@aws-sdk/client-cloudtrail 3.379.1 → 3.385.0

package/dist-types/models/models_0.d.ts

@@ -9,6 +9,7 @@ export declare class AccountHasOngoingImportException extends __BaseException {
     readonly name: "AccountHasOngoingImportException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -26,6 +27,7 @@ export declare class AccountNotFoundException extends __BaseException {
     readonly name: "AccountNotFoundException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -42,6 +44,7 @@ export declare class AccountNotRegisteredException extends __BaseException {
     readonly name: "AccountNotRegisteredException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -59,6 +62,7 @@ export declare class AccountRegisteredException extends __BaseException {
     readonly name: "AccountRegisteredException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -74,11 +78,13 @@ export declare class AccountRegisteredException extends __BaseException {
  */
 export interface Tag {
     /**
+     * @public
      * <p>The key in a key-value pair. The key must be must be no longer than 128 Unicode
      *          characters. The key must be unique for the resource to which it applies.</p>
      */
     Key: string | undefined;
     /**
+     * @public
      * <p>The value in a key-value pair of a tag. The value must be no longer than 256 Unicode
      *          characters.</p>
      */
@@ -90,6 +96,7 @@ export interface Tag {
  */
 export interface AddTagsRequest {
     /**
+     * @public
      * <p>Specifies the ARN of the trail, event data store, or channel to which one or more tags will be
      *          added.</p>
      *          <p>The format of a trail ARN is:
@@ -104,6 +111,7 @@ export interface AddTagsRequest {
      */
     ResourceId: string | undefined;
     /**
+     * @public
      * <p>Contains a list of tags, up to a limit of 50</p>
      */
     TagsList: Tag[] | undefined;
@@ -123,6 +131,7 @@ export declare class ChannelARNInvalidException extends __BaseException {
     readonly name: "ChannelARNInvalidException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -139,6 +148,7 @@ export declare class ChannelNotFoundException extends __BaseException {
     readonly name: "ChannelNotFoundException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -166,6 +176,7 @@ export declare class CloudTrailARNInvalidException extends __BaseException {
     readonly name: "CloudTrailARNInvalidException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -185,6 +196,7 @@ export declare class ConflictException extends __BaseException {
     readonly name: "ConflictException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -202,6 +214,7 @@ export declare class EventDataStoreARNInvalidException extends __BaseException {
     readonly name: "EventDataStoreARNInvalidException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -218,6 +231,7 @@ export declare class EventDataStoreNotFoundException extends __BaseException {
     readonly name: "EventDataStoreNotFoundException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -234,6 +248,7 @@ export declare class InactiveEventDataStoreException extends __BaseException {
     readonly name: "InactiveEventDataStoreException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -251,6 +266,7 @@ export declare class InvalidTagParameterException extends __BaseException {
     readonly name: "InvalidTagParameterException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -287,6 +303,7 @@ export declare class InvalidTrailNameException extends __BaseException {
     readonly name: "InvalidTrailNameException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -304,6 +321,7 @@ export declare class NoManagementAccountSLRExistsException extends __BaseExcepti
     readonly name: "NoManagementAccountSLRExistsException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -322,6 +340,7 @@ export declare class NotOrganizationMasterAccountException extends __BaseExcepti
     readonly name: "NotOrganizationMasterAccountException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -338,6 +357,7 @@ export declare class OperationNotPermittedException extends __BaseException {
     readonly name: "OperationNotPermittedException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -354,6 +374,7 @@ export declare class ResourceNotFoundException extends __BaseException {
     readonly name: "ResourceNotFoundException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -370,6 +391,7 @@ export declare class ResourceTypeNotSupportedException extends __BaseException {
     readonly name: "ResourceTypeNotSupportedException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -387,6 +409,7 @@ export declare class TagsLimitExceededException extends __BaseException {
     readonly name: "TagsLimitExceededException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -403,6 +426,7 @@ export declare class UnsupportedOperationException extends __BaseException {
     readonly name: "UnsupportedOperationException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -417,6 +441,7 @@ export declare class UnsupportedOperationException extends __BaseException {
  */
 export interface AdvancedFieldSelector {
     /**
+     * @public
      * <p> A field in a CloudTrail event record on which to filter events to be logged. For
      *          event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events, the field is used only for
      *          selecting events as filtering is not supported. </p>
@@ -811,6 +836,7 @@ export interface AdvancedFieldSelector {
      */
     Field: string | undefined;
     /**
+     * @public
      * <p> An operator that includes events that match the exact value of the event record field
      *          specified as the value of <code>Field</code>. This is the only valid operator that you can
      *          use with the <code>readOnly</code>, <code>eventCategory</code>, and
@@ -818,26 +844,31 @@ export interface AdvancedFieldSelector {
      */
     Equals?: string[];
     /**
+     * @public
      * <p>An operator that includes events that match the first few characters of the event record
      *          field specified as the value of <code>Field</code>.</p>
      */
     StartsWith?: string[];
     /**
+     * @public
      * <p>An operator that includes events that match the last few characters of the event record
      *          field specified as the value of <code>Field</code>.</p>
      */
     EndsWith?: string[];
     /**
+     * @public
      * <p> An operator that excludes events that match the exact value of the event record field
      *          specified as the value of <code>Field</code>. </p>
      */
     NotEquals?: string[];
     /**
+     * @public
      * <p> An operator that excludes events that match the first few characters of the event
      *          record field specified as the value of <code>Field</code>. </p>
      */
     NotStartsWith?: string[];
     /**
+     * @public
      * <p> An operator that excludes events that match the last few characters of the event record
      *          field specified as the value of <code>Field</code>. </p>
      */
@@ -884,11 +915,13 @@ export interface AdvancedFieldSelector {
  */
 export interface AdvancedEventSelector {
     /**
+     * @public
      * <p>An optional, descriptive name for an advanced event selector, such as "Log data events
      *          for only two S3 buckets".</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>Contains all selector statements in an advanced event selector.</p>
      */
     FieldSelectors: AdvancedFieldSelector[] | undefined;
@@ -898,6 +931,7 @@ export interface AdvancedEventSelector {
  */
 export interface CancelQueryRequest {
     /**
+     * @public
      * @deprecated
      *
      * <p>The ARN (or the ID suffix of the ARN) of an event data store on which the specified
@@ -905,6 +939,7 @@ export interface CancelQueryRequest {
      */
     EventDataStore?: string;
     /**
+     * @public
      * <p>The ID of the query that you want to cancel. The <code>QueryId</code> comes from the
      *          response of a <code>StartQuery</code> operation.</p>
      */
@@ -931,10 +966,12 @@ export type QueryStatus = (typeof QueryStatus)[keyof typeof QueryStatus];
  */
 export interface CancelQueryResponse {
     /**
+     * @public
      * <p>The ID of the canceled query.</p>
      */
     QueryId: string | undefined;
     /**
+     * @public
      * <p>Shows the status of a query after a <code>CancelQuery</code> request. Typically, the
      *          values shown are either <code>RUNNING</code> or <code>CANCELLED</code>.</p>
      */
@@ -949,6 +986,7 @@ export declare class InactiveQueryException extends __BaseException {
     readonly name: "InactiveQueryException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -965,6 +1003,7 @@ export declare class InvalidParameterException extends __BaseException {
     readonly name: "InvalidParameterException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -981,6 +1020,7 @@ export declare class QueryIdNotFoundException extends __BaseException {
     readonly name: "QueryIdNotFoundException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -998,6 +1038,7 @@ export declare class CannotDelegateManagementAccountException extends __BaseExce
     readonly name: "CannotDelegateManagementAccountException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1012,10 +1053,12 @@ export declare class CannotDelegateManagementAccountException extends __BaseExce
  */
 export interface Channel {
     /**
+     * @public
      * <p>The Amazon Resource Name (ARN) of a channel.</p>
      */
     ChannelArn?: string;
     /**
+     * @public
      * <p> The name of the CloudTrail channel. For service-linked channels, the name is
      *             <code>aws-service-channel/service-name/custom-suffix</code> where
      *             <code>service-name</code> represents the name of the Amazon Web Services service that
@@ -1034,6 +1077,7 @@ export declare class ChannelAlreadyExistsException extends __BaseException {
     readonly name: "ChannelAlreadyExistsException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1051,6 +1095,7 @@ export declare class ChannelExistsForEDSException extends __BaseException {
     readonly name: "ChannelExistsForEDSException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1069,6 +1114,7 @@ export declare class ChannelMaxLimitExceededException extends __BaseException {
     readonly name: "ChannelMaxLimitExceededException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1095,11 +1141,13 @@ export type DestinationType = (typeof DestinationType)[keyof typeof DestinationT
  */
 export interface Destination {
     /**
+     * @public
      * <p>The type of destination for events arriving from a channel. For channels used for a CloudTrail Lake integration, the value is <code>EventDataStore</code>. For service-linked channels,
      *          the value is <code>AWS_SERVICE</code>. </p>
      */
     Type: DestinationType | string | undefined;
     /**
+     * @public
      * <p> For channels used for a CloudTrail Lake integration, the location is the ARN of an event data store that receives events from a channel.
      *          For service-linked channels, the location is the name of the Amazon Web Services service.</p>
      */
@@ -1110,10 +1158,12 @@ export interface Destination {
  */
 export interface CreateChannelRequest {
     /**
+     * @public
      * <p>The name of the channel.</p>
      */
     Name: string | undefined;
     /**
+     * @public
      * <p>The name of the partner or external event source. You cannot change this name after you create the
      *          channel. A maximum of one channel is allowed per source.</p>
      *          <p>
@@ -1123,10 +1173,12 @@ export interface CreateChannelRequest {
      */
     Source: string | undefined;
     /**
+     * @public
      * <p>One or more event data stores to which events arriving through a channel will be logged.</p>
      */
     Destinations: Destination[] | undefined;
     /**
+     * @public
      * <p>A list of tags.</p>
      */
     Tags?: Tag[];
@@ -1136,22 +1188,27 @@ export interface CreateChannelRequest {
  */
 export interface CreateChannelResponse {
     /**
+     * @public
      * <p>The Amazon Resource Name (ARN) of the new channel.</p>
      */
     ChannelArn?: string;
     /**
+     * @public
      * <p>The name of the new channel.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>The partner or external event source name.</p>
      */
     Source?: string;
     /**
+     * @public
      * <p>The event data stores that log the events arriving through the channel.</p>
      */
     Destinations?: Destination[];
     /**
+     * @public
      * <p>A list of tags.</p>
      */
     Tags?: Tag[];
@@ -1165,6 +1222,7 @@ export declare class InvalidEventDataStoreCategoryException extends __BaseExcept
     readonly name: "InvalidEventDataStoreCategoryException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1181,6 +1239,7 @@ export declare class InvalidSourceException extends __BaseException {
     readonly name: "InvalidSourceException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1197,6 +1256,7 @@ export declare class CloudTrailAccessNotEnabledException extends __BaseException
     readonly name: "CloudTrailAccessNotEnabledException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1210,10 +1270,12 @@ export declare class CloudTrailAccessNotEnabledException extends __BaseException
  */
 export interface CreateEventDataStoreRequest {
     /**
+     * @public
      * <p>The name of the event data store.</p>
      */
     Name: string | undefined;
     /**
+     * @public
      * <p>The advanced event selectors to use to select the events for the data store. You can
      *          configure up to five advanced event selectors for each event data store.</p>
      *          <p> For more information about how to use advanced event selectors to log CloudTrail
@@ -1224,31 +1286,37 @@ export interface CreateEventDataStoreRequest {
      */
     AdvancedEventSelectors?: AdvancedEventSelector[];
     /**
+     * @public
      * <p>Specifies whether the event data store includes events from all Regions, or only from
      *          the Region in which the event data store is created.</p>
      */
     MultiRegionEnabled?: boolean;
     /**
+     * @public
      * <p>Specifies whether an event data store collects events logged for an organization in
      *             Organizations.</p>
      */
     OrganizationEnabled?: boolean;
     /**
+     * @public
      * <p>The retention period of the event data store, in days. You can set a retention period of
      *          up to 2557 days, the equivalent of seven years.</p>
      */
     RetentionPeriod?: number;
     /**
+     * @public
      * <p>Specifies whether termination protection is enabled for the event data store. If
      *          termination protection is enabled, you cannot delete the event data store until termination
      *          protection is disabled.</p>
      */
     TerminationProtectionEnabled?: boolean;
     /**
+     * @public
      * <p>A list of tags.</p>
      */
     TagsList?: Tag[];
     /**
+     * @public
      * <p>Specifies the KMS key ID to use to encrypt the events delivered by
      *             CloudTrail. The value can be an alias name prefixed by <code>alias/</code>, a
      *          fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique
@@ -1290,6 +1358,7 @@ export interface CreateEventDataStoreRequest {
      */
     KmsKeyId?: string;
     /**
+     * @public
      * <p>Specifies whether the event data store should start ingesting live events. The default is true.</p>
      */
     StartIngestion?: boolean;
@@ -1315,55 +1384,67 @@ export type EventDataStoreStatus = (typeof EventDataStoreStatus)[keyof typeof Ev
  */
 export interface CreateEventDataStoreResponse {
     /**
+     * @public
      * <p>The ARN of the event data store.</p>
      */
     EventDataStoreArn?: string;
     /**
+     * @public
      * <p>The name of the event data store.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>The status of event data store creation.</p>
      */
     Status?: EventDataStoreStatus | string;
     /**
+     * @public
      * <p>The advanced event selectors that were used to select the events for the data
      *          store.</p>
      */
     AdvancedEventSelectors?: AdvancedEventSelector[];
     /**
+     * @public
      * <p>Indicates whether the event data store collects events from all Regions, or only from
      *          the Region in which it was created.</p>
      */
     MultiRegionEnabled?: boolean;
     /**
+     * @public
      * <p>Indicates whether an event data store is collecting logged events for an organization in
      *             Organizations.</p>
      */
     OrganizationEnabled?: boolean;
     /**
+     * @public
      * <p>The retention period of an event data store, in days.</p>
      */
     RetentionPeriod?: number;
     /**
+     * @public
      * <p>Indicates whether termination protection is enabled for the event data store.</p>
      */
     TerminationProtectionEnabled?: boolean;
     /**
+     * @public
      * <p>A list of tags.</p>
      */
     TagsList?: Tag[];
     /**
+     * @public
      * <p>The timestamp that shows when the event data store was created.</p>
      */
     CreatedTimestamp?: Date;
     /**
+     * @public
      * <p>The timestamp that shows when an event data store was updated, if applicable.
      *             <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in
      *             <code>CreatedTimestamp</code>.</p>
      */
     UpdatedTimestamp?: Date;
     /**
+     * @public
      * <p>Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the
      *          following format.</p>
      *          <p>
@@ -1380,6 +1461,7 @@ export declare class EventDataStoreAlreadyExistsException extends __BaseExceptio
     readonly name: "EventDataStoreAlreadyExistsException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1396,6 +1478,7 @@ export declare class EventDataStoreMaxLimitExceededException extends __BaseExcep
     readonly name: "EventDataStoreMaxLimitExceededException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1414,6 +1497,7 @@ export declare class InsufficientDependencyServiceAccessPermissionException exte
     readonly name: "InsufficientDependencyServiceAccessPermissionException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1431,6 +1515,7 @@ export declare class InsufficientEncryptionPolicyException extends __BaseExcepti
     readonly name: "InsufficientEncryptionPolicyException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1474,6 +1559,7 @@ export declare class InvalidEventSelectorsException extends __BaseException {
     readonly name: "InvalidEventSelectorsException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1490,6 +1576,7 @@ export declare class InvalidKmsKeyIdException extends __BaseException {
     readonly name: "InvalidKmsKeyIdException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1507,6 +1594,7 @@ export declare class KmsException extends __BaseException {
     readonly name: "KmsException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1525,6 +1613,7 @@ export declare class KmsKeyNotFoundException extends __BaseException {
     readonly name: "KmsKeyNotFoundException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1543,6 +1632,7 @@ export declare class OrganizationNotInAllFeaturesModeException extends __BaseExc
     readonly name: "OrganizationNotInAllFeaturesModeException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1561,6 +1651,7 @@ export declare class OrganizationsNotInUseException extends __BaseException {
     readonly name: "OrganizationsNotInUseException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1579,6 +1670,7 @@ export declare class CloudTrailInvalidClientTokenIdException extends __BaseExcep
     readonly name: "CloudTrailInvalidClientTokenIdException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1595,6 +1687,7 @@ export declare class CloudWatchLogsDeliveryUnavailableException extends __BaseEx
     readonly name: "CloudWatchLogsDeliveryUnavailableException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1609,6 +1702,7 @@ export declare class CloudWatchLogsDeliveryUnavailableException extends __BaseEx
  */
 export interface CreateTrailRequest {
     /**
+     * @public
      * <p>Specifies the name of the trail. The name must meet the following requirements:</p>
      *          <ul>
      *             <li>
@@ -1632,34 +1726,40 @@ export interface CreateTrailRequest {
      */
     Name: string | undefined;
     /**
+     * @public
      * <p>Specifies the name of the Amazon S3 bucket designated for publishing log files.
      *          See <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html">Amazon S3
      *             Bucket Naming Requirements</a>.</p>
      */
     S3BucketName: string | undefined;
     /**
+     * @public
      * <p>Specifies the Amazon S3 key prefix that comes after the name of the bucket you
      *          have designated for log file delivery. For more information, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html">Finding Your CloudTrail Log Files</a>. The maximum length is 200
      *          characters.</p>
      */
     S3KeyPrefix?: string;
     /**
+     * @public
      * <p>Specifies the name of the Amazon SNS topic defined for notification of log file
      *          delivery. The maximum length is 256 characters.</p>
      */
     SnsTopicName?: string;
     /**
+     * @public
      * <p>Specifies whether the trail is publishing events from global services such as IAM to the
      *          log files.</p>
      */
     IncludeGlobalServiceEvents?: boolean;
     /**
+     * @public
      * <p>Specifies whether the trail is created in the current Region or in all Regions. The
      *          default is false, which creates a trail only in the Region where you are signed in. As a
      *          best practice, consider creating trails that log events in all Regions.</p>
      */
     IsMultiRegionTrail?: boolean;
     /**
+     * @public
      * <p>Specifies whether log file integrity validation is enabled. The default is false.</p>
      *          <note>
      *             <p>When you disable log file integrity validation, the chain of digest files is broken
@@ -1673,6 +1773,7 @@ export interface CreateTrailRequest {
      */
     EnableLogFileValidation?: boolean;
     /**
+     * @public
      * <p>Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that
      *          represents the log group to which CloudTrail logs will be delivered. You must use a
      *          log group that exists in your account.</p>
@@ -1680,11 +1781,13 @@ export interface CreateTrailRequest {
      */
     CloudWatchLogsLogGroupArn?: string;
     /**
+     * @public
      * <p>Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's
      *          log group. You must use a role that exists in your account.</p>
      */
     CloudWatchLogsRoleArn?: string;
     /**
+     * @public
      * <p>Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by <code>alias/</code>, a fully
      *          specified ARN to an alias, a fully specified ARN to a key, or a globally unique
      *          identifier.</p>
@@ -1717,12 +1820,14 @@ export interface CreateTrailRequest {
      */
     KmsKeyId?: string;
     /**
+     * @public
      * <p>Specifies whether the trail is created for all accounts in an organization in Organizations, or only for the current Amazon Web Services account. The default is false,
      *          and cannot be true unless the call is made on behalf of an Amazon Web Services account that
      *          is the management account or delegated administrator account for an organization in Organizations.</p>
      */
     IsOrganizationTrail?: boolean;
     /**
+     * @public
      * <p>A list of tags.</p>
      */
     TagsList?: Tag[];
@@ -1734,26 +1839,31 @@ export interface CreateTrailRequest {
  */
 export interface CreateTrailResponse {
     /**
+     * @public
      * <p>Specifies the name of the trail.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>Specifies the name of the Amazon S3 bucket designated for publishing log
      *          files.</p>
      */
     S3BucketName?: string;
     /**
+     * @public
      * <p>Specifies the Amazon S3 key prefix that comes after the name of the bucket you
      *          have designated for log file delivery. For more information, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html">Finding Your CloudTrail Log Files</a>.</p>
      */
     S3KeyPrefix?: string;
     /**
+     * @public
      * @deprecated
      *
      * <p>This field is no longer in use. Use <code>SnsTopicARN</code>.</p>
      */
     SnsTopicName?: string;
     /**
+     * @public
      * <p>Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send
      *          notifications when log files are delivered. The format of a topic ARN is:</p>
      *          <p>
@@ -1762,15 +1872,18 @@ export interface CreateTrailResponse {
      */
     SnsTopicARN?: string;
     /**
+     * @public
      * <p>Specifies whether the trail is publishing events from global services such as IAM to the
      *          log files.</p>
      */
     IncludeGlobalServiceEvents?: boolean;
     /**
+     * @public
      * <p>Specifies whether the trail exists in one Region or in all Regions.</p>
      */
     IsMultiRegionTrail?: boolean;
     /**
+     * @public
      * <p>Specifies the ARN of the trail that was created. The format of a trail ARN is:</p>
      *          <p>
      *             <code>arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail</code>
@@ -1778,20 +1891,24 @@ export interface CreateTrailResponse {
      */
     TrailARN?: string;
     /**
+     * @public
      * <p>Specifies whether log file integrity validation is enabled.</p>
      */
     LogFileValidationEnabled?: boolean;
     /**
+     * @public
      * <p>Specifies the Amazon Resource Name (ARN) of the log group to which CloudTrail
      *          logs will be delivered.</p>
      */
     CloudWatchLogsLogGroupArn?: string;
     /**
+     * @public
      * <p>Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's
      *          log group.</p>
      */
     CloudWatchLogsRoleArn?: string;
     /**
+     * @public
      * <p>Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the
      *          following format.</p>
      *          <p>
@@ -1800,6 +1917,7 @@ export interface CreateTrailResponse {
      */
     KmsKeyId?: string;
     /**
+     * @public
      * <p>Specifies whether the trail is an organization trail.</p>
      */
     IsOrganizationTrail?: boolean;
@@ -1812,6 +1930,7 @@ export declare class InsufficientS3BucketPolicyException extends __BaseException
     readonly name: "InsufficientS3BucketPolicyException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1829,6 +1948,7 @@ export declare class InsufficientSnsTopicPolicyException extends __BaseException
     readonly name: "InsufficientSnsTopicPolicyException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1846,6 +1966,7 @@ export declare class InvalidCloudWatchLogsLogGroupArnException extends __BaseExc
     readonly name: "InvalidCloudWatchLogsLogGroupArnException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1862,6 +1983,7 @@ export declare class InvalidCloudWatchLogsRoleArnException extends __BaseExcepti
     readonly name: "InvalidCloudWatchLogsRoleArnException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1879,6 +2001,7 @@ export declare class InvalidParameterCombinationException extends __BaseExceptio
     readonly name: "InvalidParameterCombinationException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1895,6 +2018,7 @@ export declare class InvalidS3BucketNameException extends __BaseException {
     readonly name: "InvalidS3BucketNameException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1911,6 +2035,7 @@ export declare class InvalidS3PrefixException extends __BaseException {
     readonly name: "InvalidS3PrefixException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1927,6 +2052,7 @@ export declare class InvalidSnsTopicNameException extends __BaseException {
     readonly name: "InvalidSnsTopicNameException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1945,6 +2071,7 @@ export declare class KmsKeyDisabledException extends __BaseException {
     readonly name: "KmsKeyDisabledException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1961,6 +2088,7 @@ export declare class MaximumNumberOfTrailsExceededException extends __BaseExcept
     readonly name: "MaximumNumberOfTrailsExceededException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1977,6 +2105,7 @@ export declare class S3BucketDoesNotExistException extends __BaseException {
     readonly name: "S3BucketDoesNotExistException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -1993,6 +2122,7 @@ export declare class TrailAlreadyExistsException extends __BaseException {
     readonly name: "TrailAlreadyExistsException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -2009,6 +2139,7 @@ export declare class TrailNotProvidedException extends __BaseException {
     readonly name: "TrailNotProvidedException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -2022,6 +2153,7 @@ export declare class TrailNotProvidedException extends __BaseException {
  */
 export interface DeleteChannelRequest {
     /**
+     * @public
      * <p>The ARN or the <code>UUID</code> value of the channel that you want to delete.</p>
      */
     Channel: string | undefined;
@@ -2036,6 +2168,7 @@ export interface DeleteChannelResponse {
  */
 export interface DeleteEventDataStoreRequest {
     /**
+     * @public
      * <p>The ARN (or the ID suffix of the ARN) of the event data store to delete.</p>
      */
     EventDataStore: string | undefined;
@@ -2054,6 +2187,7 @@ export declare class EventDataStoreHasOngoingImportException extends __BaseExcep
     readonly name: "EventDataStoreHasOngoingImportException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -2071,6 +2205,7 @@ export declare class EventDataStoreTerminationProtectedException extends __BaseE
     readonly name: "EventDataStoreTerminationProtectedException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -2084,6 +2219,7 @@ export declare class EventDataStoreTerminationProtectedException extends __BaseE
  */
 export interface DeleteResourcePolicyRequest {
     /**
+     * @public
      * <p>
      *          The Amazon Resource Name (ARN) of the CloudTrail channel you're deleting the resource-based policy from.
      *          The following is the format of a resource ARN:
@@ -2108,6 +2244,7 @@ export declare class ResourceARNNotValidException extends __BaseException {
     readonly name: "ResourceARNNotValidException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -2126,6 +2263,7 @@ export declare class ResourcePolicyNotFoundException extends __BaseException {
     readonly name: "ResourcePolicyNotFoundException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -2140,6 +2278,7 @@ export declare class ResourcePolicyNotFoundException extends __BaseException {
  */
 export interface DeleteTrailRequest {
     /**
+     * @public
      * <p>Specifies the name or the CloudTrail ARN of the trail to be deleted. The
      *          following is the format of a trail ARN.
      *             <code>arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail</code>
@@ -2163,6 +2302,7 @@ export declare class InvalidHomeRegionException extends __BaseException {
     readonly name: "InvalidHomeRegionException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -2179,6 +2319,7 @@ export declare class TrailNotFoundException extends __BaseException {
     readonly name: "TrailNotFoundException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -2195,6 +2336,7 @@ export declare class TrailNotFoundException extends __BaseException {
  */
 export interface DeregisterOrganizationDelegatedAdminRequest {
     /**
+     * @public
      * <p>A delegated administrator account ID. This is a member account in an organization that
      *          is currently designated as a delegated administrator.</p>
      */
@@ -2215,6 +2357,7 @@ export declare class NotOrganizationManagementAccountException extends __BaseExc
     readonly name: "NotOrganizationManagementAccountException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -2228,6 +2371,7 @@ export declare class NotOrganizationManagementAccountException extends __BaseExc
  */
 export interface DescribeQueryRequest {
     /**
+     * @public
      * @deprecated
      *
      * <p>The ARN (or the ID suffix of the ARN) of an event data store on which the specified
@@ -2235,10 +2379,12 @@ export interface DescribeQueryRequest {
      */
     EventDataStore?: string;
     /**
+     * @public
      * <p>The query ID.</p>
      */
     QueryId?: string;
     /**
+     * @public
      * <p>
      *          The alias that identifies a query template.
      *       </p>
@@ -2272,24 +2418,29 @@ export type DeliveryStatus = (typeof DeliveryStatus)[keyof typeof DeliveryStatus
  */
 export interface QueryStatisticsForDescribeQuery {
     /**
+     * @public
      * <p>The number of events that matched a query.</p>
      */
     EventsMatched?: number;
     /**
+     * @public
      * <p>The number of events that the query scanned in the event data store.</p>
      */
     EventsScanned?: number;
     /**
+     * @public
      * <p>The total bytes that the query scanned in the event data store. This value matches the
      *          number of bytes for which your account is billed for the query, unless the query is still
      *          running.</p>
      */
     BytesScanned?: number;
     /**
+     * @public
      * <p>The query's run time, in milliseconds.</p>
      */
     ExecutionTimeInMillis?: number;
     /**
+     * @public
      * <p>The creation time of the query.</p>
      */
     CreationTime?: Date;
@@ -2299,14 +2450,17 @@ export interface QueryStatisticsForDescribeQuery {
  */
 export interface DescribeQueryResponse {
     /**
+     * @public
      * <p>The ID of the query.</p>
      */
     QueryId?: string;
     /**
+     * @public
      * <p>The SQL code of a query.</p>
      */
     QueryString?: string;
     /**
+     * @public
      * <p>The status of a query. Values for <code>QueryStatus</code> include <code>QUEUED</code>,
      *             <code>RUNNING</code>, <code>FINISHED</code>, <code>FAILED</code>,
      *          <code>TIMED_OUT</code>, or <code>CANCELLED</code>
@@ -2314,21 +2468,25 @@ export interface DescribeQueryResponse {
      */
     QueryStatus?: QueryStatus | string;
     /**
+     * @public
      * <p>Metadata about a query, including the number of events that were matched, the total
      *          number of events scanned, the query run time in milliseconds, and the query's creation
      *          time.</p>
      */
     QueryStatistics?: QueryStatisticsForDescribeQuery;
     /**
+     * @public
      * <p>The error message returned if a query failed.</p>
      */
     ErrorMessage?: string;
     /**
+     * @public
      * <p>The URI for the S3 bucket where CloudTrail delivered query results, if
      *          applicable.</p>
      */
     DeliveryS3Uri?: string;
     /**
+     * @public
      * <p>The delivery status.</p>
      */
     DeliveryStatus?: DeliveryStatus | string;
@@ -2339,6 +2497,7 @@ export interface DescribeQueryResponse {
  */
 export interface DescribeTrailsRequest {
     /**
+     * @public
      * <p>Specifies a list of trail names, trail ARNs, or both, of the trails to describe. The
      *          format of a trail ARN is:</p>
      *          <p>
@@ -2366,6 +2525,7 @@ export interface DescribeTrailsRequest {
      */
     trailNameList?: string[];
     /**
+     * @public
      * <p>Specifies whether to include shadow trails in the response. A shadow trail is the
      *          replication in a Region of a trail that was created in a different Region, or in the case
      *          of an organization trail, the replication of an organization trail in member accounts. If
@@ -2380,29 +2540,34 @@ export interface DescribeTrailsRequest {
  */
 export interface Trail {
     /**
+     * @public
      * <p>Name of the trail set by calling <a>CreateTrail</a>. The maximum length is
      *          128 characters.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>Name of the Amazon S3 bucket into which CloudTrail delivers your trail
      *          files. See <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html">Amazon S3
      *             Bucket Naming Requirements</a>.</p>
      */
     S3BucketName?: string;
     /**
+     * @public
      * <p>Specifies the Amazon S3 key prefix that comes after the name of the bucket you
      *          have designated for log file delivery. For more information, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html">Finding Your CloudTrail Log Files</a>. The maximum length is 200
      *          characters.</p>
      */
     S3KeyPrefix?: string;
     /**
+     * @public
      * @deprecated
      *
      * <p>This field is no longer in use. Use <code>SnsTopicARN</code>.</p>
      */
     SnsTopicName?: string;
     /**
+     * @public
      * <p>Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send
      *          notifications when log files are delivered. The following is the format of a topic
      *          ARN.</p>
@@ -2412,19 +2577,23 @@ export interface Trail {
      */
     SnsTopicARN?: string;
     /**
+     * @public
      * <p>Set to <b>True</b> to include Amazon Web Services API calls
      *          from Amazon Web Services global services such as IAM. Otherwise, <b>False</b>.</p>
      */
     IncludeGlobalServiceEvents?: boolean;
     /**
+     * @public
      * <p>Specifies whether the trail exists only in one Region or exists in all Regions.</p>
      */
     IsMultiRegionTrail?: boolean;
     /**
+     * @public
      * <p>The Region in which the trail was created.</p>
      */
     HomeRegion?: string;
     /**
+     * @public
      * <p>Specifies the ARN of the trail. The following is the format of a trail ARN.</p>
      *          <p>
      *             <code>arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail</code>
@@ -2432,20 +2601,24 @@ export interface Trail {
      */
     TrailARN?: string;
     /**
+     * @public
      * <p>Specifies whether log file validation is enabled.</p>
      */
     LogFileValidationEnabled?: boolean;
     /**
+     * @public
      * <p>Specifies an Amazon Resource Name (ARN), a unique identifier that represents the log
      *          group to which CloudTrail logs will be delivered.</p>
      */
     CloudWatchLogsLogGroupArn?: string;
     /**
+     * @public
      * <p>Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's
      *          log group.</p>
      */
     CloudWatchLogsRoleArn?: string;
     /**
+     * @public
      * <p>Specifies the KMS key ID that encrypts the logs delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the
      *          following format.</p>
      *          <p>
@@ -2454,15 +2627,18 @@ export interface Trail {
      */
     KmsKeyId?: string;
     /**
+     * @public
      * <p>Specifies if the trail has custom event selectors.</p>
      */
     HasCustomEventSelectors?: boolean;
     /**
+     * @public
      * <p>Specifies whether a trail has insight types specified in an <code>InsightSelector</code>
      *          list.</p>
      */
     HasInsightSelectors?: boolean;
     /**
+     * @public
      * <p>Specifies whether the trail is an organization trail.</p>
      */
     IsOrganizationTrail?: boolean;
@@ -2474,6 +2650,7 @@ export interface Trail {
  */
 export interface DescribeTrailsResponse {
     /**
+     * @public
      * <p>The list of trail objects. Trail objects with string values are only returned if values
      *          for the objects exist in a trail's configuration. For example, <code>SNSTopicName</code>
      *          and <code>SNSTopicARN</code> are only returned in results if a trail is configured to send
@@ -2488,6 +2665,7 @@ export interface DescribeTrailsResponse {
  */
 export interface GetChannelRequest {
     /**
+     * @public
      * <p>The ARN or <code>UUID</code> of a channel.</p>
      */
     Channel: string | undefined;
@@ -2499,22 +2677,27 @@ export interface GetChannelRequest {
  */
 export interface IngestionStatus {
     /**
+     * @public
      * <p>The time stamp of the most recent successful ingestion of events for the channel.</p>
      */
     LatestIngestionSuccessTime?: Date;
     /**
+     * @public
      * <p>The event ID of the most recent successful ingestion of events.</p>
      */
     LatestIngestionSuccessEventID?: string;
     /**
+     * @public
      * <p>The error code for the most recent failure to ingest events.</p>
      */
     LatestIngestionErrorCode?: string;
     /**
+     * @public
      * <p>The time stamp of the most recent attempt to ingest events on the channel.</p>
      */
     LatestIngestionAttemptTime?: Date;
     /**
+     * @public
      * <p>The event ID of the most recent attempt to ingest events.</p>
      */
     LatestIngestionAttemptEventID?: string;
@@ -2525,10 +2708,12 @@ export interface IngestionStatus {
  */
 export interface SourceConfig {
     /**
+     * @public
      * <p> Specifies whether the channel applies to a single Region or to all Regions.</p>
      */
     ApplyToAllRegions?: boolean;
     /**
+     * @public
      * <p> The advanced event selectors that are configured for the channel.</p>
      */
     AdvancedEventSelectors?: AdvancedEventSelector[];
@@ -2538,10 +2723,12 @@ export interface SourceConfig {
  */
 export interface GetChannelResponse {
     /**
+     * @public
      * <p>The ARN of an channel returned by a <code>GetChannel</code> request.</p>
      */
     ChannelArn?: string;
     /**
+     * @public
      * <p> The name of the CloudTrail channel. For service-linked channels, the name is
      *             <code>aws-service-channel/service-name/custom-suffix</code> where
      *             <code>service-name</code> represents the name of the Amazon Web Services service that
@@ -2550,21 +2737,25 @@ export interface GetChannelResponse {
      */
     Name?: string;
     /**
+     * @public
      * <p>The source for the CloudTrail channel.</p>
      */
     Source?: string;
     /**
+     * @public
      * <p> Provides information about the advanced event selectors configured for the channel, and
      *          whether the channel applies to all Regions or a single Region. </p>
      */
     SourceConfig?: SourceConfig;
     /**
+     * @public
      * <p>The destinations for the channel. For channels created for integrations,
      *          the destinations are the event data stores that log events arriving through the channel.
      *          For service-linked channels, the destination is the Amazon Web Services service that created the service-linked channel to receive events.</p>
      */
     Destinations?: Destination[];
     /**
+     * @public
      * <p>A table showing information about the most recent successful and failed attempts
      *       to ingest events.</p>
      */
@@ -2575,6 +2766,7 @@ export interface GetChannelResponse {
  */
 export interface GetEventDataStoreRequest {
     /**
+     * @public
      * <p>The ARN (or ID suffix of the ARN) of the event data store about which you want
      *          information.</p>
      */
@@ -2585,50 +2777,61 @@ export interface GetEventDataStoreRequest {
  */
 export interface GetEventDataStoreResponse {
     /**
+     * @public
      * <p>The event data store Amazon Resource Number (ARN).</p>
      */
     EventDataStoreArn?: string;
     /**
+     * @public
      * <p>The name of the event data store.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>The status of an event data store.</p>
      */
     Status?: EventDataStoreStatus | string;
     /**
+     * @public
      * <p>The advanced event selectors used to select events for the data store.</p>
      */
     AdvancedEventSelectors?: AdvancedEventSelector[];
     /**
+     * @public
      * <p>Indicates whether the event data store includes events from all Regions, or only from
      *          the Region in which it was created.</p>
      */
     MultiRegionEnabled?: boolean;
     /**
+     * @public
      * <p>Indicates whether an event data store is collecting logged events for an organization in
      *             Organizations.</p>
      */
     OrganizationEnabled?: boolean;
     /**
+     * @public
      * <p>The retention period of the event data store, in days.</p>
      */
     RetentionPeriod?: number;
     /**
+     * @public
      * <p>Indicates that termination protection is enabled.</p>
      */
     TerminationProtectionEnabled?: boolean;
     /**
+     * @public
      * <p>The timestamp of the event data store's creation.</p>
      */
     CreatedTimestamp?: Date;
     /**
+     * @public
      * <p>Shows the time that an event data store was updated, if applicable.
      *             <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in
      *             <code>CreatedTimestamp</code>.</p>
      */
     UpdatedTimestamp?: Date;
     /**
+     * @public
      * <p>Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the
      *          following format.</p>
      *          <p>
@@ -2642,6 +2845,7 @@ export interface GetEventDataStoreResponse {
  */
 export interface GetEventSelectorsRequest {
     /**
+     * @public
      * <p>Specifies the name of the trail or trail ARN. If you specify a trail name, the string
      *          must meet the following requirements:</p>
      *          <ul>
@@ -2734,6 +2938,7 @@ export interface GetEventSelectorsRequest {
  */
 export interface DataResource {
     /**
+     * @public
      * <p>The resource type in which you want to log data events. You can specify the following
      *             <i>basic</i> event selector resource types:</p>
      *          <ul>
@@ -2842,6 +3047,7 @@ export interface DataResource {
      */
     Type?: string;
     /**
+     * @public
      * <p>An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified
      *          objects.</p>
      *          <ul>
@@ -2917,6 +3123,7 @@ export type ReadWriteType = (typeof ReadWriteType)[keyof typeof ReadWriteType];
  */
 export interface EventSelector {
     /**
+     * @public
      * <p>Specify if you want your trail to log read-only events, write-only events, or all. For
      *          example, the EC2 <code>GetConsoleOutput</code> is a read-only API operation and
      *             <code>RunInstances</code> is a write-only API operation.</p>
@@ -2924,6 +3131,7 @@ export interface EventSelector {
      */
     ReadWriteType?: ReadWriteType | string;
     /**
+     * @public
      * <p>Specify if you want your event selector to include management events for your
      *          trail.</p>
      *          <p> For more information, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html">Management Events</a> in the <i>CloudTrail User
@@ -2935,6 +3143,7 @@ export interface EventSelector {
      */
     IncludeManagementEvents?: boolean;
     /**
+     * @public
      * <p>CloudTrail supports data event logging for Amazon S3 objects, Lambda functions, and Amazon DynamoDB tables with basic event selectors.
      *          You can specify up to 250 resources for an individual event selector, but the total number
      *          of data resources cannot exceed 250 across all event selectors in a trail. This limit does
@@ -2945,6 +3154,7 @@ export interface EventSelector {
      */
     DataResources?: DataResource[];
     /**
+     * @public
      * <p>An optional list of service event sources from which you do not want management events
      *          to be logged on your trail. In this release, the list can be empty (disables the filter),
      *          or it can filter out Key Management Service or Amazon RDS Data API events by
@@ -2960,14 +3170,17 @@ export interface EventSelector {
  */
 export interface GetEventSelectorsResponse {
     /**
+     * @public
      * <p>The specified trail ARN that has the event selectors.</p>
      */
     TrailARN?: string;
     /**
+     * @public
      * <p>The event selectors that are configured for the trail.</p>
      */
     EventSelectors?: EventSelector[];
     /**
+     * @public
      * <p> The advanced event selectors that are configured for the trail. </p>
      */
     AdvancedEventSelectors?: AdvancedEventSelector[];
@@ -2977,6 +3190,7 @@ export interface GetEventSelectorsResponse {
  */
 export interface GetImportRequest {
     /**
+     * @public
      * <p> The ID for the import. </p>
      */
     ImportId: string | undefined;
@@ -2987,14 +3201,17 @@ export interface GetImportRequest {
  */
 export interface S3ImportSource {
     /**
+     * @public
      * <p> The URI for the source S3 bucket. </p>
      */
     S3LocationUri: string | undefined;
     /**
+     * @public
      * <p> The Region associated with the source S3 bucket. </p>
      */
     S3BucketRegion: string | undefined;
     /**
+     * @public
      * <p> The IAM ARN role used to access the source S3 bucket. </p>
      */
     S3BucketAccessRoleArn: string | undefined;
@@ -3005,6 +3222,7 @@ export interface S3ImportSource {
  */
 export interface ImportSource {
     /**
+     * @public
      * <p> The source S3 bucket. </p>
      */
     S3: S3ImportSource | undefined;
@@ -3017,22 +3235,27 @@ export interface ImportSource {
  */
 export interface ImportStatistics {
     /**
+     * @public
      * <p> The number of S3 prefixes found for the import. </p>
      */
     PrefixesFound?: number;
     /**
+     * @public
      * <p> The number of S3 prefixes that completed import. </p>
      */
     PrefixesCompleted?: number;
     /**
+     * @public
      * <p>The number of log files that completed import.</p>
      */
     FilesCompleted?: number;
     /**
+     * @public
      * <p> The number of trail events imported into the event data store. </p>
      */
     EventsCompleted?: number;
     /**
+     * @public
      * <p> The number of failed entries. </p>
      */
     FailedEntries?: number;
@@ -3057,42 +3280,51 @@ export type ImportStatus = (typeof ImportStatus)[keyof typeof ImportStatus];
  */
 export interface GetImportResponse {
     /**
+     * @public
      * <p> The ID of the import. </p>
      */
     ImportId?: string;
     /**
+     * @public
      * <p> The ARN of the destination event data store. </p>
      */
     Destinations?: string[];
     /**
+     * @public
      * <p> The source S3 bucket. </p>
      */
     ImportSource?: ImportSource;
     /**
+     * @public
      * <p> Used with <code>EndEventTime</code> to bound a <code>StartImport</code> request, and
      *          limit imported trail events to only those events logged within a specified time period.
      *       </p>
      */
     StartEventTime?: Date;
     /**
+     * @public
      * <p> Used with <code>StartEventTime</code> to bound a <code>StartImport</code> request, and
      *          limit imported trail events to only those events logged within a specified time period.
      *       </p>
      */
     EndEventTime?: Date;
     /**
+     * @public
      * <p> The status of the import. </p>
      */
     ImportStatus?: ImportStatus | string;
     /**
+     * @public
      * <p> The timestamp of the import's creation. </p>
      */
     CreatedTimestamp?: Date;
     /**
+     * @public
      * <p> The timestamp of when the import was updated. </p>
      */
     UpdatedTimestamp?: Date;
     /**
+     * @public
      * <p> Provides statistics for the import. CloudTrail does not update import statistics
      *          in real-time. Returned values for parameters such as <code>EventsCompleted</code> may be
      *          lower than the actual value, because CloudTrail updates statistics incrementally
@@ -3108,6 +3340,7 @@ export declare class ImportNotFoundException extends __BaseException {
     readonly name: "ImportNotFoundException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -3121,6 +3354,7 @@ export declare class ImportNotFoundException extends __BaseException {
  */
 export interface GetInsightSelectorsRequest {
     /**
+     * @public
      * <p>Specifies the name of the trail or trail ARN. If you specify a trail name, the string
      *          must meet the following requirements:</p>
      *          <ul>
@@ -3167,6 +3401,7 @@ export type InsightType = (typeof InsightType)[keyof typeof InsightType];
  */
 export interface InsightSelector {
     /**
+     * @public
      * <p>The type of Insights events to log on a trail. <code>ApiCallRateInsight</code> and
      *             <code>ApiErrorRateInsight</code> are valid Insight types.</p>
      *          <p>The <code>ApiCallRateInsight</code> Insights type analyzes write-only
@@ -3182,11 +3417,13 @@ export interface InsightSelector {
  */
 export interface GetInsightSelectorsResponse {
     /**
+     * @public
      * <p>The Amazon Resource Name (ARN) of a trail for which you want to get Insights
      *          selectors.</p>
      */
     TrailARN?: string;
     /**
+     * @public
      * <p>A JSON string that contains the insight types you want to log on a trail. In this
      *          release, <code>ApiErrorRateInsight</code> and <code>ApiCallRateInsight</code> are supported
      *          as insight types.</p>
@@ -3203,6 +3440,7 @@ export declare class InsightNotEnabledException extends __BaseException {
     readonly name: "InsightNotEnabledException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -3216,6 +3454,7 @@ export declare class InsightNotEnabledException extends __BaseException {
  */
 export interface GetQueryResultsRequest {
     /**
+     * @public
      * @deprecated
      *
      * <p>The ARN (or ID suffix of the ARN) of the event data store against which the query was
@@ -3223,14 +3462,17 @@ export interface GetQueryResultsRequest {
      */
     EventDataStore?: string;
     /**
+     * @public
      * <p>The ID of the query for which you want to get results.</p>
      */
     QueryId: string | undefined;
     /**
+     * @public
      * <p>A token you can use to get the next page of query results.</p>
      */
     NextToken?: string;
     /**
+     * @public
      * <p>The maximum number of query results to display on a single page.</p>
      */
     MaxQueryResults?: number;
@@ -3241,14 +3483,17 @@ export interface GetQueryResultsRequest {
  */
 export interface QueryStatistics {
     /**
+     * @public
      * <p>The number of results returned.</p>
      */
     ResultsCount?: number;
     /**
+     * @public
      * <p>The total number of results returned by a query.</p>
      */
     TotalResultsCount?: number;
     /**
+     * @public
      * <p>The total bytes that the query scanned in the event data store. This value matches the
      *          number of bytes for which your account is billed for the query, unless the query is still
      *          running.</p>
@@ -3260,24 +3505,29 @@ export interface QueryStatistics {
  */
 export interface GetQueryResultsResponse {
     /**
+     * @public
      * <p>The status of the query. Values include <code>QUEUED</code>, <code>RUNNING</code>,
      *             <code>FINISHED</code>, <code>FAILED</code>, <code>TIMED_OUT</code>, or
      *             <code>CANCELLED</code>.</p>
      */
     QueryStatus?: QueryStatus | string;
     /**
+     * @public
      * <p>Shows the count of query results.</p>
      */
     QueryStatistics?: QueryStatistics;
     /**
+     * @public
      * <p>Contains the individual event results of the query.</p>
      */
     QueryResultRows?: Record<string, string>[][];
     /**
+     * @public
      * <p>A token you can use to get the next page of query results.</p>
      */
     NextToken?: string;
     /**
+     * @public
      * <p>The error message returned if a query failed.</p>
      */
     ErrorMessage?: string;
@@ -3290,6 +3540,7 @@ export declare class InvalidMaxResultsException extends __BaseException {
     readonly name: "InvalidMaxResultsException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -3307,6 +3558,7 @@ export declare class InvalidNextTokenException extends __BaseException {
     readonly name: "InvalidNextTokenException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -3320,6 +3572,7 @@ export declare class InvalidNextTokenException extends __BaseException {
  */
 export interface GetResourcePolicyRequest {
     /**
+     * @public
      * <p>
      *          The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy.
      *          The following is the format of a resource ARN:
@@ -3333,12 +3586,14 @@ export interface GetResourcePolicyRequest {
  */
 export interface GetResourcePolicyResponse {
     /**
+     * @public
      * <p>
      *          The Amazon Resource Name (ARN) of the CloudTrail channel attached to resource-based policy.
      *       </p>
      */
     ResourceArn?: string;
     /**
+     * @public
      * <p>
      *          A JSON-formatted string that contains the resource-based policy attached to the CloudTrail channel.
      *       </p>
@@ -3350,6 +3605,7 @@ export interface GetResourcePolicyResponse {
  */
 export interface GetTrailRequest {
     /**
+     * @public
      * <p>The name or the Amazon Resource Name (ARN) of the trail for which you want to retrieve
      *          settings information.</p>
      */
@@ -3360,6 +3616,7 @@ export interface GetTrailRequest {
  */
 export interface GetTrailResponse {
     /**
+     * @public
      * <p>The settings for a trail.</p>
      */
     Trail?: Trail;
@@ -3370,6 +3627,7 @@ export interface GetTrailResponse {
  */
 export interface GetTrailStatusRequest {
     /**
+     * @public
      * <p>Specifies the name or the CloudTrail ARN of the trail for which you are
      *          requesting status. To get the status of a shadow trail (a replication of the trail in
      *          another Region), you must specify its ARN. The following is the format of a trail
@@ -3387,11 +3645,13 @@ export interface GetTrailStatusRequest {
  */
 export interface GetTrailStatusResponse {
     /**
+     * @public
      * <p>Whether the CloudTrail trail is currently logging Amazon Web Services API
      *          calls.</p>
      */
     IsLogging?: boolean;
     /**
+     * @public
      * <p>Displays any Amazon S3 error that CloudTrail encountered when attempting
      *          to deliver log files to the designated bucket. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html">Error
      *             Responses</a> in the Amazon S3 API Reference. </p>
@@ -3404,6 +3664,7 @@ export interface GetTrailStatusResponse {
      */
     LatestDeliveryError?: string;
     /**
+     * @public
      * <p>Displays any Amazon SNS error that CloudTrail encountered when attempting
      *          to send a notification. For more information about Amazon SNS errors, see the
      *             <a href="https://docs.aws.amazon.com/sns/latest/dg/welcome.html">Amazon SNS
@@ -3411,41 +3672,49 @@ export interface GetTrailStatusResponse {
      */
     LatestNotificationError?: string;
     /**
+     * @public
      * <p>Specifies the date and time that CloudTrail last delivered log files to an
      *          account's Amazon S3 bucket.</p>
      */
     LatestDeliveryTime?: Date;
     /**
+     * @public
      * <p>Specifies the date and time of the most recent Amazon SNS notification that
      *             CloudTrail has written a new log file to an account's Amazon S3
      *          bucket.</p>
      */
     LatestNotificationTime?: Date;
     /**
+     * @public
      * <p>Specifies the most recent date and time when CloudTrail started recording API
      *          calls for an Amazon Web Services account.</p>
      */
     StartLoggingTime?: Date;
     /**
+     * @public
      * <p>Specifies the most recent date and time when CloudTrail stopped recording API
      *          calls for an Amazon Web Services account.</p>
      */
     StopLoggingTime?: Date;
     /**
+     * @public
      * <p>Displays any CloudWatch Logs error that CloudTrail encountered when attempting
      *          to deliver logs to CloudWatch Logs.</p>
      */
     LatestCloudWatchLogsDeliveryError?: string;
     /**
+     * @public
      * <p>Displays the most recent date and time when CloudTrail delivered logs to CloudWatch Logs.</p>
      */
     LatestCloudWatchLogsDeliveryTime?: Date;
     /**
+     * @public
      * <p>Specifies the date and time that CloudTrail last delivered a digest file to an
      *          account's Amazon S3 bucket.</p>
      */
     LatestDigestDeliveryTime?: Date;
     /**
+     * @public
      * <p>Displays any Amazon S3 error that CloudTrail encountered when attempting
      *          to deliver a digest file to the designated bucket. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html">Error
      *             Responses</a> in the Amazon S3 API Reference. </p>
@@ -3458,26 +3727,32 @@ export interface GetTrailStatusResponse {
      */
     LatestDigestDeliveryError?: string;
     /**
+     * @public
      * <p>This field is no longer in use.</p>
      */
     LatestDeliveryAttemptTime?: string;
     /**
+     * @public
      * <p>This field is no longer in use.</p>
      */
     LatestNotificationAttemptTime?: string;
     /**
+     * @public
      * <p>This field is no longer in use.</p>
      */
     LatestNotificationAttemptSucceeded?: string;
     /**
+     * @public
      * <p>This field is no longer in use.</p>
      */
     LatestDeliveryAttemptSucceeded?: string;
     /**
+     * @public
      * <p>This field is no longer in use.</p>
      */
     TimeLoggingStarted?: string;
     /**
+     * @public
      * <p>This field is no longer in use.</p>
      */
     TimeLoggingStopped?: string;
@@ -3487,10 +3762,12 @@ export interface GetTrailStatusResponse {
  */
 export interface ListChannelsRequest {
     /**
+     * @public
      * <p> The maximum number of CloudTrail channels to display on a single page. </p>
      */
     MaxResults?: number;
     /**
+     * @public
      * <p>The token to use to get the next page of results after a previous API call. This token
      *          must be passed in with the same parameters that were specified in the original call. For
      *          example, if the original call specified an AttributeKey of 'Username' with a value of
@@ -3503,10 +3780,12 @@ export interface ListChannelsRequest {
  */
 export interface ListChannelsResponse {
     /**
+     * @public
      * <p> The list of channels in the account. </p>
      */
     Channels?: Channel[];
     /**
+     * @public
      * <p>The token to use to get the next page of results after a previous API call.</p>
      */
     NextToken?: string;
@@ -3516,10 +3795,12 @@ export interface ListChannelsResponse {
  */
 export interface ListEventDataStoresRequest {
     /**
+     * @public
      * <p>A token you can use to get the next page of event data store results.</p>
      */
     NextToken?: string;
     /**
+     * @public
      * <p>The maximum number of event data stores to display on a single page.</p>
      */
     MaxResults?: number;
@@ -3533,14 +3814,17 @@ export interface ListEventDataStoresRequest {
  */
 export interface EventDataStore {
     /**
+     * @public
      * <p>The ARN of the event data store.</p>
      */
     EventDataStoreArn?: string;
     /**
+     * @public
      * <p>The name of the event data store.</p>
      */
     Name?: string;
     /**
+     * @public
      * @deprecated
      *
      * <p>Indicates whether the event data store is protected from
@@ -3548,12 +3832,14 @@ export interface EventDataStore {
      */
     TerminationProtectionEnabled?: boolean;
     /**
+     * @public
      * @deprecated
      *
      * <p>The status of an event data store.</p>
      */
     Status?: EventDataStoreStatus | string;
     /**
+     * @public
      * @deprecated
      *
      * <p>The advanced event selectors that were used to select
@@ -3561,6 +3847,7 @@ export interface EventDataStore {
      */
     AdvancedEventSelectors?: AdvancedEventSelector[];
     /**
+     * @public
      * @deprecated
      *
      * <p>Indicates whether the event data store includes events
@@ -3568,6 +3855,7 @@ export interface EventDataStore {
      */
     MultiRegionEnabled?: boolean;
     /**
+     * @public
      * @deprecated
      *
      * <p>Indicates that an event data store is collecting logged
@@ -3575,18 +3863,21 @@ export interface EventDataStore {
      */
     OrganizationEnabled?: boolean;
     /**
+     * @public
      * @deprecated
      *
      * <p>The retention period, in days.</p>
      */
     RetentionPeriod?: number;
     /**
+     * @public
      * @deprecated
      *
      * <p>The timestamp of the event data store's creation.</p>
      */
     CreatedTimestamp?: Date;
     /**
+     * @public
      * @deprecated
      *
      * <p>The timestamp showing when an event data store was
@@ -3600,11 +3891,13 @@ export interface EventDataStore {
  */
 export interface ListEventDataStoresResponse {
     /**
+     * @public
      * <p>Contains information about event data stores in the account, in the current
      *          Region.</p>
      */
     EventDataStores?: EventDataStore[];
     /**
+     * @public
      * <p>A token you can use to get the next page of results.</p>
      */
     NextToken?: string;
@@ -3614,14 +3907,17 @@ export interface ListEventDataStoresResponse {
  */
 export interface ListImportFailuresRequest {
     /**
+     * @public
      * <p> The ID of the import. </p>
      */
     ImportId: string | undefined;
     /**
+     * @public
      * <p> The maximum number of failures to display on a single page. </p>
      */
     MaxResults?: number;
     /**
+     * @public
      * <p> A token you can use to get the next page of import failures. </p>
      */
     NextToken?: string;
@@ -3645,22 +3941,27 @@ export type ImportFailureStatus = (typeof ImportFailureStatus)[keyof typeof Impo
  */
 export interface ImportFailureListItem {
     /**
+     * @public
      * <p> The location of the failure in the S3 bucket. </p>
      */
     Location?: string;
     /**
+     * @public
      * <p> The status of the import. </p>
      */
     Status?: ImportFailureStatus | string;
     /**
+     * @public
      * <p> The type of import error. </p>
      */
     ErrorType?: string;
     /**
+     * @public
      * <p> Provides the reason the import failed. </p>
      */
     ErrorMessage?: string;
     /**
+     * @public
      * <p> When the import was last updated. </p>
      */
     LastUpdatedTime?: Date;
@@ -3670,10 +3971,12 @@ export interface ImportFailureListItem {
  */
 export interface ListImportFailuresResponse {
     /**
+     * @public
      * <p> Contains information about the import failures. </p>
      */
     Failures?: ImportFailureListItem[];
     /**
+     * @public
      * <p> A token you can use to get the next page of results. </p>
      */
     NextToken?: string;
@@ -3683,18 +3986,22 @@ export interface ListImportFailuresResponse {
  */
 export interface ListImportsRequest {
     /**
+     * @public
      * <p> The maximum number of imports to display on a single page. </p>
      */
     MaxResults?: number;
     /**
+     * @public
      * <p> The ARN of the destination event data store. </p>
      */
     Destination?: string;
     /**
+     * @public
      * <p> The status of the import. </p>
      */
     ImportStatus?: ImportStatus | string;
     /**
+     * @public
      * <p> A token you can use to get the next page of import results. </p>
      */
     NextToken?: string;
@@ -3705,22 +4012,27 @@ export interface ListImportsRequest {
  */
 export interface ImportsListItem {
     /**
+     * @public
      * <p> The ID of the import. </p>
      */
     ImportId?: string;
     /**
+     * @public
      * <p> The status of the import. </p>
      */
     ImportStatus?: ImportStatus | string;
     /**
+     * @public
      * <p> The ARN of the destination event data store. </p>
      */
     Destinations?: string[];
     /**
+     * @public
      * <p> The timestamp of the import's creation. </p>
      */
     CreatedTimestamp?: Date;
     /**
+     * @public
      * <p> The timestamp of the import's last update. </p>
      */
     UpdatedTimestamp?: Date;
@@ -3730,10 +4042,12 @@ export interface ImportsListItem {
  */
 export interface ListImportsResponse {
     /**
+     * @public
      * <p> The list of returned imports. </p>
      */
     Imports?: ImportsListItem[];
     /**
+     * @public
      * <p> A token you can use to get the next page of import results. </p>
      */
     NextToken?: string;
@@ -3747,6 +4061,7 @@ export declare class InvalidTimeRangeException extends __BaseException {
     readonly name: "InvalidTimeRangeException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -3763,6 +4078,7 @@ export declare class InvalidTokenException extends __BaseException {
     readonly name: "InvalidTokenException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -3777,17 +4093,20 @@ export declare class InvalidTokenException extends __BaseException {
  */
 export interface ListPublicKeysRequest {
     /**
+     * @public
      * <p>Optionally specifies, in UTC, the start of the time range to look up public keys for
      *             CloudTrail digest files. If not specified, the current time is used, and the
      *          current public key is returned.</p>
      */
     StartTime?: Date;
     /**
+     * @public
      * <p>Optionally specifies, in UTC, the end of the time range to look up public keys for
      *             CloudTrail digest files. If not specified, the current time is used.</p>
      */
     EndTime?: Date;
     /**
+     * @public
      * <p>Reserved for future use.</p>
      */
     NextToken?: string;
@@ -3798,18 +4117,22 @@ export interface ListPublicKeysRequest {
  */
 export interface PublicKey {
     /**
+     * @public
      * <p>The DER encoded public key value in PKCS#1 format.</p>
      */
     Value?: Uint8Array;
     /**
+     * @public
      * <p>The starting time of validity of the public key.</p>
      */
     ValidityStartTime?: Date;
     /**
+     * @public
      * <p>The ending time of validity of the public key.</p>
      */
     ValidityEndTime?: Date;
     /**
+     * @public
      * <p>The fingerprint of the public key.</p>
      */
     Fingerprint?: string;
@@ -3821,6 +4144,7 @@ export interface PublicKey {
  */
 export interface ListPublicKeysResponse {
     /**
+     * @public
      * <p>Contains an array of PublicKey objects.</p>
      *          <note>
      *             <p>The returned public keys may have validity time ranges that overlap.</p>
@@ -3828,6 +4152,7 @@ export interface ListPublicKeysResponse {
      */
     PublicKeyList?: PublicKey[];
     /**
+     * @public
      * <p>Reserved for future use.</p>
      */
     NextToken?: string;
@@ -3842,6 +4167,7 @@ export declare class InvalidDateRangeException extends __BaseException {
     readonly name: "InvalidDateRangeException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -3858,6 +4184,7 @@ export declare class InvalidQueryStatusException extends __BaseException {
     readonly name: "InvalidQueryStatusException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -3871,29 +4198,35 @@ export declare class InvalidQueryStatusException extends __BaseException {
  */
 export interface ListQueriesRequest {
     /**
+     * @public
      * <p>The ARN (or the ID suffix of the ARN) of an event data store on which queries were
      *          run.</p>
      */
     EventDataStore: string | undefined;
     /**
+     * @public
      * <p>A token you can use to get the next page of results.</p>
      */
     NextToken?: string;
     /**
+     * @public
      * <p>The maximum number of queries to show on a page.</p>
      */
     MaxResults?: number;
     /**
+     * @public
      * <p>Use with <code>EndTime</code> to bound a <code>ListQueries</code> request, and limit its
      *          results to only those queries run within a specified time period.</p>
      */
     StartTime?: Date;
     /**
+     * @public
      * <p>Use with <code>StartTime</code> to bound a <code>ListQueries</code> request, and limit
      *          its results to only those queries run within a specified time period.</p>
      */
     EndTime?: Date;
     /**
+     * @public
      * <p>The status of queries that you want to return in results. Valid values for
      *             <code>QueryStatus</code> include <code>QUEUED</code>, <code>RUNNING</code>,
      *             <code>FINISHED</code>, <code>FAILED</code>, <code>TIMED_OUT</code>, or
@@ -3908,16 +4241,19 @@ export interface ListQueriesRequest {
  */
 export interface Query {
     /**
+     * @public
      * <p>The ID of a query.</p>
      */
     QueryId?: string;
     /**
+     * @public
      * <p>The status of the query. This can be <code>QUEUED</code>, <code>RUNNING</code>,
      *             <code>FINISHED</code>, <code>FAILED</code>, <code>TIMED_OUT</code>, or
      *             <code>CANCELLED</code>.</p>
      */
     QueryStatus?: QueryStatus | string;
     /**
+     * @public
      * <p>The creation time of a query.</p>
      */
     CreationTime?: Date;
@@ -3927,11 +4263,13 @@ export interface Query {
  */
 export interface ListQueriesResponse {
     /**
+     * @public
      * <p>Lists matching query results, and shows query ID, status, and creation time of each
      *          query.</p>
      */
     Queries?: Query[];
     /**
+     * @public
      * <p>A token you can use to get the next page of results.</p>
      */
     NextToken?: string;
@@ -3942,6 +4280,7 @@ export interface ListQueriesResponse {
  */
 export interface ListTagsRequest {
     /**
+     * @public
      * <p>Specifies a list of trail, event data store, or channel ARNs whose tags will be listed. The list
      *          has a limit of 20 ARNs.</p>
      *          <p> Example trail ARN format:
@@ -3956,6 +4295,7 @@ export interface ListTagsRequest {
      */
     ResourceIdList: string[] | undefined;
     /**
+     * @public
      * <p>Reserved for future use.</p>
      */
     NextToken?: string;
@@ -3966,10 +4306,12 @@ export interface ListTagsRequest {
  */
 export interface ResourceTag {
     /**
+     * @public
      * <p>Specifies the ARN of the resource.</p>
      */
     ResourceId?: string;
     /**
+     * @public
      * <p>A list of tags.</p>
      */
     TagsList?: Tag[];
@@ -3981,10 +4323,12 @@ export interface ResourceTag {
  */
 export interface ListTagsResponse {
     /**
+     * @public
      * <p>A list of resource tags.</p>
      */
     ResourceTagList?: ResourceTag[];
     /**
+     * @public
      * <p>Reserved for future use.</p>
      */
     NextToken?: string;
@@ -3994,6 +4338,7 @@ export interface ListTagsResponse {
  */
 export interface ListTrailsRequest {
     /**
+     * @public
      * <p>The token to use to get the next page of results after a previous API call. This token
      *          must be passed in with the same parameters that were specified in the original call. For
      *          example, if the original call specified an AttributeKey of 'Username' with a value of
@@ -4008,14 +4353,17 @@ export interface ListTrailsRequest {
  */
 export interface TrailInfo {
     /**
+     * @public
      * <p>The ARN of a trail.</p>
      */
     TrailARN?: string;
     /**
+     * @public
      * <p>The name of a trail.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>The Amazon Web Services Region in which a trail was created.</p>
      */
     HomeRegion?: string;
@@ -4025,10 +4373,12 @@ export interface TrailInfo {
  */
 export interface ListTrailsResponse {
     /**
+     * @public
      * <p>Returns the name, ARN, and home Region of trails in the current account.</p>
      */
     Trails?: TrailInfo[];
     /**
+     * @public
      * <p>The token to use to get the next page of results after a previous API call. If the token
      *          does not appear, there are no more results to return. The token must be passed in with the
      *          same parameters as the previous call. For example, if the original call specified an
@@ -4046,6 +4396,7 @@ export declare class InvalidEventCategoryException extends __BaseException {
     readonly name: "InvalidEventCategoryException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -4062,6 +4413,7 @@ export declare class InvalidLookupAttributesException extends __BaseException {
     readonly name: "InvalidLookupAttributesException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -4105,10 +4457,12 @@ export type LookupAttributeKey = (typeof LookupAttributeKey)[keyof typeof Lookup
  */
 export interface LookupAttribute {
     /**
+     * @public
      * <p>Specifies an attribute on which to filter the events returned.</p>
      */
     AttributeKey: LookupAttributeKey | string | undefined;
     /**
+     * @public
      * <p>Specifies a value for the specified AttributeKey.</p>
      */
     AttributeValue: string | undefined;
@@ -4119,21 +4473,25 @@ export interface LookupAttribute {
  */
 export interface LookupEventsRequest {
     /**
+     * @public
      * <p>Contains a list of lookup attributes. Currently the list can contain only one
      *          item.</p>
      */
     LookupAttributes?: LookupAttribute[];
     /**
+     * @public
      * <p>Specifies that only events that occur after or at the specified time are returned. If
      *          the specified start time is after the specified end time, an error is returned.</p>
      */
     StartTime?: Date;
     /**
+     * @public
      * <p>Specifies that only events that occur before or at the specified time are returned. If
      *          the specified end time is before the specified start time, an error is returned.</p>
      */
     EndTime?: Date;
     /**
+     * @public
      * <p>Specifies the event category. If you do not specify an event category, events of the
      *          category are not returned in the response. For example, if you do not specify
      *             <code>insight</code> as the value of <code>EventCategory</code>, no Insights events are
@@ -4141,11 +4499,13 @@ export interface LookupEventsRequest {
      */
     EventCategory?: EventCategory | string;
     /**
+     * @public
      * <p>The number of events to return. Possible values are 1 through 50. The default is
      *          50.</p>
      */
     MaxResults?: number;
     /**
+     * @public
      * <p>The token to use to get the next page of results after a previous API call. This token
      *          must be passed in with the same parameters that were specified in the original call. For
      *          example, if the original call specified an AttributeKey of 'Username' with a value of
@@ -4159,12 +4519,14 @@ export interface LookupEventsRequest {
  */
 export interface Resource {
     /**
+     * @public
      * <p>The type of a resource referenced by the event returned. When the resource type cannot
      *          be determined, null is returned. Some examples of resource types are: <b>Instance</b> for EC2, <b>Trail</b> for CloudTrail, <b>DBInstance</b> for Amazon RDS, and <b>AccessKey</b> for IAM. To learn more about how to look up and filter
      *          events by the resource types supported for a service, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events-console.html#filtering-cloudtrail-events">Filtering CloudTrail Events</a>.</p>
      */
     ResourceType?: string;
     /**
+     * @public
      * <p>The name of the resource referenced by the event returned. These are user-created names
      *          whose values will depend on the environment. For example, the resource name might be
      *          "auto-scaling-test-group" for an Auto Scaling Group or "i-1234567" for an EC2
@@ -4179,41 +4541,50 @@ export interface Resource {
  */
 export interface Event {
     /**
+     * @public
      * <p>The CloudTrail ID of the event returned.</p>
      */
     EventId?: string;
     /**
+     * @public
      * <p>The name of the event returned.</p>
      */
     EventName?: string;
     /**
+     * @public
      * <p>Information about whether the event is a write event or a read event. </p>
      */
     ReadOnly?: string;
     /**
+     * @public
      * <p>The Amazon Web Services access key ID that was used to sign the request. If the request
      *          was made with temporary security credentials, this is the access key ID of the temporary
      *          credentials.</p>
      */
     AccessKeyId?: string;
     /**
+     * @public
      * <p>The date and time of the event returned.</p>
      */
     EventTime?: Date;
     /**
+     * @public
      * <p>The Amazon Web Services service to which the request was made.</p>
      */
     EventSource?: string;
     /**
+     * @public
      * <p>A user name or role name of the requester that called the API in the event
      *          returned.</p>
      */
     Username?: string;
     /**
+     * @public
      * <p>A list of resources referenced by the event returned.</p>
      */
     Resources?: Resource[];
     /**
+     * @public
      * <p>A JSON string that contains a representation of the event returned.</p>
      */
     CloudTrailEvent?: string;
@@ -4224,11 +4595,13 @@ export interface Event {
  */
 export interface LookupEventsResponse {
     /**
+     * @public
      * <p>A list of events returned based on the lookup attributes specified and the CloudTrail event. The events list is sorted by time. The most recent event is listed
      *          first.</p>
      */
     Events?: Event[];
     /**
+     * @public
      * <p>The token to use to get the next page of results after a previous API call. If the token
      *          does not appear, there are no more results to return. The token must be passed in with the
      *          same parameters as the previous call. For example, if the original call specified an
@@ -4242,6 +4615,7 @@ export interface LookupEventsResponse {
  */
 export interface PutEventSelectorsRequest {
     /**
+     * @public
      * <p>Specifies the name of the trail or trail ARN. If you specify a trail name, the string
      *          must meet the following requirements:</p>
      *          <ul>
@@ -4270,6 +4644,7 @@ export interface PutEventSelectorsRequest {
      */
     TrailName: string | undefined;
     /**
+     * @public
      * <p>Specifies the settings for your event selectors. You can configure up to five event
      *          selectors for a trail. You can use either <code>EventSelectors</code> or
      *             <code>AdvancedEventSelectors</code> in a <code>PutEventSelectors</code> request, but not
@@ -4278,6 +4653,7 @@ export interface PutEventSelectorsRequest {
      */
     EventSelectors?: EventSelector[];
     /**
+     * @public
      * <p> Specifies the settings for advanced event selectors. You can add advanced event
      *          selectors, and conditions for your advanced event selectors, up to a maximum of 500 values
      *          for all conditions and selectors on a trail. You can use either
@@ -4293,6 +4669,7 @@ export interface PutEventSelectorsRequest {
  */
 export interface PutEventSelectorsResponse {
     /**
+     * @public
      * <p>Specifies the ARN of the trail that was updated with event selectors. The following is
      *          the format of a trail ARN.</p>
      *          <p>
@@ -4301,10 +4678,12 @@ export interface PutEventSelectorsResponse {
      */
     TrailARN?: string;
     /**
+     * @public
      * <p>Specifies the event selectors configured for your trail.</p>
      */
     EventSelectors?: EventSelector[];
     /**
+     * @public
      * <p>Specifies the advanced event selectors configured for your trail.</p>
      */
     AdvancedEventSelectors?: AdvancedEventSelector[];
@@ -4320,6 +4699,7 @@ export declare class InvalidInsightSelectorsException extends __BaseException {
     readonly name: "InvalidInsightSelectorsException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -4333,11 +4713,13 @@ export declare class InvalidInsightSelectorsException extends __BaseException {
  */
 export interface PutInsightSelectorsRequest {
     /**
+     * @public
      * <p>The name of the CloudTrail trail for which you want to change or add Insights
      *          selectors.</p>
      */
     TrailName: string | undefined;
     /**
+     * @public
      * <p>A JSON string that contains the insight types you want to log on a trail.
      *             <code>ApiCallRateInsight</code> and <code>ApiErrorRateInsight</code> are valid Insight
      *          types.</p>
@@ -4354,11 +4736,13 @@ export interface PutInsightSelectorsRequest {
  */
 export interface PutInsightSelectorsResponse {
     /**
+     * @public
      * <p>The Amazon Resource Name (ARN) of a trail for which you want to change or add Insights
      *          selectors.</p>
      */
     TrailARN?: string;
     /**
+     * @public
      * <p>A JSON string that contains the Insights event types that you want to log on a trail.
      *          The valid Insights types in this release are <code>ApiErrorRateInsight</code> and
      *             <code>ApiCallRateInsight</code>.</p>
@@ -4370,6 +4754,7 @@ export interface PutInsightSelectorsResponse {
  */
 export interface PutResourcePolicyRequest {
     /**
+     * @public
      * <p>
      *          The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy.
      *          The following is the format of a resource ARN:
@@ -4378,6 +4763,7 @@ export interface PutResourcePolicyRequest {
      */
     ResourceArn: string | undefined;
     /**
+     * @public
      * <p>
      *          A JSON-formatted string for an Amazon Web Services resource-based policy.
      *       </p>
@@ -4407,12 +4793,14 @@ export interface PutResourcePolicyRequest {
  */
 export interface PutResourcePolicyResponse {
     /**
+     * @public
      * <p>
      *          The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy.
      *       </p>
      */
     ResourceArn?: string;
     /**
+     * @public
      * <p>
      *          The JSON-formatted string of the Amazon Web Services resource-based policy attached to the CloudTrail channel.
      *       </p>
@@ -4447,6 +4835,7 @@ export declare class ResourcePolicyNotValidException extends __BaseException {
     readonly name: "ResourcePolicyNotValidException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -4464,6 +4853,7 @@ export declare class DelegatedAdminAccountLimitExceededException extends __BaseE
     readonly name: "DelegatedAdminAccountLimitExceededException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -4479,6 +4869,7 @@ export declare class DelegatedAdminAccountLimitExceededException extends __BaseE
  */
 export interface RegisterOrganizationDelegatedAdminRequest {
     /**
+     * @public
      * <p>An organization member account ID that you want to designate as a delegated
      *          administrator.</p>
      */
@@ -4496,6 +4887,7 @@ export interface RegisterOrganizationDelegatedAdminResponse {
  */
 export interface RemoveTagsRequest {
     /**
+     * @public
      * <p>Specifies the ARN of the trail, event data store, or channel from which tags should be
      *          removed.</p>
      *          <p> Example trail ARN format:
@@ -4510,6 +4902,7 @@ export interface RemoveTagsRequest {
      */
     ResourceId: string | undefined;
     /**
+     * @public
      * <p>Specifies a list of tags to be removed.</p>
      */
     TagsList: Tag[] | undefined;
@@ -4529,6 +4922,7 @@ export declare class InvalidEventDataStoreStatusException extends __BaseExceptio
     readonly name: "InvalidEventDataStoreStatusException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -4542,6 +4936,7 @@ export declare class InvalidEventDataStoreStatusException extends __BaseExceptio
  */
 export interface RestoreEventDataStoreRequest {
     /**
+     * @public
      * <p>The ARN (or the ID suffix of the ARN) of the event data store that you want to
      *          restore.</p>
      */
@@ -4552,51 +4947,62 @@ export interface RestoreEventDataStoreRequest {
  */
 export interface RestoreEventDataStoreResponse {
     /**
+     * @public
      * <p>The event data store ARN.</p>
      */
     EventDataStoreArn?: string;
     /**
+     * @public
      * <p>The name of the event data store.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>The status of the event data store.</p>
      */
     Status?: EventDataStoreStatus | string;
     /**
+     * @public
      * <p>The advanced event selectors that were used to select events.</p>
      */
     AdvancedEventSelectors?: AdvancedEventSelector[];
     /**
+     * @public
      * <p>Indicates whether the event data store is collecting events from all Regions, or only
      *          from the Region in which the event data store was created.</p>
      */
     MultiRegionEnabled?: boolean;
     /**
+     * @public
      * <p>Indicates whether an event data store is collecting logged events for an organization in
      *             Organizations.</p>
      */
     OrganizationEnabled?: boolean;
     /**
+     * @public
      * <p>The retention period, in days.</p>
      */
     RetentionPeriod?: number;
     /**
+     * @public
      * <p>Indicates that termination protection is enabled and the event data store cannot be
      *          automatically deleted.</p>
      */
     TerminationProtectionEnabled?: boolean;
     /**
+     * @public
      * <p>The timestamp of an event data store's creation.</p>
      */
     CreatedTimestamp?: Date;
     /**
+     * @public
      * <p>The timestamp that shows when an event data store was updated, if applicable.
      *             <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in
      *             <code>CreatedTimestamp</code>.</p>
      */
     UpdatedTimestamp?: Date;
     /**
+     * @public
      * <p>Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the
      *          following format.</p>
      *          <p>
@@ -4610,6 +5016,7 @@ export interface RestoreEventDataStoreResponse {
  */
 export interface StartEventDataStoreIngestionRequest {
     /**
+     * @public
      * <p>The ARN (or ID suffix of the ARN) of the event data store for which you want to start ingestion.</p>
      */
     EventDataStore: string | undefined;
@@ -4628,6 +5035,7 @@ export declare class InvalidImportSourceException extends __BaseException {
     readonly name: "InvalidImportSourceException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -4641,15 +5049,18 @@ export declare class InvalidImportSourceException extends __BaseException {
  */
 export interface StartImportRequest {
     /**
+     * @public
      * <p> The ARN of the destination event data store. Use this parameter for a new import.
      *       </p>
      */
     Destinations?: string[];
     /**
+     * @public
      * <p> The source S3 bucket for the import. Use this parameter for a new import. </p>
      */
     ImportSource?: ImportSource;
     /**
+     * @public
      * <p> Use with <code>EndEventTime</code> to bound a <code>StartImport</code> request, and
      *          limit imported trail events to only those events logged within a specified time period.
      *          When you specify a time range, CloudTrail checks the prefix and log file names to
@@ -4658,6 +5069,7 @@ export interface StartImportRequest {
      */
     StartEventTime?: Date;
     /**
+     * @public
      * <p> Use with <code>StartEventTime</code> to bound a <code>StartImport</code> request, and
      *          limit imported trail events to only those events logged within a specified time period.
      *          When you specify a time range, CloudTrail checks the prefix and log file names to
@@ -4666,6 +5078,7 @@ export interface StartImportRequest {
      */
     EndEventTime?: Date;
     /**
+     * @public
      * <p> The ID of the import. Use this parameter when you are retrying an import. </p>
      */
     ImportId?: string;
@@ -4675,40 +5088,48 @@ export interface StartImportRequest {
  */
 export interface StartImportResponse {
     /**
+     * @public
      * <p> The ID of the import. </p>
      */
     ImportId?: string;
     /**
+     * @public
      * <p> The ARN of the destination event data store. </p>
      */
     Destinations?: string[];
     /**
+     * @public
      * <p> The source S3 bucket for the import. </p>
      */
     ImportSource?: ImportSource;
     /**
+     * @public
      * <p> Used with <code>EndEventTime</code> to bound a <code>StartImport</code> request, and
      *          limit imported trail events to only those events logged within a specified time period.
      *       </p>
      */
     StartEventTime?: Date;
     /**
+     * @public
      * <p> Used with <code>StartEventTime</code> to bound a <code>StartImport</code> request, and
      *          limit imported trail events to only those events logged within a specified time period.
      *       </p>
      */
     EndEventTime?: Date;
     /**
+     * @public
      * <p> Shows the status of the import after a <code>StartImport</code> request. An import
      *          finishes with a status of <code>COMPLETED</code> if there were no failures, or
      *             <code>FAILED</code> if there were failures. </p>
      */
     ImportStatus?: ImportStatus | string;
     /**
+     * @public
      * <p> The timestamp for the import's creation. </p>
      */
     CreatedTimestamp?: Date;
     /**
+     * @public
      * <p> The timestamp of the import's last update, if applicable. </p>
      */
     UpdatedTimestamp?: Date;
@@ -4720,6 +5141,7 @@ export interface StartImportResponse {
  */
 export interface StartLoggingRequest {
     /**
+     * @public
      * <p>Specifies the name or the CloudTrail ARN of the trail for which CloudTrail
      *          logs Amazon Web Services API calls. The following is the format of a trail ARN.</p>
      *          <p>
@@ -4745,6 +5167,7 @@ export declare class InvalidQueryStatementException extends __BaseException {
     readonly name: "InvalidQueryStatementException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -4762,6 +5185,7 @@ export declare class MaxConcurrentQueriesException extends __BaseException {
     readonly name: "MaxConcurrentQueriesException";
     readonly $fault: "client";
     /**
+     * @public
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
@@ -4775,20 +5199,24 @@ export declare class MaxConcurrentQueriesException extends __BaseException {
  */
 export interface StartQueryRequest {
     /**
+     * @public
      * <p>The SQL code of your query.</p>
      */
     QueryStatement?: string;
     /**
+     * @public
      * <p> The URI for the S3 bucket where CloudTrail delivers the query results. </p>
      */
     DeliveryS3Uri?: string;
     /**
+     * @public
      * <p>
      *          The alias that identifies a query template.
      *       </p>
      */
     QueryAlias?: string;
     /**
+     * @public
      * <p>
      *          The query parameters for the specified <code>QueryAlias</code>.
      *       </p>
@@ -4800,6 +5228,7 @@ export interface StartQueryRequest {
  */
 export interface StartQueryResponse {
     /**
+     * @public
      * <p>The ID of the started query.</p>
      */
     QueryId?: string;
@@ -4809,6 +5238,7 @@ export interface StartQueryResponse {
  */
 export interface StopEventDataStoreIngestionRequest {
     /**
+     * @public
      * <p>The ARN (or ID suffix of the ARN) of the event data store for which you want to stop ingestion.</p>
      */
     EventDataStore: string | undefined;
@@ -4823,6 +5253,7 @@ export interface StopEventDataStoreIngestionResponse {
  */
 export interface StopImportRequest {
     /**
+     * @public
      * <p> The ID of the import. </p>
      */
     ImportId: string | undefined;
@@ -4832,42 +5263,51 @@ export interface StopImportRequest {
  */
 export interface StopImportResponse {
     /**
+     * @public
      * <p> The ID for the import. </p>
      */
     ImportId?: string;
     /**
+     * @public
      * <p> The source S3 bucket for the import. </p>
      */
     ImportSource?: ImportSource;
     /**
+     * @public
      * <p> The ARN of the destination event data store. </p>
      */
     Destinations?: string[];
     /**
+     * @public
      * <p> The status of the import. </p>
      */
     ImportStatus?: ImportStatus | string;
     /**
+     * @public
      * <p> The timestamp of the import's creation. </p>
      */
     CreatedTimestamp?: Date;
     /**
+     * @public
      * <p> The timestamp of the import's last update. </p>
      */
     UpdatedTimestamp?: Date;
     /**
+     * @public
      * <p> Used with <code>EndEventTime</code> to bound a <code>StartImport</code> request, and
      *          limit imported trail events to only those events logged within a specified time period.
      *       </p>
      */
     StartEventTime?: Date;
     /**
+     * @public
      * <p> Used with <code>StartEventTime</code> to bound a <code>StartImport</code> request, and
      *          limit imported trail events to only those events logged within a specified time period.
      *       </p>
      */
     EndEventTime?: Date;
     /**
+     * @public
      * <p> Returns information on the stopped import. </p>
      */
     ImportStatistics?: ImportStatistics;
@@ -4879,6 +5319,7 @@ export interface StopImportResponse {
  */
 export interface StopLoggingRequest {
     /**
+     * @public
      * <p>Specifies the name or the CloudTrail ARN of the trail for which CloudTrail
      *          will stop logging Amazon Web Services API calls. The following is the format of a trail
      *          ARN.</p>
@@ -4900,14 +5341,17 @@ export interface StopLoggingResponse {
  */
 export interface UpdateChannelRequest {
     /**
+     * @public
      * <p>The ARN or ID (the ARN suffix) of the channel that you want to update.</p>
      */
     Channel: string | undefined;
     /**
+     * @public
      * <p>The ARNs of event data stores that you want to log events arriving through the channel.</p>
      */
     Destinations?: Destination[];
     /**
+     * @public
      * <p>
      *          Changes the name of the channel.
      *       </p>
@@ -4919,18 +5363,22 @@ export interface UpdateChannelRequest {
  */
 export interface UpdateChannelResponse {
     /**
+     * @public
      * <p>The ARN of the channel that was updated.</p>
      */
     ChannelArn?: string;
     /**
+     * @public
      * <p>The name of the channel that was updated.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>The event source of the channel that was updated.</p>
      */
     Source?: string;
     /**
+     * @public
      * <p>The event data stores that log events arriving through the channel.</p>
      */
     Destinations?: Destination[];
@@ -4940,39 +5388,47 @@ export interface UpdateChannelResponse {
  */
 export interface UpdateEventDataStoreRequest {
     /**
+     * @public
      * <p>The ARN (or the ID suffix of the ARN) of the event data store that you want to
      *          update.</p>
      */
     EventDataStore: string | undefined;
     /**
+     * @public
      * <p>The event data store name.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>The advanced event selectors used to select events for the event data store. You can
      *          configure up to five advanced event selectors for each event data store.</p>
      */
     AdvancedEventSelectors?: AdvancedEventSelector[];
     /**
+     * @public
      * <p>Specifies whether an event data store collects events from all Regions, or only from the
      *          Region in which it was created.</p>
      */
     MultiRegionEnabled?: boolean;
     /**
+     * @public
      * <p>Specifies whether an event data store collects events logged for an organization in
      *             Organizations.</p>
      */
     OrganizationEnabled?: boolean;
     /**
+     * @public
      * <p>The retention period, in days.</p>
      */
     RetentionPeriod?: number;
     /**
+     * @public
      * <p>Indicates that termination protection is enabled and the event data store cannot be
      *          automatically deleted.</p>
      */
     TerminationProtectionEnabled?: boolean;
     /**
+     * @public
      * <p>Specifies the KMS key ID to use to encrypt the events delivered by
      *             CloudTrail. The value can be an alias name prefixed by <code>alias/</code>, a
      *          fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique
@@ -5019,50 +5475,61 @@ export interface UpdateEventDataStoreRequest {
  */
 export interface UpdateEventDataStoreResponse {
     /**
+     * @public
      * <p>The ARN of the event data store.</p>
      */
     EventDataStoreArn?: string;
     /**
+     * @public
      * <p>The name of the event data store.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>The status of an event data store.</p>
      */
     Status?: EventDataStoreStatus | string;
     /**
+     * @public
      * <p>The advanced event selectors that are applied to the event data store.</p>
      */
     AdvancedEventSelectors?: AdvancedEventSelector[];
     /**
+     * @public
      * <p>Indicates whether the event data store includes events from all Regions, or only from
      *          the Region in which it was created.</p>
      */
     MultiRegionEnabled?: boolean;
     /**
+     * @public
      * <p>Indicates whether an event data store is collecting logged events for an organization in
      *             Organizations.</p>
      */
     OrganizationEnabled?: boolean;
     /**
+     * @public
      * <p>The retention period, in days.</p>
      */
     RetentionPeriod?: number;
     /**
+     * @public
      * <p>Indicates whether termination protection is enabled for the event data store.</p>
      */
     TerminationProtectionEnabled?: boolean;
     /**
+     * @public
      * <p>The timestamp that shows when an event data store was first created.</p>
      */
     CreatedTimestamp?: Date;
     /**
+     * @public
      * <p>The timestamp that shows when the event data store was last updated.
      *             <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in
      *             <code>CreatedTimestamp</code>.</p>
      */
     UpdatedTimestamp?: Date;
     /**
+     * @public
      * <p>Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the
      *          following format.</p>
      *          <p>
@@ -5077,6 +5544,7 @@ export interface UpdateEventDataStoreResponse {
  */
 export interface UpdateTrailRequest {
     /**
+     * @public
      * <p>Specifies the name of the trail or trail ARN. If <code>Name</code> is a trail name, the
      *          string must meet the following requirements:</p>
      *          <ul>
@@ -5105,27 +5573,32 @@ export interface UpdateTrailRequest {
      */
     Name: string | undefined;
     /**
+     * @public
      * <p>Specifies the name of the Amazon S3 bucket designated for publishing log files.
      *          See <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html">Amazon S3
      *             Bucket Naming Requirements</a>.</p>
      */
     S3BucketName?: string;
     /**
+     * @public
      * <p>Specifies the Amazon S3 key prefix that comes after the name of the bucket you
      *          have designated for log file delivery. For more information, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html">Finding Your CloudTrail Log Files</a>. The maximum length is 200
      *          characters.</p>
      */
     S3KeyPrefix?: string;
     /**
+     * @public
      * <p>Specifies the name of the Amazon SNS topic defined for notification of log file
      *          delivery. The maximum length is 256 characters.</p>
      */
     SnsTopicName?: string;
     /**
+     * @public
      * <p>Specifies whether the trail is publishing events from global services such as IAM to the log files.</p>
      */
     IncludeGlobalServiceEvents?: boolean;
     /**
+     * @public
      * <p>Specifies whether the trail applies only to the current Region or to all Regions. The
      *          default is false. If the trail exists only in the current Region and this value is set to
      *          true, shadow trails (replications of the trail) will be created in the other Regions. If
@@ -5135,6 +5608,7 @@ export interface UpdateTrailRequest {
      */
     IsMultiRegionTrail?: boolean;
     /**
+     * @public
      * <p>Specifies whether log file validation is enabled. The default is false.</p>
      *          <note>
      *             <p>When you disable log file integrity validation, the chain of digest files is broken
@@ -5148,6 +5622,7 @@ export interface UpdateTrailRequest {
      */
     EnableLogFileValidation?: boolean;
     /**
+     * @public
      * <p>Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that
      *          represents the log group to which CloudTrail logs are delivered. You must use a log
      *          group that exists in your account.</p>
@@ -5155,11 +5630,13 @@ export interface UpdateTrailRequest {
      */
     CloudWatchLogsLogGroupArn?: string;
     /**
+     * @public
      * <p>Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's
      *          log group. You must use a role that exists in your account.</p>
      */
     CloudWatchLogsRoleArn?: string;
     /**
+     * @public
      * <p>Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by "alias/", a fully specified ARN to
      *          an alias, a fully specified ARN to a key, or a globally unique identifier.</p>
      *          <p>CloudTrail also supports KMS multi-Region keys. For more
@@ -5183,6 +5660,7 @@ export interface UpdateTrailRequest {
      */
     KmsKeyId?: string;
     /**
+     * @public
      * <p>Specifies whether the trail is applied to all accounts in an organization in Organizations, or only for the current Amazon Web Services account. The default is false,
      *          and cannot be true unless the call is made on behalf of an Amazon Web Services account that
      *          is the management account or delegated administrator account for an organization in Organizations. If the trail is not an organization trail and this is set to
@@ -5200,26 +5678,31 @@ export interface UpdateTrailRequest {
  */
 export interface UpdateTrailResponse {
     /**
+     * @public
      * <p>Specifies the name of the trail.</p>
      */
     Name?: string;
     /**
+     * @public
      * <p>Specifies the name of the Amazon S3 bucket designated for publishing log
      *          files.</p>
      */
     S3BucketName?: string;
     /**
+     * @public
      * <p>Specifies the Amazon S3 key prefix that comes after the name of the bucket you
      *          have designated for log file delivery. For more information, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html">Finding Your IAM Log Files</a>.</p>
      */
     S3KeyPrefix?: string;
     /**
+     * @public
      * @deprecated
      *
      * <p>This field is no longer in use. Use <code>SnsTopicARN</code>.</p>
      */
     SnsTopicName?: string;
     /**
+     * @public
      * <p>Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send
      *          notifications when log files are delivered. The following is the format of a topic
      *          ARN.</p>
@@ -5229,14 +5712,17 @@ export interface UpdateTrailResponse {
      */
     SnsTopicARN?: string;
     /**
+     * @public
      * <p>Specifies whether the trail is publishing events from global services such as IAM to the log files.</p>
      */
     IncludeGlobalServiceEvents?: boolean;
     /**
+     * @public
      * <p>Specifies whether the trail exists in one Region or in all Regions.</p>
      */
     IsMultiRegionTrail?: boolean;
     /**
+     * @public
      * <p>Specifies the ARN of the trail that was updated. The following is the format of a trail
      *          ARN.</p>
      *          <p>
@@ -5245,20 +5731,24 @@ export interface UpdateTrailResponse {
      */
     TrailARN?: string;
     /**
+     * @public
      * <p>Specifies whether log file integrity validation is enabled.</p>
      */
     LogFileValidationEnabled?: boolean;
     /**
+     * @public
      * <p>Specifies the Amazon Resource Name (ARN) of the log group to which CloudTrail
      *          logs are delivered.</p>
      */
     CloudWatchLogsLogGroupArn?: string;
     /**
+     * @public
      * <p>Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's
      *          log group.</p>
      */
     CloudWatchLogsRoleArn?: string;
     /**
+     * @public
      * <p>Specifies the KMS key ID that encrypts the logs delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the
      *          following format.</p>
      *          <p>
@@ -5267,6 +5757,7 @@ export interface UpdateTrailResponse {
      */
     KmsKeyId?: string;
     /**
+     * @public
      * <p>Specifies whether the trail is an organization trail.</p>
      */
     IsOrganizationTrail?: boolean;