@aws-sdk/client-securitylake 3.341.0 → 3.342.0

package/dist-types/models/models_0.d.ts

@@ -33,184 +33,81 @@ export declare const AccessType: {
 export type AccessType = (typeof AccessType)[keyof typeof AccessType];
 /**
  * @public
- * <p>Amazon Security Lake cannot find an Amazon Web Services account with the accountID that you
- *          specified, or the account whose credentials you used to make this request isn't a member of
- *          an organization.</p>
+ * <p>The AWS identity.</p>
  */
-export declare class AccountNotFoundException extends __BaseException {
-    readonly name: "AccountNotFoundException";
-    readonly $fault: "client";
+export interface AwsIdentity {
     /**
-     * @internal
+     * <p>The AWS identity principal.</p>
+     */
+    principal: string | undefined;
+    /**
+     * <p>The external ID used to estalish trust relationship with the AWS identity.</p>
      */
-    constructor(opts: __ExceptionOptionType<AccountNotFoundException, __BaseException>);
+    externalId: string | undefined;
 }
 /**
  * @public
  * @enum
  */
-export declare const OcsfEventClass: {
-    readonly ACCESS_ACTIVITY: "ACCESS_ACTIVITY";
-    readonly ACCOUNT_CHANGE: "ACCOUNT_CHANGE";
-    readonly AUTHENTICATION: "AUTHENTICATION";
-    readonly AUTHORIZATION: "AUTHORIZATION";
-    readonly CLOUD_API: "CLOUD_API";
-    readonly CLOUD_STORAGE: "CLOUD_STORAGE";
-    readonly CONFIG_STATE: "CONFIG_STATE";
-    readonly CONTAINER_LIFECYCLE: "CONTAINER_LIFECYCLE";
-    readonly DATABASE_LIFECYCLE: "DATABASE_LIFECYCLE";
-    readonly DHCP_ACTIVITY: "DHCP_ACTIVITY";
-    readonly DNS_ACTIVITY: "DNS_ACTIVITY";
-    readonly ENTITY_MANAGEMENT_AUDIT: "ENTITY_MANAGEMENT_AUDIT";
-    readonly FILE_ACTIVITY: "FILE_ACTIVITY";
-    readonly FTP_ACTIVITY: "FTP_ACTIVITY";
-    readonly HTTP_ACTIVITY: "HTTP_ACTIVITY";
-    readonly INVENTORY_INFO: "INVENTORY_INFO";
-    readonly KERNEL_ACTIVITY: "KERNEL_ACTIVITY";
-    readonly KERNEL_EXTENSION: "KERNEL_EXTENSION";
-    readonly MEMORY_ACTIVITY: "MEMORY_ACTIVITY";
-    readonly MODULE_ACTIVITY: "MODULE_ACTIVITY";
-    readonly NETWORK_ACTIVITY: "NETWORK_ACTIVITY";
-    readonly PROCESS_ACTIVITY: "PROCESS_ACTIVITY";
-    readonly RDP_ACTIVITY: "RDP_ACTIVITY";
-    readonly REGISTRY_KEY_ACTIVITY: "REGISTRY_KEY_ACTIVITY";
-    readonly REGISTRY_VALUE_ACTIVITY: "REGISTRY_VALUE_ACTIVITY";
-    readonly RESOURCE_ACTIVITY: "RESOURCE_ACTIVITY";
-    readonly RFB_ACTIVITY: "RFB_ACTIVITY";
-    readonly SCHEDULED_JOB_ACTIVITY: "SCHEDULED_JOB_ACTIVITY";
-    readonly SECURITY_FINDING: "SECURITY_FINDING";
-    readonly SMB_ACTIVITY: "SMB_ACTIVITY";
-    readonly SMTP_ACTIVITY: "SMTP_ACTIVITY";
-    readonly SSH_ACTIVITY: "SSH_ACTIVITY";
-    readonly VIRTUAL_MACHINE_ACTIVITY: "VIRTUAL_MACHINE_ACTIVITY";
-};
-/**
- * @public
- */
-export type OcsfEventClass = (typeof OcsfEventClass)[keyof typeof OcsfEventClass];
-/**
- * @public
- * @enum
- */
-export declare const SourceStatus: {
-    readonly ACTIVE: "ACTIVE";
-    readonly DEACTIVATED: "DEACTIVATED";
-    readonly PENDING: "PENDING";
+export declare const AwsLogSourceName: {
+    readonly CLOUD_TRAIL_MGMT: "CLOUD_TRAIL_MGMT";
+    readonly LAMBDA_EXECUTION: "LAMBDA_EXECUTION";
+    readonly ROUTE53: "ROUTE53";
+    readonly S3_DATA: "S3_DATA";
+    readonly SH_FINDINGS: "SH_FINDINGS";
+    readonly VPC_FLOW: "VPC_FLOW";
 };
 /**
  * @public
  */
-export type SourceStatus = (typeof SourceStatus)[keyof typeof SourceStatus];
-/**
- * @public
- * <p>Retrieves the Logs status for the Amazon Security Lake account.</p>
- */
-export interface LogsStatus {
-    /**
-     * <p>Defines path the stored logs are available which has information on your systems,
-     *          applications, and services. </p>
-     */
-    pathToLogs: string | undefined;
-    /**
-     * <p>The health status of services, including error codes and patterns.</p>
-     */
-    healthStatus: SourceStatus | string | undefined;
-}
+export type AwsLogSourceName = (typeof AwsLogSourceName)[keyof typeof AwsLogSourceName];
 /**
  * @public
- * <p>Amazon Security Lake collects logs and events from supported Amazon Web Services and
- *          custom sources. For the list of supported Amazon Web Services, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html">Amazon Security Lake User Guide</a>.</p>
+ * <p>The Security Lake logs source configuration file describes the information needed to generate Security Lake logs. </p>
  */
-export interface AccountSources {
+export interface AwsLogSourceConfiguration {
     /**
-     * <p>The ID of the Security Lake account for which logs are collected.</p>
+     * <p>Specify the Amazon Web Services account information where you want to enable Security Lake.</p>
      */
-    account: string | undefined;
+    accounts?: string[];
     /**
-     * <p>The supported Amazon Web Services from which logs and events are collected.
-     *          Amazon Security Lake supports log and event collection for natively supported Amazon Web Services. </p>
+     * <p>Specify the Regions where you want to enable Security Lake.</p>
      */
-    sourceType: string | undefined;
+    regions: string[] | undefined;
     /**
-     * <p>The log status for the Security Lake account.</p>
+     * <p>The name for a Amazon Web Services source. This must be a Regionally unique value.</p>
      */
-    logsStatus?: LogsStatus[];
+    sourceName: AwsLogSourceName | string | undefined;
     /**
-     * <p>Initializes a new instance of the Event class.</p>
+     * <p>The version for a Amazon Web Services source. This must be a Regionally unique value.</p>
      */
-    eventClass?: OcsfEventClass | string;
+    sourceVersion?: string;
 }
 /**
  * @public
- * @enum
+ * <p>Amazon Security Lake can collect logs and events from natively-supported Amazon Web Services services.</p>
  */
-export declare const Region: {
-    readonly AP_NORTHEAST_1: "ap-northeast-1";
-    readonly AP_SOUTHEAST_2: "ap-southeast-2";
-    readonly EU_CENTRAL_1: "eu-central-1";
-    readonly EU_WEST_1: "eu-west-1";
-    readonly US_EAST_1: "us-east-1";
-    readonly US_EAST_2: "us-east-2";
-    readonly US_WEST_2: "us-west-2";
-};
-/**
- * @public
- */
-export type Region = (typeof Region)[keyof typeof Region];
-/**
- * @public
- * @enum
- */
-export declare const AwsLogSourceType: {
-    readonly CLOUD_TRAIL: "CLOUD_TRAIL";
-    readonly ROUTE53: "ROUTE53";
-    readonly SH_FINDINGS: "SH_FINDINGS";
-    readonly VPC_FLOW: "VPC_FLOW";
-};
-/**
- * @public
- */
-export type AwsLogSourceType = (typeof AwsLogSourceType)[keyof typeof AwsLogSourceType];
-/**
- * @public
- * <p>Automatically enable new organization accounts as member accounts from an Amazon Security Lake
- *          administrator account.</p>
- */
-export interface AutoEnableNewRegionConfiguration {
+export interface AwsLogSourceResource {
     /**
-     * <p>The Amazon Web Services Regions where Security Lake is automatically enabled.</p>
+     * <p>The name for a Amazon Web Services source. This must be a Regionally unique value.</p>
      */
-    region: Region | string | undefined;
+    sourceName?: AwsLogSourceName | string;
     /**
-     * <p>The Amazon Web Services sources that are automatically enabled in Security Lake.</p>
+     * <p>The version for a Amazon Web Services source. This must be a Regionally unique value.</p>
      */
-    sources: (AwsLogSourceType | string)[] | undefined;
+    sourceVersion?: string;
 }
 /**
  * @public
- * <p>Amazon Security Lake  generally returns 404 errors if the requested object is missing from the
- *          bucket.</p>
+ * <p>The request is malformed or contains an error such as an invalid parameter value or a missing required parameter.</p>
  */
-export declare class BucketNotFoundException extends __BaseException {
-    readonly name: "BucketNotFoundException";
+export declare class BadRequestException extends __BaseException {
+    readonly name: "BadRequestException";
     readonly $fault: "client";
     /**
      * @internal
      */
-    constructor(opts: __ExceptionOptionType<BucketNotFoundException, __BaseException>);
-}
-/**
- * @public
- * <p>More than one process tried to modify a resource at the same time. </p>
- */
-export declare class ConcurrentModificationException extends __BaseException {
-    readonly name: "ConcurrentModificationException";
-    readonly $fault: "client";
-    $retryable: {};
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<ConcurrentModificationException, __BaseException>);
+    constructor(opts: __ExceptionOptionType<BadRequestException, __BaseException>);
 }
 /**
  * @public
@@ -223,88 +120,31 @@ export declare class ConflictException extends __BaseException {
     readonly name: "ConflictException";
     readonly $fault: "client";
     /**
-     * <p>A conflict occurred when prompting for the Resource ID.</p>
+     * <p>The resource name.</p>
      */
-    resourceId: string | undefined;
+    resourceName?: string;
     /**
-     * <p>The resource type. </p>
+     * <p>The resource type.</p>
      */
-    resourceType: string | undefined;
+    resourceType?: string;
     /**
      * @internal
      */
     constructor(opts: __ExceptionOptionType<ConflictException, __BaseException>);
 }
-/**
- * @public
- * <p>There was a conflict when you attempted to modify a Security Lake source name. </p>
- */
-export declare class ConflictSourceNamesException extends __BaseException {
-    readonly name: "ConflictSourceNamesException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<ConflictSourceNamesException, __BaseException>);
-}
-/**
- * @public
- * <p>A conflicting subscription exception operation is in progress. </p>
- */
-export declare class ConflictSubscriptionException extends __BaseException {
-    readonly name: "ConflictSubscriptionException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<ConflictSubscriptionException, __BaseException>);
-}
-/**
- * @public
- * @enum
- */
-export declare const Dimension: {
-    readonly MEMBER: "MEMBER";
-    readonly REGION: "REGION";
-    readonly SOURCE_TYPE: "SOURCE_TYPE";
-};
-/**
- * @public
- */
-export type Dimension = (typeof Dimension)[keyof typeof Dimension];
 /**
  * @public
  */
 export interface CreateAwsLogSourceRequest {
     /**
-     * <p>Specifies the input order to enable dimensions in Security Lake, namely Region, source type,
-     *          and member account.</p>
-     */
-    inputOrder: (Dimension | string)[] | undefined;
-    /**
-     * <p>Enables data collection from specific Amazon Web Services sources in all specific
-     *          accounts and specific Regions.</p>
+     * <p>Specify the natively-supported Amazon Web Services service to add as a source in Security Lake.</p>
      */
-    enableAllDimensions?: Record<string, Record<string, string[]>>;
-    /**
-     * <p>Enables data collection from specific Amazon Web Services sources in specific accounts or
-     *          Regions.</p>
-     */
-    enableTwoDimensions?: Record<string, string[]>;
-    /**
-     * <p>Enables data collection from all Amazon Web Services sources in specific accounts or
-     *          Regions.</p>
-     */
-    enableSingleDimension?: string[];
+    sources: AwsLogSourceConfiguration[] | undefined;
 }
 /**
  * @public
  */
 export interface CreateAwsLogSourceResponse {
-    /**
-     * <p>Lists the accounts that are in the process of enabling a natively supported Amazon Web Service as a Security Lake source.</p>
-     */
-    processing?: string[];
     /**
      * <p>Lists all accounts in which enabling a natively supported Amazon Web Service as
      *          a Security Lake source failed. The failure occurred as these accounts are not part of an
@@ -315,16 +155,12 @@ export interface CreateAwsLogSourceResponse {
 /**
  * @public
  * <p>Internal service exceptions are sometimes caused by transient issues. Before you start
- *          troubleshooting, perform the operation again. </p>
+ *          troubleshooting, perform the operation again.</p>
  */
 export declare class InternalServerException extends __BaseException {
     readonly name: "InternalServerException";
     readonly $fault: "server";
     $retryable: {};
-    /**
-     * <p>Retry the request after the specified time. </p>
-     */
-    retryAfterSeconds?: number;
     /**
      * @internal
      */
@@ -338,13 +174,13 @@ export declare class ResourceNotFoundException extends __BaseException {
     readonly name: "ResourceNotFoundException";
     readonly $fault: "client";
     /**
-     * <p>The ID of the resource for which the type of resource could not be found.</p>
+     * <p>The name of the resource that could not be found.</p>
      */
-    resourceId: string | undefined;
+    resourceName?: string;
     /**
      * <p>The type of the resource that could not be found.</p>
      */
-    resourceType: string | undefined;
+    resourceType?: string;
     /**
      * @internal
      */
@@ -352,183 +188,360 @@ export declare class ResourceNotFoundException extends __BaseException {
 }
 /**
  * @public
- * <p>Provides an extension of the AmazonServiceException for errors reported by Amazon S3 while processing a request. In particular, this class provides access to the
- *             Amazon S3 extended request ID. If Amazon S3 is incorrectly handling a
- *          request and you need to contact Amazon, this extended request ID may provide useful
- *          debugging information. </p>
+ * <p>The limit on the number of requests per second was exceeded.</p>
  */
-export declare class S3Exception extends __BaseException {
-    readonly name: "S3Exception";
+export declare class ThrottlingException extends __BaseException {
+    readonly name: "ThrottlingException";
     readonly $fault: "client";
+    $retryable: {
+        throttling: boolean;
+    };
     /**
-     * @internal
+     * <p>The code for the service in Service Quotas.</p>
      */
-    constructor(opts: __ExceptionOptionType<S3Exception, __BaseException>);
-}
-/**
- * @public
- * <p>The input fails to meet the constraints specified in Amazon Security Lake. </p>
- */
-export interface ValidationExceptionField {
+    serviceCode?: string;
+    /**
+     * <p>That the rate of requests to Security Lake is exceeding the request quotas for your Amazon Web Services account.</p>
+     */
+    quotaCode?: string;
     /**
-     * <p>Name of the validation exception.</p>
+     * <p>Retry the request after the specified time.</p>
      */
-    name: string | undefined;
+    retryAfterSeconds?: number;
     /**
-     * <p>Describes the error encountered.</p>
+     * @internal
      */
-    message: string | undefined;
+    constructor(opts: __ExceptionOptionType<ThrottlingException, __BaseException>);
 }
 /**
  * @public
- * @enum
- */
-export declare const ValidationExceptionReason: {
-    readonly CANNOT_PARSE: "cannotParse";
-    readonly FIELD_VALIDATION_FAILED: "fieldValidationFailed";
-    readonly OTHER: "other";
-    readonly UNKNOWN_OPERATION: "unknownOperation";
-};
-/**
- * @public
+ * <p>The configuration for the Glue Crawler for the third-party custom source.</p>
  */
-export type ValidationExceptionReason = (typeof ValidationExceptionReason)[keyof typeof ValidationExceptionReason];
+export interface CustomLogSourceCrawlerConfiguration {
+    /**
+     * <p>The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role
+     *          to be used by the Glue crawler. The recommended IAM policies
+     *          are:</p>
+     *          <ul>
+     *             <li>
+     *                <p>The managed policy <code>AWSGlueServiceRole</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>A custom policy granting access to your Amazon S3 Data Lake</p>
+     *             </li>
+     *          </ul>
+     */
+    roleArn: string | undefined;
+}
 /**
  * @public
- * <p>Your signing certificate could not be validated. </p>
+ * <p>The configuration for the third-party custom source.</p>
  */
-export declare class ValidationException extends __BaseException {
-    readonly name: "ValidationException";
-    readonly $fault: "client";
-    /**
-     * <p>The reason for the validation exception. </p>
-     */
-    reason: ValidationExceptionReason | string | undefined;
+export interface CustomLogSourceConfiguration {
     /**
-     * <p>The list of parameters that failed to validate. </p>
+     * <p>The configuration for the Glue Crawler for the third-party custom source.</p>
      */
-    fieldList?: ValidationExceptionField[];
+    crawlerConfiguration: CustomLogSourceCrawlerConfiguration | undefined;
     /**
-     * @internal
+     * <p>The identity of the log provider for the third-party custom source.</p>
      */
-    constructor(opts: __ExceptionOptionType<ValidationException, __BaseException>);
+    providerIdentity: AwsIdentity | undefined;
 }
 /**
  * @public
  */
 export interface CreateCustomLogSourceRequest {
     /**
-     * <p>The name for a third-party custom source. This must be a Regionally unique value.</p>
+     * <p>Specify the name for a third-party custom source. This must be a Regionally unique
+     *          value.</p>
      */
-    customSourceName: string | undefined;
+    sourceName: string | undefined;
     /**
-     * <p>The Open Cybersecurity Schema Framework (OCSF) event class which describes the type of
-     *          data that the custom source will send to Security Lake.</p>
+     * <p>Specify the source version for the third-party custom source, to limit log collection to
+     *          a specific version of custom data source.</p>
      */
-    eventClass: OcsfEventClass | string | undefined;
+    sourceVersion?: string;
     /**
-     * <p>The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role
-     *          to be used by the Glue crawler. The recommended IAM policies
-     *          are:</p>
+     * <p>The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of
+     *          data that the custom source will send to Security Lake. The supported event classes are:</p>
      *          <ul>
      *             <li>
-     *                <p>The managed policy <code>AWSGlueServiceRole</code>
+     *                <p>
+     *                   <code>ACCESS_ACTIVITY</code>
      *                </p>
      *             </li>
      *             <li>
-     *                <p>A custom policy granting access to your Amazon S3 Data Lake</p>
+     *                <p>
+     *                   <code>FILE_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>KERNEL_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>KERNEL_EXTENSION</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>MEMORY_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>MODULE_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>PROCESS_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>REGISTRY_KEY_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>REGISTRY_VALUE_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>RESOURCE_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>SCHEDULED_JOB_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>SECURITY_FINDING</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>ACCOUNT_CHANGE</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AUTHENTICATION</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AUTHORIZATION</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>ENTITY_MANAGEMENT_AUDIT</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>DHCP_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>NETWORK_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>DNS_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>FTP_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>HTTP_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>RDP_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>SMB_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>SSH_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>CONFIG_STATE</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>INVENTORY_INFO</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>EMAIL_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>API_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>CLOUD_API</code>
+     *                </p>
      *             </li>
      *          </ul>
      */
-    glueInvocationRoleArn: string | undefined;
+    eventClasses?: string[];
     /**
-     * <p>The Amazon Web Services account ID of the custom source that will write logs and events
-     *          into the Amazon S3 Data Lake.</p>
+     * <p>The configuration for the third-party custom source.</p>
      */
-    logProviderAccountId: string | undefined;
+    configuration?: CustomLogSourceConfiguration;
 }
 /**
  * @public
+ * <p>The attributes of a third-party custom source.</p>
  */
-export interface CreateCustomLogSourceResponse {
+export interface CustomLogSourceAttributes {
     /**
-     * <p>The location of the partition in the Amazon S3 bucket for Security Lake.</p>
+     * <p>The ARN of the Glue crawler.</p>
      */
-    customDataLocation: string | undefined;
+    crawlerArn?: string;
     /**
-     * <p>The name of the Glue crawler.</p>
+     * <p>The ARN of the Glue database where results are written, such as:
+     *          <code>arn:aws:daylight:us-east-1::database/sometable/*</code>.</p>
      */
-    glueCrawlerName: string | undefined;
+    databaseArn?: string;
     /**
-     * <p>The table name of the Glue crawler.</p>
+     * <p>The ARN of the Glue table.</p>
      */
-    glueTableName: string | undefined;
-    /**
-     * <p>The Glue database where results are written, such as:
-     *             <code>arn:aws:daylight:us-east-1::database/sometable/*</code>.</p>
-     */
-    glueDatabaseName: string | undefined;
+    tableArn?: string;
+}
+/**
+ * @public
+ * <p>The details of the log provider for a third-party custom source.</p>
+ */
+export interface CustomLogSourceProvider {
     /**
      * <p>The ARN of the IAM role to be used by the entity putting logs into your
      *          custom source partition. Security Lake will apply the correct access policies to this role, but
      *          you must first manually create the trust policy for this role. The IAM role
      *          name must start with the text 'Security Lake'. The IAM role must trust the
-     *             <code>logProviderAccountId</code> to assume the role.</p>
+     *          <code>logProviderAccountId</code> to assume the role.</p>
+     */
+    roleArn?: string;
+    /**
+     * <p>The location of the partition in the Amazon S3 bucket for Security Lake.</p>
      */
-    logProviderAccessRoleArn: string | undefined;
+    location?: string;
 }
 /**
  * @public
- * @enum
+ * <p>Amazon Security Lake can collect logs and events from third-party custom sources.</p>
  */
-export declare const StorageClass: {
-    readonly DEEP_ARCHIVE: "DEEP_ARCHIVE";
-    readonly EXPIRE: "EXPIRE";
-    readonly GLACIER: "GLACIER";
-    readonly GLACIER_IR: "GLACIER_IR";
-    readonly INTELLIGENT_TIERING: "INTELLIGENT_TIERING";
-    readonly ONEZONE_IA: "ONEZONE_IA";
-    readonly STANDARD_IA: "STANDARD_IA";
-};
+export interface CustomLogSourceResource {
+    /**
+     * <p>The name for a third-party custom source. This must be a Regionally unique value.</p>
+     */
+    sourceName?: string;
+    /**
+     * <p>The version for a third-party custom source. This must be a Regionally unique value.</p>
+     */
+    sourceVersion?: string;
+    /**
+     * <p>The details of the log provider for a third-party custom source.</p>
+     */
+    provider?: CustomLogSourceProvider;
+    /**
+     * <p>The attributes of a third-party custom source.</p>
+     */
+    attributes?: CustomLogSourceAttributes;
+}
 /**
  * @public
  */
-export type StorageClass = (typeof StorageClass)[keyof typeof StorageClass];
+export interface CreateCustomLogSourceResponse {
+    /**
+     * <p>The created third-party custom source.</p>
+     */
+    source?: CustomLogSourceResource;
+}
 /**
  * @public
- * <p>Retention settings for the destination Amazon S3 buckets in Amazon Security Lake. </p>
+ * <p>Provides encryption details of Amazon Security Lake object.</p>
  */
-export interface RetentionSetting {
+export interface DataLakeEncryptionConfiguration {
     /**
-     * <p>The range of storage classes that you can choose from based on the data access,
-     *          resiliency, and cost requirements of your workloads.</p>
+     * <p>The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake
+     *          object.</p>
      */
-    storageClass?: StorageClass | string;
+    kmsKeyId?: string;
+}
+/**
+ * @public
+ * <p>Provide expiration lifecycle details of Amazon Security Lake object.</p>
+ */
+export interface DataLakeLifecycleExpiration {
     /**
-     * <p>The retention period specifies a fixed period of time during which the Security Lake object
-     *          remains locked. You can specify the retention period in days for one or more sources. </p>
+     * <p>Number of days before data expires in the Amazon Security Lake object.</p>
      */
-    retentionPeriod?: number;
+    days?: number;
 }
 /**
  * @public
- * <p>Provides details of Amazon Security Lake configuration object.</p>
+ * <p>Provide transition lifecycle details of Amazon Security Lake object.</p>
  */
-export interface LakeConfigurationRequest {
+export interface DataLakeLifecycleTransition {
     /**
-     * <p>The type of encryption key used by Amazon Security Lake to encrypt the Security Lake configuration
-     *          object.</p>
+     * <p>The range of storage classes that you can choose from based on the data access,
+     *          resiliency, and cost requirements of your workloads.</p>
      */
-    encryptionKey?: string;
+    storageClass?: string;
     /**
-     * <p>Retention settings for the destination Amazon S3 buckets. </p>
+     * <p>Number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.</p>
      */
-    retentionSettings?: RetentionSetting[];
+    days?: number;
+}
+/**
+ * @public
+ * <p>Provides lifecycle details of Amazon Security Lake object.</p>
+ */
+export interface DataLakeLifecycleConfiguration {
+    /**
+     * <p>Provides data expiration details of Amazon Security Lake object.</p>
+     */
+    expiration?: DataLakeLifecycleExpiration;
     /**
-     * <p>A tag is a label that you assign to an Amazon Web Services resource. Each tag consists of a key and an
-     *          optional value, both of which you define.</p>
+     * <p>Provides data storage transition details of Amazon Security Lake object.</p>
      */
-    tagsMap?: Record<string, string>;
+    transitions?: DataLakeLifecycleTransition[];
+}
+/**
+ * @public
+ * <p>Provides replication details of Amazon Security Lake object.</p>
+ */
+export interface DataLakeReplicationConfiguration {
     /**
      * <p>Replication enables automatic, asynchronous copying of objects across Amazon S3
      *          buckets. Amazon S3 buckets that are configured for object replication can be owned
@@ -537,883 +550,1027 @@ export interface LakeConfigurationRequest {
      *          can be in different Amazon Web Services Regions or within the same Region as the source
      *          bucket.</p>
      *          <p>Set up one or more rollup Regions by providing the Region or Regions that should
-     *          contribute to the central rollup Region. </p>
+     *          contribute to the central rollup Region.</p>
      */
-    replicationDestinationRegions?: (Region | string)[];
+    regions?: string[];
     /**
      * <p>Replication settings for the Amazon S3 buckets. This parameter uses the Identity and Access Management (IAM) role you created that is managed by Security Lake, to
-     *          ensure the replication setting is correct. </p>
+     *          ensure the replication setting is correct.</p>
      */
-    replicationRoleArn?: string;
+    roleArn?: string;
 }
 /**
  * @public
+ * <p>Provides details of Amazon Security Lake object.</p>
  */
-export interface CreateDatalakeRequest {
+export interface DataLakeConfiguration {
     /**
-     * <p>Enable Security Lake in the specified Regions. To enable Security Lake in specific Amazon Web Services Regions, such as us-east-1 or ap-northeast-3, provide the Region codes. For a
-     *          list of Region codes, see <a href="https://docs.aws.amazon.com/general/latest/gr/securitylake.html">Amazon Security Lake endpoints</a> in the
-     *             Amazon Web Services General Reference.</p>
+     * <p>The Amazon Web Services Regions where Security Lake is automatically enabled.</p>
      */
-    regions?: (Region | string)[];
+    region: string | undefined;
     /**
-     * <p>Specify the Region or Regions that will contribute data to the rollup region.</p>
+     * <p>Provides encryption details of Amazon Security Lake object.</p>
      */
-    configurations?: Record<string, LakeConfigurationRequest>;
+    encryptionConfiguration?: DataLakeEncryptionConfiguration;
     /**
-     * <p>Enable Security Lake in all Regions.</p>
+     * <p>Provides lifecycle details of Amazon Security Lake object.</p>
      */
-    enableAll?: boolean;
+    lifecycleConfiguration?: DataLakeLifecycleConfiguration;
     /**
-     * <p>The Amazon Resource Name (ARN) used to create and update the Glue table.
-     *          This table contains partitions generated by the ingestion and normalization of Amazon Web Services log sources and custom sources.</p>
+     * <p>Provides replication details of Amazon Security Lake object.</p>
      */
-    metaStoreManagerRoleArn?: string;
+    replicationConfiguration?: DataLakeReplicationConfiguration;
 }
 /**
  * @public
  */
-export interface CreateDatalakeResponse {
+export interface CreateDataLakeRequest {
+    /**
+     * <p>Specify the Region or Regions that will contribute data to the rollup region.</p>
+     */
+    configurations: DataLakeConfiguration[] | undefined;
+    /**
+     * <p>The Amazon Resource Name (ARN) used to create and update the Glue table.
+     *          This table contains partitions generated by the ingestion and normalization of
+     *           Amazon Web Services log sources and custom sources.</p>
+     */
+    metaStoreManagerRoleArn: string | undefined;
 }
 /**
  * @public
- * <p>You have exceeded your service quota. To perform the requested action, remove some of
- *          the relevant resources, or use Service Quotas to request a service quota increase. </p>
+ * @enum
  */
-export declare class ServiceQuotaExceededException extends __BaseException {
-    readonly name: "ServiceQuotaExceededException";
-    readonly $fault: "client";
+export declare const DataLakeStatus: {
+    readonly COMPLETED: "COMPLETED";
+    readonly FAILED: "FAILED";
+    readonly INITIALIZED: "INITIALIZED";
+    readonly PENDING: "PENDING";
+};
+/**
+ * @public
+ */
+export type DataLakeStatus = (typeof DataLakeStatus)[keyof typeof DataLakeStatus];
+/**
+ * @public
+ * <p>The details of the last <code>UpdateDataLake</code> or <code>DeleteDataLake</code>
+ *          API request which failed.</p>
+ */
+export interface DataLakeUpdateException {
     /**
-     * <p>The ID of the resource that exceeds the service quota.</p>
+     * <p>The reason for the exception of the last <code>UpdateDataLake</code>or
+     *          <code>DeleteDataLake</code> API request.</p>
      */
-    resourceId: string | undefined;
+    reason?: string;
     /**
-     * <p>The type of the resource that exceeds the service quota.</p>
+     * <p>The reason code for the exception of the last <code>UpdateDataLake</code> or
+     *          <code>DeleteDataLake</code> API request.</p>
      */
-    resourceType: string | undefined;
+    code?: string;
+}
+/**
+ * @public
+ * <p>The status of the last <code>UpdateDataLake</code> or <code>DeleteDataLake</code> API
+ *          request. This is set to Completed after the configuration is updated, or removed if
+ *          deletion of the data lake is successful.</p>
+ */
+export interface DataLakeUpdateStatus {
     /**
-     * <p>The code for the service in Service Quotas.</p>
+     * <p>The unique ID for the last <code>UpdateDataLake</code> or <code>DeleteDataLake</code> API
+     *          request.</p>
      */
-    serviceCode: string | undefined;
+    requestId?: string;
     /**
-     * <p>That the rate of requests to Security Lake is exceeding the request quotas for your Amazon Web Services account.</p>
+     * <p>The status of the last <code>UpdateDataLake</code> or <code>DeleteDataLake</code> API
+     *          request that was requested.</p>
      */
-    quotaCode: string | undefined;
+    status?: DataLakeStatus | string;
     /**
-     * @internal
+     * <p>The details of the last <code>UpdateDataLake</code>or <code>DeleteDataLake</code> API
+     *          request which failed.</p>
      */
-    constructor(opts: __ExceptionOptionType<ServiceQuotaExceededException, __BaseException>);
+    exception?: DataLakeUpdateException;
 }
 /**
  * @public
- * <p>The limit on the number of requests per second was exceeded. </p>
+ * <p>Provides details of Amazon Security Lake object.</p>
  */
-export declare class ThrottlingException extends __BaseException {
-    readonly name: "ThrottlingException";
-    readonly $fault: "client";
-    $retryable: {
-        throttling: boolean;
-    };
+export interface DataLakeResource {
     /**
-     * <p>The code for the service in Service Quotas.</p>
+     * <p>The Amazon Resource Name (ARN) created by you to provide to the subscriber. For more information about ARNs and how to use them in policies, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html">Amazon Security Lake User Guide</a>.</p>
      */
-    serviceCode?: string;
+    dataLakeArn: string | undefined;
     /**
-     * <p>That the rate of requests to Security Lake is exceeding the request quotas for your Amazon Web Services account.</p>
+     * <p>The Amazon Web Services Regions where Security Lake is enabled.</p>
      */
-    quotaCode?: string;
+    region: string | undefined;
     /**
-     * <p>Retry the request after the specified time. </p>
+     * <p>The ARN for the Amazon Security Lake Amazon S3 bucket.</p>
      */
-    retryAfterSeconds?: number;
+    s3BucketArn?: string;
     /**
-     * @internal
+     * <p>Provides encryption details of Amazon Security Lake object.</p>
      */
-    constructor(opts: __ExceptionOptionType<ThrottlingException, __BaseException>);
-}
-/**
- * @public
- */
-export interface CreateDatalakeAutoEnableRequest {
+    encryptionConfiguration?: DataLakeEncryptionConfiguration;
+    /**
+     * <p>Provides lifecycle details of Amazon Security Lake object.</p>
+     */
+    lifecycleConfiguration?: DataLakeLifecycleConfiguration;
+    /**
+     * <p>Provides replication details of Amazon Security Lake object.</p>
+     */
+    replicationConfiguration?: DataLakeReplicationConfiguration;
+    /**
+     * <p>Retrieves the status of the configuration operation for an account in Amazon Security Lake.</p>
+     */
+    createStatus?: DataLakeStatus | string;
     /**
-     * <p>Enable Security Lake with the specified configuration settings to begin collecting security
-     *          data for new accounts in your organization. </p>
+     * <p>The status of the last <code>UpdateDataLake </code>or <code>DeleteDataLake</code> API
+     *          request.</p>
      */
-    configurationForNewAccounts: AutoEnableNewRegionConfiguration[] | undefined;
+    updateStatus?: DataLakeUpdateStatus;
 }
 /**
  * @public
  */
-export interface CreateDatalakeAutoEnableResponse {
+export interface CreateDataLakeResponse {
+    /**
+     * <p>The created Security Lake configuration object.</p>
+     */
+    dataLakes?: DataLakeResource[];
 }
 /**
  * @public
  */
-export interface CreateDatalakeDelegatedAdminRequest {
+export interface CreateDataLakeExceptionSubscriptionRequest {
     /**
-     * <p>The Amazon Web Services account ID of the Security Lake delegated administrator.</p>
+     * <p>The subscription protocol to which exception notifications are posted.</p>
+     */
+    subscriptionProtocol: string | undefined;
+    /**
+     * <p>The Amazon Web Services account where you want to receive exception notifications.</p>
      */
-    account: string | undefined;
+    notificationEndpoint: string | undefined;
+    /**
+     * <p>The expiration period and time-to-live (TTL).</p>
+     */
+    exceptionTimeToLive?: number;
 }
 /**
  * @public
  */
-export interface CreateDatalakeDelegatedAdminResponse {
+export interface CreateDataLakeExceptionSubscriptionResponse {
 }
 /**
  * @public
- * @enum
- */
-export declare const SubscriptionProtocolType: {
-    readonly APP: "APP";
-    readonly EMAIL: "EMAIL";
-    readonly EMAIL_JSON: "EMAIL_JSON";
-    readonly FIREHOSE: "FIREHOSE";
-    readonly HTTP: "HTTP";
-    readonly HTTPS: "HTTPS";
-    readonly LAMBDA: "LAMBDA";
-    readonly SMS: "SMS";
-    readonly SQS: "SQS";
-};
-/**
- * @public
+ * <p>Automatically enable new organization accounts as member accounts from an Amazon Security Lake
+ *          administrator account.</p>
  */
-export type SubscriptionProtocolType = (typeof SubscriptionProtocolType)[keyof typeof SubscriptionProtocolType];
+export interface DataLakeAutoEnableNewAccountConfiguration {
+    /**
+     * <p>The Amazon Web Services Regions where Security Lake is automatically enabled.</p>
+     */
+    region: string | undefined;
+    /**
+     * <p>The Amazon Web Services sources that are automatically enabled in Security Lake.</p>
+     */
+    sources: AwsLogSourceResource[] | undefined;
+}
 /**
  * @public
  */
-export interface CreateDatalakeExceptionsSubscriptionRequest {
+export interface CreateDataLakeOrganizationConfigurationRequest {
     /**
-     * <p>The subscription protocol to which exception notifications are posted. </p>
-     */
-    subscriptionProtocol: SubscriptionProtocolType | string | undefined;
-    /**
-     * <p>The Amazon Web Services account where you want to receive exception notifications.</p>
+     * <p>Enable Security Lake with the specified configuration settings, to begin collecting security
+     *          data for new accounts in your organization.</p>
      */
-    notificationEndpoint: string | undefined;
+    autoEnableNewAccount: DataLakeAutoEnableNewAccountConfiguration[] | undefined;
 }
 /**
  * @public
  */
-export interface CreateDatalakeExceptionsSubscriptionResponse {
+export interface CreateDataLakeOrganizationConfigurationResponse {
 }
 /**
  * @public
  * <p>The supported source types from which logs and events are collected in Amazon Security Lake.
  *          For the list of supported Amazon Web Services, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html">Amazon Security Lake User Guide</a>.</p>
  */
-export type SourceType = SourceType.AwsSourceTypeMember | SourceType.CustomSourceTypeMember | SourceType.$UnknownMember;
+export type LogSourceResource = LogSourceResource.AwsLogSourceMember | LogSourceResource.CustomLogSourceMember | LogSourceResource.$UnknownMember;
 /**
  * @public
  */
-export declare namespace SourceType {
+export declare namespace LogSourceResource {
     /**
-     * <p>Amazon Security Lake supports log and event collection for natively supported Amazon Web Services. </p>
+     * <p>Amazon Security Lake supports log and event collection for natively supported Amazon Web Services.</p>
      */
-    interface AwsSourceTypeMember {
-        awsSourceType: AwsLogSourceType | string;
-        customSourceType?: never;
+    interface AwsLogSourceMember {
+        awsLogSource: AwsLogSourceResource;
+        customLogSource?: never;
         $unknown?: never;
     }
     /**
      * <p>Amazon Security Lake supports custom source types. For a detailed list, see the Amazon Security Lake
      *          User Guide.</p>
      */
-    interface CustomSourceTypeMember {
-        awsSourceType?: never;
-        customSourceType: string;
+    interface CustomLogSourceMember {
+        awsLogSource?: never;
+        customLogSource: CustomLogSourceResource;
         $unknown?: never;
     }
     interface $UnknownMember {
-        awsSourceType?: never;
-        customSourceType?: never;
+        awsLogSource?: never;
+        customLogSource?: never;
         $unknown: [string, any];
     }
     interface Visitor<T> {
-        awsSourceType: (value: AwsLogSourceType | string) => T;
-        customSourceType: (value: string) => T;
+        awsLogSource: (value: AwsLogSourceResource) => T;
+        customLogSource: (value: CustomLogSourceResource) => T;
         _: (name: string, value: any) => T;
     }
-    const visit: <T>(value: SourceType, visitor: Visitor<T>) => T;
+    const visit: <T>(value: LogSourceResource, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ */
+export interface CreateSubscriberRequest {
+    /**
+     * <p>The AWS identity used to access your data.</p>
+     */
+    subscriberIdentity: AwsIdentity | undefined;
+    /**
+     * <p>The name of your Security Lake subscriber account.</p>
+     */
+    subscriberName: string | undefined;
+    /**
+     * <p>The description for your subscriber account in Security Lake.</p>
+     */
+    subscriberDescription?: string;
+    /**
+     * <p>The supported Amazon Web Services from which logs and events are collected.
+     *          Security Lake supports log and event collection for natively supported Amazon Web Services.</p>
+     */
+    sources: LogSourceResource[] | undefined;
+    /**
+     * <p>The Amazon S3 or Lake Formation access type.</p>
+     */
+    accessTypes?: (AccessType | string)[];
 }
+/**
+ * @public
+ * @enum
+ */
+export declare const SubscriberStatus: {
+    readonly ACTIVE: "ACTIVE";
+    readonly DEACTIVATED: "DEACTIVATED";
+    readonly PENDING: "PENDING";
+    readonly READY: "READY";
+};
 /**
  * @public
  */
-export interface CreateSubscriberRequest {
-    /**
-     * <p>The supported Amazon Web Services from which logs and events are collected.
-     *          Security Lake supports log and event collection for natively supported Amazon Web Services.</p>
-     */
-    sourceTypes: SourceType[] | undefined;
+export type SubscriberStatus = (typeof SubscriberStatus)[keyof typeof SubscriberStatus];
+/**
+ * @public
+ * <p>Provides details about the Amazon Security Lake account subscription. Subscribers are notified
+ *          of new objects for a source as the data is written to your Amazon S3 bucket for
+ *          Security Lake.</p>
+ */
+export interface SubscriberResource {
     /**
-     * <p>The Amazon Web Services account ID used to access your data.</p>
+     * <p>The subscriber ID of the Amazon Security Lake subscriber account.</p>
      */
-    accountId: string | undefined;
+    subscriberId: string | undefined;
     /**
-     * <p>The external ID of the subscriber. This lets the user that is assuming the role assert
-     *          the circumstances in which they are operating. It also provides a way for the account owner
-     *          to permit the role to be assumed only under specific circumstances.</p>
+     * <p>The subscriber ARN of the Amazon Security Lake subscriber account.</p>
      */
-    externalId: string | undefined;
+    subscriberArn: string | undefined;
     /**
-     * <p>The Amazon S3 or Lake Formation access type.</p>
+     * <p>The AWS identity used to access your data.</p>
      */
-    accessTypes?: (AccessType | string)[];
+    subscriberIdentity: AwsIdentity | undefined;
     /**
-     * <p>The name of your Security Lake subscriber account.</p>
+     * <p>The name of your Amazon Security Lake subscriber account.</p>
      */
     subscriberName: string | undefined;
     /**
-     * <p>The description for your subscriber account in Security Lake. </p>
+     * <p>The subscriber descriptions for a subscriber account. The description for a subscriber
+     *          includes <code>subscriberName</code>, <code>accountID</code>, <code>externalID</code>, and
+     *          <code>subscriberId</code>.</p>
      */
     subscriberDescription?: string;
-}
-/**
- * @public
- */
-export interface CreateSubscriberResponse {
     /**
-     * <p>The <code>subscriptionId</code> created by the <code>CreateSubscriber</code> API
-     *          call.</p>
+     * <p>Amazon Security Lake supports log and event collection for natively supported Amazon Web Services. For more information, see the Amazon Security Lake User Guide.</p>
      */
-    subscriptionId: string | undefined;
+    sources: LogSourceResource[] | undefined;
     /**
-     * <p>The Amazon Resource Name (ARN) created by you to provide to the subscriber. For more
-     *          information about ARNs and how to use them in policies, see <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html">Amazon Security Lake User
-     *             Guide</a>.</p>
+     * <p>You can choose to notify subscribers of new objects with an Amazon Simple Queue Service
+     *             (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the
+     *          subscriber.</p>
+     *          <p> Subscribers can consume data by directly querying Lake Formation tables in your
+     *             Amazon S3 bucket through services like Amazon Athena. This subscription
+     *          type is defined as <code>LAKEFORMATION</code>.</p>
      */
-    roleArn?: string;
+    accessTypes?: (AccessType | string)[];
     /**
-     * <p>The ARN for the Amazon Simple Notification Service.</p>
+     * <p>The Amazon Resource Name (ARN) specifying the role of the subscriber.</p>
      */
-    snsArn?: string;
+    roleArn?: string;
     /**
-     * <p>The ARN for the Amazon S3 bucket. </p>
+     * <p>The ARN for the Amazon S3 bucket.</p>
      */
     s3BucketArn?: string;
     /**
-     * <p>The Amazon Resource Name (ARN) which uniquely defines the AWS RAM resource share. Before accepting the RAM resource share invitation, you can view details related to the RAM resource share.</p>
+     * <p>The subscriber endpoint to which exception messages are posted.</p>
+     */
+    subscriberEndpoint?: string;
+    /**
+     * <p>The subscriber status of the Amazon Security Lake subscriber account.</p>
+     */
+    subscriberStatus?: SubscriberStatus | string;
+    /**
+     * <p>The Amazon Resource Name (ARN) which uniquely defines the AWS RAM resource share. Before
+     *          accepting the RAM resource share invitation, you can view details related to the RAM
+     *          resource share.</p>
+     *          <p>This field is available only for Lake Formation subscribers created after March 8, 2023.</p>
      */
     resourceShareArn?: string;
     /**
      * <p>The name of the resource share.</p>
      */
     resourceShareName?: string;
+    /**
+     * <p>The date and time when the subscriber was created.</p>
+     */
+    createdAt?: Date;
+    /**
+     * <p>The date and time when the subscriber was last updated.</p>
+     */
+    updatedAt?: Date;
 }
 /**
  * @public
- * <p>The request was rejected because a value that's not valid or is out of range was
- *          supplied for an input parameter. </p>
  */
-export declare class InvalidInputException extends __BaseException {
-    readonly name: "InvalidInputException";
-    readonly $fault: "client";
+export interface CreateSubscriberResponse {
     /**
-     * @internal
+     * <p>Retrieve information about the subscriber created using the
+     *             <code>CreateSubscriber</code> API.</p>
      */
-    constructor(opts: __ExceptionOptionType<InvalidInputException, __BaseException>);
+    subscriber?: SubscriberResource;
 }
 /**
  * @public
  * @enum
  */
-export declare const HttpsMethod: {
+export declare const HttpMethod: {
     readonly POST: "POST";
     readonly PUT: "PUT";
 };
 /**
  * @public
  */
-export type HttpsMethod = (typeof HttpsMethod)[keyof typeof HttpsMethod];
+export type HttpMethod = (typeof HttpMethod)[keyof typeof HttpMethod];
 /**
  * @public
+ * <p>The configurations for HTTPS subscriber notification.</p>
  */
-export interface CreateSubscriptionNotificationConfigurationRequest {
-    /**
-     * <p>The subscription ID for the notification subscription.</p>
-     */
-    subscriptionId: string | undefined;
+export interface HttpsNotificationConfiguration {
     /**
      * <p>The subscription endpoint in Security Lake. If you prefer notification with an HTTPs
      *          endpoint, populate this field.</p>
      */
-    subscriptionEndpoint?: string;
+    endpoint: string | undefined;
     /**
      * <p>The key name for the notification subscription.</p>
      */
-    httpsApiKeyName?: string;
+    authorizationApiKeyName?: string;
     /**
      * <p>The key value for the notification subscription.</p>
      */
-    httpsApiKeyValue?: string;
-    /**
-     * <p>The HTTPS method used for the notification subscription. </p>
-     */
-    httpsMethod?: HttpsMethod | string;
+    authorizationApiKeyValue?: string;
     /**
-     * <p>Create an Amazon Simple Queue Service queue.</p>
+     * <p>The HTTPS method used for the notification subscription.</p>
      */
-    createSqs?: boolean;
+    httpMethod?: HttpMethod | string;
     /**
      * <p>The Amazon Resource Name (ARN) of the EventBridge API destinations IAM role that you
      *          created. For more information about ARNs and how to use them in policies, see <a href="https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html">Managing data access</a> and <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html">Amazon Web Services
      *             Managed Policies</a> in the Amazon Security Lake User Guide.</p>
      */
-    roleArn?: string;
+    targetRoleArn: string | undefined;
 }
 /**
  * @public
+ * <p>The configurations for SQS subscriber notification.</p>
  */
-export interface CreateSubscriptionNotificationConfigurationResponse {
-    /**
-     * <p>Returns the Amazon Resource Name (ARN) of the queue.</p>
-     */
-    queueArn?: string;
+export interface SqsNotificationConfiguration {
 }
 /**
  * @public
+ * <p>Specify the configurations you want to use for subscriber notification to notify the
+ *          subscriber when new data is written to the data lake for sources that the subscriber
+ *          consumes in Security Lake. </p>
  */
-export interface DeleteAwsLogSourceRequest {
-    /**
-     * <p>This is a mandatory input. Specify the input order to disable dimensions in Security Lake,
-     *          namely Region (Amazon Web Services Region code, source type, and member (account ID of a
-     *          specific Amazon Web Services account). </p>
-     */
-    inputOrder: (Dimension | string)[] | undefined;
-    /**
-     * <p>Removes the specific Amazon Web Services sources from specific accounts and specific
-     *          Regions.</p>
-     */
-    disableAllDimensions?: Record<string, Record<string, string[]>>;
+export type NotificationConfiguration = NotificationConfiguration.HttpsNotificationConfigurationMember | NotificationConfiguration.SqsNotificationConfigurationMember | NotificationConfiguration.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace NotificationConfiguration {
     /**
-     * <p>Remove a specific Amazon Web Services source from specific accounts or Regions.</p>
+     * <p>The configurations for SQS subscriber notification.</p>
      */
-    disableTwoDimensions?: Record<string, string[]>;
+    interface SqsNotificationConfigurationMember {
+        sqsNotificationConfiguration: SqsNotificationConfiguration;
+        httpsNotificationConfiguration?: never;
+        $unknown?: never;
+    }
     /**
-     * <p>Removes all Amazon Web Services sources from specific accounts or Regions.</p>
+     * <p>The configurations for HTTPS subscriber notification.</p>
      */
-    disableSingleDimension?: string[];
+    interface HttpsNotificationConfigurationMember {
+        sqsNotificationConfiguration?: never;
+        httpsNotificationConfiguration: HttpsNotificationConfiguration;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        sqsNotificationConfiguration?: never;
+        httpsNotificationConfiguration?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        sqsNotificationConfiguration: (value: SqsNotificationConfiguration) => T;
+        httpsNotificationConfiguration: (value: HttpsNotificationConfiguration) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: NotificationConfiguration, visitor: Visitor<T>) => T;
 }
 /**
  * @public
  */
-export interface DeleteAwsLogSourceResponse {
+export interface CreateSubscriberNotificationRequest {
     /**
-     * <p>Deletion of the Amazon Web Services sources is in progress.</p>
+     * <p>The subscriber ID for the notification subscription.</p>
      */
-    processing?: string[];
+    subscriberId: string | undefined;
     /**
-     * <p>Deletion of the Amazon Web Services sources failed as the account is not a part of the organization.</p>
+     * <p>Specify the configuration using which you want to create the subscriber
+     *          notification.</p>
      */
-    failed?: string[];
+    configuration: NotificationConfiguration | undefined;
 }
 /**
  * @public
  */
-export interface DeleteCustomLogSourceRequest {
+export interface CreateSubscriberNotificationResponse {
     /**
-     * <p>The custom source name for the custom log source.</p>
+     * <p>The subscriber endpoint to which exception messages are posted.</p>
      */
-    customSourceName: string | undefined;
+    subscriberEndpoint?: string;
 }
 /**
  * @public
  */
-export interface DeleteCustomLogSourceResponse {
+export interface DeleteAwsLogSourceRequest {
     /**
-     * <p>The location of the partition in the Amazon S3 bucket for Security Lake.</p>
+     * <p>Specify the natively-supported Amazon Web Services service to remove as a source in
+     *          Security Lake.</p>
      */
-    customDataLocation: string | undefined;
-}
-/**
- * @public
- */
-export interface DeleteDatalakeRequest {
+    sources: AwsLogSourceConfiguration[] | undefined;
 }
 /**
  * @public
  */
-export interface DeleteDatalakeResponse {
+export interface DeleteAwsLogSourceResponse {
+    /**
+     * <p>Deletion of the Amazon Web Services sources failed as the account is not a part of the organization.</p>
+     */
+    failed?: string[];
 }
 /**
  * @public
  */
-export interface DeleteDatalakeAutoEnableRequest {
+export interface DeleteCustomLogSourceRequest {
+    /**
+     * <p>The source name of custom log source that you want to delete.</p>
+     */
+    sourceName: string | undefined;
     /**
-     * <p>Remove automatic enablement of configuration settings for new member accounts in
-     *          Security Lake. </p>
+     * <p>The source version for the third-party custom source. You can limit the custom source
+     *          removal to the specified source version.</p>
      */
-    removeFromConfigurationForNewAccounts: AutoEnableNewRegionConfiguration[] | undefined;
+    sourceVersion?: string;
 }
 /**
  * @public
  */
-export interface DeleteDatalakeAutoEnableResponse {
+export interface DeleteCustomLogSourceResponse {
 }
 /**
  * @public
  */
-export interface DeleteDatalakeDelegatedAdminRequest {
+export interface DeleteDataLakeRequest {
     /**
-     * <p>The account ID the Security Lake delegated administrator.</p>
+     * <p>The list of Regions where Security Lake is enabled.</p>
      */
-    account: string | undefined;
+    regions: string[] | undefined;
 }
 /**
  * @public
  */
-export interface DeleteDatalakeDelegatedAdminResponse {
+export interface DeleteDataLakeResponse {
 }
 /**
  * @public
  */
-export interface DeleteDatalakeExceptionsSubscriptionRequest {
-}
-/**
- * @public
- */
-export interface DeleteDatalakeExceptionsSubscriptionResponse {
+export interface DeleteDataLakeOrganizationConfigurationRequest {
     /**
-     * <p>Retrieves the status of the delete Security Lake operation for an account. </p>
+     * <p>Removes the automatic enablement of configuration settings for new member accounts in
+     *          Security Lake.</p>
      */
-    status: string | undefined;
+    autoEnableNewAccount: DataLakeAutoEnableNewAccountConfiguration[] | undefined;
 }
 /**
  * @public
  */
-export interface DeleteSubscriberRequest {
-    /**
-     * <p>A value created by Security Lake that uniquely identifies your <code>DeleteSubscriber</code> API request. </p>
-     */
-    id: string | undefined;
+export interface DeleteDataLakeOrganizationConfigurationResponse {
 }
 /**
  * @public
  */
-export interface DeleteSubscriberResponse {
+export interface GetDataLakeOrganizationConfigurationRequest {
 }
 /**
  * @public
  */
-export interface DeleteSubscriptionNotificationConfigurationRequest {
+export interface GetDataLakeOrganizationConfigurationResponse {
     /**
-     * <p>The ID of the Security Lake subscriber account.</p>
+     * <p>The configuration for new accounts.</p>
      */
-    subscriptionId: string | undefined;
+    autoEnableNewAccount?: DataLakeAutoEnableNewAccountConfiguration[];
 }
 /**
  * @public
  */
-export interface DeleteSubscriptionNotificationConfigurationResponse {
+export interface GetDataLakeSourcesRequest {
+    /**
+     * <p>The Amazon Web Services account ID for which a static snapshot of the current Amazon Web Services Region, including enabled accounts and log sources, is retrieved.</p>
+     */
+    accounts?: string[];
+    /**
+     * <p>The maximum limit of accounts for which the static snapshot of the current Region,
+     *          including enabled accounts and log sources, is retrieved.</p>
+     */
+    maxResults?: number;
+    /**
+     * <p>Lists if there are more results available. The value of nextToken is a unique pagination
+     *          token for each page. Repeat the call using the returned token to retrieve the next page.
+     *          Keep all other arguments unchanged.</p>
+     *          <p>Each pagination token expires after 24 hours. Using an expired pagination token will
+     *          return an HTTP 400 InvalidToken error.</p>
+     */
+    nextToken?: string;
 }
 /**
  * @public
  * @enum
  */
-export declare const EndpointProtocol: {
-    readonly HTTPS: "HTTPS";
-    readonly SQS: "SQS";
+export declare const SourceCollectionStatus: {
+    readonly COLLECTING: "COLLECTING";
+    readonly MISCONFIGURED: "MISCONFIGURED";
+    readonly NOT_COLLECTING: "NOT_COLLECTING";
 };
 /**
  * @public
  */
-export type EndpointProtocol = (typeof EndpointProtocol)[keyof typeof EndpointProtocol];
+export type SourceCollectionStatus = (typeof SourceCollectionStatus)[keyof typeof SourceCollectionStatus];
 /**
  * @public
- * <p>Represents an error interacting with the Amazon EventBridge service.</p>
+ * <p>Retrieves the Logs status for the Amazon Security Lake account.</p>
  */
-export declare class EventBridgeException extends __BaseException {
-    readonly name: "EventBridgeException";
-    readonly $fault: "client";
+export interface DataLakeSourceStatus {
     /**
-     * @internal
+     * <p>Defines path the stored logs are available which has information on your systems,
+     *          applications, and services.</p>
+     */
+    resource?: string;
+    /**
+     * <p>The health status of services, including error codes and patterns.</p>
      */
-    constructor(opts: __ExceptionOptionType<EventBridgeException, __BaseException>);
+    status?: SourceCollectionStatus | string;
 }
 /**
  * @public
- * <p>List of all failures.</p>
+ * <p>Amazon Security Lake collects logs and events from supported Amazon Web Services and
+ *          custom sources. For the list of supported Amazon Web Services, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html">Amazon Security Lake User Guide</a>.</p>
  */
-export interface Failures {
-    /**
-     * <p>List of all exception messages.</p>
-     */
-    exceptionMessage: string | undefined;
+export interface DataLakeSource {
     /**
-     * <p>List of all remediation steps for failures.</p>
+     * <p>The ID of the Security Lake account for which logs are collected.</p>
      */
-    remediation: string | undefined;
+    account?: string;
     /**
-     * <p>This error can occur if you configure the wrong timestamp format, or if the subset of entries used for validation had errors or missing values.</p>
+     * <p>The supported Amazon Web Services from which logs and events are collected.
+     *          Amazon Security Lake supports log and event collection for natively supported Amazon Web Services.</p>
      */
-    timestamp: Date | undefined;
-}
-/**
- * @public
- * <p>Response element for actions that make changes, namely create, update, or delete
- *          actions. </p>
- */
-export interface FailuresResponse {
+    sourceName?: string;
     /**
-     * <p>List of Amazon Web Services Regions where the failure occurred. </p>
+     * <p>The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of
+     *          data that the custom source will send to Security Lake. The supported event classes are:</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>ACCESS_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>FILE_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>KERNEL_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>KERNEL_EXTENSION</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>MEMORY_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>MODULE_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>PROCESS_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>REGISTRY_KEY_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>REGISTRY_VALUE_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>RESOURCE_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>SCHEDULED_JOB_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>SECURITY_FINDING</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>ACCOUNT_CHANGE</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AUTHENTICATION</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>AUTHORIZATION</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>ENTITY_MANAGEMENT_AUDIT</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>DHCP_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>NETWORK_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>DNS_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>FTP_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>HTTP_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>RDP_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>SMB_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>SSH_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>CONFIG_STATE</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>INVENTORY_INFO</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>EMAIL_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>API_ACTIVITY</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>CLOUD_API</code>
+     *                </p>
+     *             </li>
+     *          </ul>
      */
-    region?: string;
+    eventClasses?: string[];
     /**
-     * <p>List of all failures. </p>
-     */
-    failures?: Failures[];
-}
-/**
- * @public
- */
-export interface GetDatalakeRequest {
-}
-/**
- * @public
- * @enum
- */
-export declare const SettingsStatus: {
-    readonly COMPLETED: "COMPLETED";
-    readonly FAILED: "FAILED";
-    readonly INITIALIZED: "INITIALIZED";
-    readonly PENDING: "PENDING";
-};
-/**
- * @public
- */
-export type SettingsStatus = (typeof SettingsStatus)[keyof typeof SettingsStatus];
+     * <p>The log status for the Security Lake account.</p>
+     */
+    sourceStatuses?: DataLakeSourceStatus[];
+}
 /**
  * @public
- * <p>The details of the last <code>UpdateDatalake</code> or <code>DeleteDatalake</code>
- *          API request which failed.</p>
  */
-export interface LastUpdateFailure {
+export interface GetDataLakeSourcesResponse {
     /**
-     * <p>The reason for the failure of the last <code>UpdateDatalake</code>or
-     *             <code>DeleteDatalake</code> API request.</p>
+     * <p>The Amazon Resource Name (ARN) created by you to provide to the subscriber. For more information about ARNs and how to use them in policies, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/subscriber-management.html">Amazon Security Lake User Guide</a>.</p>
      */
-    reason?: string;
+    dataLakeArn?: string;
     /**
-     * <p>The reason code for the failure of the last <code>UpdateDatalake</code> or
-     *             <code>DeleteDatalake</code> API request.</p>
+     * <p>The list of enabled accounts and enabled sources.</p>
      */
-    code?: string;
+    dataLakeSources?: DataLakeSource[];
+    /**
+     * <p>Lists if there are more results available. The value of nextToken is a unique pagination
+     *          token for each page. Repeat the call using the returned token to retrieve the next page.
+     *          Keep all other arguments unchanged.</p>
+     *          <p>Each pagination token expires after 24 hours. Using an expired pagination token will
+     *          return an HTTP 400 InvalidToken error.</p>
+     */
+    nextToken?: string;
 }
 /**
  * @public
- * <p>The status of the last <code>UpdateDatalake</code> or <code>DeleteDatalake</code> API
- *          request. This is set to Completed after the configuration is updated, or removed if
- *          deletion of the data lake is successful.</p>
  */
-export interface UpdateStatus {
-    /**
-     * <p>The unique ID for the <code>UpdateDatalake</code> or <code>DeleteDatalake</code> API
-     *          request.</p>
-     */
-    lastUpdateRequestId?: string;
+export interface ListDataLakesRequest {
     /**
-     * <p>The status of the last <code>UpdateDatalake</code> or <code>DeleteDatalake</code> API
-     *          request that was requested.</p>
+     * <p>The list of regions where Security Lake is enabled.</p>
      */
-    lastUpdateStatus?: SettingsStatus | string;
+    regions?: string[];
+}
+/**
+ * @public
+ */
+export interface ListDataLakesResponse {
     /**
-     * <p>The details of the last <code>UpdateDatalake</code>or <code>DeleteDatalake</code> API
-     *          request which failed.</p>
+     * <p>Retrieves the Security Lake configuration object.</p>
      */
-    lastUpdateFailure?: LastUpdateFailure;
+    dataLakes?: DataLakeResource[];
 }
 /**
  * @public
- * <p>Provides details of Amazon Security Lake lake configuration object.</p>
  */
-export interface LakeConfigurationResponse {
+export interface ListLogSourcesRequest {
     /**
-     * <p>The type of encryption key used by secure the Security Lake configuration object.</p>
+     * <p>The list of Amazon Web Services accounts for which log sources are displayed.</p>
      */
-    encryptionKey?: string;
+    accounts?: string[];
     /**
-     * <p>Retention settings for the destination Amazon S3 buckets. </p>
+     * <p>The list of regions for which log sources are displayed.</p>
      */
-    retentionSettings?: RetentionSetting[];
+    regions?: string[];
     /**
-     * <p>A tag is a label that you assign to an Amazon Web Services resource. Each tag consists of a key and an
-     *          optional value, both of which you define.</p>
+     * <p>The list of sources for which log sources are displayed.</p>
      */
-    tagsMap?: Record<string, string>;
+    sources?: LogSourceResource[];
     /**
-     * <p>Replication enables automatic, asynchronous copying of objects across Amazon S3
-     *          buckets. Amazon S3 buckets that are configured for object replication can be owned
-     *          by the same Amazon Web Services account or by different accounts. You can replicate objects
-     *          to a single destination bucket or to multiple destination buckets. The destination buckets
-     *          can be in different Amazon Web Services Regions or within the same Region as the source
-     *          bucket.</p>
-     *          <p>Set up one or more rollup Regions by providing the Region or Regions that should
-     *          contribute to the central rollup Region. </p>
+     * <p>The maximum number of accounts for which the log sources are displayed.</p>
      */
-    replicationDestinationRegions?: (Region | string)[];
+    maxResults?: number;
     /**
-     * <p>Replication settings for the Amazon S3 buckets. This parameter uses the IAM role you created that is managed by Security Lake, to ensure the replication
-     *          setting is correct. </p>
+     * <p>If nextToken is returned, there are more results available. You can repeat the call
+     *          using the returned token to retrieve the next page.</p>
      */
-    replicationRoleArn?: string;
+    nextToken?: string;
+}
+/**
+ * @public
+ * <p>Amazon Security Lake can collect logs and events from natively-supported Amazon Web Services services and custom sources. </p>
+ */
+export interface LogSource {
     /**
-     * <p>Amazon Resource Names (ARNs) uniquely identify Amazon Web Services resources. Security Lake
-     *          requires an ARN when you need to specify a resource unambiguously across all of Amazon Web Services, such as in IAM policies, Amazon Relational Database Service (Amazon RDS) tags, and API calls. </p>
+     * <p>Specify the account from which you want to collect logs.</p>
      */
-    s3BucketArn?: string;
+    account?: string;
     /**
-     * <p>Retrieves the status of the configuration operation for an account in Amazon Security Lake. </p>
+     * <p>Specify the Regions from which you want to collect logs.</p>
      */
-    status?: SettingsStatus | string;
+    region?: string;
     /**
-     * <p>The status of the last <code>UpdateDatalake </code>or <code>DeleteDatalake</code> API
-     *          request. </p>
+     * <p>Specify the sources from which you want to collect logs.</p>
      */
-    updateStatus?: UpdateStatus;
+    sources?: LogSourceResource[];
 }
 /**
  * @public
  */
-export interface GetDatalakeResponse {
+export interface ListLogSourcesResponse {
     /**
-     * <p>Retrieves the Security Lake configuration object. </p>
+     * <p>The list of log sources in your organization that send data to the data lake.</p>
+     */
+    sources?: LogSource[];
+    /**
+     * <p>If nextToken is returned, there are more results available. You can repeat the call
+     *       using the returned token to retrieve the next page.</p>
      */
-    configurations: Record<string, LakeConfigurationResponse> | undefined;
+    nextToken?: string;
 }
 /**
  * @public
  */
-export interface GetDatalakeAutoEnableRequest {
+export interface UpdateDataLakeRequest {
+    /**
+     * <p>Specify the Region or Regions that will contribute data to the rollup region.</p>
+     */
+    configurations: DataLakeConfiguration[] | undefined;
 }
 /**
  * @public
  */
-export interface GetDatalakeAutoEnableResponse {
+export interface UpdateDataLakeResponse {
     /**
-     * <p>The configuration for new accounts.</p>
+     * <p>The created Security Lake configuration object.</p>
      */
-    autoEnableNewAccounts: AutoEnableNewRegionConfiguration[] | undefined;
+    dataLakes?: DataLakeResource[];
 }
 /**
  * @public
+ * <p>The details for a Security Lake exception</p>
  */
-export interface GetDatalakeExceptionsExpiryRequest {
+export interface DataLakeException {
+    /**
+     * <p>The Amazon Web Services Regions where the exception occurred.</p>
+     */
+    region?: string;
+    /**
+     * <p>The underlying exception of a Security Lake exception.</p>
+     */
+    exception?: string;
+    /**
+     * <p>List of all remediation steps for a Security Lake exception.</p>
+     */
+    remediation?: string;
+    /**
+     * <p>This error can occur if you configure the wrong timestamp format, or if the subset of entries used for validation had errors or missing values.</p>
+     */
+    timestamp?: Date;
 }
 /**
  * @public
  */
-export interface GetDatalakeExceptionsExpiryResponse {
-    /**
-     * <p>The expiration period and time-to-live (TTL).</p>
-     */
-    exceptionMessageExpiry: number | undefined;
+export interface DeleteDataLakeExceptionSubscriptionRequest {
 }
 /**
  * @public
  */
-export interface GetDatalakeExceptionsSubscriptionRequest {
+export interface DeleteDataLakeExceptionSubscriptionResponse {
 }
 /**
  * @public
- * <p>Protocol used in Amazon Security Lake that dictates how notifications are posted at the
- *          endpoint. </p>
  */
-export interface ProtocolAndNotificationEndpoint {
-    /**
-     * <p>The protocol to which notification messages are posted. </p>
-     */
-    protocol?: string;
+export interface DeleteSubscriberRequest {
     /**
-     * <p>The account that is subscribed to receive exception notifications. </p>
+     * <p>A value created by Security Lake that uniquely identifies your <code>DeleteSubscriber</code> API request.</p>
      */
-    endpoint?: string;
+    subscriberId: string | undefined;
 }
 /**
  * @public
  */
-export interface GetDatalakeExceptionsSubscriptionResponse {
-    /**
-     * <p>Retrieves the exception notification subscription information.</p>
-     */
-    protocolAndNotificationEndpoint: ProtocolAndNotificationEndpoint | undefined;
+export interface DeleteSubscriberResponse {
 }
 /**
  * @public
  */
-export interface GetDatalakeStatusRequest {
+export interface DeleteSubscriberNotificationRequest {
     /**
-     * <p>The Amazon Web Services account ID for which a static snapshot of the current Amazon Web Services Region, including enabled accounts and log sources, is retrieved.</p>
-     */
-    accountSet?: string[];
-    /**
-     * <p>The maximum limit of accounts for which the static snapshot of the current Region,
-     *          including enabled accounts and log sources, is retrieved.</p>
-     */
-    maxAccountResults?: number;
-    /**
-     * <p>Lists if there are more results available. The value of nextToken is a unique pagination
-     *          token for each page. Repeat the call using the returned token to retrieve the next page.
-     *          Keep all other arguments unchanged. </p>
-     *          <p>Each pagination token expires after 24 hours. Using an expired pagination token will
-     *          return an HTTP 400 InvalidToken error.</p>
+     * <p>The ID of the Security Lake subscriber account.</p>
      */
-    nextToken?: string;
+    subscriberId: string | undefined;
 }
 /**
  * @public
  */
-export interface GetDatalakeStatusResponse {
-    /**
-     * <p>The list of enabled accounts and enabled sources.</p>
-     */
-    accountSourcesList: AccountSources[] | undefined;
-    /**
-     * <p>Lists if there are more results available. The value of nextToken is a unique pagination
-     *          token for each page. Repeat the call using the returned token to retrieve the next page.
-     *          Keep all other arguments unchanged. </p>
-     *          <p>Each pagination token expires after 24 hours. Using an expired pagination token will
-     *          return an HTTP 400 InvalidToken error.</p>
-     */
-    nextToken?: string;
+export interface DeleteSubscriberNotificationResponse {
 }
 /**
  * @public
  */
-export interface GetSubscriberRequest {
-    /**
-     * <p>A value created by Amazon Security Lake that uniquely identifies your
-     *             <code>GetSubscriber</code> API request.</p>
-     */
-    id: string | undefined;
+export interface DeregisterDataLakeDelegatedAdministratorRequest {
 }
 /**
  * @public
- * @enum
  */
-export declare const SubscriptionStatus: {
-    readonly ACTIVE: "ACTIVE";
-    readonly DEACTIVATED: "DEACTIVATED";
-    readonly PENDING: "PENDING";
-    readonly READY: "READY";
-};
+export interface DeregisterDataLakeDelegatedAdministratorResponse {
+}
 /**
  * @public
  */
-export type SubscriptionStatus = (typeof SubscriptionStatus)[keyof typeof SubscriptionStatus];
+export interface GetDataLakeExceptionSubscriptionRequest {
+}
 /**
  * @public
- * <p>Provides details about the Amazon Security Lake account subscription. Subscribers are notified
- *          of new objects for a source as the data is written to your Amazon S3 bucket for
- *          Security Lake. </p>
  */
-export interface SubscriberResource {
-    /**
-     * <p>The subscription ID of the Amazon Security Lake subscriber account.</p>
-     */
-    subscriptionId: string | undefined;
-    /**
-     * <p>Amazon Security Lake supports log and event collection for natively supported Amazon Web Services. For more information, see the Amazon Security Lake User Guide.</p>
-     */
-    sourceTypes: SourceType[] | undefined;
-    /**
-     * <p>The Amazon Web Services account ID you are using to create your Amazon Security Lake
-     *          account.</p>
-     */
-    accountId: string | undefined;
-    /**
-     * <p>The name of your Amazon Security Lake subscriber account.</p>
-     */
-    subscriberName?: string;
-    /**
-     * <p>The subscriber descriptions for a subscriber account. The description for a subscriber
-     *          includes <code>subscriberName</code>, <code>accountID</code>, <code>externalID</code>, and
-     *          <code>subscriptionId</code>.</p>
-     */
-    subscriberDescription?: string;
+export interface GetDataLakeExceptionSubscriptionResponse {
     /**
-     * <p>The subscription status of the Amazon Security Lake subscriber account.</p>
+     * <p>The subscription protocol to which exception notifications are posted.</p>
      */
-    subscriptionStatus?: SubscriptionStatus | string;
+    subscriptionProtocol?: string;
     /**
-     * <p>The Amazon Resource Name (ARN) specifying the role of the subscriber.</p>
-     */
-    roleArn?: string;
-    /**
-     * <p>The ARN for the Amazon Simple Notification Service.</p>
-     */
-    snsArn?: string;
-    /**
-     * <p>The ARN for the Amazon S3 bucket. </p>
-     */
-    s3BucketArn?: string;
-    /**
-     * <p>You can choose to notify subscribers of new objects with an Amazon Simple Queue Service
-     *             (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the
-     *          subscriber. </p>
-     *          <p> Subscribers can consume data by directly querying Lake Formation tables in your
-     *             Amazon S3 bucket through services like Amazon Athena. This subscription
-     *          type is defined as <code>LAKEFORMATION</code>. </p>
-     */
-    accessTypes?: (AccessType | string)[];
-    /**
-     * <p>The subscription endpoint to which exception messages are posted. </p>
+     * <p>The Amazon Web Services account where you receive exception notifications.</p>
      */
-    subscriptionEndpoint?: string;
+    notificationEndpoint?: string;
     /**
-     * <p>The subscription protocol to which exception messages are posted. </p>
-     */
-    subscriptionProtocol?: EndpointProtocol | string;
-    /**
-     * <p>The external ID of the subscriber. The external ID lets the user that is assuming the
-     *          role assert the circumstances in which they are operating. It also provides a way for the
-     *          account owner to permit the role to be assumed only under specific circumstances.</p>
-     */
-    externalId?: string;
-    /**
-     * <p>The date and time when the subscription was created. </p>
-     */
-    createdAt?: Date;
-    /**
-     * <p>The date and time when the subscription was created. </p>
-     */
-    updatedAt?: Date;
-    /**
-     * <p>The Amazon Resource Name (ARN) which uniquely defines the AWS RAM resource share. Before
-     *          accepting the RAM resource share invitation, you can view details related to the RAM
-     *          resource share.</p>
-     *          <p>This field is available only for Lake Formation subscribers created after March 8, 2023.</p>
+     * <p>The expiration period and time-to-live (TTL).</p>
      */
-    resourceShareArn?: string;
+    exceptionTimeToLive?: number;
+}
+/**
+ * @public
+ */
+export interface GetSubscriberRequest {
     /**
-     * <p>The name of the resource share.</p>
+     * <p>A value created by Amazon Security Lake that uniquely identifies your
+     *             <code>GetSubscriber</code> API request.</p>
      */
-    resourceShareName?: string;
+    subscriberId: string | undefined;
 }
 /**
  * @public
  */
 export interface GetSubscriberResponse {
     /**
-     * <p>The subscription information for the specified subscription ID.</p>
+     * <p>The subscriber information for the specified subscriber ID.</p>
      */
     subscriber?: SubscriberResource;
 }
 /**
  * @public
  */
-export interface ListDatalakeExceptionsRequest {
+export interface ListDataLakeExceptionsRequest {
     /**
      * <p>List the Amazon Web Services Regions from which exceptions are retrieved.</p>
      */
-    regionSet?: (Region | string)[];
+    regions?: string[];
     /**
      * <p>List the maximum number of failures in Security Lake.</p>
      */
-    maxFailures?: number;
+    maxResults?: number;
     /**
      * <p>List if there are more results available. The value of nextToken is a unique pagination
      *          token for each page. Repeat the call using the returned token to retrieve the next page.
-     *          Keep all other arguments unchanged. </p>
+     *          Keep all other arguments unchanged.</p>
      *          <p>Each pagination token expires after 24 hours. Using an expired pagination token will
      *          return an HTTP 400 InvalidToken error.</p>
      */
@@ -1422,66 +1579,20 @@ export interface ListDatalakeExceptionsRequest {
 /**
  * @public
  */
-export interface ListDatalakeExceptionsResponse {
+export interface ListDataLakeExceptionsResponse {
     /**
      * <p>Lists the failures that cannot be retried in the current Region.</p>
      */
-    nonRetryableFailures: FailuresResponse[] | undefined;
+    exceptions?: DataLakeException[];
     /**
      * <p>List if there are more results available. The value of nextToken is a unique pagination
      *          token for each page. Repeat the call using the returned token to retrieve the next page.
-     *          Keep all other arguments unchanged. </p>
+     *          Keep all other arguments unchanged.</p>
      *          <p>Each pagination token expires after 24 hours. Using an expired pagination token will
      *          return an HTTP 400 InvalidToken error.</p>
      */
     nextToken?: string;
 }
-/**
- * @public
- */
-export interface ListLogSourcesRequest {
-    /**
-     * <p>Lists the log sources in input order, namely Region, source
-     *          type, and member account.</p>
-     */
-    inputOrder?: (Dimension | string)[];
-    /**
-     * <p>List the view of log sources for enabled Amazon Security Lake accounts for specific Amazon Web Services sources from specific accounts and specific Regions.</p>
-     */
-    listAllDimensions?: Record<string, Record<string, string[]>>;
-    /**
-     * <p>Lists the view of log sources for enabled Security Lake accounts for specific Amazon Web Services sources from specific accounts or specific Regions.</p>
-     */
-    listTwoDimensions?: Record<string, string[]>;
-    /**
-     * <p>List the view of log sources for enabled Security Lake accounts for all Amazon Web Services
-     *          sources from specific accounts or specific Regions.</p>
-     */
-    listSingleDimension?: string[];
-    /**
-     * <p>The maximum number of accounts for which the log sources are displayed.</p>
-     */
-    maxResults?: number;
-    /**
-     * <p>If nextToken is returned, there are more results available. You can repeat the call
-     *          using the returned token to retrieve the next page.</p>
-     */
-    nextToken?: string;
-}
-/**
- * @public
- */
-export interface ListLogSourcesResponse {
-    /**
-     * <p>Lists the log sources by Regions for enabled Security Lake accounts.</p>
-     */
-    regionSourceTypesAccountsList: Record<string, Record<string, string[]>>[] | undefined;
-    /**
-     * <p>If nextToken is returned, there are more results available. You can repeat the call
-     *       using the returned token to retrieve the next page.</p>
-     */
-    nextToken?: string;
-}
 /**
  * @public
  */
@@ -1503,7 +1614,7 @@ export interface ListSubscribersResponse {
     /**
      * <p>The subscribers available for the specified Security Lake account ID.</p>
      */
-    subscribers: SubscriberResource[] | undefined;
+    subscribers?: SubscriberResource[];
     /**
      * <p>If nextToken is returned, there are more results available. You can repeat the call
      *          using the returned token to retrieve the next page.</p>
@@ -1513,125 +1624,93 @@ export interface ListSubscribersResponse {
 /**
  * @public
  */
-export interface UpdateDatalakeRequest {
-    /**
-     * <p>Specify the Region or Regions that will contribute data to the rollup region.</p>
-     */
-    configurations: Record<string, LakeConfigurationRequest> | undefined;
-}
-/**
- * @public
- */
-export interface UpdateDatalakeResponse {
-}
-/**
- * @public
- */
-export interface UpdateDatalakeExceptionsExpiryRequest {
-    /**
-     * <p>The time-to-live (TTL) for the exception message to remain.</p>
-     */
-    exceptionMessageExpiry: number | undefined;
-}
-/**
- * @public
- */
-export interface UpdateDatalakeExceptionsExpiryResponse {
-}
-/**
- * @public
- */
-export interface UpdateDatalakeExceptionsSubscriptionRequest {
-    /**
-     * <p>The subscription protocol to which exception messages are posted. </p>
-     */
-    subscriptionProtocol: SubscriptionProtocolType | string | undefined;
+export interface RegisterDataLakeDelegatedAdministratorRequest {
     /**
-     * <p>The account that is subscribed to receive exception notifications.</p>
+     * <p>The Amazon Web Services account ID of the Security Lake delegated administrator.</p>
      */
-    notificationEndpoint: string | undefined;
+    accountId: string | undefined;
 }
 /**
  * @public
  */
-export interface UpdateDatalakeExceptionsSubscriptionResponse {
+export interface RegisterDataLakeDelegatedAdministratorResponse {
 }
 /**
  * @public
  */
 export interface UpdateSubscriberRequest {
     /**
-     * <p>A value created by Security Lake that uniquely identifies your subscription. </p>
+     * <p>A value created by Security Lake that uniquely identifies your subscription.</p>
      */
-    id: string | undefined;
+    subscriberId: string | undefined;
     /**
-     * <p>The supported Amazon Web Services from which logs and events are collected. For
-     *          the list of supported Amazon Web Services, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html">Amazon Security Lake User Guide</a>.</p>
-     */
-    sourceTypes: SourceType[] | undefined;
-    /**
-     * <p>The external ID of the Security Lake account.</p>
+     * <p>The AWS identity used to access your data.</p>
      */
-    externalId?: string;
+    subscriberIdentity?: AwsIdentity;
     /**
-     * <p>The name of the Security Lake account subscriber. </p>
+     * <p>The name of the Security Lake account subscriber.</p>
      */
     subscriberName?: string;
     /**
      * <p>The description of the Security Lake account subscriber.</p>
      */
     subscriberDescription?: string;
+    /**
+     * <p>The supported Amazon Web Services from which logs and events are collected. For
+     *          the list of supported Amazon Web Services, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html">Amazon Security Lake User Guide</a>.</p>
+     */
+    sources?: LogSourceResource[];
 }
 /**
  * @public
  */
 export interface UpdateSubscriberResponse {
     /**
-     * <p>The account of the subscriber.</p>
+     * <p>The updated subscriber information.</p>
      */
     subscriber?: SubscriberResource;
 }
 /**
  * @public
  */
-export interface UpdateSubscriptionNotificationConfigurationRequest {
+export interface UpdateSubscriberNotificationRequest {
     /**
-     * <p>The subscription ID for which the subscription notification is specified. </p>
+     * <p>The subscription ID for which the subscription notification is specified.</p>
      */
-    subscriptionId: string | undefined;
+    subscriberId: string | undefined;
     /**
-     * <p>The subscription endpoint in Security Lake.</p>
+     * <p>The configuration for subscriber notification.</p>
      */
-    subscriptionEndpoint?: string;
-    /**
-     * <p>The key name for the subscription notification.</p>
-     */
-    httpsApiKeyName?: string;
+    configuration: NotificationConfiguration | undefined;
+}
+/**
+ * @public
+ */
+export interface UpdateSubscriberNotificationResponse {
     /**
-     * <p>The key value for the subscription notification.</p>
+     * <p>The subscriber endpoint to which exception messages are posted.</p>
      */
-    httpsApiKeyValue?: string;
+    subscriberEndpoint?: string;
+}
+/**
+ * @public
+ */
+export interface UpdateDataLakeExceptionSubscriptionRequest {
     /**
-     * <p>The HTTPS method used for the subscription notification. </p>
+     * <p>The subscription protocol to which exception messages are posted.</p>
      */
-    httpsMethod?: HttpsMethod | string;
+    subscriptionProtocol: string | undefined;
     /**
-     * <p>Create a new subscription notification for the specified subscription ID in
-     *          Amazon Security Lake.</p>
+     * <p>The account that is subscribed to receive exception notifications.</p>
      */
-    createSqs?: boolean;
+    notificationEndpoint: string | undefined;
     /**
-     * <p>The Amazon Resource Name (ARN) specifying the role of the subscriber. For more information about ARNs and how to use them in policies, see, see the <a href="https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html">Managing data access</a> and <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html">Amazon Web Services Managed Policies</a>in the Amazon Security Lake User
-     *          Guide.</p>
+     * <p>The time-to-live (TTL) for the exception message to remain.</p>
      */
-    roleArn?: string;
+    exceptionTimeToLive?: number;
 }
 /**
  * @public
  */
-export interface UpdateSubscriptionNotificationConfigurationResponse {
-    /**
-     * <p>Returns the ARN of the queue.</p>
-     */
-    queueArn?: string;
+export interface UpdateDataLakeExceptionSubscriptionResponse {
 }