@aws-sdk/client-cloudtrail 3.41.0 → 3.46.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (85) hide show
  1. package/CHANGELOG.md +48 -0
  2. package/dist-cjs/CloudTrail.js +165 -0
  3. package/dist-cjs/commands/CancelQueryCommand.js +36 -0
  4. package/dist-cjs/commands/CreateEventDataStoreCommand.js +36 -0
  5. package/dist-cjs/commands/DeleteEventDataStoreCommand.js +36 -0
  6. package/dist-cjs/commands/DescribeQueryCommand.js +36 -0
  7. package/dist-cjs/commands/GetEventDataStoreCommand.js +36 -0
  8. package/dist-cjs/commands/GetQueryResultsCommand.js +36 -0
  9. package/dist-cjs/commands/ListEventDataStoresCommand.js +36 -0
  10. package/dist-cjs/commands/ListQueriesCommand.js +36 -0
  11. package/dist-cjs/commands/RestoreEventDataStoreCommand.js +36 -0
  12. package/dist-cjs/commands/StartQueryCommand.js +36 -0
  13. package/dist-cjs/commands/UpdateEventDataStoreCommand.js +36 -0
  14. package/dist-cjs/commands/index.js +11 -0
  15. package/dist-cjs/endpoints.js +1 -0
  16. package/dist-cjs/models/models_0.js +292 -36
  17. package/dist-cjs/pagination/GetQueryResultsPaginator.js +34 -0
  18. package/dist-cjs/pagination/ListEventDataStoresPaginator.js +35 -0
  19. package/dist-cjs/pagination/ListQueriesPaginator.js +35 -0
  20. package/dist-cjs/pagination/index.js +3 -0
  21. package/dist-cjs/protocols/Aws_json1_1.js +2319 -389
  22. package/dist-cjs/runtimeConfig.js +0 -2
  23. package/dist-es/CloudTrail.js +165 -0
  24. package/dist-es/commands/CancelQueryCommand.js +39 -0
  25. package/dist-es/commands/CreateEventDataStoreCommand.js +39 -0
  26. package/dist-es/commands/DeleteEventDataStoreCommand.js +39 -0
  27. package/dist-es/commands/DescribeQueryCommand.js +39 -0
  28. package/dist-es/commands/GetEventDataStoreCommand.js +39 -0
  29. package/dist-es/commands/GetQueryResultsCommand.js +39 -0
  30. package/dist-es/commands/ListEventDataStoresCommand.js +39 -0
  31. package/dist-es/commands/ListQueriesCommand.js +39 -0
  32. package/dist-es/commands/RestoreEventDataStoreCommand.js +39 -0
  33. package/dist-es/commands/StartQueryCommand.js +39 -0
  34. package/dist-es/commands/UpdateEventDataStoreCommand.js +39 -0
  35. package/dist-es/commands/index.js +11 -0
  36. package/dist-es/endpoints.js +1 -0
  37. package/dist-es/models/models_0.js +199 -24
  38. package/dist-es/pagination/GetQueryResultsPaginator.js +73 -0
  39. package/dist-es/pagination/ListEventDataStoresPaginator.js +74 -0
  40. package/dist-es/pagination/ListQueriesPaginator.js +74 -0
  41. package/dist-es/pagination/index.js +3 -0
  42. package/dist-es/protocols/Aws_json1_1.js +2669 -704
  43. package/dist-es/runtimeConfig.js +0 -2
  44. package/dist-types/CloudTrail.d.ts +100 -1
  45. package/dist-types/CloudTrailClient.d.ts +13 -2
  46. package/dist-types/commands/CancelQueryCommand.d.ts +37 -0
  47. package/dist-types/commands/CreateEventDataStoreCommand.d.ts +35 -0
  48. package/dist-types/commands/DeleteEventDataStoreCommand.d.ts +41 -0
  49. package/dist-types/commands/DescribeQueryCommand.d.ts +36 -0
  50. package/dist-types/commands/GetEventDataStoreCommand.d.ts +35 -0
  51. package/dist-types/commands/GetQueryResultsCommand.d.ts +36 -0
  52. package/dist-types/commands/ListEventDataStoresCommand.d.ts +35 -0
  53. package/dist-types/commands/ListQueriesCommand.d.ts +39 -0
  54. package/dist-types/commands/PutInsightSelectorsCommand.d.ts +1 -1
  55. package/dist-types/commands/RestoreEventDataStoreCommand.d.ts +37 -0
  56. package/dist-types/commands/StartQueryCommand.d.ts +36 -0
  57. package/dist-types/commands/UpdateEventDataStoreCommand.d.ts +40 -0
  58. package/dist-types/commands/index.d.ts +11 -0
  59. package/dist-types/models/models_0.d.ts +1184 -136
  60. package/dist-types/pagination/GetQueryResultsPaginator.d.ts +4 -0
  61. package/dist-types/pagination/ListEventDataStoresPaginator.d.ts +4 -0
  62. package/dist-types/pagination/ListQueriesPaginator.d.ts +4 -0
  63. package/dist-types/pagination/index.d.ts +3 -0
  64. package/dist-types/protocols/Aws_json1_1.d.ts +33 -0
  65. package/dist-types/ts3.4/CloudTrail.d.ts +55 -0
  66. package/dist-types/ts3.4/CloudTrailClient.d.ts +13 -2
  67. package/dist-types/ts3.4/commands/CancelQueryCommand.d.ts +17 -0
  68. package/dist-types/ts3.4/commands/CreateEventDataStoreCommand.d.ts +17 -0
  69. package/dist-types/ts3.4/commands/DeleteEventDataStoreCommand.d.ts +17 -0
  70. package/dist-types/ts3.4/commands/DescribeQueryCommand.d.ts +17 -0
  71. package/dist-types/ts3.4/commands/GetEventDataStoreCommand.d.ts +17 -0
  72. package/dist-types/ts3.4/commands/GetQueryResultsCommand.d.ts +17 -0
  73. package/dist-types/ts3.4/commands/ListEventDataStoresCommand.d.ts +17 -0
  74. package/dist-types/ts3.4/commands/ListQueriesCommand.d.ts +17 -0
  75. package/dist-types/ts3.4/commands/RestoreEventDataStoreCommand.d.ts +17 -0
  76. package/dist-types/ts3.4/commands/StartQueryCommand.d.ts +17 -0
  77. package/dist-types/ts3.4/commands/UpdateEventDataStoreCommand.d.ts +17 -0
  78. package/dist-types/ts3.4/commands/index.d.ts +11 -0
  79. package/dist-types/ts3.4/models/models_0.d.ts +613 -62
  80. package/dist-types/ts3.4/pagination/GetQueryResultsPaginator.d.ts +4 -0
  81. package/dist-types/ts3.4/pagination/ListEventDataStoresPaginator.d.ts +4 -0
  82. package/dist-types/ts3.4/pagination/ListQueriesPaginator.d.ts +4 -0
  83. package/dist-types/ts3.4/pagination/index.d.ts +3 -0
  84. package/dist-types/ts3.4/protocols/Aws_json1_1.d.ts +33 -0
  85. package/package.json +36 -43
@@ -33,7 +33,7 @@ export interface AddTagsRequest {
33
33
  /**
34
34
  * <p>Contains a list of tags, up to a limit of 50</p>
35
35
  */
36
- TagsList?: Tag[];
36
+ TagsList: Tag[] | undefined;
37
37
  }
38
38
  export declare namespace AddTagsRequest {
39
39
  /**
@@ -72,6 +72,59 @@ export declare namespace CloudTrailARNInvalidException {
72
72
  */
73
73
  const filterSensitiveLog: (obj: CloudTrailARNInvalidException) => any;
74
74
  }
75
+ /**
76
+ * <p>This exception is thrown when the specified resource is not ready for an operation.
77
+ * This can occur when you try to run an operation on a trail before CloudTrail has time to fully load the trail.
78
+ * If this exception occurs, wait a few minutes, and then try the operation again.</p>
79
+ */
80
+ export interface ConflictException extends __SmithyException, $MetadataBearer {
81
+ name: "ConflictException";
82
+ $fault: "client";
83
+ /**
84
+ * <p>Brief description of the exception returned by the request.</p>
85
+ */
86
+ Message?: string;
87
+ }
88
+ export declare namespace ConflictException {
89
+ /**
90
+ * @internal
91
+ */
92
+ const filterSensitiveLog: (obj: ConflictException) => any;
93
+ }
94
+ /**
95
+ * <p>The specified event data store was not found.</p>
96
+ */
97
+ export interface EventDataStoreNotFoundException extends __SmithyException, $MetadataBearer {
98
+ name: "EventDataStoreNotFoundException";
99
+ $fault: "client";
100
+ /**
101
+ * <p>Brief description of the exception returned by the request.</p>
102
+ */
103
+ Message?: string;
104
+ }
105
+ export declare namespace EventDataStoreNotFoundException {
106
+ /**
107
+ * @internal
108
+ */
109
+ const filterSensitiveLog: (obj: EventDataStoreNotFoundException) => any;
110
+ }
111
+ /**
112
+ * <p>The event data store against which you ran your query is inactive.</p>
113
+ */
114
+ export interface InactiveEventDataStoreException extends __SmithyException, $MetadataBearer {
115
+ name: "InactiveEventDataStoreException";
116
+ $fault: "client";
117
+ /**
118
+ * <p>Brief description of the exception returned by the request.</p>
119
+ */
120
+ Message?: string;
121
+ }
122
+ export declare namespace InactiveEventDataStoreException {
123
+ /**
124
+ * @internal
125
+ */
126
+ const filterSensitiveLog: (obj: InactiveEventDataStoreException) => any;
127
+ }
75
128
  /**
76
129
  * <p>This exception is thrown when the specified tag key or values are not valid.
77
130
  * It can also occur if there are duplicate tags or too many tags on the resource.</p>
@@ -276,11 +329,55 @@ export interface AdvancedFieldSelector {
276
329
  * <code>resources.type</code>
277
330
  * </b> - This field is required.
278
331
  * <code>resources.type</code> can only use the <code>Equals</code> operator, and the
279
- * value can be one of the following: <code>AWS::S3::Object</code>,
280
- * <code>AWS::S3::AccessPoint</code>,
281
- * <code>AWS::Lambda::Function</code>, <code>AWS::DynamoDB::Table</code>,
282
- * <code>AWS::S3Outposts::Object</code>, <code>AWS::ManagedBlockchain::Node</code>,
283
- * <code>AWS::S3ObjectLambda::AccessPoint</code>, or <code>AWS::EC2::Snapshot</code>.
332
+ * value can be one of the following:</p>
333
+ * <ul>
334
+ * <li>
335
+ * <p>
336
+ * <code>AWS::S3::Object</code>
337
+ * </p>
338
+ * </li>
339
+ * <li>
340
+ * <p>
341
+ * <code>AWS::Lambda::Function</code>
342
+ * </p>
343
+ * </li>
344
+ * <li>
345
+ * <p>
346
+ * <code>AWS::DynamoDB::Table</code>
347
+ * </p>
348
+ * </li>
349
+ * <li>
350
+ * <p>
351
+ * <code>AWS::S3Outposts::Object</code>
352
+ * </p>
353
+ * </li>
354
+ * <li>
355
+ * <p>
356
+ * <code>AWS::ManagedBlockchain::Node</code>
357
+ * </p>
358
+ * </li>
359
+ * <li>
360
+ * <p>
361
+ * <code>AWS::S3ObjectLambda::AccessPoint</code>
362
+ * </p>
363
+ * </li>
364
+ * <li>
365
+ * <p>
366
+ * <code>AWS::EC2::Snapshot</code>
367
+ * </p>
368
+ * </li>
369
+ * <li>
370
+ * <p>
371
+ * <code>AWS::S3::AccessPoint</code>
372
+ * </p>
373
+ * </li>
374
+ * <li>
375
+ * <p>
376
+ * <code>AWS::DynamoDB::Stream</code>
377
+ * </p>
378
+ * </li>
379
+ * </ul>
380
+ * <p>
284
381
  * You can have only one <code>resources.type</code> field per selector. To log data
285
382
  * events on more than one resource type, add another selector.</p>
286
383
  * </li>
@@ -289,7 +386,7 @@ export interface AdvancedFieldSelector {
289
386
  * <b>
290
387
  * <code>resources.ARN</code>
291
388
  * </b> - You can use any operator with
292
- * resources.ARN, but if you use <code>Equals</code> or <code>NotEquals</code>, the
389
+ * <code>resources.ARN</code>, but if you use <code>Equals</code> or <code>NotEquals</code>, the
293
390
  * value must exactly match the ARN of a valid resource of the type you've specified in
294
391
  * the template as the value of resources.type. For example, if resources.type equals
295
392
  * <code>AWS::S3::Object</code>, the ARN must be in one of the following formats. To
@@ -341,7 +438,7 @@ export interface AdvancedFieldSelector {
341
438
  * <ul>
342
439
  * <li>
343
440
  * <p>
344
- * <code>arn:<partition>:dynamodb:<region>:<account_ID>:table:<table_name></code>
441
+ * <code>arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name></code>
345
442
  * </p>
346
443
  * </li>
347
444
  * </ul>
@@ -385,6 +482,15 @@ export interface AdvancedFieldSelector {
385
482
  * </p>
386
483
  * </li>
387
484
  * </ul>
485
+ * <p>When <code>resources.type</code> equals <code>AWS::DynamoDB::Stream</code>, and the operator is set to
486
+ * <code>Equals</code> or <code>NotEquals</code>, the ARN must be in the following format:</p>
487
+ * <ul>
488
+ * <li>
489
+ * <p>
490
+ * <code>arn:<partition>:dynamodb:<region>:<account_ID>:table/<table_name>/stream/<date_time></code>
491
+ * </p>
492
+ * </li>
493
+ * </ul>
388
494
  * </li>
389
495
  * </ul>
390
496
  */
@@ -486,6 +592,116 @@ export declare namespace AdvancedEventSelector {
486
592
  */
487
593
  const filterSensitiveLog: (obj: AdvancedEventSelector) => any;
488
594
  }
595
+ export interface CancelQueryRequest {
596
+ /**
597
+ * <p>The ARN (or the ID suffix of the ARN) of an event data store on which the specified query is running.</p>
598
+ */
599
+ EventDataStore: string | undefined;
600
+ /**
601
+ * <p>The ID of the query that you want to cancel. The <code>QueryId</code> comes from the response of a <code>StartQuery</code>
602
+ * operation.</p>
603
+ */
604
+ QueryId: string | undefined;
605
+ }
606
+ export declare namespace CancelQueryRequest {
607
+ /**
608
+ * @internal
609
+ */
610
+ const filterSensitiveLog: (obj: CancelQueryRequest) => any;
611
+ }
612
+ export declare enum QueryStatus {
613
+ CANCELLED = "CANCELLED",
614
+ FAILED = "FAILED",
615
+ FINISHED = "FINISHED",
616
+ QUEUED = "QUEUED",
617
+ RUNNING = "RUNNING"
618
+ }
619
+ export interface CancelQueryResponse {
620
+ /**
621
+ * <p>The ID of the canceled query.</p>
622
+ */
623
+ QueryId: string | undefined;
624
+ /**
625
+ * <p>Shows the status of a query after a <code>CancelQuery</code> request. Typically, the values shown are either
626
+ * <code>RUNNING</code> or <code>CANCELLED</code>.</p>
627
+ */
628
+ QueryStatus: QueryStatus | string | undefined;
629
+ }
630
+ export declare namespace CancelQueryResponse {
631
+ /**
632
+ * @internal
633
+ */
634
+ const filterSensitiveLog: (obj: CancelQueryResponse) => any;
635
+ }
636
+ /**
637
+ * <p>The specified event data store ARN is not valid or does not map to an event data store in your account.</p>
638
+ */
639
+ export interface EventDataStoreARNInvalidException extends __SmithyException, $MetadataBearer {
640
+ name: "EventDataStoreARNInvalidException";
641
+ $fault: "client";
642
+ /**
643
+ * <p>Brief description of the exception returned by the request.</p>
644
+ */
645
+ Message?: string;
646
+ }
647
+ export declare namespace EventDataStoreARNInvalidException {
648
+ /**
649
+ * @internal
650
+ */
651
+ const filterSensitiveLog: (obj: EventDataStoreARNInvalidException) => any;
652
+ }
653
+ /**
654
+ * <p>The specified query cannot be canceled because it is in the <code>FINISHED</code>, <code>FAILED</code>, or
655
+ * <code>CANCELLED</code> state.</p>
656
+ */
657
+ export interface InactiveQueryException extends __SmithyException, $MetadataBearer {
658
+ name: "InactiveQueryException";
659
+ $fault: "client";
660
+ /**
661
+ * <p>Brief description of the exception returned by the request.</p>
662
+ */
663
+ Message?: string;
664
+ }
665
+ export declare namespace InactiveQueryException {
666
+ /**
667
+ * @internal
668
+ */
669
+ const filterSensitiveLog: (obj: InactiveQueryException) => any;
670
+ }
671
+ /**
672
+ * <p>The request includes a parameter that is not valid.</p>
673
+ */
674
+ export interface InvalidParameterException extends __SmithyException, $MetadataBearer {
675
+ name: "InvalidParameterException";
676
+ $fault: "client";
677
+ /**
678
+ * <p>Brief description of the exception returned by the request.</p>
679
+ */
680
+ Message?: string;
681
+ }
682
+ export declare namespace InvalidParameterException {
683
+ /**
684
+ * @internal
685
+ */
686
+ const filterSensitiveLog: (obj: InvalidParameterException) => any;
687
+ }
688
+ /**
689
+ * <p>The query ID does not exist or does not map to a query.</p>
690
+ */
691
+ export interface QueryIdNotFoundException extends __SmithyException, $MetadataBearer {
692
+ name: "QueryIdNotFoundException";
693
+ $fault: "client";
694
+ /**
695
+ * <p>Brief description of the exception returned by the request.</p>
696
+ */
697
+ Message?: string;
698
+ }
699
+ export declare namespace QueryIdNotFoundException {
700
+ /**
701
+ * @internal
702
+ */
703
+ const filterSensitiveLog: (obj: QueryIdNotFoundException) => any;
704
+ }
489
705
  /**
490
706
  * <p>This exception is thrown when trusted access has not been enabled between CloudTrail and Organizations. For more information,
491
707
  * see <a href="https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html">Enabling Trusted Access with Other Amazon Web Services Services</a>
@@ -505,6 +721,195 @@ export declare namespace CloudTrailAccessNotEnabledException {
505
721
  */
506
722
  const filterSensitiveLog: (obj: CloudTrailAccessNotEnabledException) => any;
507
723
  }
724
+ export interface CreateEventDataStoreRequest {
725
+ /**
726
+ * <p>The name of the event data store.</p>
727
+ */
728
+ Name: string | undefined;
729
+ /**
730
+ * <p>The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event
731
+ * selectors, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced">Log events by using advanced event selectors</a> in the CloudTrail
732
+ * User Guide.</p>
733
+ */
734
+ AdvancedEventSelectors?: AdvancedEventSelector[];
735
+ /**
736
+ * <p>Specifies whether the event data store includes events from all regions, or only from the region in which the event data store
737
+ * is created.</p>
738
+ */
739
+ MultiRegionEnabled?: boolean;
740
+ /**
741
+ * <p>Specifies whether an event data store collects events logged for an organization in Organizations.</p>
742
+ */
743
+ OrganizationEnabled?: boolean;
744
+ /**
745
+ * <p>The retention period of the event data store, in days. You can set a retention period of up to 2555 days,
746
+ * the equivalent of seven years.</p>
747
+ */
748
+ RetentionPeriod?: number;
749
+ /**
750
+ * <p>Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you
751
+ * cannot delete the event data store until termination protection is disabled.</p>
752
+ */
753
+ TerminationProtectionEnabled?: boolean;
754
+ /**
755
+ * <p>A list of tags.</p>
756
+ */
757
+ TagsList?: Tag[];
758
+ }
759
+ export declare namespace CreateEventDataStoreRequest {
760
+ /**
761
+ * @internal
762
+ */
763
+ const filterSensitiveLog: (obj: CreateEventDataStoreRequest) => any;
764
+ }
765
+ export declare enum EventDataStoreStatus {
766
+ CREATED = "CREATED",
767
+ ENABLED = "ENABLED",
768
+ PENDING_DELETION = "PENDING_DELETION"
769
+ }
770
+ export interface CreateEventDataStoreResponse {
771
+ /**
772
+ * <p>The ARN of the event data store.</p>
773
+ */
774
+ EventDataStoreArn?: string;
775
+ /**
776
+ * <p>The name of the event data store.</p>
777
+ */
778
+ Name?: string;
779
+ /**
780
+ * <p>The status of event data store creation.</p>
781
+ */
782
+ Status?: EventDataStoreStatus | string;
783
+ /**
784
+ * <p>The advanced event selectors that were used to select the events for the data store.</p>
785
+ */
786
+ AdvancedEventSelectors?: AdvancedEventSelector[];
787
+ /**
788
+ * <p>Indicates whether the event data store collects events from all regions, or only from the region in which it was created.</p>
789
+ */
790
+ MultiRegionEnabled?: boolean;
791
+ /**
792
+ * <p>Indicates whether an event data store is collecting logged events for an organization in Organizations.</p>
793
+ */
794
+ OrganizationEnabled?: boolean;
795
+ /**
796
+ * <p>The retention period of an event data store, in days.</p>
797
+ */
798
+ RetentionPeriod?: number;
799
+ /**
800
+ * <p>Indicates whether termination protection is enabled for the event data store.</p>
801
+ */
802
+ TerminationProtectionEnabled?: boolean;
803
+ /**
804
+ * <p>A list of tags.</p>
805
+ */
806
+ TagsList?: Tag[];
807
+ /**
808
+ * <p>The timestamp that shows when the event data store was created.</p>
809
+ */
810
+ CreatedTimestamp?: Date;
811
+ /**
812
+ * <p>The timestamp that shows when an event data store was updated, if applicable.
813
+ * <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in <code>CreatedTimestamp</code>.</p>
814
+ */
815
+ UpdatedTimestamp?: Date;
816
+ }
817
+ export declare namespace CreateEventDataStoreResponse {
818
+ /**
819
+ * @internal
820
+ */
821
+ const filterSensitiveLog: (obj: CreateEventDataStoreResponse) => any;
822
+ }
823
+ /**
824
+ * <p>An event data store with that name already exists.</p>
825
+ */
826
+ export interface EventDataStoreAlreadyExistsException extends __SmithyException, $MetadataBearer {
827
+ name: "EventDataStoreAlreadyExistsException";
828
+ $fault: "client";
829
+ /**
830
+ * <p>Brief description of the exception returned by the request.</p>
831
+ */
832
+ Message?: string;
833
+ }
834
+ export declare namespace EventDataStoreAlreadyExistsException {
835
+ /**
836
+ * @internal
837
+ */
838
+ const filterSensitiveLog: (obj: EventDataStoreAlreadyExistsException) => any;
839
+ }
840
+ /**
841
+ * <p>Your account has used the maximum number of event data stores.</p>
842
+ */
843
+ export interface EventDataStoreMaxLimitExceededException extends __SmithyException, $MetadataBearer {
844
+ name: "EventDataStoreMaxLimitExceededException";
845
+ $fault: "client";
846
+ /**
847
+ * <p>Brief description of the exception returned by the request.</p>
848
+ */
849
+ Message?: string;
850
+ }
851
+ export declare namespace EventDataStoreMaxLimitExceededException {
852
+ /**
853
+ * @internal
854
+ */
855
+ const filterSensitiveLog: (obj: EventDataStoreMaxLimitExceededException) => any;
856
+ }
857
+ /**
858
+ * <p>This exception is thrown when the IAM user or role that is used to create the organization trail is lacking one or more required permissions for
859
+ * creating an organization trail in a required service. For more information, see
860
+ * <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html">Prepare For Creating a Trail For Your Organization</a>.</p>
861
+ */
862
+ export interface InsufficientDependencyServiceAccessPermissionException extends __SmithyException, $MetadataBearer {
863
+ name: "InsufficientDependencyServiceAccessPermissionException";
864
+ $fault: "client";
865
+ /**
866
+ * <p>Brief description of the exception returned by the request.</p>
867
+ */
868
+ Message?: string;
869
+ }
870
+ export declare namespace InsufficientDependencyServiceAccessPermissionException {
871
+ /**
872
+ * @internal
873
+ */
874
+ const filterSensitiveLog: (obj: InsufficientDependencyServiceAccessPermissionException) => any;
875
+ }
876
+ /**
877
+ * <p>This exception is thrown when Organizations is not configured to support all features. All features must be enabled in Organizations to support
878
+ * creating an organization trail. For more information, see
879
+ * <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html">Prepare For Creating a Trail For Your Organization</a>.</p>
880
+ */
881
+ export interface OrganizationNotInAllFeaturesModeException extends __SmithyException, $MetadataBearer {
882
+ name: "OrganizationNotInAllFeaturesModeException";
883
+ $fault: "client";
884
+ /**
885
+ * <p>Brief description of the exception returned by the request.</p>
886
+ */
887
+ Message?: string;
888
+ }
889
+ export declare namespace OrganizationNotInAllFeaturesModeException {
890
+ /**
891
+ * @internal
892
+ */
893
+ const filterSensitiveLog: (obj: OrganizationNotInAllFeaturesModeException) => any;
894
+ }
895
+ /**
896
+ * <p>This exception is thrown when the request is made from an Amazon Web Services account that is not a member of an organization.
897
+ * To make this request, sign in using the credentials of an account that belongs to an organization.</p>
898
+ */
899
+ export interface OrganizationsNotInUseException extends __SmithyException, $MetadataBearer {
900
+ name: "OrganizationsNotInUseException";
901
+ $fault: "client";
902
+ /**
903
+ * <p>Brief description of the exception returned by the request.</p>
904
+ */
905
+ Message?: string;
906
+ }
907
+ export declare namespace OrganizationsNotInUseException {
908
+ /**
909
+ * @internal
910
+ */
911
+ const filterSensitiveLog: (obj: OrganizationsNotInUseException) => any;
912
+ }
508
913
  /**
509
914
  * <p>This exception is thrown when a call results in the <code>InvalidClientTokenId</code> error code.
510
915
  * This can occur when you are creating or updating a trail to send notifications to an Amazon SNS topic that
@@ -726,25 +1131,6 @@ export declare namespace CreateTrailResponse {
726
1131
  */
727
1132
  const filterSensitiveLog: (obj: CreateTrailResponse) => any;
728
1133
  }
729
- /**
730
- * <p>This exception is thrown when the IAM user or role that is used to create the organization trail is lacking one or more required permissions for
731
- * creating an organization trail in a required service. For more information, see
732
- * <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html">Prepare For Creating a Trail For Your Organization</a>.</p>
733
- */
734
- export interface InsufficientDependencyServiceAccessPermissionException extends __SmithyException, $MetadataBearer {
735
- name: "InsufficientDependencyServiceAccessPermissionException";
736
- $fault: "client";
737
- /**
738
- * <p>Brief description of the exception returned by the request.</p>
739
- */
740
- Message?: string;
741
- }
742
- export declare namespace InsufficientDependencyServiceAccessPermissionException {
743
- /**
744
- * @internal
745
- */
746
- const filterSensitiveLog: (obj: InsufficientDependencyServiceAccessPermissionException) => any;
747
- }
748
1134
  /**
749
1135
  * <p>This exception is thrown when the policy on the S3 bucket or KMS key is not sufficient.</p>
750
1136
  */
@@ -987,43 +1373,6 @@ export declare namespace MaximumNumberOfTrailsExceededException {
987
1373
  */
988
1374
  const filterSensitiveLog: (obj: MaximumNumberOfTrailsExceededException) => any;
989
1375
  }
990
- /**
991
- * <p>This exception is thrown when Organizations is not configured to support all features. All features must be enabled in Organizations to support
992
- * creating an organization trail. For more information, see
993
- * <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html">Prepare For Creating a Trail For Your Organization</a>.</p>
994
- */
995
- export interface OrganizationNotInAllFeaturesModeException extends __SmithyException, $MetadataBearer {
996
- name: "OrganizationNotInAllFeaturesModeException";
997
- $fault: "client";
998
- /**
999
- * <p>Brief description of the exception returned by the request.</p>
1000
- */
1001
- Message?: string;
1002
- }
1003
- export declare namespace OrganizationNotInAllFeaturesModeException {
1004
- /**
1005
- * @internal
1006
- */
1007
- const filterSensitiveLog: (obj: OrganizationNotInAllFeaturesModeException) => any;
1008
- }
1009
- /**
1010
- * <p>This exception is thrown when the request is made from an Amazon Web Services account that is not a member of an organization.
1011
- * To make this request, sign in using the credentials of an account that belongs to an organization.</p>
1012
- */
1013
- export interface OrganizationsNotInUseException extends __SmithyException, $MetadataBearer {
1014
- name: "OrganizationsNotInUseException";
1015
- $fault: "client";
1016
- /**
1017
- * <p>Brief description of the exception returned by the request.</p>
1018
- */
1019
- Message?: string;
1020
- }
1021
- export declare namespace OrganizationsNotInUseException {
1022
- /**
1023
- * @internal
1024
- */
1025
- const filterSensitiveLog: (obj: OrganizationsNotInUseException) => any;
1026
- }
1027
1376
  /**
1028
1377
  * <p>This exception is thrown when the specified S3 bucket does not exist.</p>
1029
1378
  */
@@ -1065,34 +1414,52 @@ export interface TrailNotProvidedException extends __SmithyException, $MetadataB
1065
1414
  name: "TrailNotProvidedException";
1066
1415
  $fault: "client";
1067
1416
  /**
1068
- * <p>Brief description of the exception returned by the request.</p>
1417
+ * <p>Brief description of the exception returned by the request.</p>
1418
+ */
1419
+ Message?: string;
1420
+ }
1421
+ export declare namespace TrailNotProvidedException {
1422
+ /**
1423
+ * @internal
1424
+ */
1425
+ const filterSensitiveLog: (obj: TrailNotProvidedException) => any;
1426
+ }
1427
+ export interface DeleteEventDataStoreRequest {
1428
+ /**
1429
+ * <p>The ARN (or the ID suffix of the ARN) of the event data store to delete.</p>
1069
1430
  */
1070
- Message?: string;
1431
+ EventDataStore: string | undefined;
1071
1432
  }
1072
- export declare namespace TrailNotProvidedException {
1433
+ export declare namespace DeleteEventDataStoreRequest {
1073
1434
  /**
1074
1435
  * @internal
1075
1436
  */
1076
- const filterSensitiveLog: (obj: TrailNotProvidedException) => any;
1437
+ const filterSensitiveLog: (obj: DeleteEventDataStoreRequest) => any;
1438
+ }
1439
+ export interface DeleteEventDataStoreResponse {
1440
+ }
1441
+ export declare namespace DeleteEventDataStoreResponse {
1442
+ /**
1443
+ * @internal
1444
+ */
1445
+ const filterSensitiveLog: (obj: DeleteEventDataStoreResponse) => any;
1077
1446
  }
1078
1447
  /**
1079
- * <p>This exception is thrown when the specified resource is not ready for an operation.
1080
- * This can occur when you try to run an operation on a trail before CloudTrail has time to fully load the trail.
1081
- * If this exception occurs, wait a few minutes, and then try the operation again.</p>
1448
+ * <p>The event data store cannot be deleted because termination protection is enabled for it.</p>
1082
1449
  */
1083
- export interface ConflictException extends __SmithyException, $MetadataBearer {
1084
- name: "ConflictException";
1450
+ export interface EventDataStoreTerminationProtectedException extends __SmithyException, $MetadataBearer {
1451
+ name: "EventDataStoreTerminationProtectedException";
1085
1452
  $fault: "client";
1086
1453
  /**
1087
1454
  * <p>Brief description of the exception returned by the request.</p>
1088
1455
  */
1089
1456
  Message?: string;
1090
1457
  }
1091
- export declare namespace ConflictException {
1458
+ export declare namespace EventDataStoreTerminationProtectedException {
1092
1459
  /**
1093
1460
  * @internal
1094
1461
  */
1095
- const filterSensitiveLog: (obj: ConflictException) => any;
1462
+ const filterSensitiveLog: (obj: EventDataStoreTerminationProtectedException) => any;
1096
1463
  }
1097
1464
  /**
1098
1465
  * <p>The request that specifies the name of a trail to delete.</p>
@@ -1157,6 +1524,81 @@ export declare namespace TrailNotFoundException {
1157
1524
  */
1158
1525
  const filterSensitiveLog: (obj: TrailNotFoundException) => any;
1159
1526
  }
1527
+ export interface DescribeQueryRequest {
1528
+ /**
1529
+ * <p>The ARN (or the ID suffix of the ARN) of an event data store on which the specified query was run.</p>
1530
+ */
1531
+ EventDataStore: string | undefined;
1532
+ /**
1533
+ * <p>The query ID.</p>
1534
+ */
1535
+ QueryId: string | undefined;
1536
+ }
1537
+ export declare namespace DescribeQueryRequest {
1538
+ /**
1539
+ * @internal
1540
+ */
1541
+ const filterSensitiveLog: (obj: DescribeQueryRequest) => any;
1542
+ }
1543
+ /**
1544
+ * <p>Gets metadata about a query, including the number of events that were matched, the total number of events scanned, the query run time
1545
+ * in milliseconds, and the query's creation time.</p>
1546
+ */
1547
+ export interface QueryStatisticsForDescribeQuery {
1548
+ /**
1549
+ * <p>The number of events that matched a query.</p>
1550
+ */
1551
+ EventsMatched?: number;
1552
+ /**
1553
+ * <p>The number of events that the query scanned in the event data store.</p>
1554
+ */
1555
+ EventsScanned?: number;
1556
+ /**
1557
+ * <p>The query's run time, in milliseconds.</p>
1558
+ */
1559
+ ExecutionTimeInMillis?: number;
1560
+ /**
1561
+ * <p>The creation time of the query.</p>
1562
+ */
1563
+ CreationTime?: Date;
1564
+ }
1565
+ export declare namespace QueryStatisticsForDescribeQuery {
1566
+ /**
1567
+ * @internal
1568
+ */
1569
+ const filterSensitiveLog: (obj: QueryStatisticsForDescribeQuery) => any;
1570
+ }
1571
+ export interface DescribeQueryResponse {
1572
+ /**
1573
+ * <p>The ID of the query.</p>
1574
+ */
1575
+ QueryId?: string;
1576
+ /**
1577
+ * <p>The SQL code of a query.</p>
1578
+ */
1579
+ QueryString?: string;
1580
+ /**
1581
+ * <p>The status of a query. Values for <code>QueryStatus</code> include <code>QUEUED</code>, <code>RUNNING</code>,
1582
+ * <code>FINISHED</code>, <code>FAILED</code>, or <code>CANCELLED</code>
1583
+ * </p>
1584
+ */
1585
+ QueryStatus?: QueryStatus | string;
1586
+ /**
1587
+ * <p>Metadata about a query, including the number of events that were matched, the total number of events scanned, the query run time
1588
+ * in milliseconds, and the query's creation time.</p>
1589
+ */
1590
+ QueryStatistics?: QueryStatisticsForDescribeQuery;
1591
+ /**
1592
+ * <p>The error message returned if a query failed.</p>
1593
+ */
1594
+ ErrorMessage?: string;
1595
+ }
1596
+ export declare namespace DescribeQueryResponse {
1597
+ /**
1598
+ * @internal
1599
+ */
1600
+ const filterSensitiveLog: (obj: DescribeQueryResponse) => any;
1601
+ }
1160
1602
  /**
1161
1603
  * <p>Returns information about the trail.</p>
1162
1604
  */
@@ -1304,6 +1746,66 @@ export declare namespace DescribeTrailsResponse {
1304
1746
  */
1305
1747
  const filterSensitiveLog: (obj: DescribeTrailsResponse) => any;
1306
1748
  }
1749
+ export interface GetEventDataStoreRequest {
1750
+ /**
1751
+ * <p>The ARN (or ID suffix of the ARN) of the event data store about which you want information.</p>
1752
+ */
1753
+ EventDataStore: string | undefined;
1754
+ }
1755
+ export declare namespace GetEventDataStoreRequest {
1756
+ /**
1757
+ * @internal
1758
+ */
1759
+ const filterSensitiveLog: (obj: GetEventDataStoreRequest) => any;
1760
+ }
1761
+ export interface GetEventDataStoreResponse {
1762
+ /**
1763
+ * <p>The event data store Amazon Resource Number (ARN).</p>
1764
+ */
1765
+ EventDataStoreArn?: string;
1766
+ /**
1767
+ * <p>The name of the event data store.</p>
1768
+ */
1769
+ Name?: string;
1770
+ /**
1771
+ * <p>The status of an event data store. Values can be <code>ENABLED</code> and <code>PENDING_DELETION</code>.</p>
1772
+ */
1773
+ Status?: EventDataStoreStatus | string;
1774
+ /**
1775
+ * <p>The advanced event selectors used to select events for the data store.</p>
1776
+ */
1777
+ AdvancedEventSelectors?: AdvancedEventSelector[];
1778
+ /**
1779
+ * <p>Indicates whether the event data store includes events from all regions, or only from the region in which it was created.</p>
1780
+ */
1781
+ MultiRegionEnabled?: boolean;
1782
+ /**
1783
+ * <p>Indicates whether an event data store is collecting logged events for an organization in Organizations.</p>
1784
+ */
1785
+ OrganizationEnabled?: boolean;
1786
+ /**
1787
+ * <p>The retention period of the event data store, in days.</p>
1788
+ */
1789
+ RetentionPeriod?: number;
1790
+ /**
1791
+ * <p>Indicates that termination protection is enabled.</p>
1792
+ */
1793
+ TerminationProtectionEnabled?: boolean;
1794
+ /**
1795
+ * <p>The timestamp of the event data store's creation.</p>
1796
+ */
1797
+ CreatedTimestamp?: Date;
1798
+ /**
1799
+ * <p>Shows the time that an event data store was updated, if applicable. <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in <code>CreatedTimestamp</code>.</p>
1800
+ */
1801
+ UpdatedTimestamp?: Date;
1802
+ }
1803
+ export declare namespace GetEventDataStoreResponse {
1804
+ /**
1805
+ * @internal
1806
+ */
1807
+ const filterSensitiveLog: (obj: GetEventDataStoreResponse) => any;
1808
+ }
1307
1809
  export interface GetEventSelectorsRequest {
1308
1810
  /**
1309
1811
  * <p>Specifies the name of the trail or trail ARN. If you specify a trail name, the
@@ -1396,12 +1898,60 @@ export declare namespace GetEventSelectorsRequest {
1396
1898
  export interface DataResource {
1397
1899
  /**
1398
1900
  * <p>The resource type in which you want to log data events. You can specify
1399
- * <code>AWS::S3::Object</code>, <code>AWS::Lambda::Function</code>, or
1400
- * <code>AWS::DynamoDB::Table</code> resources.</p>
1401
- * <p>The <code>AWS::S3Outposts::Object</code>, <code>AWS::ManagedBlockchain::Node</code>,
1402
- * <code>AWS::S3ObjectLambda::AccessPoint</code>, and <code>AWS::EC2::Snapshot</code> resource types are not valid in basic
1403
- * event selectors. To log data events on these resource types, use advanced event
1404
- * selectors.</p>
1901
+ * the following <i>basic</i> event selector resource types:</p>
1902
+ * <ul>
1903
+ * <li>
1904
+ * <p>
1905
+ * <code>AWS::S3::Object</code>
1906
+ * </p>
1907
+ * </li>
1908
+ * <li>
1909
+ * <p>
1910
+ * <code>AWS::Lambda::Function</code>
1911
+ * </p>
1912
+ * </li>
1913
+ * <li>
1914
+ * <p>
1915
+ * <code>AWS::DynamoDB::Table</code>
1916
+ * </p>
1917
+ * </li>
1918
+ * </ul>
1919
+ * <p>The following resource types are also availble through <i>advanced</i> event selectors.
1920
+ * Basic event selector resource types are valid in advanced event selectors, but
1921
+ * advanced event selector resource types are not valid in basic event selectors.
1922
+ * For more information, see <a>AdvancedFieldSelector$Field</a>.</p>
1923
+ * <ul>
1924
+ * <li>
1925
+ * <p>
1926
+ * <code>AWS::S3Outposts::Object</code>
1927
+ * </p>
1928
+ * </li>
1929
+ * <li>
1930
+ * <p>
1931
+ * <code>AWS::ManagedBlockchain::Node</code>
1932
+ * </p>
1933
+ * </li>
1934
+ * <li>
1935
+ * <p>
1936
+ * <code>AWS::S3ObjectLambda::AccessPoint</code>
1937
+ * </p>
1938
+ * </li>
1939
+ * <li>
1940
+ * <p>
1941
+ * <code>AWS::EC2::Snapshot</code>
1942
+ * </p>
1943
+ * </li>
1944
+ * <li>
1945
+ * <p>
1946
+ * <code>AWS::S3::AccessPoint</code>
1947
+ * </p>
1948
+ * </li>
1949
+ * <li>
1950
+ * <p>
1951
+ * <code>AWS::DynamoDB::Stream</code>
1952
+ * </p>
1953
+ * </li>
1954
+ * </ul>
1405
1955
  */
1406
1956
  Type?: string;
1407
1957
  /**
@@ -1573,14 +2123,15 @@ export declare namespace GetInsightSelectorsRequest {
1573
2123
  const filterSensitiveLog: (obj: GetInsightSelectorsRequest) => any;
1574
2124
  }
1575
2125
  export declare enum InsightType {
1576
- ApiCallRateInsight = "ApiCallRateInsight"
2126
+ ApiCallRateInsight = "ApiCallRateInsight",
2127
+ ApiErrorRateInsight = "ApiErrorRateInsight"
1577
2128
  }
1578
2129
  /**
1579
2130
  * <p>A JSON string that contains a list of insight types that are logged on a trail.</p>
1580
2131
  */
1581
2132
  export interface InsightSelector {
1582
2133
  /**
1583
- * <p>The type of Insights events to log on a trail. The valid Insights type in this release is <code>ApiCallRateInsight</code>.</p>
2134
+ * <p>The type of insights to log on a trail. <code>ApiCallRateInsight</code> and <code>ApiErrorRateInsight</code> are valid insight types.</p>
1584
2135
  */
1585
2136
  InsightType?: InsightType | string;
1586
2137
  }
@@ -1596,7 +2147,8 @@ export interface GetInsightSelectorsResponse {
1596
2147
  */
1597
2148
  TrailARN?: string;
1598
2149
  /**
1599
- * <p>A JSON string that contains the insight types you want to log on a trail. In this release, only <code>ApiCallRateInsight</code> is supported as an insight type.</p>
2150
+ * <p>A JSON string that contains the insight types you want to log on a trail. In this release, <code>ApiErrorRateInsight</code> and
2151
+ * <code>ApiCallRateInsight</code> are supported as insight types.</p>
1600
2152
  */
1601
2153
  InsightSelectors?: InsightSelector[];
1602
2154
  }
@@ -1623,6 +2175,114 @@ export declare namespace InsightNotEnabledException {
1623
2175
  */
1624
2176
  const filterSensitiveLog: (obj: InsightNotEnabledException) => any;
1625
2177
  }
2178
+ export interface GetQueryResultsRequest {
2179
+ /**
2180
+ * <p>The ARN (or ID suffix of the ARN) of the event data store against which the query was run.</p>
2181
+ */
2182
+ EventDataStore: string | undefined;
2183
+ /**
2184
+ * <p>The ID of the query for which you want to get results.</p>
2185
+ */
2186
+ QueryId: string | undefined;
2187
+ /**
2188
+ * <p>A token you can use to get the next page of query results.</p>
2189
+ */
2190
+ NextToken?: string;
2191
+ /**
2192
+ * <p>The maximum number of query results to display on a single page.</p>
2193
+ */
2194
+ MaxQueryResults?: number;
2195
+ }
2196
+ export declare namespace GetQueryResultsRequest {
2197
+ /**
2198
+ * @internal
2199
+ */
2200
+ const filterSensitiveLog: (obj: GetQueryResultsRequest) => any;
2201
+ }
2202
+ /**
2203
+ * <p>Metadata about a query, such as the number of results.</p>
2204
+ */
2205
+ export interface QueryStatistics {
2206
+ /**
2207
+ * <p>The number of results returned.</p>
2208
+ */
2209
+ ResultsCount?: number;
2210
+ /**
2211
+ * <p>The total number of results returned by a query.</p>
2212
+ */
2213
+ TotalResultsCount?: number;
2214
+ }
2215
+ export declare namespace QueryStatistics {
2216
+ /**
2217
+ * @internal
2218
+ */
2219
+ const filterSensitiveLog: (obj: QueryStatistics) => any;
2220
+ }
2221
+ export interface GetQueryResultsResponse {
2222
+ /**
2223
+ * <p>The status of the query. Values include <code>QUEUED</code>, <code>RUNNING</code>, <code>FINISHED</code>, <code>FAILED</code>,
2224
+ * or <code>CANCELLED</code>.</p>
2225
+ */
2226
+ QueryStatus?: QueryStatus | string;
2227
+ /**
2228
+ * <p>Shows the count of query results.</p>
2229
+ */
2230
+ QueryStatistics?: QueryStatistics;
2231
+ /**
2232
+ * <p>Contains the individual event results of the query.</p>
2233
+ */
2234
+ QueryResultRows?: {
2235
+ [key: string]: string;
2236
+ }[][];
2237
+ /**
2238
+ * <p>A token you can use to get the next page of query results.</p>
2239
+ */
2240
+ NextToken?: string;
2241
+ /**
2242
+ * <p>The error message returned if a query failed.</p>
2243
+ */
2244
+ ErrorMessage?: string;
2245
+ }
2246
+ export declare namespace GetQueryResultsResponse {
2247
+ /**
2248
+ * @internal
2249
+ */
2250
+ const filterSensitiveLog: (obj: GetQueryResultsResponse) => any;
2251
+ }
2252
+ /**
2253
+ * <p>This exception is thrown if the limit specified is not valid.</p>
2254
+ */
2255
+ export interface InvalidMaxResultsException extends __SmithyException, $MetadataBearer {
2256
+ name: "InvalidMaxResultsException";
2257
+ $fault: "client";
2258
+ /**
2259
+ * <p>Brief description of the exception returned by the request.</p>
2260
+ */
2261
+ Message?: string;
2262
+ }
2263
+ export declare namespace InvalidMaxResultsException {
2264
+ /**
2265
+ * @internal
2266
+ */
2267
+ const filterSensitiveLog: (obj: InvalidMaxResultsException) => any;
2268
+ }
2269
+ /**
2270
+ * <p>A token that is not valid, or a token that was previously used in a request with different parameters. This exception is thrown if the token is not valid.</p>
2271
+ */
2272
+ export interface InvalidNextTokenException extends __SmithyException, $MetadataBearer {
2273
+ name: "InvalidNextTokenException";
2274
+ $fault: "client";
2275
+ /**
2276
+ * <p>Brief description of the exception returned by the request.</p>
2277
+ */
2278
+ Message?: string;
2279
+ }
2280
+ export declare namespace InvalidNextTokenException {
2281
+ /**
2282
+ * @internal
2283
+ */
2284
+ const filterSensitiveLog: (obj: InvalidNextTokenException) => any;
2285
+ }
1626
2286
  export interface GetTrailRequest {
1627
2287
  /**
1628
2288
  * <p>The name or the Amazon Resource Name (ARN) of the trail for which you want to retrieve settings information.</p>
@@ -1731,37 +2391,123 @@ export interface GetTrailStatusResponse {
1731
2391
  * CloudTrail can again write to the bucket.</p>
1732
2392
  * </note>
1733
2393
  */
1734
- LatestDigestDeliveryError?: string;
2394
+ LatestDigestDeliveryError?: string;
2395
+ /**
2396
+ * <p>This field is no longer in use.</p>
2397
+ */
2398
+ LatestDeliveryAttemptTime?: string;
2399
+ /**
2400
+ * <p>This field is no longer in use.</p>
2401
+ */
2402
+ LatestNotificationAttemptTime?: string;
2403
+ /**
2404
+ * <p>This field is no longer in use.</p>
2405
+ */
2406
+ LatestNotificationAttemptSucceeded?: string;
2407
+ /**
2408
+ * <p>This field is no longer in use.</p>
2409
+ */
2410
+ LatestDeliveryAttemptSucceeded?: string;
2411
+ /**
2412
+ * <p>This field is no longer in use.</p>
2413
+ */
2414
+ TimeLoggingStarted?: string;
2415
+ /**
2416
+ * <p>This field is no longer in use.</p>
2417
+ */
2418
+ TimeLoggingStopped?: string;
2419
+ }
2420
+ export declare namespace GetTrailStatusResponse {
2421
+ /**
2422
+ * @internal
2423
+ */
2424
+ const filterSensitiveLog: (obj: GetTrailStatusResponse) => any;
2425
+ }
2426
+ export interface ListEventDataStoresRequest {
2427
+ /**
2428
+ * <p>A token you can use to get the next page of event data store results.</p>
2429
+ */
2430
+ NextToken?: string;
2431
+ /**
2432
+ * <p>The maximum number of event data stores to display on a single page.</p>
2433
+ */
2434
+ MaxResults?: number;
2435
+ }
2436
+ export declare namespace ListEventDataStoresRequest {
2437
+ /**
2438
+ * @internal
2439
+ */
2440
+ const filterSensitiveLog: (obj: ListEventDataStoresRequest) => any;
2441
+ }
2442
+ /**
2443
+ * <p>A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events
2444
+ * that you have logged on your account from the last 90 to 2555 days
2445
+ * (about three months to up to seven years). To select events for an event data store,
2446
+ * use <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced">advanced event selectors</a>.</p>
2447
+ */
2448
+ export interface EventDataStore {
2449
+ /**
2450
+ * <p>The ARN of the event data store.</p>
2451
+ */
2452
+ EventDataStoreArn?: string;
2453
+ /**
2454
+ * <p>The name of the event data store.</p>
2455
+ */
2456
+ Name?: string;
2457
+ /**
2458
+ * <p>Indicates whether the event data store is protected from termination.</p>
2459
+ */
2460
+ TerminationProtectionEnabled?: boolean;
2461
+ /**
2462
+ * <p>The status of an event data store. Values are <code>ENABLED</code> and <code>PENDING_DELETION</code>.</p>
2463
+ */
2464
+ Status?: EventDataStoreStatus | string;
2465
+ /**
2466
+ * <p>The advanced event selectors that were used to select events for the data store.</p>
2467
+ */
2468
+ AdvancedEventSelectors?: AdvancedEventSelector[];
2469
+ /**
2470
+ * <p>Indicates whether the event data store includes events from all regions, or only from the region in which it was created.</p>
2471
+ */
2472
+ MultiRegionEnabled?: boolean;
1735
2473
  /**
1736
- * <p>This field is no longer in use.</p>
2474
+ * <p>Indicates that an event data store is collecting logged events for an organization.</p>
1737
2475
  */
1738
- LatestDeliveryAttemptTime?: string;
2476
+ OrganizationEnabled?: boolean;
1739
2477
  /**
1740
- * <p>This field is no longer in use.</p>
2478
+ * <p>The retention period, in days.</p>
1741
2479
  */
1742
- LatestNotificationAttemptTime?: string;
2480
+ RetentionPeriod?: number;
1743
2481
  /**
1744
- * <p>This field is no longer in use.</p>
2482
+ * <p>The timestamp of the event data store's creation.</p>
1745
2483
  */
1746
- LatestNotificationAttemptSucceeded?: string;
2484
+ CreatedTimestamp?: Date;
1747
2485
  /**
1748
- * <p>This field is no longer in use.</p>
2486
+ * <p>The timestamp showing when an event data store was updated, if applicable. <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in <code>CreatedTimestamp</code>.</p>
1749
2487
  */
1750
- LatestDeliveryAttemptSucceeded?: string;
2488
+ UpdatedTimestamp?: Date;
2489
+ }
2490
+ export declare namespace EventDataStore {
1751
2491
  /**
1752
- * <p>This field is no longer in use.</p>
2492
+ * @internal
1753
2493
  */
1754
- TimeLoggingStarted?: string;
2494
+ const filterSensitiveLog: (obj: EventDataStore) => any;
2495
+ }
2496
+ export interface ListEventDataStoresResponse {
1755
2497
  /**
1756
- * <p>This field is no longer in use.</p>
2498
+ * <p>Contains information about event data stores in the account, in the current region.</p>
1757
2499
  */
1758
- TimeLoggingStopped?: string;
2500
+ EventDataStores?: EventDataStore[];
2501
+ /**
2502
+ * <p>A token you can use to get the next page of results.</p>
2503
+ */
2504
+ NextToken?: string;
1759
2505
  }
1760
- export declare namespace GetTrailStatusResponse {
2506
+ export declare namespace ListEventDataStoresResponse {
1761
2507
  /**
1762
2508
  * @internal
1763
2509
  */
1764
- const filterSensitiveLog: (obj: GetTrailStatusResponse) => any;
2510
+ const filterSensitiveLog: (obj: ListEventDataStoresResponse) => any;
1765
2511
  }
1766
2512
  /**
1767
2513
  * <p>Occurs if the timestamp values are not valid. Either the start time occurs after the end time, or the time range is outside the range of possible values.</p>
@@ -1871,6 +2617,117 @@ export declare namespace ListPublicKeysResponse {
1871
2617
  */
1872
2618
  const filterSensitiveLog: (obj: ListPublicKeysResponse) => any;
1873
2619
  }
2620
+ /**
2621
+ * <p>A date range for the query was specified that is not valid. For more information
2622
+ * about writing a query, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html">Create
2623
+ * or edit a query</a> in the <i>CloudTrail User Guide</i>.</p>
2624
+ */
2625
+ export interface InvalidDateRangeException extends __SmithyException, $MetadataBearer {
2626
+ name: "InvalidDateRangeException";
2627
+ $fault: "client";
2628
+ /**
2629
+ * <p>Brief description of the exception returned by the request.</p>
2630
+ */
2631
+ Message?: string;
2632
+ }
2633
+ export declare namespace InvalidDateRangeException {
2634
+ /**
2635
+ * @internal
2636
+ */
2637
+ const filterSensitiveLog: (obj: InvalidDateRangeException) => any;
2638
+ }
2639
+ /**
2640
+ * <p>The query status is not valid for the operation.</p>
2641
+ */
2642
+ export interface InvalidQueryStatusException extends __SmithyException, $MetadataBearer {
2643
+ name: "InvalidQueryStatusException";
2644
+ $fault: "client";
2645
+ /**
2646
+ * <p>Brief description of the exception returned by the request.</p>
2647
+ */
2648
+ Message?: string;
2649
+ }
2650
+ export declare namespace InvalidQueryStatusException {
2651
+ /**
2652
+ * @internal
2653
+ */
2654
+ const filterSensitiveLog: (obj: InvalidQueryStatusException) => any;
2655
+ }
2656
+ export interface ListQueriesRequest {
2657
+ /**
2658
+ * <p>The ARN (or the ID suffix of the ARN) of an event data store on which queries were run.</p>
2659
+ */
2660
+ EventDataStore: string | undefined;
2661
+ /**
2662
+ * <p>A token you can use to get the next page of results.</p>
2663
+ */
2664
+ NextToken?: string;
2665
+ /**
2666
+ * <p>The maximum number of queries to show on a page.</p>
2667
+ */
2668
+ MaxResults?: number;
2669
+ /**
2670
+ * <p>Use with <code>EndTime</code> to bound a <code>ListQueries</code> request, and limit its results to only those queries run
2671
+ * within a specified time period.</p>
2672
+ */
2673
+ StartTime?: Date;
2674
+ /**
2675
+ * <p>Use with <code>StartTime</code> to bound a <code>ListQueries</code> request, and limit its results to only those queries run
2676
+ * within a specified time period.</p>
2677
+ */
2678
+ EndTime?: Date;
2679
+ /**
2680
+ * <p>The status of queries that you want to return in results. Valid values for <code>QueryStatus</code> include <code>QUEUED</code>, <code>RUNNING</code>,
2681
+ * <code>FINISHED</code>, <code>FAILED</code>, or <code>CANCELLED</code>.</p>
2682
+ */
2683
+ QueryStatus?: QueryStatus | string;
2684
+ }
2685
+ export declare namespace ListQueriesRequest {
2686
+ /**
2687
+ * @internal
2688
+ */
2689
+ const filterSensitiveLog: (obj: ListQueriesRequest) => any;
2690
+ }
2691
+ /**
2692
+ * <p>A SQL string of criteria about events that you want to collect in an event data store.</p>
2693
+ */
2694
+ export interface Query {
2695
+ /**
2696
+ * <p>The ID of a query.</p>
2697
+ */
2698
+ QueryId?: string;
2699
+ /**
2700
+ * <p>The status of the query. This can be <code>QUEUED</code>, <code>RUNNING</code>, <code>FINISHED</code>, <code>FAILED</code>,
2701
+ * or <code>CANCELLED</code>.</p>
2702
+ */
2703
+ QueryStatus?: QueryStatus | string;
2704
+ /**
2705
+ * <p>The creation time of a query.</p>
2706
+ */
2707
+ CreationTime?: Date;
2708
+ }
2709
+ export declare namespace Query {
2710
+ /**
2711
+ * @internal
2712
+ */
2713
+ const filterSensitiveLog: (obj: Query) => any;
2714
+ }
2715
+ export interface ListQueriesResponse {
2716
+ /**
2717
+ * <p>Lists matching query results, and shows query ID, status, and creation time of each query.</p>
2718
+ */
2719
+ Queries?: Query[];
2720
+ /**
2721
+ * <p>A token you can use to get the next page of results.</p>
2722
+ */
2723
+ NextToken?: string;
2724
+ }
2725
+ export declare namespace ListQueriesResponse {
2726
+ /**
2727
+ * @internal
2728
+ */
2729
+ const filterSensitiveLog: (obj: ListQueriesResponse) => any;
2730
+ }
1874
2731
  /**
1875
2732
  * <p>Specifies a list of trail tags to return.</p>
1876
2733
  */
@@ -2023,40 +2880,6 @@ export declare namespace InvalidLookupAttributesException {
2023
2880
  */
2024
2881
  const filterSensitiveLog: (obj: InvalidLookupAttributesException) => any;
2025
2882
  }
2026
- /**
2027
- * <p>This exception is thrown if the limit specified is not valid.</p>
2028
- */
2029
- export interface InvalidMaxResultsException extends __SmithyException, $MetadataBearer {
2030
- name: "InvalidMaxResultsException";
2031
- $fault: "client";
2032
- /**
2033
- * <p>Brief description of the exception returned by the request.</p>
2034
- */
2035
- Message?: string;
2036
- }
2037
- export declare namespace InvalidMaxResultsException {
2038
- /**
2039
- * @internal
2040
- */
2041
- const filterSensitiveLog: (obj: InvalidMaxResultsException) => any;
2042
- }
2043
- /**
2044
- * <p>A token that is not valid, or a token that was previously used in a request with different parameters. This exception is thrown if the token is not valid.</p>
2045
- */
2046
- export interface InvalidNextTokenException extends __SmithyException, $MetadataBearer {
2047
- name: "InvalidNextTokenException";
2048
- $fault: "client";
2049
- /**
2050
- * <p>Brief description of the exception returned by the request.</p>
2051
- */
2052
- Message?: string;
2053
- }
2054
- export declare namespace InvalidNextTokenException {
2055
- /**
2056
- * @internal
2057
- */
2058
- const filterSensitiveLog: (obj: InvalidNextTokenException) => any;
2059
- }
2060
2883
  export declare enum EventCategory {
2061
2884
  Insight = "insight"
2062
2885
  }
@@ -2357,7 +3180,7 @@ export interface PutInsightSelectorsRequest {
2357
3180
  */
2358
3181
  TrailName: string | undefined;
2359
3182
  /**
2360
- * <p>A JSON string that contains the Insights types that you want to log on a trail. The valid Insights type in this release is <code>ApiCallRateInsight</code>.</p>
3183
+ * <p>A JSON string that contains the insight types you want to log on a trail. <code>ApiCallRateInsight</code> and <code>ApiErrorRateInsight</code> are valid insight types.</p>
2361
3184
  */
2362
3185
  InsightSelectors: InsightSelector[] | undefined;
2363
3186
  }
@@ -2373,7 +3196,8 @@ export interface PutInsightSelectorsResponse {
2373
3196
  */
2374
3197
  TrailARN?: string;
2375
3198
  /**
2376
- * <p>A JSON string that contains the Insights event types that you want to log on a trail. The valid Insights type in this release is <code>ApiCallRateInsight</code>.</p>
3199
+ * <p>A JSON string that contains the Insights event types that you want to log on a trail. The valid Insights types in this release are
3200
+ * <code>ApiErrorRateInsight</code> and <code>ApiCallRateInsight</code>.</p>
2377
3201
  */
2378
3202
  InsightSelectors?: InsightSelector[];
2379
3203
  }
@@ -2397,7 +3221,7 @@ export interface RemoveTagsRequest {
2397
3221
  /**
2398
3222
  * <p>Specifies a list of tags to be removed.</p>
2399
3223
  */
2400
- TagsList?: Tag[];
3224
+ TagsList: Tag[] | undefined;
2401
3225
  }
2402
3226
  export declare namespace RemoveTagsRequest {
2403
3227
  /**
@@ -2416,6 +3240,85 @@ export declare namespace RemoveTagsResponse {
2416
3240
  */
2417
3241
  const filterSensitiveLog: (obj: RemoveTagsResponse) => any;
2418
3242
  }
3243
+ /**
3244
+ * <p>The event data store is not in a status that supports the operation.</p>
3245
+ */
3246
+ export interface InvalidEventDataStoreStatusException extends __SmithyException, $MetadataBearer {
3247
+ name: "InvalidEventDataStoreStatusException";
3248
+ $fault: "client";
3249
+ /**
3250
+ * <p>Brief description of the exception returned by the request.</p>
3251
+ */
3252
+ Message?: string;
3253
+ }
3254
+ export declare namespace InvalidEventDataStoreStatusException {
3255
+ /**
3256
+ * @internal
3257
+ */
3258
+ const filterSensitiveLog: (obj: InvalidEventDataStoreStatusException) => any;
3259
+ }
3260
+ export interface RestoreEventDataStoreRequest {
3261
+ /**
3262
+ * <p>The ARN (or the ID suffix of the ARN) of the event data store that you want to restore.</p>
3263
+ */
3264
+ EventDataStore: string | undefined;
3265
+ }
3266
+ export declare namespace RestoreEventDataStoreRequest {
3267
+ /**
3268
+ * @internal
3269
+ */
3270
+ const filterSensitiveLog: (obj: RestoreEventDataStoreRequest) => any;
3271
+ }
3272
+ export interface RestoreEventDataStoreResponse {
3273
+ /**
3274
+ * <p>The event data store ARN.</p>
3275
+ */
3276
+ EventDataStoreArn?: string;
3277
+ /**
3278
+ * <p>The name of the event data store.</p>
3279
+ */
3280
+ Name?: string;
3281
+ /**
3282
+ * <p>The status of the event data store.</p>
3283
+ */
3284
+ Status?: EventDataStoreStatus | string;
3285
+ /**
3286
+ * <p>The advanced event selectors that were used to select events.</p>
3287
+ */
3288
+ AdvancedEventSelectors?: AdvancedEventSelector[];
3289
+ /**
3290
+ * <p>Indicates whether the event data store is collecting events from all regions, or only from the region in which the event data
3291
+ * store was created.</p>
3292
+ */
3293
+ MultiRegionEnabled?: boolean;
3294
+ /**
3295
+ * <p>Indicates whether an event data store is collecting logged events for an organization in Organizations.</p>
3296
+ */
3297
+ OrganizationEnabled?: boolean;
3298
+ /**
3299
+ * <p>The retention period, in days.</p>
3300
+ */
3301
+ RetentionPeriod?: number;
3302
+ /**
3303
+ * <p>Indicates that termination protection is enabled and the event data store cannot be automatically deleted.</p>
3304
+ */
3305
+ TerminationProtectionEnabled?: boolean;
3306
+ /**
3307
+ * <p>The timestamp of an event data store's creation.</p>
3308
+ */
3309
+ CreatedTimestamp?: Date;
3310
+ /**
3311
+ * <p>The timestamp that shows when an event data store was updated, if applicable.
3312
+ * <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in <code>CreatedTimestamp</code>.</p>
3313
+ */
3314
+ UpdatedTimestamp?: Date;
3315
+ }
3316
+ export declare namespace RestoreEventDataStoreResponse {
3317
+ /**
3318
+ * @internal
3319
+ */
3320
+ const filterSensitiveLog: (obj: RestoreEventDataStoreResponse) => any;
3321
+ }
2419
3322
  /**
2420
3323
  * <p>The request to CloudTrail to start logging Amazon Web Services API calls for an account.</p>
2421
3324
  */
@@ -2446,6 +3349,67 @@ export declare namespace StartLoggingResponse {
2446
3349
  */
2447
3350
  const filterSensitiveLog: (obj: StartLoggingResponse) => any;
2448
3351
  }
3352
+ /**
3353
+ * <p>The query that was submitted has validation errors, or uses incorrect syntax or unsupported keywords. For more information
3354
+ * about writing a query, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html">Create
3355
+ * or edit a query</a> in the <i>CloudTrail User Guide</i>.</p>
3356
+ */
3357
+ export interface InvalidQueryStatementException extends __SmithyException, $MetadataBearer {
3358
+ name: "InvalidQueryStatementException";
3359
+ $fault: "client";
3360
+ /**
3361
+ * <p>Brief description of the exception returned by the request.</p>
3362
+ */
3363
+ Message?: string;
3364
+ }
3365
+ export declare namespace InvalidQueryStatementException {
3366
+ /**
3367
+ * @internal
3368
+ */
3369
+ const filterSensitiveLog: (obj: InvalidQueryStatementException) => any;
3370
+ }
3371
+ /**
3372
+ * <p>You are already running the maximum number of concurrent queries. Wait a minute for some queries to finish, and then
3373
+ * run the query again.</p>
3374
+ */
3375
+ export interface MaxConcurrentQueriesException extends __SmithyException, $MetadataBearer {
3376
+ name: "MaxConcurrentQueriesException";
3377
+ $fault: "client";
3378
+ /**
3379
+ * <p>Brief description of the exception returned by the request.</p>
3380
+ */
3381
+ Message?: string;
3382
+ }
3383
+ export declare namespace MaxConcurrentQueriesException {
3384
+ /**
3385
+ * @internal
3386
+ */
3387
+ const filterSensitiveLog: (obj: MaxConcurrentQueriesException) => any;
3388
+ }
3389
+ export interface StartQueryRequest {
3390
+ /**
3391
+ * <p>The SQL code of your query.</p>
3392
+ */
3393
+ QueryStatement: string | undefined;
3394
+ }
3395
+ export declare namespace StartQueryRequest {
3396
+ /**
3397
+ * @internal
3398
+ */
3399
+ const filterSensitiveLog: (obj: StartQueryRequest) => any;
3400
+ }
3401
+ export interface StartQueryResponse {
3402
+ /**
3403
+ * <p>The ID of the started query.</p>
3404
+ */
3405
+ QueryId?: string;
3406
+ }
3407
+ export declare namespace StartQueryResponse {
3408
+ /**
3409
+ * @internal
3410
+ */
3411
+ const filterSensitiveLog: (obj: StartQueryResponse) => any;
3412
+ }
2449
3413
  /**
2450
3414
  * <p>Passes the request to CloudTrail to stop logging Amazon Web Services API calls for the specified account.</p>
2451
3415
  */
@@ -2476,6 +3440,90 @@ export declare namespace StopLoggingResponse {
2476
3440
  */
2477
3441
  const filterSensitiveLog: (obj: StopLoggingResponse) => any;
2478
3442
  }
3443
+ export interface UpdateEventDataStoreRequest {
3444
+ /**
3445
+ * <p>The ARN (or the ID suffix of the ARN) of the event data store that you want to update.</p>
3446
+ */
3447
+ EventDataStore: string | undefined;
3448
+ /**
3449
+ * <p>The event data store name.</p>
3450
+ */
3451
+ Name?: string;
3452
+ /**
3453
+ * <p>The advanced event selectors used to select events for the event data store.</p>
3454
+ */
3455
+ AdvancedEventSelectors?: AdvancedEventSelector[];
3456
+ /**
3457
+ * <p>Specifies whether an event data store collects events from all regions, or only from the region in which it was created.</p>
3458
+ */
3459
+ MultiRegionEnabled?: boolean;
3460
+ /**
3461
+ * <p>Specifies whether an event data store collects events logged for an organization in Organizations.</p>
3462
+ */
3463
+ OrganizationEnabled?: boolean;
3464
+ /**
3465
+ * <p>The retention period, in days.</p>
3466
+ */
3467
+ RetentionPeriod?: number;
3468
+ /**
3469
+ * <p>Indicates that termination protection is enabled and the event data store cannot be automatically deleted.</p>
3470
+ */
3471
+ TerminationProtectionEnabled?: boolean;
3472
+ }
3473
+ export declare namespace UpdateEventDataStoreRequest {
3474
+ /**
3475
+ * @internal
3476
+ */
3477
+ const filterSensitiveLog: (obj: UpdateEventDataStoreRequest) => any;
3478
+ }
3479
+ export interface UpdateEventDataStoreResponse {
3480
+ /**
3481
+ * <p>The ARN of the event data store.</p>
3482
+ */
3483
+ EventDataStoreArn?: string;
3484
+ /**
3485
+ * <p>The name of the event data store.</p>
3486
+ */
3487
+ Name?: string;
3488
+ /**
3489
+ * <p>The status of an event data store. Values can be <code>ENABLED</code> and <code>PENDING_DELETION</code>.</p>
3490
+ */
3491
+ Status?: EventDataStoreStatus | string;
3492
+ /**
3493
+ * <p>The advanced event selectors that are applied to the event data store.</p>
3494
+ */
3495
+ AdvancedEventSelectors?: AdvancedEventSelector[];
3496
+ /**
3497
+ * <p>Indicates whether the event data store includes events from all regions, or only from the region in which it was created.</p>
3498
+ */
3499
+ MultiRegionEnabled?: boolean;
3500
+ /**
3501
+ * <p>Indicates whether an event data store is collecting logged events for an organization in Organizations.</p>
3502
+ */
3503
+ OrganizationEnabled?: boolean;
3504
+ /**
3505
+ * <p>The retention period, in days.</p>
3506
+ */
3507
+ RetentionPeriod?: number;
3508
+ /**
3509
+ * <p>Indicates whether termination protection is enabled for the event data store.</p>
3510
+ */
3511
+ TerminationProtectionEnabled?: boolean;
3512
+ /**
3513
+ * <p>The timestamp that shows when an event data store was first created.</p>
3514
+ */
3515
+ CreatedTimestamp?: Date;
3516
+ /**
3517
+ * <p>The timestamp that shows when the event data store was last updated. <code>UpdatedTimestamp</code> is always either the same or newer than the time shown in <code>CreatedTimestamp</code>.</p>
3518
+ */
3519
+ UpdatedTimestamp?: Date;
3520
+ }
3521
+ export declare namespace UpdateEventDataStoreResponse {
3522
+ /**
3523
+ * @internal
3524
+ */
3525
+ const filterSensitiveLog: (obj: UpdateEventDataStoreResponse) => any;
3526
+ }
2479
3527
  /**
2480
3528
  * <p>Specifies settings to update for the trail.</p>
2481
3529
  */