@aws-sdk/client-cloudtrail 3.41.0 → 3.46.0

package/dist-types/models/models_0.d.ts

@@ -33,7 +33,7 @@ export interface AddTagsRequest {
     /**
      * <p>Contains a list of tags, up to a limit of 50</p>
      */
-    TagsList?: Tag[];
+    TagsList: Tag[] | undefined;
 }
 export declare namespace AddTagsRequest {
     /**
@@ -72,6 +72,59 @@ export declare namespace CloudTrailARNInvalidException {
      */
     const filterSensitiveLog: (obj: CloudTrailARNInvalidException) => any;
 }
+/**
+ * <p>This exception is thrown when the specified resource is not ready for an operation.
+ *          This can occur when you try to run an operation on a trail before CloudTrail has time to fully load the trail.
+ *          If this exception occurs, wait a few minutes, and then try the operation again.</p>
+ */
+export interface ConflictException extends __SmithyException, $MetadataBearer {
+    name: "ConflictException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace ConflictException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: ConflictException) => any;
+}
+/**
+ * <p>The specified event data store was not found.</p>
+ */
+export interface EventDataStoreNotFoundException extends __SmithyException, $MetadataBearer {
+    name: "EventDataStoreNotFoundException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace EventDataStoreNotFoundException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: EventDataStoreNotFoundException) => any;
+}
+/**
+ * <p>The event data store against which you ran your query is inactive.</p>
+ */
+export interface InactiveEventDataStoreException extends __SmithyException, $MetadataBearer {
+    name: "InactiveEventDataStoreException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace InactiveEventDataStoreException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: InactiveEventDataStoreException) => any;
+}
 /**
  * <p>This exception is thrown when the specified tag key or values are not valid.
  *          It can also occur if there are duplicate tags or too many tags on the resource.</p>
@@ -276,11 +329,55 @@ export interface AdvancedFieldSelector {
      *                      <code>resources.type</code>
      *                   </b> - This field is required.
      *                   <code>resources.type</code> can only use the <code>Equals</code> operator, and the
-     *                value can be one of the following: <code>AWS::S3::Object</code>,
-     *                   <code>AWS::S3::AccessPoint</code>,
-     *                   <code>AWS::Lambda::Function</code>, <code>AWS::DynamoDB::Table</code>,
-     *                   <code>AWS::S3Outposts::Object</code>, <code>AWS::ManagedBlockchain::Node</code>,
-     *                   <code>AWS::S3ObjectLambda::AccessPoint</code>, or <code>AWS::EC2::Snapshot</code>.
+     *             value can be one of the following:</p>
+     *                <ul>
+     *                   <li>
+     *                      <p>
+     *                         <code>AWS::S3::Object</code>
+     *                      </p>
+     *                   </li>
+     *                   <li>
+     *                      <p>
+     *                         <code>AWS::Lambda::Function</code>
+     *                      </p>
+     *                   </li>
+     *                   <li>
+     *                      <p>
+     *                         <code>AWS::DynamoDB::Table</code>
+     *                      </p>
+     *                   </li>
+     *                   <li>
+     *                      <p>
+     *                         <code>AWS::S3Outposts::Object</code>
+     *                      </p>
+     *                   </li>
+     *                   <li>
+     *                      <p>
+     *                         <code>AWS::ManagedBlockchain::Node</code>
+     *                      </p>
+     *                   </li>
+     *                   <li>
+     *                      <p>
+     *                         <code>AWS::S3ObjectLambda::AccessPoint</code>
+     *                      </p>
+     *                   </li>
+     *                   <li>
+     *                      <p>
+     *                         <code>AWS::EC2::Snapshot</code>
+     *                      </p>
+     *                   </li>
+     *                   <li>
+     *                      <p>
+     *                         <code>AWS::S3::AccessPoint</code>
+     *                      </p>
+     *                   </li>
+     *                   <li>
+     *                      <p>
+     *                         <code>AWS::DynamoDB::Stream</code>
+     *                      </p>
+     *                   </li>
+     *                </ul>
+     *                <p>
      *                You can have only one <code>resources.type</code> field per selector. To log data
      *                events on more than one resource type, add another selector.</p>
      *             </li>
@@ -289,7 +386,7 @@ export interface AdvancedFieldSelector {
      *                   <b>
      *                      <code>resources.ARN</code>
      *                   </b> - You can use any operator with
-     *                resources.ARN, but if you use <code>Equals</code> or <code>NotEquals</code>, the
+     *                <code>resources.ARN</code>, but if you use <code>Equals</code> or <code>NotEquals</code>, the
      *                value must exactly match the ARN of a valid resource of the type you've specified in
      *                the template as the value of resources.type. For example, if resources.type equals
      *                   <code>AWS::S3::Object</code>, the ARN must be in one of the following formats. To
@@ -341,7 +438,7 @@ export interface AdvancedFieldSelector {
      *                <ul>
      *                   <li>
      *                      <p>
-     *                         <code>arn:<partition>:dynamodb:<region>:<account_ID>:table:<table_name></code>
+     *                         <code>arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name></code>
      *                      </p>
      *                   </li>
      *                </ul>
@@ -385,6 +482,15 @@ export interface AdvancedFieldSelector {
      *                      </p>
      *                   </li>
      *                </ul>
+     *                <p>When <code>resources.type</code> equals <code>AWS::DynamoDB::Stream</code>, and the operator is set to
+     *                <code>Equals</code> or <code>NotEquals</code>, the ARN must be in the following format:</p>
+     *                <ul>
+     *                   <li>
+     *                      <p>
+     *                         <code>arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time></code>
+     *                      </p>
+     *                   </li>
+     *                </ul>
      *             </li>
      *          </ul>
      */
@@ -486,6 +592,116 @@ export declare namespace AdvancedEventSelector {
      */
     const filterSensitiveLog: (obj: AdvancedEventSelector) => any;
 }
+export interface CancelQueryRequest {
+    /**
+     * <p>The ARN (or the ID suffix of the ARN) of an event data store on which the specified query is running.</p>
+     */
+    EventDataStore: string | undefined;
+    /**
+     * <p>The ID of the query that you want to cancel. The <code>QueryId</code> comes from the response of a <code>StartQuery</code>
+     *       operation.</p>
+     */
+    QueryId: string | undefined;
+}
+export declare namespace CancelQueryRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: CancelQueryRequest) => any;
+}
+export declare enum QueryStatus {
+    CANCELLED = "CANCELLED",
+    FAILED = "FAILED",
+    FINISHED = "FINISHED",
+    QUEUED = "QUEUED",
+    RUNNING = "RUNNING"
+}
+export interface CancelQueryResponse {
+    /**
+     * <p>The ID of the canceled query.</p>
+     */
+    QueryId: string | undefined;
+    /**
+     * <p>Shows the status of a query after a <code>CancelQuery</code> request. Typically, the values shown are either
+     *          <code>RUNNING</code> or <code>CANCELLED</code>.</p>
+     */
+    QueryStatus: QueryStatus | string | undefined;
+}
+export declare namespace CancelQueryResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: CancelQueryResponse) => any;
+}
+/**
+ * <p>The specified event data store ARN is not valid or does not map to an event data store in your account.</p>
+ */
+export interface EventDataStoreARNInvalidException extends __SmithyException, $MetadataBearer {
+    name: "EventDataStoreARNInvalidException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace EventDataStoreARNInvalidException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: EventDataStoreARNInvalidException) => any;
+}
+/**
+ * <p>The specified query cannot be canceled because it is in the <code>FINISHED</code>, <code>FAILED</code>, or
+ *          <code>CANCELLED</code> state.</p>
+ */
+export interface InactiveQueryException extends __SmithyException, $MetadataBearer {
+    name: "InactiveQueryException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace InactiveQueryException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: InactiveQueryException) => any;
+}
+/**
+ * <p>The request includes a parameter that is not valid.</p>
+ */
+export interface InvalidParameterException extends __SmithyException, $MetadataBearer {
+    name: "InvalidParameterException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace InvalidParameterException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: InvalidParameterException) => any;
+}
+/**
+ * <p>The query ID does not exist or does not map to a query.</p>
+ */
+export interface QueryIdNotFoundException extends __SmithyException, $MetadataBearer {
+    name: "QueryIdNotFoundException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace QueryIdNotFoundException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: QueryIdNotFoundException) => any;
+}
 /**
  * <p>This exception is thrown when trusted access has not been enabled between CloudTrail and Organizations. For more information,
  *          see <a href="https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html">Enabling Trusted Access with Other Amazon Web Services Services</a>
@@ -505,6 +721,195 @@ export declare namespace CloudTrailAccessNotEnabledException {
      */
     const filterSensitiveLog: (obj: CloudTrailAccessNotEnabledException) => any;
 }
+export interface CreateEventDataStoreRequest {
+    /**
+     * <p>The name of the event data store.</p>
+     */
+    Name: string | undefined;
+    /**
+     * <p>The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event
+     *          selectors, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced">Log events by using advanced event selectors</a> in the CloudTrail
+     *          User Guide.</p>
+     */
+    AdvancedEventSelectors?: AdvancedEventSelector[];
+    /**
+     * <p>Specifies whether the event data store includes events from all regions, or only from the region in which the event data store
+     *          is created.</p>
+     */
+    MultiRegionEnabled?: boolean;
+    /**
+     * <p>Specifies whether an event data store collects events logged for an organization in Organizations.</p>
+     */
+    OrganizationEnabled?: boolean;
+    /**
+     * <p>The retention period of the event data store, in days. You can set a retention period of up to 2555 days,
+     *       the equivalent of seven years.</p>
+     */
+    RetentionPeriod?: number;
+    /**
+     * <p>Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you
+     *       cannot delete the event data store until termination protection is disabled.</p>
+     */
+    TerminationProtectionEnabled?: boolean;
+    /**
+     * <p>A list of tags.</p>
+     */
+    TagsList?: Tag[];
+}
+export declare namespace CreateEventDataStoreRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: CreateEventDataStoreRequest) => any;
+}
+export declare enum EventDataStoreStatus {
+    CREATED = "CREATED",
+    ENABLED = "ENABLED",
+    PENDING_DELETION = "PENDING_DELETION"
+}
+export interface CreateEventDataStoreResponse {
+    /**
+     * <p>The ARN of the event data store.</p>
+     */
+    EventDataStoreArn?: string;
+    /**
+     * <p>The name of the event data store.</p>
+     */
+    Name?: string;
+    /**
+     * <p>The status of event data store creation.</p>
+     */
+    Status?: EventDataStoreStatus | string;
+    /**
+     * <p>The advanced event selectors that were used to select the events for the data store.</p>
+     */
+    AdvancedEventSelectors?: AdvancedEventSelector[];
+    /**
+     * <p>Indicates whether the event data store collects events from all regions, or only from the region in which it was created.</p>
+     */
+    MultiRegionEnabled?: boolean;
+    /**
+     * <p>Indicates whether an event data store is collecting logged events for an organization in Organizations.</p>
+     */
+    OrganizationEnabled?: boolean;
+    /**
+     * <p>The retention period of an event data store, in days.</p>
+     */
+    RetentionPeriod?: number;
+    /**
+     * <p>Indicates whether termination protection is enabled for the event data store.</p>
+     */
+    TerminationProtectionEnabled?: boolean;
+    /**
+     * <p>A list of tags.</p>
+     */
+    TagsList?: Tag[];
+    /**
+     * <p>The timestamp that shows when the event data store was created.</p>
+     */
+    CreatedTimestamp?: Date;
+    /**
+     * <p>The timestamp that shows when an event data store was updated, if applicable.
+     *          <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in <code>CreatedTimestamp</code>.</p>
+     */
+    UpdatedTimestamp?: Date;
+}
+export declare namespace CreateEventDataStoreResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: CreateEventDataStoreResponse) => any;
+}
+/**
+ * <p>An event data store with that name already exists.</p>
+ */
+export interface EventDataStoreAlreadyExistsException extends __SmithyException, $MetadataBearer {
+    name: "EventDataStoreAlreadyExistsException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace EventDataStoreAlreadyExistsException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: EventDataStoreAlreadyExistsException) => any;
+}
+/**
+ * <p>Your account has used the maximum number of event data stores.</p>
+ */
+export interface EventDataStoreMaxLimitExceededException extends __SmithyException, $MetadataBearer {
+    name: "EventDataStoreMaxLimitExceededException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace EventDataStoreMaxLimitExceededException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: EventDataStoreMaxLimitExceededException) => any;
+}
+/**
+ * <p>This exception is thrown when the IAM user or role that is used to create the organization trail is lacking one or more required permissions for
+ *          creating an organization trail in a required service. For more information, see
+ *          <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html">Prepare For Creating a Trail For Your Organization</a>.</p>
+ */
+export interface InsufficientDependencyServiceAccessPermissionException extends __SmithyException, $MetadataBearer {
+    name: "InsufficientDependencyServiceAccessPermissionException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace InsufficientDependencyServiceAccessPermissionException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: InsufficientDependencyServiceAccessPermissionException) => any;
+}
+/**
+ * <p>This exception is thrown when Organizations is not configured to support all features. All features must be enabled in Organizations to support
+ *          creating an organization trail. For more information, see
+ *          <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html">Prepare For Creating a Trail For Your Organization</a>.</p>
+ */
+export interface OrganizationNotInAllFeaturesModeException extends __SmithyException, $MetadataBearer {
+    name: "OrganizationNotInAllFeaturesModeException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace OrganizationNotInAllFeaturesModeException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: OrganizationNotInAllFeaturesModeException) => any;
+}
+/**
+ * <p>This exception is thrown when the request is made from an Amazon Web Services account that is not a member of an organization.
+ *          To make this request, sign in using the credentials of an account that belongs to an organization.</p>
+ */
+export interface OrganizationsNotInUseException extends __SmithyException, $MetadataBearer {
+    name: "OrganizationsNotInUseException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace OrganizationsNotInUseException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: OrganizationsNotInUseException) => any;
+}
 /**
  * <p>This exception is thrown when a call results in the <code>InvalidClientTokenId</code> error code.
  *          This can occur when you are creating or updating a trail to send notifications to an Amazon SNS topic that
@@ -726,25 +1131,6 @@ export declare namespace CreateTrailResponse {
      */
     const filterSensitiveLog: (obj: CreateTrailResponse) => any;
 }
-/**
- * <p>This exception is thrown when the IAM user or role that is used to create the organization trail is lacking one or more required permissions for
- *          creating an organization trail in a required service. For more information, see
- *          <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html">Prepare For Creating a Trail For Your Organization</a>.</p>
- */
-export interface InsufficientDependencyServiceAccessPermissionException extends __SmithyException, $MetadataBearer {
-    name: "InsufficientDependencyServiceAccessPermissionException";
-    $fault: "client";
-    /**
-     * <p>Brief description of the exception returned by the request.</p>
-     */
-    Message?: string;
-}
-export declare namespace InsufficientDependencyServiceAccessPermissionException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: InsufficientDependencyServiceAccessPermissionException) => any;
-}
 /**
  * <p>This exception is thrown when the policy on the S3 bucket or KMS key is not sufficient.</p>
  */
@@ -987,43 +1373,6 @@ export declare namespace MaximumNumberOfTrailsExceededException {
      */
     const filterSensitiveLog: (obj: MaximumNumberOfTrailsExceededException) => any;
 }
-/**
- * <p>This exception is thrown when Organizations is not configured to support all features. All features must be enabled in Organizations to support
- *          creating an organization trail. For more information, see
- *          <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html">Prepare For Creating a Trail For Your Organization</a>.</p>
- */
-export interface OrganizationNotInAllFeaturesModeException extends __SmithyException, $MetadataBearer {
-    name: "OrganizationNotInAllFeaturesModeException";
-    $fault: "client";
-    /**
-     * <p>Brief description of the exception returned by the request.</p>
-     */
-    Message?: string;
-}
-export declare namespace OrganizationNotInAllFeaturesModeException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: OrganizationNotInAllFeaturesModeException) => any;
-}
-/**
- * <p>This exception is thrown when the request is made from an Amazon Web Services account that is not a member of an organization.
- *          To make this request, sign in using the credentials of an account that belongs to an organization.</p>
- */
-export interface OrganizationsNotInUseException extends __SmithyException, $MetadataBearer {
-    name: "OrganizationsNotInUseException";
-    $fault: "client";
-    /**
-     * <p>Brief description of the exception returned by the request.</p>
-     */
-    Message?: string;
-}
-export declare namespace OrganizationsNotInUseException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: OrganizationsNotInUseException) => any;
-}
 /**
  * <p>This exception is thrown when the specified S3 bucket does not exist.</p>
  */
@@ -1065,34 +1414,52 @@ export interface TrailNotProvidedException extends __SmithyException, $MetadataB
     name: "TrailNotProvidedException";
     $fault: "client";
     /**
-     * <p>Brief description of the exception returned by the request.</p>
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace TrailNotProvidedException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: TrailNotProvidedException) => any;
+}
+export interface DeleteEventDataStoreRequest {
+    /**
+     * <p>The ARN (or the ID suffix of the ARN) of the event data store to delete.</p>
      */
-    Message?: string;
+    EventDataStore: string | undefined;
 }
-export declare namespace TrailNotProvidedException {
+export declare namespace DeleteEventDataStoreRequest {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: TrailNotProvidedException) => any;
+    const filterSensitiveLog: (obj: DeleteEventDataStoreRequest) => any;
+}
+export interface DeleteEventDataStoreResponse {
+}
+export declare namespace DeleteEventDataStoreResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DeleteEventDataStoreResponse) => any;
 }
 /**
- * <p>This exception is thrown when the specified resource is not ready for an operation.
- *          This can occur when you try to run an operation on a trail before CloudTrail has time to fully load the trail.
- *          If this exception occurs, wait a few minutes, and then try the operation again.</p>
+ * <p>The event data store cannot be deleted because termination protection is enabled for it.</p>
  */
-export interface ConflictException extends __SmithyException, $MetadataBearer {
-    name: "ConflictException";
+export interface EventDataStoreTerminationProtectedException extends __SmithyException, $MetadataBearer {
+    name: "EventDataStoreTerminationProtectedException";
     $fault: "client";
     /**
      * <p>Brief description of the exception returned by the request.</p>
      */
     Message?: string;
 }
-export declare namespace ConflictException {
+export declare namespace EventDataStoreTerminationProtectedException {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: ConflictException) => any;
+    const filterSensitiveLog: (obj: EventDataStoreTerminationProtectedException) => any;
 }
 /**
  * <p>The request that specifies the name of a trail to delete.</p>
@@ -1157,6 +1524,81 @@ export declare namespace TrailNotFoundException {
      */
     const filterSensitiveLog: (obj: TrailNotFoundException) => any;
 }
+export interface DescribeQueryRequest {
+    /**
+     * <p>The ARN (or the ID suffix of the ARN) of an event data store on which the specified query was run.</p>
+     */
+    EventDataStore: string | undefined;
+    /**
+     * <p>The query ID.</p>
+     */
+    QueryId: string | undefined;
+}
+export declare namespace DescribeQueryRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DescribeQueryRequest) => any;
+}
+/**
+ * <p>Gets metadata about a query, including the number of events that were matched, the total number of events scanned, the query run time
+ *          in milliseconds, and the query's creation time.</p>
+ */
+export interface QueryStatisticsForDescribeQuery {
+    /**
+     * <p>The number of events that matched a query.</p>
+     */
+    EventsMatched?: number;
+    /**
+     * <p>The number of events that the query scanned in the event data store.</p>
+     */
+    EventsScanned?: number;
+    /**
+     * <p>The query's run time, in milliseconds.</p>
+     */
+    ExecutionTimeInMillis?: number;
+    /**
+     * <p>The creation time of the query.</p>
+     */
+    CreationTime?: Date;
+}
+export declare namespace QueryStatisticsForDescribeQuery {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: QueryStatisticsForDescribeQuery) => any;
+}
+export interface DescribeQueryResponse {
+    /**
+     * <p>The ID of the query.</p>
+     */
+    QueryId?: string;
+    /**
+     * <p>The SQL code of a query.</p>
+     */
+    QueryString?: string;
+    /**
+     * <p>The status of a query. Values for <code>QueryStatus</code> include <code>QUEUED</code>, <code>RUNNING</code>,
+     *          <code>FINISHED</code>, <code>FAILED</code>, or <code>CANCELLED</code>
+     *          </p>
+     */
+    QueryStatus?: QueryStatus | string;
+    /**
+     * <p>Metadata about a query, including the number of events that were matched, the total number of events scanned, the query run time
+     *          in milliseconds, and the query's creation time.</p>
+     */
+    QueryStatistics?: QueryStatisticsForDescribeQuery;
+    /**
+     * <p>The error message returned if a query failed.</p>
+     */
+    ErrorMessage?: string;
+}
+export declare namespace DescribeQueryResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DescribeQueryResponse) => any;
+}
 /**
  * <p>Returns information about the trail.</p>
  */
@@ -1304,6 +1746,66 @@ export declare namespace DescribeTrailsResponse {
      */
     const filterSensitiveLog: (obj: DescribeTrailsResponse) => any;
 }
+export interface GetEventDataStoreRequest {
+    /**
+     * <p>The ARN (or ID suffix of the ARN) of the event data store about which you want information.</p>
+     */
+    EventDataStore: string | undefined;
+}
+export declare namespace GetEventDataStoreRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: GetEventDataStoreRequest) => any;
+}
+export interface GetEventDataStoreResponse {
+    /**
+     * <p>The event data store Amazon Resource Number (ARN).</p>
+     */
+    EventDataStoreArn?: string;
+    /**
+     * <p>The name of the event data store.</p>
+     */
+    Name?: string;
+    /**
+     * <p>The status of an event data store. Values can be <code>ENABLED</code> and <code>PENDING_DELETION</code>.</p>
+     */
+    Status?: EventDataStoreStatus | string;
+    /**
+     * <p>The advanced event selectors used to select events for the data store.</p>
+     */
+    AdvancedEventSelectors?: AdvancedEventSelector[];
+    /**
+     * <p>Indicates whether the event data store includes events from all regions, or only from the region in which it was created.</p>
+     */
+    MultiRegionEnabled?: boolean;
+    /**
+     * <p>Indicates whether an event data store is collecting logged events for an organization in Organizations.</p>
+     */
+    OrganizationEnabled?: boolean;
+    /**
+     * <p>The retention period of the event data store, in days.</p>
+     */
+    RetentionPeriod?: number;
+    /**
+     * <p>Indicates that termination protection is enabled.</p>
+     */
+    TerminationProtectionEnabled?: boolean;
+    /**
+     * <p>The timestamp of the event data store's creation.</p>
+     */
+    CreatedTimestamp?: Date;
+    /**
+     * <p>Shows the time that an event data store was updated, if applicable. <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in <code>CreatedTimestamp</code>.</p>
+     */
+    UpdatedTimestamp?: Date;
+}
+export declare namespace GetEventDataStoreResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: GetEventDataStoreResponse) => any;
+}
 export interface GetEventSelectorsRequest {
     /**
      * <p>Specifies the name of the trail or trail ARN. If you specify a trail name, the
@@ -1396,12 +1898,60 @@ export declare namespace GetEventSelectorsRequest {
 export interface DataResource {
     /**
      * <p>The resource type in which you want to log data events. You can specify
-     *             <code>AWS::S3::Object</code>, <code>AWS::Lambda::Function</code>, or
-     *             <code>AWS::DynamoDB::Table</code> resources.</p>
-     *          <p>The <code>AWS::S3Outposts::Object</code>, <code>AWS::ManagedBlockchain::Node</code>,
-     *             <code>AWS::S3ObjectLambda::AccessPoint</code>, and <code>AWS::EC2::Snapshot</code> resource types are not valid in basic
-     *          event selectors. To log data events on these resource types, use advanced event
-     *          selectors.</p>
+     *          the following <i>basic</i> event selector resource types:</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>AWS::S3::Object</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AWS::Lambda::Function</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AWS::DynamoDB::Table</code>
+     *                </p>
+     *             </li>
+     *          </ul>
+     *          <p>The following resource types are also availble through <i>advanced</i> event selectors.
+     *          Basic event selector resource types are valid in advanced event selectors, but
+     *          advanced event selector resource types are not valid in basic event selectors.
+     *          For more information, see <a>AdvancedFieldSelector$Field</a>.</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>AWS::S3Outposts::Object</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AWS::ManagedBlockchain::Node</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AWS::S3ObjectLambda::AccessPoint</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AWS::EC2::Snapshot</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AWS::S3::AccessPoint</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AWS::DynamoDB::Stream</code>
+     *                </p>
+     *             </li>
+     *          </ul>
      */
     Type?: string;
     /**
@@ -1573,14 +2123,15 @@ export declare namespace GetInsightSelectorsRequest {
     const filterSensitiveLog: (obj: GetInsightSelectorsRequest) => any;
 }
 export declare enum InsightType {
-    ApiCallRateInsight = "ApiCallRateInsight"
+    ApiCallRateInsight = "ApiCallRateInsight",
+    ApiErrorRateInsight = "ApiErrorRateInsight"
 }
 /**
  * <p>A JSON string that contains a list of insight types that are logged on a trail.</p>
  */
 export interface InsightSelector {
     /**
-     * <p>The type of Insights events to log on a trail. The valid Insights type in this release is <code>ApiCallRateInsight</code>.</p>
+     * <p>The type of insights to log on a trail. <code>ApiCallRateInsight</code> and <code>ApiErrorRateInsight</code> are valid insight types.</p>
      */
     InsightType?: InsightType | string;
 }
@@ -1596,7 +2147,8 @@ export interface GetInsightSelectorsResponse {
      */
     TrailARN?: string;
     /**
-     * <p>A JSON string that contains the insight types you want to log on a trail. In this release, only <code>ApiCallRateInsight</code> is supported as an insight type.</p>
+     * <p>A JSON string that contains the insight types you want to log on a trail. In this release, <code>ApiErrorRateInsight</code> and
+     *          <code>ApiCallRateInsight</code> are supported as insight types.</p>
      */
     InsightSelectors?: InsightSelector[];
 }
@@ -1623,6 +2175,114 @@ export declare namespace InsightNotEnabledException {
      */
     const filterSensitiveLog: (obj: InsightNotEnabledException) => any;
 }
+export interface GetQueryResultsRequest {
+    /**
+     * <p>The ARN (or ID suffix of the ARN) of the event data store against which the query was run.</p>
+     */
+    EventDataStore: string | undefined;
+    /**
+     * <p>The ID of the query for which you want to get results.</p>
+     */
+    QueryId: string | undefined;
+    /**
+     * <p>A token you can use to get the next page of query results.</p>
+     */
+    NextToken?: string;
+    /**
+     * <p>The maximum number of query results to display on a single page.</p>
+     */
+    MaxQueryResults?: number;
+}
+export declare namespace GetQueryResultsRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: GetQueryResultsRequest) => any;
+}
+/**
+ * <p>Metadata about a query, such as the number of results.</p>
+ */
+export interface QueryStatistics {
+    /**
+     * <p>The number of results returned.</p>
+     */
+    ResultsCount?: number;
+    /**
+     * <p>The total number of results returned by a query.</p>
+     */
+    TotalResultsCount?: number;
+}
+export declare namespace QueryStatistics {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: QueryStatistics) => any;
+}
+export interface GetQueryResultsResponse {
+    /**
+     * <p>The status of the query. Values include <code>QUEUED</code>, <code>RUNNING</code>, <code>FINISHED</code>, <code>FAILED</code>,
+     *          or <code>CANCELLED</code>.</p>
+     */
+    QueryStatus?: QueryStatus | string;
+    /**
+     * <p>Shows the count of query results.</p>
+     */
+    QueryStatistics?: QueryStatistics;
+    /**
+     * <p>Contains the individual event results of the query.</p>
+     */
+    QueryResultRows?: {
+        [key: string]: string;
+    }[][];
+    /**
+     * <p>A token you can use to get the next page of query results.</p>
+     */
+    NextToken?: string;
+    /**
+     * <p>The error message returned if a query failed.</p>
+     */
+    ErrorMessage?: string;
+}
+export declare namespace GetQueryResultsResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: GetQueryResultsResponse) => any;
+}
+/**
+ * <p>This exception is thrown if the limit specified is not valid.</p>
+ */
+export interface InvalidMaxResultsException extends __SmithyException, $MetadataBearer {
+    name: "InvalidMaxResultsException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace InvalidMaxResultsException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: InvalidMaxResultsException) => any;
+}
+/**
+ * <p>A token that is not valid, or a token that was previously used in a request with different parameters. This exception is thrown if the token is not valid.</p>
+ */
+export interface InvalidNextTokenException extends __SmithyException, $MetadataBearer {
+    name: "InvalidNextTokenException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace InvalidNextTokenException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: InvalidNextTokenException) => any;
+}
 export interface GetTrailRequest {
     /**
      * <p>The name or the Amazon Resource Name (ARN) of the trail for which you want to retrieve settings information.</p>
@@ -1731,37 +2391,123 @@ export interface GetTrailStatusResponse {
      *             CloudTrail can again write to the bucket.</p>
      *          </note>
      */
-    LatestDigestDeliveryError?: string;
+    LatestDigestDeliveryError?: string;
+    /**
+     * <p>This field is no longer in use.</p>
+     */
+    LatestDeliveryAttemptTime?: string;
+    /**
+     * <p>This field is no longer in use.</p>
+     */
+    LatestNotificationAttemptTime?: string;
+    /**
+     * <p>This field is no longer in use.</p>
+     */
+    LatestNotificationAttemptSucceeded?: string;
+    /**
+     * <p>This field is no longer in use.</p>
+     */
+    LatestDeliveryAttemptSucceeded?: string;
+    /**
+     * <p>This field is no longer in use.</p>
+     */
+    TimeLoggingStarted?: string;
+    /**
+     * <p>This field is no longer in use.</p>
+     */
+    TimeLoggingStopped?: string;
+}
+export declare namespace GetTrailStatusResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: GetTrailStatusResponse) => any;
+}
+export interface ListEventDataStoresRequest {
+    /**
+     * <p>A token you can use to get the next page of event data store results.</p>
+     */
+    NextToken?: string;
+    /**
+     * <p>The maximum number of event data stores to display on a single page.</p>
+     */
+    MaxResults?: number;
+}
+export declare namespace ListEventDataStoresRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: ListEventDataStoresRequest) => any;
+}
+/**
+ * <p>A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events
+ *          that you have logged on your account from the last 90 to 2555 days
+ *          (about three months to up to seven years). To select events for an event data store,
+ *          use <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced">advanced event selectors</a>.</p>
+ */
+export interface EventDataStore {
+    /**
+     * <p>The ARN of the event data store.</p>
+     */
+    EventDataStoreArn?: string;
+    /**
+     * <p>The name of the event data store.</p>
+     */
+    Name?: string;
+    /**
+     * <p>Indicates whether the event data store is protected from termination.</p>
+     */
+    TerminationProtectionEnabled?: boolean;
+    /**
+     * <p>The status of an event data store. Values are <code>ENABLED</code> and <code>PENDING_DELETION</code>.</p>
+     */
+    Status?: EventDataStoreStatus | string;
+    /**
+     * <p>The advanced event selectors that were used to select events for the data store.</p>
+     */
+    AdvancedEventSelectors?: AdvancedEventSelector[];
+    /**
+     * <p>Indicates whether the event data store includes events from all regions, or only from the region in which it was created.</p>
+     */
+    MultiRegionEnabled?: boolean;
     /**
-     * <p>This field is no longer in use.</p>
+     * <p>Indicates that an event data store is collecting logged events for an organization.</p>
      */
-    LatestDeliveryAttemptTime?: string;
+    OrganizationEnabled?: boolean;
     /**
-     * <p>This field is no longer in use.</p>
+     * <p>The retention period, in days.</p>
      */
-    LatestNotificationAttemptTime?: string;
+    RetentionPeriod?: number;
     /**
-     * <p>This field is no longer in use.</p>
+     * <p>The timestamp of the event data store's creation.</p>
      */
-    LatestNotificationAttemptSucceeded?: string;
+    CreatedTimestamp?: Date;
     /**
-     * <p>This field is no longer in use.</p>
+     * <p>The timestamp showing when an event data store was updated, if applicable. <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in <code>CreatedTimestamp</code>.</p>
      */
-    LatestDeliveryAttemptSucceeded?: string;
+    UpdatedTimestamp?: Date;
+}
+export declare namespace EventDataStore {
     /**
-     * <p>This field is no longer in use.</p>
+     * @internal
      */
-    TimeLoggingStarted?: string;
+    const filterSensitiveLog: (obj: EventDataStore) => any;
+}
+export interface ListEventDataStoresResponse {
     /**
-     * <p>This field is no longer in use.</p>
+     * <p>Contains information about event data stores in the account, in the current region.</p>
      */
-    TimeLoggingStopped?: string;
+    EventDataStores?: EventDataStore[];
+    /**
+     * <p>A token you can use to get the next page of results.</p>
+     */
+    NextToken?: string;
 }
-export declare namespace GetTrailStatusResponse {
+export declare namespace ListEventDataStoresResponse {
     /**
      * @internal
      */
-    const filterSensitiveLog: (obj: GetTrailStatusResponse) => any;
+    const filterSensitiveLog: (obj: ListEventDataStoresResponse) => any;
 }
 /**
  * <p>Occurs if the timestamp values are not valid. Either the start time occurs after the end time, or the time range is outside the range of possible values.</p>
@@ -1871,6 +2617,117 @@ export declare namespace ListPublicKeysResponse {
      */
     const filterSensitiveLog: (obj: ListPublicKeysResponse) => any;
 }
+/**
+ * <p>A date range for the query was specified that is not valid. For more information
+ *          about writing a query, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html">Create
+ *             or edit a query</a> in the <i>CloudTrail User Guide</i>.</p>
+ */
+export interface InvalidDateRangeException extends __SmithyException, $MetadataBearer {
+    name: "InvalidDateRangeException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace InvalidDateRangeException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: InvalidDateRangeException) => any;
+}
+/**
+ * <p>The query status is not valid for the operation.</p>
+ */
+export interface InvalidQueryStatusException extends __SmithyException, $MetadataBearer {
+    name: "InvalidQueryStatusException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace InvalidQueryStatusException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: InvalidQueryStatusException) => any;
+}
+export interface ListQueriesRequest {
+    /**
+     * <p>The ARN (or the ID suffix of the ARN) of an event data store on which queries were run.</p>
+     */
+    EventDataStore: string | undefined;
+    /**
+     * <p>A token you can use to get the next page of results.</p>
+     */
+    NextToken?: string;
+    /**
+     * <p>The maximum number of queries to show on a page.</p>
+     */
+    MaxResults?: number;
+    /**
+     * <p>Use with <code>EndTime</code> to bound a <code>ListQueries</code> request, and limit its results to only those queries run
+     *          within a specified time period.</p>
+     */
+    StartTime?: Date;
+    /**
+     * <p>Use with <code>StartTime</code> to bound a <code>ListQueries</code> request, and limit its results to only those queries run
+     *       within a specified time period.</p>
+     */
+    EndTime?: Date;
+    /**
+     * <p>The status of queries that you want to return in results. Valid values for <code>QueryStatus</code> include <code>QUEUED</code>, <code>RUNNING</code>,
+     *          <code>FINISHED</code>, <code>FAILED</code>, or <code>CANCELLED</code>.</p>
+     */
+    QueryStatus?: QueryStatus | string;
+}
+export declare namespace ListQueriesRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: ListQueriesRequest) => any;
+}
+/**
+ * <p>A SQL string of criteria about events that you want to collect in an event data store.</p>
+ */
+export interface Query {
+    /**
+     * <p>The ID of a query.</p>
+     */
+    QueryId?: string;
+    /**
+     * <p>The status of the query. This can be <code>QUEUED</code>, <code>RUNNING</code>, <code>FINISHED</code>, <code>FAILED</code>,
+     *          or <code>CANCELLED</code>.</p>
+     */
+    QueryStatus?: QueryStatus | string;
+    /**
+     * <p>The creation time of a query.</p>
+     */
+    CreationTime?: Date;
+}
+export declare namespace Query {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: Query) => any;
+}
+export interface ListQueriesResponse {
+    /**
+     * <p>Lists matching query results, and shows query ID, status, and creation time of each query.</p>
+     */
+    Queries?: Query[];
+    /**
+     * <p>A token you can use to get the next page of results.</p>
+     */
+    NextToken?: string;
+}
+export declare namespace ListQueriesResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: ListQueriesResponse) => any;
+}
 /**
  * <p>Specifies a list of trail tags to return.</p>
  */
@@ -2023,40 +2880,6 @@ export declare namespace InvalidLookupAttributesException {
      */
     const filterSensitiveLog: (obj: InvalidLookupAttributesException) => any;
 }
-/**
- * <p>This exception is thrown if the limit specified is not valid.</p>
- */
-export interface InvalidMaxResultsException extends __SmithyException, $MetadataBearer {
-    name: "InvalidMaxResultsException";
-    $fault: "client";
-    /**
-     * <p>Brief description of the exception returned by the request.</p>
-     */
-    Message?: string;
-}
-export declare namespace InvalidMaxResultsException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: InvalidMaxResultsException) => any;
-}
-/**
- * <p>A token that is not valid, or a token that was previously used in a request with different parameters. This exception is thrown if the token is not valid.</p>
- */
-export interface InvalidNextTokenException extends __SmithyException, $MetadataBearer {
-    name: "InvalidNextTokenException";
-    $fault: "client";
-    /**
-     * <p>Brief description of the exception returned by the request.</p>
-     */
-    Message?: string;
-}
-export declare namespace InvalidNextTokenException {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: InvalidNextTokenException) => any;
-}
 export declare enum EventCategory {
     Insight = "insight"
 }
@@ -2357,7 +3180,7 @@ export interface PutInsightSelectorsRequest {
      */
     TrailName: string | undefined;
     /**
-     * <p>A JSON string that contains the Insights types that you want to log on a trail. The valid Insights type in this release is <code>ApiCallRateInsight</code>.</p>
+     * <p>A JSON string that contains the insight types you want to log on a trail. <code>ApiCallRateInsight</code> and <code>ApiErrorRateInsight</code> are valid insight types.</p>
      */
     InsightSelectors: InsightSelector[] | undefined;
 }
@@ -2373,7 +3196,8 @@ export interface PutInsightSelectorsResponse {
      */
     TrailARN?: string;
     /**
-     * <p>A JSON string that contains the Insights event types that you want to log on a trail. The valid Insights type in this release is <code>ApiCallRateInsight</code>.</p>
+     * <p>A JSON string that contains the Insights event types that you want to log on a trail. The valid Insights types in this release are
+     *          <code>ApiErrorRateInsight</code> and <code>ApiCallRateInsight</code>.</p>
      */
     InsightSelectors?: InsightSelector[];
 }
@@ -2397,7 +3221,7 @@ export interface RemoveTagsRequest {
     /**
      * <p>Specifies a list of tags to be removed.</p>
      */
-    TagsList?: Tag[];
+    TagsList: Tag[] | undefined;
 }
 export declare namespace RemoveTagsRequest {
     /**
@@ -2416,6 +3240,85 @@ export declare namespace RemoveTagsResponse {
      */
     const filterSensitiveLog: (obj: RemoveTagsResponse) => any;
 }
+/**
+ * <p>The event data store is not in a status that supports the operation.</p>
+ */
+export interface InvalidEventDataStoreStatusException extends __SmithyException, $MetadataBearer {
+    name: "InvalidEventDataStoreStatusException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace InvalidEventDataStoreStatusException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: InvalidEventDataStoreStatusException) => any;
+}
+export interface RestoreEventDataStoreRequest {
+    /**
+     * <p>The ARN (or the ID suffix of the ARN) of the event data store that you want to restore.</p>
+     */
+    EventDataStore: string | undefined;
+}
+export declare namespace RestoreEventDataStoreRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: RestoreEventDataStoreRequest) => any;
+}
+export interface RestoreEventDataStoreResponse {
+    /**
+     * <p>The event data store ARN.</p>
+     */
+    EventDataStoreArn?: string;
+    /**
+     * <p>The name of the event data store.</p>
+     */
+    Name?: string;
+    /**
+     * <p>The status of the event data store.</p>
+     */
+    Status?: EventDataStoreStatus | string;
+    /**
+     * <p>The advanced event selectors that were used to select events.</p>
+     */
+    AdvancedEventSelectors?: AdvancedEventSelector[];
+    /**
+     * <p>Indicates whether the event data store is collecting events from all regions, or only from the region in which the event data
+     *       store was created.</p>
+     */
+    MultiRegionEnabled?: boolean;
+    /**
+     * <p>Indicates whether an event data store is collecting logged events for an organization in Organizations.</p>
+     */
+    OrganizationEnabled?: boolean;
+    /**
+     * <p>The retention period, in days.</p>
+     */
+    RetentionPeriod?: number;
+    /**
+     * <p>Indicates that termination protection is enabled and the event data store cannot be automatically deleted.</p>
+     */
+    TerminationProtectionEnabled?: boolean;
+    /**
+     * <p>The timestamp of an event data store's creation.</p>
+     */
+    CreatedTimestamp?: Date;
+    /**
+     * <p>The timestamp that shows when an event data store was updated, if applicable.
+     *          <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in <code>CreatedTimestamp</code>.</p>
+     */
+    UpdatedTimestamp?: Date;
+}
+export declare namespace RestoreEventDataStoreResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: RestoreEventDataStoreResponse) => any;
+}
 /**
  * <p>The request to CloudTrail to start logging Amazon Web Services API calls for an account.</p>
  */
@@ -2446,6 +3349,67 @@ export declare namespace StartLoggingResponse {
      */
     const filterSensitiveLog: (obj: StartLoggingResponse) => any;
 }
+/**
+ * <p>The query that was submitted has validation errors, or uses incorrect syntax or unsupported keywords. For more information
+ *          about writing a query, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html">Create
+ *             or edit a query</a> in the <i>CloudTrail User Guide</i>.</p>
+ */
+export interface InvalidQueryStatementException extends __SmithyException, $MetadataBearer {
+    name: "InvalidQueryStatementException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace InvalidQueryStatementException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: InvalidQueryStatementException) => any;
+}
+/**
+ * <p>You are already running the maximum number of concurrent queries. Wait a minute for some queries to finish, and then
+ *          run the query again.</p>
+ */
+export interface MaxConcurrentQueriesException extends __SmithyException, $MetadataBearer {
+    name: "MaxConcurrentQueriesException";
+    $fault: "client";
+    /**
+     * <p>Brief description of the exception returned by the request.</p>
+     */
+    Message?: string;
+}
+export declare namespace MaxConcurrentQueriesException {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: MaxConcurrentQueriesException) => any;
+}
+export interface StartQueryRequest {
+    /**
+     * <p>The SQL code of your query.</p>
+     */
+    QueryStatement: string | undefined;
+}
+export declare namespace StartQueryRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: StartQueryRequest) => any;
+}
+export interface StartQueryResponse {
+    /**
+     * <p>The ID of the started query.</p>
+     */
+    QueryId?: string;
+}
+export declare namespace StartQueryResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: StartQueryResponse) => any;
+}
 /**
  * <p>Passes the request to CloudTrail to stop logging Amazon Web Services API calls for the specified account.</p>
  */
@@ -2476,6 +3440,90 @@ export declare namespace StopLoggingResponse {
      */
     const filterSensitiveLog: (obj: StopLoggingResponse) => any;
 }
+export interface UpdateEventDataStoreRequest {
+    /**
+     * <p>The ARN (or the ID suffix of the ARN) of the event data store that you want to update.</p>
+     */
+    EventDataStore: string | undefined;
+    /**
+     * <p>The event data store name.</p>
+     */
+    Name?: string;
+    /**
+     * <p>The advanced event selectors used to select events for the event data store.</p>
+     */
+    AdvancedEventSelectors?: AdvancedEventSelector[];
+    /**
+     * <p>Specifies whether an event data store collects events from all regions, or only from the region in which it was created.</p>
+     */
+    MultiRegionEnabled?: boolean;
+    /**
+     * <p>Specifies whether an event data store collects events logged for an organization in Organizations.</p>
+     */
+    OrganizationEnabled?: boolean;
+    /**
+     * <p>The retention period, in days.</p>
+     */
+    RetentionPeriod?: number;
+    /**
+     * <p>Indicates that termination protection is enabled and the event data store cannot be automatically deleted.</p>
+     */
+    TerminationProtectionEnabled?: boolean;
+}
+export declare namespace UpdateEventDataStoreRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: UpdateEventDataStoreRequest) => any;
+}
+export interface UpdateEventDataStoreResponse {
+    /**
+     * <p>The ARN of the event data store.</p>
+     */
+    EventDataStoreArn?: string;
+    /**
+     * <p>The name of the event data store.</p>
+     */
+    Name?: string;
+    /**
+     * <p>The status of an event data store. Values can be <code>ENABLED</code> and <code>PENDING_DELETION</code>.</p>
+     */
+    Status?: EventDataStoreStatus | string;
+    /**
+     * <p>The advanced event selectors that are applied to the event data store.</p>
+     */
+    AdvancedEventSelectors?: AdvancedEventSelector[];
+    /**
+     * <p>Indicates whether the event data store includes events from all regions, or only from the region in which it was created.</p>
+     */
+    MultiRegionEnabled?: boolean;
+    /**
+     * <p>Indicates whether an event data store is collecting logged events for an organization in Organizations.</p>
+     */
+    OrganizationEnabled?: boolean;
+    /**
+     * <p>The retention period, in days.</p>
+     */
+    RetentionPeriod?: number;
+    /**
+     * <p>Indicates whether termination protection is enabled for the event data store.</p>
+     */
+    TerminationProtectionEnabled?: boolean;
+    /**
+     * <p>The timestamp that shows when an event data store was first created.</p>
+     */
+    CreatedTimestamp?: Date;
+    /**
+     * <p>The timestamp that shows when the event data store was last updated. <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in <code>CreatedTimestamp</code>.</p>
+     */
+    UpdatedTimestamp?: Date;
+}
+export declare namespace UpdateEventDataStoreResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: UpdateEventDataStoreResponse) => any;
+}
 /**
  * <p>Specifies settings to update for the trail.</p>
  */