aws-sdk-securitylake 1.8.0 → 1.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f9a2e3943e586c4d07f19977e5d43b1e9239dc8c11ecca2d45f355e765416260
-  data.tar.gz: 07f7781fe13af29c330a504b85b96a0a7ee99df89af99170674a6b1ed6eb7ec9
+  metadata.gz: 6acbd6e10a606e51a5d01d692f269973ba872eda0b11b8ff6459d26449bd0aea
+  data.tar.gz: 6e10c319e483a4db0294f0f229597081bbc6f9b236ed8c0fe49145cf50a417fe
 SHA512:
-  metadata.gz: 395cddba455506d036f4a567cdf153f91d71474d56cbad85b6d8ed2ccbf7f31a841215e8427fbefdd25d6d25c86087f33165434f20fd464b08fd4f12e73e3be1
-  data.tar.gz: 7041d19cbef6e5d5429aff23395a2f9e0a41d4650cdf20504556fef1da3d56aad8ce24a8d92165cc3cd15121a92207a477c29e8a27cb64f0b314989b9fedac65
+  metadata.gz: 61e37820a32db1cf1745dd9134061c4dfca745307c7e96f3e2dd3411192cbc5e7e2613f9576c3e6b9d3910fb033372f8c3aa493c55b31eb50f52d63005a11b9a
+  data.tar.gz: d85ff94e2deed4df67c0d79c5dcd9bb821cedad7011b7b1f4e6fb9187032462b015055aa58e6b8f43ded0916a9461f0cd5f284ddf38ad179ec5b23f71ff0e497

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.10.0 (2023-07-20)
+------------------
+
+* Feature - Adding support for Tags on Create and Resource Tagging API.
+
+1.9.0 (2023-07-11)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.8.0 (2023-07-06)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.8.0
+1.10.0

data/lib/aws-sdk-securitylake/client.rb

@@ -216,6 +216,10 @@ module Aws::SecurityLake
     #   @option options [Boolean] :endpoint_discovery (false)
     #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
+    #   @option options [Boolean] :ignore_configured_endpoint_urls
+    #     Setting to true disables use of endpoint URLs provided via environment
+    #     variables and the shared configuration file.
+    #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
     #
@@ -390,7 +394,7 @@ module Aws::SecurityLake
     # can choose any source type in any Region for either accounts that are
     # part of a trusted organization or standalone accounts. Once you add an
     # Amazon Web Service as a source, Security Lake starts collecting logs
-    # and events from it,
+    # and events from it.
     #
     # You can use this API only to enable natively supported Amazon Web
     # Services as a source. Use `CreateCustomLogSource` to enable data
@@ -558,14 +562,13 @@ module Aws::SecurityLake
     # Initializes an Amazon Security Lake instance with the provided (or
     # default) configuration. You can enable Security Lake in Amazon Web
     # Services Regions with customized settings before enabling log
-    # collection in Regions. By default, the `CreateDataLake` Security Lake
-    # in all Regions. To specify particular Regions, configure these Regions
-    # using the `configurations` parameter. If you have already enabled
-    # Security Lake in a Region when you call this command, the command will
-    # update the Region if you provide new configuration parameters. If you
-    # have not already enabled Security Lake in the Region when you call
-    # this API, it will set up the data lake in the Region with the
-    # specified configurations.
+    # collection in Regions. To specify particular Regions, configure these
+    # Regions using the `configurations` parameter. If you have already
+    # enabled Security Lake in a Region when you call this command, the
+    # command will update the Region if you provide new configuration
+    # parameters. If you have not already enabled Security Lake in the
+    # Region when you call this API, it will set up the data lake in the
+    # Region with the specified configurations.
     #
     # When you enable Security Lake, it starts ingesting security data after
     # the `CreateAwsLogSource` call. This includes ingesting security data
@@ -588,6 +591,11 @@ module Aws::SecurityLake
     #   table. This table contains partitions generated by the ingestion and
     #   normalization of Amazon Web Services log sources and custom sources.
     #
+    # @option params [Array<Types::Tag>] :tags
+    #   An array of objects, one for each tag to associate with the data lake
+    #   configuration. For each tag, you must specify both a tag key and a tag
+    #   value. A tag value cannot be null, but it can be an empty string.
+    #
     # @return [Types::CreateDataLakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateDataLakeResponse#data_lakes #data_lakes} => Array&lt;Types::DataLakeResource&gt;
@@ -619,6 +627,12 @@ module Aws::SecurityLake
     #       },
     #     ],
     #     meta_store_manager_role_arn: "RoleArn", # required
+    #     tags: [
+    #       {
+    #         key: "TagKey", # required
+    #         value: "TagValue", # required
+    #       },
+    #     ],
     #   })
     #
     # @example Response structure
@@ -738,6 +752,11 @@ module Aws::SecurityLake
     # @option params [required, String] :subscriber_name
     #   The name of your Security Lake subscriber account.
     #
+    # @option params [Array<Types::Tag>] :tags
+    #   An array of objects, one for each tag to associate with the
+    #   subscriber. For each tag, you must specify both a tag key and a tag
+    #   value. A tag value cannot be null, but it can be an empty string.
+    #
     # @return [Types::CreateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateSubscriberResponse#subscriber #subscriber} => Types::SubscriberResource
@@ -773,6 +792,12 @@ module Aws::SecurityLake
     #       principal: "AwsPrincipal", # required
     #     },
     #     subscriber_name: "CreateSubscriberRequestSubscriberNameString", # required
+    #     tags: [
+    #       {
+    #         key: "TagKey", # required
+    #         value: "TagValue", # required
+    #       },
+    #     ],
     #   })
     #
     # @example Response structure
@@ -984,16 +1009,16 @@ module Aws::SecurityLake
       req.send_request(options)
     end
 
-    # Removes automatic the enablement of configuration settings for new
-    # member accounts (but retains the settings for the delegated
-    # administrator) from Amazon Security Lake. You must run this API using
-    # the credentials of the delegated administrator. When you run this API,
-    # new member accounts that are added after the organization enables
-    # Security Lake won't contribute to the data lake.
+    # Turns off automatic enablement of Amazon Security Lake for member
+    # accounts that are added to an organization in Organizations. Only the
+    # delegated Security Lake administrator for an organization can perform
+    # this operation. If the delegated Security Lake administrator performs
+    # this operation, new member accounts won't automatically contribute
+    # data to the data lake.
     #
     # @option params [required, Array<Types::DataLakeAutoEnableNewAccountConfiguration>] :auto_enable_new_account
-    #   Removes the automatic enablement of configuration settings for new
-    #   member accounts in Security Lake.
+    #   Turns off automatic enablement of Security Lake for member accounts
+    #   that are added to an organization.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -1308,9 +1333,8 @@ module Aws::SecurityLake
     end
 
     # Retrieves the Amazon Security Lake configuration object for the
-    # specified Amazon Web Services account ID. You can use the
-    # `ListDataLakes` API to know whether Security Lake is enabled for any
-    # region.
+    # specified Amazon Web Services Regions. You can use this operation to
+    # determine whether Security Lake is enabled for a Region.
     #
     # @option params [Array<String>] :regions
     #   The list of regions where Security Lake is enabled.
@@ -1503,6 +1527,40 @@ module Aws::SecurityLake
       req.send_request(options)
     end
 
+    # Retrieves the tags (keys and values) that are associated with an
+    # Amazon Security Lake resource: a subscriber, or the data lake
+    # configuration for your Amazon Web Services account in a particular
+    # Amazon Web Services Region.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Security Lake resource to
+    #   retrieve the tags for.
+    #
+    # @return [Types::ListTagsForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListTagsForResourceResponse#tags #tags} => Array&lt;Types::Tag&gt;
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_tags_for_resource({
+    #     resource_arn: "AmazonResourceName", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.tags #=> Array
+    #   resp.tags[0].key #=> String
+    #   resp.tags[0].value #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListTagsForResource AWS API Documentation
+    #
+    # @overload list_tags_for_resource(params = {})
+    # @param [Hash] params ({})
+    def list_tags_for_resource(params = {}, options = {})
+      req = build_request(:list_tags_for_resource, params)
+      req.send_request(options)
+    end
+
     # Designates the Amazon Security Lake delegated administrator account
     # for the organization. This API can only be called by the organization
     # management account. The organization management account cannot be the
@@ -1529,6 +1587,88 @@ module Aws::SecurityLake
       req.send_request(options)
     end
 
+    # Adds or updates one or more tags that are associated with an Amazon
+    # Security Lake resource: a subscriber, or the data lake configuration
+    # for your Amazon Web Services account in a particular Amazon Web
+    # Services Region. A *tag* is a label that you can define and associate
+    # with Amazon Web Services resources. Each tag consists of a required
+    # *tag key* and an associated *tag value*. A *tag key* is a general
+    # label that acts as a category for a more specific tag value. A *tag
+    # value* acts as a descriptor for a tag key. Tags can help you identify,
+    # categorize, and manage resources in different ways, such as by owner,
+    # environment, or other criteria. For more information, see [Tagging
+    # Amazon Security Lake resources][1] in the *Amazon Security Lake User
+    # Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/tagging-resources.html
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Security Lake resource to
+    #   add or update the tags for.
+    #
+    # @option params [required, Array<Types::Tag>] :tags
+    #   An array of objects, one for each tag (key and value) to associate
+    #   with the Amazon Security Lake resource. For each tag, you must specify
+    #   both a tag key and a tag value. A tag value cannot be null, but it can
+    #   be an empty string.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.tag_resource({
+    #     resource_arn: "AmazonResourceName", # required
+    #     tags: [ # required
+    #       {
+    #         key: "TagKey", # required
+    #         value: "TagValue", # required
+    #       },
+    #     ],
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/TagResource AWS API Documentation
+    #
+    # @overload tag_resource(params = {})
+    # @param [Hash] params ({})
+    def tag_resource(params = {}, options = {})
+      req = build_request(:tag_resource, params)
+      req.send_request(options)
+    end
+
+    # Removes one or more tags (keys and values) from an Amazon Security
+    # Lake resource: a subscriber, or the data lake configuration for your
+    # Amazon Web Services account in a particular Amazon Web Services
+    # Region.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Security Lake resource to
+    #   remove one or more tags from.
+    #
+    # @option params [required, Array<String>] :tag_keys
+    #   A list of one or more tag keys. For each value in the list, specify
+    #   the tag key for a tag to remove from the Amazon Security Lake
+    #   resource.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.untag_resource({
+    #     resource_arn: "AmazonResourceName", # required
+    #     tag_keys: ["TagKey"], # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UntagResource AWS API Documentation
+    #
+    # @overload untag_resource(params = {})
+    # @param [Hash] params ({})
+    def untag_resource(params = {}, options = {})
+      req = build_request(:untag_resource, params)
+      req.send_request(options)
+    end
+
     # Specifies where to store your security data and for how long. You can
     # add a rollup Region to consolidate data from multiple Amazon Web
     # Services Regions.
@@ -1788,7 +1928,7 @@ module Aws::SecurityLake
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-securitylake'
-      context[:gem_version] = '1.8.0'
+      context[:gem_version] = '1.10.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-securitylake/client_api.rb

@@ -115,6 +115,8 @@ module Aws::SecurityLake
     ListLogSourcesResponse = Shapes::StructureShape.new(name: 'ListLogSourcesResponse')
     ListSubscribersRequest = Shapes::StructureShape.new(name: 'ListSubscribersRequest')
     ListSubscribersResponse = Shapes::StructureShape.new(name: 'ListSubscribersResponse')
+    ListTagsForResourceRequest = Shapes::StructureShape.new(name: 'ListTagsForResourceRequest')
+    ListTagsForResourceResponse = Shapes::StructureShape.new(name: 'ListTagsForResourceResponse')
     LogSource = Shapes::StructureShape.new(name: 'LogSource')
     LogSourceList = Shapes::ListShape.new(name: 'LogSourceList')
     LogSourceResource = Shapes::UnionShape.new(name: 'LogSourceResource')
@@ -144,8 +146,17 @@ module Aws::SecurityLake
     SubscriberStatus = Shapes::StringShape.new(name: 'SubscriberStatus')
     SubscriptionProtocol = Shapes::StringShape.new(name: 'SubscriptionProtocol')
     SyntheticTimestamp_date_time = Shapes::TimestampShape.new(name: 'SyntheticTimestamp_date_time', timestampFormat: "iso8601")
+    Tag = Shapes::StructureShape.new(name: 'Tag')
+    TagKey = Shapes::StringShape.new(name: 'TagKey')
+    TagKeyList = Shapes::ListShape.new(name: 'TagKeyList')
+    TagList = Shapes::ListShape.new(name: 'TagList')
+    TagResourceRequest = Shapes::StructureShape.new(name: 'TagResourceRequest')
+    TagResourceResponse = Shapes::StructureShape.new(name: 'TagResourceResponse')
+    TagValue = Shapes::StringShape.new(name: 'TagValue')
     ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
     UUID = Shapes::StringShape.new(name: 'UUID')
+    UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
+    UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse')
     UpdateDataLakeExceptionSubscriptionRequest = Shapes::StructureShape.new(name: 'UpdateDataLakeExceptionSubscriptionRequest')
     UpdateDataLakeExceptionSubscriptionRequestExceptionTimeToLiveLong = Shapes::IntegerShape.new(name: 'UpdateDataLakeExceptionSubscriptionRequestExceptionTimeToLiveLong')
     UpdateDataLakeExceptionSubscriptionResponse = Shapes::StructureShape.new(name: 'UpdateDataLakeExceptionSubscriptionResponse')
@@ -220,6 +231,7 @@ module Aws::SecurityLake
 
     CreateDataLakeRequest.add_member(:configurations, Shapes::ShapeRef.new(shape: DataLakeConfigurationList, required: true, location_name: "configurations"))
     CreateDataLakeRequest.add_member(:meta_store_manager_role_arn, Shapes::ShapeRef.new(shape: RoleArn, required: true, location_name: "metaStoreManagerRoleArn"))
+    CreateDataLakeRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "tags"))
     CreateDataLakeRequest.struct_class = Types::CreateDataLakeRequest
 
     CreateDataLakeResponse.add_member(:data_lakes, Shapes::ShapeRef.new(shape: DataLakeResourceList, location_name: "dataLakes"))
@@ -237,6 +249,7 @@ module Aws::SecurityLake
     CreateSubscriberRequest.add_member(:subscriber_description, Shapes::ShapeRef.new(shape: DescriptionString, location_name: "subscriberDescription"))
     CreateSubscriberRequest.add_member(:subscriber_identity, Shapes::ShapeRef.new(shape: AwsIdentity, required: true, location_name: "subscriberIdentity"))
     CreateSubscriberRequest.add_member(:subscriber_name, Shapes::ShapeRef.new(shape: CreateSubscriberRequestSubscriberNameString, required: true, location_name: "subscriberName"))
+    CreateSubscriberRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "tags"))
     CreateSubscriberRequest.struct_class = Types::CreateSubscriberRequest
 
     CreateSubscriberResponse.add_member(:subscriber, Shapes::ShapeRef.new(shape: SubscriberResource, location_name: "subscriber"))
@@ -453,6 +466,12 @@ module Aws::SecurityLake
     ListSubscribersResponse.add_member(:subscribers, Shapes::ShapeRef.new(shape: SubscriberResourceList, location_name: "subscribers"))
     ListSubscribersResponse.struct_class = Types::ListSubscribersResponse
 
+    ListTagsForResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: AmazonResourceName, required: true, location: "uri", location_name: "resourceArn"))
+    ListTagsForResourceRequest.struct_class = Types::ListTagsForResourceRequest
+
+    ListTagsForResourceResponse.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "tags"))
+    ListTagsForResourceResponse.struct_class = Types::ListTagsForResourceResponse
+
     LogSource.add_member(:account, Shapes::ShapeRef.new(shape: AwsAccountId, location_name: "account"))
     LogSource.add_member(:region, Shapes::ShapeRef.new(shape: Region, location_name: "region"))
     LogSource.add_member(:sources, Shapes::ShapeRef.new(shape: LogSourceResourceList, location_name: "sources"))
@@ -513,12 +532,32 @@ module Aws::SecurityLake
 
     SubscriberResourceList.member = Shapes::ShapeRef.new(shape: SubscriberResource)
 
+    Tag.add_member(:key, Shapes::ShapeRef.new(shape: TagKey, required: true, location_name: "key"))
+    Tag.add_member(:value, Shapes::ShapeRef.new(shape: TagValue, required: true, location_name: "value"))
+    Tag.struct_class = Types::Tag
+
+    TagKeyList.member = Shapes::ShapeRef.new(shape: TagKey)
+
+    TagList.member = Shapes::ShapeRef.new(shape: Tag)
+
+    TagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: AmazonResourceName, required: true, location: "uri", location_name: "resourceArn"))
+    TagResourceRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, required: true, location_name: "tags"))
+    TagResourceRequest.struct_class = Types::TagResourceRequest
+
+    TagResourceResponse.struct_class = Types::TagResourceResponse
+
     ThrottlingException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     ThrottlingException.add_member(:quota_code, Shapes::ShapeRef.new(shape: String, location_name: "quotaCode"))
     ThrottlingException.add_member(:retry_after_seconds, Shapes::ShapeRef.new(shape: Integer, location: "header", location_name: "Retry-After"))
     ThrottlingException.add_member(:service_code, Shapes::ShapeRef.new(shape: String, location_name: "serviceCode"))
     ThrottlingException.struct_class = Types::ThrottlingException
 
+    UntagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: AmazonResourceName, required: true, location: "uri", location_name: "resourceArn"))
+    UntagResourceRequest.add_member(:tag_keys, Shapes::ShapeRef.new(shape: TagKeyList, required: true, location: "querystring", location_name: "tagKeys"))
+    UntagResourceRequest.struct_class = Types::UntagResourceRequest
+
+    UntagResourceResponse.struct_class = Types::UntagResourceResponse
+
     UpdateDataLakeExceptionSubscriptionRequest.add_member(:exception_time_to_live, Shapes::ShapeRef.new(shape: UpdateDataLakeExceptionSubscriptionRequestExceptionTimeToLiveLong, location_name: "exceptionTimeToLive"))
     UpdateDataLakeExceptionSubscriptionRequest.add_member(:notification_endpoint, Shapes::ShapeRef.new(shape: SafeString, required: true, location_name: "notificationEndpoint"))
     UpdateDataLakeExceptionSubscriptionRequest.add_member(:subscription_protocol, Shapes::ShapeRef.new(shape: SubscriptionProtocol, required: true, location_name: "subscriptionProtocol"))
@@ -913,6 +952,20 @@ module Aws::SecurityLake
         )
       end)
 
+      api.add_operation(:list_tags_for_resource, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListTagsForResource"
+        o.http_method = "GET"
+        o.http_request_uri = "/v1/tags/{resourceArn}"
+        o.input = Shapes::ShapeRef.new(shape: ListTagsForResourceRequest)
+        o.output = Shapes::ShapeRef.new(shape: ListTagsForResourceResponse)
+        o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
+      end)
+
       api.add_operation(:register_data_lake_delegated_administrator, Seahorse::Model::Operation.new.tap do |o|
         o.name = "RegisterDataLakeDelegatedAdministrator"
         o.http_method = "POST"
@@ -927,6 +980,34 @@ module Aws::SecurityLake
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
       end)
 
+      api.add_operation(:tag_resource, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "TagResource"
+        o.http_method = "POST"
+        o.http_request_uri = "/v1/tags/{resourceArn}"
+        o.input = Shapes::ShapeRef.new(shape: TagResourceRequest)
+        o.output = Shapes::ShapeRef.new(shape: TagResourceResponse)
+        o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
+      end)
+
+      api.add_operation(:untag_resource, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "UntagResource"
+        o.http_method = "DELETE"
+        o.http_request_uri = "/v1/tags/{resourceArn}"
+        o.input = Shapes::ShapeRef.new(shape: UntagResourceRequest)
+        o.output = Shapes::ShapeRef.new(shape: UntagResourceResponse)
+        o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
+      end)
+
       api.add_operation(:update_data_lake, Seahorse::Model::Operation.new.tap do |o|
         o.name = "UpdateDataLake"
         o.http_method = "PUT"

data/lib/aws-sdk-securitylake/endpoints.rb

@@ -334,6 +334,20 @@ module Aws::SecurityLake
       end
     end
 
+    class ListTagsForResource
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::SecurityLake::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class RegisterDataLakeDelegatedAdministrator
       def self.build(context)
         unless context.config.regional_endpoint
@@ -348,6 +362,34 @@ module Aws::SecurityLake
       end
     end
 
+    class TagResource
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::SecurityLake::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class UntagResource
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::SecurityLake::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class UpdateDataLake
       def self.build(context)
         unless context.config.regional_endpoint

data/lib/aws-sdk-securitylake/plugins/endpoints.rb

@@ -102,8 +102,14 @@ module Aws::SecurityLake
             Aws::SecurityLake::Endpoints::ListLogSources.build(context)
           when :list_subscribers
             Aws::SecurityLake::Endpoints::ListSubscribers.build(context)
+          when :list_tags_for_resource
+            Aws::SecurityLake::Endpoints::ListTagsForResource.build(context)
           when :register_data_lake_delegated_administrator
             Aws::SecurityLake::Endpoints::RegisterDataLakeDelegatedAdministrator.build(context)
+          when :tag_resource
+            Aws::SecurityLake::Endpoints::TagResource.build(context)
+          when :untag_resource
+            Aws::SecurityLake::Endpoints::UntagResource.build(context)
           when :update_data_lake
             Aws::SecurityLake::Endpoints::UpdateDataLake.build(context)
           when :update_data_lake_exception_subscription

data/lib/aws-sdk-securitylake/types.rb

@@ -335,11 +335,19 @@ module Aws::SecurityLake
     #   normalization of Amazon Web Services log sources and custom sources.
     #   @return [String]
     #
+    # @!attribute [rw] tags
+    #   An array of objects, one for each tag to associate with the data
+    #   lake configuration. For each tag, you must specify both a tag key
+    #   and a tag value. A tag value cannot be null, but it can be an empty
+    #   string.
+    #   @return [Array<Types::Tag>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeRequest AWS API Documentation
     #
     class CreateDataLakeRequest < Struct.new(
       :configurations,
-      :meta_store_manager_role_arn)
+      :meta_store_manager_role_arn,
+      :tags)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -408,6 +416,12 @@ module Aws::SecurityLake
     #   The name of your Security Lake subscriber account.
     #   @return [String]
     #
+    # @!attribute [rw] tags
+    #   An array of objects, one for each tag to associate with the
+    #   subscriber. For each tag, you must specify both a tag key and a tag
+    #   value. A tag value cannot be null, but it can be an empty string.
+    #   @return [Array<Types::Tag>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberRequest AWS API Documentation
     #
     class CreateSubscriberRequest < Struct.new(
@@ -415,7 +429,8 @@ module Aws::SecurityLake
       :sources,
       :subscriber_description,
       :subscriber_identity,
-      :subscriber_name)
+      :subscriber_name,
+      :tags)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -623,7 +638,7 @@ module Aws::SecurityLake
       include Aws::Structure
     end
 
-    # The details for a Security Lake exception
+    # The details for an Amazon Security Lake exception.
     #
     # @!attribute [rw] exception
     #   The underlying exception of a Security Lake exception.
@@ -1025,8 +1040,8 @@ module Aws::SecurityLake
     class DeleteDataLakeExceptionSubscriptionResponse < Aws::EmptyStructure; end
 
     # @!attribute [rw] auto_enable_new_account
-    #   Removes the automatic enablement of configuration settings for new
-    #   member accounts in Security Lake.
+    #   Turns off automatic enablement of Security Lake for member accounts
+    #   that are added to an organization.
     #   @return [Array<Types::DataLakeAutoEnableNewAccountConfiguration>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeOrganizationConfigurationRequest AWS API Documentation
@@ -1262,8 +1277,8 @@ module Aws::SecurityLake
     #   The Amazon Resource Name (ARN) of the EventBridge API destinations
     #   IAM role that you created. For more information about ARNs and how
     #   to use them in policies, see [Managing data access][1] and [Amazon
-    #   Web Services Managed Policies][2] in the Amazon Security Lake User
-    #   Guide.
+    #   Web Services Managed Policies][2] in the *Amazon Security Lake User
+    #   Guide*.
     #
     #
     #
@@ -1465,6 +1480,32 @@ module Aws::SecurityLake
       include Aws::Structure
     end
 
+    # @!attribute [rw] resource_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Security Lake resource
+    #   to retrieve the tags for.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListTagsForResourceRequest AWS API Documentation
+    #
+    class ListTagsForResourceRequest < Struct.new(
+      :resource_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] tags
+    #   An array of objects, one for each tag (key and value) that’s
+    #   associated with the Amazon Security Lake resource.
+    #   @return [Array<Types::Tag>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListTagsForResourceResponse AWS API Documentation
+    #
+    class ListTagsForResourceResponse < Struct.new(
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Amazon Security Lake can collect logs and events from
     # natively-supported Amazon Web Services services and custom sources.
     #
@@ -1491,8 +1532,8 @@ module Aws::SecurityLake
     end
 
     # The supported source types from which logs and events are collected in
-    # Amazon Security Lake. For the list of supported Amazon Web Services,
-    # see the [Amazon Security Lake User Guide][1].
+    # Amazon Security Lake. For a list of supported Amazon Web Services, see
+    # the [Amazon Security Lake User Guide][1].
     #
     #
     #
@@ -1504,12 +1545,21 @@ module Aws::SecurityLake
     #
     # @!attribute [rw] aws_log_source
     #   Amazon Security Lake supports log and event collection for natively
-    #   supported Amazon Web Services.
+    #   supported Amazon Web Services. For more information, see the [Amazon
+    #   Security Lake User Guide][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html
     #   @return [Types::AwsLogSourceResource]
     #
     # @!attribute [rw] custom_log_source
-    #   Amazon Security Lake supports custom source types. For a detailed
-    #   list, see the Amazon Security Lake User Guide.
+    #   Amazon Security Lake supports custom source types. For more
+    #   information, see the [Amazon Security Lake User Guide][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/custom-sources.html
     #   @return [Types::CustomLogSourceResource]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/LogSourceResource AWS API Documentation
@@ -1646,8 +1696,12 @@ module Aws::SecurityLake
     #
     # @!attribute [rw] sources
     #   Amazon Security Lake supports log and event collection for natively
-    #   supported Amazon Web Services. For more information, see the Amazon
-    #   Security Lake User Guide.
+    #   supported Amazon Web Services. For more information, see the [Amazon
+    #   Security Lake User Guide][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/source-management.html
     #   @return [Array<Types::LogSourceResource>]
     #
     # @!attribute [rw] subscriber_arn
@@ -1707,6 +1761,74 @@ module Aws::SecurityLake
       include Aws::Structure
     end
 
+    # A *tag* is a label that you can define and associate with Amazon Web
+    # Services resources, including certain types of Amazon Security Lake
+    # resources. Tags can help you identify, categorize, and manage
+    # resources in different ways, such as by owner, environment, or other
+    # criteria. You can associate tags with the following types of Security
+    # Lake resources: subscribers, and the data lake configuration for your
+    # Amazon Web Services account in individual Amazon Web Services Regions.
+    #
+    # A resource can have up to 50 tags. Each tag consists of a required
+    # *tag key* and an associated *tag value*. A *tag key* is a general
+    # label that acts as a category for a more specific tag value. Each tag
+    # key must be unique and it can have only one tag value. A *tag value*
+    # acts as a descriptor for a tag key. Tag keys and values are case
+    # sensitive. They can contain letters, numbers, spaces, or the following
+    # symbols: \_ . : / = + @ -
+    #
+    # For more information, see [Tagging Amazon Security Lake resources][1]
+    # in the *Amazon Security Lake User Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/tagging-resources.html
+    #
+    # @!attribute [rw] key
+    #   The name of the tag. This is a general label that acts as a category
+    #   for a more specific tag value (`value`).
+    #   @return [String]
+    #
+    # @!attribute [rw] value
+    #   The value that’s associated with the specified tag key (`key`). This
+    #   value acts as a descriptor for the tag key. A tag value cannot be
+    #   null, but it can be an empty string.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/Tag AWS API Documentation
+    #
+    class Tag < Struct.new(
+      :key,
+      :value)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] resource_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Security Lake resource
+    #   to add or update the tags for.
+    #   @return [String]
+    #
+    # @!attribute [rw] tags
+    #   An array of objects, one for each tag (key and value) to associate
+    #   with the Amazon Security Lake resource. For each tag, you must
+    #   specify both a tag key and a tag value. A tag value cannot be null,
+    #   but it can be an empty string.
+    #   @return [Array<Types::Tag>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/TagResourceRequest AWS API Documentation
+    #
+    class TagResourceRequest < Struct.new(
+      :resource_arn,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/TagResourceResponse AWS API Documentation
+    #
+    class TagResourceResponse < Aws::EmptyStructure; end
+
     # The limit on the number of requests per second was exceeded.
     #
     # @!attribute [rw] message
@@ -1736,6 +1858,30 @@ module Aws::SecurityLake
       include Aws::Structure
     end
 
+    # @!attribute [rw] resource_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Security Lake resource
+    #   to remove one or more tags from.
+    #   @return [String]
+    #
+    # @!attribute [rw] tag_keys
+    #   A list of one or more tag keys. For each value in the list, specify
+    #   the tag key for a tag to remove from the Amazon Security Lake
+    #   resource.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UntagResourceRequest AWS API Documentation
+    #
+    class UntagResourceRequest < Struct.new(
+      :resource_arn,
+      :tag_keys)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UntagResourceResponse AWS API Documentation
+    #
+    class UntagResourceResponse < Aws::EmptyStructure; end
+
     # @!attribute [rw] exception_time_to_live
     #   The time-to-live (TTL) for the exception message to remain.
     #   @return [Integer]

data/lib/aws-sdk-securitylake.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-securitylake/customizations'
 # @!group service
 module Aws::SecurityLake
 
-  GEM_VERSION = '1.8.0'
+  GEM_VERSION = '1.10.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-securitylake
 version: !ruby/object:Gem::Version
-  version: 1.8.0
+  version: 1.10.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-07-06 00:00:00.000000000 Z
+date: 2023-07-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core