +1094,30 @@ module Aws::SecurityLake
1065
1094
  :retention_settings,
1066
1095
  :s3_bucket_arn,
1067
1096
  :status,
1068
- :tags_map)
1097
+ :tags_map,
1098
+ :update_status)
1099
+ SENSITIVE = []
1100
+ include Aws::Structure
1101
+ end
1102
+
1103
+ # The details of the last `UpdateDatalake` or `DeleteDatalake` API
1104
+ # request which failed.
1105
+ #
1106
+ # @!attribute [rw] code
1107
+ # The reason code for the failure of the last `UpdateDatalake` or
1108
+ # `DeleteDatalake` API request.
1109
+ # @return [String]
1110
+ #
1111
+ # @!attribute [rw] reason
1112
+ # The reason for the failure of the last `UpdateDatalake`or
1113
+ # `DeleteDatalake` API request.
1114
+ # @return [String]
1115
+ #
1116
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/LastUpdateFailure AWS API Documentation
1117
+ #
1118
+ class LastUpdateFailure < Struct.new(
1119
+ :code,
1120
+ :reason)
1069
1121
  SENSITIVE = []
1070
1122
  include Aws::Structure
1071
1123
  end
@@ -1431,6 +1483,19 @@ module Aws::SecurityLake
1431
1483
  # the role to be assumed only under specific circumstances.
1432
1484
  # @return [String]
1433
1485
  #
1486
+ # @!attribute [rw] resource_share_arn
1487
+ # The Amazon Resource Name (ARN) which uniquely defines the AWS RAM
1488
+ # resource share. Before accepting the RAM resource share invitation,
1489
+ # you can view details related to the RAM resource share.
1490
+ #
1491
+ # This field is available only for Lake Formation subscribers created
1492
+ # after March 8, 2023.
1493
+ # @return [String]
1494
+ #
1495
+ # @!attribute [rw] resource_share_name
1496
+ # The name of the resource share.
1497
+ # @return [String]
1498
+ #
1434
1499
  # @!attribute [rw] role_arn
1435
1500
  # The Amazon Resource Name (ARN) specifying the role of the
1436
1501
  # subscriber.
@@ -1488,6 +1553,8 @@ module Aws::SecurityLake
1488
1553
  :account_id,
1489
1554
  :created_at,
1490
1555
  :external_id,
1556
+ :resource_share_arn,
1557
+ :resource_share_name,
1491
1558
  :role_arn,
1492
1559
  :s3_bucket_arn,
1493
1560
  :sns_arn,
@@ -1586,6 +1653,35 @@ module Aws::SecurityLake
1586
1653
  #
1587
1654
  class UpdateDatalakeResponse < Aws::EmptyStructure; end
1588
1655
 
1656
+ # The status of the last `UpdateDatalake` or `DeleteDatalake` API
1657
+ # request. This is set to Completed after the configuration is updated,
1658
+ # or removed if deletion of the data lake is successful.
1659
+ #
1660
+ # @!attribute [rw] last_update_failure
1661
+ # The details of the last `UpdateDatalake`or `DeleteDatalake` API
1662
+ # request which failed.
1663
+ # @return [Types::LastUpdateFailure]
1664
+ #
1665
+ # @!attribute [rw] last_update_request_id
1666
+ # The unique ID for the `UpdateDatalake` or `DeleteDatalake` API
1667
+ # request.
1668
+ # @return [String]
1669
+ #
1670
+ # @!attribute [rw] last_update_status
1671
+ # The status of the last `UpdateDatalake` or `DeleteDatalake` API
1672
+ # request that was requested.
1673
+ # @return [String]
1674
+ #
1675
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateStatus AWS API Documentation
1676
+ #
1677
+ class UpdateStatus < Struct.new(
1678
+ :last_update_failure,
1679
+ :last_update_request_id,
1680
+ :last_update_status)
1681
+ SENSITIVE = []
1682
+ include Aws::Structure
1683
+ end
1684
+
1589
1685
  # @!attribute [rw] external_id
1590
1686
  # The external ID of the Security Lake account.
1591
1687
  # @return [String]
@@ -1656,7 +1752,14 @@ module Aws::SecurityLake
1656
1752
  #
1657
1753
  # @!attribute [rw] role_arn
1658
1754
  # The Amazon Resource Name (ARN) specifying the role of the
1659
- # subscriber.
1755
+ # subscriber. For more information about ARNs and how to use them in
1756
+ # policies, see, see the [Managing data access][1] and [Amazon Web
1757
+ # Services Managed Policies][2]in the Amazon Security Lake User Guide.
1758
+ #
1759
+ #
1760
+ #
1761
+ # [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
1762
+ # [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
1660
1763
  # @return [String]
1661
1764
  #
1662
1765
  # @!attribute [rw] subscription_endpoint
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-securitylake/customizations'
52
52
  # @!group service
53
53
  module Aws::SecurityLake
54
54
 
55
- GEM_VERSION = '1.2.0'
55
+ GEM_VERSION = '1.3.0'
56
56
 
57
57
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-securitylake
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.0
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-18 00:00:00.000000000 Z
11
+ date: 2023-03-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core