RubyGems - aws-sdk-securitylake - Versions diffs - 1.3.0 → 1.4.0 - Mend

aws-sdk-securitylake 1.3.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-securitylake/client.rb +730 -665
data/lib/aws-sdk-securitylake/client_api.rb +577 -614
data/lib/aws-sdk-securitylake/endpoints.rb +19 -47
data/lib/aws-sdk-securitylake/errors.rb +7 -190
data/lib/aws-sdk-securitylake/plugins/endpoints.rb +36 -40
data/lib/aws-sdk-securitylake/types.rb +1046 -1018
data/lib/aws-sdk-securitylake.rb +1 -1
metadata +2 -2

data/lib/aws-sdk-securitylake/types.rb CHANGED Viewed

@@ -34,102 +34,90 @@ module Aws::SecurityLake
       include Aws::Structure
     end
-    # Amazon Security Lake cannot find an Amazon Web Services account with
-    # the accountID that you specified, or the account whose credentials you
-    # used to make this request isn't a member of an organization.
+    # The AWS identity.
     #
-    # @!attribute [rw] message
+    # @!attribute [rw] external_id
+    #   The external ID used to estalish trust relationship with the AWS
+    #   identity.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/AccountNotFoundException AWS API Documentation
+    # @!attribute [rw] principal
+    #   The AWS identity principal.
+    #   @return [String]
     #
-    class AccountNotFoundException < Struct.new(
-      :message)
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/AwsIdentity AWS API Documentation
+    #
+    class AwsIdentity < Struct.new(
+      :external_id,
+      :principal)
       SENSITIVE = []
       include Aws::Structure
     end
-    # Amazon Security Lake collects logs and events from supported Amazon
-    # Web Services and custom sources. For the list of supported Amazon Web
-    # Services, see the [Amazon Security Lake User Guide][1].
-    #
+    # The Security Lake logs source configuration file describes the
+    # information needed to generate Security Lake logs.
     #
+    # @!attribute [rw] accounts
+    #   Specify the Amazon Web Services account information where you want
+    #   to enable Security Lake.
+    #   @return [Array<String>]
     #
-    # [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html
-    #
-    # @!attribute [rw] account
-    #   The ID of the Security Lake account for which logs are collected.
-    #   @return [String]
+    # @!attribute [rw] regions
+    #   Specify the Regions where you want to enable Security Lake.
+    #   @return [Array<String>]
     #
-    # @!attribute [rw] event_class
-    #   Initializes a new instance of the Event class.
+    # @!attribute [rw] source_name
+    #   The name for a Amazon Web Services source. This must be a Regionally
+    #   unique value.
     #   @return [String]
     #
-    # @!attribute [rw] logs_status
-    #   The log status for the Security Lake account.
-    #   @return [Array<Types::LogsStatus>]
-    #
-    # @!attribute [rw] source_type
-    #   The supported Amazon Web Services from which logs and events are
-    #   collected. Amazon Security Lake supports log and event collection
-    #   for natively supported Amazon Web Services.
+    # @!attribute [rw] source_version
+    #   The version for a Amazon Web Services source. This must be a
+    #   Regionally unique value.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/AccountSources AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/AwsLogSourceConfiguration AWS API Documentation
     #
-    class AccountSources < Struct.new(
-      :account,
-      :event_class,
-      :logs_status,
-      :source_type)
+    class AwsLogSourceConfiguration < Struct.new(
+      :accounts,
+      :regions,
+      :source_name,
+      :source_version)
       SENSITIVE = []
       include Aws::Structure
     end
-    # Automatically enable new organization accounts as member accounts from
-    # an Amazon Security Lake administrator account.
+    # Amazon Security Lake can collect logs and events from
+    # natively-supported Amazon Web Services services.
     #
-    # @!attribute [rw] region
-    #   The Amazon Web Services Regions where Security Lake is automatically
-    #   enabled.
+    # @!attribute [rw] source_name
+    #   The name for a Amazon Web Services source. This must be a Regionally
+    #   unique value.
     #   @return [String]
     #
-    # @!attribute [rw] sources
-    #   The Amazon Web Services sources that are automatically enabled in
-    #   Security Lake.
-    #   @return [Array<String>]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/AutoEnableNewRegionConfiguration AWS API Documentation
-    #
-    class AutoEnableNewRegionConfiguration < Struct.new(
-      :region,
-      :sources)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # Amazon Security Lake generally returns 404 errors if the requested
-    # object is missing from the bucket.
-    #
-    # @!attribute [rw] message
+    # @!attribute [rw] source_version
+    #   The version for a Amazon Web Services source. This must be a
+    #   Regionally unique value.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/BucketNotFoundException AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/AwsLogSourceResource AWS API Documentation
     #
-    class BucketNotFoundException < Struct.new(
-      :message)
+    class AwsLogSourceResource < Struct.new(
+      :source_name,
+      :source_version)
       SENSITIVE = []
       include Aws::Structure
     end
-    # More than one process tried to modify a resource at the same time.
+    # The request is malformed or contains an error such as an invalid
+    # parameter value or a missing required parameter.
     #
     # @!attribute [rw] message
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ConcurrentModificationException AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/BadRequestException AWS API Documentation
     #
-    class ConcurrentModificationException < Struct.new(
+    class BadRequestException < Struct.new(
       :message)
       SENSITIVE = []
       include Aws::Structure
@@ -144,8 +132,8 @@ module Aws::SecurityLake
     # @!attribute [rw] message
     #   @return [String]
     #
-    # @!attribute [rw] resource_id
-    #   A conflict occurred when prompting for the Resource ID.
+    # @!attribute [rw] resource_name
+    #   The resource name.
     #   @return [String]
     #
     # @!attribute [rw] resource_type
@@ -156,102 +144,344 @@ module Aws::SecurityLake
     #
     class ConflictException < Struct.new(
       :message,
-      :resource_id,
+      :resource_name,
       :resource_type)
       SENSITIVE = []
       include Aws::Structure
     end
-    # There was a conflict when you attempted to modify a Security Lake
-    # source name.
+    # @!attribute [rw] sources
+    #   Specify the natively-supported Amazon Web Services service to add as
+    #   a source in Security Lake.
+    #   @return [Array<Types::AwsLogSourceConfiguration>]
     #
-    # @!attribute [rw] message
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateAwsLogSourceRequest AWS API Documentation
+    #
+    class CreateAwsLogSourceRequest < Struct.new(
+      :sources)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] failed
+    #   Lists all accounts in which enabling a natively supported Amazon Web
+    #   Service as a Security Lake source failed. The failure occurred as
+    #   these accounts are not part of an organization.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateAwsLogSourceResponse AWS API Documentation
+    #
+    class CreateAwsLogSourceResponse < Struct.new(
+      :failed)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] configuration
+    #   The configuration for the third-party custom source.
+    #   @return [Types::CustomLogSourceConfiguration]
+    #
+    # @!attribute [rw] event_classes
+    #   The Open Cybersecurity Schema Framework (OCSF) event classes which
+    #   describes the type of data that the custom source will send to
+    #   Security Lake. The supported event classes are:
+    #
+    #   * `ACCESS_ACTIVITY`
+    #
+    #   * `FILE_ACTIVITY`
+    #
+    #   * `KERNEL_ACTIVITY`
+    #
+    #   * `KERNEL_EXTENSION`
+    #
+    #   * `MEMORY_ACTIVITY`
+    #
+    #   * `MODULE_ACTIVITY`
+    #
+    #   * `PROCESS_ACTIVITY`
+    #
+    #   * `REGISTRY_KEY_ACTIVITY`
+    #
+    #   * `REGISTRY_VALUE_ACTIVITY`
+    #
+    #   * `RESOURCE_ACTIVITY`
+    #
+    #   * `SCHEDULED_JOB_ACTIVITY`
+    #
+    #   * `SECURITY_FINDING`
+    #
+    #   * `ACCOUNT_CHANGE`
+    #
+    #   * `AUTHENTICATION`
+    #
+    #   * `AUTHORIZATION`
+    #
+    #   * `ENTITY_MANAGEMENT_AUDIT`
+    #
+    #   * `DHCP_ACTIVITY`
+    #
+    #   * `NETWORK_ACTIVITY`
+    #
+    #   * `DNS_ACTIVITY`
+    #
+    #   * `FTP_ACTIVITY`
+    #
+    #   * `HTTP_ACTIVITY`
+    #
+    #   * `RDP_ACTIVITY`
+    #
+    #   * `SMB_ACTIVITY`
+    #
+    #   * `SSH_ACTIVITY`
+    #
+    #   * `CONFIG_STATE`
+    #
+    #   * `INVENTORY_INFO`
+    #
+    #   * `EMAIL_ACTIVITY`
+    #
+    #   * `API_ACTIVITY`
+    #
+    #   * `CLOUD_API`
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] source_name
+    #   Specify the name for a third-party custom source. This must be a
+    #   Regionally unique value.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ConflictSourceNamesException AWS API Documentation
+    # @!attribute [rw] source_version
+    #   Specify the source version for the third-party custom source, to
+    #   limit log collection to a specific version of custom data source.
+    #   @return [String]
     #
-    class ConflictSourceNamesException < Struct.new(
-      :message)
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateCustomLogSourceRequest AWS API Documentation
+    #
+    class CreateCustomLogSourceRequest < Struct.new(
+      :configuration,
+      :event_classes,
+      :source_name,
+      :source_version)
       SENSITIVE = []
       include Aws::Structure
     end
-    # A conflicting subscription exception operation is in progress.
+    # @!attribute [rw] source
+    #   The created third-party custom source.
+    #   @return [Types::CustomLogSourceResource]
     #
-    # @!attribute [rw] message
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateCustomLogSourceResponse AWS API Documentation
+    #
+    class CreateCustomLogSourceResponse < Struct.new(
+      :source)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] exception_time_to_live
+    #   The expiration period and time-to-live (TTL).
+    #   @return [Integer]
+    #
+    # @!attribute [rw] notification_endpoint
+    #   The Amazon Web Services account where you want to receive exception
+    #   notifications.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ConflictSubscriptionException AWS API Documentation
+    # @!attribute [rw] subscription_protocol
+    #   The subscription protocol to which exception notifications are
+    #   posted.
+    #   @return [String]
     #
-    class ConflictSubscriptionException < Struct.new(
-      :message)
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeExceptionSubscriptionRequest AWS API Documentation
+    #
+    class CreateDataLakeExceptionSubscriptionRequest < Struct.new(
+      :exception_time_to_live,
+      :notification_endpoint,
+      :subscription_protocol)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] enable_all_dimensions
-    #   Enables data collection from specific Amazon Web Services sources in
-    #   all specific accounts and specific Regions.
-    #   @return [Hash<String,Hash<String,Array<String>>>]
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeExceptionSubscriptionResponse AWS API Documentation
     #
-    # @!attribute [rw] enable_single_dimension
-    #   Enables data collection from all Amazon Web Services sources in
-    #   specific accounts or Regions.
-    #   @return [Array<String>]
+    class CreateDataLakeExceptionSubscriptionResponse < Aws::EmptyStructure; end
+    # @!attribute [rw] auto_enable_new_account
+    #   Enable Security Lake with the specified configuration settings, to
+    #   begin collecting security data for new accounts in your
+    #   organization.
+    #   @return [Array<Types::DataLakeAutoEnableNewAccountConfiguration>]
     #
-    # @!attribute [rw] enable_two_dimensions
-    #   Enables data collection from specific Amazon Web Services sources in
-    #   specific accounts or Regions.
-    #   @return [Hash<String,Array<String>>]
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeOrganizationConfigurationRequest AWS API Documentation
     #
-    # @!attribute [rw] input_order
-    #   Specifies the input order to enable dimensions in Security Lake,
-    #   namely Region, source type, and member account.
-    #   @return [Array<String>]
+    class CreateDataLakeOrganizationConfigurationRequest < Struct.new(
+      :auto_enable_new_account)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeOrganizationConfigurationResponse AWS API Documentation
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateAwsLogSourceRequest AWS API Documentation
+    class CreateDataLakeOrganizationConfigurationResponse < Aws::EmptyStructure; end
+    # @!attribute [rw] configurations
+    #   Specify the Region or Regions that will contribute data to the
+    #   rollup region.
+    #   @return [Array<Types::DataLakeConfiguration>]
     #
-    class CreateAwsLogSourceRequest < Struct.new(
-      :enable_all_dimensions,
-      :enable_single_dimension,
-      :enable_two_dimensions,
-      :input_order)
+    # @!attribute [rw] meta_store_manager_role_arn
+    #   The Amazon Resource Name (ARN) used to create and update the Glue
+    #   table. This table contains partitions generated by the ingestion and
+    #   normalization of Amazon Web Services log sources and custom sources.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeRequest AWS API Documentation
+    #
+    class CreateDataLakeRequest < Struct.new(
+      :configurations,
+      :meta_store_manager_role_arn)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] failed
-    #   Lists all accounts in which enabling a natively supported Amazon Web
-    #   Service as a Security Lake source failed. The failure occurred as
-    #   these accounts are not part of an organization.
-    #   @return [Array<String>]
+    # @!attribute [rw] data_lakes
+    #   The created Security Lake configuration object.
+    #   @return [Array<Types::DataLakeResource>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeResponse AWS API Documentation
+    #
+    class CreateDataLakeResponse < Struct.new(
+      :data_lakes)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] configuration
+    #   Specify the configuration using which you want to create the
+    #   subscriber notification.
+    #   @return [Types::NotificationConfiguration]
+    #
+    # @!attribute [rw] subscriber_id
+    #   The subscriber ID for the notification subscription.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberNotificationRequest AWS API Documentation
+    #
+    class CreateSubscriberNotificationRequest < Struct.new(
+      :configuration,
+      :subscriber_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] subscriber_endpoint
+    #   The subscriber endpoint to which exception messages are posted.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberNotificationResponse AWS API Documentation
     #
-    # @!attribute [rw] processing
-    #   Lists the accounts that are in the process of enabling a natively
-    #   supported Amazon Web Service as a Security Lake source.
+    class CreateSubscriberNotificationResponse < Struct.new(
+      :subscriber_endpoint)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] access_types
+    #   The Amazon S3 or Lake Formation access type.
     #   @return [Array<String>]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateAwsLogSourceResponse AWS API Documentation
+    # @!attribute [rw] sources
+    #   The supported Amazon Web Services from which logs and events are
+    #   collected. Security Lake supports log and event collection for
+    #   natively supported Amazon Web Services.
+    #   @return [Array<Types::LogSourceResource>]
     #
-    class CreateAwsLogSourceResponse < Struct.new(
-      :failed,
-      :processing)
+    # @!attribute [rw] subscriber_description
+    #   The description for your subscriber account in Security Lake.
+    #   @return [String]
+    #
+    # @!attribute [rw] subscriber_identity
+    #   The AWS identity used to access your data.
+    #   @return [Types::AwsIdentity]
+    #
+    # @!attribute [rw] subscriber_name
+    #   The name of your Security Lake subscriber account.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberRequest AWS API Documentation
+    #
+    class CreateSubscriberRequest < Struct.new(
+      :access_types,
+      :sources,
+      :subscriber_description,
+      :subscriber_identity,
+      :subscriber_name)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] custom_source_name
-    #   The name for a third-party custom source. This must be a Regionally
-    #   unique value.
+    # @!attribute [rw] subscriber
+    #   Retrieve information about the subscriber created using the
+    #   `CreateSubscriber` API.
+    #   @return [Types::SubscriberResource]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberResponse AWS API Documentation
+    #
+    class CreateSubscriberResponse < Struct.new(
+      :subscriber)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # The attributes of a third-party custom source.
+    #
+    # @!attribute [rw] crawler_arn
+    #   The ARN of the Glue crawler.
     #   @return [String]
     #
-    # @!attribute [rw] event_class
-    #   The Open Cybersecurity Schema Framework (OCSF) event class which
-    #   describes the type of data that the custom source will send to
-    #   Security Lake.
+    # @!attribute [rw] database_arn
+    #   The ARN of the Glue database where results are written, such as:
+    #   `arn:aws:daylight:us-east-1::database/sometable/*`.
+    #   @return [String]
+    #
+    # @!attribute [rw] table_arn
+    #   The ARN of the Glue table.
     #   @return [String]
     #
-    # @!attribute [rw] glue_invocation_role_arn
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CustomLogSourceAttributes AWS API Documentation
+    #
+    class CustomLogSourceAttributes < Struct.new(
+      :crawler_arn,
+      :database_arn,
+      :table_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # The configuration for the third-party custom source.
+    #
+    # @!attribute [rw] crawler_configuration
+    #   The configuration for the Glue Crawler for the third-party custom
+    #   source.
+    #   @return [Types::CustomLogSourceCrawlerConfiguration]
+    #
+    # @!attribute [rw] provider_identity
+    #   The identity of the log provider for the third-party custom source.
+    #   @return [Types::AwsIdentity]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CustomLogSourceConfiguration AWS API Documentation
+    #
+    class CustomLogSourceConfiguration < Struct.new(
+      :crawler_configuration,
+      :provider_identity)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # The configuration for the Glue Crawler for the third-party custom
+    # source.
+    #
+    # @!attribute [rw] role_arn
     #   The Amazon Resource Name (ARN) of the Identity and Access Management
     #   (IAM) role to be used by the Glue crawler. The recommended IAM
     #   policies are:
@@ -261,41 +491,22 @@ module Aws::SecurityLake
     #   * A custom policy granting access to your Amazon S3 Data Lake
     #   @return [String]
     #
-    # @!attribute [rw] log_provider_account_id
-    #   The Amazon Web Services account ID of the custom source that will
-    #   write logs and events into the Amazon S3 Data Lake.
-    #   @return [String]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateCustomLogSourceRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CustomLogSourceCrawlerConfiguration AWS API Documentation
     #
-    class CreateCustomLogSourceRequest < Struct.new(
-      :custom_source_name,
-      :event_class,
-      :glue_invocation_role_arn,
-      :log_provider_account_id)
+    class CustomLogSourceCrawlerConfiguration < Struct.new(
+      :role_arn)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] custom_data_location
+    # The details of the log provider for a third-party custom source.
+    #
+    # @!attribute [rw] location
     #   The location of the partition in the Amazon S3 bucket for Security
     #   Lake.
     #   @return [String]
     #
-    # @!attribute [rw] glue_crawler_name
-    #   The name of the Glue crawler.
-    #   @return [String]
-    #
-    # @!attribute [rw] glue_database_name
-    #   The Glue database where results are written, such as:
-    #   `arn:aws:daylight:us-east-1::database/sometable/*`.
-    #   @return [String]
-    #
-    # @!attribute [rw] glue_table_name
-    #   The table name of the Glue crawler.
-    #   @return [String]
-    #
-    # @!attribute [rw] log_provider_access_role_arn
+    # @!attribute [rw] role_arn
     #   The ARN of the IAM role to be used by the entity putting logs into
     #   your custom source partition. Security Lake will apply the correct
     #   access policies to this role, but you must first manually create the
@@ -304,578 +515,646 @@ module Aws::SecurityLake
     #   `logProviderAccountId` to assume the role.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateCustomLogSourceResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CustomLogSourceProvider AWS API Documentation
     #
-    class CreateCustomLogSourceResponse < Struct.new(
-      :custom_data_location,
-      :glue_crawler_name,
-      :glue_database_name,
-      :glue_table_name,
-      :log_provider_access_role_arn)
+    class CustomLogSourceProvider < Struct.new(
+      :location,
+      :role_arn)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] configuration_for_new_accounts
-    #   Enable Security Lake with the specified configuration settings to
-    #   begin collecting security data for new accounts in your
-    #   organization.
-    #   @return [Array<Types::AutoEnableNewRegionConfiguration>]
+    # Amazon Security Lake can collect logs and events from third-party
+    # custom sources.
+    #
+    # @!attribute [rw] attributes
+    #   The attributes of a third-party custom source.
+    #   @return [Types::CustomLogSourceAttributes]
+    #
+    # @!attribute [rw] provider
+    #   The details of the log provider for a third-party custom source.
+    #   @return [Types::CustomLogSourceProvider]
+    #
+    # @!attribute [rw] source_name
+    #   The name for a third-party custom source. This must be a Regionally
+    #   unique value.
+    #   @return [String]
+    #
+    # @!attribute [rw] source_version
+    #   The version for a third-party custom source. This must be a
+    #   Regionally unique value.
+    #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeAutoEnableRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CustomLogSourceResource AWS API Documentation
     #
-    class CreateDatalakeAutoEnableRequest < Struct.new(
-      :configuration_for_new_accounts)
+    class CustomLogSourceResource < Struct.new(
+      :attributes,
+      :provider,
+      :source_name,
+      :source_version)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeAutoEnableResponse AWS API Documentation
+    # Automatically enable new organization accounts as member accounts from
+    # an Amazon Security Lake administrator account.
     #
-    class CreateDatalakeAutoEnableResponse < Aws::EmptyStructure; end
-    # @!attribute [rw] account
-    #   The Amazon Web Services account ID of the Security Lake delegated
-    #   administrator.
+    # @!attribute [rw] region
+    #   The Amazon Web Services Regions where Security Lake is automatically
+    #   enabled.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeDelegatedAdminRequest AWS API Documentation
+    # @!attribute [rw] sources
+    #   The Amazon Web Services sources that are automatically enabled in
+    #   Security Lake.
+    #   @return [Array<Types::AwsLogSourceResource>]
     #
-    class CreateDatalakeDelegatedAdminRequest < Struct.new(
-      :account)
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeAutoEnableNewAccountConfiguration AWS API Documentation
+    #
+    class DataLakeAutoEnableNewAccountConfiguration < Struct.new(
+      :region,
+      :sources)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeDelegatedAdminResponse AWS API Documentation
+    # Provides details of Amazon Security Lake object.
     #
-    class CreateDatalakeDelegatedAdminResponse < Aws::EmptyStructure; end
-    # @!attribute [rw] notification_endpoint
-    #   The Amazon Web Services account where you want to receive exception
-    #   notifications.
-    #   @return [String]
+    # @!attribute [rw] encryption_configuration
+    #   Provides encryption details of Amazon Security Lake object.
+    #   @return [Types::DataLakeEncryptionConfiguration]
     #
-    # @!attribute [rw] subscription_protocol
-    #   The subscription protocol to which exception notifications are
-    #   posted.
+    # @!attribute [rw] lifecycle_configuration
+    #   Provides lifecycle details of Amazon Security Lake object.
+    #   @return [Types::DataLakeLifecycleConfiguration]
+    #
+    # @!attribute [rw] region
+    #   The Amazon Web Services Regions where Security Lake is automatically
+    #   enabled.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeExceptionsSubscriptionRequest AWS API Documentation
+    # @!attribute [rw] replication_configuration
+    #   Provides replication details of Amazon Security Lake object.
+    #   @return [Types::DataLakeReplicationConfiguration]
     #
-    class CreateDatalakeExceptionsSubscriptionRequest < Struct.new(
-      :notification_endpoint,
-      :subscription_protocol)
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeConfiguration AWS API Documentation
+    #
+    class DataLakeConfiguration < Struct.new(
+      :encryption_configuration,
+      :lifecycle_configuration,
+      :region,
+      :replication_configuration)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeExceptionsSubscriptionResponse AWS API Documentation
+    # Provides encryption details of Amazon Security Lake object.
+    #
+    # @!attribute [rw] kms_key_id
+    #   The id of KMS encryption key used by Amazon Security Lake to encrypt
+    #   the Security Lake object.
+    #   @return [String]
     #
-    class CreateDatalakeExceptionsSubscriptionResponse < Aws::EmptyStructure; end
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeEncryptionConfiguration AWS API Documentation
+    #
+    class DataLakeEncryptionConfiguration < Struct.new(
+      :kms_key_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
-    # @!attribute [rw] configurations
-    #   Specify the Region or Regions that will contribute data to the
-    #   rollup region.
-    #   @return [Hash<String,Types::LakeConfigurationRequest>]
+    # The details for a Security Lake exception
     #
-    # @!attribute [rw] enable_all
-    #   Enable Security Lake in all Regions.
-    #   @return [Boolean]
+    # @!attribute [rw] exception
+    #   The underlying exception of a Security Lake exception.
+    #   @return [String]
     #
-    # @!attribute [rw] meta_store_manager_role_arn
-    #   The Amazon Resource Name (ARN) used to create and update the Glue
-    #   table. This table contains partitions generated by the ingestion and
-    #   normalization of Amazon Web Services log sources and custom sources.
+    # @!attribute [rw] region
+    #   The Amazon Web Services Regions where the exception occurred.
     #   @return [String]
     #
-    # @!attribute [rw] regions
-    #   Enable Security Lake in the specified Regions. To enable Security
-    #   Lake in specific Amazon Web Services Regions, such as us-east-1 or
-    #   ap-northeast-3, provide the Region codes. For a list of Region
-    #   codes, see [Amazon Security Lake endpoints][1] in the Amazon Web
-    #   Services General Reference.
+    # @!attribute [rw] remediation
+    #   List of all remediation steps for a Security Lake exception.
+    #   @return [String]
     #
+    # @!attribute [rw] timestamp
+    #   This error can occur if you configure the wrong timestamp format, or
+    #   if the subset of entries used for validation had errors or missing
+    #   values.
+    #   @return [Time]
     #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeException AWS API Documentation
     #
-    #   [1]: https://docs.aws.amazon.com/general/latest/gr/securitylake.html
-    #   @return [Array<String>]
+    class DataLakeException < Struct.new(
+      :exception,
+      :region,
+      :remediation,
+      :timestamp)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Provides lifecycle details of Amazon Security Lake object.
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeRequest AWS API Documentation
+    # @!attribute [rw] expiration
+    #   Provides data expiration details of Amazon Security Lake object.
+    #   @return [Types::DataLakeLifecycleExpiration]
     #
-    class CreateDatalakeRequest < Struct.new(
-      :configurations,
-      :enable_all,
-      :meta_store_manager_role_arn,
-      :regions)
+    # @!attribute [rw] transitions
+    #   Provides data storage transition details of Amazon Security Lake
+    #   object.
+    #   @return [Array<Types::DataLakeLifecycleTransition>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeLifecycleConfiguration AWS API Documentation
+    #
+    class DataLakeLifecycleConfiguration < Struct.new(
+      :expiration,
+      :transitions)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeResponse AWS API Documentation
+    # Provide expiration lifecycle details of Amazon Security Lake object.
+    #
+    # @!attribute [rw] days
+    #   Number of days before data expires in the Amazon Security Lake
+    #   object.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeLifecycleExpiration AWS API Documentation
     #
-    class CreateDatalakeResponse < Aws::EmptyStructure; end
+    class DataLakeLifecycleExpiration < Struct.new(
+      :days)
+      SENSITIVE = []
+      include Aws::Structure
+    end
-    # @!attribute [rw] access_types
-    #   The Amazon S3 or Lake Formation access type.
-    #   @return [Array<String>]
+    # Provide transition lifecycle details of Amazon Security Lake object.
     #
-    # @!attribute [rw] account_id
-    #   The Amazon Web Services account ID used to access your data.
-    #   @return [String]
+    # @!attribute [rw] days
+    #   Number of days before data transitions to a different S3 Storage
+    #   Class in the Amazon Security Lake object.
+    #   @return [Integer]
     #
-    # @!attribute [rw] external_id
-    #   The external ID of the subscriber. This lets the user that is
-    #   assuming the role assert the circumstances in which they are
-    #   operating. It also provides a way for the account owner to permit
-    #   the role to be assumed only under specific circumstances.
+    # @!attribute [rw] storage_class
+    #   The range of storage classes that you can choose from based on the
+    #   data access, resiliency, and cost requirements of your workloads.
     #   @return [String]
     #
-    # @!attribute [rw] source_types
-    #   The supported Amazon Web Services from which logs and events are
-    #   collected. Security Lake supports log and event collection for
-    #   natively supported Amazon Web Services.
-    #   @return [Array<Types::SourceType>]
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeLifecycleTransition AWS API Documentation
     #
-    # @!attribute [rw] subscriber_description
-    #   The description for your subscriber account in Security Lake.
-    #   @return [String]
+    class DataLakeLifecycleTransition < Struct.new(
+      :days,
+      :storage_class)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # Provides replication details of Amazon Security Lake object.
     #
-    # @!attribute [rw] subscriber_name
-    #   The name of your Security Lake subscriber account.
+    # @!attribute [rw] regions
+    #   Replication enables automatic, asynchronous copying of objects
+    #   across Amazon S3 buckets. Amazon S3 buckets that are configured for
+    #   object replication can be owned by the same Amazon Web Services
+    #   account or by different accounts. You can replicate objects to a
+    #   single destination bucket or to multiple destination buckets. The
+    #   destination buckets can be in different Amazon Web Services Regions
+    #   or within the same Region as the source bucket.
+    #
+    #   Set up one or more rollup Regions by providing the Region or Regions
+    #   that should contribute to the central rollup Region.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] role_arn
+    #   Replication settings for the Amazon S3 buckets. This parameter uses
+    #   the Identity and Access Management (IAM) role you created that is
+    #   managed by Security Lake, to ensure the replication setting is
+    #   correct.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeReplicationConfiguration AWS API Documentation
     #
-    class CreateSubscriberRequest < Struct.new(
-      :access_types,
-      :account_id,
-      :external_id,
-      :source_types,
-      :subscriber_description,
-      :subscriber_name)
+    class DataLakeReplicationConfiguration < Struct.new(
+      :regions,
+      :role_arn)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] resource_share_arn
-    #   The Amazon Resource Name (ARN) which uniquely defines the AWS RAM
-    #   resource share. Before accepting the RAM resource share invitation,
-    #   you can view details related to the RAM resource share.
-    #   @return [String]
+    # Provides details of Amazon Security Lake object.
     #
-    # @!attribute [rw] resource_share_name
-    #   The name of the resource share.
+    # @!attribute [rw] create_status
+    #   Retrieves the status of the configuration operation for an account
+    #   in Amazon Security Lake.
     #   @return [String]
     #
-    # @!attribute [rw] role_arn
+    # @!attribute [rw] data_lake_arn
     #   The Amazon Resource Name (ARN) created by you to provide to the
     #   subscriber. For more information about ARNs and how to use them in
-    #   policies, see [Amazon Security Lake User Guide][1].
+    #   policies, see the [Amazon Security Lake User Guide][1].
     #
     #
     #
     #   [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html
     #   @return [String]
     #
-    # @!attribute [rw] s3_bucket_arn
-    #   The ARN for the Amazon S3 bucket.
-    #   @return [String]
+    # @!attribute [rw] encryption_configuration
+    #   Provides encryption details of Amazon Security Lake object.
+    #   @return [Types::DataLakeEncryptionConfiguration]
+    #
+    # @!attribute [rw] lifecycle_configuration
+    #   Provides lifecycle details of Amazon Security Lake object.
+    #   @return [Types::DataLakeLifecycleConfiguration]
     #
-    # @!attribute [rw] sns_arn
-    #   The ARN for the Amazon Simple Notification Service.
+    # @!attribute [rw] region
+    #   The Amazon Web Services Regions where Security Lake is enabled.
     #   @return [String]
     #
-    # @!attribute [rw] subscription_id
-    #   The `subscriptionId` created by the `CreateSubscriber` API call.
+    # @!attribute [rw] replication_configuration
+    #   Provides replication details of Amazon Security Lake object.
+    #   @return [Types::DataLakeReplicationConfiguration]
+    #
+    # @!attribute [rw] s3_bucket_arn
+    #   The ARN for the Amazon Security Lake Amazon S3 bucket.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberResponse AWS API Documentation
+    # @!attribute [rw] update_status
+    #   The status of the last `UpdateDataLake `or `DeleteDataLake` API
+    #   request.
+    #   @return [Types::DataLakeUpdateStatus]
     #
-    class CreateSubscriberResponse < Struct.new(
-      :resource_share_arn,
-      :resource_share_name,
-      :role_arn,
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeResource AWS API Documentation
+    #
+    class DataLakeResource < Struct.new(
+      :create_status,
+      :data_lake_arn,
+      :encryption_configuration,
+      :lifecycle_configuration,
+      :region,
+      :replication_configuration,
       :s3_bucket_arn,
-      :sns_arn,
-      :subscription_id)
+      :update_status)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] create_sqs
-    #   Create an Amazon Simple Queue Service queue.
-    #   @return [Boolean]
+    # Amazon Security Lake collects logs and events from supported Amazon
+    # Web Services and custom sources. For the list of supported Amazon Web
+    # Services, see the [Amazon Security Lake User Guide][1].
     #
-    # @!attribute [rw] https_api_key_name
-    #   The key name for the notification subscription.
-    #   @return [String]
     #
-    # @!attribute [rw] https_api_key_value
-    #   The key value for the notification subscription.
-    #   @return [String]
     #
-    # @!attribute [rw] https_method
-    #   The HTTPS method used for the notification subscription.
+    # [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html
+    #
+    # @!attribute [rw] account
+    #   The ID of the Security Lake account for which logs are collected.
     #   @return [String]
     #
-    # @!attribute [rw] role_arn
-    #   The Amazon Resource Name (ARN) of the EventBridge API destinations
-    #   IAM role that you created. For more information about ARNs and how
-    #   to use them in policies, see [Managing data access][1] and [Amazon
-    #   Web Services Managed Policies][2] in the Amazon Security Lake User
-    #   Guide.
+    # @!attribute [rw] event_classes
+    #   The Open Cybersecurity Schema Framework (OCSF) event classes which
+    #   describes the type of data that the custom source will send to
+    #   Security Lake. The supported event classes are:
     #
+    #   * `ACCESS_ACTIVITY`
     #
+    #   * `FILE_ACTIVITY`
     #
-    #   [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
-    #   [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
-    #   @return [String]
+    #   * `KERNEL_ACTIVITY`
     #
-    # @!attribute [rw] subscription_endpoint
-    #   The subscription endpoint in Security Lake. If you prefer
-    #   notification with an HTTPs endpoint, populate this field.
+    #   * `KERNEL_EXTENSION`
+    #
+    #   * `MEMORY_ACTIVITY`
+    #
+    #   * `MODULE_ACTIVITY`
+    #
+    #   * `PROCESS_ACTIVITY`
+    #
+    #   * `REGISTRY_KEY_ACTIVITY`
+    #
+    #   * `REGISTRY_VALUE_ACTIVITY`
+    #
+    #   * `RESOURCE_ACTIVITY`
+    #
+    #   * `SCHEDULED_JOB_ACTIVITY`
+    #
+    #   * `SECURITY_FINDING`
+    #
+    #   * `ACCOUNT_CHANGE`
+    #
+    #   * `AUTHENTICATION`
+    #
+    #   * `AUTHORIZATION`
+    #
+    #   * `ENTITY_MANAGEMENT_AUDIT`
+    #
+    #   * `DHCP_ACTIVITY`
+    #
+    #   * `NETWORK_ACTIVITY`
+    #
+    #   * `DNS_ACTIVITY`
+    #
+    #   * `FTP_ACTIVITY`
+    #
+    #   * `HTTP_ACTIVITY`
+    #
+    #   * `RDP_ACTIVITY`
+    #
+    #   * `SMB_ACTIVITY`
+    #
+    #   * `SSH_ACTIVITY`
+    #
+    #   * `CONFIG_STATE`
+    #
+    #   * `INVENTORY_INFO`
+    #
+    #   * `EMAIL_ACTIVITY`
+    #
+    #   * `API_ACTIVITY`
+    #
+    #   * `CLOUD_API`
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] source_name
+    #   The supported Amazon Web Services from which logs and events are
+    #   collected. Amazon Security Lake supports log and event collection
+    #   for natively supported Amazon Web Services.
     #   @return [String]
     #
-    # @!attribute [rw] subscription_id
-    #   The subscription ID for the notification subscription.
-    #   @return [String]
+    # @!attribute [rw] source_statuses
+    #   The log status for the Security Lake account.
+    #   @return [Array<Types::DataLakeSourceStatus>]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriptionNotificationConfigurationRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeSource AWS API Documentation
     #
-    class CreateSubscriptionNotificationConfigurationRequest < Struct.new(
-      :create_sqs,
-      :https_api_key_name,
-      :https_api_key_value,
-      :https_method,
-      :role_arn,
-      :subscription_endpoint,
-      :subscription_id)
+    class DataLakeSource < Struct.new(
+      :account,
+      :event_classes,
+      :source_name,
+      :source_statuses)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] queue_arn
-    #   Returns the Amazon Resource Name (ARN) of the queue.
+    # Retrieves the Logs status for the Amazon Security Lake account.
+    #
+    # @!attribute [rw] resource
+    #   Defines path the stored logs are available which has information on
+    #   your systems, applications, and services.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriptionNotificationConfigurationResponse AWS API Documentation
+    # @!attribute [rw] status
+    #   The health status of services, including error codes and patterns.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeSourceStatus AWS API Documentation
     #
-    class CreateSubscriptionNotificationConfigurationResponse < Struct.new(
-      :queue_arn)
+    class DataLakeSourceStatus < Struct.new(
+      :resource,
+      :status)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] disable_all_dimensions
-    #   Removes the specific Amazon Web Services sources from specific
-    #   accounts and specific Regions.
-    #   @return [Hash<String,Hash<String,Array<String>>>]
-    #
-    # @!attribute [rw] disable_single_dimension
-    #   Removes all Amazon Web Services sources from specific accounts or
-    #   Regions.
-    #   @return [Array<String>]
+    # The details of the last `UpdateDataLake` or `DeleteDataLake` API
+    # request which failed.
     #
-    # @!attribute [rw] disable_two_dimensions
-    #   Remove a specific Amazon Web Services source from specific accounts
-    #   or Regions.
-    #   @return [Hash<String,Array<String>>]
+    # @!attribute [rw] code
+    #   The reason code for the exception of the last `UpdateDataLake` or
+    #   `DeleteDataLake` API request.
+    #   @return [String]
     #
-    # @!attribute [rw] input_order
-    #   This is a mandatory input. Specify the input order to disable
-    #   dimensions in Security Lake, namely Region (Amazon Web Services
-    #   Region code, source type, and member (account ID of a specific
-    #   Amazon Web Services account).
-    #   @return [Array<String>]
+    # @!attribute [rw] reason
+    #   The reason for the exception of the last `UpdateDataLake`or
+    #   `DeleteDataLake` API request.
+    #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteAwsLogSourceRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeUpdateException AWS API Documentation
     #
-    class DeleteAwsLogSourceRequest < Struct.new(
-      :disable_all_dimensions,
-      :disable_single_dimension,
-      :disable_two_dimensions,
-      :input_order)
+    class DataLakeUpdateException < Struct.new(
+      :code,
+      :reason)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] failed
-    #   Deletion of the Amazon Web Services sources failed as the account is
-    #   not a part of the organization.
-    #   @return [Array<String>]
+    # The status of the last `UpdateDataLake` or `DeleteDataLake` API
+    # request. This is set to Completed after the configuration is updated,
+    # or removed if deletion of the data lake is successful.
     #
-    # @!attribute [rw] processing
-    #   Deletion of the Amazon Web Services sources is in progress.
-    #   @return [Array<String>]
+    # @!attribute [rw] exception
+    #   The details of the last `UpdateDataLake`or `DeleteDataLake` API
+    #   request which failed.
+    #   @return [Types::DataLakeUpdateException]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteAwsLogSourceResponse AWS API Documentation
+    # @!attribute [rw] request_id
+    #   The unique ID for the last `UpdateDataLake` or `DeleteDataLake` API
+    #   request.
+    #   @return [String]
     #
-    class DeleteAwsLogSourceResponse < Struct.new(
-      :failed,
-      :processing)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # @!attribute [rw] custom_source_name
-    #   The custom source name for the custom log source.
+    # @!attribute [rw] status
+    #   The status of the last `UpdateDataLake` or `DeleteDataLake` API
+    #   request that was requested.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteCustomLogSourceRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DataLakeUpdateStatus AWS API Documentation
     #
-    class DeleteCustomLogSourceRequest < Struct.new(
-      :custom_source_name)
+    class DataLakeUpdateStatus < Struct.new(
+      :exception,
+      :request_id,
+      :status)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] custom_data_location
-    #   The location of the partition in the Amazon S3 bucket for Security
-    #   Lake.
-    #   @return [String]
+    # @!attribute [rw] sources
+    #   Specify the natively-supported Amazon Web Services service to remove
+    #   as a source in Security Lake.
+    #   @return [Array<Types::AwsLogSourceConfiguration>]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteCustomLogSourceResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteAwsLogSourceRequest AWS API Documentation
     #
-    class DeleteCustomLogSourceResponse < Struct.new(
-      :custom_data_location)
+    class DeleteAwsLogSourceRequest < Struct.new(
+      :sources)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] remove_from_configuration_for_new_accounts
-    #   Remove automatic enablement of configuration settings for new member
-    #   accounts in Security Lake.
-    #   @return [Array<Types::AutoEnableNewRegionConfiguration>]
+    # @!attribute [rw] failed
+    #   Deletion of the Amazon Web Services sources failed as the account is
+    #   not a part of the organization.
+    #   @return [Array<String>]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeAutoEnableRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteAwsLogSourceResponse AWS API Documentation
     #
-    class DeleteDatalakeAutoEnableRequest < Struct.new(
-      :remove_from_configuration_for_new_accounts)
+    class DeleteAwsLogSourceResponse < Struct.new(
+      :failed)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeAutoEnableResponse AWS API Documentation
+    # @!attribute [rw] source_name
+    #   The source name of custom log source that you want to delete.
+    #   @return [String]
     #
-    class DeleteDatalakeAutoEnableResponse < Aws::EmptyStructure; end
-    # @!attribute [rw] account
-    #   The account ID the Security Lake delegated administrator.
+    # @!attribute [rw] source_version
+    #   The source version for the third-party custom source. You can limit
+    #   the custom source removal to the specified source version.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeDelegatedAdminRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteCustomLogSourceRequest AWS API Documentation
     #
-    class DeleteDatalakeDelegatedAdminRequest < Struct.new(
-      :account)
+    class DeleteCustomLogSourceRequest < Struct.new(
+      :source_name,
+      :source_version)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeDelegatedAdminResponse AWS API Documentation
-    #
-    class DeleteDatalakeDelegatedAdminResponse < Aws::EmptyStructure; end
-    # @api private
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeExceptionsSubscriptionRequest AWS API Documentation
-    #
-    class DeleteDatalakeExceptionsSubscriptionRequest < Aws::EmptyStructure; end
-    # @!attribute [rw] status
-    #   Retrieves the status of the delete Security Lake operation for an
-    #   account.
-    #   @return [String]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeExceptionsSubscriptionResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteCustomLogSourceResponse AWS API Documentation
     #
-    class DeleteDatalakeExceptionsSubscriptionResponse < Struct.new(
-      :status)
-      SENSITIVE = []
-      include Aws::Structure
-    end
+    class DeleteCustomLogSourceResponse < Aws::EmptyStructure; end
     # @api private
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeExceptionSubscriptionRequest AWS API Documentation
     #
-    class DeleteDatalakeRequest < Aws::EmptyStructure; end
+    class DeleteDataLakeExceptionSubscriptionRequest < Aws::EmptyStructure; end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeExceptionSubscriptionResponse AWS API Documentation
     #
-    class DeleteDatalakeResponse < Aws::EmptyStructure; end
+    class DeleteDataLakeExceptionSubscriptionResponse < Aws::EmptyStructure; end
-    # @!attribute [rw] id
-    #   A value created by Security Lake that uniquely identifies your
-    #   `DeleteSubscriber` API request.
-    #   @return [String]
+    # @!attribute [rw] auto_enable_new_account
+    #   Removes the automatic enablement of configuration settings for new
+    #   member accounts in Security Lake.
+    #   @return [Array<Types::DataLakeAutoEnableNewAccountConfiguration>]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriberRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeOrganizationConfigurationRequest AWS API Documentation
     #
-    class DeleteSubscriberRequest < Struct.new(
-      :id)
+    class DeleteDataLakeOrganizationConfigurationRequest < Struct.new(
+      :auto_enable_new_account)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriberResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeOrganizationConfigurationResponse AWS API Documentation
     #
-    class DeleteSubscriberResponse < Aws::EmptyStructure; end
+    class DeleteDataLakeOrganizationConfigurationResponse < Aws::EmptyStructure; end
-    # @!attribute [rw] subscription_id
-    #   The ID of the Security Lake subscriber account.
-    #   @return [String]
+    # @!attribute [rw] regions
+    #   The list of Regions where Security Lake is enabled.
+    #   @return [Array<String>]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriptionNotificationConfigurationRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeRequest AWS API Documentation
     #
-    class DeleteSubscriptionNotificationConfigurationRequest < Struct.new(
-      :subscription_id)
+    class DeleteDataLakeRequest < Struct.new(
+      :regions)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriptionNotificationConfigurationResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeResponse AWS API Documentation
     #
-    class DeleteSubscriptionNotificationConfigurationResponse < Aws::EmptyStructure; end
+    class DeleteDataLakeResponse < Aws::EmptyStructure; end
-    # Represents an error interacting with the Amazon EventBridge service.
-    #
-    # @!attribute [rw] message
+    # @!attribute [rw] subscriber_id
+    #   The ID of the Security Lake subscriber account.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/EventBridgeException AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriberNotificationRequest AWS API Documentation
     #
-    class EventBridgeException < Struct.new(
-      :message)
+    class DeleteSubscriberNotificationRequest < Struct.new(
+      :subscriber_id)
       SENSITIVE = []
       include Aws::Structure
     end
-    # List of all failures.
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriberNotificationResponse AWS API Documentation
     #
-    # @!attribute [rw] exception_message
-    #   List of all exception messages.
-    #   @return [String]
-    #
-    # @!attribute [rw] remediation
-    #   List of all remediation steps for failures.
+    class DeleteSubscriberNotificationResponse < Aws::EmptyStructure; end
+    # @!attribute [rw] subscriber_id
+    #   A value created by Security Lake that uniquely identifies your
+    #   `DeleteSubscriber` API request.
     #   @return [String]
     #
-    # @!attribute [rw] timestamp
-    #   This error can occur if you configure the wrong timestamp format, or
-    #   if the subset of entries used for validation had errors or missing
-    #   values.
-    #   @return [Time]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/Failures AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriberRequest AWS API Documentation
     #
-    class Failures < Struct.new(
-      :exception_message,
-      :remediation,
-      :timestamp)
+    class DeleteSubscriberRequest < Struct.new(
+      :subscriber_id)
       SENSITIVE = []
       include Aws::Structure
     end
-    # Response element for actions that make changes, namely create, update,
-    # or delete actions.
-    #
-    # @!attribute [rw] failures
-    #   List of all failures.
-    #   @return [Array<Types::Failures>]
-    #
-    # @!attribute [rw] region
-    #   List of Amazon Web Services Regions where the failure occurred.
-    #   @return [String]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/FailuresResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriberResponse AWS API Documentation
     #
-    class FailuresResponse < Struct.new(
-      :failures,
-      :region)
-      SENSITIVE = []
-      include Aws::Structure
-    end
+    class DeleteSubscriberResponse < Aws::EmptyStructure; end
     # @api private
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeAutoEnableRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeregisterDataLakeDelegatedAdministratorRequest AWS API Documentation
     #
-    class GetDatalakeAutoEnableRequest < Aws::EmptyStructure; end
+    class DeregisterDataLakeDelegatedAdministratorRequest < Aws::EmptyStructure; end
-    # @!attribute [rw] auto_enable_new_accounts
-    #   The configuration for new accounts.
-    #   @return [Array<Types::AutoEnableNewRegionConfiguration>]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeAutoEnableResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeregisterDataLakeDelegatedAdministratorResponse AWS API Documentation
     #
-    class GetDatalakeAutoEnableResponse < Struct.new(
-      :auto_enable_new_accounts)
-      SENSITIVE = []
-      include Aws::Structure
-    end
+    class DeregisterDataLakeDelegatedAdministratorResponse < Aws::EmptyStructure; end
     # @api private
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeExceptionsExpiryRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeExceptionSubscriptionRequest AWS API Documentation
     #
-    class GetDatalakeExceptionsExpiryRequest < Aws::EmptyStructure; end
+    class GetDataLakeExceptionSubscriptionRequest < Aws::EmptyStructure; end
-    # @!attribute [rw] exception_message_expiry
+    # @!attribute [rw] exception_time_to_live
     #   The expiration period and time-to-live (TTL).
     #   @return [Integer]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeExceptionsExpiryResponse AWS API Documentation
-    #
-    class GetDatalakeExceptionsExpiryResponse < Struct.new(
-      :exception_message_expiry)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # @api private
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeExceptionsSubscriptionRequest AWS API Documentation
+    # @!attribute [rw] notification_endpoint
+    #   The Amazon Web Services account where you receive exception
+    #   notifications.
+    #   @return [String]
     #
-    class GetDatalakeExceptionsSubscriptionRequest < Aws::EmptyStructure; end
-    # @!attribute [rw] protocol_and_notification_endpoint
-    #   Retrieves the exception notification subscription information.
-    #   @return [Types::ProtocolAndNotificationEndpoint]
+    # @!attribute [rw] subscription_protocol
+    #   The subscription protocol to which exception notifications are
+    #   posted.
+    #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeExceptionsSubscriptionResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeExceptionSubscriptionResponse AWS API Documentation
     #
-    class GetDatalakeExceptionsSubscriptionResponse < Struct.new(
-      :protocol_and_notification_endpoint)
+    class GetDataLakeExceptionSubscriptionResponse < Struct.new(
+      :exception_time_to_live,
+      :notification_endpoint,
+      :subscription_protocol)
       SENSITIVE = []
       include Aws::Structure
     end
     # @api private
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeOrganizationConfigurationRequest AWS API Documentation
     #
-    class GetDatalakeRequest < Aws::EmptyStructure; end
+    class GetDataLakeOrganizationConfigurationRequest < Aws::EmptyStructure; end
-    # @!attribute [rw] configurations
-    #   Retrieves the Security Lake configuration object.
-    #   @return [Hash<String,Types::LakeConfigurationResponse>]
+    # @!attribute [rw] auto_enable_new_account
+    #   The configuration for new accounts.
+    #   @return [Array<Types::DataLakeAutoEnableNewAccountConfiguration>]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeOrganizationConfigurationResponse AWS API Documentation
     #
-    class GetDatalakeResponse < Struct.new(
-      :configurations)
+    class GetDataLakeOrganizationConfigurationResponse < Struct.new(
+      :auto_enable_new_account)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] account_set
+    # @!attribute [rw] accounts
     #   The Amazon Web Services account ID for which a static snapshot of
     #   the current Amazon Web Services Region, including enabled accounts
     #   and log sources, is retrieved.
     #   @return [Array<String>]
     #
-    # @!attribute [rw] max_account_results
+    # @!attribute [rw] max_results
     #   The maximum limit of accounts for which the static snapshot of the
     #   current Region, including enabled accounts and log sources, is
     #   retrieved.
@@ -891,19 +1170,29 @@ module Aws::SecurityLake
     #   pagination token will return an HTTP 400 InvalidToken error.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeStatusRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeSourcesRequest AWS API Documentation
     #
-    class GetDatalakeStatusRequest < Struct.new(
-      :account_set,
-      :max_account_results,
+    class GetDataLakeSourcesRequest < Struct.new(
+      :accounts,
+      :max_results,
       :next_token)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] account_sources_list
+    # @!attribute [rw] data_lake_arn
+    #   The Amazon Resource Name (ARN) created by you to provide to the
+    #   subscriber. For more information about ARNs and how to use them in
+    #   policies, see the [Amazon Security Lake User Guide][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html
+    #   @return [String]
+    #
+    # @!attribute [rw] data_lake_sources
     #   The list of enabled accounts and enabled sources.
-    #   @return [Array<Types::AccountSources>]
+    #   @return [Array<Types::DataLakeSource>]
     #
     # @!attribute [rw] next_token
     #   Lists if there are more results available. The value of nextToken is
@@ -915,16 +1204,17 @@ module Aws::SecurityLake
     #   pagination token will return an HTTP 400 InvalidToken error.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeStatusResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeSourcesResponse AWS API Documentation
     #
-    class GetDatalakeStatusResponse < Struct.new(
-      :account_sources_list,
+    class GetDataLakeSourcesResponse < Struct.new(
+      :data_lake_arn,
+      :data_lake_sources,
       :next_token)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] id
+    # @!attribute [rw] subscriber_id
     #   A value created by Amazon Security Lake that uniquely identifies
     #   your `GetSubscriber` API request.
     #   @return [String]
@@ -932,13 +1222,13 @@ module Aws::SecurityLake
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetSubscriberRequest AWS API Documentation
     #
     class GetSubscriberRequest < Struct.new(
-      :id)
+      :subscriber_id)
       SENSITIVE = []
       include Aws::Structure
     end
     # @!attribute [rw] subscriber
-    #   The subscription information for the specified subscription ID.
+    #   The subscriber information for the specified subscriber ID.
     #   @return [Types::SubscriberResource]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetSubscriberResponse AWS API Documentation
@@ -949,180 +1239,65 @@ module Aws::SecurityLake
       include Aws::Structure
     end
-    # Internal service exceptions are sometimes caused by transient issues.
-    # Before you start troubleshooting, perform the operation again.
-    #
-    # @!attribute [rw] message
-    #   @return [String]
-    #
-    # @!attribute [rw] retry_after_seconds
-    #   Retry the request after the specified time.
-    #   @return [Integer]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/InternalServerException AWS API Documentation
-    #
-    class InternalServerException < Struct.new(
-      :message,
-      :retry_after_seconds)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # The request was rejected because a value that's not valid or is out
-    # of range was supplied for an input parameter.
+    # The configurations for HTTPS subscriber notification.
     #
-    # @!attribute [rw] message
+    # @!attribute [rw] authorization_api_key_name
+    #   The key name for the notification subscription.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/InvalidInputException AWS API Documentation
-    #
-    class InvalidInputException < Struct.new(
-      :message)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # Provides details of Amazon Security Lake configuration object.
-    #
-    # @!attribute [rw] encryption_key
-    #   The type of encryption key used by Amazon Security Lake to encrypt
-    #   the Security Lake configuration object.
+    # @!attribute [rw] authorization_api_key_value
+    #   The key value for the notification subscription.
     #   @return [String]
     #
-    # @!attribute [rw] replication_destination_regions
-    #   Replication enables automatic, asynchronous copying of objects
-    #   across Amazon S3 buckets. Amazon S3 buckets that are configured for
-    #   object replication can be owned by the same Amazon Web Services
-    #   account or by different accounts. You can replicate objects to a
-    #   single destination bucket or to multiple destination buckets. The
-    #   destination buckets can be in different Amazon Web Services Regions
-    #   or within the same Region as the source bucket.
-    #
-    #   Set up one or more rollup Regions by providing the Region or Regions
-    #   that should contribute to the central rollup Region.
-    #   @return [Array<String>]
-    #
-    # @!attribute [rw] replication_role_arn
-    #   Replication settings for the Amazon S3 buckets. This parameter uses
-    #   the Identity and Access Management (IAM) role you created that is
-    #   managed by Security Lake, to ensure the replication setting is
-    #   correct.
+    # @!attribute [rw] endpoint
+    #   The subscription endpoint in Security Lake. If you prefer
+    #   notification with an HTTPs endpoint, populate this field.
     #   @return [String]
     #
-    # @!attribute [rw] retention_settings
-    #   Retention settings for the destination Amazon S3 buckets.
-    #   @return [Array<Types::RetentionSetting>]
-    #
-    # @!attribute [rw] tags_map
-    #   A tag is a label that you assign to an Amazon Web Services resource.
-    #   Each tag consists of a key and an optional value, both of which you
-    #   define.
-    #   @return [Hash<String,String>]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/LakeConfigurationRequest AWS API Documentation
-    #
-    class LakeConfigurationRequest < Struct.new(
-      :encryption_key,
-      :replication_destination_regions,
-      :replication_role_arn,
-      :retention_settings,
-      :tags_map)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # Provides details of Amazon Security Lake lake configuration object.
-    #
-    # @!attribute [rw] encryption_key
-    #   The type of encryption key used by secure the Security Lake
-    #   configuration object.
+    # @!attribute [rw] http_method
+    #   The HTTPS method used for the notification subscription.
     #   @return [String]
     #
-    # @!attribute [rw] replication_destination_regions
-    #   Replication enables automatic, asynchronous copying of objects
-    #   across Amazon S3 buckets. Amazon S3 buckets that are configured for
-    #   object replication can be owned by the same Amazon Web Services
-    #   account or by different accounts. You can replicate objects to a
-    #   single destination bucket or to multiple destination buckets. The
-    #   destination buckets can be in different Amazon Web Services Regions
-    #   or within the same Region as the source bucket.
-    #
-    #   Set up one or more rollup Regions by providing the Region or Regions
-    #   that should contribute to the central rollup Region.
-    #   @return [Array<String>]
-    #
-    # @!attribute [rw] replication_role_arn
-    #   Replication settings for the Amazon S3 buckets. This parameter uses
-    #   the IAM role you created that is managed by Security Lake, to ensure
-    #   the replication setting is correct.
-    #   @return [String]
+    # @!attribute [rw] target_role_arn
+    #   The Amazon Resource Name (ARN) of the EventBridge API destinations
+    #   IAM role that you created. For more information about ARNs and how
+    #   to use them in policies, see [Managing data access][1] and [Amazon
+    #   Web Services Managed Policies][2] in the Amazon Security Lake User
+    #   Guide.
     #
-    # @!attribute [rw] retention_settings
-    #   Retention settings for the destination Amazon S3 buckets.
-    #   @return [Array<Types::RetentionSetting>]
     #
-    # @!attribute [rw] s3_bucket_arn
-    #   Amazon Resource Names (ARNs) uniquely identify Amazon Web Services
-    #   resources. Security Lake requires an ARN when you need to specify a
-    #   resource unambiguously across all of Amazon Web Services, such as in
-    #   IAM policies, Amazon Relational Database Service (Amazon RDS) tags,
-    #   and API calls.
-    #   @return [String]
     #
-    # @!attribute [rw] status
-    #   Retrieves the status of the configuration operation for an account
-    #   in Amazon Security Lake.
+    #   [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
+    #   [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
     #   @return [String]
     #
-    # @!attribute [rw] tags_map
-    #   A tag is a label that you assign to an Amazon Web Services resource.
-    #   Each tag consists of a key and an optional value, both of which you
-    #   define.
-    #   @return [Hash<String,String>]
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/HttpsNotificationConfiguration AWS API Documentation
     #
-    # @!attribute [rw] update_status
-    #   The status of the last `UpdateDatalake `or `DeleteDatalake` API
-    #   request.
-    #   @return [Types::UpdateStatus]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/LakeConfigurationResponse AWS API Documentation
-    #
-    class LakeConfigurationResponse < Struct.new(
-      :encryption_key,
-      :replication_destination_regions,
-      :replication_role_arn,
-      :retention_settings,
-      :s3_bucket_arn,
-      :status,
-      :tags_map,
-      :update_status)
+    class HttpsNotificationConfiguration < Struct.new(
+      :authorization_api_key_name,
+      :authorization_api_key_value,
+      :endpoint,
+      :http_method,
+      :target_role_arn)
       SENSITIVE = []
       include Aws::Structure
     end
-    # The details of the last `UpdateDatalake` or `DeleteDatalake` API
-    # request which failed.
-    #
-    # @!attribute [rw] code
-    #   The reason code for the failure of the last `UpdateDatalake` or
-    #   `DeleteDatalake` API request.
-    #   @return [String]
+    # Internal service exceptions are sometimes caused by transient issues.
+    # Before you start troubleshooting, perform the operation again.
     #
-    # @!attribute [rw] reason
-    #   The reason for the failure of the last `UpdateDatalake`or
-    #   `DeleteDatalake` API request.
+    # @!attribute [rw] message
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/LastUpdateFailure AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/InternalServerException AWS API Documentation
     #
-    class LastUpdateFailure < Struct.new(
-      :code,
-      :reason)
+    class InternalServerException < Struct.new(
+      :message)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] max_failures
+    # @!attribute [rw] max_results
     #   List the maximum number of failures in Security Lake.
     #   @return [Integer]
     #
@@ -1136,21 +1311,25 @@ module Aws::SecurityLake
     #   pagination token will return an HTTP 400 InvalidToken error.
     #   @return [String]
     #
-    # @!attribute [rw] region_set
+    # @!attribute [rw] regions
     #   List the Amazon Web Services Regions from which exceptions are
     #   retrieved.
     #   @return [Array<String>]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDatalakeExceptionsRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDataLakeExceptionsRequest AWS API Documentation
     #
-    class ListDatalakeExceptionsRequest < Struct.new(
-      :max_failures,
+    class ListDataLakeExceptionsRequest < Struct.new(
+      :max_results,
       :next_token,
-      :region_set)
+      :regions)
       SENSITIVE = []
       include Aws::Structure
     end
+    # @!attribute [rw] exceptions
+    #   Lists the failures that cannot be retried in the current Region.
+    #   @return [Array<Types::DataLakeException>]
+    #
     # @!attribute [rw] next_token
     #   List if there are more results available. The value of nextToken is
     #   a unique pagination token for each page. Repeat the call using the
@@ -1161,41 +1340,43 @@ module Aws::SecurityLake
     #   pagination token will return an HTTP 400 InvalidToken error.
     #   @return [String]
     #
-    # @!attribute [rw] non_retryable_failures
-    #   Lists the failures that cannot be retried in the current Region.
-    #   @return [Array<Types::FailuresResponse>]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDatalakeExceptionsResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDataLakeExceptionsResponse AWS API Documentation
     #
-    class ListDatalakeExceptionsResponse < Struct.new(
-      :next_token,
-      :non_retryable_failures)
+    class ListDataLakeExceptionsResponse < Struct.new(
+      :exceptions,
+      :next_token)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] input_order
-    #   Lists the log sources in input order, namely Region, source type,
-    #   and member account.
+    # @!attribute [rw] regions
+    #   The list of regions where Security Lake is enabled.
     #   @return [Array<String>]
     #
-    # @!attribute [rw] list_all_dimensions
-    #   List the view of log sources for enabled Amazon Security Lake
-    #   accounts for specific Amazon Web Services sources from specific
-    #   accounts and specific Regions.
-    #   @return [Hash<String,Hash<String,Array<String>>>]
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDataLakesRequest AWS API Documentation
     #
-    # @!attribute [rw] list_single_dimension
-    #   List the view of log sources for enabled Security Lake accounts for
-    #   all Amazon Web Services sources from specific accounts or specific
-    #   Regions.
-    #   @return [Array<String>]
+    class ListDataLakesRequest < Struct.new(
+      :regions)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] data_lakes
+    #   Retrieves the Security Lake configuration object.
+    #   @return [Array<Types::DataLakeResource>]
     #
-    # @!attribute [rw] list_two_dimensions
-    #   Lists the view of log sources for enabled Security Lake accounts for
-    #   specific Amazon Web Services sources from specific accounts or
-    #   specific Regions.
-    #   @return [Hash<String,Array<String>>]
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDataLakesResponse AWS API Documentation
+    #
+    class ListDataLakesResponse < Struct.new(
+      :data_lakes)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] accounts
+    #   The list of Amazon Web Services accounts for which log sources are
+    #   displayed.
+    #   @return [Array<String>]
     #
     # @!attribute [rw] max_results
     #   The maximum number of accounts for which the log sources are
@@ -1207,15 +1388,22 @@ module Aws::SecurityLake
     #   repeat the call using the returned token to retrieve the next page.
     #   @return [String]
     #
+    # @!attribute [rw] regions
+    #   The list of regions for which log sources are displayed.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] sources
+    #   The list of sources for which log sources are displayed.
+    #   @return [Array<Types::LogSourceResource>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListLogSourcesRequest AWS API Documentation
     #
     class ListLogSourcesRequest < Struct.new(
-      :input_order,
-      :list_all_dimensions,
-      :list_single_dimension,
-      :list_two_dimensions,
+      :accounts,
       :max_results,
-      :next_token)
+      :next_token,
+      :regions,
+      :sources)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1225,15 +1413,16 @@ module Aws::SecurityLake
     #   repeat the call using the returned token to retrieve the next page.
     #   @return [String]
     #
-    # @!attribute [rw] region_source_types_accounts_list
-    #   Lists the log sources by Regions for enabled Security Lake accounts.
-    #   @return [Array<Hash<String,Hash<String,Array<String>>>>]
+    # @!attribute [rw] sources
+    #   The list of log sources in your organization that send data to the
+    #   data lake.
+    #   @return [Array<Types::LogSource>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListLogSourcesResponse AWS API Documentation
     #
     class ListLogSourcesResponse < Struct.new(
       :next_token,
-      :region_source_types_accounts_list)
+      :sources)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1276,182 +1465,144 @@ module Aws::SecurityLake
       include Aws::Structure
     end
-    # Retrieves the Logs status for the Amazon Security Lake account.
+    # Amazon Security Lake can collect logs and events from
+    # natively-supported Amazon Web Services services and custom sources.
     #
-    # @!attribute [rw] health_status
-    #   The health status of services, including error codes and patterns.
+    # @!attribute [rw] account
+    #   Specify the account from which you want to collect logs.
     #   @return [String]
     #
-    # @!attribute [rw] path_to_logs
-    #   Defines path the stored logs are available which has information on
-    #   your systems, applications, and services.
+    # @!attribute [rw] region
+    #   Specify the Regions from which you want to collect logs.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/LogsStatus AWS API Documentation
+    # @!attribute [rw] sources
+    #   Specify the sources from which you want to collect logs.
+    #   @return [Array<Types::LogSourceResource>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/LogSource AWS API Documentation
     #
-    class LogsStatus < Struct.new(
-      :health_status,
-      :path_to_logs)
+    class LogSource < Struct.new(
+      :account,
+      :region,
+      :sources)
       SENSITIVE = []
       include Aws::Structure
     end
-    # Protocol used in Amazon Security Lake that dictates how notifications
-    # are posted at the endpoint.
+    # The supported source types from which logs and events are collected in
+    # Amazon Security Lake. For the list of supported Amazon Web Services,
+    # see the [Amazon Security Lake User Guide][1].
     #
-    # @!attribute [rw] endpoint
-    #   The account that is subscribed to receive exception notifications.
-    #   @return [String]
     #
-    # @!attribute [rw] protocol
-    #   The protocol to which notification messages are posted.
-    #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ProtocolAndNotificationEndpoint AWS API Documentation
+    # [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html
     #
-    class ProtocolAndNotificationEndpoint < Struct.new(
-      :endpoint,
-      :protocol)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # The resource could not be found.
+    # @note LogSourceResource is a union - when making an API calls you must set exactly one of the members.
     #
-    # @!attribute [rw] message
-    #   @return [String]
+    # @note LogSourceResource is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of LogSourceResource corresponding to the set member.
     #
-    # @!attribute [rw] resource_id
-    #   The ID of the resource for which the type of resource could not be
-    #   found.
-    #   @return [String]
+    # @!attribute [rw] aws_log_source
+    #   Amazon Security Lake supports log and event collection for natively
+    #   supported Amazon Web Services.
+    #   @return [Types::AwsLogSourceResource]
     #
-    # @!attribute [rw] resource_type
-    #   The type of the resource that could not be found.
-    #   @return [String]
+    # @!attribute [rw] custom_log_source
+    #   Amazon Security Lake supports custom source types. For a detailed
+    #   list, see the Amazon Security Lake User Guide.
+    #   @return [Types::CustomLogSourceResource]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ResourceNotFoundException AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/LogSourceResource AWS API Documentation
     #
-    class ResourceNotFoundException < Struct.new(
-      :message,
-      :resource_id,
-      :resource_type)
+    class LogSourceResource < Struct.new(
+      :aws_log_source,
+      :custom_log_source,
+      :unknown)
       SENSITIVE = []
       include Aws::Structure
+      include Aws::Structure::Union
+      class AwsLogSource < LogSourceResource; end
+      class CustomLogSource < LogSourceResource; end
+      class Unknown < LogSourceResource; end
     end
-    # Retention settings for the destination Amazon S3 buckets in Amazon
-    # Security Lake.
+    # Specify the configurations you want to use for subscriber notification
+    # to notify the subscriber when new data is written to the data lake for
+    # sources that the subscriber consumes in Security Lake.
     #
-    # @!attribute [rw] retention_period
-    #   The retention period specifies a fixed period of time during which
-    #   the Security Lake object remains locked. You can specify the
-    #   retention period in days for one or more sources.
-    #   @return [Integer]
+    # @note NotificationConfiguration is a union - when making an API calls you must set exactly one of the members.
     #
-    # @!attribute [rw] storage_class
-    #   The range of storage classes that you can choose from based on the
-    #   data access, resiliency, and cost requirements of your workloads.
-    #   @return [String]
+    # @!attribute [rw] https_notification_configuration
+    #   The configurations for HTTPS subscriber notification.
+    #   @return [Types::HttpsNotificationConfiguration]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/RetentionSetting AWS API Documentation
+    # @!attribute [rw] sqs_notification_configuration
+    #   The configurations for SQS subscriber notification.
+    #   @return [Types::SqsNotificationConfiguration]
     #
-    class RetentionSetting < Struct.new(
-      :retention_period,
-      :storage_class)
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/NotificationConfiguration AWS API Documentation
+    #
+    class NotificationConfiguration < Struct.new(
+      :https_notification_configuration,
+      :sqs_notification_configuration,
+      :unknown)
       SENSITIVE = []
       include Aws::Structure
+      include Aws::Structure::Union
+      class HttpsNotificationConfiguration < NotificationConfiguration; end
+      class SqsNotificationConfiguration < NotificationConfiguration; end
+      class Unknown < NotificationConfiguration; end
     end
-    # Provides an extension of the AmazonServiceException for errors
-    # reported by Amazon S3 while processing a request. In particular, this
-    # class provides access to the Amazon S3 extended request ID. If Amazon
-    # S3 is incorrectly handling a request and you need to contact Amazon,
-    # this extended request ID may provide useful debugging information.
-    #
-    # @!attribute [rw] message
+    # @!attribute [rw] account_id
+    #   The Amazon Web Services account ID of the Security Lake delegated
+    #   administrator.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/S3Exception AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/RegisterDataLakeDelegatedAdministratorRequest AWS API Documentation
     #
-    class S3Exception < Struct.new(
-      :message)
+    class RegisterDataLakeDelegatedAdministratorRequest < Struct.new(
+      :account_id)
       SENSITIVE = []
       include Aws::Structure
     end
-    # You have exceeded your service quota. To perform the requested action,
-    # remove some of the relevant resources, or use Service Quotas to
-    # request a service quota increase.
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/RegisterDataLakeDelegatedAdministratorResponse AWS API Documentation
     #
-    # @!attribute [rw] message
-    #   @return [String]
+    class RegisterDataLakeDelegatedAdministratorResponse < Aws::EmptyStructure; end
+    # The resource could not be found.
     #
-    # @!attribute [rw] quota_code
-    #   That the rate of requests to Security Lake is exceeding the request
-    #   quotas for your Amazon Web Services account.
+    # @!attribute [rw] message
     #   @return [String]
     #
-    # @!attribute [rw] resource_id
-    #   The ID of the resource that exceeds the service quota.
+    # @!attribute [rw] resource_name
+    #   The name of the resource that could not be found.
     #   @return [String]
     #
     # @!attribute [rw] resource_type
-    #   The type of the resource that exceeds the service quota.
-    #   @return [String]
-    #
-    # @!attribute [rw] service_code
-    #   The code for the service in Service Quotas.
+    #   The type of the resource that could not be found.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ServiceQuotaExceededException AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ResourceNotFoundException AWS API Documentation
     #
-    class ServiceQuotaExceededException < Struct.new(
+    class ResourceNotFoundException < Struct.new(
       :message,
-      :quota_code,
-      :resource_id,
-      :resource_type,
-      :service_code)
+      :resource_name,
+      :resource_type)
       SENSITIVE = []
       include Aws::Structure
     end
-    # The supported source types from which logs and events are collected in
-    # Amazon Security Lake. For the list of supported Amazon Web Services,
-    # see the [Amazon Security Lake User Guide][1].
-    #
-    #
-    #
-    # [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html
-    #
-    # @note SourceType is a union - when making an API calls you must set exactly one of the members.
-    #
-    # @note SourceType is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of SourceType corresponding to the set member.
-    #
-    # @!attribute [rw] aws_source_type
-    #   Amazon Security Lake supports log and event collection for natively
-    #   supported Amazon Web Services.
-    #   @return [String]
+    # The configurations for SQS subscriber notification.
     #
-    # @!attribute [rw] custom_source_type
-    #   Amazon Security Lake supports custom source types. For a detailed
-    #   list, see the Amazon Security Lake User Guide.
-    #   @return [String]
+    # @api private
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/SourceType AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/SqsNotificationConfiguration AWS API Documentation
     #
-    class SourceType < Struct.new(
-      :aws_source_type,
-      :custom_source_type,
-      :unknown)
-      SENSITIVE = []
-      include Aws::Structure
-      include Aws::Structure::Union
-      class AwsSourceType < SourceType; end
-      class CustomSourceType < SourceType; end
-      class Unknown < SourceType; end
-    end
+    class SqsNotificationConfiguration < Aws::EmptyStructure; end
     # Provides details about the Amazon Security Lake account subscription.
     # Subscribers are notified of new objects for a source as the data is
@@ -1467,22 +1618,10 @@ module Aws::SecurityLake
     #   This subscription type is defined as `LAKEFORMATION`.
     #   @return [Array<String>]
     #
-    # @!attribute [rw] account_id
-    #   The Amazon Web Services account ID you are using to create your
-    #   Amazon Security Lake account.
-    #   @return [String]
-    #
     # @!attribute [rw] created_at
-    #   The date and time when the subscription was created.
+    #   The date and time when the subscriber was created.
     #   @return [Time]
     #
-    # @!attribute [rw] external_id
-    #   The external ID of the subscriber. The external ID lets the user
-    #   that is assuming the role assert the circumstances in which they are
-    #   operating. It also provides a way for the account owner to permit
-    #   the role to be assumed only under specific circumstances.
-    #   @return [String]
-    #
     # @!attribute [rw] resource_share_arn
     #   The Amazon Resource Name (ARN) which uniquely defines the AWS RAM
     #   resource share. Before accepting the RAM resource share invitation,
@@ -1505,66 +1644,64 @@ module Aws::SecurityLake
     #   The ARN for the Amazon S3 bucket.
     #   @return [String]
     #
-    # @!attribute [rw] sns_arn
-    #   The ARN for the Amazon Simple Notification Service.
-    #   @return [String]
-    #
-    # @!attribute [rw] source_types
+    # @!attribute [rw] sources
     #   Amazon Security Lake supports log and event collection for natively
     #   supported Amazon Web Services. For more information, see the Amazon
     #   Security Lake User Guide.
-    #   @return [Array<Types::SourceType>]
+    #   @return [Array<Types::LogSourceResource>]
+    #
+    # @!attribute [rw] subscriber_arn
+    #   The subscriber ARN of the Amazon Security Lake subscriber account.
+    #   @return [String]
     #
     # @!attribute [rw] subscriber_description
     #   The subscriber descriptions for a subscriber account. The
     #   description for a subscriber includes `subscriberName`, `accountID`,
-    #   `externalID`, and `subscriptionId`.
+    #   `externalID`, and `subscriberId`.
     #   @return [String]
     #
-    # @!attribute [rw] subscriber_name
-    #   The name of your Amazon Security Lake subscriber account.
+    # @!attribute [rw] subscriber_endpoint
+    #   The subscriber endpoint to which exception messages are posted.
     #   @return [String]
     #
-    # @!attribute [rw] subscription_endpoint
-    #   The subscription endpoint to which exception messages are posted.
+    # @!attribute [rw] subscriber_id
+    #   The subscriber ID of the Amazon Security Lake subscriber account.
     #   @return [String]
     #
-    # @!attribute [rw] subscription_id
-    #   The subscription ID of the Amazon Security Lake subscriber account.
-    #   @return [String]
+    # @!attribute [rw] subscriber_identity
+    #   The AWS identity used to access your data.
+    #   @return [Types::AwsIdentity]
     #
-    # @!attribute [rw] subscription_protocol
-    #   The subscription protocol to which exception messages are posted.
+    # @!attribute [rw] subscriber_name
+    #   The name of your Amazon Security Lake subscriber account.
     #   @return [String]
     #
-    # @!attribute [rw] subscription_status
-    #   The subscription status of the Amazon Security Lake subscriber
+    # @!attribute [rw] subscriber_status
+    #   The subscriber status of the Amazon Security Lake subscriber
     #   account.
     #   @return [String]
     #
     # @!attribute [rw] updated_at
-    #   The date and time when the subscription was created.
+    #   The date and time when the subscriber was last updated.
     #   @return [Time]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/SubscriberResource AWS API Documentation
     #
     class SubscriberResource < Struct.new(
       :access_types,
-      :account_id,
       :created_at,
-      :external_id,
       :resource_share_arn,
       :resource_share_name,
       :role_arn,
       :s3_bucket_arn,
-      :sns_arn,
-      :source_types,
+      :sources,
+      :subscriber_arn,
       :subscriber_description,
+      :subscriber_endpoint,
+      :subscriber_id,
+      :subscriber_identity,
       :subscriber_name,
-      :subscription_endpoint,
-      :subscription_id,
-      :subscription_protocol,
-      :subscription_status,
+      :subscriber_status,
       :updated_at)
       SENSITIVE = []
       include Aws::Structure
@@ -1599,22 +1736,10 @@ module Aws::SecurityLake
       include Aws::Structure
     end
-    # @!attribute [rw] exception_message_expiry
+    # @!attribute [rw] exception_time_to_live
     #   The time-to-live (TTL) for the exception message to remain.
     #   @return [Integer]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeExceptionsExpiryRequest AWS API Documentation
-    #
-    class UpdateDatalakeExceptionsExpiryRequest < Struct.new(
-      :exception_message_expiry)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeExceptionsExpiryResponse AWS API Documentation
-    #
-    class UpdateDatalakeExceptionsExpiryResponse < Aws::EmptyStructure; end
     # @!attribute [rw] notification_endpoint
     #   The account that is subscribed to receive exception notifications.
     #   @return [String]
@@ -1623,75 +1748,76 @@ module Aws::SecurityLake
     #   The subscription protocol to which exception messages are posted.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeExceptionsSubscriptionRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDataLakeExceptionSubscriptionRequest AWS API Documentation
     #
-    class UpdateDatalakeExceptionsSubscriptionRequest < Struct.new(
+    class UpdateDataLakeExceptionSubscriptionRequest < Struct.new(
+      :exception_time_to_live,
       :notification_endpoint,
       :subscription_protocol)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeExceptionsSubscriptionResponse AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDataLakeExceptionSubscriptionResponse AWS API Documentation
     #
-    class UpdateDatalakeExceptionsSubscriptionResponse < Aws::EmptyStructure; end
+    class UpdateDataLakeExceptionSubscriptionResponse < Aws::EmptyStructure; end
     # @!attribute [rw] configurations
     #   Specify the Region or Regions that will contribute data to the
     #   rollup region.
-    #   @return [Hash<String,Types::LakeConfigurationRequest>]
+    #   @return [Array<Types::DataLakeConfiguration>]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeRequest AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDataLakeRequest AWS API Documentation
     #
-    class UpdateDatalakeRequest < Struct.new(
+    class UpdateDataLakeRequest < Struct.new(
       :configurations)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeResponse AWS API Documentation
-    #
-    class UpdateDatalakeResponse < Aws::EmptyStructure; end
-    # The status of the last `UpdateDatalake` or `DeleteDatalake` API
-    # request. This is set to Completed after the configuration is updated,
-    # or removed if deletion of the data lake is successful.
+    # @!attribute [rw] data_lakes
+    #   The created Security Lake configuration object.
+    #   @return [Array<Types::DataLakeResource>]
     #
-    # @!attribute [rw] last_update_failure
-    #   The details of the last `UpdateDatalake`or `DeleteDatalake` API
-    #   request which failed.
-    #   @return [Types::LastUpdateFailure]
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDataLakeResponse AWS API Documentation
     #
-    # @!attribute [rw] last_update_request_id
-    #   The unique ID for the `UpdateDatalake` or `DeleteDatalake` API
-    #   request.
-    #   @return [String]
+    class UpdateDataLakeResponse < Struct.new(
+      :data_lakes)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] configuration
+    #   The configuration for subscriber notification.
+    #   @return [Types::NotificationConfiguration]
     #
-    # @!attribute [rw] last_update_status
-    #   The status of the last `UpdateDatalake` or `DeleteDatalake` API
-    #   request that was requested.
+    # @!attribute [rw] subscriber_id
+    #   The subscription ID for which the subscription notification is
+    #   specified.
     #   @return [String]
     #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateStatus AWS API Documentation
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriberNotificationRequest AWS API Documentation
     #
-    class UpdateStatus < Struct.new(
-      :last_update_failure,
-      :last_update_request_id,
-      :last_update_status)
+    class UpdateSubscriberNotificationRequest < Struct.new(
+      :configuration,
+      :subscriber_id)
       SENSITIVE = []
       include Aws::Structure
     end
-    # @!attribute [rw] external_id
-    #   The external ID of the Security Lake account.
+    # @!attribute [rw] subscriber_endpoint
+    #   The subscriber endpoint to which exception messages are posted.
     #   @return [String]
     #
-    # @!attribute [rw] id
-    #   A value created by Security Lake that uniquely identifies your
-    #   subscription.
-    #   @return [String]
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriberNotificationResponse AWS API Documentation
     #
-    # @!attribute [rw] source_types
+    class UpdateSubscriberNotificationResponse < Struct.new(
+      :subscriber_endpoint)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] sources
     #   The supported Amazon Web Services from which logs and events are
     #   collected. For the list of supported Amazon Web Services, see the
     #   [Amazon Security Lake User Guide][1].
@@ -1699,12 +1825,21 @@ module Aws::SecurityLake
     #
     #
     #   [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html
-    #   @return [Array<Types::SourceType>]
+    #   @return [Array<Types::LogSourceResource>]
     #
     # @!attribute [rw] subscriber_description
     #   The description of the Security Lake account subscriber.
     #   @return [String]
     #
+    # @!attribute [rw] subscriber_id
+    #   A value created by Security Lake that uniquely identifies your
+    #   subscription.
+    #   @return [String]
+    #
+    # @!attribute [rw] subscriber_identity
+    #   The AWS identity used to access your data.
+    #   @return [Types::AwsIdentity]
+    #
     # @!attribute [rw] subscriber_name
     #   The name of the Security Lake account subscriber.
     #   @return [String]
@@ -1712,17 +1847,17 @@ module Aws::SecurityLake
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriberRequest AWS API Documentation
     #
     class UpdateSubscriberRequest < Struct.new(
-      :external_id,
-      :id,
-      :source_types,
+      :sources,
       :subscriber_description,
+      :subscriber_id,
+      :subscriber_identity,
       :subscriber_name)
       SENSITIVE = []
       include Aws::Structure
     end
     # @!attribute [rw] subscriber
-    #   The account of the subscriber.
+    #   The updated subscriber information.
     #   @return [Types::SubscriberResource]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriberResponse AWS API Documentation
@@ -1733,112 +1868,5 @@ module Aws::SecurityLake
       include Aws::Structure
     end
-    # @!attribute [rw] create_sqs
-    #   Create a new subscription notification for the specified
-    #   subscription ID in Amazon Security Lake.
-    #   @return [Boolean]
-    #
-    # @!attribute [rw] https_api_key_name
-    #   The key name for the subscription notification.
-    #   @return [String]
-    #
-    # @!attribute [rw] https_api_key_value
-    #   The key value for the subscription notification.
-    #   @return [String]
-    #
-    # @!attribute [rw] https_method
-    #   The HTTPS method used for the subscription notification.
-    #   @return [String]
-    #
-    # @!attribute [rw] role_arn
-    #   The Amazon Resource Name (ARN) specifying the role of the
-    #   subscriber. For more information about ARNs and how to use them in
-    #   policies, see, see the [Managing data access][1] and [Amazon Web
-    #   Services Managed Policies][2]in the Amazon Security Lake User Guide.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
-    #   [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
-    #   @return [String]
-    #
-    # @!attribute [rw] subscription_endpoint
-    #   The subscription endpoint in Security Lake.
-    #   @return [String]
-    #
-    # @!attribute [rw] subscription_id
-    #   The subscription ID for which the subscription notification is
-    #   specified.
-    #   @return [String]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriptionNotificationConfigurationRequest AWS API Documentation
-    #
-    class UpdateSubscriptionNotificationConfigurationRequest < Struct.new(
-      :create_sqs,
-      :https_api_key_name,
-      :https_api_key_value,
-      :https_method,
-      :role_arn,
-      :subscription_endpoint,
-      :subscription_id)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # @!attribute [rw] queue_arn
-    #   Returns the ARN of the queue.
-    #   @return [String]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriptionNotificationConfigurationResponse AWS API Documentation
-    #
-    class UpdateSubscriptionNotificationConfigurationResponse < Struct.new(
-      :queue_arn)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # Your signing certificate could not be validated.
-    #
-    # @!attribute [rw] field_list
-    #   The list of parameters that failed to validate.
-    #   @return [Array<Types::ValidationExceptionField>]
-    #
-    # @!attribute [rw] message
-    #   @return [String]
-    #
-    # @!attribute [rw] reason
-    #   The reason for the validation exception.
-    #   @return [String]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ValidationException AWS API Documentation
-    #
-    class ValidationException < Struct.new(
-      :field_list,
-      :message,
-      :reason)
-      SENSITIVE = []
-      include Aws::Structure
-    end
-    # The input fails to meet the constraints specified in Amazon Security
-    # Lake.
-    #
-    # @!attribute [rw] message
-    #   Describes the error encountered.
-    #   @return [String]
-    #
-    # @!attribute [rw] name
-    #   Name of the validation exception.
-    #   @return [String]
-    #
-    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ValidationExceptionField AWS API Documentation
-    #
-    class ValidationExceptionField < Struct.new(
-      :message,
-      :name)
-      SENSITIVE = []
-      include Aws::Structure
-    end
   end
 end