From 4fd4b72d1a40237285232f1b16c1d13de4f1220d Mon Sep 17 00:00:00 2001
From: aws-sdk-go-automation
<43143561+aws-sdk-go-automation@users.noreply.github.com>
Date: Wed, 5 Jan 2022 11:22:01 -0800
Subject: [PATCH] Release v1.42.28 (2022-01-05) (#4229)
Release v1.42.28 (2022-01-05)
===
### Service Client Updates
* `service/appstream`: Updates service API and documentation
* Includes APIs for App Entitlement management regarding entitlement and entitled application association.
* `service/cloudtrail`: Updates service API, documentation, and paginators
* This release adds support for CloudTrail Lake, a new feature that lets you run SQL-based queries on events that you have aggregated into event data stores. New APIs have been added for creating and managing event data stores, and creating, running, and managing queries in CloudTrail Lake.
* `service/ec2`: Updates service API and documentation
* This release adds a new API called ModifyVpcEndpointServicePayerResponsibility which allows VPC endpoint service owners to take payer responsibility of their VPC Endpoint connections.
* `service/ecs`: Updates service documentation
* Documentation update for ticket fixes.
* `service/eks`: Updates service API and documentation
* `service/glue`: Updates service API, documentation, and paginators
* Add Delta Lake target support for Glue Crawler and 3rd Party Support for Lake Formation
* `service/iot`: Updates service API and documentation
* This release adds an automatic retry mechanism for AWS IoT Jobs. You can now define a maximum number of retries for each Job rollout, along with the criteria to trigger the retry for FAILED/TIMED_OUT/ALL(both FAILED an TIMED_OUT) job.
* `service/lakeformation`: Updates service API and documentation
* `service/quicksight`: Updates service documentation
* Multiple Doc-only updates for Amazon QuickSight.
* `service/sagemaker`: Updates service API
* Amazon SageMaker now supports running training jobs on ml.g5 instance types.
* `service/snowball`: Updates service API, documentation, and examples
* Updating validation rules for interfaces used in the Snowball API to tighten security of service.
---
CHANGELOG.md | 25 +
aws/endpoints/defaults.go | 155 +
aws/version.go | 2 +-
models/apis/appstream/2016-12-01/api-2.json | 307 +
models/apis/appstream/2016-12-01/docs-2.json | 169 +
models/apis/cloudtrail/2013-11-01/api-2.json | 710 +-
models/apis/cloudtrail/2013-11-01/docs-2.json | 466 +-
.../cloudtrail/2013-11-01/paginators-1.json | 14 +
models/apis/ec2/2016-11-15/api-2.json | 50 +-
models/apis/ec2/2016-11-15/docs-2.json | 32 +-
models/apis/ecs/2014-11-13/docs-2.json | 8 +-
models/apis/eks/2017-11-01/api-2.json | 14 +-
models/apis/eks/2017-11-01/docs-2.json | 14 +-
models/apis/glue/2017-03-31/api-2.json | 223 +-
models/apis/glue/2017-03-31/docs-2.json | 165 +-
models/apis/glue/2017-03-31/paginators-1.json | 5 +
models/apis/iot/2015-05-28/api-2.json | 57 +-
models/apis/iot/2015-05-28/docs-2.json | 43 +-
.../apis/lakeformation/2017-03-31/api-2.json | 146 +-
.../apis/lakeformation/2017-03-31/docs-2.json | 126 +-
models/apis/quicksight/2018-04-01/docs-2.json | 8 +-
models/apis/sagemaker/2017-07-24/api-2.json | 10 +-
models/apis/snowball/2016-06-30/api-2.json | 5 +-
models/apis/snowball/2016-06-30/docs-2.json | 2 +-
.../apis/snowball/2016-06-30/examples-1.json | 4 +-
models/endpoints/endpoints.json | 86 +
service/appstream/api.go | 2137 +++-
service/appstream/appstreamiface/interface.go | 28 +
service/appstream/errors.go | 14 +
service/cloudtrail/api.go | 8729 ++++++++++++-----
.../cloudtrail/cloudtrailiface/interface.go | 53 +
service/cloudtrail/errors.go | 107 +
service/ec2/api.go | 209 +
service/ec2/ec2iface/interface.go | 4 +
service/ecs/api.go | 8 +-
service/eks/api.go | 88 +-
service/glue/api.go | 1159 +++
service/glue/errors.go | 5 +
service/glue/glueiface/interface.go | 15 +
service/iot/api.go | 229 +-
service/lakeformation/api.go | 754 +-
service/lakeformation/errors.go | 10 +
.../lakeformationiface/interface.go | 8 +
service/quicksight/api.go | 15 +-
service/sagemaker/api.go | 32 +
service/snowball/api.go | 42 +-
service/snowball/examples_test.go | 4 +-
47 files changed, 14024 insertions(+), 2472 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 24f953d57f6..5439b327c78 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,28 @@
+Release v1.42.28 (2022-01-05)
+===
+
+### Service Client Updates
+* `service/appstream`: Updates service API and documentation
+ * Includes APIs for App Entitlement management regarding entitlement and entitled application association.
+* `service/cloudtrail`: Updates service API, documentation, and paginators
+ * This release adds support for CloudTrail Lake, a new feature that lets you run SQL-based queries on events that you have aggregated into event data stores. New APIs have been added for creating and managing event data stores, and creating, running, and managing queries in CloudTrail Lake.
+* `service/ec2`: Updates service API and documentation
+ * This release adds a new API called ModifyVpcEndpointServicePayerResponsibility which allows VPC endpoint service owners to take payer responsibility of their VPC Endpoint connections.
+* `service/ecs`: Updates service documentation
+ * Documentation update for ticket fixes.
+* `service/eks`: Updates service API and documentation
+* `service/glue`: Updates service API, documentation, and paginators
+ * Add Delta Lake target support for Glue Crawler and 3rd Party Support for Lake Formation
+* `service/iot`: Updates service API and documentation
+ * This release adds an automatic retry mechanism for AWS IoT Jobs. You can now define a maximum number of retries for each Job rollout, along with the criteria to trigger the retry for FAILED/TIMED_OUT/ALL(both FAILED an TIMED_OUT) job.
+* `service/lakeformation`: Updates service API and documentation
+* `service/quicksight`: Updates service documentation
+ * Multiple Doc-only updates for Amazon QuickSight.
+* `service/sagemaker`: Updates service API
+ * Amazon SageMaker now supports running training jobs on ml.g5 instance types.
+* `service/snowball`: Updates service API, documentation, and examples
+ * Updating validation rules for interfaces used in the Snowball API to tighten security of service.
+
Release v1.42.27 (2022-01-04)
===
diff --git a/aws/endpoints/defaults.go b/aws/endpoints/defaults.go
index fd4be7b4b52..19172862ee7 100644
--- a/aws/endpoints/defaults.go
+++ b/aws/endpoints/defaults.go
@@ -17303,6 +17303,123 @@ var awsPartition = partition{
},
},
},
+ "s3-outposts": service{
+ Endpoints: serviceEndpoints{
+ endpointKey{
+ Region: "af-south-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "ap-east-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "ap-northeast-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "ap-northeast-2",
+ }: endpoint{},
+ endpointKey{
+ Region: "ap-northeast-3",
+ }: endpoint{},
+ endpointKey{
+ Region: "ap-south-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "ap-southeast-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "ap-southeast-2",
+ }: endpoint{},
+ endpointKey{
+ Region: "ca-central-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "ca-central-1",
+ Variant: fipsVariant,
+ }: endpoint{},
+ endpointKey{
+ Region: "eu-central-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "eu-north-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "eu-south-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "eu-west-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "eu-west-2",
+ }: endpoint{},
+ endpointKey{
+ Region: "eu-west-3",
+ }: endpoint{},
+ endpointKey{
+ Region: "fips-ca-central-1",
+ }: endpoint{
+
+ Deprecated: boxedTrue,
+ },
+ endpointKey{
+ Region: "fips-us-east-1",
+ }: endpoint{
+
+ Deprecated: boxedTrue,
+ },
+ endpointKey{
+ Region: "fips-us-east-2",
+ }: endpoint{
+
+ Deprecated: boxedTrue,
+ },
+ endpointKey{
+ Region: "fips-us-west-1",
+ }: endpoint{
+
+ Deprecated: boxedTrue,
+ },
+ endpointKey{
+ Region: "fips-us-west-2",
+ }: endpoint{
+
+ Deprecated: boxedTrue,
+ },
+ endpointKey{
+ Region: "me-south-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "sa-east-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "us-east-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "us-east-1",
+ Variant: fipsVariant,
+ }: endpoint{},
+ endpointKey{
+ Region: "us-east-2",
+ }: endpoint{},
+ endpointKey{
+ Region: "us-east-2",
+ Variant: fipsVariant,
+ }: endpoint{},
+ endpointKey{
+ Region: "us-west-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "us-west-1",
+ Variant: fipsVariant,
+ }: endpoint{},
+ endpointKey{
+ Region: "us-west-2",
+ }: endpoint{},
+ endpointKey{
+ Region: "us-west-2",
+ Variant: fipsVariant,
+ }: endpoint{},
+ },
+ },
"savingsplans": service{
PartitionEndpoint: "aws-global",
IsRegionalized: boxedFalse,
@@ -25931,6 +26048,14 @@ var awsusgovPartition = partition{
},
"oidc": service{
Endpoints: serviceEndpoints{
+ endpointKey{
+ Region: "us-gov-east-1",
+ }: endpoint{
+ Hostname: "oidc.us-gov-east-1.amazonaws.com",
+ CredentialScope: credentialScope{
+ Region: "us-gov-east-1",
+ },
+ },
endpointKey{
Region: "us-gov-west-1",
}: endpoint{
@@ -26591,6 +26716,36 @@ var awsusgovPartition = partition{
},
},
},
+ "s3-outposts": service{
+ Endpoints: serviceEndpoints{
+ endpointKey{
+ Region: "fips-us-gov-east-1",
+ }: endpoint{
+
+ Deprecated: boxedTrue,
+ },
+ endpointKey{
+ Region: "fips-us-gov-west-1",
+ }: endpoint{
+
+ Deprecated: boxedTrue,
+ },
+ endpointKey{
+ Region: "us-gov-east-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "us-gov-east-1",
+ Variant: fipsVariant,
+ }: endpoint{},
+ endpointKey{
+ Region: "us-gov-west-1",
+ }: endpoint{},
+ endpointKey{
+ Region: "us-gov-west-1",
+ Variant: fipsVariant,
+ }: endpoint{},
+ },
+ },
"secretsmanager": service{
Endpoints: serviceEndpoints{
endpointKey{
diff --git a/aws/version.go b/aws/version.go
index 64ba127dfaf..c0d879afe71 100644
--- a/aws/version.go
+++ b/aws/version.go
@@ -5,4 +5,4 @@ package aws
const SDKName = "aws-sdk-go"
// SDKVersion is the version of this SDK
-const SDKVersion = "1.42.27"
+const SDKVersion = "1.42.28"
diff --git a/models/apis/appstream/2016-12-01/api-2.json b/models/apis/appstream/2016-12-01/api-2.json
index ff17b856e5b..93b69b902a2 100644
--- a/models/apis/appstream/2016-12-01/api-2.json
+++ b/models/apis/appstream/2016-12-01/api-2.json
@@ -29,6 +29,22 @@
{"shape":"OperationNotPermittedException"}
]
},
+ "AssociateApplicationToEntitlement":{
+ "name":"AssociateApplicationToEntitlement",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"AssociateApplicationToEntitlementRequest"},
+ "output":{"shape":"AssociateApplicationToEntitlementResult"},
+ "errors":[
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"ResourceNotFoundException"},
+ {"shape":"EntitlementNotFoundException"},
+ {"shape":"LimitExceededException"},
+ {"shape":"OperationNotPermittedException"}
+ ]
+ },
"AssociateFleet":{
"name":"AssociateFleet",
"http":{
@@ -137,6 +153,21 @@
{"shape":"InvalidRoleException"}
]
},
+ "CreateEntitlement":{
+ "name":"CreateEntitlement",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"CreateEntitlementRequest"},
+ "output":{"shape":"CreateEntitlementResult"},
+ "errors":[
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"ResourceNotFoundException"},
+ {"shape":"LimitExceededException"},
+ {"shape":"EntitlementAlreadyExistsException"}
+ ]
+ },
"CreateFleet":{
"name":"CreateFleet",
"http":{
@@ -317,6 +348,22 @@
{"shape":"ResourceNotFoundException"}
]
},
+ "DeleteEntitlement":{
+ "name":"DeleteEntitlement",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"DeleteEntitlementRequest"},
+ "output":{"shape":"DeleteEntitlementResult"},
+ "errors":[
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"ResourceNotFoundException"},
+ {"shape":"EntitlementNotFoundException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"ConcurrentModificationException"}
+ ]
+ },
"DeleteFleet":{
"name":"DeleteFleet",
"http":{
@@ -384,6 +431,7 @@
"errors":[
{"shape":"ResourceInUseException"},
{"shape":"ResourceNotFoundException"},
+ {"shape":"OperationNotPermittedException"},
{"shape":"ConcurrentModificationException"}
]
},
@@ -463,6 +511,20 @@
{"shape":"ResourceNotFoundException"}
]
},
+ "DescribeEntitlements":{
+ "name":"DescribeEntitlements",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"DescribeEntitlementsRequest"},
+ "output":{"shape":"DescribeEntitlementsResult"},
+ "errors":[
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"ResourceNotFoundException"},
+ {"shape":"EntitlementNotFoundException"}
+ ]
+ },
"DescribeFleets":{
"name":"DescribeFleets",
"http":{
@@ -602,6 +664,21 @@
{"shape":"OperationNotPermittedException"}
]
},
+ "DisassociateApplicationFromEntitlement":{
+ "name":"DisassociateApplicationFromEntitlement",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"DisassociateApplicationFromEntitlementRequest"},
+ "output":{"shape":"DisassociateApplicationFromEntitlementResult"},
+ "errors":[
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"ResourceNotFoundException"},
+ {"shape":"EntitlementNotFoundException"},
+ {"shape":"OperationNotPermittedException"}
+ ]
+ },
"DisassociateFleet":{
"name":"DisassociateFleet",
"http":{
@@ -657,6 +734,20 @@
"input":{"shape":"ListAssociatedStacksRequest"},
"output":{"shape":"ListAssociatedStacksResult"}
},
+ "ListEntitledApplications":{
+ "name":"ListEntitledApplications",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"ListEntitledApplicationsRequest"},
+ "output":{"shape":"ListEntitledApplicationsResult"},
+ "errors":[
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"ResourceNotFoundException"},
+ {"shape":"EntitlementNotFoundException"}
+ ]
+ },
"ListTagsForResource":{
"name":"ListTagsForResource",
"http":{
@@ -787,6 +878,21 @@
{"shape":"InvalidRoleException"}
]
},
+ "UpdateEntitlement":{
+ "name":"UpdateEntitlement",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"UpdateEntitlementRequest"},
+ "output":{"shape":"UpdateEntitlementResult"},
+ "errors":[
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"ResourceNotFoundException"},
+ {"shape":"EntitlementNotFoundException"},
+ {"shape":"ConcurrentModificationException"}
+ ]
+ },
"UpdateFleet":{
"name":"UpdateFleet",
"http":{
@@ -907,6 +1013,13 @@
"type":"list",
"member":{"shape":"AppBlock"}
},
+ "AppVisibility":{
+ "type":"string",
+ "enum":[
+ "ALL",
+ "ASSOCIATED"
+ ]
+ },
"Application":{
"type":"structure",
"members":{
@@ -1006,6 +1119,24 @@
"ApplicationFleetAssociation":{"shape":"ApplicationFleetAssociation"}
}
},
+ "AssociateApplicationToEntitlementRequest":{
+ "type":"structure",
+ "required":[
+ "StackName",
+ "EntitlementName",
+ "ApplicationIdentifier"
+ ],
+ "members":{
+ "StackName":{"shape":"Name"},
+ "EntitlementName":{"shape":"Name"},
+ "ApplicationIdentifier":{"shape":"String"}
+ }
+ },
+ "AssociateApplicationToEntitlementResult":{
+ "type":"structure",
+ "members":{
+ }
+ },
"AssociateFleetRequest":{
"type":"structure",
"required":[
@@ -1182,6 +1313,28 @@
"DirectoryConfig":{"shape":"DirectoryConfig"}
}
},
+ "CreateEntitlementRequest":{
+ "type":"structure",
+ "required":[
+ "Name",
+ "StackName",
+ "AppVisibility",
+ "Attributes"
+ ],
+ "members":{
+ "Name":{"shape":"Name"},
+ "StackName":{"shape":"Name"},
+ "Description":{"shape":"Description"},
+ "AppVisibility":{"shape":"AppVisibility"},
+ "Attributes":{"shape":"EntitlementAttributeList"}
+ }
+ },
+ "CreateEntitlementResult":{
+ "type":"structure",
+ "members":{
+ "Entitlement":{"shape":"Entitlement"}
+ }
+ },
"CreateFleetRequest":{
"type":"structure",
"required":[
@@ -1395,6 +1548,22 @@
"members":{
}
},
+ "DeleteEntitlementRequest":{
+ "type":"structure",
+ "required":[
+ "Name",
+ "StackName"
+ ],
+ "members":{
+ "Name":{"shape":"Name"},
+ "StackName":{"shape":"Name"}
+ }
+ },
+ "DeleteEntitlementResult":{
+ "type":"structure",
+ "members":{
+ }
+ },
"DeleteFleetRequest":{
"type":"structure",
"required":["Name"],
@@ -1548,6 +1717,23 @@
"NextToken":{"shape":"String"}
}
},
+ "DescribeEntitlementsRequest":{
+ "type":"structure",
+ "required":["StackName"],
+ "members":{
+ "Name":{"shape":"Name"},
+ "StackName":{"shape":"Name"},
+ "NextToken":{"shape":"String"},
+ "MaxResults":{"shape":"Integer"}
+ }
+ },
+ "DescribeEntitlementsResult":{
+ "type":"structure",
+ "members":{
+ "Entitlements":{"shape":"EntitlementList"},
+ "NextToken":{"shape":"String"}
+ }
+ },
"DescribeFleetsRequest":{
"type":"structure",
"members":{
@@ -1756,6 +1942,24 @@
"members":{
}
},
+ "DisassociateApplicationFromEntitlementRequest":{
+ "type":"structure",
+ "required":[
+ "StackName",
+ "EntitlementName",
+ "ApplicationIdentifier"
+ ],
+ "members":{
+ "StackName":{"shape":"Name"},
+ "EntitlementName":{"shape":"Name"},
+ "ApplicationIdentifier":{"shape":"String"}
+ }
+ },
+ "DisassociateApplicationFromEntitlementResult":{
+ "type":"structure",
+ "members":{
+ }
+ },
"DisassociateFleetRequest":{
"type":"structure",
"required":[
@@ -1820,6 +2024,69 @@
"members":{
}
},
+ "EntitledApplication":{
+ "type":"structure",
+ "required":["ApplicationIdentifier"],
+ "members":{
+ "ApplicationIdentifier":{"shape":"String"}
+ }
+ },
+ "EntitledApplicationList":{
+ "type":"list",
+ "member":{"shape":"EntitledApplication"}
+ },
+ "Entitlement":{
+ "type":"structure",
+ "required":[
+ "Name",
+ "StackName",
+ "AppVisibility",
+ "Attributes"
+ ],
+ "members":{
+ "Name":{"shape":"Name"},
+ "StackName":{"shape":"Name"},
+ "Description":{"shape":"Description"},
+ "AppVisibility":{"shape":"AppVisibility"},
+ "Attributes":{"shape":"EntitlementAttributeList"},
+ "CreatedTime":{"shape":"Timestamp"},
+ "LastModifiedTime":{"shape":"Timestamp"}
+ }
+ },
+ "EntitlementAlreadyExistsException":{
+ "type":"structure",
+ "members":{
+ "Message":{"shape":"ErrorMessage"}
+ },
+ "exception":true
+ },
+ "EntitlementAttribute":{
+ "type":"structure",
+ "required":[
+ "Name",
+ "Value"
+ ],
+ "members":{
+ "Name":{"shape":"String"},
+ "Value":{"shape":"String"}
+ }
+ },
+ "EntitlementAttributeList":{
+ "type":"list",
+ "member":{"shape":"EntitlementAttribute"},
+ "min":1
+ },
+ "EntitlementList":{
+ "type":"list",
+ "member":{"shape":"Entitlement"}
+ },
+ "EntitlementNotFoundException":{
+ "type":"structure",
+ "members":{
+ "Message":{"shape":"ErrorMessage"}
+ },
+ "exception":true
+ },
"ErrorMessage":{"type":"string"},
"ExpireSessionRequest":{
"type":"structure",
@@ -2149,6 +2416,26 @@
"NextToken":{"shape":"String"}
}
},
+ "ListEntitledApplicationsRequest":{
+ "type":"structure",
+ "required":[
+ "StackName",
+ "EntitlementName"
+ ],
+ "members":{
+ "StackName":{"shape":"Name"},
+ "EntitlementName":{"shape":"Name"},
+ "NextToken":{"shape":"String"},
+ "MaxResults":{"shape":"Integer"}
+ }
+ },
+ "ListEntitledApplicationsResult":{
+ "type":"structure",
+ "members":{
+ "EntitledApplications":{"shape":"EntitledApplicationList"},
+ "NextToken":{"shape":"String"}
+ }
+ },
"ListTagsForResourceRequest":{
"type":"structure",
"required":["ResourceArn"],
@@ -2653,6 +2940,26 @@
"DirectoryConfig":{"shape":"DirectoryConfig"}
}
},
+ "UpdateEntitlementRequest":{
+ "type":"structure",
+ "required":[
+ "Name",
+ "StackName"
+ ],
+ "members":{
+ "Name":{"shape":"Name"},
+ "StackName":{"shape":"Name"},
+ "Description":{"shape":"Description"},
+ "AppVisibility":{"shape":"AppVisibility"},
+ "Attributes":{"shape":"EntitlementAttributeList"}
+ }
+ },
+ "UpdateEntitlementResult":{
+ "type":"structure",
+ "members":{
+ "Entitlement":{"shape":"Entitlement"}
+ }
+ },
"UpdateFleetRequest":{
"type":"structure",
"members":{
diff --git a/models/apis/appstream/2016-12-01/docs-2.json b/models/apis/appstream/2016-12-01/docs-2.json
index 04acbab9667..c385d609403 100644
--- a/models/apis/appstream/2016-12-01/docs-2.json
+++ b/models/apis/appstream/2016-12-01/docs-2.json
@@ -3,6 +3,7 @@
"service": "Amazon AppStream 2.0 This is the Amazon AppStream 2.0 API Reference. This documentation provides descriptions and syntax for each of the actions and data types in AppStream 2.0. AppStream 2.0 is a fully managed, secure application streaming service that lets you stream desktop applications to users without rewriting applications. AppStream 2.0 manages the AWS resources that are required to host and run your applications, scales automatically, and provides access to your users on demand.
You can call the AppStream 2.0 API operations by using an interface VPC endpoint (interface endpoint). For more information, see Access AppStream 2.0 API Operations and CLI Commands Through an Interface VPC Endpoint in the Amazon AppStream 2.0 Administration Guide.
To learn more about AppStream 2.0, see the following resources:
",
"operations": {
"AssociateApplicationFleet": "Associates the specified application with the specified fleet. This is only supported for Elastic fleets.
",
+ "AssociateApplicationToEntitlement": "Associates an application to entitle.
",
"AssociateFleet": "Associates the specified fleet with the specified stack.
",
"BatchAssociateUserStack": "Associates the specified users with the specified stacks. Users in a user pool cannot be assigned to stacks with fleets that are joined to an Active Directory domain.
",
"BatchDisassociateUserStack": "Disassociates the specified users from the specified stacks.
",
@@ -10,6 +11,7 @@
"CreateAppBlock": "Creates an app block.
App blocks are an Amazon AppStream 2.0 resource that stores the details about the virtual hard disk in an S3 bucket. It also stores the setup script with details about how to mount the virtual hard disk. The virtual hard disk includes the application binaries and other files necessary to launch your applications. Multiple applications can be assigned to a single app block.
This is only supported for Elastic fleets.
",
"CreateApplication": "Creates an application.
Applications are an Amazon AppStream 2.0 resource that stores the details about how to launch applications on Elastic fleet streaming instances. An application consists of the launch details, icon, and display name. Applications are associated with an app block that contains the application binaries and other files. The applications assigned to an Elastic fleet are the applications users can launch.
This is only supported for Elastic fleets.
",
"CreateDirectoryConfig": "Creates a Directory Config object in AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains.
",
+ "CreateEntitlement": "Creates a new entitlement. Entitlements control access to specific applications within a stack, based on user attributes. Entitlements apply to SAML 2.0 federated user identities. Amazon AppStream 2.0 user pool and streaming URL users are entitled to all applications in a stack. Entitlements don't apply to the desktop stream view application, or to applications managed by a dynamic app provider using the Dynamic Application Framework.
",
"CreateFleet": "Creates a fleet. A fleet consists of streaming instances that run a specified image when using Always-On or On-Demand.
",
"CreateImageBuilder": "Creates an image builder. An image builder is a virtual machine that is used to create an image.
The initial state of the builder is PENDING. When it is ready, the state is RUNNING.
",
"CreateImageBuilderStreamingURL": "Creates a URL to start an image builder streaming session.
",
@@ -21,6 +23,7 @@
"DeleteAppBlock": "Deletes an app block.
",
"DeleteApplication": "Deletes an application.
",
"DeleteDirectoryConfig": "Deletes the specified Directory Config object from AppStream 2.0. This object includes the information required to join streaming instances to an Active Directory domain.
",
+ "DeleteEntitlement": "Deletes the specified entitlement.
",
"DeleteFleet": "Deletes the specified fleet.
",
"DeleteImage": "Deletes the specified image. You cannot delete an image when it is in use. After you delete an image, you cannot provision new capacity using the image.
",
"DeleteImageBuilder": "Deletes the specified image builder and releases the capacity.
",
@@ -32,6 +35,7 @@
"DescribeApplicationFleetAssociations": "Retrieves a list that describes one or more application fleet associations. Either ApplicationArn or FleetName must be specified.
",
"DescribeApplications": "Retrieves a list that describes one or more applications.
",
"DescribeDirectoryConfigs": "Retrieves a list that describes one or more specified Directory Config objects for AppStream 2.0, if the names for these objects are provided. Otherwise, all Directory Config objects in the account are described. These objects include the configuration information required to join fleets and image builders to Microsoft Active Directory domains.
Although the response syntax in this topic includes the account password, this password is not returned in the actual response.
",
+ "DescribeEntitlements": "Retrieves a list that describes one of more entitlements.
",
"DescribeFleets": "Retrieves a list that describes one or more specified fleets, if the fleet names are provided. Otherwise, all fleets in the account are described.
",
"DescribeImageBuilders": "Retrieves a list that describes one or more specified image builders, if the image builder names are provided. Otherwise, all image builders in the account are described.
",
"DescribeImagePermissions": "Retrieves a list that describes the permissions for shared AWS account IDs on a private image that you own.
",
@@ -43,11 +47,13 @@
"DescribeUsers": "Retrieves a list that describes one or more specified users in the user pool.
",
"DisableUser": "Disables the specified user in the user pool. Users can't sign in to AppStream 2.0 until they are re-enabled. This action does not delete the user.
",
"DisassociateApplicationFleet": "Disassociates the specified application from the fleet.
",
+ "DisassociateApplicationFromEntitlement": "Deletes the specified application from the specified entitlement.
",
"DisassociateFleet": "Disassociates the specified fleet from the specified stack.
",
"EnableUser": "Enables a user in the user pool. After being enabled, users can sign in to AppStream 2.0 and open applications from the stacks to which they are assigned.
",
"ExpireSession": "Immediately stops the specified streaming session.
",
"ListAssociatedFleets": "Retrieves the name of the fleet that is associated with the specified stack.
",
"ListAssociatedStacks": "Retrieves the name of the stack with which the specified fleet is associated.
",
+ "ListEntitledApplications": "Retrieves a list of entitled applications.
",
"ListTagsForResource": "Retrieves a list of all tags for the specified AppStream 2.0 resource. You can tag AppStream 2.0 image builders, images, fleets, and stacks.
For more information about tags, see Tagging Your Resources in the Amazon AppStream 2.0 Administration Guide.
",
"StartFleet": "Starts the specified fleet.
",
"StartImageBuilder": "Starts the specified image builder.
",
@@ -57,6 +63,7 @@
"UntagResource": "Disassociates one or more specified tags from the specified AppStream 2.0 resource.
To list the current tags for your resources, use ListTagsForResource.
For more information about tags, see Tagging Your Resources in the Amazon AppStream 2.0 Administration Guide.
",
"UpdateApplication": "Updates the specified application.
",
"UpdateDirectoryConfig": "Updates the specified Directory Config object in AppStream 2.0. This object includes the configuration information required to join fleets and image builders to Microsoft Active Directory domains.
",
+ "UpdateEntitlement": "Updates the specified entitlement.
",
"UpdateFleet": "Updates the specified fleet.
If the fleet is in the STOPPED state, you can update any attribute except the fleet name.
If the fleet is in the RUNNING state, you can update the following based on the fleet type:
-
Always-On and On-Demand fleet types
You can update the DisplayName, ComputeCapacity, ImageARN, ImageName, IdleDisconnectTimeoutInSeconds, and DisconnectTimeoutInSeconds attributes.
-
Elastic fleet type
You can update the DisplayName, IdleDisconnectTimeoutInSeconds, DisconnectTimeoutInSeconds, MaxConcurrentSessions, and UsbDeviceFilterStrings attributes.
If the fleet is in the STARTING or STOPPED state, you can't update it.
",
"UpdateImagePermissions": "Adds or updates permissions for the specified private image.
",
"UpdateStack": "Updates the specified fields for the specified stack.
"
@@ -115,6 +122,14 @@
"DescribeAppBlocksResult$AppBlocks": "The app blocks in the list.
"
}
},
+ "AppVisibility": {
+ "base": null,
+ "refs": {
+ "CreateEntitlementRequest$AppVisibility": "Specifies whether all or selected apps are entitled.
",
+ "Entitlement$AppVisibility": "Specifies whether all or selected apps are entitled.
",
+ "UpdateEntitlementRequest$AppVisibility": "Specifies whether all or only selected apps are entitled.
"
+ }
+ },
"Application": {
"base": "Describes an application in the application catalog.
",
"refs": {
@@ -229,6 +244,16 @@
"refs": {
}
},
+ "AssociateApplicationToEntitlementRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "AssociateApplicationToEntitlementResult": {
+ "base": null,
+ "refs": {
+ }
+ },
"AssociateFleetRequest": {
"base": null,
"refs": {
@@ -374,6 +399,16 @@
"refs": {
}
},
+ "CreateEntitlementRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "CreateEntitlementResult": {
+ "base": null,
+ "refs": {
+ }
+ },
"CreateFleetRequest": {
"base": null,
"refs": {
@@ -484,6 +519,16 @@
"refs": {
}
},
+ "DeleteEntitlementRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "DeleteEntitlementResult": {
+ "base": null,
+ "refs": {
+ }
+ },
"DeleteFleetRequest": {
"base": null,
"refs": {
@@ -594,6 +639,16 @@
"refs": {
}
},
+ "DescribeEntitlementsRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "DescribeEntitlementsResult": {
+ "base": null,
+ "refs": {
+ }
+ },
"DescribeFleetsRequest": {
"base": null,
"refs": {
@@ -696,11 +751,14 @@
"CopyImageRequest$DestinationImageDescription": "The description that the image will have when it is copied to the destination.
",
"CreateAppBlockRequest$Description": "The description of the app block.
",
"CreateApplicationRequest$Description": "The description of the application.
",
+ "CreateEntitlementRequest$Description": "The description of the entitlement.
",
"CreateFleetRequest$Description": "The description to display.
",
"CreateImageBuilderRequest$Description": "The description to display.
",
"CreateStackRequest$Description": "The description to display.
",
"CreateUpdatedImageRequest$newImageDescription": "The description to display for the new image.
",
+ "Entitlement$Description": "The description of the entitlement.
",
"UpdateApplicationRequest$Description": "The description of the application.
",
+ "UpdateEntitlementRequest$Description": "The description of the entitlement.
",
"UpdateFleetRequest$Description": "The description to display.
",
"UpdateStackRequest$Description": "The description to display.
"
}
@@ -756,6 +814,16 @@
"refs": {
}
},
+ "DisassociateApplicationFromEntitlementRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "DisassociateApplicationFromEntitlementResult": {
+ "base": null,
+ "refs": {
+ }
+ },
"DisassociateFleetRequest": {
"base": null,
"refs": {
@@ -826,10 +894,62 @@
"refs": {
}
},
+ "EntitledApplication": {
+ "base": "The application associated to an entitlement. Access is controlled based on user attributes.
",
+ "refs": {
+ "EntitledApplicationList$member": null
+ }
+ },
+ "EntitledApplicationList": {
+ "base": null,
+ "refs": {
+ "ListEntitledApplicationsResult$EntitledApplications": "The entitled applications.
"
+ }
+ },
+ "Entitlement": {
+ "base": "Specifies an entitlement. Entitlements control access to specific applications within a stack, based on user attributes. Entitlements apply to SAML 2.0 federated user identities. Amazon AppStream 2.0 user pool and streaming URL users are entitled to all applications in a stack. Entitlements don't apply to the desktop stream view application, or to applications managed by a dynamic app provider using the Dynamic Application Framework.
",
+ "refs": {
+ "CreateEntitlementResult$Entitlement": "The entitlement.
",
+ "EntitlementList$member": null,
+ "UpdateEntitlementResult$Entitlement": "The entitlement.
"
+ }
+ },
+ "EntitlementAlreadyExistsException": {
+ "base": "The entitlement already exists.
",
+ "refs": {
+ }
+ },
+ "EntitlementAttribute": {
+ "base": "An attribute associated with an entitlement. Application entitlements work by matching a supported SAML 2.0 attribute name to a value when a user identity federates to an Amazon AppStream 2.0 SAML application.
",
+ "refs": {
+ "EntitlementAttributeList$member": null
+ }
+ },
+ "EntitlementAttributeList": {
+ "base": null,
+ "refs": {
+ "CreateEntitlementRequest$Attributes": "The attributes of the entitlement.
",
+ "Entitlement$Attributes": "The attributes of the entitlement.
",
+ "UpdateEntitlementRequest$Attributes": "The attributes of the entitlement.
"
+ }
+ },
+ "EntitlementList": {
+ "base": null,
+ "refs": {
+ "DescribeEntitlementsResult$Entitlements": "The entitlements.
"
+ }
+ },
+ "EntitlementNotFoundException": {
+ "base": "The entitlement can't be found.
",
+ "refs": {
+ }
+ },
"ErrorMessage": {
"base": "The error message in the exception.
",
"refs": {
"ConcurrentModificationException$Message": null,
+ "EntitlementAlreadyExistsException$Message": null,
+ "EntitlementNotFoundException$Message": null,
"IncompatibleImageException$Message": null,
"InvalidAccountStatusException$Message": null,
"InvalidParameterCombinationException$Message": null,
@@ -1014,6 +1134,7 @@
"DescribeApplicationFleetAssociationsRequest$MaxResults": "The maximum size of each page of results.
",
"DescribeApplicationsRequest$MaxResults": "The maximum size of each page of results.
",
"DescribeDirectoryConfigsRequest$MaxResults": "The maximum size of each page of results.
",
+ "DescribeEntitlementsRequest$MaxResults": "The maximum size of each page of results.
",
"DescribeImageBuildersRequest$MaxResults": "The maximum size of each page of results.
",
"DescribeSessionsRequest$Limit": "The size of each page of results. The default value is 20 and the maximum value is 50.
",
"DescribeUsageReportSubscriptionsRequest$MaxResults": "The maximum size of each page of results.
",
@@ -1022,6 +1143,7 @@
"Fleet$DisconnectTimeoutInSeconds": "The amount of time that a streaming session remains active after users disconnect. If they try to reconnect to the streaming session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance.
Specify a value between 60 and 360000.
",
"Fleet$IdleDisconnectTimeoutInSeconds": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the DisconnectTimeoutInSeconds time interval begins. Users are notified before they are disconnected due to inactivity. If users try to reconnect to the streaming session before the time interval specified in DisconnectTimeoutInSeconds elapses, they are connected to their previous session. Users are considered idle when they stop providing keyboard or mouse input during their streaming session. File uploads and downloads, audio in, audio out, and pixels changing do not qualify as user activity. If users continue to be idle after the time interval in IdleDisconnectTimeoutInSeconds elapses, they are disconnected.
To prevent users from being disconnected due to inactivity, specify a value of 0. Otherwise, specify a value between 60 and 3600. The default value is 0.
If you enable this feature, we recommend that you specify a value that corresponds exactly to a whole number of minutes (for example, 60, 120, and 180). If you don't do this, the value is rounded to the nearest minute. For example, if you specify a value of 70, users are disconnected after 1 minute of inactivity. If you specify a value that is at the midpoint between two different minutes, the value is rounded up. For example, if you specify a value of 90, users are disconnected after 2 minutes of inactivity.
",
"Fleet$MaxConcurrentSessions": "The maximum number of concurrent sessions for the fleet.
",
+ "ListEntitledApplicationsRequest$MaxResults": "The maximum size of each page of results.
",
"ScriptDetails$TimeoutInSeconds": "The run timeout, in seconds, for the script.
",
"UpdateFleetRequest$MaxUserDurationInSeconds": "The maximum amount of time that a streaming session can remain active, in seconds. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.
Specify a value between 600 and 360000.
",
"UpdateFleetRequest$DisconnectTimeoutInSeconds": "The amount of time that a streaming session remains active after users disconnect. If users try to reconnect to the streaming session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance.
Specify a value between 60 and 360000.
",
@@ -1081,6 +1203,16 @@
"refs": {
}
},
+ "ListEntitledApplicationsRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "ListEntitledApplicationsResult": {
+ "base": null,
+ "refs": {
+ }
+ },
"ListTagsForResourceRequest": {
"base": null,
"refs": {
@@ -1121,11 +1253,15 @@
"base": null,
"refs": {
"AssociateApplicationFleetRequest$FleetName": "The name of the fleet.
",
+ "AssociateApplicationToEntitlementRequest$StackName": "The name of the stack.
",
+ "AssociateApplicationToEntitlementRequest$EntitlementName": "The name of the entitlement.
",
"CopyImageRequest$SourceImageName": "The name of the image to copy.
",
"CopyImageRequest$DestinationImageName": "The name that the image will have when it is copied to the destination.
",
"CopyImageResponse$DestinationImageName": "The name of the destination image.
",
"CreateAppBlockRequest$Name": "The name of the app block.
",
"CreateApplicationRequest$Name": "The name of the application. This name is visible to users when display name is not specified.
",
+ "CreateEntitlementRequest$Name": "The name of the entitlement.
",
+ "CreateEntitlementRequest$StackName": "The name of the stack with which the entitlement is associated.
",
"CreateFleetRequest$Name": "A unique name for the fleet.
",
"CreateImageBuilderRequest$Name": "A unique name for the image builder.
",
"CreateStackRequest$Name": "The name of the stack.
",
@@ -1133,14 +1269,26 @@
"CreateUpdatedImageRequest$newImageName": "The name of the new image. The name must be unique within the AWS account and Region.
",
"DeleteAppBlockRequest$Name": "The name of the app block.
",
"DeleteApplicationRequest$Name": "The name of the application.
",
+ "DeleteEntitlementRequest$Name": "The name of the entitlement.
",
+ "DeleteEntitlementRequest$StackName": "The name of the stack with which the entitlement is associated.
",
"DeleteImageBuilderRequest$Name": "The name of the image builder.
",
"DeleteImagePermissionsRequest$Name": "The name of the private image.
",
"DeleteImageRequest$Name": "The name of the image.
",
"DescribeApplicationFleetAssociationsRequest$FleetName": "The name of the fleet.
",
+ "DescribeEntitlementsRequest$Name": "The name of the entitlement.
",
+ "DescribeEntitlementsRequest$StackName": "The name of the stack with which the entitlement is associated.
",
"DescribeImagePermissionsRequest$Name": "The name of the private image for which to describe permissions. The image must be one that you own.
",
"DescribeImagePermissionsResult$Name": "The name of the private image.
",
"DisassociateApplicationFleetRequest$FleetName": "The name of the fleet.
",
+ "DisassociateApplicationFromEntitlementRequest$StackName": "The name of the stack with which the entitlement is associated.
",
+ "DisassociateApplicationFromEntitlementRequest$EntitlementName": "The name of the entitlement.
",
+ "Entitlement$Name": "The name of the entitlement.
",
+ "Entitlement$StackName": "The name of the stack with which the entitlement is associated.
",
+ "ListEntitledApplicationsRequest$StackName": "The name of the stack with which the entitlement is associated.
",
+ "ListEntitledApplicationsRequest$EntitlementName": "The name of the entitlement.
",
"UpdateApplicationRequest$Name": "The name of the application. This name is visible to users when display name is not specified.
",
+ "UpdateEntitlementRequest$Name": "The name of the entitlement.
",
+ "UpdateEntitlementRequest$StackName": "The name of the stack with which the entitlement is associated.
",
"UpdateImagePermissionsRequest$Name": "The name of the private image.
"
}
},
@@ -1474,6 +1622,7 @@
"Application$Description": "The description of the application.
",
"ApplicationFleetAssociation$FleetName": "The name of the fleet associated with the application.
",
"ApplicationSettingsResponse$S3BucketName": "The S3 bucket where users’ persistent application settings are stored. When persistent application settings are enabled for the first time for an account in an AWS Region, an S3 bucket is created. The bucket is unique to the AWS account and the Region.
",
+ "AssociateApplicationToEntitlementRequest$ApplicationIdentifier": "The identifier of the application.
",
"AssociateFleetRequest$FleetName": "The name of the fleet.
",
"AssociateFleetRequest$StackName": "The name of the stack.
",
"CreateApplicationRequest$LaunchPath": "The launch path of the application.
",
@@ -1501,6 +1650,8 @@
"DescribeApplicationsResult$NextToken": "The pagination token used to retrieve the next page of results for this operation.
",
"DescribeDirectoryConfigsRequest$NextToken": "The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
",
"DescribeDirectoryConfigsResult$NextToken": "The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
",
+ "DescribeEntitlementsRequest$NextToken": "The pagination token used to retrieve the next page of results for this operation.
",
+ "DescribeEntitlementsResult$NextToken": "The pagination token used to retrieve the next page of results for this operation.
",
"DescribeFleetsRequest$NextToken": "The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
",
"DescribeFleetsResult$NextToken": "The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
",
"DescribeImageBuildersRequest$NextToken": "The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
",
@@ -1522,8 +1673,12 @@
"DescribeUserStackAssociationsResult$NextToken": "The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
",
"DescribeUsersRequest$NextToken": "The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
",
"DescribeUsersResult$NextToken": "The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
",
+ "DisassociateApplicationFromEntitlementRequest$ApplicationIdentifier": "The identifier of the application to remove from the entitlement.
",
"DisassociateFleetRequest$FleetName": "The name of the fleet.
",
"DisassociateFleetRequest$StackName": "The name of the stack.
",
+ "EntitledApplication$ApplicationIdentifier": "The identifier of the application.
",
+ "EntitlementAttribute$Name": "A supported AWS IAM SAML PrincipalTag attribute that is matched to the associated value when a user identity federates into an Amazon AppStream 2.0 SAML application.
The following are valid values:
-
roles
-
department
-
organization
-
groups
-
title
-
costCenter
-
userType
",
+ "EntitlementAttribute$Value": "A value that is matched to a supported SAML attribute name when a user identity federates into an Amazon AppStream 2.0 SAML application.
",
"ExpireSessionRequest$SessionId": "The identifier of the streaming session.
",
"Fleet$Name": "The name of the fleet.
",
"Fleet$DisplayName": "The fleet name to display.
",
@@ -1548,6 +1703,8 @@
"ListAssociatedStacksRequest$FleetName": "The name of the fleet.
",
"ListAssociatedStacksRequest$NextToken": "The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
",
"ListAssociatedStacksResult$NextToken": "The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
",
+ "ListEntitledApplicationsRequest$NextToken": "The pagination token used to retrieve the next page of results for this operation.
",
+ "ListEntitledApplicationsResult$NextToken": "The pagination token used to retrieve the next page of results for this operation.
",
"Metadata$key": null,
"Metadata$value": null,
"NetworkAccessConfiguration$EniPrivateIpAddress": "The private IP address of the elastic network interface that is attached to instances in your VPC.
",
@@ -1651,6 +1808,8 @@
"CreateImageBuilderStreamingURLResult$Expires": "The elapsed time, in seconds after the Unix epoch, when this URL expires.
",
"CreateStreamingURLResult$Expires": "The elapsed time, in seconds after the Unix epoch, when this URL expires.
",
"DirectoryConfig$CreatedTime": "The time the directory configuration was created.
",
+ "Entitlement$CreatedTime": "The time when the entitlement was created.
",
+ "Entitlement$LastModifiedTime": "The time when the entitlement was last modified.
",
"Fleet$CreatedTime": "The time the fleet was created.
",
"Image$CreatedTime": "The time the image was created.
",
"Image$PublicBaseImageReleasedDate": "The release date of the public base image. For private images, this date is the release date of the base image from which the image was created.
",
@@ -1693,6 +1852,16 @@
"refs": {
}
},
+ "UpdateEntitlementRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "UpdateEntitlementResult": {
+ "base": null,
+ "refs": {
+ }
+ },
"UpdateFleetRequest": {
"base": null,
"refs": {
diff --git a/models/apis/cloudtrail/2013-11-01/api-2.json b/models/apis/cloudtrail/2013-11-01/api-2.json
index 576e1a1f3d2..7d8e3002c34 100644
--- a/models/apis/cloudtrail/2013-11-01/api-2.json
+++ b/models/apis/cloudtrail/2013-11-01/api-2.json
@@ -28,12 +28,59 @@
{"shape":"TagsLimitExceededException"},
{"shape":"InvalidTrailNameException"},
{"shape":"InvalidTagParameterException"},
+ {"shape":"InactiveEventDataStoreException"},
+ {"shape":"EventDataStoreNotFoundException"},
{"shape":"UnsupportedOperationException"},
{"shape":"OperationNotPermittedException"},
- {"shape":"NotOrganizationMasterAccountException"}
+ {"shape":"NotOrganizationMasterAccountException"},
+ {"shape":"ConflictException"}
+ ],
+ "idempotent":true
+ },
+ "CancelQuery":{
+ "name":"CancelQuery",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"CancelQueryRequest"},
+ "output":{"shape":"CancelQueryResponse"},
+ "errors":[
+ {"shape":"EventDataStoreARNInvalidException"},
+ {"shape":"EventDataStoreNotFoundException"},
+ {"shape":"InactiveEventDataStoreException"},
+ {"shape":"InactiveQueryException"},
+ {"shape":"InvalidParameterException"},
+ {"shape":"QueryIdNotFoundException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"},
+ {"shape":"ConflictException"}
],
"idempotent":true
},
+ "CreateEventDataStore":{
+ "name":"CreateEventDataStore",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"CreateEventDataStoreRequest"},
+ "output":{"shape":"CreateEventDataStoreResponse"},
+ "errors":[
+ {"shape":"EventDataStoreAlreadyExistsException"},
+ {"shape":"EventDataStoreMaxLimitExceededException"},
+ {"shape":"InvalidParameterException"},
+ {"shape":"InvalidTagParameterException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"},
+ {"shape":"ConflictException"},
+ {"shape":"CloudTrailAccessNotEnabledException"},
+ {"shape":"InsufficientDependencyServiceAccessPermissionException"},
+ {"shape":"NotOrganizationMasterAccountException"},
+ {"shape":"OrganizationsNotInUseException"},
+ {"shape":"OrganizationNotInAllFeaturesModeException"}
+ ]
+ },
"CreateTrail":{
"name":"CreateTrail",
"http":{
@@ -70,10 +117,30 @@
{"shape":"NotOrganizationMasterAccountException"},
{"shape":"OrganizationsNotInUseException"},
{"shape":"OrganizationNotInAllFeaturesModeException"},
- {"shape":"CloudTrailInvalidClientTokenIdException"}
+ {"shape":"CloudTrailInvalidClientTokenIdException"},
+ {"shape":"ConflictException"}
],
"idempotent":true
},
+ "DeleteEventDataStore":{
+ "name":"DeleteEventDataStore",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"DeleteEventDataStoreRequest"},
+ "output":{"shape":"DeleteEventDataStoreResponse"},
+ "errors":[
+ {"shape":"EventDataStoreARNInvalidException"},
+ {"shape":"EventDataStoreNotFoundException"},
+ {"shape":"EventDataStoreTerminationProtectedException"},
+ {"shape":"InvalidParameterException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"},
+ {"shape":"NotOrganizationMasterAccountException"},
+ {"shape":"InsufficientDependencyServiceAccessPermissionException"}
+ ]
+ },
"DeleteTrail":{
"name":"DeleteTrail",
"http":{
@@ -94,6 +161,25 @@
],
"idempotent":true
},
+ "DescribeQuery":{
+ "name":"DescribeQuery",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"DescribeQueryRequest"},
+ "output":{"shape":"DescribeQueryResponse"},
+ "errors":[
+ {"shape":"EventDataStoreARNInvalidException"},
+ {"shape":"EventDataStoreNotFoundException"},
+ {"shape":"InactiveEventDataStoreException"},
+ {"shape":"InvalidParameterException"},
+ {"shape":"QueryIdNotFoundException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"}
+ ],
+ "idempotent":true
+ },
"DescribeTrails":{
"name":"DescribeTrails",
"http":{
@@ -109,6 +195,23 @@
],
"idempotent":true
},
+ "GetEventDataStore":{
+ "name":"GetEventDataStore",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"GetEventDataStoreRequest"},
+ "output":{"shape":"GetEventDataStoreResponse"},
+ "errors":[
+ {"shape":"EventDataStoreARNInvalidException"},
+ {"shape":"EventDataStoreNotFoundException"},
+ {"shape":"InvalidParameterException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"}
+ ],
+ "idempotent":true
+ },
"GetEventSelectors":{
"name":"GetEventSelectors",
"http":{
@@ -142,6 +245,26 @@
],
"idempotent":true
},
+ "GetQueryResults":{
+ "name":"GetQueryResults",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"GetQueryResultsRequest"},
+ "output":{"shape":"GetQueryResultsResponse"},
+ "errors":[
+ {"shape":"EventDataStoreARNInvalidException"},
+ {"shape":"EventDataStoreNotFoundException"},
+ {"shape":"InactiveEventDataStoreException"},
+ {"shape":"InvalidMaxResultsException"},
+ {"shape":"InvalidNextTokenException"},
+ {"shape":"InvalidParameterException"},
+ {"shape":"QueryIdNotFoundException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"}
+ ]
+ },
"GetTrail":{
"name":"GetTrail",
"http":{
@@ -174,6 +297,22 @@
],
"idempotent":true
},
+ "ListEventDataStores":{
+ "name":"ListEventDataStores",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"ListEventDataStoresRequest"},
+ "output":{"shape":"ListEventDataStoresResponse"},
+ "errors":[
+ {"shape":"InvalidMaxResultsException"},
+ {"shape":"InvalidNextTokenException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"}
+ ],
+ "idempotent":true
+ },
"ListPublicKeys":{
"name":"ListPublicKeys",
"http":{
@@ -190,6 +329,28 @@
],
"idempotent":true
},
+ "ListQueries":{
+ "name":"ListQueries",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"ListQueriesRequest"},
+ "output":{"shape":"ListQueriesResponse"},
+ "errors":[
+ {"shape":"EventDataStoreARNInvalidException"},
+ {"shape":"EventDataStoreNotFoundException"},
+ {"shape":"InactiveEventDataStoreException"},
+ {"shape":"InvalidDateRangeException"},
+ {"shape":"InvalidMaxResultsException"},
+ {"shape":"InvalidNextTokenException"},
+ {"shape":"InvalidParameterException"},
+ {"shape":"InvalidQueryStatusException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"}
+ ],
+ "idempotent":true
+ },
"ListTags":{
"name":"ListTags",
"http":{
@@ -203,6 +364,8 @@
{"shape":"CloudTrailARNInvalidException"},
{"shape":"ResourceTypeNotSupportedException"},
{"shape":"InvalidTrailNameException"},
+ {"shape":"InactiveEventDataStoreException"},
+ {"shape":"EventDataStoreNotFoundException"},
{"shape":"UnsupportedOperationException"},
{"shape":"OperationNotPermittedException"},
{"shape":"InvalidTokenException"}
@@ -299,12 +462,37 @@
{"shape":"ResourceTypeNotSupportedException"},
{"shape":"InvalidTrailNameException"},
{"shape":"InvalidTagParameterException"},
+ {"shape":"InactiveEventDataStoreException"},
+ {"shape":"EventDataStoreNotFoundException"},
{"shape":"UnsupportedOperationException"},
{"shape":"OperationNotPermittedException"},
{"shape":"NotOrganizationMasterAccountException"}
],
"idempotent":true
},
+ "RestoreEventDataStore":{
+ "name":"RestoreEventDataStore",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"RestoreEventDataStoreRequest"},
+ "output":{"shape":"RestoreEventDataStoreResponse"},
+ "errors":[
+ {"shape":"EventDataStoreARNInvalidException"},
+ {"shape":"EventDataStoreNotFoundException"},
+ {"shape":"EventDataStoreMaxLimitExceededException"},
+ {"shape":"InvalidEventDataStoreStatusException"},
+ {"shape":"InvalidParameterException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"},
+ {"shape":"CloudTrailAccessNotEnabledException"},
+ {"shape":"InsufficientDependencyServiceAccessPermissionException"},
+ {"shape":"OrganizationsNotInUseException"},
+ {"shape":"NotOrganizationMasterAccountException"},
+ {"shape":"OrganizationNotInAllFeaturesModeException"}
+ ]
+ },
"StartLogging":{
"name":"StartLogging",
"http":{
@@ -324,6 +512,26 @@
],
"idempotent":true
},
+ "StartQuery":{
+ "name":"StartQuery",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"StartQueryRequest"},
+ "output":{"shape":"StartQueryResponse"},
+ "errors":[
+ {"shape":"EventDataStoreARNInvalidException"},
+ {"shape":"EventDataStoreNotFoundException"},
+ {"shape":"InactiveEventDataStoreException"},
+ {"shape":"InvalidParameterException"},
+ {"shape":"InvalidQueryStatementException"},
+ {"shape":"MaxConcurrentQueriesException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"}
+ ],
+ "idempotent":true
+ },
"StopLogging":{
"name":"StopLogging",
"http":{
@@ -343,6 +551,29 @@
],
"idempotent":true
},
+ "UpdateEventDataStore":{
+ "name":"UpdateEventDataStore",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"UpdateEventDataStoreRequest"},
+ "output":{"shape":"UpdateEventDataStoreResponse"},
+ "errors":[
+ {"shape":"EventDataStoreARNInvalidException"},
+ {"shape":"EventDataStoreNotFoundException"},
+ {"shape":"InactiveEventDataStoreException"},
+ {"shape":"InvalidParameterException"},
+ {"shape":"OperationNotPermittedException"},
+ {"shape":"UnsupportedOperationException"},
+ {"shape":"CloudTrailAccessNotEnabledException"},
+ {"shape":"InsufficientDependencyServiceAccessPermissionException"},
+ {"shape":"OrganizationsNotInUseException"},
+ {"shape":"NotOrganizationMasterAccountException"},
+ {"shape":"OrganizationNotInAllFeaturesModeException"}
+ ],
+ "idempotent":true
+ },
"UpdateTrail":{
"name":"UpdateTrail",
"http":{
@@ -387,7 +618,10 @@
"shapes":{
"AddTagsRequest":{
"type":"structure",
- "required":["ResourceId"],
+ "required":[
+ "ResourceId",
+ "TagsList"
+ ],
"members":{
"ResourceId":{"shape":"String"},
"TagsList":{"shape":"TagsList"}
@@ -430,6 +664,28 @@
},
"Boolean":{"type":"boolean"},
"ByteBuffer":{"type":"blob"},
+ "CancelQueryRequest":{
+ "type":"structure",
+ "required":[
+ "EventDataStore",
+ "QueryId"
+ ],
+ "members":{
+ "EventDataStore":{"shape":"EventDataStoreArn"},
+ "QueryId":{"shape":"UUID"}
+ }
+ },
+ "CancelQueryResponse":{
+ "type":"structure",
+ "required":[
+ "QueryId",
+ "QueryStatus"
+ ],
+ "members":{
+ "QueryId":{"shape":"UUID"},
+ "QueryStatus":{"shape":"QueryStatus"}
+ }
+ },
"CloudTrailARNInvalidException":{
"type":"structure",
"members":{
@@ -460,6 +716,35 @@
},
"exception":true
},
+ "CreateEventDataStoreRequest":{
+ "type":"structure",
+ "required":["Name"],
+ "members":{
+ "Name":{"shape":"EventDataStoreName"},
+ "AdvancedEventSelectors":{"shape":"AdvancedEventSelectors"},
+ "MultiRegionEnabled":{"shape":"Boolean"},
+ "OrganizationEnabled":{"shape":"Boolean"},
+ "RetentionPeriod":{"shape":"RetentionPeriod"},
+ "TerminationProtectionEnabled":{"shape":"TerminationProtectionEnabled"},
+ "TagsList":{"shape":"TagsList"}
+ }
+ },
+ "CreateEventDataStoreResponse":{
+ "type":"structure",
+ "members":{
+ "EventDataStoreArn":{"shape":"EventDataStoreArn"},
+ "Name":{"shape":"EventDataStoreName"},
+ "Status":{"shape":"EventDataStoreStatus"},
+ "AdvancedEventSelectors":{"shape":"AdvancedEventSelectors"},
+ "MultiRegionEnabled":{"shape":"Boolean"},
+ "OrganizationEnabled":{"shape":"Boolean"},
+ "RetentionPeriod":{"shape":"RetentionPeriod"},
+ "TerminationProtectionEnabled":{"shape":"TerminationProtectionEnabled"},
+ "TagsList":{"shape":"TagsList"},
+ "CreatedTimestamp":{"shape":"Date"},
+ "UpdatedTimestamp":{"shape":"Date"}
+ }
+ },
"CreateTrailRequest":{
"type":"structure",
"required":[
@@ -518,6 +803,18 @@
"member":{"shape":"DataResource"}
},
"Date":{"type":"timestamp"},
+ "DeleteEventDataStoreRequest":{
+ "type":"structure",
+ "required":["EventDataStore"],
+ "members":{
+ "EventDataStore":{"shape":"EventDataStoreArn"}
+ }
+ },
+ "DeleteEventDataStoreResponse":{
+ "type":"structure",
+ "members":{
+ }
+ },
"DeleteTrailRequest":{
"type":"structure",
"required":["Name"],
@@ -530,6 +827,27 @@
"members":{
}
},
+ "DescribeQueryRequest":{
+ "type":"structure",
+ "required":[
+ "EventDataStore",
+ "QueryId"
+ ],
+ "members":{
+ "EventDataStore":{"shape":"EventDataStoreArn"},
+ "QueryId":{"shape":"UUID"}
+ }
+ },
+ "DescribeQueryResponse":{
+ "type":"structure",
+ "members":{
+ "QueryId":{"shape":"UUID"},
+ "QueryString":{"shape":"QueryStatement"},
+ "QueryStatus":{"shape":"QueryStatus"},
+ "QueryStatistics":{"shape":"QueryStatisticsForDescribeQuery"},
+ "ErrorMessage":{"shape":"ErrorMessage"}
+ }
+ },
"DescribeTrailsRequest":{
"type":"structure",
"members":{
@@ -543,6 +861,12 @@
"trailList":{"shape":"TrailList"}
}
},
+ "ErrorMessage":{
+ "type":"string",
+ "max":1000,
+ "min":4,
+ "pattern":".*"
+ },
"Event":{
"type":"structure",
"members":{
@@ -561,6 +885,75 @@
"type":"string",
"enum":["insight"]
},
+ "EventDataStore":{
+ "type":"structure",
+ "members":{
+ "EventDataStoreArn":{"shape":"EventDataStoreArn"},
+ "Name":{"shape":"EventDataStoreName"},
+ "TerminationProtectionEnabled":{"shape":"TerminationProtectionEnabled"},
+ "Status":{"shape":"EventDataStoreStatus"},
+ "AdvancedEventSelectors":{"shape":"AdvancedEventSelectors"},
+ "MultiRegionEnabled":{"shape":"Boolean"},
+ "OrganizationEnabled":{"shape":"Boolean"},
+ "RetentionPeriod":{"shape":"RetentionPeriod"},
+ "CreatedTimestamp":{"shape":"Date"},
+ "UpdatedTimestamp":{"shape":"Date"}
+ }
+ },
+ "EventDataStoreARNInvalidException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
+ "EventDataStoreAlreadyExistsException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
+ "EventDataStoreArn":{
+ "type":"string",
+ "max":256,
+ "min":3,
+ "pattern":"^[a-zA-Z0-9._/\\-:]+$"
+ },
+ "EventDataStoreMaxLimitExceededException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
+ "EventDataStoreName":{
+ "type":"string",
+ "max":128,
+ "min":3,
+ "pattern":"^[a-zA-Z0-9._\\-]+$"
+ },
+ "EventDataStoreNotFoundException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
+ "EventDataStoreStatus":{
+ "type":"string",
+ "enum":[
+ "CREATED",
+ "ENABLED",
+ "PENDING_DELETION"
+ ]
+ },
+ "EventDataStoreTerminationProtectedException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
+ "EventDataStores":{
+ "type":"list",
+ "member":{"shape":"EventDataStore"}
+ },
"EventSelector":{
"type":"structure",
"members":{
@@ -582,6 +975,28 @@
"type":"list",
"member":{"shape":"String"}
},
+ "GetEventDataStoreRequest":{
+ "type":"structure",
+ "required":["EventDataStore"],
+ "members":{
+ "EventDataStore":{"shape":"EventDataStoreArn"}
+ }
+ },
+ "GetEventDataStoreResponse":{
+ "type":"structure",
+ "members":{
+ "EventDataStoreArn":{"shape":"EventDataStoreArn"},
+ "Name":{"shape":"EventDataStoreName"},
+ "Status":{"shape":"EventDataStoreStatus"},
+ "AdvancedEventSelectors":{"shape":"AdvancedEventSelectors"},
+ "MultiRegionEnabled":{"shape":"Boolean"},
+ "OrganizationEnabled":{"shape":"Boolean"},
+ "RetentionPeriod":{"shape":"RetentionPeriod"},
+ "TerminationProtectionEnabled":{"shape":"TerminationProtectionEnabled"},
+ "CreatedTimestamp":{"shape":"Date"},
+ "UpdatedTimestamp":{"shape":"Date"}
+ }
+ },
"GetEventSelectorsRequest":{
"type":"structure",
"required":["TrailName"],
@@ -611,6 +1026,29 @@
"InsightSelectors":{"shape":"InsightSelectors"}
}
},
+ "GetQueryResultsRequest":{
+ "type":"structure",
+ "required":[
+ "EventDataStore",
+ "QueryId"
+ ],
+ "members":{
+ "EventDataStore":{"shape":"EventDataStoreArn"},
+ "QueryId":{"shape":"UUID"},
+ "NextToken":{"shape":"PaginationToken"},
+ "MaxQueryResults":{"shape":"MaxQueryResults"}
+ }
+ },
+ "GetQueryResultsResponse":{
+ "type":"structure",
+ "members":{
+ "QueryStatus":{"shape":"QueryStatus"},
+ "QueryStatistics":{"shape":"QueryStatistics"},
+ "QueryResultRows":{"shape":"QueryResultRows"},
+ "NextToken":{"shape":"PaginationToken"},
+ "ErrorMessage":{"shape":"ErrorMessage"}
+ }
+ },
"GetTrailRequest":{
"type":"structure",
"required":["Name"],
@@ -653,6 +1091,18 @@
"TimeLoggingStopped":{"shape":"String"}
}
},
+ "InactiveEventDataStoreException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
+ "InactiveQueryException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
"InsightNotEnabledException":{
"type":"structure",
"members":{
@@ -700,6 +1150,7 @@
},
"exception":true
},
+ "Integer":{"type":"integer"},
"InvalidCloudWatchLogsLogGroupArnException":{
"type":"structure",
"members":{
@@ -712,12 +1163,24 @@
},
"exception":true
},
+ "InvalidDateRangeException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
"InvalidEventCategoryException":{
"type":"structure",
"members":{
},
"exception":true
},
+ "InvalidEventDataStoreStatusException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
"InvalidEventSelectorsException":{
"type":"structure",
"members":{
@@ -766,6 +1229,24 @@
},
"exception":true
},
+ "InvalidParameterException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
+ "InvalidQueryStatementException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
+ "InvalidQueryStatusException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
"InvalidS3BucketNameException":{
"type":"structure",
"members":{
@@ -827,6 +1308,25 @@
},
"exception":true
},
+ "ListEventDataStoresMaxResultsCount":{
+ "type":"integer",
+ "max":1000,
+ "min":1
+ },
+ "ListEventDataStoresRequest":{
+ "type":"structure",
+ "members":{
+ "NextToken":{"shape":"PaginationToken"},
+ "MaxResults":{"shape":"ListEventDataStoresMaxResultsCount"}
+ }
+ },
+ "ListEventDataStoresResponse":{
+ "type":"structure",
+ "members":{
+ "EventDataStores":{"shape":"EventDataStores"},
+ "NextToken":{"shape":"PaginationToken"}
+ }
+ },
"ListPublicKeysRequest":{
"type":"structure",
"members":{
@@ -842,6 +1342,30 @@
"NextToken":{"shape":"String"}
}
},
+ "ListQueriesMaxResultsCount":{
+ "type":"integer",
+ "max":1000,
+ "min":1
+ },
+ "ListQueriesRequest":{
+ "type":"structure",
+ "required":["EventDataStore"],
+ "members":{
+ "EventDataStore":{"shape":"EventDataStoreArn"},
+ "NextToken":{"shape":"PaginationToken"},
+ "MaxResults":{"shape":"ListQueriesMaxResultsCount"},
+ "StartTime":{"shape":"Date"},
+ "EndTime":{"shape":"Date"},
+ "QueryStatus":{"shape":"QueryStatus"}
+ }
+ },
+ "ListQueriesResponse":{
+ "type":"structure",
+ "members":{
+ "Queries":{"shape":"Queries"},
+ "NextToken":{"shape":"PaginationToken"}
+ }
+ },
"ListTagsRequest":{
"type":"structure",
"required":["ResourceIdList"],
@@ -870,6 +1394,7 @@
"NextToken":{"shape":"String"}
}
},
+ "Long":{"type":"long"},
"LookupAttribute":{
"type":"structure",
"required":[
@@ -916,6 +1441,17 @@
"NextToken":{"shape":"NextToken"}
}
},
+ "MaxConcurrentQueriesException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
+ "MaxQueryResults":{
+ "type":"integer",
+ "max":1000,
+ "min":1
+ },
"MaxResults":{
"type":"integer",
"max":50,
@@ -963,6 +1499,12 @@
},
"exception":true
},
+ "PaginationToken":{
+ "type":"string",
+ "max":1000,
+ "min":4,
+ "pattern":".*"
+ },
"PublicKey":{
"type":"structure",
"members":{
@@ -1011,6 +1553,71 @@
"InsightSelectors":{"shape":"InsightSelectors"}
}
},
+ "Queries":{
+ "type":"list",
+ "member":{"shape":"Query"}
+ },
+ "Query":{
+ "type":"structure",
+ "members":{
+ "QueryId":{"shape":"UUID"},
+ "QueryStatus":{"shape":"QueryStatus"},
+ "CreationTime":{"shape":"Date"}
+ }
+ },
+ "QueryIdNotFoundException":{
+ "type":"structure",
+ "members":{
+ },
+ "exception":true
+ },
+ "QueryResultColumn":{
+ "type":"map",
+ "key":{"shape":"QueryResultKey"},
+ "value":{"shape":"QueryResultValue"}
+ },
+ "QueryResultKey":{"type":"string"},
+ "QueryResultRow":{
+ "type":"list",
+ "member":{"shape":"QueryResultColumn"}
+ },
+ "QueryResultRows":{
+ "type":"list",
+ "member":{"shape":"QueryResultRow"}
+ },
+ "QueryResultValue":{"type":"string"},
+ "QueryStatement":{
+ "type":"string",
+ "max":10000,
+ "min":1,
+ "pattern":"(?s).*"
+ },
+ "QueryStatistics":{
+ "type":"structure",
+ "members":{
+ "ResultsCount":{"shape":"Integer"},
+ "TotalResultsCount":{"shape":"Integer"}
+ }
+ },
+ "QueryStatisticsForDescribeQuery":{
+ "type":"structure",
+ "members":{
+ "EventsMatched":{"shape":"Long"},
+ "EventsScanned":{"shape":"Long"},
+ "ExecutionTimeInMillis":{"shape":"Integer"},
+ "CreationTime":{"shape":"Date"}
+ }
+ },
+ "QueryStatus":{
+ "type":"string",
+ "enum":[
+ "QUEUED",
+ "RUNNING",
+ "FINISHED",
+ "FAILED",
+ "CANCELLED"
+ ]
+ },
"ReadWriteType":{
"type":"string",
"enum":[
@@ -1021,7 +1628,10 @@
},
"RemoveTagsRequest":{
"type":"structure",
- "required":["ResourceId"],
+ "required":[
+ "ResourceId",
+ "TagsList"
+ ],
"members":{
"ResourceId":{"shape":"String"},
"TagsList":{"shape":"TagsList"}
@@ -1070,6 +1680,33 @@
},
"exception":true
},
+ "RestoreEventDataStoreRequest":{
+ "type":"structure",
+ "required":["EventDataStore"],
+ "members":{
+ "EventDataStore":{"shape":"EventDataStoreArn"}
+ }
+ },
+ "RestoreEventDataStoreResponse":{
+ "type":"structure",
+ "members":{
+ "EventDataStoreArn":{"shape":"EventDataStoreArn"},
+ "Name":{"shape":"EventDataStoreName"},
+ "Status":{"shape":"EventDataStoreStatus"},
+ "AdvancedEventSelectors":{"shape":"AdvancedEventSelectors"},
+ "MultiRegionEnabled":{"shape":"Boolean"},
+ "OrganizationEnabled":{"shape":"Boolean"},
+ "RetentionPeriod":{"shape":"RetentionPeriod"},
+ "TerminationProtectionEnabled":{"shape":"TerminationProtectionEnabled"},
+ "CreatedTimestamp":{"shape":"Date"},
+ "UpdatedTimestamp":{"shape":"Date"}
+ }
+ },
+ "RetentionPeriod":{
+ "type":"integer",
+ "max":2555,
+ "min":7
+ },
"S3BucketDoesNotExistException":{
"type":"structure",
"members":{
@@ -1100,6 +1737,19 @@
"members":{
}
},
+ "StartQueryRequest":{
+ "type":"structure",
+ "required":["QueryStatement"],
+ "members":{
+ "QueryStatement":{"shape":"QueryStatement"}
+ }
+ },
+ "StartQueryResponse":{
+ "type":"structure",
+ "members":{
+ "QueryId":{"shape":"UUID"}
+ }
+ },
"StopLoggingRequest":{
"type":"structure",
"required":["Name"],
@@ -1117,10 +1767,20 @@
"type":"structure",
"required":["Key"],
"members":{
- "Key":{"shape":"String"},
- "Value":{"shape":"String"}
+ "Key":{"shape":"TagKey"},
+ "Value":{"shape":"TagValue"}
}
},
+ "TagKey":{
+ "type":"string",
+ "max":128,
+ "min":1
+ },
+ "TagValue":{
+ "type":"string",
+ "max":256,
+ "min":1
+ },
"TagsLimitExceededException":{
"type":"structure",
"members":{
@@ -1129,8 +1789,10 @@
},
"TagsList":{
"type":"list",
- "member":{"shape":"Tag"}
+ "member":{"shape":"Tag"},
+ "max":200
},
+ "TerminationProtectionEnabled":{"type":"boolean"},
"Trail":{
"type":"structure",
"members":{
@@ -1193,12 +1855,46 @@
"type":"list",
"member":{"shape":"TrailInfo"}
},
+ "UUID":{
+ "type":"string",
+ "max":36,
+ "min":36,
+ "pattern":"^[a-f0-9\\-]+$"
+ },
"UnsupportedOperationException":{
"type":"structure",
"members":{
},
"exception":true
},
+ "UpdateEventDataStoreRequest":{
+ "type":"structure",
+ "required":["EventDataStore"],
+ "members":{
+ "EventDataStore":{"shape":"EventDataStoreArn"},
+ "Name":{"shape":"EventDataStoreName"},
+ "AdvancedEventSelectors":{"shape":"AdvancedEventSelectors"},
+ "MultiRegionEnabled":{"shape":"Boolean"},
+ "OrganizationEnabled":{"shape":"Boolean"},
+ "RetentionPeriod":{"shape":"RetentionPeriod"},
+ "TerminationProtectionEnabled":{"shape":"TerminationProtectionEnabled"}
+ }
+ },
+ "UpdateEventDataStoreResponse":{
+ "type":"structure",
+ "members":{
+ "EventDataStoreArn":{"shape":"EventDataStoreArn"},
+ "Name":{"shape":"EventDataStoreName"},
+ "Status":{"shape":"EventDataStoreStatus"},
+ "AdvancedEventSelectors":{"shape":"AdvancedEventSelectors"},
+ "MultiRegionEnabled":{"shape":"Boolean"},
+ "OrganizationEnabled":{"shape":"Boolean"},
+ "RetentionPeriod":{"shape":"RetentionPeriod"},
+ "TerminationProtectionEnabled":{"shape":"TerminationProtectionEnabled"},
+ "CreatedTimestamp":{"shape":"Date"},
+ "UpdatedTimestamp":{"shape":"Date"}
+ }
+ },
"UpdateTrailRequest":{
"type":"structure",
"required":["Name"],
diff --git a/models/apis/cloudtrail/2013-11-01/docs-2.json b/models/apis/cloudtrail/2013-11-01/docs-2.json
index 83d177f9f21..ef2b28cad77 100644
--- a/models/apis/cloudtrail/2013-11-01/docs-2.json
+++ b/models/apis/cloudtrail/2013-11-01/docs-2.json
@@ -3,22 +3,33 @@
"service": "CloudTrail This is the CloudTrail API Reference. It provides descriptions of actions, data types, common parameters, and common errors for CloudTrail.
CloudTrail is a web service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. The recorded information includes the identity of the user, the start time of the Amazon Web Services API call, the source IP address, the request parameters, and the response elements returned by the service.
As an alternative to the API, you can use one of the Amazon Web Services SDKs, which consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide programmatic access to CloudTrail. For example, the SDKs handle cryptographically signing requests, managing errors, and retrying requests automatically. For more information about the Amazon Web Services SDKs, including how to download and install them, see Tools to Build on Amazon Web Services.
See the CloudTrail User Guide for information about the data that is included with each Amazon Web Services API call listed in the log files.
",
"operations": {
"AddTags": "Adds one or more tags to a trail, up to a limit of 50. Overwrites an existing tag's value when a new value is specified for an existing tag key. Tag key names must be unique for a trail; you cannot have two keys with the same name but different values. If you specify a key without a value, the tag will be created with the specified key and a value of null. You can tag a trail that applies to all Amazon Web Services Regions only from the Region in which the trail was created (also known as its home region).
",
+ "CancelQuery": "Cancels a query if the query is not in a terminated state, such as CANCELLED, FAILED or FINISHED. You must specify an ARN value for EventDataStore. The ID of the query that you want to cancel is also required. When you run CancelQuery, the query status might show as CANCELLED even if the operation is not yet finished.
",
+ "CreateEventDataStore": "Creates a new event data store.
",
"CreateTrail": "Creates a trail that specifies the settings for delivery of log data to an Amazon S3 bucket.
",
+ "DeleteEventDataStore": "Disables the event data store specified by EventDataStore, which accepts an event data store ARN. After you run DeleteEventDataStore, the event data store is automatically deleted after a wait period of seven days. TerminationProtectionEnabled must be set to False on the event data store; this operation cannot work if TerminationProtectionEnabled is True.
After you run DeleteEventDataStore on an event data store, you cannot run ListQueries, DescribeQuery, or GetQueryResults on queries that are using an event data store in a PENDING_DELETION state.
",
"DeleteTrail": "Deletes a trail. This operation must be called from the region in which the trail was created. DeleteTrail cannot be called on the shadow trails (replicated trails in other regions) of a trail that is enabled in all regions.
",
+ "DescribeQuery": "Returns metadata about a query, including query run time in milliseconds, number of events scanned and matched, and query status. You must specify an ARN for EventDataStore, and a value for QueryID.
",
"DescribeTrails": "Retrieves settings for one or more trails associated with the current region for your account.
",
+ "GetEventDataStore": "Returns information about an event data store specified as either an ARN or the ID portion of the ARN.
",
"GetEventSelectors": "Describes the settings for the event selectors that you configured for your trail. The information returned for your event selectors includes the following:
-
If your event selector includes read-only events, write-only events, or all events. This applies to both management events and data events.
-
If your event selector includes management events.
-
If your event selector includes data events, the resources on which you are logging data events.
For more information, see Logging Data and Management Events for Trails in the CloudTrail User Guide.
",
"GetInsightSelectors": "Describes the settings for the Insights event selectors that you configured for your trail. GetInsightSelectors shows if CloudTrail Insights event logging is enabled on the trail, and if it is, which insight types are enabled. If you run GetInsightSelectors on a trail that does not have Insights events enabled, the operation throws the exception InsightNotEnabledException
For more information, see Logging CloudTrail Insights Events for Trails in the CloudTrail User Guide.
",
+ "GetQueryResults": "Gets event data results of a query. You must specify the QueryID value returned by the StartQuery operation, and an ARN for EventDataStore.
",
"GetTrail": "Returns settings information for a specified trail.
",
"GetTrailStatus": "Returns a JSON-formatted list of information about the specified trail. Fields include information on delivery errors, Amazon SNS and Amazon S3 errors, and start and stop logging times for each trail. This operation returns trail status from a single region. To return trail status from all regions, you must call the operation on each region.
",
+ "ListEventDataStores": "Returns information about all event data stores in the account, in the current region.
",
"ListPublicKeys": "Returns all public keys whose private keys were used to sign the digest files within the specified time range. The public key is needed to validate digest files that were signed with its corresponding private key.
CloudTrail uses different private and public key pairs per region. Each digest file is signed with a private key unique to its region. When you validate a digest file from a specific region, you must look in the same region for its corresponding public key.
",
+ "ListQueries": "Returns a list of queries and query statuses for the past seven days. You must specify an ARN value for EventDataStore. Optionally, to shorten the list of results, you can specify a time range, formatted as timestamps, by adding StartTime and EndTime parameters, and a QueryStatus value. Valid values for QueryStatus include QUEUED, RUNNING, FINISHED, FAILED, or CANCELLED.
",
"ListTags": "Lists the tags for the trail in the current region.
",
"ListTrails": "Lists trails that are in the current account.
",
"LookupEvents": "Looks up management events or CloudTrail Insights events that are captured by CloudTrail. You can look up events that occurred in a region within the last 90 days. Lookup supports the following attributes for management events:
Lookup supports the following attributes for Insights events:
-
Event ID
-
Event name
-
Event source
All attributes are optional. The default number of results returned is 50, with a maximum of 50 possible. The response includes a token that you can use to get the next page of results.
The rate of lookup requests is limited to two per second, per account, per region. If this limit is exceeded, a throttling error occurs.
",
"PutEventSelectors": "Configures an event selector or advanced event selectors for your trail. Use event selectors or advanced event selectors to specify management and data event settings for your trail. By default, trails created without specific event selectors are configured to log all read and write management events, and no data events.
When an event occurs in your account, CloudTrail evaluates the event selectors or advanced event selectors in all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.
Example
-
You create an event selector for a trail and specify that you want write-only events.
-
The EC2 GetConsoleOutput and RunInstances API operations occur in your account.
-
CloudTrail evaluates whether the events match your event selectors.
-
The RunInstances is a write-only event and it matches your event selector. The trail logs the event.
-
The GetConsoleOutput is a read-only event that doesn't match your event selector. The trail doesn't log the event.
The PutEventSelectors operation must be called from the region in which the trail was created; otherwise, an InvalidHomeRegionException exception is thrown.
You can configure up to five event selectors for each trail. For more information, see Logging data and management events for trails and Quotas in CloudTrail in the CloudTrail User Guide.
You can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either AdvancedEventSelectors or EventSelectors, but not both. If you apply AdvancedEventSelectors to a trail, any existing EventSelectors are overwritten. For more information about advanced event selectors, see Logging data events for trails in the CloudTrail User Guide.
",
- "PutInsightSelectors": "Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail. You also use PutInsightSelectors to turn off Insights event logging, by passing an empty list of insight types. The valid Insights event type in this release is ApiCallRateInsight.
",
+ "PutInsightSelectors": "Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail. You also use PutInsightSelectors to turn off Insights event logging, by passing an empty list of insight types. The valid Insights event types in this release are ApiErrorRateInsight and ApiCallRateInsight.
",
"RemoveTags": "Removes the specified tags from a trail.
",
+ "RestoreEventDataStore": "Restores a deleted event data store specified by EventDataStore, which accepts an event data store ARN. You can only restore a deleted event data store within the seven-day wait period after deletion. Restoring an event data store can take several minutes, depending on the size of the event data store.
",
"StartLogging": "Starts the recording of Amazon Web Services API calls and log file delivery for a trail. For a trail that is enabled in all regions, this operation must be called from the region in which the trail was created. This operation cannot be called on the shadow trails (replicated trails in other regions) of a trail that is enabled in all regions.
",
+ "StartQuery": "Starts a CloudTrail Lake query. The required QueryStatement parameter provides your SQL query, enclosed in single quotation marks.
",
"StopLogging": "Suspends the recording of Amazon Web Services API calls and log file delivery for the specified trail. Under most circumstances, there is no need to use this action. You can update a trail without stopping it first. This action is the only way to stop recording. For a trail enabled in all regions, this operation must be called from the region in which the trail was created, or an InvalidHomeRegionException will occur. This operation cannot be called on the shadow trails (replicated trails in other regions) of a trail enabled in all regions.
",
+ "UpdateEventDataStore": "Updates an event data store. The required EventDataStore value is an ARN or the ID portion of the ARN. Other parameters are optional, but at least one optional parameter must be specified, or CloudTrail throws an error. RetentionPeriod is in days, and valid values are integers between 90 and 2555. By default, TerminationProtection is enabled. AdvancedEventSelectors includes or excludes management and data events in your event data store; for more information about AdvancedEventSelectors, see PutEventSelectorsRequest$AdvancedEventSelectors.
",
"UpdateTrail": "Updates trail settings that control what events you are logging, and how to handle log files. Changes to a trail do not require stopping the CloudTrail service. Use this action to designate an existing bucket for log delivery. If the existing bucket has previously been a target for CloudTrail log files, an IAM policy exists for the bucket. UpdateTrail must be called from the region in which the trail was created; otherwise, an InvalidHomeRegionException is thrown.
"
},
"shapes": {
@@ -41,9 +52,16 @@
"AdvancedEventSelectors": {
"base": null,
"refs": {
+ "CreateEventDataStoreRequest$AdvancedEventSelectors": "The advanced event selectors to use to select the events for the data store. For more information about how to use advanced event selectors, see Log events by using advanced event selectors in the CloudTrail User Guide.
",
+ "CreateEventDataStoreResponse$AdvancedEventSelectors": "The advanced event selectors that were used to select the events for the data store.
",
+ "EventDataStore$AdvancedEventSelectors": "The advanced event selectors that were used to select events for the data store.
",
+ "GetEventDataStoreResponse$AdvancedEventSelectors": "The advanced event selectors used to select events for the data store.
",
"GetEventSelectorsResponse$AdvancedEventSelectors": " The advanced event selectors that are configured for the trail.
",
"PutEventSelectorsRequest$AdvancedEventSelectors": " Specifies the settings for advanced event selectors. You can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either AdvancedEventSelectors or EventSelectors, but not both. If you apply AdvancedEventSelectors to a trail, any existing EventSelectors are overwritten. For more information about advanced event selectors, see Logging data events for trails in the CloudTrail User Guide.
",
- "PutEventSelectorsResponse$AdvancedEventSelectors": "Specifies the advanced event selectors configured for your trail.
"
+ "PutEventSelectorsResponse$AdvancedEventSelectors": "Specifies the advanced event selectors configured for your trail.
",
+ "RestoreEventDataStoreResponse$AdvancedEventSelectors": "The advanced event selectors that were used to select events.
",
+ "UpdateEventDataStoreRequest$AdvancedEventSelectors": "The advanced event selectors used to select events for the event data store.
",
+ "UpdateEventDataStoreResponse$AdvancedEventSelectors": "The advanced event selectors that are applied to the event data store.
"
}
},
"AdvancedFieldSelector": {
@@ -61,6 +79,10 @@
"Boolean": {
"base": null,
"refs": {
+ "CreateEventDataStoreRequest$MultiRegionEnabled": "Specifies whether the event data store includes events from all regions, or only from the region in which the event data store is created.
",
+ "CreateEventDataStoreRequest$OrganizationEnabled": "Specifies whether an event data store collects events logged for an organization in Organizations.
",
+ "CreateEventDataStoreResponse$MultiRegionEnabled": "Indicates whether the event data store collects events from all regions, or only from the region in which it was created.
",
+ "CreateEventDataStoreResponse$OrganizationEnabled": "Indicates whether an event data store is collecting logged events for an organization in Organizations.
",
"CreateTrailRequest$IncludeGlobalServiceEvents": "Specifies whether the trail is publishing events from global services such as IAM to the log files.
",
"CreateTrailRequest$IsMultiRegionTrail": "Specifies whether the trail is created in the current region or in all regions. The default is false, which creates a trail only in the region where you are signed in. As a best practice, consider creating trails that log events in all regions.
",
"CreateTrailRequest$EnableLogFileValidation": "Specifies whether log file integrity validation is enabled. The default is false.
When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.
",
@@ -70,14 +92,24 @@
"CreateTrailResponse$LogFileValidationEnabled": "Specifies whether log file integrity validation is enabled.
",
"CreateTrailResponse$IsOrganizationTrail": "Specifies whether the trail is an organization trail.
",
"DescribeTrailsRequest$includeShadowTrails": "Specifies whether to include shadow trails in the response. A shadow trail is the replication in a region of a trail that was created in a different region, or in the case of an organization trail, the replication of an organization trail in member accounts. If you do not include shadow trails, organization trails in a member account and region replication trails will not be returned. The default is true.
",
+ "EventDataStore$MultiRegionEnabled": "Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
",
+ "EventDataStore$OrganizationEnabled": "Indicates that an event data store is collecting logged events for an organization.
",
"EventSelector$IncludeManagementEvents": "Specify if you want your event selector to include management events for your trail.
For more information, see Management Events in the CloudTrail User Guide.
By default, the value is true.
The first copy of management events is free. You are charged for additional copies of management events that you are logging on any subsequent trail in the same region. For more information about CloudTrail pricing, see CloudTrail Pricing.
",
+ "GetEventDataStoreResponse$MultiRegionEnabled": "Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
",
+ "GetEventDataStoreResponse$OrganizationEnabled": "Indicates whether an event data store is collecting logged events for an organization in Organizations.
",
"GetTrailStatusResponse$IsLogging": "Whether the CloudTrail trail is currently logging Amazon Web Services API calls.
",
+ "RestoreEventDataStoreResponse$MultiRegionEnabled": "Indicates whether the event data store is collecting events from all regions, or only from the region in which the event data store was created.
",
+ "RestoreEventDataStoreResponse$OrganizationEnabled": "Indicates whether an event data store is collecting logged events for an organization in Organizations.
",
"Trail$IncludeGlobalServiceEvents": "Set to True to include Amazon Web Services API calls from Amazon Web Services global services such as IAM. Otherwise, False.
",
"Trail$IsMultiRegionTrail": "Specifies whether the trail exists only in one region or exists in all regions.
",
"Trail$LogFileValidationEnabled": "Specifies whether log file validation is enabled.
",
"Trail$HasCustomEventSelectors": "Specifies if the trail has custom event selectors.
",
"Trail$HasInsightSelectors": "Specifies whether a trail has insight types specified in an InsightSelector list.
",
"Trail$IsOrganizationTrail": "Specifies whether the trail is an organization trail.
",
+ "UpdateEventDataStoreRequest$MultiRegionEnabled": "Specifies whether an event data store collects events from all regions, or only from the region in which it was created.
",
+ "UpdateEventDataStoreRequest$OrganizationEnabled": "Specifies whether an event data store collects events logged for an organization in Organizations.
",
+ "UpdateEventDataStoreResponse$MultiRegionEnabled": "Indicates whether the event data store includes events from all regions, or only from the region in which it was created.
",
+ "UpdateEventDataStoreResponse$OrganizationEnabled": "Indicates whether an event data store is collecting logged events for an organization in Organizations.
",
"UpdateTrailRequest$IncludeGlobalServiceEvents": "Specifies whether the trail is publishing events from global services such as IAM to the log files.
",
"UpdateTrailRequest$IsMultiRegionTrail": "Specifies whether the trail applies only to the current region or to all regions. The default is false. If the trail exists only in the current region and this value is set to true, shadow trails (replications of the trail) will be created in the other regions. If the trail exists in all regions and this value is set to false, the trail will remain in the region where it was created, and its shadow trails in other regions will be deleted. As a best practice, consider using trails that log events in all regions.
",
"UpdateTrailRequest$EnableLogFileValidation": "Specifies whether log file validation is enabled. The default is false.
When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.
",
@@ -94,6 +126,16 @@
"PublicKey$Value": "The DER encoded public key value in PKCS#1 format.
"
}
},
+ "CancelQueryRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "CancelQueryResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"CloudTrailARNInvalidException": {
"base": "This exception is thrown when an operation is called with a trail ARN that is not valid. The following is the format of a trail ARN.
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
",
"refs": {
@@ -119,6 +161,16 @@
"refs": {
}
},
+ "CreateEventDataStoreRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "CreateEventDataStoreResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"CreateTrailRequest": {
"base": "Specifies the settings for each trail.
",
"refs": {
@@ -150,7 +202,13 @@
"Date": {
"base": null,
"refs": {
+ "CreateEventDataStoreResponse$CreatedTimestamp": "The timestamp that shows when the event data store was created.
",
+ "CreateEventDataStoreResponse$UpdatedTimestamp": "The timestamp that shows when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
",
"Event$EventTime": "The date and time of the event returned.
",
+ "EventDataStore$CreatedTimestamp": "The timestamp of the event data store's creation.
",
+ "EventDataStore$UpdatedTimestamp": "The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
",
+ "GetEventDataStoreResponse$CreatedTimestamp": "The timestamp of the event data store's creation.
",
+ "GetEventDataStoreResponse$UpdatedTimestamp": "Shows the time that an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
",
"GetTrailStatusResponse$LatestDeliveryTime": "Specifies the date and time that CloudTrail last delivered log files to an account's Amazon S3 bucket.
",
"GetTrailStatusResponse$LatestNotificationTime": "Specifies the date and time of the most recent Amazon SNS notification that CloudTrail has written a new log file to an account's Amazon S3 bucket.
",
"GetTrailStatusResponse$StartLoggingTime": "Specifies the most recent date and time when CloudTrail started recording API calls for an Amazon Web Services account.
",
@@ -159,10 +217,28 @@
"GetTrailStatusResponse$LatestDigestDeliveryTime": "Specifies the date and time that CloudTrail last delivered a digest file to an account's Amazon S3 bucket.
",
"ListPublicKeysRequest$StartTime": "Optionally specifies, in UTC, the start of the time range to look up public keys for CloudTrail digest files. If not specified, the current time is used, and the current public key is returned.
",
"ListPublicKeysRequest$EndTime": "Optionally specifies, in UTC, the end of the time range to look up public keys for CloudTrail digest files. If not specified, the current time is used.
",
+ "ListQueriesRequest$StartTime": "Use with EndTime to bound a ListQueries request, and limit its results to only those queries run within a specified time period.
",
+ "ListQueriesRequest$EndTime": "Use with StartTime to bound a ListQueries request, and limit its results to only those queries run within a specified time period.
",
"LookupEventsRequest$StartTime": "Specifies that only events that occur after or at the specified time are returned. If the specified start time is after the specified end time, an error is returned.
",
"LookupEventsRequest$EndTime": "Specifies that only events that occur before or at the specified time are returned. If the specified end time is before the specified start time, an error is returned.
",
"PublicKey$ValidityStartTime": "The starting time of validity of the public key.
",
- "PublicKey$ValidityEndTime": "The ending time of validity of the public key.
"
+ "PublicKey$ValidityEndTime": "The ending time of validity of the public key.
",
+ "Query$CreationTime": "The creation time of a query.
",
+ "QueryStatisticsForDescribeQuery$CreationTime": "The creation time of the query.
",
+ "RestoreEventDataStoreResponse$CreatedTimestamp": "The timestamp of an event data store's creation.
",
+ "RestoreEventDataStoreResponse$UpdatedTimestamp": "The timestamp that shows when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
",
+ "UpdateEventDataStoreResponse$CreatedTimestamp": "The timestamp that shows when an event data store was first created.
",
+ "UpdateEventDataStoreResponse$UpdatedTimestamp": "The timestamp that shows when the event data store was last updated. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp.
"
+ }
+ },
+ "DeleteEventDataStoreRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "DeleteEventDataStoreResponse": {
+ "base": null,
+ "refs": {
}
},
"DeleteTrailRequest": {
@@ -175,6 +251,16 @@
"refs": {
}
},
+ "DescribeQueryRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "DescribeQueryResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"DescribeTrailsRequest": {
"base": "Returns information about the trail.
",
"refs": {
@@ -185,6 +271,13 @@
"refs": {
}
},
+ "ErrorMessage": {
+ "base": null,
+ "refs": {
+ "DescribeQueryResponse$ErrorMessage": "The error message returned if a query failed.
",
+ "GetQueryResultsResponse$ErrorMessage": "The error message returned if a query failed.
"
+ }
+ },
"Event": {
"base": "Contains information about an event that was returned by a lookup request. The result includes a representation of a CloudTrail event.
",
"refs": {
@@ -197,6 +290,83 @@
"LookupEventsRequest$EventCategory": "Specifies the event category. If you do not specify an event category, events of the category are not returned in the response. For example, if you do not specify insight as the value of EventCategory, no Insights events are returned.
"
}
},
+ "EventDataStore": {
+ "base": "A storage lake of event data against which you can run complex SQL-based queries. An event data store can include events that you have logged on your account from the last 90 to 2555 days (about three months to up to seven years). To select events for an event data store, use advanced event selectors.
",
+ "refs": {
+ "EventDataStores$member": null
+ }
+ },
+ "EventDataStoreARNInvalidException": {
+ "base": "The specified event data store ARN is not valid or does not map to an event data store in your account.
",
+ "refs": {
+ }
+ },
+ "EventDataStoreAlreadyExistsException": {
+ "base": "An event data store with that name already exists.
",
+ "refs": {
+ }
+ },
+ "EventDataStoreArn": {
+ "base": null,
+ "refs": {
+ "CancelQueryRequest$EventDataStore": "The ARN (or the ID suffix of the ARN) of an event data store on which the specified query is running.
",
+ "CreateEventDataStoreResponse$EventDataStoreArn": "The ARN of the event data store.
",
+ "DeleteEventDataStoreRequest$EventDataStore": "The ARN (or the ID suffix of the ARN) of the event data store to delete.
",
+ "DescribeQueryRequest$EventDataStore": "The ARN (or the ID suffix of the ARN) of an event data store on which the specified query was run.
",
+ "EventDataStore$EventDataStoreArn": "The ARN of the event data store.
",
+ "GetEventDataStoreRequest$EventDataStore": "The ARN (or ID suffix of the ARN) of the event data store about which you want information.
",
+ "GetEventDataStoreResponse$EventDataStoreArn": "The event data store Amazon Resource Number (ARN).
",
+ "GetQueryResultsRequest$EventDataStore": "The ARN (or ID suffix of the ARN) of the event data store against which the query was run.
",
+ "ListQueriesRequest$EventDataStore": "The ARN (or the ID suffix of the ARN) of an event data store on which queries were run.
",
+ "RestoreEventDataStoreRequest$EventDataStore": "The ARN (or the ID suffix of the ARN) of the event data store that you want to restore.
",
+ "RestoreEventDataStoreResponse$EventDataStoreArn": "The event data store ARN.
",
+ "UpdateEventDataStoreRequest$EventDataStore": "The ARN (or the ID suffix of the ARN) of the event data store that you want to update.
",
+ "UpdateEventDataStoreResponse$EventDataStoreArn": "The ARN of the event data store.
"
+ }
+ },
+ "EventDataStoreMaxLimitExceededException": {
+ "base": "Your account has used the maximum number of event data stores.
",
+ "refs": {
+ }
+ },
+ "EventDataStoreName": {
+ "base": null,
+ "refs": {
+ "CreateEventDataStoreRequest$Name": "The name of the event data store.
",
+ "CreateEventDataStoreResponse$Name": "The name of the event data store.
",
+ "EventDataStore$Name": "The name of the event data store.
",
+ "GetEventDataStoreResponse$Name": "The name of the event data store.
",
+ "RestoreEventDataStoreResponse$Name": "The name of the event data store.
",
+ "UpdateEventDataStoreRequest$Name": "The event data store name.
",
+ "UpdateEventDataStoreResponse$Name": "The name of the event data store.
"
+ }
+ },
+ "EventDataStoreNotFoundException": {
+ "base": "The specified event data store was not found.
",
+ "refs": {
+ }
+ },
+ "EventDataStoreStatus": {
+ "base": null,
+ "refs": {
+ "CreateEventDataStoreResponse$Status": "The status of event data store creation.
",
+ "EventDataStore$Status": "The status of an event data store. Values are ENABLED and PENDING_DELETION.
",
+ "GetEventDataStoreResponse$Status": "The status of an event data store. Values can be ENABLED and PENDING_DELETION.
",
+ "RestoreEventDataStoreResponse$Status": "The status of the event data store.
",
+ "UpdateEventDataStoreResponse$Status": "The status of an event data store. Values can be ENABLED and PENDING_DELETION.
"
+ }
+ },
+ "EventDataStoreTerminationProtectedException": {
+ "base": "The event data store cannot be deleted because termination protection is enabled for it.
",
+ "refs": {
+ }
+ },
+ "EventDataStores": {
+ "base": null,
+ "refs": {
+ "ListEventDataStoresResponse$EventDataStores": "Contains information about event data stores in the account, in the current region.
"
+ }
+ },
"EventSelector": {
"base": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.
You can configure up to five event selectors for a trail.
You cannot apply both event selectors and advanced event selectors to a trail.
",
"refs": {
@@ -223,6 +393,16 @@
"EventSelector$ExcludeManagementEventSources": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out Key Management Service or Amazon RDS Data API events by containing kms.amazonaws.com or rdsdata.amazonaws.com. By default, ExcludeManagementEventSources is empty, and KMS and Amazon RDS Data API events are logged to your trail.
"
}
},
+ "GetEventDataStoreRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "GetEventDataStoreResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"GetEventSelectorsRequest": {
"base": null,
"refs": {
@@ -243,6 +423,16 @@
"refs": {
}
},
+ "GetQueryResultsRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "GetQueryResultsResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"GetTrailRequest": {
"base": null,
"refs": {
@@ -263,6 +453,16 @@
"refs": {
}
},
+ "InactiveEventDataStoreException": {
+ "base": "The event data store against which you ran your query is inactive.
",
+ "refs": {
+ }
+ },
+ "InactiveQueryException": {
+ "base": "The specified query cannot be canceled because it is in the FINISHED, FAILED, or CANCELLED state.
",
+ "refs": {
+ }
+ },
"InsightNotEnabledException": {
"base": "If you run GetInsightSelectors on a trail that does not have Insights events enabled, the operation throws the exception InsightNotEnabledException.
",
"refs": {
@@ -277,15 +477,15 @@
"InsightSelectors": {
"base": null,
"refs": {
- "GetInsightSelectorsResponse$InsightSelectors": "A JSON string that contains the insight types you want to log on a trail. In this release, only ApiCallRateInsight is supported as an insight type.
",
- "PutInsightSelectorsRequest$InsightSelectors": "A JSON string that contains the Insights types that you want to log on a trail. The valid Insights type in this release is ApiCallRateInsight.
",
- "PutInsightSelectorsResponse$InsightSelectors": "A JSON string that contains the Insights event types that you want to log on a trail. The valid Insights type in this release is ApiCallRateInsight.
"
+ "GetInsightSelectorsResponse$InsightSelectors": "A JSON string that contains the insight types you want to log on a trail. In this release, ApiErrorRateInsight and ApiCallRateInsight are supported as insight types.
",
+ "PutInsightSelectorsRequest$InsightSelectors": "A JSON string that contains the insight types you want to log on a trail. ApiCallRateInsight and ApiErrorRateInsight are valid insight types.
",
+ "PutInsightSelectorsResponse$InsightSelectors": "A JSON string that contains the Insights event types that you want to log on a trail. The valid Insights types in this release are ApiErrorRateInsight and ApiCallRateInsight.
"
}
},
"InsightType": {
"base": null,
"refs": {
- "InsightSelector$InsightType": "The type of Insights events to log on a trail. The valid Insights type in this release is ApiCallRateInsight.
"
+ "InsightSelector$InsightType": "The type of insights to log on a trail. ApiCallRateInsight and ApiErrorRateInsight are valid insight types.
"
}
},
"InsufficientDependencyServiceAccessPermissionException": {
@@ -308,6 +508,14 @@
"refs": {
}
},
+ "Integer": {
+ "base": null,
+ "refs": {
+ "QueryStatistics$ResultsCount": "The number of results returned.
",
+ "QueryStatistics$TotalResultsCount": "The total number of results returned by a query.
",
+ "QueryStatisticsForDescribeQuery$ExecutionTimeInMillis": "The query's run time, in milliseconds.
"
+ }
+ },
"InvalidCloudWatchLogsLogGroupArnException": {
"base": "This exception is thrown when the provided CloudWatch Logs log group is not valid.
",
"refs": {
@@ -318,11 +526,21 @@
"refs": {
}
},
+ "InvalidDateRangeException": {
+ "base": "A date range for the query was specified that is not valid. For more information about writing a query, see Create or edit a query in the CloudTrail User Guide.
",
+ "refs": {
+ }
+ },
"InvalidEventCategoryException": {
"base": "Occurs if an event category that is not valid is specified as a value of EventCategory.
",
"refs": {
}
},
+ "InvalidEventDataStoreStatusException": {
+ "base": "The event data store is not in a status that supports the operation.
",
+ "refs": {
+ }
+ },
"InvalidEventSelectorsException": {
"base": "This exception is thrown when the PutEventSelectors operation is called with a number of event selectors, advanced event selectors, or data resources that is not valid. The combination of event selectors or advanced event selectors and data resources is not valid. A trail can have up to 5 event selectors. If a trail uses advanced event selectors, a maximum of 500 total values for all conditions in all advanced event selectors is allowed. A trail is limited to 250 data resources. These data resources can be distributed across event selectors, but the overall total cannot exceed 250.
You can:
-
Specify a valid number of event selectors (1 to 5) for a trail.
-
Specify a valid number of data resources (1 to 250) for an event selector. The limit of number of resources on an individual event selector is configurable up to 250. However, this upper limit is allowed only if the total number of data resources does not exceed 250 across all event selectors for a trail.
-
Specify up to 500 values for all conditions in all advanced event selectors for a trail.
-
Specify a valid value for a parameter. For example, specifying the ReadWriteType parameter with a value of read-only is not valid.
",
"refs": {
@@ -363,6 +581,21 @@
"refs": {
}
},
+ "InvalidParameterException": {
+ "base": "The request includes a parameter that is not valid.
",
+ "refs": {
+ }
+ },
+ "InvalidQueryStatementException": {
+ "base": "The query that was submitted has validation errors, or uses incorrect syntax or unsupported keywords. For more information about writing a query, see Create or edit a query in the CloudTrail User Guide.
",
+ "refs": {
+ }
+ },
+ "InvalidQueryStatusException": {
+ "base": "The query status is not valid for the operation.
",
+ "refs": {
+ }
+ },
"InvalidS3BucketNameException": {
"base": "This exception is thrown when the provided S3 bucket name is not valid.
",
"refs": {
@@ -413,6 +646,22 @@
"refs": {
}
},
+ "ListEventDataStoresMaxResultsCount": {
+ "base": null,
+ "refs": {
+ "ListEventDataStoresRequest$MaxResults": "The maximum number of event data stores to display on a single page.
"
+ }
+ },
+ "ListEventDataStoresRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "ListEventDataStoresResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"ListPublicKeysRequest": {
"base": "Requests the public keys for a specified time range.
",
"refs": {
@@ -423,6 +672,22 @@
"refs": {
}
},
+ "ListQueriesMaxResultsCount": {
+ "base": null,
+ "refs": {
+ "ListQueriesRequest$MaxResults": "The maximum number of queries to show on a page.
"
+ }
+ },
+ "ListQueriesRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "ListQueriesResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"ListTagsRequest": {
"base": "Specifies a list of trail tags to return.
",
"refs": {
@@ -443,6 +708,13 @@
"refs": {
}
},
+ "Long": {
+ "base": null,
+ "refs": {
+ "QueryStatisticsForDescribeQuery$EventsMatched": "The number of events that matched a query.
",
+ "QueryStatisticsForDescribeQuery$EventsScanned": "The number of events that the query scanned in the event data store.
"
+ }
+ },
"LookupAttribute": {
"base": "Specifies an attribute and value that filter the events returned.
",
"refs": {
@@ -471,6 +743,17 @@
"refs": {
}
},
+ "MaxConcurrentQueriesException": {
+ "base": "You are already running the maximum number of concurrent queries. Wait a minute for some queries to finish, and then run the query again.
",
+ "refs": {
+ }
+ },
+ "MaxQueryResults": {
+ "base": null,
+ "refs": {
+ "GetQueryResultsRequest$MaxQueryResults": "The maximum number of query results to display on a single page.
"
+ }
+ },
"MaxResults": {
"base": null,
"refs": {
@@ -526,6 +809,17 @@
"refs": {
}
},
+ "PaginationToken": {
+ "base": null,
+ "refs": {
+ "GetQueryResultsRequest$NextToken": "A token you can use to get the next page of query results.
",
+ "GetQueryResultsResponse$NextToken": "A token you can use to get the next page of query results.
",
+ "ListEventDataStoresRequest$NextToken": "A token you can use to get the next page of event data store results.
",
+ "ListEventDataStoresResponse$NextToken": "A token you can use to get the next page of results.
",
+ "ListQueriesRequest$NextToken": "A token you can use to get the next page of results.
",
+ "ListQueriesResponse$NextToken": "A token you can use to get the next page of results.
"
+ }
+ },
"PublicKey": {
"base": "Contains information about a returned public key.
",
"refs": {
@@ -558,6 +852,82 @@
"refs": {
}
},
+ "Queries": {
+ "base": null,
+ "refs": {
+ "ListQueriesResponse$Queries": "Lists matching query results, and shows query ID, status, and creation time of each query.
"
+ }
+ },
+ "Query": {
+ "base": "A SQL string of criteria about events that you want to collect in an event data store.
",
+ "refs": {
+ "Queries$member": null
+ }
+ },
+ "QueryIdNotFoundException": {
+ "base": "The query ID does not exist or does not map to a query.
",
+ "refs": {
+ }
+ },
+ "QueryResultColumn": {
+ "base": null,
+ "refs": {
+ "QueryResultRow$member": null
+ }
+ },
+ "QueryResultKey": {
+ "base": null,
+ "refs": {
+ "QueryResultColumn$key": null
+ }
+ },
+ "QueryResultRow": {
+ "base": null,
+ "refs": {
+ "QueryResultRows$member": null
+ }
+ },
+ "QueryResultRows": {
+ "base": null,
+ "refs": {
+ "GetQueryResultsResponse$QueryResultRows": "Contains the individual event results of the query.
"
+ }
+ },
+ "QueryResultValue": {
+ "base": null,
+ "refs": {
+ "QueryResultColumn$value": null
+ }
+ },
+ "QueryStatement": {
+ "base": null,
+ "refs": {
+ "DescribeQueryResponse$QueryString": "The SQL code of a query.
",
+ "StartQueryRequest$QueryStatement": "The SQL code of your query.
"
+ }
+ },
+ "QueryStatistics": {
+ "base": "Metadata about a query, such as the number of results.
",
+ "refs": {
+ "GetQueryResultsResponse$QueryStatistics": "Shows the count of query results.
"
+ }
+ },
+ "QueryStatisticsForDescribeQuery": {
+ "base": "Gets metadata about a query, including the number of events that were matched, the total number of events scanned, the query run time in milliseconds, and the query's creation time.
",
+ "refs": {
+ "DescribeQueryResponse$QueryStatistics": "Metadata about a query, including the number of events that were matched, the total number of events scanned, the query run time in milliseconds, and the query's creation time.
"
+ }
+ },
+ "QueryStatus": {
+ "base": null,
+ "refs": {
+ "CancelQueryResponse$QueryStatus": "Shows the status of a query after a CancelQuery request. Typically, the values shown are either RUNNING or CANCELLED.
",
+ "DescribeQueryResponse$QueryStatus": "The status of a query. Values for QueryStatus include QUEUED, RUNNING, FINISHED, FAILED, or CANCELLED
",
+ "GetQueryResultsResponse$QueryStatus": "The status of the query. Values include QUEUED, RUNNING, FINISHED, FAILED, or CANCELLED.
",
+ "ListQueriesRequest$QueryStatus": "The status of queries that you want to return in results. Valid values for QueryStatus include QUEUED, RUNNING, FINISHED, FAILED, or CANCELLED.
",
+ "Query$QueryStatus": "The status of the query. This can be QUEUED, RUNNING, FINISHED, FAILED, or CANCELLED.
"
+ }
+ },
"ReadWriteType": {
"base": null,
"refs": {
@@ -614,6 +984,28 @@
"refs": {
}
},
+ "RestoreEventDataStoreRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "RestoreEventDataStoreResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "RetentionPeriod": {
+ "base": null,
+ "refs": {
+ "CreateEventDataStoreRequest$RetentionPeriod": "The retention period of the event data store, in days. You can set a retention period of up to 2555 days, the equivalent of seven years.
",
+ "CreateEventDataStoreResponse$RetentionPeriod": "The retention period of an event data store, in days.
",
+ "EventDataStore$RetentionPeriod": "The retention period, in days.
",
+ "GetEventDataStoreResponse$RetentionPeriod": "The retention period of the event data store, in days.
",
+ "RestoreEventDataStoreResponse$RetentionPeriod": "The retention period, in days.
",
+ "UpdateEventDataStoreRequest$RetentionPeriod": "The retention period, in days.
",
+ "UpdateEventDataStoreResponse$RetentionPeriod": "The retention period, in days.
"
+ }
+ },
"S3BucketDoesNotExistException": {
"base": "This exception is thrown when the specified S3 bucket does not exist.
",
"refs": {
@@ -641,6 +1033,16 @@
"refs": {
}
},
+ "StartQueryRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "StartQueryResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"StopLoggingRequest": {
"base": "Passes the request to CloudTrail to stop logging Amazon Web Services API calls for the specified account.
",
"refs": {
@@ -717,8 +1119,6 @@
"ResourceTag$ResourceId": "Specifies the ARN of the resource.
",
"StartLoggingRequest$Name": "Specifies the name or the CloudTrail ARN of the trail for which CloudTrail logs Amazon Web Services API calls. The following is the format of a trail ARN.
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
",
"StopLoggingRequest$Name": "Specifies the name or the CloudTrail ARN of the trail for which CloudTrail will stop logging Amazon Web Services API calls. The following is the format of a trail ARN.
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
",
- "Tag$Key": "The key in a key-value pair. The key must be must be no longer than 128 Unicode characters. The key must be unique for the resource to which it applies.
",
- "Tag$Value": "The value in a key-value pair of a tag. The value must be no longer than 256 Unicode characters.
",
"Trail$Name": "Name of the trail set by calling CreateTrail. The maximum length is 128 characters.
",
"Trail$S3BucketName": "Name of the Amazon S3 bucket into which CloudTrail delivers your trail files. See Amazon S3 Bucket Naming Requirements.
",
"Trail$S3KeyPrefix": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files. The maximum length is 200 characters.
",
@@ -757,6 +1157,18 @@
"TagsList$member": null
}
},
+ "TagKey": {
+ "base": null,
+ "refs": {
+ "Tag$Key": "The key in a key-value pair. The key must be must be no longer than 128 Unicode characters. The key must be unique for the resource to which it applies.
"
+ }
+ },
+ "TagValue": {
+ "base": null,
+ "refs": {
+ "Tag$Value": "The value in a key-value pair of a tag. The value must be no longer than 256 Unicode characters.
"
+ }
+ },
"TagsLimitExceededException": {
"base": "The number of tags per trail has exceeded the permitted amount. Currently, the limit is 50.
",
"refs": {
@@ -766,11 +1178,25 @@
"base": "A list of tags.
",
"refs": {
"AddTagsRequest$TagsList": "Contains a list of tags, up to a limit of 50
",
+ "CreateEventDataStoreRequest$TagsList": null,
+ "CreateEventDataStoreResponse$TagsList": null,
"CreateTrailRequest$TagsList": null,
"RemoveTagsRequest$TagsList": "Specifies a list of tags to be removed.
",
"ResourceTag$TagsList": "A list of tags.
"
}
},
+ "TerminationProtectionEnabled": {
+ "base": null,
+ "refs": {
+ "CreateEventDataStoreRequest$TerminationProtectionEnabled": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.
",
+ "CreateEventDataStoreResponse$TerminationProtectionEnabled": "Indicates whether termination protection is enabled for the event data store.
",
+ "EventDataStore$TerminationProtectionEnabled": "Indicates whether the event data store is protected from termination.
",
+ "GetEventDataStoreResponse$TerminationProtectionEnabled": "Indicates that termination protection is enabled.
",
+ "RestoreEventDataStoreResponse$TerminationProtectionEnabled": "Indicates that termination protection is enabled and the event data store cannot be automatically deleted.
",
+ "UpdateEventDataStoreRequest$TerminationProtectionEnabled": "Indicates that termination protection is enabled and the event data store cannot be automatically deleted.
",
+ "UpdateEventDataStoreResponse$TerminationProtectionEnabled": "Indicates whether termination protection is enabled for the event data store.
"
+ }
+ },
"Trail": {
"base": "The settings for a trail.
",
"refs": {
@@ -817,11 +1243,33 @@
"ListTrailsResponse$Trails": "Returns the name, ARN, and home region of trails in the current account.
"
}
},
+ "UUID": {
+ "base": null,
+ "refs": {
+ "CancelQueryRequest$QueryId": "The ID of the query that you want to cancel. The QueryId comes from the response of a StartQuery operation.
",
+ "CancelQueryResponse$QueryId": "The ID of the canceled query.
",
+ "DescribeQueryRequest$QueryId": "The query ID.
",
+ "DescribeQueryResponse$QueryId": "The ID of the query.
",
+ "GetQueryResultsRequest$QueryId": "The ID of the query for which you want to get results.
",
+ "Query$QueryId": "The ID of a query.
",
+ "StartQueryResponse$QueryId": "The ID of the started query.
"
+ }
+ },
"UnsupportedOperationException": {
"base": "This exception is thrown when the requested operation is not supported.
",
"refs": {
}
},
+ "UpdateEventDataStoreRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "UpdateEventDataStoreResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"UpdateTrailRequest": {
"base": "Specifies settings to update for the trail.
",
"refs": {
diff --git a/models/apis/cloudtrail/2013-11-01/paginators-1.json b/models/apis/cloudtrail/2013-11-01/paginators-1.json
index 30bbeca8128..e0bceb2e403 100644
--- a/models/apis/cloudtrail/2013-11-01/paginators-1.json
+++ b/models/apis/cloudtrail/2013-11-01/paginators-1.json
@@ -3,11 +3,25 @@
"DescribeTrails": {
"result_key": "trailList"
},
+ "GetQueryResults": {
+ "input_token": "NextToken",
+ "output_token": "NextToken"
+ },
+ "ListEventDataStores": {
+ "input_token": "NextToken",
+ "limit_key": "MaxResults",
+ "output_token": "NextToken"
+ },
"ListPublicKeys": {
"input_token": "NextToken",
"output_token": "NextToken",
"result_key": "PublicKeyList"
},
+ "ListQueries": {
+ "input_token": "NextToken",
+ "limit_key": "MaxResults",
+ "output_token": "NextToken"
+ },
"ListTags": {
"input_token": "NextToken",
"output_token": "NextToken",
diff --git a/models/apis/ec2/2016-11-15/api-2.json b/models/apis/ec2/2016-11-15/api-2.json
index 36febc2426d..d6e57e9e4d2 100755
--- a/models/apis/ec2/2016-11-15/api-2.json
+++ b/models/apis/ec2/2016-11-15/api-2.json
@@ -3963,6 +3963,15 @@
"input":{"shape":"ModifyVpcEndpointServiceConfigurationRequest"},
"output":{"shape":"ModifyVpcEndpointServiceConfigurationResult"}
},
+ "ModifyVpcEndpointServicePayerResponsibility":{
+ "name":"ModifyVpcEndpointServicePayerResponsibility",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"ModifyVpcEndpointServicePayerResponsibilityRequest"},
+ "output":{"shape":"ModifyVpcEndpointServicePayerResponsibilityResult"}
+ },
"ModifyVpcEndpointServicePermissions":{
"name":"ModifyVpcEndpointServicePermissions",
"http":{
@@ -20579,7 +20588,7 @@
"locationName":"instanceFamily"
},
"OfferingId":{
- "shape":"String",
+ "shape":"OfferingId",
"locationName":"offeringId"
},
"PaymentOption":{
@@ -20655,7 +20664,7 @@
"locationName":"hostIdSet"
},
"HostReservationId":{
- "shape":"String",
+ "shape":"HostReservationId",
"locationName":"hostReservationId"
},
"HourlyPrice":{
@@ -20667,7 +20676,7 @@
"locationName":"instanceFamily"
},
"OfferingId":{
- "shape":"String",
+ "shape":"OfferingId",
"locationName":"offeringId"
},
"PaymentOption":{
@@ -27680,6 +27689,27 @@
}
}
},
+ "ModifyVpcEndpointServicePayerResponsibilityRequest":{
+ "type":"structure",
+ "required":[
+ "ServiceId",
+ "PayerResponsibility"
+ ],
+ "members":{
+ "DryRun":{"shape":"Boolean"},
+ "ServiceId":{"shape":"VpcEndpointServiceId"},
+ "PayerResponsibility":{"shape":"PayerResponsibility"}
+ }
+ },
+ "ModifyVpcEndpointServicePayerResponsibilityResult":{
+ "type":"structure",
+ "members":{
+ "ReturnValue":{
+ "shape":"Boolean",
+ "locationName":"return"
+ }
+ }
+ },
"ModifyVpcEndpointServicePermissionsRequest":{
"type":"structure",
"required":["ServiceId"],
@@ -29216,6 +29246,10 @@
"ResourceStatement":{"shape":"ResourceStatementRequest"}
}
},
+ "PayerResponsibility":{
+ "type":"string",
+ "enum":["ServiceOwner"]
+ },
"PaymentOption":{
"type":"string",
"enum":[
@@ -30287,7 +30321,7 @@
"locationName":"hostIdSet"
},
"HostReservationId":{
- "shape":"String",
+ "shape":"HostReservationId",
"locationName":"hostReservationId"
},
"HourlyPrice":{
@@ -33648,6 +33682,10 @@
"shape":"PrivateDnsNameConfiguration",
"locationName":"privateDnsNameConfiguration"
},
+ "PayerResponsibility":{
+ "shape":"PayerResponsibility",
+ "locationName":"payerResponsibility"
+ },
"Tags":{
"shape":"TagList",
"locationName":"tagSet"
@@ -33708,6 +33746,10 @@
"shape":"Boolean",
"locationName":"managesVpcEndpoints"
},
+ "PayerResponsibility":{
+ "shape":"PayerResponsibility",
+ "locationName":"payerResponsibility"
+ },
"Tags":{
"shape":"TagList",
"locationName":"tagSet"
diff --git a/models/apis/ec2/2016-11-15/docs-2.json b/models/apis/ec2/2016-11-15/docs-2.json
index 1a6506f321f..00fa143ec22 100755
--- a/models/apis/ec2/2016-11-15/docs-2.json
+++ b/models/apis/ec2/2016-11-15/docs-2.json
@@ -446,6 +446,7 @@
"ModifyVpcEndpoint": "Modifies attributes of a specified VPC endpoint. The attributes that you can modify depend on the type of VPC endpoint (interface, gateway, or Gateway Load Balancer). For more information, see VPC Endpoints in the Amazon Virtual Private Cloud User Guide.
",
"ModifyVpcEndpointConnectionNotification": "Modifies a connection notification for VPC endpoint or VPC endpoint service. You can change the SNS topic for the notification, or the events for which to be notified.
",
"ModifyVpcEndpointServiceConfiguration": "Modifies the attributes of your VPC endpoint service configuration. You can change the Network Load Balancers or Gateway Load Balancers for your service, and you can specify whether acceptance is required for requests to connect to your endpoint service through an interface VPC endpoint.
If you set or modify the private DNS name, you must prove that you own the private DNS domain name. For more information, see VPC Endpoint Service Private DNS Name Verification in the Amazon Virtual Private Cloud User Guide.
",
+ "ModifyVpcEndpointServicePayerResponsibility": "Modifies the payer responsibility for your VPC endpoint service.
",
"ModifyVpcEndpointServicePermissions": "Modifies the permissions for your VPC endpoint service. You can add or remove permissions for service consumers (IAM users, IAM roles, and Amazon Web Services accounts) to connect to your endpoint service.
If you grant permissions to all principals, the service is public. Any users who know the name of a public service can send a request to attach an endpoint. If the service does not require manual approval, attachments are automatically approved.
",
"ModifyVpcPeeringConnectionOptions": "Modifies the VPC peering connection options on one side of a VPC peering connection. You can do the following:
-
Enable/disable communication over the peering connection between an EC2-Classic instance that's linked to your VPC (using ClassicLink) and instances in the peer VPC.
-
Enable/disable communication over the peering connection between instances in your VPC and an EC2-Classic instance that's linked to the peer VPC.
-
Enable/disable the ability to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.
If the peered VPCs are in the same Amazon Web Services account, you can enable DNS resolution for queries from the local VPC. This ensures that queries from the local VPC resolve to private IP addresses in the peer VPC. This option is not available if the peered VPCs are in different different Amazon Web Services accounts or different Regions. For peered VPCs in different Amazon Web Services accounts, each Amazon Web Services account owner must initiate a separate request to modify the peering connection options. For inter-region peering connections, you must use the Region for the requester VPC to modify the requester VPC peering options and the Region for the accepter VPC to modify the accepter VPC peering options. To verify which VPCs are the accepter and the requester for a VPC peering connection, use the DescribeVpcPeeringConnections command.
",
"ModifyVpcTenancy": "Modifies the instance tenancy attribute of the specified VPC. You can change the instance tenancy attribute of a VPC to default only. You cannot change the instance tenancy attribute to dedicated.
After you modify the tenancy of the VPC, any new instances that you launch into the VPC have a tenancy of default, unless you specify otherwise during launch. The tenancy of any existing instances in the VPC is not affected.
For more information, see Dedicated Instances in the Amazon Elastic Compute Cloud User Guide.
",
@@ -2192,6 +2193,8 @@
"ModifyVpcEndpointServiceConfigurationRequest$RemovePrivateDnsName": "(Interface endpoint configuration) Removes the private DNS name of the endpoint service.
",
"ModifyVpcEndpointServiceConfigurationRequest$AcceptanceRequired": "Indicates whether requests to create an endpoint to your service must be accepted.
",
"ModifyVpcEndpointServiceConfigurationResult$Return": "Returns true if the request succeeds; otherwise, it returns an error.
",
+ "ModifyVpcEndpointServicePayerResponsibilityRequest$DryRun": "Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
",
+ "ModifyVpcEndpointServicePayerResponsibilityResult$ReturnValue": "Returns true if the request succeeds; otherwise, it returns an error.
",
"ModifyVpcEndpointServicePermissionsRequest$DryRun": "Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
",
"ModifyVpcEndpointServicePermissionsResult$ReturnValue": "Returns true if the request succeeds; otherwise, it returns an error.
",
"ModifyVpcPeeringConnectionOptionsRequest$DryRun": "Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
",
@@ -8840,7 +8843,9 @@
"HostReservationId": {
"base": null,
"refs": {
- "HostReservationIdSet$member": null
+ "HostReservation$HostReservationId": "The ID of the reservation that specifies the associated Dedicated Hosts.
",
+ "HostReservationIdSet$member": null,
+ "Purchase$HostReservationId": "The ID of the reservation.
"
}
},
"HostReservationIdSet": {
@@ -12500,6 +12505,16 @@
"refs": {
}
},
+ "ModifyVpcEndpointServicePayerResponsibilityRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "ModifyVpcEndpointServicePayerResponsibilityResult": {
+ "base": null,
+ "refs": {
+ }
+ },
"ModifyVpcEndpointServicePermissionsRequest": {
"base": null,
"refs": {
@@ -13206,6 +13221,8 @@
"refs": {
"DescribeHostReservationOfferingsRequest$OfferingId": "The ID of the reservation offering.
",
"GetHostReservationPurchasePreviewRequest$OfferingId": "The offering ID of the reservation.
",
+ "HostOffering$OfferingId": "The ID of the offering.
",
+ "HostReservation$OfferingId": "The ID of the reservation. This remains the same regardless of which Dedicated Hosts are associated with it.
",
"PurchaseHostReservationRequest$OfferingId": "The ID of the offering.
"
}
},
@@ -13317,6 +13334,14 @@
"AccessScopePathRequest$Destination": "The destination.
"
}
},
+ "PayerResponsibility": {
+ "base": null,
+ "refs": {
+ "ModifyVpcEndpointServicePayerResponsibilityRequest$PayerResponsibility": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner.
",
+ "ServiceConfiguration$PayerResponsibility": "The payer responsibility.
",
+ "ServiceDetail$PayerResponsibility": "The payer responsibility.
"
+ }
+ },
"PaymentOption": {
"base": null,
"refs": {
@@ -16788,14 +16813,11 @@
"HostInstance$OwnerId": "The ID of the Amazon Web Services account that owns the instance.
",
"HostOffering$HourlyPrice": "The hourly price of the offering.
",
"HostOffering$InstanceFamily": "The instance family of the offering.
",
- "HostOffering$OfferingId": "The ID of the offering.
",
"HostOffering$UpfrontPrice": "The upfront price of the offering. Does not apply to No Upfront offerings.
",
"HostProperties$InstanceType": "The instance type supported by the Dedicated Host. For example, m5.large. If the host supports multiple instance types, no instanceType is returned.
",
"HostProperties$InstanceFamily": "The instance family supported by the Dedicated Host. For example, m5.
",
- "HostReservation$HostReservationId": "The ID of the reservation that specifies the associated Dedicated Hosts.
",
"HostReservation$HourlyPrice": "The hourly price of the reservation.
",
"HostReservation$InstanceFamily": "The instance family of the Dedicated Host Reservation. The instance family on the Dedicated Host must be the same in order for it to benefit from the reservation.
",
- "HostReservation$OfferingId": "The ID of the reservation. This remains the same regardless of which Dedicated Hosts are associated with it.
",
"HostReservation$UpfrontPrice": "The upfront price of the reservation.
",
"IKEVersionsListValue$Value": "The IKE version.
",
"IKEVersionsRequestListValue$Value": "The IKE version.
",
@@ -17280,7 +17302,6 @@
"PublicIpv4Pool$NetworkBorderGroup": "The name of the location from which the address pool is advertised. A network border group is a unique set of Availability Zones or Local Zones from where Amazon Web Services advertises public IP addresses.
",
"PublicIpv4PoolRange$FirstAddress": "The first IP address in the range.
",
"PublicIpv4PoolRange$LastAddress": "The last IP address in the range.
",
- "Purchase$HostReservationId": "The ID of the reservation.
",
"Purchase$HourlyPrice": "The hourly price of the reservation per hour.
",
"Purchase$InstanceFamily": "The instance family on the Dedicated Host that the reservation can be associated with.
",
"Purchase$UpfrontPrice": "The upfront price of the reservation.
",
@@ -19896,6 +19917,7 @@
"CreateVpcEndpointConnectionNotificationRequest$ServiceId": "The ID of the endpoint service.
",
"DescribeVpcEndpointServicePermissionsRequest$ServiceId": "The ID of the service.
",
"ModifyVpcEndpointServiceConfigurationRequest$ServiceId": "The ID of the service.
",
+ "ModifyVpcEndpointServicePayerResponsibilityRequest$ServiceId": "The ID of the service.
",
"ModifyVpcEndpointServicePermissionsRequest$ServiceId": "The ID of the service.
",
"RejectVpcEndpointConnectionsRequest$ServiceId": "The ID of the service.
",
"StartVpcEndpointServicePrivateDnsVerificationRequest$ServiceId": "The ID of the endpoint service.
",
diff --git a/models/apis/ecs/2014-11-13/docs-2.json b/models/apis/ecs/2014-11-13/docs-2.json
index f9b36722ade..709a5a67547 100644
--- a/models/apis/ecs/2014-11-13/docs-2.json
+++ b/models/apis/ecs/2014-11-13/docs-2.json
@@ -38,7 +38,7 @@
"PutClusterCapacityProviders": "Modifies the available capacity providers and the default capacity provider strategy for a cluster.
You must specify both the available capacity providers and a default capacity provider strategy for the cluster. If the specified cluster has existing capacity providers associated with it, you must specify all existing capacity providers in addition to any new ones you want to add. Any existing capacity providers that are associated with a cluster that are omitted from a PutClusterCapacityProviders API call will be disassociated with the cluster. You can only disassociate an existing capacity provider from a cluster if it's not being used by any existing tasks.
When creating a service or running a task on a cluster, if no capacity provider or launch type is specified, then the cluster's default capacity provider strategy is used. We recommend that you define a default capacity provider strategy for your cluster. However, you must specify an empty array ([]) to bypass defining a default strategy.
",
"RegisterContainerInstance": " This action is only used by the Amazon ECS agent, and it is not intended for use outside of the agent.
Registers an EC2 instance into the specified cluster. This instance becomes available to place containers on.
",
"RegisterTaskDefinition": "Registers a new task definition from the supplied family and containerDefinitions. Optionally, you can add data volumes to your containers with the volumes parameter. For more information about task definition parameters and defaults, see Amazon ECS Task Definitions in the Amazon Elastic Container Service Developer Guide.
You can specify an IAM role for your task with the taskRoleArn parameter. When you specify an IAM role for a task, its containers can then use the latest versions of the CLI or SDKs to make API requests to the Amazon Web Services services that are specified in the IAM policy that's associated with the role. For more information, see IAM Roles for Tasks in the Amazon Elastic Container Service Developer Guide.
You can specify a Docker networking mode for the containers in your task definition with the networkMode parameter. The available network modes correspond to those described in Network settings in the Docker run reference. If you specify the awsvpc network mode, the task is allocated an elastic network interface, and you must specify a NetworkConfiguration when you create a service or run a task with the task definition. For more information, see Task Networking in the Amazon Elastic Container Service Developer Guide.
",
- "RunTask": "Starts a new task using the specified task definition.
You can allow Amazon ECS to place tasks for you, or you can customize how Amazon ECS places tasks using placement constraints and placement strategies. For more information, see Scheduling Tasks in the Amazon Elastic Container Service Developer Guide.
Alternatively, you can use StartTask to use your own scheduler or place tasks manually on specific container instances.
The Amazon ECS API follows an eventual consistency model. This is because the distributed nature of the system supporting the API. This means that the result of an API command you run that affects your Amazon ECS resources might not be immediately visible to all subsequent commands you run. Keep this in mind when you carry out an API command that immediately follows a previous API command.
To manage eventual consistency, you can do the following:
-
Confirm the state of the resource before you run a command to modify it. Run the DescribeTasks command using an exponential backoff algorithm to ensure that you allow enough time for the previous command to propagate through the system. To do this, run the DescribeTasks command repeatedly, starting with a couple of seconds of wait time and increasing gradually up to five minutes of wait time.
-
Add wait time between subsequent commands, even if the DescribeTasks command returns an accurate response. Apply an exponential backoff algorithm starting with a couple of seconds of wait time, and increase gradually up to about five minutes of wait time.
",
+ "RunTask": "Starts a new task using the specified task definition.
You can allow Amazon ECS to place tasks for you, or you can customize how Amazon ECS places tasks using placement constraints and placement strategies. For more information, see Scheduling Tasks in the Amazon Elastic Container Service Developer Guide.
Alternatively, you can use StartTask to use your own scheduler or place tasks manually on specific container instances.
The Amazon ECS API follows an eventual consistency model. This is because of the distributed nature of the system supporting the API. This means that the result of an API command you run that affects your Amazon ECS resources might not be immediately visible to all subsequent commands you run. Keep this in mind when you carry out an API command that immediately follows a previous API command.
To manage eventual consistency, you can do the following:
-
Confirm the state of the resource before you run a command to modify it. Run the DescribeTasks command using an exponential backoff algorithm to ensure that you allow enough time for the previous command to propagate through the system. To do this, run the DescribeTasks command repeatedly, starting with a couple of seconds of wait time and increasing gradually up to five minutes of wait time.
-
Add wait time between subsequent commands, even if the DescribeTasks command returns an accurate response. Apply an exponential backoff algorithm starting with a couple of seconds of wait time, and increase gradually up to about five minutes of wait time.
",
"StartTask": "Starts a new task from the specified task definition on the specified container instance or instances.
Alternatively, you can use RunTask to place tasks for you. For more information, see Scheduling Tasks in the Amazon Elastic Container Service Developer Guide.
",
"StopTask": "Stops a running task. Any tags associated with the task will be deleted.
When StopTask is called on a task, the equivalent of docker stop is issued to the containers running in the task. This results in a SIGTERM value and a default 30-second timeout, after which the SIGKILL value is sent and the containers are forcibly stopped. If the container handles the SIGTERM value gracefully and exits within 30 seconds from receiving it, no SIGKILL value is sent.
The default 30-second timeout can be configured on the Amazon ECS container agent with the ECS_CONTAINER_STOP_TIMEOUT variable. For more information, see Amazon ECS Container Agent Configuration in the Amazon Elastic Container Service Developer Guide.
",
"SubmitAttachmentStateChanges": " This action is only used by the Amazon ECS agent, and it is not intended for use outside of the agent.
Sent to acknowledge that an attachment changed states.
",
@@ -1329,7 +1329,7 @@
"ManagedTerminationProtection": {
"base": null,
"refs": {
- "AutoScalingGroupProvider$managedTerminationProtection": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection.
When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work.
When managed termination protection is enabled, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions enabled as well. For more information, see Instance Protection in the Auto Scaling User Guide.
When managed termination protection is disabled, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.
",
+ "AutoScalingGroupProvider$managedTerminationProtection": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is disabled.
When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work.
When managed termination protection is enabled, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions enabled as well. For more information, see Instance Protection in the Auto Scaling User Guide.
When managed termination protection is disabled, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.
",
"AutoScalingGroupProviderUpdate$managedTerminationProtection": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection.
When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work.
When managed termination protection is enabled, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions enabled. For more information, see Instance Protection in the Auto Scaling User Guide.
When managed termination protection is disabled, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.
"
}
},
@@ -1846,7 +1846,7 @@
"refs": {
"Attachment$id": "The unique identifier for the attachment.
",
"Attachment$type": "The type of the attachment, such as ElasticNetworkInterface.
",
- "Attachment$status": " The status of the attachment. Valid values are PRECREATED, CREATED, ATTACHING, ATTACHED, DETACHING, DETACHED, and DELETED.
",
+ "Attachment$status": " The status of the attachment. Valid values are PRECREATED, CREATED, ATTACHING, ATTACHED, DETACHING, DETACHED, DELETED, and FAILED.
",
"AttachmentStateChange$attachmentArn": "The Amazon Resource Name (ARN) of the attachment.
",
"AttachmentStateChange$status": "The status of the attachment.
",
"Attribute$name": "The name of the attribute. The name must contain between 1 and 128 characters. The name may contain letters (uppercase and lowercase), numbers, hyphens (-), underscores (_), forward slashes (/), back slashes (\\), or periods (.).
",
@@ -2194,7 +2194,7 @@
"Resource$stringSetValue": "When the stringSetValue type is set, the value of the resource must be a string type.
",
"StartTaskRequest$containerInstances": "The container instance IDs or full ARN entries for the container instances where you would like to place your task. You can specify up to 10 container instances.
",
"Tmpfs$mountOptions": "The list of tmpfs volume mount options.
Valid values: \"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"
",
- "UpdateContainerInstancesStateRequest$containerInstances": "A list of container instance IDs or full ARN entries.
"
+ "UpdateContainerInstancesStateRequest$containerInstances": "A list of up to 10 container instance IDs or full ARN entries.
"
}
},
"StringMap": {
diff --git a/models/apis/eks/2017-11-01/api-2.json b/models/apis/eks/2017-11-01/api-2.json
index 4f3d3d0334b..944d02da461 100644
--- a/models/apis/eks/2017-11-01/api-2.json
+++ b/models/apis/eks/2017-11-01/api-2.json
@@ -1455,6 +1455,13 @@
"error":{"httpStatusCode":400},
"exception":true
},
+ "IpFamily":{
+ "type":"string",
+ "enum":[
+ "ipv4",
+ "ipv6"
+ ]
+ },
"Issue":{
"type":"structure",
"members":{
@@ -1470,13 +1477,16 @@
"KubernetesNetworkConfigRequest":{
"type":"structure",
"members":{
- "serviceIpv4Cidr":{"shape":"String"}
+ "serviceIpv4Cidr":{"shape":"String"},
+ "ipFamily":{"shape":"IpFamily"}
}
},
"KubernetesNetworkConfigResponse":{
"type":"structure",
"members":{
- "serviceIpv4Cidr":{"shape":"String"}
+ "serviceIpv4Cidr":{"shape":"String"},
+ "serviceIpv6Cidr":{"shape":"String"},
+ "ipFamily":{"shape":"IpFamily"}
}
},
"LaunchTemplateSpecification":{
diff --git a/models/apis/eks/2017-11-01/docs-2.json b/models/apis/eks/2017-11-01/docs-2.json
index 433afab234f..704a3e4a126 100644
--- a/models/apis/eks/2017-11-01/docs-2.json
+++ b/models/apis/eks/2017-11-01/docs-2.json
@@ -546,6 +546,13 @@
"refs": {
}
},
+ "IpFamily": {
+ "base": null,
+ "refs": {
+ "KubernetesNetworkConfigRequest$ipFamily": "Specify which IP version is used to assign Kubernetes Pod and Service IP addresses. If you don't specify a value, ipv4 is used by default. You can only specify an IP family when you create a cluster and can't change this value once the cluster is created. If you specify ipv6, the VPC and subnets that you specify for cluster creation must have both IPv4 and IPv6 CIDR blocks assigned to them.
You can only specify ipv6 for 1.21 and later clusters that use version 1.10.0 or later of the Amazon VPC CNI add-on. If you specify ipv6, then ensure that your VPC meets the requirements and that you're familiar with the considerations listed in Assigning IPv6 addresses to Pods and Services in the Amazon EKS User Guide. If you specify ipv6, Kubernetes assigns Service and Pod addresses from the unique local address range (fc00::/7). You can't specify a custom IPv6 CIDR block.
",
+ "KubernetesNetworkConfigResponse$ipFamily": "The IP family used to assign Kubernetes Pod and Service IP addresses. The IP family is always ipv4, unless you have a 1.21 or later cluster running version 1.10.0 or later of the Amazon VPC CNI add-on and specified ipv6 when you created the cluster.
"
+ }
+ },
"Issue": {
"base": "An object representing an issue with an Amazon EKS resource.
",
"refs": {
@@ -565,7 +572,7 @@
}
},
"KubernetesNetworkConfigResponse": {
- "base": "The Kubernetes network configuration for the cluster.
",
+ "base": "The Kubernetes network configuration for the cluster. The response contains a value for serviceIpv6Cidr or serviceIpv4Cidr, but not both.
",
"refs": {
"Cluster$kubernetesNetworkConfig": "The Kubernetes network configuration for the cluster.
"
}
@@ -957,8 +964,9 @@
"InvalidRequestException$addonName": null,
"InvalidRequestException$message": null,
"Issue$message": "The error message associated with the issue.
",
- "KubernetesNetworkConfigRequest$serviceIpv4Cidr": "The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:
-
Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.
-
Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.
-
Between /24 and /12.
You can only specify a custom CIDR block when you create a cluster and can't change this value once the cluster is created.
",
- "KubernetesNetworkConfigResponse$serviceIpv4Cidr": "The CIDR block that Kubernetes service IP addresses are assigned from. If you didn't specify a CIDR block when you created the cluster, then Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified, then it was specified when the cluster was created and it cannot be changed.
",
+ "KubernetesNetworkConfigRequest$serviceIpv4Cidr": "Don't specify a value if you select ipv6 for ipFamily. The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:
-
Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16.
-
Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.
-
Between /24 and /12.
You can only specify a custom CIDR block when you create a cluster and can't change this value once the cluster is created.
",
+ "KubernetesNetworkConfigResponse$serviceIpv4Cidr": "The CIDR block that Kubernetes Pod and Service IP addresses are assigned from. Kubernetes assigns addresses from an IPv4 CIDR block assigned to a subnet that the node is in. If you didn't specify a CIDR block when you created the cluster, then Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. If this was specified, then it was specified when the cluster was created and it can't be changed.
",
+ "KubernetesNetworkConfigResponse$serviceIpv6Cidr": "The CIDR block that Kubernetes Pod and Service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.0 or later of the Amazon VPC CNI add-on and specified ipv6 for ipFamily when you created the cluster. Kubernetes assigns addresses from the unique local address range (fc00::/7).
",
"LaunchTemplateSpecification$name": "The name of the launch template.
",
"LaunchTemplateSpecification$version": "The version of the launch template to use. If no version is specified, then the template's default version is used.
",
"LaunchTemplateSpecification$id": "The ID of the launch template.
",
diff --git a/models/apis/glue/2017-03-31/api-2.json b/models/apis/glue/2017-03-31/api-2.json
index 29f3559e4f6..47f732890bc 100644
--- a/models/apis/glue/2017-03-31/api-2.json
+++ b/models/apis/glue/2017-03-31/api-2.json
@@ -1619,6 +1619,57 @@
{"shape":"OperationTimeoutException"}
]
},
+ "GetUnfilteredPartitionMetadata":{
+ "name":"GetUnfilteredPartitionMetadata",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"GetUnfilteredPartitionMetadataRequest"},
+ "output":{"shape":"GetUnfilteredPartitionMetadataResponse"},
+ "errors":[
+ {"shape":"EntityNotFoundException"},
+ {"shape":"InvalidInputException"},
+ {"shape":"InternalServiceException"},
+ {"shape":"OperationTimeoutException"},
+ {"shape":"GlueEncryptionException"},
+ {"shape":"PermissionTypeMismatchException"}
+ ]
+ },
+ "GetUnfilteredPartitionsMetadata":{
+ "name":"GetUnfilteredPartitionsMetadata",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"GetUnfilteredPartitionsMetadataRequest"},
+ "output":{"shape":"GetUnfilteredPartitionsMetadataResponse"},
+ "errors":[
+ {"shape":"EntityNotFoundException"},
+ {"shape":"InvalidInputException"},
+ {"shape":"InternalServiceException"},
+ {"shape":"OperationTimeoutException"},
+ {"shape":"GlueEncryptionException"},
+ {"shape":"PermissionTypeMismatchException"}
+ ]
+ },
+ "GetUnfilteredTableMetadata":{
+ "name":"GetUnfilteredTableMetadata",
+ "http":{
+ "method":"POST",
+ "requestUri":"/"
+ },
+ "input":{"shape":"GetUnfilteredTableMetadataRequest"},
+ "output":{"shape":"GetUnfilteredTableMetadataResponse"},
+ "errors":[
+ {"shape":"EntityNotFoundException"},
+ {"shape":"InvalidInputException"},
+ {"shape":"InternalServiceException"},
+ {"shape":"OperationTimeoutException"},
+ {"shape":"GlueEncryptionException"},
+ {"shape":"PermissionTypeMismatchException"}
+ ]
+ },
"GetUserDefinedFunction":{
"name":"GetUserDefinedFunction",
"http":{
@@ -2578,6 +2629,11 @@
},
"exception":true
},
+ "AccountId":{
+ "type":"string",
+ "max":12,
+ "min":0
+ },
"Action":{
"type":"structure",
"members":{
@@ -2606,6 +2662,17 @@
"exception":true
},
"AttemptCount":{"type":"integer"},
+ "AuditContext":{
+ "type":"structure",
+ "members":{
+ "AdditionalAuditContext":{"shape":"AuditContextString"}
+ }
+ },
+ "AuditContextString":{
+ "type":"string",
+ "max":2048,
+ "min":0
+ },
"BackfillError":{
"type":"structure",
"members":{
@@ -3156,7 +3223,8 @@
],
"members":{
"DatabaseName":{"shape":"NameString"},
- "Tables":{"shape":"CatalogTablesList"}
+ "Tables":{"shape":"CatalogTablesList"},
+ "ConnectionName":{"shape":"ConnectionName"}
}
},
"CatalogTargetList":{
@@ -3310,6 +3378,17 @@
"min":1,
"pattern":"[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDC00-\\uDBFF\\uDFFF\\t]*"
},
+ "ColumnRowFilter":{
+ "type":"structure",
+ "members":{
+ "ColumnName":{"shape":"NameString"},
+ "RowFilterExpression":{"shape":"PredicateString"}
+ }
+ },
+ "ColumnRowFilterList":{
+ "type":"list",
+ "member":{"shape":"ColumnRowFilter"}
+ },
"ColumnStatistics":{
"type":"structure",
"required":[
@@ -3606,7 +3685,8 @@
"LastCrawl":{"shape":"LastCrawlInfo"},
"Version":{"shape":"VersionId"},
"Configuration":{"shape":"CrawlerConfiguration"},
- "CrawlerSecurityConfiguration":{"shape":"CrawlerSecurityConfiguration"}
+ "CrawlerSecurityConfiguration":{"shape":"CrawlerSecurityConfiguration"},
+ "LakeFormationConfiguration":{"shape":"LakeFormationConfiguration"}
}
},
"CrawlerConfiguration":{"type":"string"},
@@ -3691,7 +3771,8 @@
"JdbcTargets":{"shape":"JdbcTargetList"},
"MongoDBTargets":{"shape":"MongoDBTargetList"},
"DynamoDBTargets":{"shape":"DynamoDBTargetList"},
- "CatalogTargets":{"shape":"CatalogTargetList"}
+ "CatalogTargets":{"shape":"CatalogTargetList"},
+ "DeltaTargets":{"shape":"DeltaTargetList"}
}
},
"CreateBlueprintRequest":{
@@ -3760,6 +3841,7 @@
"SchemaChangePolicy":{"shape":"SchemaChangePolicy"},
"RecrawlPolicy":{"shape":"RecrawlPolicy"},
"LineageConfiguration":{"shape":"LineageConfiguration"},
+ "LakeFormationConfiguration":{"shape":"LakeFormationConfiguration"},
"Configuration":{"shape":"CrawlerConfiguration"},
"CrawlerSecurityConfiguration":{"shape":"CrawlerSecurityConfiguration"},
"Tags":{"shape":"TagsMap"}
@@ -4653,6 +4735,18 @@
"Name":{"shape":"NameString"}
}
},
+ "DeltaTarget":{
+ "type":"structure",
+ "members":{
+ "DeltaTables":{"shape":"PathList"},
+ "ConnectionName":{"shape":"ConnectionName"},
+ "WriteManifest":{"shape":"NullableBoolean"}
+ }
+ },
+ "DeltaTargetList":{
+ "type":"list",
+ "member":{"shape":"DeltaTarget"}
+ },
"DescriptionString":{
"type":"string",
"max":2048,
@@ -5762,6 +5856,84 @@
"NextToken":{"shape":"GenericString"}
}
},
+ "GetUnfilteredPartitionMetadataRequest":{
+ "type":"structure",
+ "required":[
+ "CatalogId",
+ "DatabaseName",
+ "TableName",
+ "PartitionValues",
+ "SupportedPermissionTypes"
+ ],
+ "members":{
+ "CatalogId":{"shape":"CatalogIdString"},
+ "DatabaseName":{"shape":"NameString"},
+ "TableName":{"shape":"NameString"},
+ "PartitionValues":{"shape":"ValueStringList"},
+ "AuditContext":{"shape":"AuditContext"},
+ "SupportedPermissionTypes":{"shape":"PermissionTypeList"}
+ }
+ },
+ "GetUnfilteredPartitionMetadataResponse":{
+ "type":"structure",
+ "members":{
+ "Partition":{"shape":"Partition"},
+ "AuthorizedColumns":{"shape":"NameStringList"},
+ "IsRegisteredWithLakeFormation":{"shape":"Boolean"}
+ }
+ },
+ "GetUnfilteredPartitionsMetadataRequest":{
+ "type":"structure",
+ "required":[
+ "CatalogId",
+ "DatabaseName",
+ "TableName",
+ "SupportedPermissionTypes"
+ ],
+ "members":{
+ "CatalogId":{"shape":"CatalogIdString"},
+ "DatabaseName":{"shape":"NameString"},
+ "TableName":{"shape":"NameString"},
+ "Expression":{"shape":"PredicateString"},
+ "AuditContext":{"shape":"AuditContext"},
+ "SupportedPermissionTypes":{"shape":"PermissionTypeList"},
+ "NextToken":{"shape":"Token"},
+ "Segment":{"shape":"Segment"},
+ "MaxResults":{"shape":"PageSize"}
+ }
+ },
+ "GetUnfilteredPartitionsMetadataResponse":{
+ "type":"structure",
+ "members":{
+ "UnfilteredPartitions":{"shape":"UnfilteredPartitionList"},
+ "NextToken":{"shape":"Token"}
+ }
+ },
+ "GetUnfilteredTableMetadataRequest":{
+ "type":"structure",
+ "required":[
+ "CatalogId",
+ "DatabaseName",
+ "Name",
+ "SupportedPermissionTypes"
+ ],
+ "members":{
+ "CatalogId":{"shape":"CatalogIdString"},
+ "DatabaseName":{"shape":"NameString"},
+ "Name":{"shape":"NameString"},
+ "AuditContext":{"shape":"AuditContext"},
+ "SupportedPermissionTypes":{"shape":"PermissionTypeList"}
+ }
+ },
+ "GetUnfilteredTableMetadataResponse":{
+ "type":"structure",
+ "members":{
+ "Table":{"shape":"Table"},
+ "AuthorizedColumns":{"shape":"NameStringList"},
+ "IsRegisteredWithLakeFormation":{"shape":"Boolean"},
+ "CellFilters":{"shape":"ColumnRowFilterList"}
+ }
+ },
"GetUserDefinedFunctionRequest":{
"type":"structure",
"required":[
@@ -6232,6 +6404,13 @@
"OutputS3Path":{"shape":"UriString"}
}
},
+ "LakeFormationConfiguration":{
+ "type":"structure",
+ "members":{
+ "UseLakeFormationCredentials":{"shape":"NullableBoolean"},
+ "AccountId":{"shape":"AccountId"}
+ }
+ },
"Language":{
"type":"string",
"enum":[
@@ -6446,6 +6625,10 @@
"max":2056,
"pattern":"[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDC00-\\uDBFF\\uDFFF\\r\\n\\t]*"
},
+ "LocationStringList":{
+ "type":"list",
+ "member":{"shape":"LocationString"}
+ },
"LogGroup":{
"type":"string",
"max":512,
@@ -6889,6 +7072,26 @@
"type":"list",
"member":{"shape":"Permission"}
},
+ "PermissionType":{
+ "type":"string",
+ "enum":[
+ "COLUMN_PERMISSION",
+ "CELL_FILTER_PERMISSION"
+ ]
+ },
+ "PermissionTypeList":{
+ "type":"list",
+ "member":{"shape":"PermissionType"},
+ "max":255,
+ "min":1
+ },
+ "PermissionTypeMismatchException":{
+ "type":"structure",
+ "members":{
+ "Message":{"shape":"MessageString"}
+ },
+ "exception":true
+ },
"PhysicalConnectionRequirements":{
"type":"structure",
"members":{
@@ -7761,6 +7964,7 @@
"members":{
"Columns":{"shape":"ColumnList"},
"Location":{"shape":"LocationString"},
+ "AdditionalLocations":{"shape":"LocationStringList"},
"InputFormat":{"shape":"FormatString"},
"OutputFormat":{"shape":"FormatString"},
"Compressed":{"shape":"Boolean"},
@@ -8175,6 +8379,18 @@
"min":1,
"pattern":"[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDC00-\\uDBFF\\uDFFF\\r\\n\\t]*"
},
+ "UnfilteredPartition":{
+ "type":"structure",
+ "members":{
+ "Partition":{"shape":"Partition"},
+ "AuthorizedColumns":{"shape":"NameStringList"},
+ "IsRegisteredWithLakeFormation":{"shape":"Boolean"}
+ }
+ },
+ "UnfilteredPartitionList":{
+ "type":"list",
+ "member":{"shape":"UnfilteredPartition"}
+ },
"UntagResourceRequest":{
"type":"structure",
"required":[
@@ -8310,6 +8526,7 @@
"SchemaChangePolicy":{"shape":"SchemaChangePolicy"},
"RecrawlPolicy":{"shape":"RecrawlPolicy"},
"LineageConfiguration":{"shape":"LineageConfiguration"},
+ "LakeFormationConfiguration":{"shape":"LakeFormationConfiguration"},
"Configuration":{"shape":"CrawlerConfiguration"},
"CrawlerSecurityConfiguration":{"shape":"CrawlerSecurityConfiguration"}
}
diff --git a/models/apis/glue/2017-03-31/docs-2.json b/models/apis/glue/2017-03-31/docs-2.json
index fa416ba4505..c55ae05b5ab 100644
--- a/models/apis/glue/2017-03-31/docs-2.json
+++ b/models/apis/glue/2017-03-31/docs-2.json
@@ -107,6 +107,9 @@
"GetTags": "Retrieves a list of tags associated with a resource.
",
"GetTrigger": "Retrieves the definition of a trigger.
",
"GetTriggers": "Gets all the triggers associated with a job.
",
+ "GetUnfilteredPartitionMetadata": null,
+ "GetUnfilteredPartitionsMetadata": null,
+ "GetUnfilteredTableMetadata": null,
"GetUserDefinedFunction": "Retrieves a specified function definition from the Data Catalog.
",
"GetUserDefinedFunctions": "Retrieves multiple function definitions from the Data Catalog.
",
"GetWorkflow": "Retrieves resource metadata for a workflow.
",
@@ -175,6 +178,12 @@
"refs": {
}
},
+ "AccountId": {
+ "base": null,
+ "refs": {
+ "LakeFormationConfiguration$AccountId": null
+ }
+ },
"Action": {
"base": "Defines an action to be initiated by a trigger.
",
"refs": {
@@ -206,6 +215,20 @@
"JobRun$Attempt": "The number of the attempt to run this job.
"
}
},
+ "AuditContext": {
+ "base": null,
+ "refs": {
+ "GetUnfilteredPartitionMetadataRequest$AuditContext": null,
+ "GetUnfilteredPartitionsMetadataRequest$AuditContext": null,
+ "GetUnfilteredTableMetadataRequest$AuditContext": null
+ }
+ },
+ "AuditContextString": {
+ "base": null,
+ "refs": {
+ "AuditContext$AdditionalAuditContext": null
+ }
+ },
"BackfillError": {
"base": "A list of errors that can occur when registering partition indexes for an existing table.
These errors give the details about why an index registration failed and provide a limited number of partitions in the response, so that you can fix the partitions at fault and try registering the index again. The most common set of errors that can occur are categorized as follows:
-
EncryptedPartitionError: The partitions are encrypted.
-
InvalidPartitionTypeDataError: The partition value doesn't match the data type for that partition column.
-
MissingPartitionValueError: The partitions are encrypted.
-
UnsupportedPartitionCharacterError: Characters inside the partition value are not supported. For example: U+0000 , U+0001, U+0002.
-
InternalError: Any error which does not belong to other error codes.
",
"refs": {
@@ -553,9 +576,12 @@
"CrawlerMetrics$StillEstimating": "True if the crawler is still estimating how long it will take to complete this run.
",
"GetConnectionRequest$HidePassword": "Allows you to retrieve the connection metadata without returning the password. For instance, the AWS Glue console uses this flag to retrieve the connection, and does not display the password. Set this parameter when the caller might not have permission to use the KMS key to decrypt the password, but it does have permission to access the rest of the connection properties.
",
"GetConnectionsRequest$HidePassword": "Allows you to retrieve the connection metadata without returning the password. For instance, the AWS Glue console uses this flag to retrieve the connection, and does not display the password. Set this parameter when the caller might not have permission to use the KMS key to decrypt the password, but it does have permission to access the rest of the connection properties.
",
+ "GetUnfilteredPartitionMetadataResponse$IsRegisteredWithLakeFormation": null,
+ "GetUnfilteredTableMetadataResponse$IsRegisteredWithLakeFormation": null,
"StorageDescriptor$Compressed": " True if the data in the table is compressed, or False if not.
",
"StorageDescriptor$StoredAsSubDirectories": " True if the table data is stored in subdirectories, or False if not.
",
- "Table$IsRegisteredWithLakeFormation": "Indicates whether the table has been registered with Lake Formation.
"
+ "Table$IsRegisteredWithLakeFormation": "Indicates whether the table has been registered with Lake Formation.
",
+ "UnfilteredPartition$IsRegisteredWithLakeFormation": null
}
},
"BooleanColumnStatisticsData": {
@@ -669,6 +695,9 @@
"GetTableVersionRequest$CatalogId": "The ID of the Data Catalog where the tables reside. If none is provided, the Amazon Web Services account ID is used by default.
",
"GetTableVersionsRequest$CatalogId": "The ID of the Data Catalog where the tables reside. If none is provided, the Amazon Web Services account ID is used by default.
",
"GetTablesRequest$CatalogId": "The ID of the Data Catalog where the tables reside. If none is provided, the Amazon Web Services account ID is used by default.
",
+ "GetUnfilteredPartitionMetadataRequest$CatalogId": null,
+ "GetUnfilteredPartitionsMetadataRequest$CatalogId": null,
+ "GetUnfilteredTableMetadataRequest$CatalogId": null,
"GetUserDefinedFunctionRequest$CatalogId": "The ID of the Data Catalog where the function to be retrieved is located. If none is provided, the Amazon Web Services account ID is used by default.
",
"GetUserDefinedFunctionsRequest$CatalogId": "The ID of the Data Catalog where the functions to be retrieved are located. If none is provided, the Amazon Web Services account ID is used by default.
",
"ImportCatalogToGlueRequest$CatalogId": "The ID of the catalog to import. Currently, this should be the Amazon Web Services account ID.
",
@@ -865,6 +894,18 @@
"SchemaColumn$Name": "The name of the column.
"
}
},
+ "ColumnRowFilter": {
+ "base": null,
+ "refs": {
+ "ColumnRowFilterList$member": null
+ }
+ },
+ "ColumnRowFilterList": {
+ "base": null,
+ "refs": {
+ "GetUnfilteredTableMetadataResponse$CellFilters": null
+ }
+ },
"ColumnStatistics": {
"base": "Represents the generated column-level statistics for a table or partition.
",
"refs": {
@@ -1009,6 +1050,8 @@
"ConnectionName": {
"base": null,
"refs": {
+ "CatalogTarget$ConnectionName": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a Catalog connection type paired with a NETWORK Connection type.
",
+ "DeltaTarget$ConnectionName": "The name of the connection to use to connect to the Delta table target.
",
"JdbcTarget$ConnectionName": "The name of the connection to use to connect to the JDBC target.
",
"MongoDBTarget$ConnectionName": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.
",
"S3Target$ConnectionName": "The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC).
"
@@ -1763,6 +1806,18 @@
"refs": {
}
},
+ "DeltaTarget": {
+ "base": "Specifies a Delta data store to crawl one or more Delta tables.
",
+ "refs": {
+ "DeltaTargetList$member": null
+ }
+ },
+ "DeltaTargetList": {
+ "base": null,
+ "refs": {
+ "CrawlerTargets$DeltaTargets": "Specifies Delta data store targets.
"
+ }
+ },
"DescriptionString": {
"base": null,
"refs": {
@@ -2671,6 +2726,36 @@
"refs": {
}
},
+ "GetUnfilteredPartitionMetadataRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "GetUnfilteredPartitionMetadataResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "GetUnfilteredPartitionsMetadataRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "GetUnfilteredPartitionsMetadataResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "GetUnfilteredTableMetadataRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "GetUnfilteredTableMetadataResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"GetUserDefinedFunctionRequest": {
"base": null,
"refs": {
@@ -3143,6 +3228,14 @@
"TaskRunProperties$LabelingSetGenerationTaskRunProperties": "The configuration properties for a labeling set generation task run.
"
}
},
+ "LakeFormationConfiguration": {
+ "base": null,
+ "refs": {
+ "Crawler$LakeFormationConfiguration": null,
+ "CreateCrawlerRequest$LakeFormationConfiguration": null,
+ "UpdateCrawlerRequest$LakeFormationConfiguration": null
+ }
+ },
"Language": {
"base": null,
"refs": {
@@ -3300,9 +3393,16 @@
"LocationString": {
"base": null,
"refs": {
+ "LocationStringList$member": null,
"StorageDescriptor$Location": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.
"
}
},
+ "LocationStringList": {
+ "base": null,
+ "refs": {
+ "StorageDescriptor$AdditionalLocations": null
+ }
+ },
"LogGroup": {
"base": null,
"refs": {
@@ -3448,6 +3548,7 @@
"MLTransformNotReadyException$Message": "A message describing the problem.
",
"NoScheduleException$Message": "A message describing the problem.
",
"OperationTimeoutException$Message": "A message describing the problem.
",
+ "PermissionTypeMismatchException$Message": null,
"ResourceNotReadyException$Message": "A message describing the problem.
",
"ResourceNumberLimitExceededException$Message": "A message describing the problem.
",
"SchedulerNotRunningException$Message": "A message describing the problem.
",
@@ -3551,6 +3652,7 @@
"Column$Name": "The name of the Column.
",
"ColumnError$ColumnName": "The name of the column that failed.
",
"ColumnImportance$ColumnName": "The name of a column.
",
+ "ColumnRowFilter$ColumnName": null,
"ColumnStatistics$ColumnName": "Name of column which statistics belong to.
",
"Condition$JobName": "The name of the job whose JobRuns this condition applies to, and on which this trigger waits.
",
"Condition$CrawlerName": "The name of the crawler to which this condition applies.
",
@@ -3661,6 +3763,12 @@
"GetTablesRequest$DatabaseName": "The database in the catalog whose tables to list. For Hive compatibility, this name is entirely lowercase.
",
"GetTriggerRequest$Name": "The name of the trigger to retrieve.
",
"GetTriggersRequest$DependentJobName": "The name of the job to retrieve triggers for. The trigger that can start this job is returned, and if there is no such trigger, all triggers are returned.
",
+ "GetUnfilteredPartitionMetadataRequest$DatabaseName": null,
+ "GetUnfilteredPartitionMetadataRequest$TableName": null,
+ "GetUnfilteredPartitionsMetadataRequest$DatabaseName": null,
+ "GetUnfilteredPartitionsMetadataRequest$TableName": null,
+ "GetUnfilteredTableMetadataRequest$DatabaseName": null,
+ "GetUnfilteredTableMetadataRequest$Name": null,
"GetUserDefinedFunctionRequest$DatabaseName": "The name of the catalog database where the function is located.
",
"GetUserDefinedFunctionRequest$FunctionName": "The name of the function.
",
"GetUserDefinedFunctionsRequest$DatabaseName": "The name of the catalog database where the functions are located. If none is provided, functions from all the databases across the catalog will be returned.
",
@@ -3775,8 +3883,11 @@
"base": null,
"refs": {
"BatchDeleteConnectionResponse$Succeeded": "A list of names of the connection definitions that were successfully deleted.
",
+ "GetUnfilteredPartitionMetadataResponse$AuthorizedColumns": null,
+ "GetUnfilteredTableMetadataResponse$AuthorizedColumns": null,
"SkewedInfo$SkewedColumnNames": "A list of names of columns that contain skewed values.
",
- "StorageDescriptor$BucketColumns": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.
"
+ "StorageDescriptor$BucketColumns": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.
",
+ "UnfilteredPartition$AuthorizedColumns": null
}
},
"NoScheduleException": {
@@ -3878,6 +3989,7 @@
"CreateCsvClassifierRequest$AllowSingleColumn": "Enables the processing of files that contain only one column.
",
"CsvClassifier$DisableValueTrimming": "Specifies not to trim values before identifying the type of column values. The default value is true.
",
"CsvClassifier$AllowSingleColumn": "Enables the processing of files that contain only one column.
",
+ "DeltaTarget$WriteManifest": "Specifies whether to write the manifest files to the Delta table path.
",
"DynamoDBTarget$scanAll": "Indicates whether to scan all the records, or to sample rows from the table. Scanning all the records can take a long time when the table is not a high throughput table.
A value of true means to scan all records, while a value of false means to sample the records. If no value is specified, the value defaults to true.
",
"FindMatchesParameters$EnforceProvidedLabels": "The value to switch on or off to force the output to match the provided labels from users. If the value is True, the find matches transform forces the output to match the provided labels. The results override the normal conflation results. If the value is False, the find matches transform does not ensure all the labels provided are respected, and the results rely on the trained model.
Note that setting this value to true may increase the conflation execution time.
",
"GetBlueprintRequest$IncludeBlueprint": "Specifies whether or not to include the blueprint in the response.
",
@@ -3885,6 +3997,7 @@
"GetWorkflowRequest$IncludeGraph": "Specifies whether to include a graph when returning the workflow resource metadata.
",
"GetWorkflowRunRequest$IncludeGraph": "Specifies whether to include the workflow graph in response or not.
",
"GetWorkflowRunsRequest$IncludeGraph": "Specifies whether to include the workflow graph in response or not.
",
+ "LakeFormationConfiguration$UseLakeFormationCredentials": null,
"MongoDBTarget$ScanAll": "Indicates whether to scan all the records, or to sample rows from the table. Scanning all the records can take a long time when the table is not a high throughput table.
A value of true means to scan all records, while a value of false means to sample the records. If no value is specified, the value defaults to true.
",
"UpdateCsvClassifierRequest$DisableValueTrimming": "Specifies not to trim values before identifying the type of column values. The default value is true.
",
"UpdateCsvClassifierRequest$AllowSingleColumn": "Enables the processing of files that contain only one column.
"
@@ -4012,6 +4125,7 @@
"GetResourcePoliciesRequest$MaxResults": "The maximum size of a list to return.
",
"GetSecurityConfigurationsRequest$MaxResults": "The maximum number of results to return.
",
"GetTriggersRequest$MaxResults": "The maximum size of the response.
",
+ "GetUnfilteredPartitionsMetadataRequest$MaxResults": null,
"GetWorkflowRunsRequest$MaxResults": "The maximum number of workflow runs to be included in the response.
",
"ListBlueprintsRequest$MaxResults": "The maximum size of a list to return.
",
"ListCrawlersRequest$MaxResults": "The maximum size of a list to return.
",
@@ -4058,7 +4172,9 @@
"base": "Represents a slice of table data.
",
"refs": {
"GetPartitionResponse$Partition": "The requested information, in the form of a Partition object.
",
- "PartitionList$member": null
+ "GetUnfilteredPartitionMetadataResponse$Partition": null,
+ "PartitionList$member": null,
+ "UnfilteredPartition$Partition": null
}
},
"PartitionError": {
@@ -4148,6 +4264,7 @@
"PathList": {
"base": null,
"refs": {
+ "DeltaTarget$DeltaTables": "A list of the Amazon S3 paths to the Delta tables.
",
"JdbcTarget$Exclusions": "A list of glob patterns used to exclude from the crawl. For more information, see Catalog Tables with a Crawler.
",
"S3Target$Exclusions": "A list of glob patterns used to exclude from the crawl. For more information, see Catalog Tables with a Crawler.
"
}
@@ -4164,6 +4281,25 @@
"PrincipalPermissions$Permissions": "The permissions that are granted to the principal.
"
}
},
+ "PermissionType": {
+ "base": null,
+ "refs": {
+ "PermissionTypeList$member": null
+ }
+ },
+ "PermissionTypeList": {
+ "base": null,
+ "refs": {
+ "GetUnfilteredPartitionMetadataRequest$SupportedPermissionTypes": null,
+ "GetUnfilteredPartitionsMetadataRequest$SupportedPermissionTypes": null,
+ "GetUnfilteredTableMetadataRequest$SupportedPermissionTypes": null
+ }
+ },
+ "PermissionTypeMismatchException": {
+ "base": null,
+ "refs": {
+ }
+ },
"PhysicalConnectionRequirements": {
"base": "Specifies the physical requirements for a connection.
",
"refs": {
@@ -4202,7 +4338,9 @@
"PredicateString": {
"base": null,
"refs": {
- "GetPartitionsRequest$Expression": "An expression that filters the partitions to be returned.
The expression uses SQL syntax similar to the SQL WHERE filter clause. The SQL statement parser JSQLParser parses the expression.
Operators: The following are the operators that you can use in the Expression API call:
- =
-
Checks whether the values of the two operands are equal; if yes, then the condition becomes true.
Example: Assume 'variable a' holds 10 and 'variable b' holds 20.
(a = b) is not true.
- < >
-
Checks whether the values of two operands are equal; if the values are not equal, then the condition becomes true.
Example: (a < > b) is true.
- >
-
Checks whether the value of the left operand is greater than the value of the right operand; if yes, then the condition becomes true.
Example: (a > b) is not true.
- <
-
Checks whether the value of the left operand is less than the value of the right operand; if yes, then the condition becomes true.
Example: (a < b) is true.
- >=
-
Checks whether the value of the left operand is greater than or equal to the value of the right operand; if yes, then the condition becomes true.
Example: (a >= b) is not true.
- <=
-
Checks whether the value of the left operand is less than or equal to the value of the right operand; if yes, then the condition becomes true.
Example: (a <= b) is true.
- AND, OR, IN, BETWEEN, LIKE, NOT, IS NULL
-
Logical operators.
Supported Partition Key Types: The following are the supported partition keys.
-
string
-
date
-
timestamp
-
int
-
bigint
-
long
-
tinyint
-
smallint
-
decimal
If an type is encountered that is not valid, an exception is thrown.
The following list shows the valid operators on each type. When you define a crawler, the partitionKey type is created as a STRING, to be compatible with the catalog partitions.
Sample API Call:
"
+ "ColumnRowFilter$RowFilterExpression": null,
+ "GetPartitionsRequest$Expression": "An expression that filters the partitions to be returned.
The expression uses SQL syntax similar to the SQL WHERE filter clause. The SQL statement parser JSQLParser parses the expression.
Operators: The following are the operators that you can use in the Expression API call:
- =
-
Checks whether the values of the two operands are equal; if yes, then the condition becomes true.
Example: Assume 'variable a' holds 10 and 'variable b' holds 20.
(a = b) is not true.
- < >
-
Checks whether the values of two operands are equal; if the values are not equal, then the condition becomes true.
Example: (a < > b) is true.
- >
-
Checks whether the value of the left operand is greater than the value of the right operand; if yes, then the condition becomes true.
Example: (a > b) is not true.
- <
-
Checks whether the value of the left operand is less than the value of the right operand; if yes, then the condition becomes true.
Example: (a < b) is true.
- >=
-
Checks whether the value of the left operand is greater than or equal to the value of the right operand; if yes, then the condition becomes true.
Example: (a >= b) is not true.
- <=
-
Checks whether the value of the left operand is less than or equal to the value of the right operand; if yes, then the condition becomes true.
Example: (a <= b) is true.
- AND, OR, IN, BETWEEN, LIKE, NOT, IS NULL
-
Logical operators.
Supported Partition Key Types: The following are the supported partition keys.
-
string
-
date
-
timestamp
-
int
-
bigint
-
long
-
tinyint
-
smallint
-
decimal
If an type is encountered that is not valid, an exception is thrown.
The following list shows the valid operators on each type. When you define a crawler, the partitionKey type is created as a STRING, to be compatible with the catalog partitions.
Sample API Call:
",
+ "GetUnfilteredPartitionsMetadataRequest$Expression": null
}
},
"PrincipalPermissions": {
@@ -4805,7 +4943,8 @@
"Segment": {
"base": "Defines a non-overlapping region of a table's partitions, allowing multiple requests to be run in parallel.
",
"refs": {
- "GetPartitionsRequest$Segment": "The segment of the table's partitions to scan in this request.
"
+ "GetPartitionsRequest$Segment": "The segment of the table's partitions to scan in this request.
",
+ "GetUnfilteredPartitionsMetadataRequest$Segment": null
}
},
"SerDeInfo": {
@@ -5019,6 +5158,7 @@
"base": "Represents a collection of related data organized in columns and rows.
",
"refs": {
"GetTableResponse$Table": "The Table object that defines the specified table.
",
+ "GetUnfilteredTableMetadataResponse$Table": null,
"TableList$member": null,
"TableVersion$Table": "The table in question.
"
}
@@ -5326,6 +5466,8 @@
"GetTableVersionsResponse$NextToken": "A continuation token, if the list of available versions does not include the last one.
",
"GetTablesRequest$NextToken": "A continuation token, included if this is a continuation call.
",
"GetTablesResponse$NextToken": "A continuation token, present if the current list segment is not the last.
",
+ "GetUnfilteredPartitionsMetadataRequest$NextToken": null,
+ "GetUnfilteredPartitionsMetadataResponse$NextToken": null,
"GetUserDefinedFunctionsRequest$NextToken": "A continuation token, if this is a continuation call.
",
"GetUserDefinedFunctionsResponse$NextToken": "A continuation token, if the list of functions returned does not include the last requested function.
",
"ListCrawlersRequest$NextToken": "A continuation token, if this is a continuation request.
",
@@ -5488,6 +5630,18 @@
"ResourceUri$Uri": "The URI for accessing the resource.
"
}
},
+ "UnfilteredPartition": {
+ "base": null,
+ "refs": {
+ "UnfilteredPartitionList$member": null
+ }
+ },
+ "UnfilteredPartitionList": {
+ "base": null,
+ "refs": {
+ "GetUnfilteredPartitionsMetadataResponse$UnfilteredPartitions": null
+ }
+ },
"UntagResourceRequest": {
"base": null,
"refs": {
@@ -5782,6 +5936,7 @@
"DeletePartitionRequest$PartitionValues": "The values that define the partition.
",
"GetColumnStatisticsForPartitionRequest$PartitionValues": "A list of partition values identifying the partition.
",
"GetPartitionRequest$PartitionValues": "The values that define the partition.
",
+ "GetUnfilteredPartitionMetadataRequest$PartitionValues": null,
"Partition$Values": "The values of the partition.
",
"PartitionError$PartitionValues": "The values that define the partition.
",
"PartitionInput$Values": "The values of the partition. Although this parameter is not required by the SDK, you must specify this parameter for a valid input.
The values for the keys for the new partition must be passed as an array of String objects that must be ordered in the same order as the partition keys appearing in the Amazon S3 prefix. Otherwise Glue will add the values to the wrong keys.
",
diff --git a/models/apis/glue/2017-03-31/paginators-1.json b/models/apis/glue/2017-03-31/paginators-1.json
index c0d364a24a4..a5724aaf99c 100644
--- a/models/apis/glue/2017-03-31/paginators-1.json
+++ b/models/apis/glue/2017-03-31/paginators-1.json
@@ -92,6 +92,11 @@
"limit_key": "MaxResults",
"output_token": "NextToken"
},
+ "GetUnfilteredPartitionsMetadata": {
+ "input_token": "NextToken",
+ "limit_key": "MaxResults",
+ "output_token": "NextToken"
+ },
"GetUserDefinedFunctions": {
"input_token": "NextToken",
"limit_key": "MaxResults",
diff --git a/models/apis/iot/2015-05-28/api-2.json b/models/apis/iot/2015-05-28/api-2.json
index 6e3443a6342..240263ab95c 100644
--- a/models/apis/iot/2015-05-28/api-2.json
+++ b/models/apis/iot/2015-05-28/api-2.json
@@ -5489,6 +5489,7 @@
"tags":{"shape":"TagList"},
"namespaceId":{"shape":"NamespaceId"},
"jobTemplateArn":{"shape":"JobTemplateArn"},
+ "jobExecutionsRetryConfig":{"shape":"JobExecutionsRetryConfig"},
"documentParameters":{"shape":"ParameterMap"}
}
},
@@ -5520,7 +5521,8 @@
"jobExecutionsRolloutConfig":{"shape":"JobExecutionsRolloutConfig"},
"abortConfig":{"shape":"AbortConfig"},
"timeoutConfig":{"shape":"TimeoutConfig"},
- "tags":{"shape":"TagList"}
+ "tags":{"shape":"TagList"},
+ "jobExecutionsRetryConfig":{"shape":"JobExecutionsRetryConfig"}
}
},
"CreateJobTemplateResponse":{
@@ -7003,7 +7005,8 @@
"presignedUrlConfig":{"shape":"PresignedUrlConfig"},
"jobExecutionsRolloutConfig":{"shape":"JobExecutionsRolloutConfig"},
"abortConfig":{"shape":"AbortConfig"},
- "timeoutConfig":{"shape":"TimeoutConfig"}
+ "timeoutConfig":{"shape":"TimeoutConfig"},
+ "jobExecutionsRetryConfig":{"shape":"JobExecutionsRetryConfig"}
}
},
"DescribeManagedJobTemplateRequest":{
@@ -8485,6 +8488,7 @@
"timeoutConfig":{"shape":"TimeoutConfig"},
"namespaceId":{"shape":"NamespaceId"},
"jobTemplateArn":{"shape":"JobTemplateArn"},
+ "jobExecutionsRetryConfig":{"shape":"JobExecutionsRetryConfig"},
"documentParameters":{"shape":"ParameterMap"}
}
},
@@ -8554,7 +8558,8 @@
"queuedAt":{"shape":"DateType"},
"startedAt":{"shape":"DateType"},
"lastUpdatedAt":{"shape":"DateType"},
- "executionNumber":{"shape":"ExecutionNumber"}
+ "executionNumber":{"shape":"ExecutionNumber"},
+ "retryAttempt":{"shape":"RetryAttempt"}
}
},
"JobExecutionSummaryForJob":{
@@ -8579,6 +8584,13 @@
"type":"list",
"member":{"shape":"JobExecutionSummaryForThing"}
},
+ "JobExecutionsRetryConfig":{
+ "type":"structure",
+ "required":["criteriaList"],
+ "members":{
+ "criteriaList":{"shape":"RetryCriteriaList"}
+ }
+ },
"JobExecutionsRolloutConfig":{
"type":"structure",
"members":{
@@ -9391,6 +9403,11 @@
"shape":"NextToken",
"location":"querystring",
"locationName":"nextToken"
+ },
+ "jobId":{
+ "shape":"JobId",
+ "location":"querystring",
+ "locationName":"jobId"
}
}
},
@@ -10726,6 +10743,11 @@
"type":"list",
"member":{"shape":"Number"}
},
+ "NumberOfRetries":{
+ "type":"integer",
+ "max":10,
+ "min":0
+ },
"NumberOfThings":{
"type":"integer",
"min":1
@@ -11454,6 +11476,32 @@
"type":"list",
"member":{"shape":"Resource"}
},
+ "RetryAttempt":{"type":"integer"},
+ "RetryCriteria":{
+ "type":"structure",
+ "required":[
+ "failureType",
+ "numberOfRetries"
+ ],
+ "members":{
+ "failureType":{"shape":"RetryableFailureType"},
+ "numberOfRetries":{"shape":"NumberOfRetries"}
+ }
+ },
+ "RetryCriteriaList":{
+ "type":"list",
+ "member":{"shape":"RetryCriteria"},
+ "max":2,
+ "min":1
+ },
+ "RetryableFailureType":{
+ "type":"string",
+ "enum":[
+ "FAILED",
+ "TIMED_OUT",
+ "ALL"
+ ]
+ },
"RoleAlias":{
"type":"string",
"max":128,
@@ -13071,7 +13119,8 @@
"shape":"NamespaceId",
"location":"querystring",
"locationName":"namespaceId"
- }
+ },
+ "jobExecutionsRetryConfig":{"shape":"JobExecutionsRetryConfig"}
}
},
"UpdateMitigationActionRequest":{
diff --git a/models/apis/iot/2015-05-28/docs-2.json b/models/apis/iot/2015-05-28/docs-2.json
index f7274391bd3..34bd962f5b4 100644
--- a/models/apis/iot/2015-05-28/docs-2.json
+++ b/models/apis/iot/2015-05-28/docs-2.json
@@ -249,7 +249,7 @@
"AbortConfig": {
"base": "The criteria that determine when and how a job abort takes place.
",
"refs": {
- "CreateJobRequest$abortConfig": "Allows you to create criteria to abort a job.
",
+ "CreateJobRequest$abortConfig": "Allows you to create the criteria to abort a job.
",
"CreateJobTemplateRequest$abortConfig": null,
"DescribeJobTemplateResponse$abortConfig": null,
"Job$abortConfig": "Configuration for criteria to abort the job.
",
@@ -4140,6 +4140,16 @@
"ListJobExecutionsForThingResponse$executionSummaries": "A list of job execution summaries.
"
}
},
+ "JobExecutionsRetryConfig": {
+ "base": "The configuration that determines how many retries are allowed for each failure type for a job.
",
+ "refs": {
+ "CreateJobRequest$jobExecutionsRetryConfig": "Allows you to create the criteria to retry a job.
",
+ "CreateJobTemplateRequest$jobExecutionsRetryConfig": "Allows you to create the criteria to retry a job.
",
+ "DescribeJobTemplateResponse$jobExecutionsRetryConfig": "The configuration that determines how many retries are allowed for each failure type for a job.
",
+ "Job$jobExecutionsRetryConfig": "The configuration for the criteria to retry the job.
",
+ "UpdateJobRequest$jobExecutionsRetryConfig": "Allows you to create the criteria to retry a job.
"
+ }
+ },
"JobExecutionsRolloutConfig": {
"base": "Allows you to create a staged rollout of a job.
",
"refs": {
@@ -4170,6 +4180,7 @@
"JobExecutionSummaryForThing$jobId": "The unique identifier you assigned to this job when it was created.
",
"JobSummary$jobId": "The unique identifier you assigned to this job when it was created.
",
"ListJobExecutionsForJobRequest$jobId": "The unique identifier you assigned to this job when it was created.
",
+ "ListJobExecutionsForThingRequest$jobId": "The unique identifier you assigned to this job when it was created.
",
"UpdateJobRequest$jobId": "The ID of the job to be updated.
"
}
},
@@ -5435,6 +5446,12 @@
"MetricValue$numbers": " The numeral values of a metric.
"
}
},
+ "NumberOfRetries": {
+ "base": null,
+ "refs": {
+ "RetryCriteria$numberOfRetries": "The number of retries allowed for a failure type for the job.
"
+ }
+ },
"NumberOfThings": {
"base": null,
"refs": {
@@ -6378,6 +6395,30 @@
"AuthInfo$resources": "The resources for which the principal is being authorized to perform the specified action.
"
}
},
+ "RetryAttempt": {
+ "base": null,
+ "refs": {
+ "JobExecutionSummary$retryAttempt": "The number that indicates how many retry attempts have been completed for this job on this device.
"
+ }
+ },
+ "RetryCriteria": {
+ "base": "The criteria that determines how many retries are allowed for each failure type for a job.
",
+ "refs": {
+ "RetryCriteriaList$member": null
+ }
+ },
+ "RetryCriteriaList": {
+ "base": null,
+ "refs": {
+ "JobExecutionsRetryConfig$criteriaList": "The list of criteria that determines how many retries are allowed for each failure type for a job.
"
+ }
+ },
+ "RetryableFailureType": {
+ "base": null,
+ "refs": {
+ "RetryCriteria$failureType": "The type of job execution failures that can initiate a job retry.
"
+ }
+ },
"RoleAlias": {
"base": null,
"refs": {
diff --git a/models/apis/lakeformation/2017-03-31/api-2.json b/models/apis/lakeformation/2017-03-31/api-2.json
index ca2f08f5d4d..22d755a680e 100644
--- a/models/apis/lakeformation/2017-03-31/api-2.json
+++ b/models/apis/lakeformation/2017-03-31/api-2.json
@@ -354,6 +354,40 @@
{"shape":"ResourceNotReadyException"}
]
},
+ "GetTemporaryGluePartitionCredentials":{
+ "name":"GetTemporaryGluePartitionCredentials",
+ "http":{
+ "method":"POST",
+ "requestUri":"/GetTemporaryGluePartitionCredentials"
+ },
+ "input":{"shape":"GetTemporaryGluePartitionCredentialsRequest"},
+ "output":{"shape":"GetTemporaryGluePartitionCredentialsResponse"},
+ "errors":[
+ {"shape":"InvalidInputException"},
+ {"shape":"InternalServiceException"},
+ {"shape":"OperationTimeoutException"},
+ {"shape":"EntityNotFoundException"},
+ {"shape":"AccessDeniedException"},
+ {"shape":"PermissionTypeMismatchException"}
+ ]
+ },
+ "GetTemporaryGlueTableCredentials":{
+ "name":"GetTemporaryGlueTableCredentials",
+ "http":{
+ "method":"POST",
+ "requestUri":"/GetTemporaryGlueTableCredentials"
+ },
+ "input":{"shape":"GetTemporaryGlueTableCredentialsRequest"},
+ "output":{"shape":"GetTemporaryGlueTableCredentialsResponse"},
+ "errors":[
+ {"shape":"InvalidInputException"},
+ {"shape":"InternalServiceException"},
+ {"shape":"OperationTimeoutException"},
+ {"shape":"EntityNotFoundException"},
+ {"shape":"AccessDeniedException"},
+ {"shape":"PermissionTypeMismatchException"}
+ ]
+ },
"GetWorkUnitResults":{
"name":"GetWorkUnitResults",
"http":{
@@ -699,6 +733,7 @@
},
"exception":true
},
+ "AccessKeyIdString":{"type":"string"},
"AddLFTagsToResourceRequest":{
"type":"structure",
"required":[
@@ -743,6 +778,22 @@
},
"exception":true
},
+ "AuditContext":{
+ "type":"structure",
+ "members":{
+ "AdditionalAuditContext":{"shape":"AuditContextString"}
+ }
+ },
+ "AuditContextString":{
+ "type":"string",
+ "max":2048,
+ "min":0,
+ "pattern":"[\\u0020-\\uD7FF\\uE000-\\uFFFD\\uD800\\uDC00-\\uDBFF\\uDFFF\\t]*"
+ },
+ "AuthorizedSessionTagValueList":{
+ "type":"list",
+ "member":{"shape":"NameString"}
+ },
"BatchGrantPermissionsRequest":{
"type":"structure",
"required":["Entries"],
@@ -907,6 +958,12 @@
"members":{
}
},
+ "CredentialTimeoutDurationSecondInteger":{
+ "type":"integer",
+ "box":true,
+ "max":43200,
+ "min":900
+ },
"DataCellsFilter":{
"type":"structure",
"required":[
@@ -974,7 +1031,10 @@
"DataLakeAdmins":{"shape":"DataLakePrincipalList"},
"CreateDatabaseDefaultPermissions":{"shape":"PrincipalPermissionsList"},
"CreateTableDefaultPermissions":{"shape":"PrincipalPermissionsList"},
- "TrustedResourceOwners":{"shape":"TrustedResourceOwners"}
+ "TrustedResourceOwners":{"shape":"TrustedResourceOwners"},
+ "AllowExternalDataFiltering":{"shape":"NullableBoolean"},
+ "ExternalDataFilteringAllowList":{"shape":"DataLakePrincipalList"},
+ "AuthorizedSessionTagValueList":{"shape":"AuthorizedSessionTagValueList"}
}
},
"DataLocationResource":{
@@ -1137,6 +1197,7 @@
"WorkUnitsExecutedCount":{"shape":"NumberOfItems"}
}
},
+ "ExpirationTimestamp":{"type":"timestamp"},
"ExpiredException":{
"type":"structure",
"members":{
@@ -1313,6 +1374,54 @@
"NextToken":{"shape":"TokenString"}
}
},
+ "GetTemporaryGluePartitionCredentialsRequest":{
+ "type":"structure",
+ "required":[
+ "TableArn",
+ "Partition",
+ "SupportedPermissionTypes"
+ ],
+ "members":{
+ "TableArn":{"shape":"ResourceArnString"},
+ "Partition":{"shape":"PartitionValueList"},
+ "Permissions":{"shape":"PermissionList"},
+ "DurationSeconds":{"shape":"CredentialTimeoutDurationSecondInteger"},
+ "AuditContext":{"shape":"AuditContext"},
+ "SupportedPermissionTypes":{"shape":"PermissionTypeList"}
+ }
+ },
+ "GetTemporaryGluePartitionCredentialsResponse":{
+ "type":"structure",
+ "members":{
+ "AccessKeyId":{"shape":"AccessKeyIdString"},
+ "SecretAccessKey":{"shape":"SecretAccessKeyString"},
+ "SessionToken":{"shape":"SessionTokenString"},
+ "Expiration":{"shape":"ExpirationTimestamp"}
+ }
+ },
+ "GetTemporaryGlueTableCredentialsRequest":{
+ "type":"structure",
+ "required":[
+ "TableArn",
+ "SupportedPermissionTypes"
+ ],
+ "members":{
+ "TableArn":{"shape":"ResourceArnString"},
+ "Permissions":{"shape":"PermissionList"},
+ "DurationSeconds":{"shape":"CredentialTimeoutDurationSecondInteger"},
+ "AuditContext":{"shape":"AuditContext"},
+ "SupportedPermissionTypes":{"shape":"PermissionTypeList"}
+ }
+ },
+ "GetTemporaryGlueTableCredentialsResponse":{
+ "type":"structure",
+ "members":{
+ "AccessKeyId":{"shape":"AccessKeyIdString"},
+ "SecretAccessKey":{"shape":"SecretAccessKeyString"},
+ "SessionToken":{"shape":"SessionTokenString"},
+ "Expiration":{"shape":"ExpirationTimestamp"}
+ }
+ },
"GetWorkUnitResultsRequest":{
"type":"structure",
"required":[
@@ -1651,6 +1760,13 @@
"Objects":{"shape":"TableObjectList"}
}
},
+ "PartitionValueList":{
+ "type":"structure",
+ "required":["Values"],
+ "members":{
+ "Values":{"shape":"ValueStringList"}
+ }
+ },
"PartitionValueString":{
"type":"string",
"max":1024
@@ -1689,6 +1805,26 @@
"type":"list",
"member":{"shape":"Permission"}
},
+ "PermissionType":{
+ "type":"string",
+ "enum":[
+ "COLUMN_PERMISSION",
+ "CELL_FILTER_PERMISSION"
+ ]
+ },
+ "PermissionTypeList":{
+ "type":"list",
+ "member":{"shape":"PermissionType"},
+ "max":255,
+ "min":1
+ },
+ "PermissionTypeMismatchException":{
+ "type":"structure",
+ "members":{
+ "Message":{"shape":"MessageString"}
+ },
+ "exception":true
+ },
"PlanningStatistics":{
"type":"structure",
"members":{
@@ -1932,6 +2068,8 @@
"TableList":{"shape":"TableLFTagsList"}
}
},
+ "SecretAccessKeyString":{"type":"string"},
+ "SessionTokenString":{"type":"string"},
"StartQueryPlanningRequest":{
"type":"structure",
"required":[
@@ -2257,6 +2395,12 @@
"Result":{"shape":"Result"}
}
},
+ "ValueString":{"type":"string"},
+ "ValueStringList":{
+ "type":"list",
+ "member":{"shape":"ValueString"},
+ "min":1
+ },
"VirtualObject":{
"type":"structure",
"required":["Uri"],
diff --git a/models/apis/lakeformation/2017-03-31/docs-2.json b/models/apis/lakeformation/2017-03-31/docs-2.json
index e71b7e717f1..e6654ee1401 100644
--- a/models/apis/lakeformation/2017-03-31/docs-2.json
+++ b/models/apis/lakeformation/2017-03-31/docs-2.json
@@ -23,6 +23,8 @@
"GetQueryStatistics": "Retrieves statistics on the planning and execution of a query.
",
"GetResourceLFTags": "Returns the LF-tags applied to a resource.
",
"GetTableObjects": "Returns the set of Amazon S3 objects that make up the specified governed table. A transaction ID or timestamp can be specified for time-travel queries.
",
+ "GetTemporaryGluePartitionCredentials": "This API is identical to GetTemporaryTableCredentials except that this is used when the target Data Catalog resource is of type Partition. Lake Formation restricts the permission of the vended credentials with the same scope down policy which restricts access to a single Amazon S3 prefix.
",
+ "GetTemporaryGlueTableCredentials": "Allows a caller in a secure environment to assume a role with permission to access Amazon S3. In order to vend such credentials, Lake Formation assumes the role associated with a registered location, for example an Amazon S3 bucket, with a scope down policy which restricts the access to a single prefix.
",
"GetWorkUnitResults": "Returns the work units resulting from the query. Work units can be executed in any order and in parallel.
",
"GetWorkUnits": "Retrieves the work units generated by the StartQueryPlanning operation.
",
"GrantPermissions": "Grants permissions to the principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3.
For information about permissions, see Security and Access Control to Metadata and Data.
",
@@ -51,6 +53,13 @@
"refs": {
}
},
+ "AccessKeyIdString": {
+ "base": null,
+ "refs": {
+ "GetTemporaryGluePartitionCredentialsResponse$AccessKeyId": "The access key ID for the temporary credentials.
",
+ "GetTemporaryGlueTableCredentialsResponse$AccessKeyId": "The access key ID for the temporary credentials.
"
+ }
+ },
"AddLFTagsToResourceRequest": {
"base": null,
"refs": {
@@ -78,6 +87,25 @@
"refs": {
}
},
+ "AuditContext": {
+ "base": "A structure used to include auditing information on the privileged API.
",
+ "refs": {
+ "GetTemporaryGluePartitionCredentialsRequest$AuditContext": "A structure representing context to access a resource (column names, query ID, etc).
",
+ "GetTemporaryGlueTableCredentialsRequest$AuditContext": "A structure representing context to access a resource (column names, query ID, etc).
"
+ }
+ },
+ "AuditContextString": {
+ "base": null,
+ "refs": {
+ "AuditContext$AdditionalAuditContext": "The filter engine can populate the 'AdditionalAuditContext' information with the request ID for you to track. This information will be displayed in CloudTrail log in your account.
"
+ }
+ },
+ "AuthorizedSessionTagValueList": {
+ "base": null,
+ "refs": {
+ "DataLakeSettings$AuthorizedSessionTagValueList": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = \"LakeFormationTrustedCaller\" and value = \"TRUE\" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation's administrative APIs.
"
+ }
+ },
"BatchGrantPermissionsRequest": {
"base": null,
"refs": {
@@ -213,7 +241,7 @@
"ColumnWildcard": {
"base": "A wildcard object, consisting of an optional list of excluded column names or indexes.
",
"refs": {
- "DataCellsFilter$ColumnWildcard": "A wildcard with exclusions.
",
+ "DataCellsFilter$ColumnWildcard": "A wildcard with exclusions.
You must specify either a ColumnNames list or the ColumnWildCard.
",
"TableWithColumnsResource$ColumnWildcard": "A wildcard specified by a ColumnWildcard object. At least one of ColumnNames or ColumnWildcard is required.
"
}
},
@@ -258,6 +286,13 @@
"refs": {
}
},
+ "CredentialTimeoutDurationSecondInteger": {
+ "base": null,
+ "refs": {
+ "GetTemporaryGluePartitionCredentialsRequest$DurationSeconds": "The time period, between 900 and 21,600 seconds, for the timeout of the temporary credentials.
",
+ "GetTemporaryGlueTableCredentialsRequest$DurationSeconds": "The time period, between 900 and 21,600 seconds, for the timeout of the temporary credentials.
"
+ }
+ },
"DataCellsFilter": {
"base": "A structure that describes certain columns on certain rows.
",
"refs": {
@@ -278,7 +313,7 @@
}
},
"DataLakePrincipal": {
- "base": "The AWS Lake Formation principal. Supported principals are IAM users or IAM roles.
",
+ "base": "The Lake Formation principal. Supported principals are IAM users or IAM roles.
",
"refs": {
"BatchPermissionsRequestEntry$Principal": "The principal to be granted a permission.
",
"DataLakePrincipalList$member": null,
@@ -292,7 +327,8 @@
"DataLakePrincipalList": {
"base": null,
"refs": {
- "DataLakeSettings$DataLakeAdmins": "A list of Lake Formation principals. Supported principals are IAM users or IAM roles.
"
+ "DataLakeSettings$DataLakeAdmins": "A list of Lake Formation principals. Supported principals are IAM users or IAM roles.
",
+ "DataLakeSettings$ExternalDataFilteringAllowList": "A list of the account IDs of Amazon Web Services accounts with Amazon EMR clusters that are to perform data filtering.>
"
}
},
"DataLakePrincipalString": {
@@ -450,6 +486,13 @@
"GetQueryStatisticsResponse$ExecutionStatistics": "An ExecutionStatistics structure containing execution statistics.
"
}
},
+ "ExpirationTimestamp": {
+ "base": null,
+ "refs": {
+ "GetTemporaryGluePartitionCredentialsResponse$Expiration": "The date and time when the temporary credentials expire.
",
+ "GetTemporaryGlueTableCredentialsResponse$Expiration": "The date and time when the temporary credentials expire.
"
+ }
+ },
"ExpiredException": {
"base": "Contains details about an error where the query request expired.
",
"refs": {
@@ -573,6 +616,26 @@
"refs": {
}
},
+ "GetTemporaryGluePartitionCredentialsRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "GetTemporaryGluePartitionCredentialsResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "GetTemporaryGlueTableCredentialsRequest": {
+ "base": null,
+ "refs": {
+ }
+ },
+ "GetTemporaryGlueTableCredentialsResponse": {
+ "base": null,
+ "refs": {
+ }
+ },
"GetWorkUnitResultsRequest": {
"base": null,
"refs": {
@@ -804,6 +867,7 @@
"InternalServiceException$Message": "A message describing the problem.
",
"InvalidInputException$Message": "A message describing the problem.
",
"OperationTimeoutException$Message": "A message describing the problem.
",
+ "PermissionTypeMismatchException$Message": "A message describing the problem.
",
"ResourceNotReadyException$Message": "A message describing the error.
",
"ResourceNumberLimitExceededException$Message": "A message describing the problem.
",
"StatisticsNotReadyYetException$Message": "A message describing the error.
",
@@ -820,6 +884,7 @@
"NameString": {
"base": null,
"refs": {
+ "AuthorizedSessionTagValueList$member": null,
"ColumnLFTag$Name": "The name of a column resource.
",
"ColumnNames$member": null,
"DataCellsFilter$DatabaseName": "A database in the Glue Data Catalog.
",
@@ -853,6 +918,7 @@
"NullableBoolean": {
"base": null,
"refs": {
+ "DataLakeSettings$AllowExternalDataFiltering": "Whether to allow Amazon EMR clusters to access data managed by Lake Formation.
If true, you allow Amazon EMR clusters to access data in Amazon S3 locations that are registered with Lake Formation.
If false or null, no Amazon EMR clusters will be able to access data in Amazon S3 locations that are registered with Lake Formation.
For more information, see (Optional) Allow Data Filtering on Amazon EMR.
",
"RegisterResourceRequest$UseServiceLinkedRole": "Designates an Identity and Access Management (IAM) service-linked role by registering this role with the Data Catalog. A service-linked role is a unique type of IAM role that is linked directly to Lake Formation.
For more information, see Using Service-Linked Roles for Lake Formation.
"
}
},
@@ -919,6 +985,12 @@
"PartitionedTableObjectsList$member": null
}
},
+ "PartitionValueList": {
+ "base": "Contains a list of values defining partitions.
",
+ "refs": {
+ "GetTemporaryGluePartitionCredentialsRequest$Partition": "A list of partition values identifying a single partition.
"
+ }
+ },
"PartitionValueString": {
"base": null,
"refs": {
@@ -950,6 +1022,8 @@
"refs": {
"BatchPermissionsRequestEntry$Permissions": "The permissions to be granted.
",
"BatchPermissionsRequestEntry$PermissionsWithGrantOption": "Indicates if the option to pass permissions is granted.
",
+ "GetTemporaryGluePartitionCredentialsRequest$Permissions": "Filters the request based on the user having been granted a list of specified permissions on the requested resource(s).
",
+ "GetTemporaryGlueTableCredentialsRequest$Permissions": "Filters the request based on the user having been granted a list of specified permissions on the requested resource(s).
",
"GrantPermissionsRequest$Permissions": "The permissions granted to the principal on the resource. Lake Formation defines privileges to grant and revoke access to metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3. Lake Formation requires that each principal be authorized to perform a specific task on Lake Formation resources.
",
"GrantPermissionsRequest$PermissionsWithGrantOption": "Indicates a list of the granted permissions that the principal may pass to other users. These permissions may only be a subset of the permissions granted in the Privileges.
",
"PrincipalPermissions$Permissions": "The permissions that are granted to the principal.
",
@@ -959,6 +1033,24 @@
"RevokePermissionsRequest$PermissionsWithGrantOption": "Indicates a list of permissions for which to revoke the grant option allowing the principal to pass permissions to other principals.
"
}
},
+ "PermissionType": {
+ "base": null,
+ "refs": {
+ "PermissionTypeList$member": null
+ }
+ },
+ "PermissionTypeList": {
+ "base": null,
+ "refs": {
+ "GetTemporaryGluePartitionCredentialsRequest$SupportedPermissionTypes": "A list of supported permission types for the partition. Valid values are COLUMN_PERMISSION and CELL_FILTER_PERMISSION.
",
+ "GetTemporaryGlueTableCredentialsRequest$SupportedPermissionTypes": "A list of supported permission types for the table. Valid values are COLUMN_PERMISSION and CELL_FILTER_PERMISSION.
"
+ }
+ },
+ "PermissionTypeMismatchException": {
+ "base": "The engine does not support filtering data based on the enforced permissions. For example, if you call the GetTemporaryGlueTableCredentials operation with SupportedPermissionType equal to ColumnPermission, but cell-level permissions exist on the table, this exception is thrown.
",
+ "refs": {
+ }
+ },
"PlanningStatistics": {
"base": "Statistics related to the processing of a query statement.
",
"refs": {
@@ -1085,6 +1177,8 @@
"DeregisterResourceRequest$ResourceArn": "The Amazon Resource Name (ARN) of the resource that you want to deregister.
",
"DescribeResourceRequest$ResourceArn": "The resource ARN.
",
"GetEffectivePermissionsForPathRequest$ResourceArn": "The Amazon Resource Name (ARN) of the resource for which you want to get permissions.
",
+ "GetTemporaryGluePartitionCredentialsRequest$TableArn": "The ARN of the partitions' table.
",
+ "GetTemporaryGlueTableCredentialsRequest$TableArn": "The ARN identifying a table in the Data Catalog for the temporary credentials request.
",
"RegisterResourceRequest$ResourceArn": "The Amazon Resource Name (ARN) of the resource that you want to register.
",
"ResourceInfo$ResourceArn": "The Amazon Resource Name (ARN) of the resource.
",
"UpdateResourceRequest$ResourceArn": "The resource ARN.
"
@@ -1179,6 +1273,20 @@
"refs": {
}
},
+ "SecretAccessKeyString": {
+ "base": null,
+ "refs": {
+ "GetTemporaryGluePartitionCredentialsResponse$SecretAccessKey": "The secret key for the temporary credentials.
",
+ "GetTemporaryGlueTableCredentialsResponse$SecretAccessKey": "The secret key for the temporary credentials.
"
+ }
+ },
+ "SessionTokenString": {
+ "base": null,
+ "refs": {
+ "GetTemporaryGluePartitionCredentialsResponse$SessionToken": "The session token for the temporary credentials.
",
+ "GetTemporaryGlueTableCredentialsResponse$SessionToken": "The session token for the temporary credentials.
"
+ }
+ },
"StartQueryPlanningRequest": {
"base": null,
"refs": {
@@ -1503,6 +1611,18 @@
"refs": {
}
},
+ "ValueString": {
+ "base": null,
+ "refs": {
+ "ValueStringList$member": null
+ }
+ },
+ "ValueStringList": {
+ "base": null,
+ "refs": {
+ "PartitionValueList$Values": "The list of partition values.
"
+ }
+ },
"VirtualObject": {
"base": "An object that defines an Amazon S3 object to be deleted if a transaction cancels, provided that VirtualPut was called before writing the object.
",
"refs": {
diff --git a/models/apis/quicksight/2018-04-01/docs-2.json b/models/apis/quicksight/2018-04-01/docs-2.json
index 6fa54367f2f..c2158b00a65 100644
--- a/models/apis/quicksight/2018-04-01/docs-2.json
+++ b/models/apis/quicksight/2018-04-01/docs-2.json
@@ -6,14 +6,14 @@
"CreateAccountCustomization": "Creates Amazon QuickSight customizations the current Amazon Web Services Region. Currently, you can add a custom default theme by using the CreateAccountCustomization or UpdateAccountCustomization API operation. To further customize Amazon QuickSight by removing Amazon QuickSight sample assets and videos for all new users, see Customizing Amazon QuickSight in the Amazon QuickSight User Guide.
You can create customizations for your Amazon Web Services account or, if you specify a namespace, for a QuickSight namespace instead. Customizations that apply to a namespace always override customizations that apply to an Amazon Web Services account. To find out which customizations apply, use the DescribeAccountCustomization API operation.
Before you use the CreateAccountCustomization API operation to add a theme as the namespace default, make sure that you first share the theme with the namespace. If you don't share it with the namespace, the theme isn't visible to your users even if you make it the default theme. To check if the theme is shared, view the current permissions by using the DescribeThemePermissions API operation. To share the theme, grant permissions by using the UpdateThemePermissions API operation.
",
"CreateAnalysis": "Creates an analysis in Amazon QuickSight.
",
"CreateDashboard": "Creates a dashboard from a template. To first create a template, see the CreateTemplate API operation.
A dashboard is an entity in Amazon QuickSight that identifies Amazon QuickSight reports, created from analyses. You can share Amazon QuickSight dashboards. With the right permissions, you can create scheduled email reports from them. If you have the correct permissions, you can create a dashboard from a template that exists in a different Amazon Web Services account.
",
- "CreateDataSet": "Creates a dataset.
",
+ "CreateDataSet": "Creates a dataset. This operation doesn't support datasets that include uploaded files as a source.
",
"CreateDataSource": "Creates a data source.
",
"CreateFolder": "Creates an empty shared folder.
",
"CreateFolderMembership": "Adds an asset, such as a dashboard, analysis, or dataset into a folder.
",
"CreateGroup": "Creates an Amazon QuickSight group.
The permissions resource is arn:aws:quicksight:us-east-1:<relevant-aws-account-id>:group/default/<group-name> .
The response is a group object.
",
"CreateGroupMembership": "Adds an Amazon QuickSight user to an Amazon QuickSight group.
",
"CreateIAMPolicyAssignment": "Creates an assignment with one specified IAM policy, identified by its Amazon Resource Name (ARN). This policy assignment is attached to the specified groups or users of Amazon QuickSight. Assignment names are unique per Amazon Web Services account. To avoid overwriting rules in other namespaces, use assignment names that are unique.
",
- "CreateIngestion": "Creates and starts a new SPICE ingestion on a dataset
Any ingestions operating on tagged datasets inherit the same tags automatically for use in access control. For an example, see How do I create an IAM policy to control access to Amazon EC2 resources using tags? in the Amazon Web Services Knowledge Center. Tags are visible on the tagged dataset, but not on the ingestion resource.
",
+ "CreateIngestion": "Creates and starts a new SPICE ingestion for a dataset. You can manually refresh datasets in an Enterprise edition account 32 times in a 24-hour period. You can manually refresh datasets in a Standard edition account 8 times in a 24-hour period. Each 24-hour period is measured starting 24 hours before the current date and time.
Any ingestions operating on tagged datasets inherit the same tags automatically for use in access control. For an example, see How do I create an IAM policy to control access to Amazon EC2 resources using tags? in the Amazon Web Services Knowledge Center. Tags are visible on the tagged dataset, but not on the ingestion resource.
",
"CreateNamespace": "(Enterprise edition only) Creates a new namespace for you to use with Amazon QuickSight.
A namespace allows you to isolate the Amazon QuickSight users and groups that are registered for that namespace. Users that access the namespace can share assets only with other users or groups in the same namespace. They can't see users and groups in other namespaces. You can create a namespace after your Amazon Web Services account is subscribed to Amazon QuickSight. The namespace must be unique within the Amazon Web Services account. By default, there is a limit of 100 namespaces per Amazon Web Services account. To increase your limit, create a ticket with Amazon Web Services Support.
",
"CreateTemplate": "Creates a template from an existing Amazon QuickSight analysis or template. You can use the resulting template to create a dashboard.
A template is an entity in Amazon QuickSight that encapsulates the metadata required to create an analysis and that you can use to create s dashboard. A template adds a layer of abstraction by using placeholders to replace the dataset associated with the analysis. You can use templates to create dashboards by replacing dataset placeholders with datasets that follow the same schema that was used to create the source analysis and template.
",
"CreateTemplateAlias": "Creates a template alias for a template.
",
@@ -42,7 +42,7 @@
"DescribeAnalysisPermissions": "Provides the read and write permissions for an analysis.
",
"DescribeDashboard": "Provides a summary for a dashboard.
",
"DescribeDashboardPermissions": "Describes read and write permissions for a dashboard.
",
- "DescribeDataSet": "Describes a dataset.
",
+ "DescribeDataSet": "Describes a dataset. This operation doesn't support datasets that include uploaded files as a source.
",
"DescribeDataSetPermissions": "Describes the permissions on a dataset.
The permissions resource is arn:aws:quicksight:region:aws-account-id:dataset/data-set-id.
",
"DescribeDataSource": "Describes a data source.
",
"DescribeDataSourcePermissions": "Describes the resource permissions for a data source.
",
@@ -101,7 +101,7 @@
"UpdateDashboard": "Updates a dashboard in an Amazon Web Services account.
Updating a Dashboard creates a new dashboard version but does not immediately publish the new version. You can update the published version of a dashboard by using the UpdateDashboardPublishedVersion API operation.
",
"UpdateDashboardPermissions": "Updates read and write permissions on a dashboard.
",
"UpdateDashboardPublishedVersion": "Updates the published version of a dashboard.
",
- "UpdateDataSet": "Updates a dataset.
",
+ "UpdateDataSet": "Updates a dataset. This operation doesn't support datasets that include uploaded files as a source.
",
"UpdateDataSetPermissions": "Updates the permissions on a dataset.
The permissions resource is arn:aws:quicksight:region:aws-account-id:dataset/data-set-id.
",
"UpdateDataSource": "Updates a data source.
",
"UpdateDataSourcePermissions": "Updates the permissions to a data source.
",
diff --git a/models/apis/sagemaker/2017-07-24/api-2.json b/models/apis/sagemaker/2017-07-24/api-2.json
index f8334b948a2..3e4e33b7217 100644
--- a/models/apis/sagemaker/2017-07-24/api-2.json
+++ b/models/apis/sagemaker/2017-07-24/api-2.json
@@ -15349,7 +15349,15 @@
"ml.c5n.2xlarge",
"ml.c5n.4xlarge",
"ml.c5n.9xlarge",
- "ml.c5n.18xlarge"
+ "ml.c5n.18xlarge",
+ "ml.g5.xlarge",
+ "ml.g5.2xlarge",
+ "ml.g5.4xlarge",
+ "ml.g5.8xlarge",
+ "ml.g5.16xlarge",
+ "ml.g5.12xlarge",
+ "ml.g5.24xlarge",
+ "ml.g5.48xlarge"
]
},
"TrainingInstanceTypes":{
diff --git a/models/apis/snowball/2016-06-30/api-2.json b/models/apis/snowball/2016-06-30/api-2.json
index cb27123e3bd..45a126638e9 100755
--- a/models/apis/snowball/2016-06-30/api-2.json
+++ b/models/apis/snowball/2016-06-30/api-2.json
@@ -706,6 +706,8 @@
},
"GSTIN":{
"type":"string",
+ "max":15,
+ "min":15,
"pattern":"\\d{2}[A-Z]{5}\\d{4}[A-Z]{1}[A-Z\\d]{1}[Z]{1}[A-Z\\d]{1}"
},
"GetJobManifestRequest":{
@@ -1191,7 +1193,8 @@
"String":{
"type":"string",
"max":1024,
- "min":1
+ "min":1,
+ "pattern":".*"
},
"TGWOnDeviceServiceConfiguration":{
"type":"structure",
diff --git a/models/apis/snowball/2016-06-30/docs-2.json b/models/apis/snowball/2016-06-30/docs-2.json
index 5a1a8205fdf..5846de8b564 100755
--- a/models/apis/snowball/2016-06-30/docs-2.json
+++ b/models/apis/snowball/2016-06-30/docs-2.json
@@ -796,7 +796,7 @@
"ClusterMetadata$Description": "The optional description of the cluster.
",
"CompatibleImage$AmiId": "The unique identifier for an individual Snow device AMI.
",
"CompatibleImage$Name": "The optional name of a compatible image.
",
- "ConflictException$ConflictResource": null,
+ "ConflictException$ConflictResource": "You get this resource when you call CreateReturnShippingLabel more than once when other requests are not completed. .
",
"ConflictException$Message": null,
"CreateAddressResult$AddressId": "The automatically generated ID for a specific address. You'll use this ID when you create a job to specify which address you want the Snow device for that job shipped to.
",
"CreateClusterRequest$Description": "An optional description of this specific cluster, for example Environmental Data Cluster-01.
",
diff --git a/models/apis/snowball/2016-06-30/examples-1.json b/models/apis/snowball/2016-06-30/examples-1.json
index 9d69971863e..2b13f7b443a 100755
--- a/models/apis/snowball/2016-06-30/examples-1.json
+++ b/models/apis/snowball/2016-06-30/examples-1.json
@@ -413,7 +413,7 @@
"input": {
"AddressId": "ADID1234ab12-3eec-4eb3-9be6-9374c10eb51b",
"ClusterId": "CID123e4567-e89b-12d3-a456-426655440000",
- "Description": "Updated the address to send this to image processing - RJ"
+ "Description": "updated-cluster-name"
},
"comments": {
},
@@ -426,7 +426,7 @@
{
"input": {
"AddressId": "ADID1234ab12-3eec-4eb3-9be6-9374c10eb51b",
- "Description": "Upgraded to Edge, shipped to Finance Dept, and requested faster shipping speed - TS.",
+ "Description": "updated-job-name",
"JobId": "JID123e4567-e89b-12d3-a456-426655440000",
"ShippingOption": "NEXT_DAY",
"SnowballCapacityPreference": "T100"
diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json
index 038972a82fa..53435844ef6 100644
--- a/models/endpoints/endpoints.json
+++ b/models/endpoints/endpoints.json
@@ -10103,6 +10103,66 @@
}
}
},
+ "s3-outposts" : {
+ "endpoints" : {
+ "af-south-1" : { },
+ "ap-east-1" : { },
+ "ap-northeast-1" : { },
+ "ap-northeast-2" : { },
+ "ap-northeast-3" : { },
+ "ap-south-1" : { },
+ "ap-southeast-1" : { },
+ "ap-southeast-2" : { },
+ "ca-central-1" : {
+ "variants" : [ {
+ "tags" : [ "fips" ]
+ } ]
+ },
+ "eu-central-1" : { },
+ "eu-north-1" : { },
+ "eu-south-1" : { },
+ "eu-west-1" : { },
+ "eu-west-2" : { },
+ "eu-west-3" : { },
+ "fips-ca-central-1" : {
+ "deprecated" : true
+ },
+ "fips-us-east-1" : {
+ "deprecated" : true
+ },
+ "fips-us-east-2" : {
+ "deprecated" : true
+ },
+ "fips-us-west-1" : {
+ "deprecated" : true
+ },
+ "fips-us-west-2" : {
+ "deprecated" : true
+ },
+ "me-south-1" : { },
+ "sa-east-1" : { },
+ "us-east-1" : {
+ "variants" : [ {
+ "tags" : [ "fips" ]
+ } ]
+ },
+ "us-east-2" : {
+ "variants" : [ {
+ "tags" : [ "fips" ]
+ } ]
+ },
+ "us-west-1" : {
+ "variants" : [ {
+ "tags" : [ "fips" ]
+ } ]
+ },
+ "us-west-2" : {
+ "variants" : [ {
+ "tags" : [ "fips" ]
+ } ]
+ }
+ }
+ },
"savingsplans" : {
"endpoints" : {
"aws-global" : {
@@ -15762,6 +15822,12 @@
},
"oidc" : {
"endpoints" : {
+ "us-gov-east-1" : {
+ "credentialScope" : {
+ "region" : "us-gov-east-1"
+ },
+ "hostname" : "oidc.us-gov-east-1.amazonaws.com"
+ },
"us-gov-west-1" : {
"credentialScope" : {
"region" : "us-gov-west-1"
@@ -16217,6 +16283,26 @@
}
}
},
+ "s3-outposts" : {
+ "endpoints" : {
+ "fips-us-gov-east-1" : {
+ "deprecated" : true
+ },
+ "fips-us-gov-west-1" : {
+ "deprecated" : true
+ },
+ "us-gov-east-1" : {
+ "variants" : [ {
+ "tags" : [ "fips" ]
+ } ]
+ },
+ "us-gov-west-1" : {
+ "variants" : [ {
+ "tags" : [ "fips" ]
+ } ]
+ }
+ }
+ },
"secretsmanager" : {
"endpoints" : {
"us-gov-east-1" : {
diff --git a/service/appstream/api.go b/service/appstream/api.go
index d650d15b83c..a29290d8f58 100644
--- a/service/appstream/api.go
+++ b/service/appstream/api.go
@@ -105,6 +105,98 @@ func (c *AppStream) AssociateApplicationFleetWithContext(ctx aws.Context, input
return out, req.Send()
}
+const opAssociateApplicationToEntitlement = "AssociateApplicationToEntitlement"
+
+// AssociateApplicationToEntitlementRequest generates a "aws/request.Request" representing the
+// client's request for the AssociateApplicationToEntitlement operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See AssociateApplicationToEntitlement for more information on using the AssociateApplicationToEntitlement
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the AssociateApplicationToEntitlementRequest method.
+// req, resp := client.AssociateApplicationToEntitlementRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/AssociateApplicationToEntitlement
+func (c *AppStream) AssociateApplicationToEntitlementRequest(input *AssociateApplicationToEntitlementInput) (req *request.Request, output *AssociateApplicationToEntitlementOutput) {
+ op := &request.Operation{
+ Name: opAssociateApplicationToEntitlement,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &AssociateApplicationToEntitlementInput{}
+ }
+
+ output = &AssociateApplicationToEntitlementOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// AssociateApplicationToEntitlement API operation for Amazon AppStream.
+//
+// Associates an application to entitle.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon AppStream's
+// API operation AssociateApplicationToEntitlement for usage and error information.
+//
+// Returned Error Types:
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
+//
+// * ResourceNotFoundException
+// The specified resource was not found.
+//
+// * EntitlementNotFoundException
+// The entitlement can't be found.
+//
+// * LimitExceededException
+// The requested limit exceeds the permitted limit for an account.
+//
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/AssociateApplicationToEntitlement
+func (c *AppStream) AssociateApplicationToEntitlement(input *AssociateApplicationToEntitlementInput) (*AssociateApplicationToEntitlementOutput, error) {
+ req, out := c.AssociateApplicationToEntitlementRequest(input)
+ return out, req.Send()
+}
+
+// AssociateApplicationToEntitlementWithContext is the same as AssociateApplicationToEntitlement with the addition of
+// the ability to pass a context and additional request options.
+//
+// See AssociateApplicationToEntitlement for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *AppStream) AssociateApplicationToEntitlementWithContext(ctx aws.Context, input *AssociateApplicationToEntitlementInput, opts ...request.Option) (*AssociateApplicationToEntitlementOutput, error) {
+ req, out := c.AssociateApplicationToEntitlementRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
const opAssociateFleet = "AssociateFleet"
// AssociateFleetRequest generates a "aws/request.Request" representing the
@@ -756,6 +848,99 @@ func (c *AppStream) CreateDirectoryConfigWithContext(ctx aws.Context, input *Cre
return out, req.Send()
}
+const opCreateEntitlement = "CreateEntitlement"
+
+// CreateEntitlementRequest generates a "aws/request.Request" representing the
+// client's request for the CreateEntitlement operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See CreateEntitlement for more information on using the CreateEntitlement
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the CreateEntitlementRequest method.
+// req, resp := client.CreateEntitlementRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/CreateEntitlement
+func (c *AppStream) CreateEntitlementRequest(input *CreateEntitlementInput) (req *request.Request, output *CreateEntitlementOutput) {
+ op := &request.Operation{
+ Name: opCreateEntitlement,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &CreateEntitlementInput{}
+ }
+
+ output = &CreateEntitlementOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// CreateEntitlement API operation for Amazon AppStream.
+//
+// Creates a new entitlement. Entitlements control access to specific applications
+// within a stack, based on user attributes. Entitlements apply to SAML 2.0
+// federated user identities. Amazon AppStream 2.0 user pool and streaming URL
+// users are entitled to all applications in a stack. Entitlements don't apply
+// to the desktop stream view application, or to applications managed by a dynamic
+// app provider using the Dynamic Application Framework.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon AppStream's
+// API operation CreateEntitlement for usage and error information.
+//
+// Returned Error Types:
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
+//
+// * ResourceNotFoundException
+// The specified resource was not found.
+//
+// * LimitExceededException
+// The requested limit exceeds the permitted limit for an account.
+//
+// * EntitlementAlreadyExistsException
+// The entitlement already exists.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/CreateEntitlement
+func (c *AppStream) CreateEntitlement(input *CreateEntitlementInput) (*CreateEntitlementOutput, error) {
+ req, out := c.CreateEntitlementRequest(input)
+ return out, req.Send()
+}
+
+// CreateEntitlementWithContext is the same as CreateEntitlement with the addition of
+// the ability to pass a context and additional request options.
+//
+// See CreateEntitlement for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *AppStream) CreateEntitlementWithContext(ctx aws.Context, input *CreateEntitlementInput, opts ...request.Option) (*CreateEntitlementOutput, error) {
+ req, out := c.CreateEntitlementRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
const opCreateFleet = "CreateFleet"
// CreateFleetRequest generates a "aws/request.Request" representing the
@@ -1798,6 +1983,98 @@ func (c *AppStream) DeleteDirectoryConfigWithContext(ctx aws.Context, input *Del
return out, req.Send()
}
+const opDeleteEntitlement = "DeleteEntitlement"
+
+// DeleteEntitlementRequest generates a "aws/request.Request" representing the
+// client's request for the DeleteEntitlement operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DeleteEntitlement for more information on using the DeleteEntitlement
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DeleteEntitlementRequest method.
+// req, resp := client.DeleteEntitlementRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DeleteEntitlement
+func (c *AppStream) DeleteEntitlementRequest(input *DeleteEntitlementInput) (req *request.Request, output *DeleteEntitlementOutput) {
+ op := &request.Operation{
+ Name: opDeleteEntitlement,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DeleteEntitlementInput{}
+ }
+
+ output = &DeleteEntitlementOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// DeleteEntitlement API operation for Amazon AppStream.
+//
+// Deletes the specified entitlement.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon AppStream's
+// API operation DeleteEntitlement for usage and error information.
+//
+// Returned Error Types:
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
+//
+// * ResourceNotFoundException
+// The specified resource was not found.
+//
+// * EntitlementNotFoundException
+// The entitlement can't be found.
+//
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
+//
+// * ConcurrentModificationException
+// An API error occurred. Wait a few minutes and try again.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DeleteEntitlement
+func (c *AppStream) DeleteEntitlement(input *DeleteEntitlementInput) (*DeleteEntitlementOutput, error) {
+ req, out := c.DeleteEntitlementRequest(input)
+ return out, req.Send()
+}
+
+// DeleteEntitlementWithContext is the same as DeleteEntitlement with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DeleteEntitlement for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *AppStream) DeleteEntitlementWithContext(ctx aws.Context, input *DeleteEntitlementInput, opts ...request.Option) (*DeleteEntitlementOutput, error) {
+ req, out := c.DeleteEntitlementRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
const opDeleteFleet = "DeleteFleet"
// DeleteFleetRequest generates a "aws/request.Request" representing the
@@ -2207,6 +2484,9 @@ func (c *AppStream) DeleteStackRequest(input *DeleteStackInput) (req *request.Re
// * ResourceNotFoundException
// The specified resource was not found.
//
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
+//
// * ConcurrentModificationException
// An API error occurred. Wait a few minutes and try again.
//
@@ -2729,129 +3009,214 @@ func (c *AppStream) DescribeDirectoryConfigsWithContext(ctx aws.Context, input *
return out, req.Send()
}
-const opDescribeFleets = "DescribeFleets"
+const opDescribeEntitlements = "DescribeEntitlements"
-// DescribeFleetsRequest generates a "aws/request.Request" representing the
-// client's request for the DescribeFleets operation. The "output" return
+// DescribeEntitlementsRequest generates a "aws/request.Request" representing the
+// client's request for the DescribeEntitlements operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See DescribeFleets for more information on using the DescribeFleets
+// See DescribeEntitlements for more information on using the DescribeEntitlements
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the DescribeFleetsRequest method.
-// req, resp := client.DescribeFleetsRequest(params)
+// // Example sending a request using the DescribeEntitlementsRequest method.
+// req, resp := client.DescribeEntitlementsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DescribeFleets
-func (c *AppStream) DescribeFleetsRequest(input *DescribeFleetsInput) (req *request.Request, output *DescribeFleetsOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DescribeEntitlements
+func (c *AppStream) DescribeEntitlementsRequest(input *DescribeEntitlementsInput) (req *request.Request, output *DescribeEntitlementsOutput) {
op := &request.Operation{
- Name: opDescribeFleets,
+ Name: opDescribeEntitlements,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
- input = &DescribeFleetsInput{}
+ input = &DescribeEntitlementsInput{}
}
- output = &DescribeFleetsOutput{}
+ output = &DescribeEntitlementsOutput{}
req = c.newRequest(op, input, output)
return
}
-// DescribeFleets API operation for Amazon AppStream.
+// DescribeEntitlements API operation for Amazon AppStream.
//
-// Retrieves a list that describes one or more specified fleets, if the fleet
-// names are provided. Otherwise, all fleets in the account are described.
+// Retrieves a list that describes one of more entitlements.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon AppStream's
-// API operation DescribeFleets for usage and error information.
+// API operation DescribeEntitlements for usage and error information.
//
// Returned Error Types:
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
+//
// * ResourceNotFoundException
// The specified resource was not found.
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DescribeFleets
-func (c *AppStream) DescribeFleets(input *DescribeFleetsInput) (*DescribeFleetsOutput, error) {
- req, out := c.DescribeFleetsRequest(input)
+// * EntitlementNotFoundException
+// The entitlement can't be found.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DescribeEntitlements
+func (c *AppStream) DescribeEntitlements(input *DescribeEntitlementsInput) (*DescribeEntitlementsOutput, error) {
+ req, out := c.DescribeEntitlementsRequest(input)
return out, req.Send()
}
-// DescribeFleetsWithContext is the same as DescribeFleets with the addition of
+// DescribeEntitlementsWithContext is the same as DescribeEntitlements with the addition of
// the ability to pass a context and additional request options.
//
-// See DescribeFleets for details on how to use this API operation.
+// See DescribeEntitlements for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *AppStream) DescribeFleetsWithContext(ctx aws.Context, input *DescribeFleetsInput, opts ...request.Option) (*DescribeFleetsOutput, error) {
- req, out := c.DescribeFleetsRequest(input)
+func (c *AppStream) DescribeEntitlementsWithContext(ctx aws.Context, input *DescribeEntitlementsInput, opts ...request.Option) (*DescribeEntitlementsOutput, error) {
+ req, out := c.DescribeEntitlementsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opDescribeImageBuilders = "DescribeImageBuilders"
+const opDescribeFleets = "DescribeFleets"
-// DescribeImageBuildersRequest generates a "aws/request.Request" representing the
-// client's request for the DescribeImageBuilders operation. The "output" return
+// DescribeFleetsRequest generates a "aws/request.Request" representing the
+// client's request for the DescribeFleets operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See DescribeImageBuilders for more information on using the DescribeImageBuilders
+// See DescribeFleets for more information on using the DescribeFleets
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the DescribeImageBuildersRequest method.
-// req, resp := client.DescribeImageBuildersRequest(params)
+// // Example sending a request using the DescribeFleetsRequest method.
+// req, resp := client.DescribeFleetsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DescribeImageBuilders
-func (c *AppStream) DescribeImageBuildersRequest(input *DescribeImageBuildersInput) (req *request.Request, output *DescribeImageBuildersOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DescribeFleets
+func (c *AppStream) DescribeFleetsRequest(input *DescribeFleetsInput) (req *request.Request, output *DescribeFleetsOutput) {
op := &request.Operation{
- Name: opDescribeImageBuilders,
+ Name: opDescribeFleets,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
- input = &DescribeImageBuildersInput{}
+ input = &DescribeFleetsInput{}
}
- output = &DescribeImageBuildersOutput{}
+ output = &DescribeFleetsOutput{}
req = c.newRequest(op, input, output)
return
}
-// DescribeImageBuilders API operation for Amazon AppStream.
+// DescribeFleets API operation for Amazon AppStream.
+//
+// Retrieves a list that describes one or more specified fleets, if the fleet
+// names are provided. Otherwise, all fleets in the account are described.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon AppStream's
+// API operation DescribeFleets for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// The specified resource was not found.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DescribeFleets
+func (c *AppStream) DescribeFleets(input *DescribeFleetsInput) (*DescribeFleetsOutput, error) {
+ req, out := c.DescribeFleetsRequest(input)
+ return out, req.Send()
+}
+
+// DescribeFleetsWithContext is the same as DescribeFleets with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DescribeFleets for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *AppStream) DescribeFleetsWithContext(ctx aws.Context, input *DescribeFleetsInput, opts ...request.Option) (*DescribeFleetsOutput, error) {
+ req, out := c.DescribeFleetsRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opDescribeImageBuilders = "DescribeImageBuilders"
+
+// DescribeImageBuildersRequest generates a "aws/request.Request" representing the
+// client's request for the DescribeImageBuilders operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DescribeImageBuilders for more information on using the DescribeImageBuilders
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DescribeImageBuildersRequest method.
+// req, resp := client.DescribeImageBuildersRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DescribeImageBuilders
+func (c *AppStream) DescribeImageBuildersRequest(input *DescribeImageBuildersInput) (req *request.Request, output *DescribeImageBuildersOutput) {
+ op := &request.Operation{
+ Name: opDescribeImageBuilders,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DescribeImageBuildersInput{}
+ }
+
+ output = &DescribeImageBuildersOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// DescribeImageBuilders API operation for Amazon AppStream.
//
// Retrieves a list that describes one or more specified image builders, if
// the image builder names are provided. Otherwise, all image builders in the
@@ -3755,6 +4120,95 @@ func (c *AppStream) DisassociateApplicationFleetWithContext(ctx aws.Context, inp
return out, req.Send()
}
+const opDisassociateApplicationFromEntitlement = "DisassociateApplicationFromEntitlement"
+
+// DisassociateApplicationFromEntitlementRequest generates a "aws/request.Request" representing the
+// client's request for the DisassociateApplicationFromEntitlement operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See DisassociateApplicationFromEntitlement for more information on using the DisassociateApplicationFromEntitlement
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the DisassociateApplicationFromEntitlementRequest method.
+// req, resp := client.DisassociateApplicationFromEntitlementRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DisassociateApplicationFromEntitlement
+func (c *AppStream) DisassociateApplicationFromEntitlementRequest(input *DisassociateApplicationFromEntitlementInput) (req *request.Request, output *DisassociateApplicationFromEntitlementOutput) {
+ op := &request.Operation{
+ Name: opDisassociateApplicationFromEntitlement,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &DisassociateApplicationFromEntitlementInput{}
+ }
+
+ output = &DisassociateApplicationFromEntitlementOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// DisassociateApplicationFromEntitlement API operation for Amazon AppStream.
+//
+// Deletes the specified application from the specified entitlement.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon AppStream's
+// API operation DisassociateApplicationFromEntitlement for usage and error information.
+//
+// Returned Error Types:
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
+//
+// * ResourceNotFoundException
+// The specified resource was not found.
+//
+// * EntitlementNotFoundException
+// The entitlement can't be found.
+//
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/DisassociateApplicationFromEntitlement
+func (c *AppStream) DisassociateApplicationFromEntitlement(input *DisassociateApplicationFromEntitlementInput) (*DisassociateApplicationFromEntitlementOutput, error) {
+ req, out := c.DisassociateApplicationFromEntitlementRequest(input)
+ return out, req.Send()
+}
+
+// DisassociateApplicationFromEntitlementWithContext is the same as DisassociateApplicationFromEntitlement with the addition of
+// the ability to pass a context and additional request options.
+//
+// See DisassociateApplicationFromEntitlement for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *AppStream) DisassociateApplicationFromEntitlementWithContext(ctx aws.Context, input *DisassociateApplicationFromEntitlementInput, opts ...request.Option) (*DisassociateApplicationFromEntitlementOutput, error) {
+ req, out := c.DisassociateApplicationFromEntitlementRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
const opDisassociateFleet = "DisassociateFleet"
// DisassociateFleetRequest generates a "aws/request.Request" representing the
@@ -4152,6 +4606,91 @@ func (c *AppStream) ListAssociatedStacksWithContext(ctx aws.Context, input *List
return out, req.Send()
}
+const opListEntitledApplications = "ListEntitledApplications"
+
+// ListEntitledApplicationsRequest generates a "aws/request.Request" representing the
+// client's request for the ListEntitledApplications operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ListEntitledApplications for more information on using the ListEntitledApplications
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ListEntitledApplicationsRequest method.
+// req, resp := client.ListEntitledApplicationsRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/ListEntitledApplications
+func (c *AppStream) ListEntitledApplicationsRequest(input *ListEntitledApplicationsInput) (req *request.Request, output *ListEntitledApplicationsOutput) {
+ op := &request.Operation{
+ Name: opListEntitledApplications,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &ListEntitledApplicationsInput{}
+ }
+
+ output = &ListEntitledApplicationsOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ListEntitledApplications API operation for Amazon AppStream.
+//
+// Retrieves a list of entitled applications.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon AppStream's
+// API operation ListEntitledApplications for usage and error information.
+//
+// Returned Error Types:
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
+//
+// * ResourceNotFoundException
+// The specified resource was not found.
+//
+// * EntitlementNotFoundException
+// The entitlement can't be found.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/ListEntitledApplications
+func (c *AppStream) ListEntitledApplications(input *ListEntitledApplicationsInput) (*ListEntitledApplicationsOutput, error) {
+ req, out := c.ListEntitledApplicationsRequest(input)
+ return out, req.Send()
+}
+
+// ListEntitledApplicationsWithContext is the same as ListEntitledApplications with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ListEntitledApplications for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *AppStream) ListEntitledApplicationsWithContext(ctx aws.Context, input *ListEntitledApplicationsInput, opts ...request.Option) (*ListEntitledApplicationsOutput, error) {
+ req, out := c.ListEntitledApplicationsRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
const opListTagsForResource = "ListTagsForResource"
// ListTagsForResourceRequest generates a "aws/request.Request" representing the
@@ -4960,92 +5499,180 @@ func (c *AppStream) UpdateDirectoryConfigWithContext(ctx aws.Context, input *Upd
return out, req.Send()
}
-const opUpdateFleet = "UpdateFleet"
+const opUpdateEntitlement = "UpdateEntitlement"
-// UpdateFleetRequest generates a "aws/request.Request" representing the
-// client's request for the UpdateFleet operation. The "output" return
+// UpdateEntitlementRequest generates a "aws/request.Request" representing the
+// client's request for the UpdateEntitlement operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See UpdateFleet for more information on using the UpdateFleet
+// See UpdateEntitlement for more information on using the UpdateEntitlement
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the UpdateFleetRequest method.
-// req, resp := client.UpdateFleetRequest(params)
+// // Example sending a request using the UpdateEntitlementRequest method.
+// req, resp := client.UpdateEntitlementRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/UpdateFleet
-func (c *AppStream) UpdateFleetRequest(input *UpdateFleetInput) (req *request.Request, output *UpdateFleetOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/UpdateEntitlement
+func (c *AppStream) UpdateEntitlementRequest(input *UpdateEntitlementInput) (req *request.Request, output *UpdateEntitlementOutput) {
op := &request.Operation{
- Name: opUpdateFleet,
+ Name: opUpdateEntitlement,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
- input = &UpdateFleetInput{}
+ input = &UpdateEntitlementInput{}
}
- output = &UpdateFleetOutput{}
+ output = &UpdateEntitlementOutput{}
req = c.newRequest(op, input, output)
return
}
-// UpdateFleet API operation for Amazon AppStream.
-//
-// Updates the specified fleet.
-//
-// If the fleet is in the STOPPED state, you can update any attribute except
-// the fleet name.
-//
-// If the fleet is in the RUNNING state, you can update the following based
-// on the fleet type:
-//
-// * Always-On and On-Demand fleet types You can update the DisplayName,
-// ComputeCapacity, ImageARN, ImageName, IdleDisconnectTimeoutInSeconds,
-// and DisconnectTimeoutInSeconds attributes.
+// UpdateEntitlement API operation for Amazon AppStream.
//
-// * Elastic fleet type You can update the DisplayName, IdleDisconnectTimeoutInSeconds,
-// DisconnectTimeoutInSeconds, MaxConcurrentSessions, and UsbDeviceFilterStrings
-// attributes.
-//
-// If the fleet is in the STARTING or STOPPED state, you can't update it.
+// Updates the specified entitlement.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Amazon AppStream's
-// API operation UpdateFleet for usage and error information.
+// API operation UpdateEntitlement for usage and error information.
//
// Returned Error Types:
-// * ResourceInUseException
-// The specified resource is in use.
+// * OperationNotPermittedException
+// The attempted operation is not permitted.
//
-// * LimitExceededException
-// The requested limit exceeds the permitted limit for an account.
+// * ResourceNotFoundException
+// The specified resource was not found.
//
-// * RequestLimitExceededException
-// AppStream 2.0 can’t process the request right now because the Describe
-// calls from your AWS account are being throttled by Amazon EC2. Try again
-// later.
+// * EntitlementNotFoundException
+// The entitlement can't be found.
//
-// * InvalidAccountStatusException
-// The resource cannot be created because your AWS account is suspended. For
-// assistance, contact AWS Support.
+// * ConcurrentModificationException
+// An API error occurred. Wait a few minutes and try again.
//
-// * InvalidRoleException
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/UpdateEntitlement
+func (c *AppStream) UpdateEntitlement(input *UpdateEntitlementInput) (*UpdateEntitlementOutput, error) {
+ req, out := c.UpdateEntitlementRequest(input)
+ return out, req.Send()
+}
+
+// UpdateEntitlementWithContext is the same as UpdateEntitlement with the addition of
+// the ability to pass a context and additional request options.
+//
+// See UpdateEntitlement for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *AppStream) UpdateEntitlementWithContext(ctx aws.Context, input *UpdateEntitlementInput, opts ...request.Option) (*UpdateEntitlementOutput, error) {
+ req, out := c.UpdateEntitlementRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opUpdateFleet = "UpdateFleet"
+
+// UpdateFleetRequest generates a "aws/request.Request" representing the
+// client's request for the UpdateFleet operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See UpdateFleet for more information on using the UpdateFleet
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the UpdateFleetRequest method.
+// req, resp := client.UpdateFleetRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/appstream-2016-12-01/UpdateFleet
+func (c *AppStream) UpdateFleetRequest(input *UpdateFleetInput) (req *request.Request, output *UpdateFleetOutput) {
+ op := &request.Operation{
+ Name: opUpdateFleet,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &UpdateFleetInput{}
+ }
+
+ output = &UpdateFleetOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// UpdateFleet API operation for Amazon AppStream.
+//
+// Updates the specified fleet.
+//
+// If the fleet is in the STOPPED state, you can update any attribute except
+// the fleet name.
+//
+// If the fleet is in the RUNNING state, you can update the following based
+// on the fleet type:
+//
+// * Always-On and On-Demand fleet types You can update the DisplayName,
+// ComputeCapacity, ImageARN, ImageName, IdleDisconnectTimeoutInSeconds,
+// and DisconnectTimeoutInSeconds attributes.
+//
+// * Elastic fleet type You can update the DisplayName, IdleDisconnectTimeoutInSeconds,
+// DisconnectTimeoutInSeconds, MaxConcurrentSessions, and UsbDeviceFilterStrings
+// attributes.
+//
+// If the fleet is in the STARTING or STOPPED state, you can't update it.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon AppStream's
+// API operation UpdateFleet for usage and error information.
+//
+// Returned Error Types:
+// * ResourceInUseException
+// The specified resource is in use.
+//
+// * LimitExceededException
+// The requested limit exceeds the permitted limit for an account.
+//
+// * RequestLimitExceededException
+// AppStream 2.0 can’t process the request right now because the Describe
+// calls from your AWS account are being throttled by Amazon EC2. Try again
+// later.
+//
+// * InvalidAccountStatusException
+// The resource cannot be created because your AWS account is suspended. For
+// assistance, contact AWS Support.
+//
+// * InvalidRoleException
// The specified role is invalid.
//
// * ResourceNotFoundException
@@ -5853,6 +6480,105 @@ func (s *AssociateApplicationFleetOutput) SetApplicationFleetAssociation(v *Appl
return s
}
+type AssociateApplicationToEntitlementInput struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier of the application.
+ //
+ // ApplicationIdentifier is a required field
+ ApplicationIdentifier *string `min:"1" type:"string" required:"true"`
+
+ // The name of the entitlement.
+ //
+ // EntitlementName is a required field
+ EntitlementName *string `type:"string" required:"true"`
+
+ // The name of the stack.
+ //
+ // StackName is a required field
+ StackName *string `type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AssociateApplicationToEntitlementInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AssociateApplicationToEntitlementInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *AssociateApplicationToEntitlementInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "AssociateApplicationToEntitlementInput"}
+ if s.ApplicationIdentifier == nil {
+ invalidParams.Add(request.NewErrParamRequired("ApplicationIdentifier"))
+ }
+ if s.ApplicationIdentifier != nil && len(*s.ApplicationIdentifier) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("ApplicationIdentifier", 1))
+ }
+ if s.EntitlementName == nil {
+ invalidParams.Add(request.NewErrParamRequired("EntitlementName"))
+ }
+ if s.StackName == nil {
+ invalidParams.Add(request.NewErrParamRequired("StackName"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetApplicationIdentifier sets the ApplicationIdentifier field's value.
+func (s *AssociateApplicationToEntitlementInput) SetApplicationIdentifier(v string) *AssociateApplicationToEntitlementInput {
+ s.ApplicationIdentifier = &v
+ return s
+}
+
+// SetEntitlementName sets the EntitlementName field's value.
+func (s *AssociateApplicationToEntitlementInput) SetEntitlementName(v string) *AssociateApplicationToEntitlementInput {
+ s.EntitlementName = &v
+ return s
+}
+
+// SetStackName sets the StackName field's value.
+func (s *AssociateApplicationToEntitlementInput) SetStackName(v string) *AssociateApplicationToEntitlementInput {
+ s.StackName = &v
+ return s
+}
+
+type AssociateApplicationToEntitlementOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AssociateApplicationToEntitlementOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AssociateApplicationToEntitlementOutput) GoString() string {
+ return s.String()
+}
+
type AssociateFleetInput struct {
_ struct{} `type:"structure"`
@@ -6876,88 +7602,229 @@ func (s *CreateDirectoryConfigOutput) SetDirectoryConfig(v *DirectoryConfig) *Cr
return s
}
-type CreateFleetInput struct {
+type CreateEntitlementInput struct {
_ struct{} `type:"structure"`
- // The desired capacity for the fleet. This is not allowed for Elastic fleets.
- // For Elastic fleets, specify MaxConcurrentSessions instead.
- ComputeCapacity *ComputeCapacity `type:"structure"`
-
- // The description to display.
- Description *string `type:"string"`
-
- // The amount of time that a streaming session remains active after users disconnect.
- // If users try to reconnect to the streaming session after a disconnection
- // or network interruption within this time interval, they are connected to
- // their previous session. Otherwise, they are connected to a new session with
- // a new streaming instance.
+ // Specifies whether all or selected apps are entitled.
//
- // Specify a value between 60 and 360000.
- DisconnectTimeoutInSeconds *int64 `type:"integer"`
-
- // The fleet name to display.
- DisplayName *string `type:"string"`
+ // AppVisibility is a required field
+ AppVisibility *string `type:"string" required:"true" enum:"AppVisibility"`
- // The name of the directory and organizational unit (OU) to use to join the
- // fleet to a Microsoft Active Directory domain. This is not allowed for Elastic
- // fleets.
- DomainJoinInfo *DomainJoinInfo `type:"structure"`
+ // The attributes of the entitlement.
+ //
+ // Attributes is a required field
+ Attributes []*EntitlementAttribute `min:"1" type:"list" required:"true"`
- // Enables or disables default internet access for the fleet.
- EnableDefaultInternetAccess *bool `type:"boolean"`
+ // The description of the entitlement.
+ Description *string `type:"string"`
- // The fleet type.
- //
- // ALWAYS_ON
- //
- // Provides users with instant-on access to their apps. You are charged for
- // all running instances in your fleet, even if no users are streaming apps.
+ // The name of the entitlement.
//
- // ON_DEMAND
- //
- // Provide users with access to applications after they connect, which takes
- // one to two minutes. You are charged for instance streaming when users are
- // connected and a small hourly fee for instances that are not streaming apps.
- FleetType *string `type:"string" enum:"FleetType"`
+ // Name is a required field
+ Name *string `type:"string" required:"true"`
- // The Amazon Resource Name (ARN) of the IAM role to apply to the fleet. To
- // assume a role, a fleet instance calls the AWS Security Token Service (STS)
- // AssumeRole API operation and passes the ARN of the role to use. The operation
- // creates a new session with temporary credentials. AppStream 2.0 retrieves
- // the temporary credentials and creates the appstream_machine_role credential
- // profile on the instance.
+ // The name of the stack with which the entitlement is associated.
//
- // For more information, see Using an IAM Role to Grant Permissions to Applications
- // and Scripts Running on AppStream 2.0 Streaming Instances (https://docs.aws.amazon.com/appstream2/latest/developerguide/using-iam-roles-to-grant-permissions-to-applications-scripts-streaming-instances.html)
- // in the Amazon AppStream 2.0 Administration Guide.
- IamRoleArn *string `type:"string"`
+ // StackName is a required field
+ StackName *string `type:"string" required:"true"`
+}
- // The amount of time that users can be idle (inactive) before they are disconnected
- // from their streaming session and the DisconnectTimeoutInSeconds time interval
- // begins. Users are notified before they are disconnected due to inactivity.
- // If they try to reconnect to the streaming session before the time interval
- // specified in DisconnectTimeoutInSeconds elapses, they are connected to their
- // previous session. Users are considered idle when they stop providing keyboard
- // or mouse input during their streaming session. File uploads and downloads,
- // audio in, audio out, and pixels changing do not qualify as user activity.
- // If users continue to be idle after the time interval in IdleDisconnectTimeoutInSeconds
- // elapses, they are disconnected.
- //
- // To prevent users from being disconnected due to inactivity, specify a value
- // of 0. Otherwise, specify a value between 60 and 3600. The default value is
- // 0.
- //
- // If you enable this feature, we recommend that you specify a value that corresponds
- // exactly to a whole number of minutes (for example, 60, 120, and 180). If
- // you don't do this, the value is rounded to the nearest minute. For example,
- // if you specify a value of 70, users are disconnected after 1 minute of inactivity.
- // If you specify a value that is at the midpoint between two different minutes,
- // the value is rounded up. For example, if you specify a value of 90, users
- // are disconnected after 2 minutes of inactivity.
- IdleDisconnectTimeoutInSeconds *int64 `type:"integer"`
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CreateEntitlementInput) String() string {
+ return awsutil.Prettify(s)
+}
- // The ARN of the public, private, or shared image to use.
- ImageArn *string `type:"string"`
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CreateEntitlementInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *CreateEntitlementInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "CreateEntitlementInput"}
+ if s.AppVisibility == nil {
+ invalidParams.Add(request.NewErrParamRequired("AppVisibility"))
+ }
+ if s.Attributes == nil {
+ invalidParams.Add(request.NewErrParamRequired("Attributes"))
+ }
+ if s.Attributes != nil && len(s.Attributes) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Attributes", 1))
+ }
+ if s.Name == nil {
+ invalidParams.Add(request.NewErrParamRequired("Name"))
+ }
+ if s.StackName == nil {
+ invalidParams.Add(request.NewErrParamRequired("StackName"))
+ }
+ if s.Attributes != nil {
+ for i, v := range s.Attributes {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Attributes", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAppVisibility sets the AppVisibility field's value.
+func (s *CreateEntitlementInput) SetAppVisibility(v string) *CreateEntitlementInput {
+ s.AppVisibility = &v
+ return s
+}
+
+// SetAttributes sets the Attributes field's value.
+func (s *CreateEntitlementInput) SetAttributes(v []*EntitlementAttribute) *CreateEntitlementInput {
+ s.Attributes = v
+ return s
+}
+
+// SetDescription sets the Description field's value.
+func (s *CreateEntitlementInput) SetDescription(v string) *CreateEntitlementInput {
+ s.Description = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *CreateEntitlementInput) SetName(v string) *CreateEntitlementInput {
+ s.Name = &v
+ return s
+}
+
+// SetStackName sets the StackName field's value.
+func (s *CreateEntitlementInput) SetStackName(v string) *CreateEntitlementInput {
+ s.StackName = &v
+ return s
+}
+
+type CreateEntitlementOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The entitlement.
+ Entitlement *Entitlement `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CreateEntitlementOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CreateEntitlementOutput) GoString() string {
+ return s.String()
+}
+
+// SetEntitlement sets the Entitlement field's value.
+func (s *CreateEntitlementOutput) SetEntitlement(v *Entitlement) *CreateEntitlementOutput {
+ s.Entitlement = v
+ return s
+}
+
+type CreateFleetInput struct {
+ _ struct{} `type:"structure"`
+
+ // The desired capacity for the fleet. This is not allowed for Elastic fleets.
+ // For Elastic fleets, specify MaxConcurrentSessions instead.
+ ComputeCapacity *ComputeCapacity `type:"structure"`
+
+ // The description to display.
+ Description *string `type:"string"`
+
+ // The amount of time that a streaming session remains active after users disconnect.
+ // If users try to reconnect to the streaming session after a disconnection
+ // or network interruption within this time interval, they are connected to
+ // their previous session. Otherwise, they are connected to a new session with
+ // a new streaming instance.
+ //
+ // Specify a value between 60 and 360000.
+ DisconnectTimeoutInSeconds *int64 `type:"integer"`
+
+ // The fleet name to display.
+ DisplayName *string `type:"string"`
+
+ // The name of the directory and organizational unit (OU) to use to join the
+ // fleet to a Microsoft Active Directory domain. This is not allowed for Elastic
+ // fleets.
+ DomainJoinInfo *DomainJoinInfo `type:"structure"`
+
+ // Enables or disables default internet access for the fleet.
+ EnableDefaultInternetAccess *bool `type:"boolean"`
+
+ // The fleet type.
+ //
+ // ALWAYS_ON
+ //
+ // Provides users with instant-on access to their apps. You are charged for
+ // all running instances in your fleet, even if no users are streaming apps.
+ //
+ // ON_DEMAND
+ //
+ // Provide users with access to applications after they connect, which takes
+ // one to two minutes. You are charged for instance streaming when users are
+ // connected and a small hourly fee for instances that are not streaming apps.
+ FleetType *string `type:"string" enum:"FleetType"`
+
+ // The Amazon Resource Name (ARN) of the IAM role to apply to the fleet. To
+ // assume a role, a fleet instance calls the AWS Security Token Service (STS)
+ // AssumeRole API operation and passes the ARN of the role to use. The operation
+ // creates a new session with temporary credentials. AppStream 2.0 retrieves
+ // the temporary credentials and creates the appstream_machine_role credential
+ // profile on the instance.
+ //
+ // For more information, see Using an IAM Role to Grant Permissions to Applications
+ // and Scripts Running on AppStream 2.0 Streaming Instances (https://docs.aws.amazon.com/appstream2/latest/developerguide/using-iam-roles-to-grant-permissions-to-applications-scripts-streaming-instances.html)
+ // in the Amazon AppStream 2.0 Administration Guide.
+ IamRoleArn *string `type:"string"`
+
+ // The amount of time that users can be idle (inactive) before they are disconnected
+ // from their streaming session and the DisconnectTimeoutInSeconds time interval
+ // begins. Users are notified before they are disconnected due to inactivity.
+ // If they try to reconnect to the streaming session before the time interval
+ // specified in DisconnectTimeoutInSeconds elapses, they are connected to their
+ // previous session. Users are considered idle when they stop providing keyboard
+ // or mouse input during their streaming session. File uploads and downloads,
+ // audio in, audio out, and pixels changing do not qualify as user activity.
+ // If users continue to be idle after the time interval in IdleDisconnectTimeoutInSeconds
+ // elapses, they are disconnected.
+ //
+ // To prevent users from being disconnected due to inactivity, specify a value
+ // of 0. Otherwise, specify a value between 60 and 3600. The default value is
+ // 0.
+ //
+ // If you enable this feature, we recommend that you specify a value that corresponds
+ // exactly to a whole number of minutes (for example, 60, 120, and 180). If
+ // you don't do this, the value is rounded to the nearest minute. For example,
+ // if you specify a value of 70, users are disconnected after 1 minute of inactivity.
+ // If you specify a value that is at the midpoint between two different minutes,
+ // the value is rounded up. For example, if you specify a value of 90, users
+ // are disconnected after 2 minutes of inactivity.
+ IdleDisconnectTimeoutInSeconds *int64 `type:"integer"`
+
+ // The ARN of the public, private, or shared image to use.
+ ImageArn *string `type:"string"`
// The name of the image used to create the fleet.
ImageName *string `min:"1" type:"string"`
@@ -8659,6 +9526,88 @@ func (s DeleteDirectoryConfigOutput) GoString() string {
return s.String()
}
+type DeleteEntitlementInput struct {
+ _ struct{} `type:"structure"`
+
+ // The name of the entitlement.
+ //
+ // Name is a required field
+ Name *string `type:"string" required:"true"`
+
+ // The name of the stack with which the entitlement is associated.
+ //
+ // StackName is a required field
+ StackName *string `type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DeleteEntitlementInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DeleteEntitlementInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DeleteEntitlementInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DeleteEntitlementInput"}
+ if s.Name == nil {
+ invalidParams.Add(request.NewErrParamRequired("Name"))
+ }
+ if s.StackName == nil {
+ invalidParams.Add(request.NewErrParamRequired("StackName"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetName sets the Name field's value.
+func (s *DeleteEntitlementInput) SetName(v string) *DeleteEntitlementInput {
+ s.Name = &v
+ return s
+}
+
+// SetStackName sets the StackName field's value.
+func (s *DeleteEntitlementInput) SetStackName(v string) *DeleteEntitlementInput {
+ s.StackName = &v
+ return s
+}
+
+type DeleteEntitlementOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DeleteEntitlementOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DeleteEntitlementOutput) GoString() string {
+ return s.String()
+}
+
type DeleteFleetInput struct {
_ struct{} `type:"structure"`
@@ -9593,15 +10542,22 @@ func (s *DescribeDirectoryConfigsOutput) SetNextToken(v string) *DescribeDirecto
return s
}
-type DescribeFleetsInput struct {
+type DescribeEntitlementsInput struct {
_ struct{} `type:"structure"`
- // The names of the fleets to describe.
- Names []*string `type:"list"`
+ // The maximum size of each page of results.
+ MaxResults *int64 `type:"integer"`
- // The pagination token to use to retrieve the next page of results for this
- // operation. If this value is null, it retrieves the first page.
+ // The name of the entitlement.
+ Name *string `type:"string"`
+
+ // The pagination token used to retrieve the next page of results for this operation.
NextToken *string `min:"1" type:"string"`
+
+ // The name of the stack with which the entitlement is associated.
+ //
+ // StackName is a required field
+ StackName *string `type:"string" required:"true"`
}
// String returns the string representation.
@@ -9609,7 +10565,7 @@ type DescribeFleetsInput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DescribeFleetsInput) String() string {
+func (s DescribeEntitlementsInput) String() string {
return awsutil.Prettify(s)
}
@@ -9618,16 +10574,19 @@ func (s DescribeFleetsInput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DescribeFleetsInput) GoString() string {
+func (s DescribeEntitlementsInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
-func (s *DescribeFleetsInput) Validate() error {
- invalidParams := request.ErrInvalidParams{Context: "DescribeFleetsInput"}
+func (s *DescribeEntitlementsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DescribeEntitlementsInput"}
if s.NextToken != nil && len(*s.NextToken) < 1 {
invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
}
+ if s.StackName == nil {
+ invalidParams.Add(request.NewErrParamRequired("StackName"))
+ }
if invalidParams.Len() > 0 {
return invalidParams
@@ -9635,16 +10594,122 @@ func (s *DescribeFleetsInput) Validate() error {
return nil
}
-// SetNames sets the Names field's value.
-func (s *DescribeFleetsInput) SetNames(v []*string) *DescribeFleetsInput {
- s.Names = v
+// SetMaxResults sets the MaxResults field's value.
+func (s *DescribeEntitlementsInput) SetMaxResults(v int64) *DescribeEntitlementsInput {
+ s.MaxResults = &v
return s
}
-// SetNextToken sets the NextToken field's value.
-func (s *DescribeFleetsInput) SetNextToken(v string) *DescribeFleetsInput {
- s.NextToken = &v
- return s
+// SetName sets the Name field's value.
+func (s *DescribeEntitlementsInput) SetName(v string) *DescribeEntitlementsInput {
+ s.Name = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *DescribeEntitlementsInput) SetNextToken(v string) *DescribeEntitlementsInput {
+ s.NextToken = &v
+ return s
+}
+
+// SetStackName sets the StackName field's value.
+func (s *DescribeEntitlementsInput) SetStackName(v string) *DescribeEntitlementsInput {
+ s.StackName = &v
+ return s
+}
+
+type DescribeEntitlementsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The entitlements.
+ Entitlements []*Entitlement `type:"list"`
+
+ // The pagination token used to retrieve the next page of results for this operation.
+ NextToken *string `min:"1" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DescribeEntitlementsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DescribeEntitlementsOutput) GoString() string {
+ return s.String()
+}
+
+// SetEntitlements sets the Entitlements field's value.
+func (s *DescribeEntitlementsOutput) SetEntitlements(v []*Entitlement) *DescribeEntitlementsOutput {
+ s.Entitlements = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *DescribeEntitlementsOutput) SetNextToken(v string) *DescribeEntitlementsOutput {
+ s.NextToken = &v
+ return s
+}
+
+type DescribeFleetsInput struct {
+ _ struct{} `type:"structure"`
+
+ // The names of the fleets to describe.
+ Names []*string `type:"list"`
+
+ // The pagination token to use to retrieve the next page of results for this
+ // operation. If this value is null, it retrieves the first page.
+ NextToken *string `min:"1" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DescribeFleetsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DescribeFleetsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DescribeFleetsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DescribeFleetsInput"}
+ if s.NextToken != nil && len(*s.NextToken) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetNames sets the Names field's value.
+func (s *DescribeFleetsInput) SetNames(v []*string) *DescribeFleetsInput {
+ s.Names = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *DescribeFleetsInput) SetNextToken(v string) *DescribeFleetsInput {
+ s.NextToken = &v
+ return s
}
type DescribeFleetsOutput struct {
@@ -10871,6 +11936,105 @@ func (s DisassociateApplicationFleetOutput) GoString() string {
return s.String()
}
+type DisassociateApplicationFromEntitlementInput struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier of the application to remove from the entitlement.
+ //
+ // ApplicationIdentifier is a required field
+ ApplicationIdentifier *string `min:"1" type:"string" required:"true"`
+
+ // The name of the entitlement.
+ //
+ // EntitlementName is a required field
+ EntitlementName *string `type:"string" required:"true"`
+
+ // The name of the stack with which the entitlement is associated.
+ //
+ // StackName is a required field
+ StackName *string `type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DisassociateApplicationFromEntitlementInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DisassociateApplicationFromEntitlementInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DisassociateApplicationFromEntitlementInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DisassociateApplicationFromEntitlementInput"}
+ if s.ApplicationIdentifier == nil {
+ invalidParams.Add(request.NewErrParamRequired("ApplicationIdentifier"))
+ }
+ if s.ApplicationIdentifier != nil && len(*s.ApplicationIdentifier) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("ApplicationIdentifier", 1))
+ }
+ if s.EntitlementName == nil {
+ invalidParams.Add(request.NewErrParamRequired("EntitlementName"))
+ }
+ if s.StackName == nil {
+ invalidParams.Add(request.NewErrParamRequired("StackName"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetApplicationIdentifier sets the ApplicationIdentifier field's value.
+func (s *DisassociateApplicationFromEntitlementInput) SetApplicationIdentifier(v string) *DisassociateApplicationFromEntitlementInput {
+ s.ApplicationIdentifier = &v
+ return s
+}
+
+// SetEntitlementName sets the EntitlementName field's value.
+func (s *DisassociateApplicationFromEntitlementInput) SetEntitlementName(v string) *DisassociateApplicationFromEntitlementInput {
+ s.EntitlementName = &v
+ return s
+}
+
+// SetStackName sets the StackName field's value.
+func (s *DisassociateApplicationFromEntitlementInput) SetStackName(v string) *DisassociateApplicationFromEntitlementInput {
+ s.StackName = &v
+ return s
+}
+
+type DisassociateApplicationFromEntitlementOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DisassociateApplicationFromEntitlementOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DisassociateApplicationFromEntitlementOutput) GoString() string {
+ return s.String()
+}
+
type DisassociateFleetInput struct {
_ struct{} `type:"structure"`
@@ -11048,11 +12212,319 @@ func (s *EnableUserInput) Validate() error {
if s.AuthenticationType == nil {
invalidParams.Add(request.NewErrParamRequired("AuthenticationType"))
}
- if s.UserName == nil {
- invalidParams.Add(request.NewErrParamRequired("UserName"))
+ if s.UserName == nil {
+ invalidParams.Add(request.NewErrParamRequired("UserName"))
+ }
+ if s.UserName != nil && len(*s.UserName) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAuthenticationType sets the AuthenticationType field's value.
+func (s *EnableUserInput) SetAuthenticationType(v string) *EnableUserInput {
+ s.AuthenticationType = &v
+ return s
+}
+
+// SetUserName sets the UserName field's value.
+func (s *EnableUserInput) SetUserName(v string) *EnableUserInput {
+ s.UserName = &v
+ return s
+}
+
+type EnableUserOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s EnableUserOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s EnableUserOutput) GoString() string {
+ return s.String()
+}
+
+// The application associated to an entitlement. Access is controlled based
+// on user attributes.
+type EntitledApplication struct {
+ _ struct{} `type:"structure"`
+
+ // The identifier of the application.
+ //
+ // ApplicationIdentifier is a required field
+ ApplicationIdentifier *string `min:"1" type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s EntitledApplication) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s EntitledApplication) GoString() string {
+ return s.String()
+}
+
+// SetApplicationIdentifier sets the ApplicationIdentifier field's value.
+func (s *EntitledApplication) SetApplicationIdentifier(v string) *EntitledApplication {
+ s.ApplicationIdentifier = &v
+ return s
+}
+
+// Specifies an entitlement. Entitlements control access to specific applications
+// within a stack, based on user attributes. Entitlements apply to SAML 2.0
+// federated user identities. Amazon AppStream 2.0 user pool and streaming URL
+// users are entitled to all applications in a stack. Entitlements don't apply
+// to the desktop stream view application, or to applications managed by a dynamic
+// app provider using the Dynamic Application Framework.
+type Entitlement struct {
+ _ struct{} `type:"structure"`
+
+ // Specifies whether all or selected apps are entitled.
+ //
+ // AppVisibility is a required field
+ AppVisibility *string `type:"string" required:"true" enum:"AppVisibility"`
+
+ // The attributes of the entitlement.
+ //
+ // Attributes is a required field
+ Attributes []*EntitlementAttribute `min:"1" type:"list" required:"true"`
+
+ // The time when the entitlement was created.
+ CreatedTime *time.Time `type:"timestamp"`
+
+ // The description of the entitlement.
+ Description *string `type:"string"`
+
+ // The time when the entitlement was last modified.
+ LastModifiedTime *time.Time `type:"timestamp"`
+
+ // The name of the entitlement.
+ //
+ // Name is a required field
+ Name *string `type:"string" required:"true"`
+
+ // The name of the stack with which the entitlement is associated.
+ //
+ // StackName is a required field
+ StackName *string `type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s Entitlement) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s Entitlement) GoString() string {
+ return s.String()
+}
+
+// SetAppVisibility sets the AppVisibility field's value.
+func (s *Entitlement) SetAppVisibility(v string) *Entitlement {
+ s.AppVisibility = &v
+ return s
+}
+
+// SetAttributes sets the Attributes field's value.
+func (s *Entitlement) SetAttributes(v []*EntitlementAttribute) *Entitlement {
+ s.Attributes = v
+ return s
+}
+
+// SetCreatedTime sets the CreatedTime field's value.
+func (s *Entitlement) SetCreatedTime(v time.Time) *Entitlement {
+ s.CreatedTime = &v
+ return s
+}
+
+// SetDescription sets the Description field's value.
+func (s *Entitlement) SetDescription(v string) *Entitlement {
+ s.Description = &v
+ return s
+}
+
+// SetLastModifiedTime sets the LastModifiedTime field's value.
+func (s *Entitlement) SetLastModifiedTime(v time.Time) *Entitlement {
+ s.LastModifiedTime = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *Entitlement) SetName(v string) *Entitlement {
+ s.Name = &v
+ return s
+}
+
+// SetStackName sets the StackName field's value.
+func (s *Entitlement) SetStackName(v string) *Entitlement {
+ s.StackName = &v
+ return s
+}
+
+// The entitlement already exists.
+type EntitlementAlreadyExistsException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ // The error message in the exception.
+ Message_ *string `locationName:"Message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s EntitlementAlreadyExistsException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s EntitlementAlreadyExistsException) GoString() string {
+ return s.String()
+}
+
+func newErrorEntitlementAlreadyExistsException(v protocol.ResponseMetadata) error {
+ return &EntitlementAlreadyExistsException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *EntitlementAlreadyExistsException) Code() string {
+ return "EntitlementAlreadyExistsException"
+}
+
+// Message returns the exception's message.
+func (s *EntitlementAlreadyExistsException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *EntitlementAlreadyExistsException) OrigErr() error {
+ return nil
+}
+
+func (s *EntitlementAlreadyExistsException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *EntitlementAlreadyExistsException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *EntitlementAlreadyExistsException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// An attribute associated with an entitlement. Application entitlements work
+// by matching a supported SAML 2.0 attribute name to a value when a user identity
+// federates to an Amazon AppStream 2.0 SAML application.
+type EntitlementAttribute struct {
+ _ struct{} `type:"structure"`
+
+ // A supported AWS IAM SAML PrincipalTag attribute that is matched to the associated
+ // value when a user identity federates into an Amazon AppStream 2.0 SAML application.
+ //
+ // The following are valid values:
+ //
+ // * roles
+ //
+ // * department
+ //
+ // * organization
+ //
+ // * groups
+ //
+ // * title
+ //
+ // * costCenter
+ //
+ // * userType
+ //
+ // Name is a required field
+ Name *string `min:"1" type:"string" required:"true"`
+
+ // A value that is matched to a supported SAML attribute name when a user identity
+ // federates into an Amazon AppStream 2.0 SAML application.
+ //
+ // Value is a required field
+ Value *string `min:"1" type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s EntitlementAttribute) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s EntitlementAttribute) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *EntitlementAttribute) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "EntitlementAttribute"}
+ if s.Name == nil {
+ invalidParams.Add(request.NewErrParamRequired("Name"))
+ }
+ if s.Name != nil && len(*s.Name) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Name", 1))
}
- if s.UserName != nil && len(*s.UserName) < 1 {
- invalidParams.Add(request.NewErrParamMinLen("UserName", 1))
+ if s.Value == nil {
+ invalidParams.Add(request.NewErrParamRequired("Value"))
+ }
+ if s.Value != nil && len(*s.Value) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Value", 1))
}
if invalidParams.Len() > 0 {
@@ -11061,20 +12533,25 @@ func (s *EnableUserInput) Validate() error {
return nil
}
-// SetAuthenticationType sets the AuthenticationType field's value.
-func (s *EnableUserInput) SetAuthenticationType(v string) *EnableUserInput {
- s.AuthenticationType = &v
+// SetName sets the Name field's value.
+func (s *EntitlementAttribute) SetName(v string) *EntitlementAttribute {
+ s.Name = &v
return s
}
-// SetUserName sets the UserName field's value.
-func (s *EnableUserInput) SetUserName(v string) *EnableUserInput {
- s.UserName = &v
+// SetValue sets the Value field's value.
+func (s *EntitlementAttribute) SetValue(v string) *EntitlementAttribute {
+ s.Value = &v
return s
}
-type EnableUserOutput struct {
- _ struct{} `type:"structure"`
+// The entitlement can't be found.
+type EntitlementNotFoundException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ // The error message in the exception.
+ Message_ *string `locationName:"Message" type:"string"`
}
// String returns the string representation.
@@ -11082,7 +12559,7 @@ type EnableUserOutput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s EnableUserOutput) String() string {
+func (s EntitlementNotFoundException) String() string {
return awsutil.Prettify(s)
}
@@ -11091,10 +12568,48 @@ func (s EnableUserOutput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s EnableUserOutput) GoString() string {
+func (s EntitlementNotFoundException) GoString() string {
return s.String()
}
+func newErrorEntitlementNotFoundException(v protocol.ResponseMetadata) error {
+ return &EntitlementNotFoundException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *EntitlementNotFoundException) Code() string {
+ return "EntitlementNotFoundException"
+}
+
+// Message returns the exception's message.
+func (s *EntitlementNotFoundException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *EntitlementNotFoundException) OrigErr() error {
+ return nil
+}
+
+func (s *EntitlementNotFoundException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *EntitlementNotFoundException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *EntitlementNotFoundException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
type ExpireSessionInput struct {
_ struct{} `type:"structure"`
@@ -12720,6 +14235,127 @@ func (s *ListAssociatedStacksOutput) SetNextToken(v string) *ListAssociatedStack
return s
}
+type ListEntitledApplicationsInput struct {
+ _ struct{} `type:"structure"`
+
+ // The name of the entitlement.
+ //
+ // EntitlementName is a required field
+ EntitlementName *string `type:"string" required:"true"`
+
+ // The maximum size of each page of results.
+ MaxResults *int64 `type:"integer"`
+
+ // The pagination token used to retrieve the next page of results for this operation.
+ NextToken *string `min:"1" type:"string"`
+
+ // The name of the stack with which the entitlement is associated.
+ //
+ // StackName is a required field
+ StackName *string `type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListEntitledApplicationsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListEntitledApplicationsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListEntitledApplicationsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListEntitledApplicationsInput"}
+ if s.EntitlementName == nil {
+ invalidParams.Add(request.NewErrParamRequired("EntitlementName"))
+ }
+ if s.NextToken != nil && len(*s.NextToken) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
+ }
+ if s.StackName == nil {
+ invalidParams.Add(request.NewErrParamRequired("StackName"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetEntitlementName sets the EntitlementName field's value.
+func (s *ListEntitledApplicationsInput) SetEntitlementName(v string) *ListEntitledApplicationsInput {
+ s.EntitlementName = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListEntitledApplicationsInput) SetMaxResults(v int64) *ListEntitledApplicationsInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListEntitledApplicationsInput) SetNextToken(v string) *ListEntitledApplicationsInput {
+ s.NextToken = &v
+ return s
+}
+
+// SetStackName sets the StackName field's value.
+func (s *ListEntitledApplicationsInput) SetStackName(v string) *ListEntitledApplicationsInput {
+ s.StackName = &v
+ return s
+}
+
+type ListEntitledApplicationsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The entitled applications.
+ EntitledApplications []*EntitledApplication `type:"list"`
+
+ // The pagination token used to retrieve the next page of results for this operation.
+ NextToken *string `min:"1" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListEntitledApplicationsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListEntitledApplicationsOutput) GoString() string {
+ return s.String()
+}
+
+// SetEntitledApplications sets the EntitledApplications field's value.
+func (s *ListEntitledApplicationsOutput) SetEntitledApplications(v []*EntitledApplication) *ListEntitledApplicationsOutput {
+ s.EntitledApplications = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListEntitledApplicationsOutput) SetNextToken(v string) *ListEntitledApplicationsOutput {
+ s.NextToken = &v
+ return s
+}
+
type ListTagsForResourceInput struct {
_ struct{} `type:"structure"`
@@ -14714,6 +16350,137 @@ func (s *UpdateDirectoryConfigOutput) SetDirectoryConfig(v *DirectoryConfig) *Up
return s
}
+type UpdateEntitlementInput struct {
+ _ struct{} `type:"structure"`
+
+ // Specifies whether all or only selected apps are entitled.
+ AppVisibility *string `type:"string" enum:"AppVisibility"`
+
+ // The attributes of the entitlement.
+ Attributes []*EntitlementAttribute `min:"1" type:"list"`
+
+ // The description of the entitlement.
+ Description *string `type:"string"`
+
+ // The name of the entitlement.
+ //
+ // Name is a required field
+ Name *string `type:"string" required:"true"`
+
+ // The name of the stack with which the entitlement is associated.
+ //
+ // StackName is a required field
+ StackName *string `type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s UpdateEntitlementInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s UpdateEntitlementInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *UpdateEntitlementInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "UpdateEntitlementInput"}
+ if s.Attributes != nil && len(s.Attributes) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Attributes", 1))
+ }
+ if s.Name == nil {
+ invalidParams.Add(request.NewErrParamRequired("Name"))
+ }
+ if s.StackName == nil {
+ invalidParams.Add(request.NewErrParamRequired("StackName"))
+ }
+ if s.Attributes != nil {
+ for i, v := range s.Attributes {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Attributes", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAppVisibility sets the AppVisibility field's value.
+func (s *UpdateEntitlementInput) SetAppVisibility(v string) *UpdateEntitlementInput {
+ s.AppVisibility = &v
+ return s
+}
+
+// SetAttributes sets the Attributes field's value.
+func (s *UpdateEntitlementInput) SetAttributes(v []*EntitlementAttribute) *UpdateEntitlementInput {
+ s.Attributes = v
+ return s
+}
+
+// SetDescription sets the Description field's value.
+func (s *UpdateEntitlementInput) SetDescription(v string) *UpdateEntitlementInput {
+ s.Description = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *UpdateEntitlementInput) SetName(v string) *UpdateEntitlementInput {
+ s.Name = &v
+ return s
+}
+
+// SetStackName sets the StackName field's value.
+func (s *UpdateEntitlementInput) SetStackName(v string) *UpdateEntitlementInput {
+ s.StackName = &v
+ return s
+}
+
+type UpdateEntitlementOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The entitlement.
+ Entitlement *Entitlement `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s UpdateEntitlementOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s UpdateEntitlementOutput) GoString() string {
+ return s.String()
+}
+
+// SetEntitlement sets the Entitlement field's value.
+func (s *UpdateEntitlementOutput) SetEntitlement(v *Entitlement) *UpdateEntitlementOutput {
+ s.Entitlement = v
+ return s
+}
+
type UpdateFleetInput struct {
_ struct{} `type:"structure"`
@@ -15919,6 +17686,22 @@ func Action_Values() []string {
}
}
+const (
+ // AppVisibilityAll is a AppVisibility enum value
+ AppVisibilityAll = "ALL"
+
+ // AppVisibilityAssociated is a AppVisibility enum value
+ AppVisibilityAssociated = "ASSOCIATED"
+)
+
+// AppVisibility_Values returns all elements of the AppVisibility enum
+func AppVisibility_Values() []string {
+ return []string{
+ AppVisibilityAll,
+ AppVisibilityAssociated,
+ }
+}
+
const (
// ApplicationAttributeLaunchParameters is a ApplicationAttribute enum value
ApplicationAttributeLaunchParameters = "LAUNCH_PARAMETERS"
diff --git a/service/appstream/appstreamiface/interface.go b/service/appstream/appstreamiface/interface.go
index 37e1f000b7d..0508bf11f32 100644
--- a/service/appstream/appstreamiface/interface.go
+++ b/service/appstream/appstreamiface/interface.go
@@ -64,6 +64,10 @@ type AppStreamAPI interface {
AssociateApplicationFleetWithContext(aws.Context, *appstream.AssociateApplicationFleetInput, ...request.Option) (*appstream.AssociateApplicationFleetOutput, error)
AssociateApplicationFleetRequest(*appstream.AssociateApplicationFleetInput) (*request.Request, *appstream.AssociateApplicationFleetOutput)
+ AssociateApplicationToEntitlement(*appstream.AssociateApplicationToEntitlementInput) (*appstream.AssociateApplicationToEntitlementOutput, error)
+ AssociateApplicationToEntitlementWithContext(aws.Context, *appstream.AssociateApplicationToEntitlementInput, ...request.Option) (*appstream.AssociateApplicationToEntitlementOutput, error)
+ AssociateApplicationToEntitlementRequest(*appstream.AssociateApplicationToEntitlementInput) (*request.Request, *appstream.AssociateApplicationToEntitlementOutput)
+
AssociateFleet(*appstream.AssociateFleetInput) (*appstream.AssociateFleetOutput, error)
AssociateFleetWithContext(aws.Context, *appstream.AssociateFleetInput, ...request.Option) (*appstream.AssociateFleetOutput, error)
AssociateFleetRequest(*appstream.AssociateFleetInput) (*request.Request, *appstream.AssociateFleetOutput)
@@ -92,6 +96,10 @@ type AppStreamAPI interface {
CreateDirectoryConfigWithContext(aws.Context, *appstream.CreateDirectoryConfigInput, ...request.Option) (*appstream.CreateDirectoryConfigOutput, error)
CreateDirectoryConfigRequest(*appstream.CreateDirectoryConfigInput) (*request.Request, *appstream.CreateDirectoryConfigOutput)
+ CreateEntitlement(*appstream.CreateEntitlementInput) (*appstream.CreateEntitlementOutput, error)
+ CreateEntitlementWithContext(aws.Context, *appstream.CreateEntitlementInput, ...request.Option) (*appstream.CreateEntitlementOutput, error)
+ CreateEntitlementRequest(*appstream.CreateEntitlementInput) (*request.Request, *appstream.CreateEntitlementOutput)
+
CreateFleet(*appstream.CreateFleetInput) (*appstream.CreateFleetOutput, error)
CreateFleetWithContext(aws.Context, *appstream.CreateFleetInput, ...request.Option) (*appstream.CreateFleetOutput, error)
CreateFleetRequest(*appstream.CreateFleetInput) (*request.Request, *appstream.CreateFleetOutput)
@@ -136,6 +144,10 @@ type AppStreamAPI interface {
DeleteDirectoryConfigWithContext(aws.Context, *appstream.DeleteDirectoryConfigInput, ...request.Option) (*appstream.DeleteDirectoryConfigOutput, error)
DeleteDirectoryConfigRequest(*appstream.DeleteDirectoryConfigInput) (*request.Request, *appstream.DeleteDirectoryConfigOutput)
+ DeleteEntitlement(*appstream.DeleteEntitlementInput) (*appstream.DeleteEntitlementOutput, error)
+ DeleteEntitlementWithContext(aws.Context, *appstream.DeleteEntitlementInput, ...request.Option) (*appstream.DeleteEntitlementOutput, error)
+ DeleteEntitlementRequest(*appstream.DeleteEntitlementInput) (*request.Request, *appstream.DeleteEntitlementOutput)
+
DeleteFleet(*appstream.DeleteFleetInput) (*appstream.DeleteFleetOutput, error)
DeleteFleetWithContext(aws.Context, *appstream.DeleteFleetInput, ...request.Option) (*appstream.DeleteFleetOutput, error)
DeleteFleetRequest(*appstream.DeleteFleetInput) (*request.Request, *appstream.DeleteFleetOutput)
@@ -180,6 +192,10 @@ type AppStreamAPI interface {
DescribeDirectoryConfigsWithContext(aws.Context, *appstream.DescribeDirectoryConfigsInput, ...request.Option) (*appstream.DescribeDirectoryConfigsOutput, error)
DescribeDirectoryConfigsRequest(*appstream.DescribeDirectoryConfigsInput) (*request.Request, *appstream.DescribeDirectoryConfigsOutput)
+ DescribeEntitlements(*appstream.DescribeEntitlementsInput) (*appstream.DescribeEntitlementsOutput, error)
+ DescribeEntitlementsWithContext(aws.Context, *appstream.DescribeEntitlementsInput, ...request.Option) (*appstream.DescribeEntitlementsOutput, error)
+ DescribeEntitlementsRequest(*appstream.DescribeEntitlementsInput) (*request.Request, *appstream.DescribeEntitlementsOutput)
+
DescribeFleets(*appstream.DescribeFleetsInput) (*appstream.DescribeFleetsOutput, error)
DescribeFleetsWithContext(aws.Context, *appstream.DescribeFleetsInput, ...request.Option) (*appstream.DescribeFleetsOutput, error)
DescribeFleetsRequest(*appstream.DescribeFleetsInput) (*request.Request, *appstream.DescribeFleetsOutput)
@@ -230,6 +246,10 @@ type AppStreamAPI interface {
DisassociateApplicationFleetWithContext(aws.Context, *appstream.DisassociateApplicationFleetInput, ...request.Option) (*appstream.DisassociateApplicationFleetOutput, error)
DisassociateApplicationFleetRequest(*appstream.DisassociateApplicationFleetInput) (*request.Request, *appstream.DisassociateApplicationFleetOutput)
+ DisassociateApplicationFromEntitlement(*appstream.DisassociateApplicationFromEntitlementInput) (*appstream.DisassociateApplicationFromEntitlementOutput, error)
+ DisassociateApplicationFromEntitlementWithContext(aws.Context, *appstream.DisassociateApplicationFromEntitlementInput, ...request.Option) (*appstream.DisassociateApplicationFromEntitlementOutput, error)
+ DisassociateApplicationFromEntitlementRequest(*appstream.DisassociateApplicationFromEntitlementInput) (*request.Request, *appstream.DisassociateApplicationFromEntitlementOutput)
+
DisassociateFleet(*appstream.DisassociateFleetInput) (*appstream.DisassociateFleetOutput, error)
DisassociateFleetWithContext(aws.Context, *appstream.DisassociateFleetInput, ...request.Option) (*appstream.DisassociateFleetOutput, error)
DisassociateFleetRequest(*appstream.DisassociateFleetInput) (*request.Request, *appstream.DisassociateFleetOutput)
@@ -250,6 +270,10 @@ type AppStreamAPI interface {
ListAssociatedStacksWithContext(aws.Context, *appstream.ListAssociatedStacksInput, ...request.Option) (*appstream.ListAssociatedStacksOutput, error)
ListAssociatedStacksRequest(*appstream.ListAssociatedStacksInput) (*request.Request, *appstream.ListAssociatedStacksOutput)
+ ListEntitledApplications(*appstream.ListEntitledApplicationsInput) (*appstream.ListEntitledApplicationsOutput, error)
+ ListEntitledApplicationsWithContext(aws.Context, *appstream.ListEntitledApplicationsInput, ...request.Option) (*appstream.ListEntitledApplicationsOutput, error)
+ ListEntitledApplicationsRequest(*appstream.ListEntitledApplicationsInput) (*request.Request, *appstream.ListEntitledApplicationsOutput)
+
ListTagsForResource(*appstream.ListTagsForResourceInput) (*appstream.ListTagsForResourceOutput, error)
ListTagsForResourceWithContext(aws.Context, *appstream.ListTagsForResourceInput, ...request.Option) (*appstream.ListTagsForResourceOutput, error)
ListTagsForResourceRequest(*appstream.ListTagsForResourceInput) (*request.Request, *appstream.ListTagsForResourceOutput)
@@ -286,6 +310,10 @@ type AppStreamAPI interface {
UpdateDirectoryConfigWithContext(aws.Context, *appstream.UpdateDirectoryConfigInput, ...request.Option) (*appstream.UpdateDirectoryConfigOutput, error)
UpdateDirectoryConfigRequest(*appstream.UpdateDirectoryConfigInput) (*request.Request, *appstream.UpdateDirectoryConfigOutput)
+ UpdateEntitlement(*appstream.UpdateEntitlementInput) (*appstream.UpdateEntitlementOutput, error)
+ UpdateEntitlementWithContext(aws.Context, *appstream.UpdateEntitlementInput, ...request.Option) (*appstream.UpdateEntitlementOutput, error)
+ UpdateEntitlementRequest(*appstream.UpdateEntitlementInput) (*request.Request, *appstream.UpdateEntitlementOutput)
+
UpdateFleet(*appstream.UpdateFleetInput) (*appstream.UpdateFleetOutput, error)
UpdateFleetWithContext(aws.Context, *appstream.UpdateFleetInput, ...request.Option) (*appstream.UpdateFleetOutput, error)
UpdateFleetRequest(*appstream.UpdateFleetInput) (*request.Request, *appstream.UpdateFleetOutput)
diff --git a/service/appstream/errors.go b/service/appstream/errors.go
index 2d21300b97f..c4ad53d2002 100644
--- a/service/appstream/errors.go
+++ b/service/appstream/errors.go
@@ -14,6 +14,18 @@ const (
// An API error occurred. Wait a few minutes and try again.
ErrCodeConcurrentModificationException = "ConcurrentModificationException"
+ // ErrCodeEntitlementAlreadyExistsException for service response error code
+ // "EntitlementAlreadyExistsException".
+ //
+ // The entitlement already exists.
+ ErrCodeEntitlementAlreadyExistsException = "EntitlementAlreadyExistsException"
+
+ // ErrCodeEntitlementNotFoundException for service response error code
+ // "EntitlementNotFoundException".
+ //
+ // The entitlement can't be found.
+ ErrCodeEntitlementNotFoundException = "EntitlementNotFoundException"
+
// ErrCodeIncompatibleImageException for service response error code
// "IncompatibleImageException".
//
@@ -86,6 +98,8 @@ const (
var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
"ConcurrentModificationException": newErrorConcurrentModificationException,
+ "EntitlementAlreadyExistsException": newErrorEntitlementAlreadyExistsException,
+ "EntitlementNotFoundException": newErrorEntitlementNotFoundException,
"IncompatibleImageException": newErrorIncompatibleImageException,
"InvalidAccountStatusException": newErrorInvalidAccountStatusException,
"InvalidParameterCombinationException": newErrorInvalidParameterCombinationException,
diff --git a/service/cloudtrail/api.go b/service/cloudtrail/api.go
index efa9fffbc85..5d73785c9f9 100644
--- a/service/cloudtrail/api.go
+++ b/service/cloudtrail/api.go
@@ -111,6 +111,12 @@ func (c *CloudTrail) AddTagsRequest(input *AddTagsInput) (req *request.Request,
// This exception is thrown when the specified tag key or values are not valid.
// It can also occur if there are duplicate tags or too many tags on the resource.
//
+// * InactiveEventDataStoreException
+// The event data store against which you ran your query is inactive.
+//
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
+//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
//
@@ -123,6 +129,12 @@ func (c *CloudTrail) AddTagsRequest(input *AddTagsInput) (req *request.Request,
// for an organization in Organizations. For more information, see Prepare For
// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
//
+// * ConflictException
+// This exception is thrown when the specified resource is not ready for an
+// operation. This can occur when you try to run an operation on a trail before
+// CloudTrail has time to fully load the trail. If this exception occurs, wait
+// a few minutes, and then try the operation again.
+//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/AddTags
func (c *CloudTrail) AddTags(input *AddTagsInput) (*AddTagsOutput, error) {
req, out := c.AddTagsRequest(input)
@@ -145,6 +157,248 @@ func (c *CloudTrail) AddTagsWithContext(ctx aws.Context, input *AddTagsInput, op
return out, req.Send()
}
+const opCancelQuery = "CancelQuery"
+
+// CancelQueryRequest generates a "aws/request.Request" representing the
+// client's request for the CancelQuery operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See CancelQuery for more information on using the CancelQuery
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the CancelQueryRequest method.
+// req, resp := client.CancelQueryRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CancelQuery
+func (c *CloudTrail) CancelQueryRequest(input *CancelQueryInput) (req *request.Request, output *CancelQueryOutput) {
+ op := &request.Operation{
+ Name: opCancelQuery,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &CancelQueryInput{}
+ }
+
+ output = &CancelQueryOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// CancelQuery API operation for AWS CloudTrail.
+//
+// Cancels a query if the query is not in a terminated state, such as CANCELLED,
+// FAILED or FINISHED. You must specify an ARN value for EventDataStore. The
+// ID of the query that you want to cancel is also required. When you run CancelQuery,
+// the query status might show as CANCELLED even if the operation is not yet
+// finished.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation CancelQuery for usage and error information.
+//
+// Returned Error Types:
+// * EventDataStoreARNInvalidException
+// The specified event data store ARN is not valid or does not map to an event
+// data store in your account.
+//
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
+//
+// * InactiveEventDataStoreException
+// The event data store against which you ran your query is inactive.
+//
+// * InactiveQueryException
+// The specified query cannot be canceled because it is in the FINISHED, FAILED,
+// or CANCELLED state.
+//
+// * InvalidParameterException
+// The request includes a parameter that is not valid.
+//
+// * QueryIdNotFoundException
+// The query ID does not exist or does not map to a query.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * ConflictException
+// This exception is thrown when the specified resource is not ready for an
+// operation. This can occur when you try to run an operation on a trail before
+// CloudTrail has time to fully load the trail. If this exception occurs, wait
+// a few minutes, and then try the operation again.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CancelQuery
+func (c *CloudTrail) CancelQuery(input *CancelQueryInput) (*CancelQueryOutput, error) {
+ req, out := c.CancelQueryRequest(input)
+ return out, req.Send()
+}
+
+// CancelQueryWithContext is the same as CancelQuery with the addition of
+// the ability to pass a context and additional request options.
+//
+// See CancelQuery for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) CancelQueryWithContext(ctx aws.Context, input *CancelQueryInput, opts ...request.Option) (*CancelQueryOutput, error) {
+ req, out := c.CancelQueryRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opCreateEventDataStore = "CreateEventDataStore"
+
+// CreateEventDataStoreRequest generates a "aws/request.Request" representing the
+// client's request for the CreateEventDataStore operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See CreateEventDataStore for more information on using the CreateEventDataStore
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the CreateEventDataStoreRequest method.
+// req, resp := client.CreateEventDataStoreRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateEventDataStore
+func (c *CloudTrail) CreateEventDataStoreRequest(input *CreateEventDataStoreInput) (req *request.Request, output *CreateEventDataStoreOutput) {
+ op := &request.Operation{
+ Name: opCreateEventDataStore,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &CreateEventDataStoreInput{}
+ }
+
+ output = &CreateEventDataStoreOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// CreateEventDataStore API operation for AWS CloudTrail.
+//
+// Creates a new event data store.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation CreateEventDataStore for usage and error information.
+//
+// Returned Error Types:
+// * EventDataStoreAlreadyExistsException
+// An event data store with that name already exists.
+//
+// * EventDataStoreMaxLimitExceededException
+// Your account has used the maximum number of event data stores.
+//
+// * InvalidParameterException
+// The request includes a parameter that is not valid.
+//
+// * InvalidTagParameterException
+// This exception is thrown when the specified tag key or values are not valid.
+// It can also occur if there are duplicate tags or too many tags on the resource.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * ConflictException
+// This exception is thrown when the specified resource is not ready for an
+// operation. This can occur when you try to run an operation on a trail before
+// CloudTrail has time to fully load the trail. If this exception occurs, wait
+// a few minutes, and then try the operation again.
+//
+// * AccessNotEnabledException
+// This exception is thrown when trusted access has not been enabled between
+// CloudTrail and Organizations. For more information, see Enabling Trusted
+// Access with Other Amazon Web Services Services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
+// and Prepare For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * InsufficientDependencyServiceAccessPermissionException
+// This exception is thrown when the IAM user or role that is used to create
+// the organization trail is lacking one or more required permissions for creating
+// an organization trail in a required service. For more information, see Prepare
+// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * NotOrganizationMasterAccountException
+// This exception is thrown when the Amazon Web Services account making the
+// request to create or update an organization trail is not the management account
+// for an organization in Organizations. For more information, see Prepare For
+// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * OrganizationsNotInUseException
+// This exception is thrown when the request is made from an Amazon Web Services
+// account that is not a member of an organization. To make this request, sign
+// in using the credentials of an account that belongs to an organization.
+//
+// * OrganizationNotInAllFeaturesModeException
+// This exception is thrown when Organizations is not configured to support
+// all features. All features must be enabled in Organizations to support creating
+// an organization trail. For more information, see Prepare For Creating a Trail
+// For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateEventDataStore
+func (c *CloudTrail) CreateEventDataStore(input *CreateEventDataStoreInput) (*CreateEventDataStoreOutput, error) {
+ req, out := c.CreateEventDataStoreRequest(input)
+ return out, req.Send()
+}
+
+// CreateEventDataStoreWithContext is the same as CreateEventDataStore with the addition of
+// the ability to pass a context and additional request options.
+//
+// See CreateEventDataStore for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) CreateEventDataStoreWithContext(ctx aws.Context, input *CreateEventDataStoreInput, opts ...request.Option) (*CreateEventDataStoreOutput, error) {
+ req, out := c.CreateEventDataStoreRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
const opCreateTrail = "CreateTrail"
// CreateTrailRequest generates a "aws/request.Request" representing the
@@ -321,6 +575,12 @@ func (c *CloudTrail) CreateTrailRequest(input *CreateTrailInput) (req *request.R
// notifications to an Amazon SNS topic that is in a suspended Amazon Web Services
// account.
//
+// * ConflictException
+// This exception is thrown when the specified resource is not ready for an
+// operation. This can occur when you try to run an operation on a trail before
+// CloudTrail has time to fully load the trail. If this exception occurs, wait
+// a few minutes, and then try the operation again.
+//
// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/CreateTrail
func (c *CloudTrail) CreateTrail(input *CreateTrailInput) (*CreateTrailOutput, error) {
req, out := c.CreateTrailRequest(input)
@@ -343,92 +603,89 @@ func (c *CloudTrail) CreateTrailWithContext(ctx aws.Context, input *CreateTrailI
return out, req.Send()
}
-const opDeleteTrail = "DeleteTrail"
+const opDeleteEventDataStore = "DeleteEventDataStore"
-// DeleteTrailRequest generates a "aws/request.Request" representing the
-// client's request for the DeleteTrail operation. The "output" return
+// DeleteEventDataStoreRequest generates a "aws/request.Request" representing the
+// client's request for the DeleteEventDataStore operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See DeleteTrail for more information on using the DeleteTrail
+// See DeleteEventDataStore for more information on using the DeleteEventDataStore
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the DeleteTrailRequest method.
-// req, resp := client.DeleteTrailRequest(params)
+// // Example sending a request using the DeleteEventDataStoreRequest method.
+// req, resp := client.DeleteEventDataStoreRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteTrail
-func (c *CloudTrail) DeleteTrailRequest(input *DeleteTrailInput) (req *request.Request, output *DeleteTrailOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteEventDataStore
+func (c *CloudTrail) DeleteEventDataStoreRequest(input *DeleteEventDataStoreInput) (req *request.Request, output *DeleteEventDataStoreOutput) {
op := &request.Operation{
- Name: opDeleteTrail,
+ Name: opDeleteEventDataStore,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
- input = &DeleteTrailInput{}
+ input = &DeleteEventDataStoreInput{}
}
- output = &DeleteTrailOutput{}
+ output = &DeleteEventDataStoreOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
-// DeleteTrail API operation for AWS CloudTrail.
+// DeleteEventDataStore API operation for AWS CloudTrail.
//
-// Deletes a trail. This operation must be called from the region in which the
-// trail was created. DeleteTrail cannot be called on the shadow trails (replicated
-// trails in other regions) of a trail that is enabled in all regions.
+// Disables the event data store specified by EventDataStore, which accepts
+// an event data store ARN. After you run DeleteEventDataStore, the event data
+// store is automatically deleted after a wait period of seven days. TerminationProtectionEnabled
+// must be set to False on the event data store; this operation cannot work
+// if TerminationProtectionEnabled is True.
+//
+// After you run DeleteEventDataStore on an event data store, you cannot run
+// ListQueries, DescribeQuery, or GetQueryResults on queries that are using
+// an event data store in a PENDING_DELETION state.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation DeleteTrail for usage and error information.
+// API operation DeleteEventDataStore for usage and error information.
//
// Returned Error Types:
-// * TrailNotFoundException
-// This exception is thrown when the trail with the given name is not found.
-//
-// * InvalidTrailNameException
-// This exception is thrown when the provided trail name is not valid. Trail
-// names must meet the following requirements:
-//
-// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
-// (_), or dashes (-)
+// * EventDataStoreARNInvalidException
+// The specified event data store ARN is not valid or does not map to an event
+// data store in your account.
//
-// * Start with a letter or number, and end with a letter or number
-//
-// * Be between 3 and 128 characters
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
//
-// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
-// and my--namespace are not valid.
+// * EventDataStoreTerminationProtectedException
+// The event data store cannot be deleted because termination protection is
+// enabled for it.
//
-// * Not be in IP address format (for example, 192.168.5.4)
+// * InvalidParameterException
+// The request includes a parameter that is not valid.
//
-// * InvalidHomeRegionException
-// This exception is thrown when an operation is called on a trail from a region
-// other than the region in which the trail was created.
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
//
-// * OperationNotPermittedException
-// This exception is thrown when the requested operation is not permitted.
-//
// * NotOrganizationMasterAccountException
// This exception is thrown when the Amazon Web Services account making the
// request to create or update an organization trail is not the management account
@@ -441,94 +698,87 @@ func (c *CloudTrail) DeleteTrailRequest(input *DeleteTrailInput) (req *request.R
// an organization trail in a required service. For more information, see Prepare
// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
//
-// * ConflictException
-// This exception is thrown when the specified resource is not ready for an
-// operation. This can occur when you try to run an operation on a trail before
-// CloudTrail has time to fully load the trail. If this exception occurs, wait
-// a few minutes, and then try the operation again.
-//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteTrail
-func (c *CloudTrail) DeleteTrail(input *DeleteTrailInput) (*DeleteTrailOutput, error) {
- req, out := c.DeleteTrailRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteEventDataStore
+func (c *CloudTrail) DeleteEventDataStore(input *DeleteEventDataStoreInput) (*DeleteEventDataStoreOutput, error) {
+ req, out := c.DeleteEventDataStoreRequest(input)
return out, req.Send()
}
-// DeleteTrailWithContext is the same as DeleteTrail with the addition of
+// DeleteEventDataStoreWithContext is the same as DeleteEventDataStore with the addition of
// the ability to pass a context and additional request options.
//
-// See DeleteTrail for details on how to use this API operation.
+// See DeleteEventDataStore for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) DeleteTrailWithContext(ctx aws.Context, input *DeleteTrailInput, opts ...request.Option) (*DeleteTrailOutput, error) {
- req, out := c.DeleteTrailRequest(input)
+func (c *CloudTrail) DeleteEventDataStoreWithContext(ctx aws.Context, input *DeleteEventDataStoreInput, opts ...request.Option) (*DeleteEventDataStoreOutput, error) {
+ req, out := c.DeleteEventDataStoreRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opDescribeTrails = "DescribeTrails"
+const opDeleteTrail = "DeleteTrail"
-// DescribeTrailsRequest generates a "aws/request.Request" representing the
-// client's request for the DescribeTrails operation. The "output" return
+// DeleteTrailRequest generates a "aws/request.Request" representing the
+// client's request for the DeleteTrail operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See DescribeTrails for more information on using the DescribeTrails
+// See DeleteTrail for more information on using the DeleteTrail
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the DescribeTrailsRequest method.
-// req, resp := client.DescribeTrailsRequest(params)
+// // Example sending a request using the DeleteTrailRequest method.
+// req, resp := client.DeleteTrailRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeTrails
-func (c *CloudTrail) DescribeTrailsRequest(input *DescribeTrailsInput) (req *request.Request, output *DescribeTrailsOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteTrail
+func (c *CloudTrail) DeleteTrailRequest(input *DeleteTrailInput) (req *request.Request, output *DeleteTrailOutput) {
op := &request.Operation{
- Name: opDescribeTrails,
+ Name: opDeleteTrail,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
- input = &DescribeTrailsInput{}
+ input = &DeleteTrailInput{}
}
- output = &DescribeTrailsOutput{}
+ output = &DeleteTrailOutput{}
req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
-// DescribeTrails API operation for AWS CloudTrail.
+// DeleteTrail API operation for AWS CloudTrail.
//
-// Retrieves settings for one or more trails associated with the current region
-// for your account.
+// Deletes a trail. This operation must be called from the region in which the
+// trail was created. DeleteTrail cannot be called on the shadow trails (replicated
+// trails in other regions) of a trail that is enabled in all regions.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation DescribeTrails for usage and error information.
+// API operation DeleteTrail for usage and error information.
//
// Returned Error Types:
-// * UnsupportedOperationException
-// This exception is thrown when the requested operation is not supported.
-//
-// * OperationNotPermittedException
-// This exception is thrown when the requested operation is not permitted.
+// * TrailNotFoundException
+// This exception is thrown when the trail with the given name is not found.
//
// * InvalidTrailNameException
// This exception is thrown when the provided trail name is not valid. Trail
@@ -546,204 +796,216 @@ func (c *CloudTrail) DescribeTrailsRequest(input *DescribeTrailsInput) (req *req
//
// * Not be in IP address format (for example, 192.168.5.4)
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeTrails
-func (c *CloudTrail) DescribeTrails(input *DescribeTrailsInput) (*DescribeTrailsOutput, error) {
- req, out := c.DescribeTrailsRequest(input)
+// * InvalidHomeRegionException
+// This exception is thrown when an operation is called on a trail from a region
+// other than the region in which the trail was created.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * NotOrganizationMasterAccountException
+// This exception is thrown when the Amazon Web Services account making the
+// request to create or update an organization trail is not the management account
+// for an organization in Organizations. For more information, see Prepare For
+// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * InsufficientDependencyServiceAccessPermissionException
+// This exception is thrown when the IAM user or role that is used to create
+// the organization trail is lacking one or more required permissions for creating
+// an organization trail in a required service. For more information, see Prepare
+// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * ConflictException
+// This exception is thrown when the specified resource is not ready for an
+// operation. This can occur when you try to run an operation on a trail before
+// CloudTrail has time to fully load the trail. If this exception occurs, wait
+// a few minutes, and then try the operation again.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DeleteTrail
+func (c *CloudTrail) DeleteTrail(input *DeleteTrailInput) (*DeleteTrailOutput, error) {
+ req, out := c.DeleteTrailRequest(input)
return out, req.Send()
}
-// DescribeTrailsWithContext is the same as DescribeTrails with the addition of
+// DeleteTrailWithContext is the same as DeleteTrail with the addition of
// the ability to pass a context and additional request options.
//
-// See DescribeTrails for details on how to use this API operation.
+// See DeleteTrail for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) DescribeTrailsWithContext(ctx aws.Context, input *DescribeTrailsInput, opts ...request.Option) (*DescribeTrailsOutput, error) {
- req, out := c.DescribeTrailsRequest(input)
+func (c *CloudTrail) DeleteTrailWithContext(ctx aws.Context, input *DeleteTrailInput, opts ...request.Option) (*DeleteTrailOutput, error) {
+ req, out := c.DeleteTrailRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opGetEventSelectors = "GetEventSelectors"
+const opDescribeQuery = "DescribeQuery"
-// GetEventSelectorsRequest generates a "aws/request.Request" representing the
-// client's request for the GetEventSelectors operation. The "output" return
+// DescribeQueryRequest generates a "aws/request.Request" representing the
+// client's request for the DescribeQuery operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See GetEventSelectors for more information on using the GetEventSelectors
+// See DescribeQuery for more information on using the DescribeQuery
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the GetEventSelectorsRequest method.
-// req, resp := client.GetEventSelectorsRequest(params)
+// // Example sending a request using the DescribeQueryRequest method.
+// req, resp := client.DescribeQueryRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventSelectors
-func (c *CloudTrail) GetEventSelectorsRequest(input *GetEventSelectorsInput) (req *request.Request, output *GetEventSelectorsOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeQuery
+func (c *CloudTrail) DescribeQueryRequest(input *DescribeQueryInput) (req *request.Request, output *DescribeQueryOutput) {
op := &request.Operation{
- Name: opGetEventSelectors,
+ Name: opDescribeQuery,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
- input = &GetEventSelectorsInput{}
+ input = &DescribeQueryInput{}
}
- output = &GetEventSelectorsOutput{}
+ output = &DescribeQueryOutput{}
req = c.newRequest(op, input, output)
return
}
-// GetEventSelectors API operation for AWS CloudTrail.
+// DescribeQuery API operation for AWS CloudTrail.
//
-// Describes the settings for the event selectors that you configured for your
-// trail. The information returned for your event selectors includes the following:
-//
-// * If your event selector includes read-only events, write-only events,
-// or all events. This applies to both management events and data events.
-//
-// * If your event selector includes management events.
-//
-// * If your event selector includes data events, the resources on which
-// you are logging data events.
-//
-// For more information, see Logging Data and Management Events for Trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html)
-// in the CloudTrail User Guide.
+// Returns metadata about a query, including query run time in milliseconds,
+// number of events scanned and matched, and query status. You must specify
+// an ARN for EventDataStore, and a value for QueryID.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation GetEventSelectors for usage and error information.
+// API operation DescribeQuery for usage and error information.
//
// Returned Error Types:
-// * TrailNotFoundException
-// This exception is thrown when the trail with the given name is not found.
+// * EventDataStoreARNInvalidException
+// The specified event data store ARN is not valid or does not map to an event
+// data store in your account.
//
-// * InvalidTrailNameException
-// This exception is thrown when the provided trail name is not valid. Trail
-// names must meet the following requirements:
-//
-// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
-// (_), or dashes (-)
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
//
-// * Start with a letter or number, and end with a letter or number
+// * InactiveEventDataStoreException
+// The event data store against which you ran your query is inactive.
//
-// * Be between 3 and 128 characters
+// * InvalidParameterException
+// The request includes a parameter that is not valid.
//
-// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
-// and my--namespace are not valid.
+// * QueryIdNotFoundException
+// The query ID does not exist or does not map to a query.
//
-// * Not be in IP address format (for example, 192.168.5.4)
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
//
-// * OperationNotPermittedException
-// This exception is thrown when the requested operation is not permitted.
-//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventSelectors
-func (c *CloudTrail) GetEventSelectors(input *GetEventSelectorsInput) (*GetEventSelectorsOutput, error) {
- req, out := c.GetEventSelectorsRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeQuery
+func (c *CloudTrail) DescribeQuery(input *DescribeQueryInput) (*DescribeQueryOutput, error) {
+ req, out := c.DescribeQueryRequest(input)
return out, req.Send()
}
-// GetEventSelectorsWithContext is the same as GetEventSelectors with the addition of
+// DescribeQueryWithContext is the same as DescribeQuery with the addition of
// the ability to pass a context and additional request options.
//
-// See GetEventSelectors for details on how to use this API operation.
+// See DescribeQuery for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) GetEventSelectorsWithContext(ctx aws.Context, input *GetEventSelectorsInput, opts ...request.Option) (*GetEventSelectorsOutput, error) {
- req, out := c.GetEventSelectorsRequest(input)
+func (c *CloudTrail) DescribeQueryWithContext(ctx aws.Context, input *DescribeQueryInput, opts ...request.Option) (*DescribeQueryOutput, error) {
+ req, out := c.DescribeQueryRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opGetInsightSelectors = "GetInsightSelectors"
+const opDescribeTrails = "DescribeTrails"
-// GetInsightSelectorsRequest generates a "aws/request.Request" representing the
-// client's request for the GetInsightSelectors operation. The "output" return
+// DescribeTrailsRequest generates a "aws/request.Request" representing the
+// client's request for the DescribeTrails operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See GetInsightSelectors for more information on using the GetInsightSelectors
+// See DescribeTrails for more information on using the DescribeTrails
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the GetInsightSelectorsRequest method.
-// req, resp := client.GetInsightSelectorsRequest(params)
+// // Example sending a request using the DescribeTrailsRequest method.
+// req, resp := client.DescribeTrailsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetInsightSelectors
-func (c *CloudTrail) GetInsightSelectorsRequest(input *GetInsightSelectorsInput) (req *request.Request, output *GetInsightSelectorsOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeTrails
+func (c *CloudTrail) DescribeTrailsRequest(input *DescribeTrailsInput) (req *request.Request, output *DescribeTrailsOutput) {
op := &request.Operation{
- Name: opGetInsightSelectors,
+ Name: opDescribeTrails,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
- input = &GetInsightSelectorsInput{}
+ input = &DescribeTrailsInput{}
}
- output = &GetInsightSelectorsOutput{}
+ output = &DescribeTrailsOutput{}
req = c.newRequest(op, input, output)
return
}
-// GetInsightSelectors API operation for AWS CloudTrail.
-//
-// Describes the settings for the Insights event selectors that you configured
-// for your trail. GetInsightSelectors shows if CloudTrail Insights event logging
-// is enabled on the trail, and if it is, which insight types are enabled. If
-// you run GetInsightSelectors on a trail that does not have Insights events
-// enabled, the operation throws the exception InsightNotEnabledException
+// DescribeTrails API operation for AWS CloudTrail.
//
-// For more information, see Logging CloudTrail Insights Events for Trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-insights-events-with-cloudtrail.html)
-// in the CloudTrail User Guide.
+// Retrieves settings for one or more trails associated with the current region
+// for your account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation GetInsightSelectors for usage and error information.
+// API operation DescribeTrails for usage and error information.
//
// Returned Error Types:
-// * TrailNotFoundException
-// This exception is thrown when the trail with the given name is not found.
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
//
// * InvalidTrailNameException
// This exception is thrown when the provided trail name is not valid. Trail
@@ -761,195 +1023,185 @@ func (c *CloudTrail) GetInsightSelectorsRequest(input *GetInsightSelectorsInput)
//
// * Not be in IP address format (for example, 192.168.5.4)
//
-// * UnsupportedOperationException
-// This exception is thrown when the requested operation is not supported.
-//
-// * OperationNotPermittedException
-// This exception is thrown when the requested operation is not permitted.
-//
-// * InsightNotEnabledException
-// If you run GetInsightSelectors on a trail that does not have Insights events
-// enabled, the operation throws the exception InsightNotEnabledException.
-//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetInsightSelectors
-func (c *CloudTrail) GetInsightSelectors(input *GetInsightSelectorsInput) (*GetInsightSelectorsOutput, error) {
- req, out := c.GetInsightSelectorsRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/DescribeTrails
+func (c *CloudTrail) DescribeTrails(input *DescribeTrailsInput) (*DescribeTrailsOutput, error) {
+ req, out := c.DescribeTrailsRequest(input)
return out, req.Send()
}
-// GetInsightSelectorsWithContext is the same as GetInsightSelectors with the addition of
+// DescribeTrailsWithContext is the same as DescribeTrails with the addition of
// the ability to pass a context and additional request options.
//
-// See GetInsightSelectors for details on how to use this API operation.
+// See DescribeTrails for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) GetInsightSelectorsWithContext(ctx aws.Context, input *GetInsightSelectorsInput, opts ...request.Option) (*GetInsightSelectorsOutput, error) {
- req, out := c.GetInsightSelectorsRequest(input)
+func (c *CloudTrail) DescribeTrailsWithContext(ctx aws.Context, input *DescribeTrailsInput, opts ...request.Option) (*DescribeTrailsOutput, error) {
+ req, out := c.DescribeTrailsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opGetTrail = "GetTrail"
+const opGetEventDataStore = "GetEventDataStore"
-// GetTrailRequest generates a "aws/request.Request" representing the
-// client's request for the GetTrail operation. The "output" return
+// GetEventDataStoreRequest generates a "aws/request.Request" representing the
+// client's request for the GetEventDataStore operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See GetTrail for more information on using the GetTrail
+// See GetEventDataStore for more information on using the GetEventDataStore
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the GetTrailRequest method.
-// req, resp := client.GetTrailRequest(params)
+// // Example sending a request using the GetEventDataStoreRequest method.
+// req, resp := client.GetEventDataStoreRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetTrail
-func (c *CloudTrail) GetTrailRequest(input *GetTrailInput) (req *request.Request, output *GetTrailOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventDataStore
+func (c *CloudTrail) GetEventDataStoreRequest(input *GetEventDataStoreInput) (req *request.Request, output *GetEventDataStoreOutput) {
op := &request.Operation{
- Name: opGetTrail,
+ Name: opGetEventDataStore,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
- input = &GetTrailInput{}
+ input = &GetEventDataStoreInput{}
}
- output = &GetTrailOutput{}
+ output = &GetEventDataStoreOutput{}
req = c.newRequest(op, input, output)
return
}
-// GetTrail API operation for AWS CloudTrail.
+// GetEventDataStore API operation for AWS CloudTrail.
//
-// Returns settings information for a specified trail.
+// Returns information about an event data store specified as either an ARN
+// or the ID portion of the ARN.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation GetTrail for usage and error information.
+// API operation GetEventDataStore for usage and error information.
//
// Returned Error Types:
-// * TrailNotFoundException
-// This exception is thrown when the trail with the given name is not found.
-//
-// * InvalidTrailNameException
-// This exception is thrown when the provided trail name is not valid. Trail
-// names must meet the following requirements:
-//
-// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
-// (_), or dashes (-)
-//
-// * Start with a letter or number, and end with a letter or number
+// * EventDataStoreARNInvalidException
+// The specified event data store ARN is not valid or does not map to an event
+// data store in your account.
//
-// * Be between 3 and 128 characters
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
//
-// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
-// and my--namespace are not valid.
+// * InvalidParameterException
+// The request includes a parameter that is not valid.
//
-// * Not be in IP address format (for example, 192.168.5.4)
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
//
-// * OperationNotPermittedException
-// This exception is thrown when the requested operation is not permitted.
-//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetTrail
-func (c *CloudTrail) GetTrail(input *GetTrailInput) (*GetTrailOutput, error) {
- req, out := c.GetTrailRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventDataStore
+func (c *CloudTrail) GetEventDataStore(input *GetEventDataStoreInput) (*GetEventDataStoreOutput, error) {
+ req, out := c.GetEventDataStoreRequest(input)
return out, req.Send()
}
-// GetTrailWithContext is the same as GetTrail with the addition of
+// GetEventDataStoreWithContext is the same as GetEventDataStore with the addition of
// the ability to pass a context and additional request options.
//
-// See GetTrail for details on how to use this API operation.
+// See GetEventDataStore for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) GetTrailWithContext(ctx aws.Context, input *GetTrailInput, opts ...request.Option) (*GetTrailOutput, error) {
- req, out := c.GetTrailRequest(input)
+func (c *CloudTrail) GetEventDataStoreWithContext(ctx aws.Context, input *GetEventDataStoreInput, opts ...request.Option) (*GetEventDataStoreOutput, error) {
+ req, out := c.GetEventDataStoreRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opGetTrailStatus = "GetTrailStatus"
+const opGetEventSelectors = "GetEventSelectors"
-// GetTrailStatusRequest generates a "aws/request.Request" representing the
-// client's request for the GetTrailStatus operation. The "output" return
+// GetEventSelectorsRequest generates a "aws/request.Request" representing the
+// client's request for the GetEventSelectors operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See GetTrailStatus for more information on using the GetTrailStatus
+// See GetEventSelectors for more information on using the GetEventSelectors
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the GetTrailStatusRequest method.
-// req, resp := client.GetTrailStatusRequest(params)
+// // Example sending a request using the GetEventSelectorsRequest method.
+// req, resp := client.GetEventSelectorsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetTrailStatus
-func (c *CloudTrail) GetTrailStatusRequest(input *GetTrailStatusInput) (req *request.Request, output *GetTrailStatusOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventSelectors
+func (c *CloudTrail) GetEventSelectorsRequest(input *GetEventSelectorsInput) (req *request.Request, output *GetEventSelectorsOutput) {
op := &request.Operation{
- Name: opGetTrailStatus,
+ Name: opGetEventSelectors,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
- input = &GetTrailStatusInput{}
+ input = &GetEventSelectorsInput{}
}
- output = &GetTrailStatusOutput{}
+ output = &GetEventSelectorsOutput{}
req = c.newRequest(op, input, output)
return
}
-// GetTrailStatus API operation for AWS CloudTrail.
+// GetEventSelectors API operation for AWS CloudTrail.
//
-// Returns a JSON-formatted list of information about the specified trail. Fields
-// include information on delivery errors, Amazon SNS and Amazon S3 errors,
-// and start and stop logging times for each trail. This operation returns trail
-// status from a single region. To return trail status from all regions, you
-// must call the operation on each region.
+// Describes the settings for the event selectors that you configured for your
+// trail. The information returned for your event selectors includes the following:
+//
+// * If your event selector includes read-only events, write-only events,
+// or all events. This applies to both management events and data events.
+//
+// * If your event selector includes management events.
+//
+// * If your event selector includes data events, the resources on which
+// you are logging data events.
+//
+// For more information, see Logging Data and Management Events for Trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html)
+// in the CloudTrail User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation GetTrailStatus for usage and error information.
+// API operation GetEventSelectors for usage and error information.
//
// Returned Error Types:
// * TrailNotFoundException
@@ -977,98 +1229,107 @@ func (c *CloudTrail) GetTrailStatusRequest(input *GetTrailStatusInput) (req *req
// * OperationNotPermittedException
// This exception is thrown when the requested operation is not permitted.
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetTrailStatus
-func (c *CloudTrail) GetTrailStatus(input *GetTrailStatusInput) (*GetTrailStatusOutput, error) {
- req, out := c.GetTrailStatusRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetEventSelectors
+func (c *CloudTrail) GetEventSelectors(input *GetEventSelectorsInput) (*GetEventSelectorsOutput, error) {
+ req, out := c.GetEventSelectorsRequest(input)
return out, req.Send()
}
-// GetTrailStatusWithContext is the same as GetTrailStatus with the addition of
+// GetEventSelectorsWithContext is the same as GetEventSelectors with the addition of
// the ability to pass a context and additional request options.
//
-// See GetTrailStatus for details on how to use this API operation.
+// See GetEventSelectors for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) GetTrailStatusWithContext(ctx aws.Context, input *GetTrailStatusInput, opts ...request.Option) (*GetTrailStatusOutput, error) {
- req, out := c.GetTrailStatusRequest(input)
+func (c *CloudTrail) GetEventSelectorsWithContext(ctx aws.Context, input *GetEventSelectorsInput, opts ...request.Option) (*GetEventSelectorsOutput, error) {
+ req, out := c.GetEventSelectorsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opListPublicKeys = "ListPublicKeys"
+const opGetInsightSelectors = "GetInsightSelectors"
-// ListPublicKeysRequest generates a "aws/request.Request" representing the
-// client's request for the ListPublicKeys operation. The "output" return
+// GetInsightSelectorsRequest generates a "aws/request.Request" representing the
+// client's request for the GetInsightSelectors operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See ListPublicKeys for more information on using the ListPublicKeys
+// See GetInsightSelectors for more information on using the GetInsightSelectors
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the ListPublicKeysRequest method.
-// req, resp := client.ListPublicKeysRequest(params)
+// // Example sending a request using the GetInsightSelectorsRequest method.
+// req, resp := client.GetInsightSelectorsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListPublicKeys
-func (c *CloudTrail) ListPublicKeysRequest(input *ListPublicKeysInput) (req *request.Request, output *ListPublicKeysOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetInsightSelectors
+func (c *CloudTrail) GetInsightSelectorsRequest(input *GetInsightSelectorsInput) (req *request.Request, output *GetInsightSelectorsOutput) {
op := &request.Operation{
- Name: opListPublicKeys,
+ Name: opGetInsightSelectors,
HTTPMethod: "POST",
HTTPPath: "/",
- Paginator: &request.Paginator{
- InputTokens: []string{"NextToken"},
- OutputTokens: []string{"NextToken"},
- LimitToken: "",
- TruncationToken: "",
- },
}
if input == nil {
- input = &ListPublicKeysInput{}
+ input = &GetInsightSelectorsInput{}
}
- output = &ListPublicKeysOutput{}
+ output = &GetInsightSelectorsOutput{}
req = c.newRequest(op, input, output)
return
}
-// ListPublicKeys API operation for AWS CloudTrail.
+// GetInsightSelectors API operation for AWS CloudTrail.
//
-// Returns all public keys whose private keys were used to sign the digest files
-// within the specified time range. The public key is needed to validate digest
-// files that were signed with its corresponding private key.
+// Describes the settings for the Insights event selectors that you configured
+// for your trail. GetInsightSelectors shows if CloudTrail Insights event logging
+// is enabled on the trail, and if it is, which insight types are enabled. If
+// you run GetInsightSelectors on a trail that does not have Insights events
+// enabled, the operation throws the exception InsightNotEnabledException
//
-// CloudTrail uses different private and public key pairs per region. Each digest
-// file is signed with a private key unique to its region. When you validate
-// a digest file from a specific region, you must look in the same region for
-// its corresponding public key.
+// For more information, see Logging CloudTrail Insights Events for Trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-insights-events-with-cloudtrail.html)
+// in the CloudTrail User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation ListPublicKeys for usage and error information.
+// API operation GetInsightSelectors for usage and error information.
//
// Returned Error Types:
-// * InvalidTimeRangeException
-// Occurs if the timestamp values are not valid. Either the start time occurs
-// after the end time, or the time range is outside the range of possible values.
+// * TrailNotFoundException
+// This exception is thrown when the trail with the given name is not found.
+//
+// * InvalidTrailNameException
+// This exception is thrown when the provided trail name is not valid. Trail
+// names must meet the following requirements:
+//
+// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
+// (_), or dashes (-)
+//
+// * Start with a letter or number, and end with a letter or number
+//
+// * Be between 3 and 128 characters
+//
+// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
+// and my--namespace are not valid.
+//
+// * Not be in IP address format (for example, 192.168.5.4)
//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
@@ -1076,112 +1337,61 @@ func (c *CloudTrail) ListPublicKeysRequest(input *ListPublicKeysInput) (req *req
// * OperationNotPermittedException
// This exception is thrown when the requested operation is not permitted.
//
-// * InvalidTokenException
-// Reserved for future use.
+// * InsightNotEnabledException
+// If you run GetInsightSelectors on a trail that does not have Insights events
+// enabled, the operation throws the exception InsightNotEnabledException.
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListPublicKeys
-func (c *CloudTrail) ListPublicKeys(input *ListPublicKeysInput) (*ListPublicKeysOutput, error) {
- req, out := c.ListPublicKeysRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetInsightSelectors
+func (c *CloudTrail) GetInsightSelectors(input *GetInsightSelectorsInput) (*GetInsightSelectorsOutput, error) {
+ req, out := c.GetInsightSelectorsRequest(input)
return out, req.Send()
}
-// ListPublicKeysWithContext is the same as ListPublicKeys with the addition of
+// GetInsightSelectorsWithContext is the same as GetInsightSelectors with the addition of
// the ability to pass a context and additional request options.
//
-// See ListPublicKeys for details on how to use this API operation.
+// See GetInsightSelectors for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) ListPublicKeysWithContext(ctx aws.Context, input *ListPublicKeysInput, opts ...request.Option) (*ListPublicKeysOutput, error) {
- req, out := c.ListPublicKeysRequest(input)
+func (c *CloudTrail) GetInsightSelectorsWithContext(ctx aws.Context, input *GetInsightSelectorsInput, opts ...request.Option) (*GetInsightSelectorsOutput, error) {
+ req, out := c.GetInsightSelectorsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-// ListPublicKeysPages iterates over the pages of a ListPublicKeys operation,
-// calling the "fn" function with the response data for each page. To stop
-// iterating, return false from the fn function.
-//
-// See ListPublicKeys method for more information on how to use this operation.
-//
-// Note: This operation can generate multiple requests to a service.
-//
-// // Example iterating over at most 3 pages of a ListPublicKeys operation.
-// pageNum := 0
-// err := client.ListPublicKeysPages(params,
-// func(page *cloudtrail.ListPublicKeysOutput, lastPage bool) bool {
-// pageNum++
-// fmt.Println(page)
-// return pageNum <= 3
-// })
-//
-func (c *CloudTrail) ListPublicKeysPages(input *ListPublicKeysInput, fn func(*ListPublicKeysOutput, bool) bool) error {
- return c.ListPublicKeysPagesWithContext(aws.BackgroundContext(), input, fn)
-}
-
-// ListPublicKeysPagesWithContext same as ListPublicKeysPages except
-// it takes a Context and allows setting request options on the pages.
-//
-// The context must be non-nil and will be used for request cancellation. If
-// the context is nil a panic will occur. In the future the SDK may create
-// sub-contexts for http.Requests. See https://golang.org/pkg/context/
-// for more information on using Contexts.
-func (c *CloudTrail) ListPublicKeysPagesWithContext(ctx aws.Context, input *ListPublicKeysInput, fn func(*ListPublicKeysOutput, bool) bool, opts ...request.Option) error {
- p := request.Pagination{
- NewRequest: func() (*request.Request, error) {
- var inCpy *ListPublicKeysInput
- if input != nil {
- tmp := *input
- inCpy = &tmp
- }
- req, _ := c.ListPublicKeysRequest(inCpy)
- req.SetContext(ctx)
- req.ApplyOptions(opts...)
- return req, nil
- },
- }
-
- for p.Next() {
- if !fn(p.Page().(*ListPublicKeysOutput), !p.HasNextPage()) {
- break
- }
- }
-
- return p.Err()
-}
-
-const opListTags = "ListTags"
+const opGetQueryResults = "GetQueryResults"
-// ListTagsRequest generates a "aws/request.Request" representing the
-// client's request for the ListTags operation. The "output" return
+// GetQueryResultsRequest generates a "aws/request.Request" representing the
+// client's request for the GetQueryResults operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See ListTags for more information on using the ListTags
+// See GetQueryResults for more information on using the GetQueryResults
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the ListTagsRequest method.
-// req, resp := client.ListTagsRequest(params)
+// // Example sending a request using the GetQueryResultsRequest method.
+// req, resp := client.GetQueryResultsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListTags
-func (c *CloudTrail) ListTagsRequest(input *ListTagsInput) (req *request.Request, output *ListTagsOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetQueryResults
+func (c *CloudTrail) GetQueryResultsRequest(input *GetQueryResultsInput) (req *request.Request, output *GetQueryResultsOutput) {
op := &request.Operation{
- Name: opListTags,
+ Name: opGetQueryResults,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
@@ -1193,123 +1403,115 @@ func (c *CloudTrail) ListTagsRequest(input *ListTagsInput) (req *request.Request
}
if input == nil {
- input = &ListTagsInput{}
+ input = &GetQueryResultsInput{}
}
- output = &ListTagsOutput{}
+ output = &GetQueryResultsOutput{}
req = c.newRequest(op, input, output)
return
}
-// ListTags API operation for AWS CloudTrail.
+// GetQueryResults API operation for AWS CloudTrail.
//
-// Lists the tags for the trail in the current region.
+// Gets event data results of a query. You must specify the QueryID value returned
+// by the StartQuery operation, and an ARN for EventDataStore.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation ListTags for usage and error information.
+// API operation GetQueryResults for usage and error information.
//
// Returned Error Types:
-// * ResourceNotFoundException
-// This exception is thrown when the specified resource is not found.
-//
-// * ARNInvalidException
-// This exception is thrown when an operation is called with a trail ARN that
-// is not valid. The following is the format of a trail ARN.
-//
-// arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
-//
-// * ResourceTypeNotSupportedException
-// This exception is thrown when the specified resource type is not supported
-// by CloudTrail.
-//
-// * InvalidTrailNameException
-// This exception is thrown when the provided trail name is not valid. Trail
-// names must meet the following requirements:
+// * EventDataStoreARNInvalidException
+// The specified event data store ARN is not valid or does not map to an event
+// data store in your account.
//
-// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
-// (_), or dashes (-)
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
//
-// * Start with a letter or number, and end with a letter or number
+// * InactiveEventDataStoreException
+// The event data store against which you ran your query is inactive.
//
-// * Be between 3 and 128 characters
+// * InvalidMaxResultsException
+// This exception is thrown if the limit specified is not valid.
//
-// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
-// and my--namespace are not valid.
+// * InvalidNextTokenException
+// A token that is not valid, or a token that was previously used in a request
+// with different parameters. This exception is thrown if the token is not valid.
//
-// * Not be in IP address format (for example, 192.168.5.4)
+// * InvalidParameterException
+// The request includes a parameter that is not valid.
//
-// * UnsupportedOperationException
-// This exception is thrown when the requested operation is not supported.
+// * QueryIdNotFoundException
+// The query ID does not exist or does not map to a query.
//
// * OperationNotPermittedException
// This exception is thrown when the requested operation is not permitted.
//
-// * InvalidTokenException
-// Reserved for future use.
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListTags
-func (c *CloudTrail) ListTags(input *ListTagsInput) (*ListTagsOutput, error) {
- req, out := c.ListTagsRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetQueryResults
+func (c *CloudTrail) GetQueryResults(input *GetQueryResultsInput) (*GetQueryResultsOutput, error) {
+ req, out := c.GetQueryResultsRequest(input)
return out, req.Send()
}
-// ListTagsWithContext is the same as ListTags with the addition of
+// GetQueryResultsWithContext is the same as GetQueryResults with the addition of
// the ability to pass a context and additional request options.
//
-// See ListTags for details on how to use this API operation.
+// See GetQueryResults for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) ListTagsWithContext(ctx aws.Context, input *ListTagsInput, opts ...request.Option) (*ListTagsOutput, error) {
- req, out := c.ListTagsRequest(input)
+func (c *CloudTrail) GetQueryResultsWithContext(ctx aws.Context, input *GetQueryResultsInput, opts ...request.Option) (*GetQueryResultsOutput, error) {
+ req, out := c.GetQueryResultsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-// ListTagsPages iterates over the pages of a ListTags operation,
+// GetQueryResultsPages iterates over the pages of a GetQueryResults operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
-// See ListTags method for more information on how to use this operation.
+// See GetQueryResults method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
-// // Example iterating over at most 3 pages of a ListTags operation.
+// // Example iterating over at most 3 pages of a GetQueryResults operation.
// pageNum := 0
-// err := client.ListTagsPages(params,
-// func(page *cloudtrail.ListTagsOutput, lastPage bool) bool {
+// err := client.GetQueryResultsPages(params,
+// func(page *cloudtrail.GetQueryResultsOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
-func (c *CloudTrail) ListTagsPages(input *ListTagsInput, fn func(*ListTagsOutput, bool) bool) error {
- return c.ListTagsPagesWithContext(aws.BackgroundContext(), input, fn)
+func (c *CloudTrail) GetQueryResultsPages(input *GetQueryResultsInput, fn func(*GetQueryResultsOutput, bool) bool) error {
+ return c.GetQueryResultsPagesWithContext(aws.BackgroundContext(), input, fn)
}
-// ListTagsPagesWithContext same as ListTagsPages except
+// GetQueryResultsPagesWithContext same as GetQueryResultsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) ListTagsPagesWithContext(ctx aws.Context, input *ListTagsInput, fn func(*ListTagsOutput, bool) bool, opts ...request.Option) error {
+func (c *CloudTrail) GetQueryResultsPagesWithContext(ctx aws.Context, input *GetQueryResultsInput, fn func(*GetQueryResultsOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
- var inCpy *ListTagsInput
+ var inCpy *GetQueryResultsInput
if input != nil {
tmp := *input
inCpy = &tmp
}
- req, _ := c.ListTagsRequest(inCpy)
+ req, _ := c.GetQueryResultsRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
@@ -1317,7 +1519,7 @@ func (c *CloudTrail) ListTagsPagesWithContext(ctx aws.Context, input *ListTagsIn
}
for p.Next() {
- if !fn(p.Page().(*ListTagsOutput), !p.HasNextPage()) {
+ if !fn(p.Page().(*GetQueryResultsOutput), !p.HasNextPage()) {
break
}
}
@@ -1325,175 +1527,241 @@ func (c *CloudTrail) ListTagsPagesWithContext(ctx aws.Context, input *ListTagsIn
return p.Err()
}
-const opListTrails = "ListTrails"
+const opGetTrail = "GetTrail"
-// ListTrailsRequest generates a "aws/request.Request" representing the
-// client's request for the ListTrails operation. The "output" return
+// GetTrailRequest generates a "aws/request.Request" representing the
+// client's request for the GetTrail operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See ListTrails for more information on using the ListTrails
+// See GetTrail for more information on using the GetTrail
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the ListTrailsRequest method.
-// req, resp := client.ListTrailsRequest(params)
+// // Example sending a request using the GetTrailRequest method.
+// req, resp := client.GetTrailRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListTrails
-func (c *CloudTrail) ListTrailsRequest(input *ListTrailsInput) (req *request.Request, output *ListTrailsOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetTrail
+func (c *CloudTrail) GetTrailRequest(input *GetTrailInput) (req *request.Request, output *GetTrailOutput) {
op := &request.Operation{
- Name: opListTrails,
+ Name: opGetTrail,
HTTPMethod: "POST",
HTTPPath: "/",
- Paginator: &request.Paginator{
- InputTokens: []string{"NextToken"},
- OutputTokens: []string{"NextToken"},
- LimitToken: "",
- TruncationToken: "",
- },
}
if input == nil {
- input = &ListTrailsInput{}
+ input = &GetTrailInput{}
}
- output = &ListTrailsOutput{}
+ output = &GetTrailOutput{}
req = c.newRequest(op, input, output)
return
}
-// ListTrails API operation for AWS CloudTrail.
+// GetTrail API operation for AWS CloudTrail.
//
-// Lists trails that are in the current account.
+// Returns settings information for a specified trail.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation ListTrails for usage and error information.
+// API operation GetTrail for usage and error information.
//
// Returned Error Types:
+// * TrailNotFoundException
+// This exception is thrown when the trail with the given name is not found.
+//
+// * InvalidTrailNameException
+// This exception is thrown when the provided trail name is not valid. Trail
+// names must meet the following requirements:
+//
+// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
+// (_), or dashes (-)
+//
+// * Start with a letter or number, and end with a letter or number
+//
+// * Be between 3 and 128 characters
+//
+// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
+// and my--namespace are not valid.
+//
+// * Not be in IP address format (for example, 192.168.5.4)
+//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
//
// * OperationNotPermittedException
// This exception is thrown when the requested operation is not permitted.
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListTrails
-func (c *CloudTrail) ListTrails(input *ListTrailsInput) (*ListTrailsOutput, error) {
- req, out := c.ListTrailsRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetTrail
+func (c *CloudTrail) GetTrail(input *GetTrailInput) (*GetTrailOutput, error) {
+ req, out := c.GetTrailRequest(input)
return out, req.Send()
}
-// ListTrailsWithContext is the same as ListTrails with the addition of
+// GetTrailWithContext is the same as GetTrail with the addition of
// the ability to pass a context and additional request options.
//
-// See ListTrails for details on how to use this API operation.
+// See GetTrail for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) ListTrailsWithContext(ctx aws.Context, input *ListTrailsInput, opts ...request.Option) (*ListTrailsOutput, error) {
- req, out := c.ListTrailsRequest(input)
+func (c *CloudTrail) GetTrailWithContext(ctx aws.Context, input *GetTrailInput, opts ...request.Option) (*GetTrailOutput, error) {
+ req, out := c.GetTrailRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-// ListTrailsPages iterates over the pages of a ListTrails operation,
-// calling the "fn" function with the response data for each page. To stop
-// iterating, return false from the fn function.
+const opGetTrailStatus = "GetTrailStatus"
+
+// GetTrailStatusRequest generates a "aws/request.Request" representing the
+// client's request for the GetTrailStatus operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
//
-// See ListTrails method for more information on how to use this operation.
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
//
-// Note: This operation can generate multiple requests to a service.
+// See GetTrailStatus for more information on using the GetTrailStatus
+// API call, and error handling.
//
-// // Example iterating over at most 3 pages of a ListTrails operation.
-// pageNum := 0
-// err := client.ListTrailsPages(params,
-// func(page *cloudtrail.ListTrailsOutput, lastPage bool) bool {
-// pageNum++
-// fmt.Println(page)
-// return pageNum <= 3
-// })
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
-func (c *CloudTrail) ListTrailsPages(input *ListTrailsInput, fn func(*ListTrailsOutput, bool) bool) error {
- return c.ListTrailsPagesWithContext(aws.BackgroundContext(), input, fn)
+//
+// // Example sending a request using the GetTrailStatusRequest method.
+// req, resp := client.GetTrailStatusRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetTrailStatus
+func (c *CloudTrail) GetTrailStatusRequest(input *GetTrailStatusInput) (req *request.Request, output *GetTrailStatusOutput) {
+ op := &request.Operation{
+ Name: opGetTrailStatus,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &GetTrailStatusInput{}
+ }
+
+ output = &GetTrailStatusOutput{}
+ req = c.newRequest(op, input, output)
+ return
}
-// ListTrailsPagesWithContext same as ListTrailsPages except
-// it takes a Context and allows setting request options on the pages.
+// GetTrailStatus API operation for AWS CloudTrail.
+//
+// Returns a JSON-formatted list of information about the specified trail. Fields
+// include information on delivery errors, Amazon SNS and Amazon S3 errors,
+// and start and stop logging times for each trail. This operation returns trail
+// status from a single region. To return trail status from all regions, you
+// must call the operation on each region.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation GetTrailStatus for usage and error information.
+//
+// Returned Error Types:
+// * TrailNotFoundException
+// This exception is thrown when the trail with the given name is not found.
+//
+// * InvalidTrailNameException
+// This exception is thrown when the provided trail name is not valid. Trail
+// names must meet the following requirements:
+//
+// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
+// (_), or dashes (-)
+//
+// * Start with a letter or number, and end with a letter or number
+//
+// * Be between 3 and 128 characters
+//
+// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
+// and my--namespace are not valid.
+//
+// * Not be in IP address format (for example, 192.168.5.4)
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/GetTrailStatus
+func (c *CloudTrail) GetTrailStatus(input *GetTrailStatusInput) (*GetTrailStatusOutput, error) {
+ req, out := c.GetTrailStatusRequest(input)
+ return out, req.Send()
+}
+
+// GetTrailStatusWithContext is the same as GetTrailStatus with the addition of
+// the ability to pass a context and additional request options.
+//
+// See GetTrailStatus for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) ListTrailsPagesWithContext(ctx aws.Context, input *ListTrailsInput, fn func(*ListTrailsOutput, bool) bool, opts ...request.Option) error {
- p := request.Pagination{
- NewRequest: func() (*request.Request, error) {
- var inCpy *ListTrailsInput
- if input != nil {
- tmp := *input
- inCpy = &tmp
- }
- req, _ := c.ListTrailsRequest(inCpy)
- req.SetContext(ctx)
- req.ApplyOptions(opts...)
- return req, nil
- },
- }
-
- for p.Next() {
- if !fn(p.Page().(*ListTrailsOutput), !p.HasNextPage()) {
- break
- }
- }
-
- return p.Err()
+func (c *CloudTrail) GetTrailStatusWithContext(ctx aws.Context, input *GetTrailStatusInput, opts ...request.Option) (*GetTrailStatusOutput, error) {
+ req, out := c.GetTrailStatusRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
}
-const opLookupEvents = "LookupEvents"
+const opListEventDataStores = "ListEventDataStores"
-// LookupEventsRequest generates a "aws/request.Request" representing the
-// client's request for the LookupEvents operation. The "output" return
+// ListEventDataStoresRequest generates a "aws/request.Request" representing the
+// client's request for the ListEventDataStores operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See LookupEvents for more information on using the LookupEvents
+// See ListEventDataStores for more information on using the ListEventDataStores
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the LookupEventsRequest method.
-// req, resp := client.LookupEventsRequest(params)
+// // Example sending a request using the ListEventDataStoresRequest method.
+// req, resp := client.ListEventDataStoresRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/LookupEvents
-func (c *CloudTrail) LookupEventsRequest(input *LookupEventsInput) (req *request.Request, output *LookupEventsOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListEventDataStores
+func (c *CloudTrail) ListEventDataStoresRequest(input *ListEventDataStoresInput) (req *request.Request, output *ListEventDataStoresOutput) {
op := &request.Operation{
- Name: opLookupEvents,
+ Name: opListEventDataStores,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
@@ -1505,68 +1773,27 @@ func (c *CloudTrail) LookupEventsRequest(input *LookupEventsInput) (req *request
}
if input == nil {
- input = &LookupEventsInput{}
+ input = &ListEventDataStoresInput{}
}
- output = &LookupEventsOutput{}
+ output = &ListEventDataStoresOutput{}
req = c.newRequest(op, input, output)
return
}
-// LookupEvents API operation for AWS CloudTrail.
-//
-// Looks up management events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-concepts.html#cloudtrail-concepts-management-events)
-// or CloudTrail Insights events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-concepts.html#cloudtrail-concepts-insights-events)
-// that are captured by CloudTrail. You can look up events that occurred in
-// a region within the last 90 days. Lookup supports the following attributes
-// for management events:
-//
-// * Amazon Web Services access key
-//
-// * Event ID
-//
-// * Event name
-//
-// * Event source
-//
-// * Read only
-//
-// * Resource name
-//
-// * Resource type
+// ListEventDataStores API operation for AWS CloudTrail.
//
-// * User name
-//
-// Lookup supports the following attributes for Insights events:
-//
-// * Event ID
-//
-// * Event name
-//
-// * Event source
-//
-// All attributes are optional. The default number of results returned is 50,
-// with a maximum of 50 possible. The response includes a token that you can
-// use to get the next page of results.
-//
-// The rate of lookup requests is limited to two per second, per account, per
-// region. If this limit is exceeded, a throttling error occurs.
+// Returns information about all event data stores in the account, in the current
+// region.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation LookupEvents for usage and error information.
+// API operation ListEventDataStores for usage and error information.
//
// Returned Error Types:
-// * InvalidLookupAttributesException
-// Occurs when a lookup attribute is specified that is not valid.
-//
-// * InvalidTimeRangeException
-// Occurs if the timestamp values are not valid. Either the start time occurs
-// after the end time, or the time range is outside the range of possible values.
-//
// * InvalidMaxResultsException
// This exception is thrown if the limit specified is not valid.
//
@@ -1574,75 +1801,71 @@ func (c *CloudTrail) LookupEventsRequest(input *LookupEventsInput) (req *request
// A token that is not valid, or a token that was previously used in a request
// with different parameters. This exception is thrown if the token is not valid.
//
-// * InvalidEventCategoryException
-// Occurs if an event category that is not valid is specified as a value of
-// EventCategory.
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
//
-// * OperationNotPermittedException
-// This exception is thrown when the requested operation is not permitted.
-//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/LookupEvents
-func (c *CloudTrail) LookupEvents(input *LookupEventsInput) (*LookupEventsOutput, error) {
- req, out := c.LookupEventsRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListEventDataStores
+func (c *CloudTrail) ListEventDataStores(input *ListEventDataStoresInput) (*ListEventDataStoresOutput, error) {
+ req, out := c.ListEventDataStoresRequest(input)
return out, req.Send()
}
-// LookupEventsWithContext is the same as LookupEvents with the addition of
+// ListEventDataStoresWithContext is the same as ListEventDataStores with the addition of
// the ability to pass a context and additional request options.
//
-// See LookupEvents for details on how to use this API operation.
+// See ListEventDataStores for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) LookupEventsWithContext(ctx aws.Context, input *LookupEventsInput, opts ...request.Option) (*LookupEventsOutput, error) {
- req, out := c.LookupEventsRequest(input)
+func (c *CloudTrail) ListEventDataStoresWithContext(ctx aws.Context, input *ListEventDataStoresInput, opts ...request.Option) (*ListEventDataStoresOutput, error) {
+ req, out := c.ListEventDataStoresRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-// LookupEventsPages iterates over the pages of a LookupEvents operation,
+// ListEventDataStoresPages iterates over the pages of a ListEventDataStores operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
-// See LookupEvents method for more information on how to use this operation.
+// See ListEventDataStores method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
-// // Example iterating over at most 3 pages of a LookupEvents operation.
+// // Example iterating over at most 3 pages of a ListEventDataStores operation.
// pageNum := 0
-// err := client.LookupEventsPages(params,
-// func(page *cloudtrail.LookupEventsOutput, lastPage bool) bool {
+// err := client.ListEventDataStoresPages(params,
+// func(page *cloudtrail.ListEventDataStoresOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
-func (c *CloudTrail) LookupEventsPages(input *LookupEventsInput, fn func(*LookupEventsOutput, bool) bool) error {
- return c.LookupEventsPagesWithContext(aws.BackgroundContext(), input, fn)
+func (c *CloudTrail) ListEventDataStoresPages(input *ListEventDataStoresInput, fn func(*ListEventDataStoresOutput, bool) bool) error {
+ return c.ListEventDataStoresPagesWithContext(aws.BackgroundContext(), input, fn)
}
-// LookupEventsPagesWithContext same as LookupEventsPages except
+// ListEventDataStoresPagesWithContext same as ListEventDataStoresPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) LookupEventsPagesWithContext(ctx aws.Context, input *LookupEventsInput, fn func(*LookupEventsOutput, bool) bool, opts ...request.Option) error {
+func (c *CloudTrail) ListEventDataStoresPagesWithContext(ctx aws.Context, input *ListEventDataStoresInput, fn func(*ListEventDataStoresOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
- var inCpy *LookupEventsInput
+ var inCpy *ListEventDataStoresInput
if input != nil {
tmp := *input
inCpy = &tmp
}
- req, _ := c.LookupEventsRequest(inCpy)
+ req, _ := c.ListEventDataStoresRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
@@ -1650,7 +1873,7 @@ func (c *CloudTrail) LookupEventsPagesWithContext(ctx aws.Context, input *Lookup
}
for p.Next() {
- if !fn(p.Page().(*LookupEventsOutput), !p.HasNextPage()) {
+ if !fn(p.Page().(*ListEventDataStoresOutput), !p.HasNextPage()) {
break
}
}
@@ -1658,149 +1881,76 @@ func (c *CloudTrail) LookupEventsPagesWithContext(ctx aws.Context, input *Lookup
return p.Err()
}
-const opPutEventSelectors = "PutEventSelectors"
+const opListPublicKeys = "ListPublicKeys"
-// PutEventSelectorsRequest generates a "aws/request.Request" representing the
-// client's request for the PutEventSelectors operation. The "output" return
+// ListPublicKeysRequest generates a "aws/request.Request" representing the
+// client's request for the ListPublicKeys operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See PutEventSelectors for more information on using the PutEventSelectors
+// See ListPublicKeys for more information on using the ListPublicKeys
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the PutEventSelectorsRequest method.
-// req, resp := client.PutEventSelectorsRequest(params)
+// // Example sending a request using the ListPublicKeysRequest method.
+// req, resp := client.ListPublicKeysRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutEventSelectors
-func (c *CloudTrail) PutEventSelectorsRequest(input *PutEventSelectorsInput) (req *request.Request, output *PutEventSelectorsOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListPublicKeys
+func (c *CloudTrail) ListPublicKeysRequest(input *ListPublicKeysInput) (req *request.Request, output *ListPublicKeysOutput) {
op := &request.Operation{
- Name: opPutEventSelectors,
+ Name: opListPublicKeys,
HTTPMethod: "POST",
HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "",
+ TruncationToken: "",
+ },
}
if input == nil {
- input = &PutEventSelectorsInput{}
+ input = &ListPublicKeysInput{}
}
- output = &PutEventSelectorsOutput{}
+ output = &ListPublicKeysOutput{}
req = c.newRequest(op, input, output)
return
}
-// PutEventSelectors API operation for AWS CloudTrail.
-//
-// Configures an event selector or advanced event selectors for your trail.
-// Use event selectors or advanced event selectors to specify management and
-// data event settings for your trail. By default, trails created without specific
-// event selectors are configured to log all read and write management events,
-// and no data events.
-//
-// When an event occurs in your account, CloudTrail evaluates the event selectors
-// or advanced event selectors in all trails. For each trail, if the event matches
-// any event selector, the trail processes and logs the event. If the event
-// doesn't match any event selector, the trail doesn't log the event.
-//
-// Example
-//
-// You create an event selector for a trail and specify that you want write-only
-// events.
-//
-// The EC2 GetConsoleOutput and RunInstances API operations occur in your account.
-//
-// CloudTrail evaluates whether the events match your event selectors.
-//
-// The RunInstances is a write-only event and it matches your event selector.
-// The trail logs the event.
-//
-// The GetConsoleOutput is a read-only event that doesn't match your event selector.
-// The trail doesn't log the event.
-//
-// The PutEventSelectors operation must be called from the region in which the
-// trail was created; otherwise, an InvalidHomeRegionException exception is
-// thrown.
+// ListPublicKeys API operation for AWS CloudTrail.
//
-// You can configure up to five event selectors for each trail. For more information,
-// see Logging data and management events for trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html)
-// and Quotas in CloudTrail (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html)
-// in the CloudTrail User Guide.
+// Returns all public keys whose private keys were used to sign the digest files
+// within the specified time range. The public key is needed to validate digest
+// files that were signed with its corresponding private key.
//
-// You can add advanced event selectors, and conditions for your advanced event
-// selectors, up to a maximum of 500 values for all conditions and selectors
-// on a trail. You can use either AdvancedEventSelectors or EventSelectors,
-// but not both. If you apply AdvancedEventSelectors to a trail, any existing
-// EventSelectors are overwritten. For more information about advanced event
-// selectors, see Logging data events for trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html)
-// in the CloudTrail User Guide.
+// CloudTrail uses different private and public key pairs per region. Each digest
+// file is signed with a private key unique to its region. When you validate
+// a digest file from a specific region, you must look in the same region for
+// its corresponding public key.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation PutEventSelectors for usage and error information.
+// API operation ListPublicKeys for usage and error information.
//
// Returned Error Types:
-// * TrailNotFoundException
-// This exception is thrown when the trail with the given name is not found.
-//
-// * InvalidTrailNameException
-// This exception is thrown when the provided trail name is not valid. Trail
-// names must meet the following requirements:
-//
-// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
-// (_), or dashes (-)
-//
-// * Start with a letter or number, and end with a letter or number
-//
-// * Be between 3 and 128 characters
-//
-// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
-// and my--namespace are not valid.
-//
-// * Not be in IP address format (for example, 192.168.5.4)
-//
-// * InvalidHomeRegionException
-// This exception is thrown when an operation is called on a trail from a region
-// other than the region in which the trail was created.
-//
-// * InvalidEventSelectorsException
-// This exception is thrown when the PutEventSelectors operation is called with
-// a number of event selectors, advanced event selectors, or data resources
-// that is not valid. The combination of event selectors or advanced event selectors
-// and data resources is not valid. A trail can have up to 5 event selectors.
-// If a trail uses advanced event selectors, a maximum of 500 total values for
-// all conditions in all advanced event selectors is allowed. A trail is limited
-// to 250 data resources. These data resources can be distributed across event
-// selectors, but the overall total cannot exceed 250.
-//
-// You can:
-//
-// * Specify a valid number of event selectors (1 to 5) for a trail.
-//
-// * Specify a valid number of data resources (1 to 250) for an event selector.
-// The limit of number of resources on an individual event selector is configurable
-// up to 250. However, this upper limit is allowed only if the total number
-// of data resources does not exceed 250 across all event selectors for a
-// trail.
-//
-// * Specify up to 500 values for all conditions in all advanced event selectors
-// for a trail.
-//
-// * Specify a valid value for a parameter. For example, specifying the ReadWriteType
-// parameter with a value of read-only is not valid.
+// * InvalidTimeRangeException
+// Occurs if the timestamp values are not valid. Either the start time occurs
+// after the end time, or the time range is outside the range of possible values.
//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
@@ -1808,226 +1958,313 @@ func (c *CloudTrail) PutEventSelectorsRequest(input *PutEventSelectorsInput) (re
// * OperationNotPermittedException
// This exception is thrown when the requested operation is not permitted.
//
-// * NotOrganizationMasterAccountException
-// This exception is thrown when the Amazon Web Services account making the
-// request to create or update an organization trail is not the management account
-// for an organization in Organizations. For more information, see Prepare For
-// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
-//
-// * InsufficientDependencyServiceAccessPermissionException
-// This exception is thrown when the IAM user or role that is used to create
-// the organization trail is lacking one or more required permissions for creating
-// an organization trail in a required service. For more information, see Prepare
-// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+// * InvalidTokenException
+// Reserved for future use.
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutEventSelectors
-func (c *CloudTrail) PutEventSelectors(input *PutEventSelectorsInput) (*PutEventSelectorsOutput, error) {
- req, out := c.PutEventSelectorsRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListPublicKeys
+func (c *CloudTrail) ListPublicKeys(input *ListPublicKeysInput) (*ListPublicKeysOutput, error) {
+ req, out := c.ListPublicKeysRequest(input)
return out, req.Send()
}
-// PutEventSelectorsWithContext is the same as PutEventSelectors with the addition of
+// ListPublicKeysWithContext is the same as ListPublicKeys with the addition of
// the ability to pass a context and additional request options.
//
-// See PutEventSelectors for details on how to use this API operation.
+// See ListPublicKeys for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) PutEventSelectorsWithContext(ctx aws.Context, input *PutEventSelectorsInput, opts ...request.Option) (*PutEventSelectorsOutput, error) {
- req, out := c.PutEventSelectorsRequest(input)
+func (c *CloudTrail) ListPublicKeysWithContext(ctx aws.Context, input *ListPublicKeysInput, opts ...request.Option) (*ListPublicKeysOutput, error) {
+ req, out := c.ListPublicKeysRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opPutInsightSelectors = "PutInsightSelectors"
+// ListPublicKeysPages iterates over the pages of a ListPublicKeys operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListPublicKeys method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListPublicKeys operation.
+// pageNum := 0
+// err := client.ListPublicKeysPages(params,
+// func(page *cloudtrail.ListPublicKeysOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *CloudTrail) ListPublicKeysPages(input *ListPublicKeysInput, fn func(*ListPublicKeysOutput, bool) bool) error {
+ return c.ListPublicKeysPagesWithContext(aws.BackgroundContext(), input, fn)
+}
-// PutInsightSelectorsRequest generates a "aws/request.Request" representing the
-// client's request for the PutInsightSelectors operation. The "output" return
+// ListPublicKeysPagesWithContext same as ListPublicKeysPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) ListPublicKeysPagesWithContext(ctx aws.Context, input *ListPublicKeysInput, fn func(*ListPublicKeysOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListPublicKeysInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListPublicKeysRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListPublicKeysOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListQueries = "ListQueries"
+
+// ListQueriesRequest generates a "aws/request.Request" representing the
+// client's request for the ListQueries operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See PutInsightSelectors for more information on using the PutInsightSelectors
+// See ListQueries for more information on using the ListQueries
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the PutInsightSelectorsRequest method.
-// req, resp := client.PutInsightSelectorsRequest(params)
+// // Example sending a request using the ListQueriesRequest method.
+// req, resp := client.ListQueriesRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectors
-func (c *CloudTrail) PutInsightSelectorsRequest(input *PutInsightSelectorsInput) (req *request.Request, output *PutInsightSelectorsOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListQueries
+func (c *CloudTrail) ListQueriesRequest(input *ListQueriesInput) (req *request.Request, output *ListQueriesOutput) {
op := &request.Operation{
- Name: opPutInsightSelectors,
+ Name: opListQueries,
HTTPMethod: "POST",
HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
}
if input == nil {
- input = &PutInsightSelectorsInput{}
+ input = &ListQueriesInput{}
}
- output = &PutInsightSelectorsOutput{}
+ output = &ListQueriesOutput{}
req = c.newRequest(op, input, output)
return
}
-// PutInsightSelectors API operation for AWS CloudTrail.
+// ListQueries API operation for AWS CloudTrail.
//
-// Lets you enable Insights event logging by specifying the Insights selectors
-// that you want to enable on an existing trail. You also use PutInsightSelectors
-// to turn off Insights event logging, by passing an empty list of insight types.
-// The valid Insights event type in this release is ApiCallRateInsight.
+// Returns a list of queries and query statuses for the past seven days. You
+// must specify an ARN value for EventDataStore. Optionally, to shorten the
+// list of results, you can specify a time range, formatted as timestamps, by
+// adding StartTime and EndTime parameters, and a QueryStatus value. Valid values
+// for QueryStatus include QUEUED, RUNNING, FINISHED, FAILED, or CANCELLED.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation PutInsightSelectors for usage and error information.
+// API operation ListQueries for usage and error information.
//
// Returned Error Types:
-// * TrailNotFoundException
-// This exception is thrown when the trail with the given name is not found.
+// * EventDataStoreARNInvalidException
+// The specified event data store ARN is not valid or does not map to an event
+// data store in your account.
//
-// * InvalidTrailNameException
-// This exception is thrown when the provided trail name is not valid. Trail
-// names must meet the following requirements:
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
//
-// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
-// (_), or dashes (-)
+// * InactiveEventDataStoreException
+// The event data store against which you ran your query is inactive.
//
-// * Start with a letter or number, and end with a letter or number
+// * InvalidDateRangeException
+// A date range for the query was specified that is not valid. For more information
+// about writing a query, see Create or edit a query (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html)
+// in the CloudTrail User Guide.
//
-// * Be between 3 and 128 characters
+// * InvalidMaxResultsException
+// This exception is thrown if the limit specified is not valid.
//
-// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
-// and my--namespace are not valid.
+// * InvalidNextTokenException
+// A token that is not valid, or a token that was previously used in a request
+// with different parameters. This exception is thrown if the token is not valid.
//
-// * Not be in IP address format (for example, 192.168.5.4)
+// * InvalidParameterException
+// The request includes a parameter that is not valid.
//
-// * InvalidHomeRegionException
-// This exception is thrown when an operation is called on a trail from a region
-// other than the region in which the trail was created.
-//
-// * InvalidInsightSelectorsException
-// The formatting or syntax of the InsightSelectors JSON statement in your PutInsightSelectors
-// or GetInsightSelectors request is not valid, or the specified insight type
-// in the InsightSelectors statement is not a valid insight type.
-//
-// * InsufficientS3BucketPolicyException
-// This exception is thrown when the policy on the S3 bucket is not sufficient.
-//
-// * InsufficientEncryptionPolicyException
-// This exception is thrown when the policy on the S3 bucket or KMS key is not
-// sufficient.
-//
-// * S3BucketDoesNotExistException
-// This exception is thrown when the specified S3 bucket does not exist.
-//
-// * KmsException
-// This exception is thrown when there is an issue with the specified KMS key
-// and the trail can’t be updated.
-//
-// * UnsupportedOperationException
-// This exception is thrown when the requested operation is not supported.
+// * InvalidQueryStatusException
+// The query status is not valid for the operation.
//
// * OperationNotPermittedException
// This exception is thrown when the requested operation is not permitted.
//
-// * NotOrganizationMasterAccountException
-// This exception is thrown when the Amazon Web Services account making the
-// request to create or update an organization trail is not the management account
-// for an organization in Organizations. For more information, see Prepare For
-// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectors
-func (c *CloudTrail) PutInsightSelectors(input *PutInsightSelectorsInput) (*PutInsightSelectorsOutput, error) {
- req, out := c.PutInsightSelectorsRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListQueries
+func (c *CloudTrail) ListQueries(input *ListQueriesInput) (*ListQueriesOutput, error) {
+ req, out := c.ListQueriesRequest(input)
return out, req.Send()
}
-// PutInsightSelectorsWithContext is the same as PutInsightSelectors with the addition of
+// ListQueriesWithContext is the same as ListQueries with the addition of
// the ability to pass a context and additional request options.
//
-// See PutInsightSelectors for details on how to use this API operation.
+// See ListQueries for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) PutInsightSelectorsWithContext(ctx aws.Context, input *PutInsightSelectorsInput, opts ...request.Option) (*PutInsightSelectorsOutput, error) {
- req, out := c.PutInsightSelectorsRequest(input)
+func (c *CloudTrail) ListQueriesWithContext(ctx aws.Context, input *ListQueriesInput, opts ...request.Option) (*ListQueriesOutput, error) {
+ req, out := c.ListQueriesRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opRemoveTags = "RemoveTags"
+// ListQueriesPages iterates over the pages of a ListQueries operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListQueries method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListQueries operation.
+// pageNum := 0
+// err := client.ListQueriesPages(params,
+// func(page *cloudtrail.ListQueriesOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *CloudTrail) ListQueriesPages(input *ListQueriesInput, fn func(*ListQueriesOutput, bool) bool) error {
+ return c.ListQueriesPagesWithContext(aws.BackgroundContext(), input, fn)
+}
-// RemoveTagsRequest generates a "aws/request.Request" representing the
-// client's request for the RemoveTags operation. The "output" return
+// ListQueriesPagesWithContext same as ListQueriesPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) ListQueriesPagesWithContext(ctx aws.Context, input *ListQueriesInput, fn func(*ListQueriesOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListQueriesInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListQueriesRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListQueriesOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListTags = "ListTags"
+
+// ListTagsRequest generates a "aws/request.Request" representing the
+// client's request for the ListTags operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See RemoveTags for more information on using the RemoveTags
+// See ListTags for more information on using the ListTags
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the RemoveTagsRequest method.
-// req, resp := client.RemoveTagsRequest(params)
+// // Example sending a request using the ListTagsRequest method.
+// req, resp := client.ListTagsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RemoveTags
-func (c *CloudTrail) RemoveTagsRequest(input *RemoveTagsInput) (req *request.Request, output *RemoveTagsOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListTags
+func (c *CloudTrail) ListTagsRequest(input *ListTagsInput) (req *request.Request, output *ListTagsOutput) {
op := &request.Operation{
- Name: opRemoveTags,
+ Name: opListTags,
HTTPMethod: "POST",
HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "",
+ TruncationToken: "",
+ },
}
if input == nil {
- input = &RemoveTagsInput{}
+ input = &ListTagsInput{}
}
- output = &RemoveTagsOutput{}
+ output = &ListTagsOutput{}
req = c.newRequest(op, input, output)
- req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
-// RemoveTags API operation for AWS CloudTrail.
+// ListTags API operation for AWS CloudTrail.
//
-// Removes the specified tags from a trail.
+// Lists the tags for the trail in the current region.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation RemoveTags for usage and error information.
+// API operation ListTags for usage and error information.
//
// Returned Error Types:
// * ResourceNotFoundException
@@ -2059,9 +2296,11 @@ func (c *CloudTrail) RemoveTagsRequest(input *RemoveTagsInput) (req *request.Req
//
// * Not be in IP address format (for example, 192.168.5.4)
//
-// * InvalidTagParameterException
-// This exception is thrown when the specified tag key or values are not valid.
-// It can also occur if there are duplicate tags or too many tags on the resource.
+// * InactiveEventDataStoreException
+// The event data store against which you ran your query is inactive.
+//
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
@@ -2069,240 +2308,335 @@ func (c *CloudTrail) RemoveTagsRequest(input *RemoveTagsInput) (req *request.Req
// * OperationNotPermittedException
// This exception is thrown when the requested operation is not permitted.
//
-// * NotOrganizationMasterAccountException
-// This exception is thrown when the Amazon Web Services account making the
-// request to create or update an organization trail is not the management account
-// for an organization in Organizations. For more information, see Prepare For
-// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+// * InvalidTokenException
+// Reserved for future use.
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RemoveTags
-func (c *CloudTrail) RemoveTags(input *RemoveTagsInput) (*RemoveTagsOutput, error) {
- req, out := c.RemoveTagsRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListTags
+func (c *CloudTrail) ListTags(input *ListTagsInput) (*ListTagsOutput, error) {
+ req, out := c.ListTagsRequest(input)
return out, req.Send()
}
-// RemoveTagsWithContext is the same as RemoveTags with the addition of
+// ListTagsWithContext is the same as ListTags with the addition of
// the ability to pass a context and additional request options.
//
-// See RemoveTags for details on how to use this API operation.
+// See ListTags for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) RemoveTagsWithContext(ctx aws.Context, input *RemoveTagsInput, opts ...request.Option) (*RemoveTagsOutput, error) {
- req, out := c.RemoveTagsRequest(input)
+func (c *CloudTrail) ListTagsWithContext(ctx aws.Context, input *ListTagsInput, opts ...request.Option) (*ListTagsOutput, error) {
+ req, out := c.ListTagsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opStartLogging = "StartLogging"
+// ListTagsPages iterates over the pages of a ListTags operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListTags method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListTags operation.
+// pageNum := 0
+// err := client.ListTagsPages(params,
+// func(page *cloudtrail.ListTagsOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *CloudTrail) ListTagsPages(input *ListTagsInput, fn func(*ListTagsOutput, bool) bool) error {
+ return c.ListTagsPagesWithContext(aws.BackgroundContext(), input, fn)
+}
-// StartLoggingRequest generates a "aws/request.Request" representing the
-// client's request for the StartLogging operation. The "output" return
+// ListTagsPagesWithContext same as ListTagsPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) ListTagsPagesWithContext(ctx aws.Context, input *ListTagsInput, fn func(*ListTagsOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListTagsInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListTagsRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListTagsOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opListTrails = "ListTrails"
+
+// ListTrailsRequest generates a "aws/request.Request" representing the
+// client's request for the ListTrails operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See StartLogging for more information on using the StartLogging
+// See ListTrails for more information on using the ListTrails
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the StartLoggingRequest method.
-// req, resp := client.StartLoggingRequest(params)
+// // Example sending a request using the ListTrailsRequest method.
+// req, resp := client.ListTrailsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartLogging
-func (c *CloudTrail) StartLoggingRequest(input *StartLoggingInput) (req *request.Request, output *StartLoggingOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListTrails
+func (c *CloudTrail) ListTrailsRequest(input *ListTrailsInput) (req *request.Request, output *ListTrailsOutput) {
op := &request.Operation{
- Name: opStartLogging,
+ Name: opListTrails,
HTTPMethod: "POST",
HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "",
+ TruncationToken: "",
+ },
}
if input == nil {
- input = &StartLoggingInput{}
+ input = &ListTrailsInput{}
}
- output = &StartLoggingOutput{}
+ output = &ListTrailsOutput{}
req = c.newRequest(op, input, output)
- req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
-// StartLogging API operation for AWS CloudTrail.
+// ListTrails API operation for AWS CloudTrail.
//
-// Starts the recording of Amazon Web Services API calls and log file delivery
-// for a trail. For a trail that is enabled in all regions, this operation must
-// be called from the region in which the trail was created. This operation
-// cannot be called on the shadow trails (replicated trails in other regions)
-// of a trail that is enabled in all regions.
+// Lists trails that are in the current account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation StartLogging for usage and error information.
+// API operation ListTrails for usage and error information.
//
// Returned Error Types:
-// * TrailNotFoundException
-// This exception is thrown when the trail with the given name is not found.
-//
-// * InvalidTrailNameException
-// This exception is thrown when the provided trail name is not valid. Trail
-// names must meet the following requirements:
-//
-// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
-// (_), or dashes (-)
-//
-// * Start with a letter or number, and end with a letter or number
-//
-// * Be between 3 and 128 characters
-//
-// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
-// and my--namespace are not valid.
-//
-// * Not be in IP address format (for example, 192.168.5.4)
-//
-// * InvalidHomeRegionException
-// This exception is thrown when an operation is called on a trail from a region
-// other than the region in which the trail was created.
-//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
//
// * OperationNotPermittedException
// This exception is thrown when the requested operation is not permitted.
//
-// * NotOrganizationMasterAccountException
-// This exception is thrown when the Amazon Web Services account making the
-// request to create or update an organization trail is not the management account
-// for an organization in Organizations. For more information, see Prepare For
-// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
-//
-// * InsufficientDependencyServiceAccessPermissionException
-// This exception is thrown when the IAM user or role that is used to create
-// the organization trail is lacking one or more required permissions for creating
-// an organization trail in a required service. For more information, see Prepare
-// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
-//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartLogging
-func (c *CloudTrail) StartLogging(input *StartLoggingInput) (*StartLoggingOutput, error) {
- req, out := c.StartLoggingRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListTrails
+func (c *CloudTrail) ListTrails(input *ListTrailsInput) (*ListTrailsOutput, error) {
+ req, out := c.ListTrailsRequest(input)
return out, req.Send()
}
-// StartLoggingWithContext is the same as StartLogging with the addition of
+// ListTrailsWithContext is the same as ListTrails with the addition of
// the ability to pass a context and additional request options.
//
-// See StartLogging for details on how to use this API operation.
+// See ListTrails for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) StartLoggingWithContext(ctx aws.Context, input *StartLoggingInput, opts ...request.Option) (*StartLoggingOutput, error) {
- req, out := c.StartLoggingRequest(input)
+func (c *CloudTrail) ListTrailsWithContext(ctx aws.Context, input *ListTrailsInput, opts ...request.Option) (*ListTrailsOutput, error) {
+ req, out := c.ListTrailsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opStopLogging = "StopLogging"
+// ListTrailsPages iterates over the pages of a ListTrails operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See ListTrails method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a ListTrails operation.
+// pageNum := 0
+// err := client.ListTrailsPages(params,
+// func(page *cloudtrail.ListTrailsOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *CloudTrail) ListTrailsPages(input *ListTrailsInput, fn func(*ListTrailsOutput, bool) bool) error {
+ return c.ListTrailsPagesWithContext(aws.BackgroundContext(), input, fn)
+}
-// StopLoggingRequest generates a "aws/request.Request" representing the
-// client's request for the StopLogging operation. The "output" return
+// ListTrailsPagesWithContext same as ListTrailsPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) ListTrailsPagesWithContext(ctx aws.Context, input *ListTrailsInput, fn func(*ListTrailsOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *ListTrailsInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.ListTrailsRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*ListTrailsOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opLookupEvents = "LookupEvents"
+
+// LookupEventsRequest generates a "aws/request.Request" representing the
+// client's request for the LookupEvents operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
-// See StopLogging for more information on using the StopLogging
+// See LookupEvents for more information on using the LookupEvents
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
-// // Example sending a request using the StopLoggingRequest method.
-// req, resp := client.StopLoggingRequest(params)
+// // Example sending a request using the LookupEventsRequest method.
+// req, resp := client.LookupEventsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StopLogging
-func (c *CloudTrail) StopLoggingRequest(input *StopLoggingInput) (req *request.Request, output *StopLoggingOutput) {
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/LookupEvents
+func (c *CloudTrail) LookupEventsRequest(input *LookupEventsInput) (req *request.Request, output *LookupEventsOutput) {
op := &request.Operation{
- Name: opStopLogging,
+ Name: opLookupEvents,
HTTPMethod: "POST",
HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
}
if input == nil {
- input = &StopLoggingInput{}
+ input = &LookupEventsInput{}
}
- output = &StopLoggingOutput{}
+ output = &LookupEventsOutput{}
req = c.newRequest(op, input, output)
- req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
-// StopLogging API operation for AWS CloudTrail.
+// LookupEvents API operation for AWS CloudTrail.
//
-// Suspends the recording of Amazon Web Services API calls and log file delivery
-// for the specified trail. Under most circumstances, there is no need to use
-// this action. You can update a trail without stopping it first. This action
-// is the only way to stop recording. For a trail enabled in all regions, this
-// operation must be called from the region in which the trail was created,
-// or an InvalidHomeRegionException will occur. This operation cannot be called
-// on the shadow trails (replicated trails in other regions) of a trail enabled
-// in all regions.
+// Looks up management events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-concepts.html#cloudtrail-concepts-management-events)
+// or CloudTrail Insights events (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-concepts.html#cloudtrail-concepts-insights-events)
+// that are captured by CloudTrail. You can look up events that occurred in
+// a region within the last 90 days. Lookup supports the following attributes
+// for management events:
+//
+// * Amazon Web Services access key
+//
+// * Event ID
+//
+// * Event name
+//
+// * Event source
+//
+// * Read only
+//
+// * Resource name
+//
+// * Resource type
+//
+// * User name
+//
+// Lookup supports the following attributes for Insights events:
+//
+// * Event ID
+//
+// * Event name
+//
+// * Event source
+//
+// All attributes are optional. The default number of results returned is 50,
+// with a maximum of 50 possible. The response includes a token that you can
+// use to get the next page of results.
+//
+// The rate of lookup requests is limited to two per second, per account, per
+// region. If this limit is exceeded, a throttling error occurs.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS CloudTrail's
-// API operation StopLogging for usage and error information.
+// API operation LookupEvents for usage and error information.
//
// Returned Error Types:
-// * TrailNotFoundException
-// This exception is thrown when the trail with the given name is not found.
-//
-// * InvalidTrailNameException
-// This exception is thrown when the provided trail name is not valid. Trail
-// names must meet the following requirements:
-//
-// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
-// (_), or dashes (-)
-//
-// * Start with a letter or number, and end with a letter or number
+// * InvalidLookupAttributesException
+// Occurs when a lookup attribute is specified that is not valid.
//
-// * Be between 3 and 128 characters
+// * InvalidTimeRangeException
+// Occurs if the timestamp values are not valid. Either the start time occurs
+// after the end time, or the time range is outside the range of possible values.
//
-// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
-// and my--namespace are not valid.
+// * InvalidMaxResultsException
+// This exception is thrown if the limit specified is not valid.
//
-// * Not be in IP address format (for example, 192.168.5.4)
+// * InvalidNextTokenException
+// A token that is not valid, or a token that was previously used in a request
+// with different parameters. This exception is thrown if the token is not valid.
//
-// * InvalidHomeRegionException
-// This exception is thrown when an operation is called on a trail from a region
-// other than the region in which the trail was created.
+// * InvalidEventCategoryException
+// Occurs if an event category that is not valid is specified as a value of
+// EventCategory.
//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
@@ -2310,127 +2644,177 @@ func (c *CloudTrail) StopLoggingRequest(input *StopLoggingInput) (req *request.R
// * OperationNotPermittedException
// This exception is thrown when the requested operation is not permitted.
//
-// * NotOrganizationMasterAccountException
-// This exception is thrown when the Amazon Web Services account making the
-// request to create or update an organization trail is not the management account
-// for an organization in Organizations. For more information, see Prepare For
-// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
-//
-// * InsufficientDependencyServiceAccessPermissionException
-// This exception is thrown when the IAM user or role that is used to create
-// the organization trail is lacking one or more required permissions for creating
-// an organization trail in a required service. For more information, see Prepare
-// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
-//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StopLogging
-func (c *CloudTrail) StopLogging(input *StopLoggingInput) (*StopLoggingOutput, error) {
- req, out := c.StopLoggingRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/LookupEvents
+func (c *CloudTrail) LookupEvents(input *LookupEventsInput) (*LookupEventsOutput, error) {
+ req, out := c.LookupEventsRequest(input)
return out, req.Send()
}
-// StopLoggingWithContext is the same as StopLogging with the addition of
+// LookupEventsWithContext is the same as LookupEvents with the addition of
// the ability to pass a context and additional request options.
//
-// See StopLogging for details on how to use this API operation.
+// See LookupEvents for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) StopLoggingWithContext(ctx aws.Context, input *StopLoggingInput, opts ...request.Option) (*StopLoggingOutput, error) {
- req, out := c.StopLoggingRequest(input)
+func (c *CloudTrail) LookupEventsWithContext(ctx aws.Context, input *LookupEventsInput, opts ...request.Option) (*LookupEventsOutput, error) {
+ req, out := c.LookupEventsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-const opUpdateTrail = "UpdateTrail"
-
-// UpdateTrailRequest generates a "aws/request.Request" representing the
-// client's request for the UpdateTrail operation. The "output" return
-// value will be populated with the request's response once the request completes
-// successfully.
-//
-// Use "Send" method on the returned Request to send the API call to the service.
-// the "output" return value is not valid until after Send returns without error.
-//
-// See UpdateTrail for more information on using the UpdateTrail
-// API call, and error handling.
-//
-// This method is useful when you want to inject custom logic or configuration
-// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+// LookupEventsPages iterates over the pages of a LookupEvents operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
//
+// See LookupEvents method for more information on how to use this operation.
//
-// // Example sending a request using the UpdateTrailRequest method.
-// req, resp := client.UpdateTrailRequest(params)
+// Note: This operation can generate multiple requests to a service.
//
-// err := req.Send()
-// if err == nil { // resp is now filled
-// fmt.Println(resp)
-// }
+// // Example iterating over at most 3 pages of a LookupEvents operation.
+// pageNum := 0
+// err := client.LookupEventsPages(params,
+// func(page *cloudtrail.LookupEventsOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateTrail
-func (c *CloudTrail) UpdateTrailRequest(input *UpdateTrailInput) (req *request.Request, output *UpdateTrailOutput) {
- op := &request.Operation{
- Name: opUpdateTrail,
- HTTPMethod: "POST",
- HTTPPath: "/",
- }
-
- if input == nil {
- input = &UpdateTrailInput{}
- }
-
- output = &UpdateTrailOutput{}
- req = c.newRequest(op, input, output)
- return
+func (c *CloudTrail) LookupEventsPages(input *LookupEventsInput, fn func(*LookupEventsOutput, bool) bool) error {
+ return c.LookupEventsPagesWithContext(aws.BackgroundContext(), input, fn)
}
-// UpdateTrail API operation for AWS CloudTrail.
+// LookupEventsPagesWithContext same as LookupEventsPages except
+// it takes a Context and allows setting request options on the pages.
//
-// Updates trail settings that control what events you are logging, and how
-// to handle log files. Changes to a trail do not require stopping the CloudTrail
-// service. Use this action to designate an existing bucket for log delivery.
-// If the existing bucket has previously been a target for CloudTrail log files,
-// an IAM policy exists for the bucket. UpdateTrail must be called from the
-// region in which the trail was created; otherwise, an InvalidHomeRegionException
-// is thrown.
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) LookupEventsPagesWithContext(ctx aws.Context, input *LookupEventsInput, fn func(*LookupEventsOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *LookupEventsInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.LookupEventsRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*LookupEventsOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opPutEventSelectors = "PutEventSelectors"
+
+// PutEventSelectorsRequest generates a "aws/request.Request" representing the
+// client's request for the PutEventSelectors operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
//
-// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
-// with awserr.Error's Code and Message methods to get detailed information about
-// the error.
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
//
-// See the AWS API reference guide for AWS CloudTrail's
-// API operation UpdateTrail for usage and error information.
+// See PutEventSelectors for more information on using the PutEventSelectors
+// API call, and error handling.
//
-// Returned Error Types:
-// * S3BucketDoesNotExistException
-// This exception is thrown when the specified S3 bucket does not exist.
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
-// * InsufficientS3BucketPolicyException
-// This exception is thrown when the policy on the S3 bucket is not sufficient.
//
-// * InsufficientSnsTopicPolicyException
-// This exception is thrown when the policy on the Amazon SNS topic is not sufficient.
+// // Example sending a request using the PutEventSelectorsRequest method.
+// req, resp := client.PutEventSelectorsRequest(params)
//
-// * InsufficientEncryptionPolicyException
-// This exception is thrown when the policy on the S3 bucket or KMS key is not
-// sufficient.
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
//
-// * TrailNotFoundException
-// This exception is thrown when the trail with the given name is not found.
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutEventSelectors
+func (c *CloudTrail) PutEventSelectorsRequest(input *PutEventSelectorsInput) (req *request.Request, output *PutEventSelectorsOutput) {
+ op := &request.Operation{
+ Name: opPutEventSelectors,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &PutEventSelectorsInput{}
+ }
+
+ output = &PutEventSelectorsOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// PutEventSelectors API operation for AWS CloudTrail.
//
-// * InvalidS3BucketNameException
-// This exception is thrown when the provided S3 bucket name is not valid.
+// Configures an event selector or advanced event selectors for your trail.
+// Use event selectors or advanced event selectors to specify management and
+// data event settings for your trail. By default, trails created without specific
+// event selectors are configured to log all read and write management events,
+// and no data events.
//
-// * InvalidS3PrefixException
-// This exception is thrown when the provided S3 prefix is not valid.
+// When an event occurs in your account, CloudTrail evaluates the event selectors
+// or advanced event selectors in all trails. For each trail, if the event matches
+// any event selector, the trail processes and logs the event. If the event
+// doesn't match any event selector, the trail doesn't log the event.
//
-// * InvalidSnsTopicNameException
-// This exception is thrown when the provided SNS topic name is not valid.
+// Example
//
-// * InvalidKmsKeyIdException
-// This exception is thrown when the KMS key ARN is not valid.
+// You create an event selector for a trail and specify that you want write-only
+// events.
+//
+// The EC2 GetConsoleOutput and RunInstances API operations occur in your account.
+//
+// CloudTrail evaluates whether the events match your event selectors.
+//
+// The RunInstances is a write-only event and it matches your event selector.
+// The trail logs the event.
+//
+// The GetConsoleOutput is a read-only event that doesn't match your event selector.
+// The trail doesn't log the event.
+//
+// The PutEventSelectors operation must be called from the region in which the
+// trail was created; otherwise, an InvalidHomeRegionException exception is
+// thrown.
+//
+// You can configure up to five event selectors for each trail. For more information,
+// see Logging data and management events for trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html)
+// and Quotas in CloudTrail (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html)
+// in the CloudTrail User Guide.
+//
+// You can add advanced event selectors, and conditions for your advanced event
+// selectors, up to a maximum of 500 values for all conditions and selectors
+// on a trail. You can use either AdvancedEventSelectors or EventSelectors,
+// but not both. If you apply AdvancedEventSelectors to a trail, any existing
+// EventSelectors are overwritten. For more information about advanced event
+// selectors, see Logging data events for trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html)
+// in the CloudTrail User Guide.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation PutEventSelectors for usage and error information.
+//
+// Returned Error Types:
+// * TrailNotFoundException
+// This exception is thrown when the trail with the given name is not found.
//
// * InvalidTrailNameException
// This exception is thrown when the provided trail name is not valid. Trail
@@ -2448,8 +2832,9 @@ func (c *CloudTrail) UpdateTrailRequest(input *UpdateTrailInput) (req *request.R
//
// * Not be in IP address format (for example, 192.168.5.4)
//
-// * TrailNotProvidedException
-// This exception is no longer in use.
+// * InvalidHomeRegionException
+// This exception is thrown when an operation is called on a trail from a region
+// other than the region in which the trail was created.
//
// * InvalidEventSelectorsException
// This exception is thrown when the PutEventSelectors operation is called with
@@ -2477,141 +2862,1937 @@ func (c *CloudTrail) UpdateTrailRequest(input *UpdateTrailInput) (req *request.R
// * Specify a valid value for a parameter. For example, specifying the ReadWriteType
// parameter with a value of read-only is not valid.
//
-// * InvalidParameterCombinationException
-// This exception is thrown when the combination of parameters provided is not
-// valid.
-//
-// * InvalidHomeRegionException
-// This exception is thrown when an operation is called on a trail from a region
-// other than the region in which the trail was created.
-//
-// * KmsKeyNotFoundException
-// This exception is thrown when the KMS key does not exist, when the S3 bucket
-// and the KMS key are not in the same region, or when the KMS key associated
-// with the Amazon SNS topic either does not exist or is not in the same region.
-//
-// * KmsKeyDisabledException
-// This exception is no longer in use.
-//
-// * KmsException
-// This exception is thrown when there is an issue with the specified KMS key
-// and the trail can’t be updated.
-//
-// * InvalidCloudWatchLogsLogGroupArnException
-// This exception is thrown when the provided CloudWatch Logs log group is not
-// valid.
-//
-// * InvalidCloudWatchLogsRoleArnException
-// This exception is thrown when the provided role is not valid.
-//
-// * CloudWatchLogsDeliveryUnavailableException
-// Cannot set a CloudWatch Logs delivery for this region.
-//
// * UnsupportedOperationException
// This exception is thrown when the requested operation is not supported.
//
// * OperationNotPermittedException
// This exception is thrown when the requested operation is not permitted.
//
-// * AccessNotEnabledException
-// This exception is thrown when trusted access has not been enabled between
-// CloudTrail and Organizations. For more information, see Enabling Trusted
-// Access with Other Amazon Web Services Services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
-// and Prepare For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
-//
-// * InsufficientDependencyServiceAccessPermissionException
-// This exception is thrown when the IAM user or role that is used to create
-// the organization trail is lacking one or more required permissions for creating
-// an organization trail in a required service. For more information, see Prepare
-// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
-//
-// * OrganizationsNotInUseException
-// This exception is thrown when the request is made from an Amazon Web Services
-// account that is not a member of an organization. To make this request, sign
-// in using the credentials of an account that belongs to an organization.
-//
// * NotOrganizationMasterAccountException
// This exception is thrown when the Amazon Web Services account making the
// request to create or update an organization trail is not the management account
// for an organization in Organizations. For more information, see Prepare For
// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
//
-// * OrganizationNotInAllFeaturesModeException
-// This exception is thrown when Organizations is not configured to support
-// all features. All features must be enabled in Organizations to support creating
-// an organization trail. For more information, see Prepare For Creating a Trail
-// For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
-//
-// * CloudTrailInvalidClientTokenIdException
-// This exception is thrown when a call results in the InvalidClientTokenId
-// error code. This can occur when you are creating or updating a trail to send
-// notifications to an Amazon SNS topic that is in a suspended Amazon Web Services
-// account.
+// * InsufficientDependencyServiceAccessPermissionException
+// This exception is thrown when the IAM user or role that is used to create
+// the organization trail is lacking one or more required permissions for creating
+// an organization trail in a required service. For more information, see Prepare
+// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
//
-// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateTrail
-func (c *CloudTrail) UpdateTrail(input *UpdateTrailInput) (*UpdateTrailOutput, error) {
- req, out := c.UpdateTrailRequest(input)
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutEventSelectors
+func (c *CloudTrail) PutEventSelectors(input *PutEventSelectorsInput) (*PutEventSelectorsOutput, error) {
+ req, out := c.PutEventSelectorsRequest(input)
return out, req.Send()
}
-// UpdateTrailWithContext is the same as UpdateTrail with the addition of
+// PutEventSelectorsWithContext is the same as PutEventSelectors with the addition of
// the ability to pass a context and additional request options.
//
-// See UpdateTrail for details on how to use this API operation.
+// See PutEventSelectors for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
-func (c *CloudTrail) UpdateTrailWithContext(ctx aws.Context, input *UpdateTrailInput, opts ...request.Option) (*UpdateTrailOutput, error) {
- req, out := c.UpdateTrailRequest(input)
+func (c *CloudTrail) PutEventSelectorsWithContext(ctx aws.Context, input *PutEventSelectorsInput, opts ...request.Option) (*PutEventSelectorsOutput, error) {
+ req, out := c.PutEventSelectorsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
-// This exception is thrown when an operation is called with a trail ARN that
-// is not valid. The following is the format of a trail ARN.
-//
-// arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
-type ARNInvalidException struct {
- _ struct{} `type:"structure"`
- RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
-
- Message_ *string `locationName:"message" type:"string"`
-}
-
-// String returns the string representation.
-//
-// API parameter values that are decorated as "sensitive" in the API will not
-// be included in the string output. The member name will be present, but the
-// value will be replaced with "sensitive".
-func (s ARNInvalidException) String() string {
- return awsutil.Prettify(s)
-}
+const opPutInsightSelectors = "PutInsightSelectors"
-// GoString returns the string representation.
+// PutInsightSelectorsRequest generates a "aws/request.Request" representing the
+// client's request for the PutInsightSelectors operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See PutInsightSelectors for more information on using the PutInsightSelectors
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the PutInsightSelectorsRequest method.
+// req, resp := client.PutInsightSelectorsRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectors
+func (c *CloudTrail) PutInsightSelectorsRequest(input *PutInsightSelectorsInput) (req *request.Request, output *PutInsightSelectorsOutput) {
+ op := &request.Operation{
+ Name: opPutInsightSelectors,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &PutInsightSelectorsInput{}
+ }
+
+ output = &PutInsightSelectorsOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// PutInsightSelectors API operation for AWS CloudTrail.
+//
+// Lets you enable Insights event logging by specifying the Insights selectors
+// that you want to enable on an existing trail. You also use PutInsightSelectors
+// to turn off Insights event logging, by passing an empty list of insight types.
+// The valid Insights event types in this release are ApiErrorRateInsight and
+// ApiCallRateInsight.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation PutInsightSelectors for usage and error information.
+//
+// Returned Error Types:
+// * TrailNotFoundException
+// This exception is thrown when the trail with the given name is not found.
+//
+// * InvalidTrailNameException
+// This exception is thrown when the provided trail name is not valid. Trail
+// names must meet the following requirements:
+//
+// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
+// (_), or dashes (-)
+//
+// * Start with a letter or number, and end with a letter or number
+//
+// * Be between 3 and 128 characters
+//
+// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
+// and my--namespace are not valid.
+//
+// * Not be in IP address format (for example, 192.168.5.4)
+//
+// * InvalidHomeRegionException
+// This exception is thrown when an operation is called on a trail from a region
+// other than the region in which the trail was created.
+//
+// * InvalidInsightSelectorsException
+// The formatting or syntax of the InsightSelectors JSON statement in your PutInsightSelectors
+// or GetInsightSelectors request is not valid, or the specified insight type
+// in the InsightSelectors statement is not a valid insight type.
+//
+// * InsufficientS3BucketPolicyException
+// This exception is thrown when the policy on the S3 bucket is not sufficient.
+//
+// * InsufficientEncryptionPolicyException
+// This exception is thrown when the policy on the S3 bucket or KMS key is not
+// sufficient.
+//
+// * S3BucketDoesNotExistException
+// This exception is thrown when the specified S3 bucket does not exist.
+//
+// * KmsException
+// This exception is thrown when there is an issue with the specified KMS key
+// and the trail can’t be updated.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * NotOrganizationMasterAccountException
+// This exception is thrown when the Amazon Web Services account making the
+// request to create or update an organization trail is not the management account
+// for an organization in Organizations. For more information, see Prepare For
+// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/PutInsightSelectors
+func (c *CloudTrail) PutInsightSelectors(input *PutInsightSelectorsInput) (*PutInsightSelectorsOutput, error) {
+ req, out := c.PutInsightSelectorsRequest(input)
+ return out, req.Send()
+}
+
+// PutInsightSelectorsWithContext is the same as PutInsightSelectors with the addition of
+// the ability to pass a context and additional request options.
+//
+// See PutInsightSelectors for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) PutInsightSelectorsWithContext(ctx aws.Context, input *PutInsightSelectorsInput, opts ...request.Option) (*PutInsightSelectorsOutput, error) {
+ req, out := c.PutInsightSelectorsRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opRemoveTags = "RemoveTags"
+
+// RemoveTagsRequest generates a "aws/request.Request" representing the
+// client's request for the RemoveTags operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See RemoveTags for more information on using the RemoveTags
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the RemoveTagsRequest method.
+// req, resp := client.RemoveTagsRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RemoveTags
+func (c *CloudTrail) RemoveTagsRequest(input *RemoveTagsInput) (req *request.Request, output *RemoveTagsOutput) {
+ op := &request.Operation{
+ Name: opRemoveTags,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &RemoveTagsInput{}
+ }
+
+ output = &RemoveTagsOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// RemoveTags API operation for AWS CloudTrail.
+//
+// Removes the specified tags from a trail.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation RemoveTags for usage and error information.
+//
+// Returned Error Types:
+// * ResourceNotFoundException
+// This exception is thrown when the specified resource is not found.
+//
+// * ARNInvalidException
+// This exception is thrown when an operation is called with a trail ARN that
+// is not valid. The following is the format of a trail ARN.
+//
+// arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
+//
+// * ResourceTypeNotSupportedException
+// This exception is thrown when the specified resource type is not supported
+// by CloudTrail.
+//
+// * InvalidTrailNameException
+// This exception is thrown when the provided trail name is not valid. Trail
+// names must meet the following requirements:
+//
+// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
+// (_), or dashes (-)
+//
+// * Start with a letter or number, and end with a letter or number
+//
+// * Be between 3 and 128 characters
+//
+// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
+// and my--namespace are not valid.
+//
+// * Not be in IP address format (for example, 192.168.5.4)
+//
+// * InvalidTagParameterException
+// This exception is thrown when the specified tag key or values are not valid.
+// It can also occur if there are duplicate tags or too many tags on the resource.
+//
+// * InactiveEventDataStoreException
+// The event data store against which you ran your query is inactive.
+//
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * NotOrganizationMasterAccountException
+// This exception is thrown when the Amazon Web Services account making the
+// request to create or update an organization trail is not the management account
+// for an organization in Organizations. For more information, see Prepare For
+// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RemoveTags
+func (c *CloudTrail) RemoveTags(input *RemoveTagsInput) (*RemoveTagsOutput, error) {
+ req, out := c.RemoveTagsRequest(input)
+ return out, req.Send()
+}
+
+// RemoveTagsWithContext is the same as RemoveTags with the addition of
+// the ability to pass a context and additional request options.
+//
+// See RemoveTags for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) RemoveTagsWithContext(ctx aws.Context, input *RemoveTagsInput, opts ...request.Option) (*RemoveTagsOutput, error) {
+ req, out := c.RemoveTagsRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opRestoreEventDataStore = "RestoreEventDataStore"
+
+// RestoreEventDataStoreRequest generates a "aws/request.Request" representing the
+// client's request for the RestoreEventDataStore operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See RestoreEventDataStore for more information on using the RestoreEventDataStore
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the RestoreEventDataStoreRequest method.
+// req, resp := client.RestoreEventDataStoreRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RestoreEventDataStore
+func (c *CloudTrail) RestoreEventDataStoreRequest(input *RestoreEventDataStoreInput) (req *request.Request, output *RestoreEventDataStoreOutput) {
+ op := &request.Operation{
+ Name: opRestoreEventDataStore,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &RestoreEventDataStoreInput{}
+ }
+
+ output = &RestoreEventDataStoreOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// RestoreEventDataStore API operation for AWS CloudTrail.
+//
+// Restores a deleted event data store specified by EventDataStore, which accepts
+// an event data store ARN. You can only restore a deleted event data store
+// within the seven-day wait period after deletion. Restoring an event data
+// store can take several minutes, depending on the size of the event data store.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation RestoreEventDataStore for usage and error information.
+//
+// Returned Error Types:
+// * EventDataStoreARNInvalidException
+// The specified event data store ARN is not valid or does not map to an event
+// data store in your account.
+//
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
+//
+// * EventDataStoreMaxLimitExceededException
+// Your account has used the maximum number of event data stores.
+//
+// * InvalidEventDataStoreStatusException
+// The event data store is not in a status that supports the operation.
+//
+// * InvalidParameterException
+// The request includes a parameter that is not valid.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * AccessNotEnabledException
+// This exception is thrown when trusted access has not been enabled between
+// CloudTrail and Organizations. For more information, see Enabling Trusted
+// Access with Other Amazon Web Services Services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
+// and Prepare For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * InsufficientDependencyServiceAccessPermissionException
+// This exception is thrown when the IAM user or role that is used to create
+// the organization trail is lacking one or more required permissions for creating
+// an organization trail in a required service. For more information, see Prepare
+// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * OrganizationsNotInUseException
+// This exception is thrown when the request is made from an Amazon Web Services
+// account that is not a member of an organization. To make this request, sign
+// in using the credentials of an account that belongs to an organization.
+//
+// * NotOrganizationMasterAccountException
+// This exception is thrown when the Amazon Web Services account making the
+// request to create or update an organization trail is not the management account
+// for an organization in Organizations. For more information, see Prepare For
+// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * OrganizationNotInAllFeaturesModeException
+// This exception is thrown when Organizations is not configured to support
+// all features. All features must be enabled in Organizations to support creating
+// an organization trail. For more information, see Prepare For Creating a Trail
+// For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/RestoreEventDataStore
+func (c *CloudTrail) RestoreEventDataStore(input *RestoreEventDataStoreInput) (*RestoreEventDataStoreOutput, error) {
+ req, out := c.RestoreEventDataStoreRequest(input)
+ return out, req.Send()
+}
+
+// RestoreEventDataStoreWithContext is the same as RestoreEventDataStore with the addition of
+// the ability to pass a context and additional request options.
+//
+// See RestoreEventDataStore for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) RestoreEventDataStoreWithContext(ctx aws.Context, input *RestoreEventDataStoreInput, opts ...request.Option) (*RestoreEventDataStoreOutput, error) {
+ req, out := c.RestoreEventDataStoreRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opStartLogging = "StartLogging"
+
+// StartLoggingRequest generates a "aws/request.Request" representing the
+// client's request for the StartLogging operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See StartLogging for more information on using the StartLogging
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the StartLoggingRequest method.
+// req, resp := client.StartLoggingRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartLogging
+func (c *CloudTrail) StartLoggingRequest(input *StartLoggingInput) (req *request.Request, output *StartLoggingOutput) {
+ op := &request.Operation{
+ Name: opStartLogging,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &StartLoggingInput{}
+ }
+
+ output = &StartLoggingOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// StartLogging API operation for AWS CloudTrail.
+//
+// Starts the recording of Amazon Web Services API calls and log file delivery
+// for a trail. For a trail that is enabled in all regions, this operation must
+// be called from the region in which the trail was created. This operation
+// cannot be called on the shadow trails (replicated trails in other regions)
+// of a trail that is enabled in all regions.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation StartLogging for usage and error information.
+//
+// Returned Error Types:
+// * TrailNotFoundException
+// This exception is thrown when the trail with the given name is not found.
+//
+// * InvalidTrailNameException
+// This exception is thrown when the provided trail name is not valid. Trail
+// names must meet the following requirements:
+//
+// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
+// (_), or dashes (-)
+//
+// * Start with a letter or number, and end with a letter or number
+//
+// * Be between 3 and 128 characters
+//
+// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
+// and my--namespace are not valid.
+//
+// * Not be in IP address format (for example, 192.168.5.4)
+//
+// * InvalidHomeRegionException
+// This exception is thrown when an operation is called on a trail from a region
+// other than the region in which the trail was created.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * NotOrganizationMasterAccountException
+// This exception is thrown when the Amazon Web Services account making the
+// request to create or update an organization trail is not the management account
+// for an organization in Organizations. For more information, see Prepare For
+// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * InsufficientDependencyServiceAccessPermissionException
+// This exception is thrown when the IAM user or role that is used to create
+// the organization trail is lacking one or more required permissions for creating
+// an organization trail in a required service. For more information, see Prepare
+// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartLogging
+func (c *CloudTrail) StartLogging(input *StartLoggingInput) (*StartLoggingOutput, error) {
+ req, out := c.StartLoggingRequest(input)
+ return out, req.Send()
+}
+
+// StartLoggingWithContext is the same as StartLogging with the addition of
+// the ability to pass a context and additional request options.
+//
+// See StartLogging for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) StartLoggingWithContext(ctx aws.Context, input *StartLoggingInput, opts ...request.Option) (*StartLoggingOutput, error) {
+ req, out := c.StartLoggingRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opStartQuery = "StartQuery"
+
+// StartQueryRequest generates a "aws/request.Request" representing the
+// client's request for the StartQuery operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See StartQuery for more information on using the StartQuery
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the StartQueryRequest method.
+// req, resp := client.StartQueryRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartQuery
+func (c *CloudTrail) StartQueryRequest(input *StartQueryInput) (req *request.Request, output *StartQueryOutput) {
+ op := &request.Operation{
+ Name: opStartQuery,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &StartQueryInput{}
+ }
+
+ output = &StartQueryOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// StartQuery API operation for AWS CloudTrail.
+//
+// Starts a CloudTrail Lake query. The required QueryStatement parameter provides
+// your SQL query, enclosed in single quotation marks.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation StartQuery for usage and error information.
+//
+// Returned Error Types:
+// * EventDataStoreARNInvalidException
+// The specified event data store ARN is not valid or does not map to an event
+// data store in your account.
+//
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
+//
+// * InactiveEventDataStoreException
+// The event data store against which you ran your query is inactive.
+//
+// * InvalidParameterException
+// The request includes a parameter that is not valid.
+//
+// * InvalidQueryStatementException
+// The query that was submitted has validation errors, or uses incorrect syntax
+// or unsupported keywords. For more information about writing a query, see
+// Create or edit a query (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html)
+// in the CloudTrail User Guide.
+//
+// * MaxConcurrentQueriesException
+// You are already running the maximum number of concurrent queries. Wait a
+// minute for some queries to finish, and then run the query again.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StartQuery
+func (c *CloudTrail) StartQuery(input *StartQueryInput) (*StartQueryOutput, error) {
+ req, out := c.StartQueryRequest(input)
+ return out, req.Send()
+}
+
+// StartQueryWithContext is the same as StartQuery with the addition of
+// the ability to pass a context and additional request options.
+//
+// See StartQuery for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) StartQueryWithContext(ctx aws.Context, input *StartQueryInput, opts ...request.Option) (*StartQueryOutput, error) {
+ req, out := c.StartQueryRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opStopLogging = "StopLogging"
+
+// StopLoggingRequest generates a "aws/request.Request" representing the
+// client's request for the StopLogging operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See StopLogging for more information on using the StopLogging
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the StopLoggingRequest method.
+// req, resp := client.StopLoggingRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StopLogging
+func (c *CloudTrail) StopLoggingRequest(input *StopLoggingInput) (req *request.Request, output *StopLoggingOutput) {
+ op := &request.Operation{
+ Name: opStopLogging,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &StopLoggingInput{}
+ }
+
+ output = &StopLoggingOutput{}
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
+ return
+}
+
+// StopLogging API operation for AWS CloudTrail.
+//
+// Suspends the recording of Amazon Web Services API calls and log file delivery
+// for the specified trail. Under most circumstances, there is no need to use
+// this action. You can update a trail without stopping it first. This action
+// is the only way to stop recording. For a trail enabled in all regions, this
+// operation must be called from the region in which the trail was created,
+// or an InvalidHomeRegionException will occur. This operation cannot be called
+// on the shadow trails (replicated trails in other regions) of a trail enabled
+// in all regions.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation StopLogging for usage and error information.
+//
+// Returned Error Types:
+// * TrailNotFoundException
+// This exception is thrown when the trail with the given name is not found.
+//
+// * InvalidTrailNameException
+// This exception is thrown when the provided trail name is not valid. Trail
+// names must meet the following requirements:
+//
+// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
+// (_), or dashes (-)
+//
+// * Start with a letter or number, and end with a letter or number
+//
+// * Be between 3 and 128 characters
+//
+// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
+// and my--namespace are not valid.
+//
+// * Not be in IP address format (for example, 192.168.5.4)
+//
+// * InvalidHomeRegionException
+// This exception is thrown when an operation is called on a trail from a region
+// other than the region in which the trail was created.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * NotOrganizationMasterAccountException
+// This exception is thrown when the Amazon Web Services account making the
+// request to create or update an organization trail is not the management account
+// for an organization in Organizations. For more information, see Prepare For
+// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * InsufficientDependencyServiceAccessPermissionException
+// This exception is thrown when the IAM user or role that is used to create
+// the organization trail is lacking one or more required permissions for creating
+// an organization trail in a required service. For more information, see Prepare
+// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/StopLogging
+func (c *CloudTrail) StopLogging(input *StopLoggingInput) (*StopLoggingOutput, error) {
+ req, out := c.StopLoggingRequest(input)
+ return out, req.Send()
+}
+
+// StopLoggingWithContext is the same as StopLogging with the addition of
+// the ability to pass a context and additional request options.
+//
+// See StopLogging for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) StopLoggingWithContext(ctx aws.Context, input *StopLoggingInput, opts ...request.Option) (*StopLoggingOutput, error) {
+ req, out := c.StopLoggingRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opUpdateEventDataStore = "UpdateEventDataStore"
+
+// UpdateEventDataStoreRequest generates a "aws/request.Request" representing the
+// client's request for the UpdateEventDataStore operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See UpdateEventDataStore for more information on using the UpdateEventDataStore
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the UpdateEventDataStoreRequest method.
+// req, resp := client.UpdateEventDataStoreRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateEventDataStore
+func (c *CloudTrail) UpdateEventDataStoreRequest(input *UpdateEventDataStoreInput) (req *request.Request, output *UpdateEventDataStoreOutput) {
+ op := &request.Operation{
+ Name: opUpdateEventDataStore,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &UpdateEventDataStoreInput{}
+ }
+
+ output = &UpdateEventDataStoreOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// UpdateEventDataStore API operation for AWS CloudTrail.
+//
+// Updates an event data store. The required EventDataStore value is an ARN
+// or the ID portion of the ARN. Other parameters are optional, but at least
+// one optional parameter must be specified, or CloudTrail throws an error.
+// RetentionPeriod is in days, and valid values are integers between 90 and
+// 2555. By default, TerminationProtection is enabled. AdvancedEventSelectors
+// includes or excludes management and data events in your event data store;
+// for more information about AdvancedEventSelectors, see PutEventSelectorsRequest$AdvancedEventSelectors.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation UpdateEventDataStore for usage and error information.
+//
+// Returned Error Types:
+// * EventDataStoreARNInvalidException
+// The specified event data store ARN is not valid or does not map to an event
+// data store in your account.
+//
+// * EventDataStoreNotFoundException
+// The specified event data store was not found.
+//
+// * InactiveEventDataStoreException
+// The event data store against which you ran your query is inactive.
+//
+// * InvalidParameterException
+// The request includes a parameter that is not valid.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * AccessNotEnabledException
+// This exception is thrown when trusted access has not been enabled between
+// CloudTrail and Organizations. For more information, see Enabling Trusted
+// Access with Other Amazon Web Services Services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
+// and Prepare For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * InsufficientDependencyServiceAccessPermissionException
+// This exception is thrown when the IAM user or role that is used to create
+// the organization trail is lacking one or more required permissions for creating
+// an organization trail in a required service. For more information, see Prepare
+// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * OrganizationsNotInUseException
+// This exception is thrown when the request is made from an Amazon Web Services
+// account that is not a member of an organization. To make this request, sign
+// in using the credentials of an account that belongs to an organization.
+//
+// * NotOrganizationMasterAccountException
+// This exception is thrown when the Amazon Web Services account making the
+// request to create or update an organization trail is not the management account
+// for an organization in Organizations. For more information, see Prepare For
+// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * OrganizationNotInAllFeaturesModeException
+// This exception is thrown when Organizations is not configured to support
+// all features. All features must be enabled in Organizations to support creating
+// an organization trail. For more information, see Prepare For Creating a Trail
+// For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateEventDataStore
+func (c *CloudTrail) UpdateEventDataStore(input *UpdateEventDataStoreInput) (*UpdateEventDataStoreOutput, error) {
+ req, out := c.UpdateEventDataStoreRequest(input)
+ return out, req.Send()
+}
+
+// UpdateEventDataStoreWithContext is the same as UpdateEventDataStore with the addition of
+// the ability to pass a context and additional request options.
+//
+// See UpdateEventDataStore for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) UpdateEventDataStoreWithContext(ctx aws.Context, input *UpdateEventDataStoreInput, opts ...request.Option) (*UpdateEventDataStoreOutput, error) {
+ req, out := c.UpdateEventDataStoreRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opUpdateTrail = "UpdateTrail"
+
+// UpdateTrailRequest generates a "aws/request.Request" representing the
+// client's request for the UpdateTrail operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See UpdateTrail for more information on using the UpdateTrail
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the UpdateTrailRequest method.
+// req, resp := client.UpdateTrailRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateTrail
+func (c *CloudTrail) UpdateTrailRequest(input *UpdateTrailInput) (req *request.Request, output *UpdateTrailOutput) {
+ op := &request.Operation{
+ Name: opUpdateTrail,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &UpdateTrailInput{}
+ }
+
+ output = &UpdateTrailOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// UpdateTrail API operation for AWS CloudTrail.
+//
+// Updates trail settings that control what events you are logging, and how
+// to handle log files. Changes to a trail do not require stopping the CloudTrail
+// service. Use this action to designate an existing bucket for log delivery.
+// If the existing bucket has previously been a target for CloudTrail log files,
+// an IAM policy exists for the bucket. UpdateTrail must be called from the
+// region in which the trail was created; otherwise, an InvalidHomeRegionException
+// is thrown.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS CloudTrail's
+// API operation UpdateTrail for usage and error information.
+//
+// Returned Error Types:
+// * S3BucketDoesNotExistException
+// This exception is thrown when the specified S3 bucket does not exist.
+//
+// * InsufficientS3BucketPolicyException
+// This exception is thrown when the policy on the S3 bucket is not sufficient.
+//
+// * InsufficientSnsTopicPolicyException
+// This exception is thrown when the policy on the Amazon SNS topic is not sufficient.
+//
+// * InsufficientEncryptionPolicyException
+// This exception is thrown when the policy on the S3 bucket or KMS key is not
+// sufficient.
+//
+// * TrailNotFoundException
+// This exception is thrown when the trail with the given name is not found.
+//
+// * InvalidS3BucketNameException
+// This exception is thrown when the provided S3 bucket name is not valid.
+//
+// * InvalidS3PrefixException
+// This exception is thrown when the provided S3 prefix is not valid.
+//
+// * InvalidSnsTopicNameException
+// This exception is thrown when the provided SNS topic name is not valid.
+//
+// * InvalidKmsKeyIdException
+// This exception is thrown when the KMS key ARN is not valid.
+//
+// * InvalidTrailNameException
+// This exception is thrown when the provided trail name is not valid. Trail
+// names must meet the following requirements:
+//
+// * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
+// (_), or dashes (-)
+//
+// * Start with a letter or number, and end with a letter or number
+//
+// * Be between 3 and 128 characters
+//
+// * Have no adjacent periods, underscores or dashes. Names like my-_namespace
+// and my--namespace are not valid.
+//
+// * Not be in IP address format (for example, 192.168.5.4)
+//
+// * TrailNotProvidedException
+// This exception is no longer in use.
+//
+// * InvalidEventSelectorsException
+// This exception is thrown when the PutEventSelectors operation is called with
+// a number of event selectors, advanced event selectors, or data resources
+// that is not valid. The combination of event selectors or advanced event selectors
+// and data resources is not valid. A trail can have up to 5 event selectors.
+// If a trail uses advanced event selectors, a maximum of 500 total values for
+// all conditions in all advanced event selectors is allowed. A trail is limited
+// to 250 data resources. These data resources can be distributed across event
+// selectors, but the overall total cannot exceed 250.
+//
+// You can:
+//
+// * Specify a valid number of event selectors (1 to 5) for a trail.
+//
+// * Specify a valid number of data resources (1 to 250) for an event selector.
+// The limit of number of resources on an individual event selector is configurable
+// up to 250. However, this upper limit is allowed only if the total number
+// of data resources does not exceed 250 across all event selectors for a
+// trail.
+//
+// * Specify up to 500 values for all conditions in all advanced event selectors
+// for a trail.
+//
+// * Specify a valid value for a parameter. For example, specifying the ReadWriteType
+// parameter with a value of read-only is not valid.
+//
+// * InvalidParameterCombinationException
+// This exception is thrown when the combination of parameters provided is not
+// valid.
+//
+// * InvalidHomeRegionException
+// This exception is thrown when an operation is called on a trail from a region
+// other than the region in which the trail was created.
+//
+// * KmsKeyNotFoundException
+// This exception is thrown when the KMS key does not exist, when the S3 bucket
+// and the KMS key are not in the same region, or when the KMS key associated
+// with the Amazon SNS topic either does not exist or is not in the same region.
+//
+// * KmsKeyDisabledException
+// This exception is no longer in use.
+//
+// * KmsException
+// This exception is thrown when there is an issue with the specified KMS key
+// and the trail can’t be updated.
+//
+// * InvalidCloudWatchLogsLogGroupArnException
+// This exception is thrown when the provided CloudWatch Logs log group is not
+// valid.
+//
+// * InvalidCloudWatchLogsRoleArnException
+// This exception is thrown when the provided role is not valid.
+//
+// * CloudWatchLogsDeliveryUnavailableException
+// Cannot set a CloudWatch Logs delivery for this region.
+//
+// * UnsupportedOperationException
+// This exception is thrown when the requested operation is not supported.
+//
+// * OperationNotPermittedException
+// This exception is thrown when the requested operation is not permitted.
+//
+// * AccessNotEnabledException
+// This exception is thrown when trusted access has not been enabled between
+// CloudTrail and Organizations. For more information, see Enabling Trusted
+// Access with Other Amazon Web Services Services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
+// and Prepare For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * InsufficientDependencyServiceAccessPermissionException
+// This exception is thrown when the IAM user or role that is used to create
+// the organization trail is lacking one or more required permissions for creating
+// an organization trail in a required service. For more information, see Prepare
+// For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * OrganizationsNotInUseException
+// This exception is thrown when the request is made from an Amazon Web Services
+// account that is not a member of an organization. To make this request, sign
+// in using the credentials of an account that belongs to an organization.
+//
+// * NotOrganizationMasterAccountException
+// This exception is thrown when the Amazon Web Services account making the
+// request to create or update an organization trail is not the management account
+// for an organization in Organizations. For more information, see Prepare For
+// Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * OrganizationNotInAllFeaturesModeException
+// This exception is thrown when Organizations is not configured to support
+// all features. All features must be enabled in Organizations to support creating
+// an organization trail. For more information, see Prepare For Creating a Trail
+// For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+//
+// * CloudTrailInvalidClientTokenIdException
+// This exception is thrown when a call results in the InvalidClientTokenId
+// error code. This can occur when you are creating or updating a trail to send
+// notifications to an Amazon SNS topic that is in a suspended Amazon Web Services
+// account.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/UpdateTrail
+func (c *CloudTrail) UpdateTrail(input *UpdateTrailInput) (*UpdateTrailOutput, error) {
+ req, out := c.UpdateTrailRequest(input)
+ return out, req.Send()
+}
+
+// UpdateTrailWithContext is the same as UpdateTrail with the addition of
+// the ability to pass a context and additional request options.
+//
+// See UpdateTrail for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *CloudTrail) UpdateTrailWithContext(ctx aws.Context, input *UpdateTrailInput, opts ...request.Option) (*UpdateTrailOutput, error) {
+ req, out := c.UpdateTrailRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// This exception is thrown when an operation is called with a trail ARN that
+// is not valid. The following is the format of a trail ARN.
+//
+// arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
+type ARNInvalidException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ARNInvalidException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ARNInvalidException) GoString() string {
+ return s.String()
+}
+
+func newErrorARNInvalidException(v protocol.ResponseMetadata) error {
+ return &ARNInvalidException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ARNInvalidException) Code() string {
+ return "CloudTrailARNInvalidException"
+}
+
+// Message returns the exception's message.
+func (s *ARNInvalidException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ARNInvalidException) OrigErr() error {
+ return nil
+}
+
+func (s *ARNInvalidException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ARNInvalidException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ARNInvalidException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// This exception is thrown when trusted access has not been enabled between
+// CloudTrail and Organizations. For more information, see Enabling Trusted
+// Access with Other Amazon Web Services Services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
+// and Prepare For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
+type AccessNotEnabledException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AccessNotEnabledException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AccessNotEnabledException) GoString() string {
+ return s.String()
+}
+
+func newErrorAccessNotEnabledException(v protocol.ResponseMetadata) error {
+ return &AccessNotEnabledException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *AccessNotEnabledException) Code() string {
+ return "CloudTrailAccessNotEnabledException"
+}
+
+// Message returns the exception's message.
+func (s *AccessNotEnabledException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *AccessNotEnabledException) OrigErr() error {
+ return nil
+}
+
+func (s *AccessNotEnabledException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *AccessNotEnabledException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *AccessNotEnabledException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// Specifies the tags to add to a trail.
+type AddTagsInput struct {
+ _ struct{} `type:"structure"`
+
+ // Specifies the ARN of the trail to which one or more tags will be added. The
+ // format of a trail ARN is:
+ //
+ // arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
+ //
+ // ResourceId is a required field
+ ResourceId *string `type:"string" required:"true"`
+
+ // Contains a list of tags, up to a limit of 50
+ //
+ // TagsList is a required field
+ TagsList []*Tag `type:"list" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AddTagsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AddTagsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *AddTagsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "AddTagsInput"}
+ if s.ResourceId == nil {
+ invalidParams.Add(request.NewErrParamRequired("ResourceId"))
+ }
+ if s.TagsList == nil {
+ invalidParams.Add(request.NewErrParamRequired("TagsList"))
+ }
+ if s.TagsList != nil {
+ for i, v := range s.TagsList {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TagsList", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetResourceId sets the ResourceId field's value.
+func (s *AddTagsInput) SetResourceId(v string) *AddTagsInput {
+ s.ResourceId = &v
+ return s
+}
+
+// SetTagsList sets the TagsList field's value.
+func (s *AddTagsInput) SetTagsList(v []*Tag) *AddTagsInput {
+ s.TagsList = v
+ return s
+}
+
+// Returns the objects or data if successful. Otherwise, returns an error.
+type AddTagsOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AddTagsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AddTagsOutput) GoString() string {
+ return s.String()
+}
+
+// Advanced event selectors let you create fine-grained selectors for the following
+// CloudTrail event record fields. They help you control costs by logging only
+// those events that are important to you. For more information about advanced
+// event selectors, see Logging data events for trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html)
+// in the CloudTrail User Guide.
+//
+// * readOnly
+//
+// * eventSource
+//
+// * eventName
+//
+// * eventCategory
+//
+// * resources.type
+//
+// * resources.ARN
+//
+// You cannot apply both event selectors and advanced event selectors to a trail.
+type AdvancedEventSelector struct {
+ _ struct{} `type:"structure"`
+
+ // Contains all selector statements in an advanced event selector.
+ //
+ // FieldSelectors is a required field
+ FieldSelectors []*AdvancedFieldSelector `min:"1" type:"list" required:"true"`
+
+ // An optional, descriptive name for an advanced event selector, such as "Log
+ // data events for only two S3 buckets".
+ Name *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AdvancedEventSelector) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AdvancedEventSelector) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *AdvancedEventSelector) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "AdvancedEventSelector"}
+ if s.FieldSelectors == nil {
+ invalidParams.Add(request.NewErrParamRequired("FieldSelectors"))
+ }
+ if s.FieldSelectors != nil && len(s.FieldSelectors) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("FieldSelectors", 1))
+ }
+ if s.FieldSelectors != nil {
+ for i, v := range s.FieldSelectors {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "FieldSelectors", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetFieldSelectors sets the FieldSelectors field's value.
+func (s *AdvancedEventSelector) SetFieldSelectors(v []*AdvancedFieldSelector) *AdvancedEventSelector {
+ s.FieldSelectors = v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *AdvancedEventSelector) SetName(v string) *AdvancedEventSelector {
+ s.Name = &v
+ return s
+}
+
+// A single selector statement in an advanced event selector.
+type AdvancedFieldSelector struct {
+ _ struct{} `type:"structure"`
+
+ // An operator that includes events that match the last few characters of the
+ // event record field specified as the value of Field.
+ EndsWith []*string `min:"1" type:"list"`
+
+ // An operator that includes events that match the exact value of the event
+ // record field specified as the value of Field. This is the only valid operator
+ // that you can use with the readOnly, eventCategory, and resources.type fields.
+ Equals []*string `min:"1" type:"list"`
+
+ // A field in an event record on which to filter events to be logged. Supported
+ // fields include readOnly, eventCategory, eventSource (for management events),
+ // eventName, resources.type, and resources.ARN.
+ //
+ // * readOnly - Optional. Can be set to Equals a value of true or false.
+ // A value of false logs both read and write events.
+ //
+ // * eventSource - For filtering management events only. This can be set
+ // only to NotEquals kms.amazonaws.com.
+ //
+ // * eventName - Can use any operator. You can use it to filter in or filter
+ // out any data event logged to CloudTrail, such as PutBucket or GetSnapshotBlock.
+ // You can have multiple values for this field, separated by commas.
+ //
+ // * eventCategory - This is required. It must be set to Equals, and the
+ // value must be Management or Data.
+ //
+ // * resources.type - This field is required. resources.type can only use
+ // the Equals operator, and the value can be one of the following: AWS::S3::Object
+ // AWS::Lambda::Function AWS::DynamoDB::Table AWS::S3Outposts::Object AWS::ManagedBlockchain::Node
+ // AWS::S3ObjectLambda::AccessPoint AWS::EC2::Snapshot AWS::S3::AccessPoint
+ // AWS::DynamoDB::Stream You can have only one resources.type field per
+ // selector. To log data events on more than one resource type, add another
+ // selector.
+ //
+ // * resources.ARN - You can use any operator with resources.ARN, but if
+ // you use Equals or NotEquals, the value must exactly match the ARN of a
+ // valid resource of the type you've specified in the template as the value
+ // of resources.type. For example, if resources.type equals AWS::S3::Object,
+ // the ARN must be in one of the following formats. To log all data events
+ // for all objects in a specific S3 bucket, use the StartsWith operator,
+ // and include only the bucket ARN as the matching value. The trailing slash
+ // is intentional; do not exclude it. Replace the text between less than
+ // and greater than symbols (<>) with resource-specific information. arn::s3:::/
+ // arn::s3:::// When resources.type
+ // equals AWS::S3::AccessPoint, and the operator is set to Equals or NotEquals,
+ // the ARN must be in one of the following formats. To log events on all
+ // objects in an S3 access point, we recommend that you use only the access
+ // point ARN, don’t include the object path, and use the StartsWith or
+ // NotStartsWith operators. arn::s3:::accesspoint/
+ // arn::s3:::accesspoint//object/
+ // When resources.type equals AWS::Lambda::Function, and the operator is
+ // set to Equals or NotEquals, the ARN must be in the following format: arn::lambda:::function:
+ // When resources.type equals AWS::DynamoDB::Table, and the operator is set
+ // to Equals or NotEquals, the ARN must be in the following format: arn::dynamodb:::table/
+ // When resources.type equals AWS::S3Outposts::Object, and the operator is
+ // set to Equals or NotEquals, the ARN must be in the following format: arn::s3-outposts:::
+ // When resources.type equals AWS::ManagedBlockchain::Node, and the operator
+ // is set to Equals or NotEquals, the ARN must be in the following format:
+ // arn::managedblockchain:::nodes/
+ // When resources.type equals AWS::S3ObjectLambda::AccessPoint, and the operator
+ // is set to Equals or NotEquals, the ARN must be in the following format:
+ // arn::s3-object-lambda:::accesspoint/
+ // When resources.type equals AWS::EC2::Snapshot, and the operator is set
+ // to Equals or NotEquals, the ARN must be in the following format: arn::ec2:::snapshot/
+ // When resources.type equals AWS::DynamoDB::Stream, and the operator is
+ // set to Equals or NotEquals, the ARN must be in the following format: arn::dynamodb:::table//stream/
+ //
+ // Field is a required field
+ Field *string `min:"1" type:"string" required:"true"`
+
+ // An operator that excludes events that match the last few characters of the
+ // event record field specified as the value of Field.
+ NotEndsWith []*string `min:"1" type:"list"`
+
+ // An operator that excludes events that match the exact value of the event
+ // record field specified as the value of Field.
+ NotEquals []*string `min:"1" type:"list"`
+
+ // An operator that excludes events that match the first few characters of the
+ // event record field specified as the value of Field.
+ NotStartsWith []*string `min:"1" type:"list"`
+
+ // An operator that includes events that match the first few characters of the
+ // event record field specified as the value of Field.
+ StartsWith []*string `min:"1" type:"list"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AdvancedFieldSelector) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AdvancedFieldSelector) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *AdvancedFieldSelector) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "AdvancedFieldSelector"}
+ if s.EndsWith != nil && len(s.EndsWith) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("EndsWith", 1))
+ }
+ if s.Equals != nil && len(s.Equals) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Equals", 1))
+ }
+ if s.Field == nil {
+ invalidParams.Add(request.NewErrParamRequired("Field"))
+ }
+ if s.Field != nil && len(*s.Field) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Field", 1))
+ }
+ if s.NotEndsWith != nil && len(s.NotEndsWith) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("NotEndsWith", 1))
+ }
+ if s.NotEquals != nil && len(s.NotEquals) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("NotEquals", 1))
+ }
+ if s.NotStartsWith != nil && len(s.NotStartsWith) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("NotStartsWith", 1))
+ }
+ if s.StartsWith != nil && len(s.StartsWith) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("StartsWith", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetEndsWith sets the EndsWith field's value.
+func (s *AdvancedFieldSelector) SetEndsWith(v []*string) *AdvancedFieldSelector {
+ s.EndsWith = v
+ return s
+}
+
+// SetEquals sets the Equals field's value.
+func (s *AdvancedFieldSelector) SetEquals(v []*string) *AdvancedFieldSelector {
+ s.Equals = v
+ return s
+}
+
+// SetField sets the Field field's value.
+func (s *AdvancedFieldSelector) SetField(v string) *AdvancedFieldSelector {
+ s.Field = &v
+ return s
+}
+
+// SetNotEndsWith sets the NotEndsWith field's value.
+func (s *AdvancedFieldSelector) SetNotEndsWith(v []*string) *AdvancedFieldSelector {
+ s.NotEndsWith = v
+ return s
+}
+
+// SetNotEquals sets the NotEquals field's value.
+func (s *AdvancedFieldSelector) SetNotEquals(v []*string) *AdvancedFieldSelector {
+ s.NotEquals = v
+ return s
+}
+
+// SetNotStartsWith sets the NotStartsWith field's value.
+func (s *AdvancedFieldSelector) SetNotStartsWith(v []*string) *AdvancedFieldSelector {
+ s.NotStartsWith = v
+ return s
+}
+
+// SetStartsWith sets the StartsWith field's value.
+func (s *AdvancedFieldSelector) SetStartsWith(v []*string) *AdvancedFieldSelector {
+ s.StartsWith = v
+ return s
+}
+
+type CancelQueryInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN (or the ID suffix of the ARN) of an event data store on which the
+ // specified query is running.
+ //
+ // EventDataStore is a required field
+ EventDataStore *string `min:"3" type:"string" required:"true"`
+
+ // The ID of the query that you want to cancel. The QueryId comes from the response
+ // of a StartQuery operation.
+ //
+ // QueryId is a required field
+ QueryId *string `min:"36" type:"string" required:"true"`
+}
+
+// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s ARNInvalidException) GoString() string {
+func (s CancelQueryInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CancelQueryInput) GoString() string {
return s.String()
}
-func newErrorARNInvalidException(v protocol.ResponseMetadata) error {
- return &ARNInvalidException{
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *CancelQueryInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "CancelQueryInput"}
+ if s.EventDataStore == nil {
+ invalidParams.Add(request.NewErrParamRequired("EventDataStore"))
+ }
+ if s.EventDataStore != nil && len(*s.EventDataStore) < 3 {
+ invalidParams.Add(request.NewErrParamMinLen("EventDataStore", 3))
+ }
+ if s.QueryId == nil {
+ invalidParams.Add(request.NewErrParamRequired("QueryId"))
+ }
+ if s.QueryId != nil && len(*s.QueryId) < 36 {
+ invalidParams.Add(request.NewErrParamMinLen("QueryId", 36))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetEventDataStore sets the EventDataStore field's value.
+func (s *CancelQueryInput) SetEventDataStore(v string) *CancelQueryInput {
+ s.EventDataStore = &v
+ return s
+}
+
+// SetQueryId sets the QueryId field's value.
+func (s *CancelQueryInput) SetQueryId(v string) *CancelQueryInput {
+ s.QueryId = &v
+ return s
+}
+
+type CancelQueryOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The ID of the canceled query.
+ //
+ // QueryId is a required field
+ QueryId *string `min:"36" type:"string" required:"true"`
+
+ // Shows the status of a query after a CancelQuery request. Typically, the values
+ // shown are either RUNNING or CANCELLED.
+ //
+ // QueryStatus is a required field
+ QueryStatus *string `type:"string" required:"true" enum:"QueryStatus"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CancelQueryOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CancelQueryOutput) GoString() string {
+ return s.String()
+}
+
+// SetQueryId sets the QueryId field's value.
+func (s *CancelQueryOutput) SetQueryId(v string) *CancelQueryOutput {
+ s.QueryId = &v
+ return s
+}
+
+// SetQueryStatus sets the QueryStatus field's value.
+func (s *CancelQueryOutput) SetQueryStatus(v string) *CancelQueryOutput {
+ s.QueryStatus = &v
+ return s
+}
+
+// This exception is thrown when a call results in the InvalidClientTokenId
+// error code. This can occur when you are creating or updating a trail to send
+// notifications to an Amazon SNS topic that is in a suspended Amazon Web Services
+// account.
+type CloudTrailInvalidClientTokenIdException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CloudTrailInvalidClientTokenIdException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CloudTrailInvalidClientTokenIdException) GoString() string {
+ return s.String()
+}
+
+func newErrorCloudTrailInvalidClientTokenIdException(v protocol.ResponseMetadata) error {
+ return &CloudTrailInvalidClientTokenIdException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *CloudTrailInvalidClientTokenIdException) Code() string {
+ return "CloudTrailInvalidClientTokenIdException"
+}
+
+// Message returns the exception's message.
+func (s *CloudTrailInvalidClientTokenIdException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *CloudTrailInvalidClientTokenIdException) OrigErr() error {
+ return nil
+}
+
+func (s *CloudTrailInvalidClientTokenIdException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *CloudTrailInvalidClientTokenIdException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *CloudTrailInvalidClientTokenIdException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// Cannot set a CloudWatch Logs delivery for this region.
+type CloudWatchLogsDeliveryUnavailableException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CloudWatchLogsDeliveryUnavailableException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CloudWatchLogsDeliveryUnavailableException) GoString() string {
+ return s.String()
+}
+
+func newErrorCloudWatchLogsDeliveryUnavailableException(v protocol.ResponseMetadata) error {
+ return &CloudWatchLogsDeliveryUnavailableException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *CloudWatchLogsDeliveryUnavailableException) Code() string {
+ return "CloudWatchLogsDeliveryUnavailableException"
+}
+
+// Message returns the exception's message.
+func (s *CloudWatchLogsDeliveryUnavailableException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *CloudWatchLogsDeliveryUnavailableException) OrigErr() error {
+ return nil
+}
+
+func (s *CloudWatchLogsDeliveryUnavailableException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *CloudWatchLogsDeliveryUnavailableException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *CloudWatchLogsDeliveryUnavailableException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// This exception is thrown when the specified resource is not ready for an
+// operation. This can occur when you try to run an operation on a trail before
+// CloudTrail has time to fully load the trail. If this exception occurs, wait
+// a few minutes, and then try the operation again.
+type ConflictException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ConflictException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ConflictException) GoString() string {
+ return s.String()
+}
+
+func newErrorConflictException(v protocol.ResponseMetadata) error {
+ return &ConflictException{
RespMetadata: v,
}
}
// Code returns the exception type name.
-func (s *ARNInvalidException) Code() string {
- return "CloudTrailARNInvalidException"
+func (s *ConflictException) Code() string {
+ return "ConflictException"
}
// Message returns the exception's message.
-func (s *ARNInvalidException) Message() string {
+func (s *ConflictException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
@@ -2619,33 +4800,57 @@ func (s *ARNInvalidException) Message() string {
}
// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *ARNInvalidException) OrigErr() error {
+func (s *ConflictException) OrigErr() error {
return nil
}
-func (s *ARNInvalidException) Error() string {
+func (s *ConflictException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
-func (s *ARNInvalidException) StatusCode() int {
+func (s *ConflictException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
-func (s *ARNInvalidException) RequestID() string {
+func (s *ConflictException) RequestID() string {
return s.RespMetadata.RequestID
}
-// This exception is thrown when trusted access has not been enabled between
-// CloudTrail and Organizations. For more information, see Enabling Trusted
-// Access with Other Amazon Web Services Services (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
-// and Prepare For Creating a Trail For Your Organization (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-an-organizational-trail-prepare.html).
-type AccessNotEnabledException struct {
- _ struct{} `type:"structure"`
- RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+type CreateEventDataStoreInput struct {
+ _ struct{} `type:"structure"`
- Message_ *string `locationName:"message" type:"string"`
+ // The advanced event selectors to use to select the events for the data store.
+ // For more information about how to use advanced event selectors, see Log events
+ // by using advanced event selectors (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced)
+ // in the CloudTrail User Guide.
+ AdvancedEventSelectors []*AdvancedEventSelector `type:"list"`
+
+ // Specifies whether the event data store includes events from all regions,
+ // or only from the region in which the event data store is created.
+ MultiRegionEnabled *bool `type:"boolean"`
+
+ // The name of the event data store.
+ //
+ // Name is a required field
+ Name *string `min:"3" type:"string" required:"true"`
+
+ // Specifies whether an event data store collects events logged for an organization
+ // in Organizations.
+ OrganizationEnabled *bool `type:"boolean"`
+
+ // The retention period of the event data store, in days. You can set a retention
+ // period of up to 2555 days, the equivalent of seven years.
+ RetentionPeriod *int64 `min:"7" type:"integer"`
+
+ // A list of tags.
+ TagsList []*Tag `type:"list"`
+
+ // Specifies whether termination protection is enabled for the event data store.
+ // If termination protection is enabled, you cannot delete the event data store
+ // until termination protection is disabled.
+ TerminationProtectionEnabled *bool `type:"boolean"`
}
// String returns the string representation.
@@ -2653,7 +4858,7 @@ type AccessNotEnabledException struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s AccessNotEnabledException) String() string {
+func (s CreateEventDataStoreInput) String() string {
return awsutil.Prettify(s)
}
@@ -2662,61 +4867,313 @@ func (s AccessNotEnabledException) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s AccessNotEnabledException) GoString() string {
+func (s CreateEventDataStoreInput) GoString() string {
return s.String()
}
-func newErrorAccessNotEnabledException(v protocol.ResponseMetadata) error {
- return &AccessNotEnabledException{
- RespMetadata: v,
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *CreateEventDataStoreInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "CreateEventDataStoreInput"}
+ if s.Name == nil {
+ invalidParams.Add(request.NewErrParamRequired("Name"))
+ }
+ if s.Name != nil && len(*s.Name) < 3 {
+ invalidParams.Add(request.NewErrParamMinLen("Name", 3))
+ }
+ if s.RetentionPeriod != nil && *s.RetentionPeriod < 7 {
+ invalidParams.Add(request.NewErrParamMinValue("RetentionPeriod", 7))
+ }
+ if s.AdvancedEventSelectors != nil {
+ for i, v := range s.AdvancedEventSelectors {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "AdvancedEventSelectors", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+ if s.TagsList != nil {
+ for i, v := range s.TagsList {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TagsList", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
}
+ return nil
}
-// Code returns the exception type name.
-func (s *AccessNotEnabledException) Code() string {
- return "CloudTrailAccessNotEnabledException"
+// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
+func (s *CreateEventDataStoreInput) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *CreateEventDataStoreInput {
+ s.AdvancedEventSelectors = v
+ return s
}
-// Message returns the exception's message.
-func (s *AccessNotEnabledException) Message() string {
- if s.Message_ != nil {
- return *s.Message_
- }
- return ""
+// SetMultiRegionEnabled sets the MultiRegionEnabled field's value.
+func (s *CreateEventDataStoreInput) SetMultiRegionEnabled(v bool) *CreateEventDataStoreInput {
+ s.MultiRegionEnabled = &v
+ return s
}
-// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *AccessNotEnabledException) OrigErr() error {
- return nil
+// SetName sets the Name field's value.
+func (s *CreateEventDataStoreInput) SetName(v string) *CreateEventDataStoreInput {
+ s.Name = &v
+ return s
}
-func (s *AccessNotEnabledException) Error() string {
- return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+// SetOrganizationEnabled sets the OrganizationEnabled field's value.
+func (s *CreateEventDataStoreInput) SetOrganizationEnabled(v bool) *CreateEventDataStoreInput {
+ s.OrganizationEnabled = &v
+ return s
}
-// Status code returns the HTTP status code for the request's response error.
-func (s *AccessNotEnabledException) StatusCode() int {
- return s.RespMetadata.StatusCode
+// SetRetentionPeriod sets the RetentionPeriod field's value.
+func (s *CreateEventDataStoreInput) SetRetentionPeriod(v int64) *CreateEventDataStoreInput {
+ s.RetentionPeriod = &v
+ return s
+}
+
+// SetTagsList sets the TagsList field's value.
+func (s *CreateEventDataStoreInput) SetTagsList(v []*Tag) *CreateEventDataStoreInput {
+ s.TagsList = v
+ return s
+}
+
+// SetTerminationProtectionEnabled sets the TerminationProtectionEnabled field's value.
+func (s *CreateEventDataStoreInput) SetTerminationProtectionEnabled(v bool) *CreateEventDataStoreInput {
+ s.TerminationProtectionEnabled = &v
+ return s
+}
+
+type CreateEventDataStoreOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The advanced event selectors that were used to select the events for the
+ // data store.
+ AdvancedEventSelectors []*AdvancedEventSelector `type:"list"`
+
+ // The timestamp that shows when the event data store was created.
+ CreatedTimestamp *time.Time `type:"timestamp"`
+
+ // The ARN of the event data store.
+ EventDataStoreArn *string `min:"3" type:"string"`
+
+ // Indicates whether the event data store collects events from all regions,
+ // or only from the region in which it was created.
+ MultiRegionEnabled *bool `type:"boolean"`
+
+ // The name of the event data store.
+ Name *string `min:"3" type:"string"`
+
+ // Indicates whether an event data store is collecting logged events for an
+ // organization in Organizations.
+ OrganizationEnabled *bool `type:"boolean"`
+
+ // The retention period of an event data store, in days.
+ RetentionPeriod *int64 `min:"7" type:"integer"`
+
+ // The status of event data store creation.
+ Status *string `type:"string" enum:"EventDataStoreStatus"`
+
+ // A list of tags.
+ TagsList []*Tag `type:"list"`
+
+ // Indicates whether termination protection is enabled for the event data store.
+ TerminationProtectionEnabled *bool `type:"boolean"`
+
+ // The timestamp that shows when an event data store was updated, if applicable.
+ // UpdatedTimestamp is always either the same or newer than the time shown in
+ // CreatedTimestamp.
+ UpdatedTimestamp *time.Time `type:"timestamp"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CreateEventDataStoreOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s CreateEventDataStoreOutput) GoString() string {
+ return s.String()
+}
+
+// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
+func (s *CreateEventDataStoreOutput) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *CreateEventDataStoreOutput {
+ s.AdvancedEventSelectors = v
+ return s
+}
+
+// SetCreatedTimestamp sets the CreatedTimestamp field's value.
+func (s *CreateEventDataStoreOutput) SetCreatedTimestamp(v time.Time) *CreateEventDataStoreOutput {
+ s.CreatedTimestamp = &v
+ return s
+}
+
+// SetEventDataStoreArn sets the EventDataStoreArn field's value.
+func (s *CreateEventDataStoreOutput) SetEventDataStoreArn(v string) *CreateEventDataStoreOutput {
+ s.EventDataStoreArn = &v
+ return s
+}
+
+// SetMultiRegionEnabled sets the MultiRegionEnabled field's value.
+func (s *CreateEventDataStoreOutput) SetMultiRegionEnabled(v bool) *CreateEventDataStoreOutput {
+ s.MultiRegionEnabled = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *CreateEventDataStoreOutput) SetName(v string) *CreateEventDataStoreOutput {
+ s.Name = &v
+ return s
}
-// RequestID returns the service's response RequestID for request.
-func (s *AccessNotEnabledException) RequestID() string {
- return s.RespMetadata.RequestID
-}
+// SetOrganizationEnabled sets the OrganizationEnabled field's value.
+func (s *CreateEventDataStoreOutput) SetOrganizationEnabled(v bool) *CreateEventDataStoreOutput {
+ s.OrganizationEnabled = &v
+ return s
+}
+
+// SetRetentionPeriod sets the RetentionPeriod field's value.
+func (s *CreateEventDataStoreOutput) SetRetentionPeriod(v int64) *CreateEventDataStoreOutput {
+ s.RetentionPeriod = &v
+ return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *CreateEventDataStoreOutput) SetStatus(v string) *CreateEventDataStoreOutput {
+ s.Status = &v
+ return s
+}
+
+// SetTagsList sets the TagsList field's value.
+func (s *CreateEventDataStoreOutput) SetTagsList(v []*Tag) *CreateEventDataStoreOutput {
+ s.TagsList = v
+ return s
+}
+
+// SetTerminationProtectionEnabled sets the TerminationProtectionEnabled field's value.
+func (s *CreateEventDataStoreOutput) SetTerminationProtectionEnabled(v bool) *CreateEventDataStoreOutput {
+ s.TerminationProtectionEnabled = &v
+ return s
+}
+
+// SetUpdatedTimestamp sets the UpdatedTimestamp field's value.
+func (s *CreateEventDataStoreOutput) SetUpdatedTimestamp(v time.Time) *CreateEventDataStoreOutput {
+ s.UpdatedTimestamp = &v
+ return s
+}
+
+// Specifies the settings for each trail.
+type CreateTrailInput struct {
+ _ struct{} `type:"structure"`
+
+ // Specifies a log group name using an Amazon Resource Name (ARN), a unique
+ // identifier that represents the log group to which CloudTrail logs will be
+ // delivered. Not required unless you specify CloudWatchLogsRoleArn.
+ CloudWatchLogsLogGroupArn *string `type:"string"`
+
+ // Specifies the role for the CloudWatch Logs endpoint to assume to write to
+ // a user's log group.
+ CloudWatchLogsRoleArn *string `type:"string"`
+
+ // Specifies whether log file integrity validation is enabled. The default is
+ // false.
+ //
+ // When you disable log file integrity validation, the chain of digest files
+ // is broken after one hour. CloudTrail does not create digest files for log
+ // files that were delivered during a period in which log file integrity validation
+ // was disabled. For example, if you enable log file integrity validation at
+ // noon on January 1, disable it at noon on January 2, and re-enable it at noon
+ // on January 10, digest files will not be created for the log files delivered
+ // from noon on January 2 to noon on January 10. The same applies whenever you
+ // stop CloudTrail logging or delete a trail.
+ EnableLogFileValidation *bool `type:"boolean"`
+
+ // Specifies whether the trail is publishing events from global services such
+ // as IAM to the log files.
+ IncludeGlobalServiceEvents *bool `type:"boolean"`
+
+ // Specifies whether the trail is created in the current region or in all regions.
+ // The default is false, which creates a trail only in the region where you
+ // are signed in. As a best practice, consider creating trails that log events
+ // in all regions.
+ IsMultiRegionTrail *bool `type:"boolean"`
+
+ // Specifies whether the trail is created for all accounts in an organization
+ // in Organizations, or only for the current Amazon Web Services account. The
+ // default is false, and cannot be true unless the call is made on behalf of
+ // an Amazon Web Services account that is the management account for an organization
+ // in Organizations.
+ IsOrganizationTrail *bool `type:"boolean"`
+
+ // Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail.
+ // The value can be an alias name prefixed by "alias/", a fully specified ARN
+ // to an alias, a fully specified ARN to a key, or a globally unique identifier.
+ //
+ // CloudTrail also supports KMS multi-Region keys. For more information about
+ // multi-Region keys, see Using multi-Region keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html)
+ // in the Key Management Service Developer Guide.
+ //
+ // Examples:
+ //
+ // * alias/MyAliasName
+ //
+ // * arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
+ //
+ // * arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
+ //
+ // * 12345678-1234-1234-1234-123456789012
+ KmsKeyId *string `type:"string"`
+
+ // Specifies the name of the trail. The name must meet the following requirements:
+ //
+ // * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
+ // (_), or dashes (-)
+ //
+ // * Start with a letter or number, and end with a letter or number
+ //
+ // * Be between 3 and 128 characters
+ //
+ // * Have no adjacent periods, underscores or dashes. Names like my-_namespace
+ // and my--namespace are not valid.
+ //
+ // * Not be in IP address format (for example, 192.168.5.4)
+ //
+ // Name is a required field
+ Name *string `type:"string" required:"true"`
+
+ // Specifies the name of the Amazon S3 bucket designated for publishing log
+ // files. See Amazon S3 Bucket Naming Requirements (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html).
+ //
+ // S3BucketName is a required field
+ S3BucketName *string `type:"string" required:"true"`
-// Specifies the tags to add to a trail.
-type AddTagsInput struct {
- _ struct{} `type:"structure"`
+ // Specifies the Amazon S3 key prefix that comes after the name of the bucket
+ // you have designated for log file delivery. For more information, see Finding
+ // Your CloudTrail Log Files (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html).
+ // The maximum length is 200 characters.
+ S3KeyPrefix *string `type:"string"`
- // Specifies the ARN of the trail to which one or more tags will be added. The
- // format of a trail ARN is:
- //
- // arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
- //
- // ResourceId is a required field
- ResourceId *string `type:"string" required:"true"`
+ // Specifies the name of the Amazon SNS topic defined for notification of log
+ // file delivery. The maximum length is 256 characters.
+ SnsTopicName *string `type:"string"`
- // Contains a list of tags, up to a limit of 50
+ // A list of tags.
TagsList []*Tag `type:"list"`
}
@@ -2725,7 +5182,7 @@ type AddTagsInput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s AddTagsInput) String() string {
+func (s CreateTrailInput) String() string {
return awsutil.Prettify(s)
}
@@ -2734,15 +5191,18 @@ func (s AddTagsInput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s AddTagsInput) GoString() string {
+func (s CreateTrailInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
-func (s *AddTagsInput) Validate() error {
- invalidParams := request.ErrInvalidParams{Context: "AddTagsInput"}
- if s.ResourceId == nil {
- invalidParams.Add(request.NewErrParamRequired("ResourceId"))
+func (s *CreateTrailInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "CreateTrailInput"}
+ if s.Name == nil {
+ invalidParams.Add(request.NewErrParamRequired("Name"))
+ }
+ if s.S3BucketName == nil {
+ invalidParams.Add(request.NewErrParamRequired("S3BucketName"))
}
if s.TagsList != nil {
for i, v := range s.TagsList {
@@ -2761,218 +5221,138 @@ func (s *AddTagsInput) Validate() error {
return nil
}
-// SetResourceId sets the ResourceId field's value.
-func (s *AddTagsInput) SetResourceId(v string) *AddTagsInput {
- s.ResourceId = &v
+// SetCloudWatchLogsLogGroupArn sets the CloudWatchLogsLogGroupArn field's value.
+func (s *CreateTrailInput) SetCloudWatchLogsLogGroupArn(v string) *CreateTrailInput {
+ s.CloudWatchLogsLogGroupArn = &v
return s
}
-// SetTagsList sets the TagsList field's value.
-func (s *AddTagsInput) SetTagsList(v []*Tag) *AddTagsInput {
- s.TagsList = v
+// SetCloudWatchLogsRoleArn sets the CloudWatchLogsRoleArn field's value.
+func (s *CreateTrailInput) SetCloudWatchLogsRoleArn(v string) *CreateTrailInput {
+ s.CloudWatchLogsRoleArn = &v
return s
}
-// Returns the objects or data if successful. Otherwise, returns an error.
-type AddTagsOutput struct {
- _ struct{} `type:"structure"`
+// SetEnableLogFileValidation sets the EnableLogFileValidation field's value.
+func (s *CreateTrailInput) SetEnableLogFileValidation(v bool) *CreateTrailInput {
+ s.EnableLogFileValidation = &v
+ return s
}
-// String returns the string representation.
-//
-// API parameter values that are decorated as "sensitive" in the API will not
-// be included in the string output. The member name will be present, but the
-// value will be replaced with "sensitive".
-func (s AddTagsOutput) String() string {
- return awsutil.Prettify(s)
+// SetIncludeGlobalServiceEvents sets the IncludeGlobalServiceEvents field's value.
+func (s *CreateTrailInput) SetIncludeGlobalServiceEvents(v bool) *CreateTrailInput {
+ s.IncludeGlobalServiceEvents = &v
+ return s
}
-// GoString returns the string representation.
-//
-// API parameter values that are decorated as "sensitive" in the API will not
-// be included in the string output. The member name will be present, but the
-// value will be replaced with "sensitive".
-func (s AddTagsOutput) GoString() string {
- return s.String()
+// SetIsMultiRegionTrail sets the IsMultiRegionTrail field's value.
+func (s *CreateTrailInput) SetIsMultiRegionTrail(v bool) *CreateTrailInput {
+ s.IsMultiRegionTrail = &v
+ return s
}
-// Advanced event selectors let you create fine-grained selectors for the following
-// CloudTrail event record fields. They help you control costs by logging only
-// those events that are important to you. For more information about advanced
-// event selectors, see Logging data events for trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html)
-// in the CloudTrail User Guide.
-//
-// * readOnly
-//
-// * eventSource
-//
-// * eventName
-//
-// * eventCategory
-//
-// * resources.type
-//
-// * resources.ARN
-//
-// You cannot apply both event selectors and advanced event selectors to a trail.
-type AdvancedEventSelector struct {
- _ struct{} `type:"structure"`
-
- // Contains all selector statements in an advanced event selector.
- //
- // FieldSelectors is a required field
- FieldSelectors []*AdvancedFieldSelector `min:"1" type:"list" required:"true"`
-
- // An optional, descriptive name for an advanced event selector, such as "Log
- // data events for only two S3 buckets".
- Name *string `type:"string"`
+// SetIsOrganizationTrail sets the IsOrganizationTrail field's value.
+func (s *CreateTrailInput) SetIsOrganizationTrail(v bool) *CreateTrailInput {
+ s.IsOrganizationTrail = &v
+ return s
}
-// String returns the string representation.
-//
-// API parameter values that are decorated as "sensitive" in the API will not
-// be included in the string output. The member name will be present, but the
-// value will be replaced with "sensitive".
-func (s AdvancedEventSelector) String() string {
- return awsutil.Prettify(s)
+// SetKmsKeyId sets the KmsKeyId field's value.
+func (s *CreateTrailInput) SetKmsKeyId(v string) *CreateTrailInput {
+ s.KmsKeyId = &v
+ return s
}
-// GoString returns the string representation.
-//
-// API parameter values that are decorated as "sensitive" in the API will not
-// be included in the string output. The member name will be present, but the
-// value will be replaced with "sensitive".
-func (s AdvancedEventSelector) GoString() string {
- return s.String()
+// SetName sets the Name field's value.
+func (s *CreateTrailInput) SetName(v string) *CreateTrailInput {
+ s.Name = &v
+ return s
}
-// Validate inspects the fields of the type to determine if they are valid.
-func (s *AdvancedEventSelector) Validate() error {
- invalidParams := request.ErrInvalidParams{Context: "AdvancedEventSelector"}
- if s.FieldSelectors == nil {
- invalidParams.Add(request.NewErrParamRequired("FieldSelectors"))
- }
- if s.FieldSelectors != nil && len(s.FieldSelectors) < 1 {
- invalidParams.Add(request.NewErrParamMinLen("FieldSelectors", 1))
- }
- if s.FieldSelectors != nil {
- for i, v := range s.FieldSelectors {
- if v == nil {
- continue
- }
- if err := v.Validate(); err != nil {
- invalidParams.AddNested(fmt.Sprintf("%s[%v]", "FieldSelectors", i), err.(request.ErrInvalidParams))
- }
- }
- }
-
- if invalidParams.Len() > 0 {
- return invalidParams
- }
- return nil
+// SetS3BucketName sets the S3BucketName field's value.
+func (s *CreateTrailInput) SetS3BucketName(v string) *CreateTrailInput {
+ s.S3BucketName = &v
+ return s
}
-// SetFieldSelectors sets the FieldSelectors field's value.
-func (s *AdvancedEventSelector) SetFieldSelectors(v []*AdvancedFieldSelector) *AdvancedEventSelector {
- s.FieldSelectors = v
+// SetS3KeyPrefix sets the S3KeyPrefix field's value.
+func (s *CreateTrailInput) SetS3KeyPrefix(v string) *CreateTrailInput {
+ s.S3KeyPrefix = &v
return s
}
-// SetName sets the Name field's value.
-func (s *AdvancedEventSelector) SetName(v string) *AdvancedEventSelector {
- s.Name = &v
+// SetSnsTopicName sets the SnsTopicName field's value.
+func (s *CreateTrailInput) SetSnsTopicName(v string) *CreateTrailInput {
+ s.SnsTopicName = &v
return s
}
-// A single selector statement in an advanced event selector.
-type AdvancedFieldSelector struct {
- _ struct{} `type:"structure"`
-
- // An operator that includes events that match the last few characters of the
- // event record field specified as the value of Field.
- EndsWith []*string `min:"1" type:"list"`
-
- // An operator that includes events that match the exact value of the event
- // record field specified as the value of Field. This is the only valid operator
- // that you can use with the readOnly, eventCategory, and resources.type fields.
- Equals []*string `min:"1" type:"list"`
-
- // A field in an event record on which to filter events to be logged. Supported
- // fields include readOnly, eventCategory, eventSource (for management events),
- // eventName, resources.type, and resources.ARN.
- //
- // * readOnly - Optional. Can be set to Equals a value of true or false.
- // A value of false logs both read and write events.
- //
- // * eventSource - For filtering management events only. This can be set
- // only to NotEquals kms.amazonaws.com.
- //
- // * eventName - Can use any operator. You can use it to filter in or filter
- // out any data event logged to CloudTrail, such as PutBucket or GetSnapshotBlock.
- // You can have multiple values for this field, separated by commas.
- //
- // * eventCategory - This is required. It must be set to Equals, and the
- // value must be Management or Data.
- //
- // * resources.type - This field is required. resources.type can only use
- // the Equals operator, and the value can be one of the following: AWS::S3::Object
- // AWS::Lambda::Function AWS::DynamoDB::Table AWS::S3Outposts::Object AWS::ManagedBlockchain::Node
- // AWS::S3ObjectLambda::AccessPoint AWS::EC2::Snapshot AWS::S3::AccessPoint
- // AWS::DynamoDB::Stream You can have only one resources.type field per
- // selector. To log data events on more than one resource type, add another
- // selector.
- //
- // * resources.ARN - You can use any operator with resources.ARN, but if
- // you use Equals or NotEquals, the value must exactly match the ARN of a
- // valid resource of the type you've specified in the template as the value
- // of resources.type. For example, if resources.type equals AWS::S3::Object,
- // the ARN must be in one of the following formats. To log all data events
- // for all objects in a specific S3 bucket, use the StartsWith operator,
- // and include only the bucket ARN as the matching value. The trailing slash
- // is intentional; do not exclude it. Replace the text between less than
- // and greater than symbols (<>) with resource-specific information. arn::s3:::/
- // arn::s3:::// When resources.type
- // equals AWS::S3::AccessPoint, and the operator is set to Equals or NotEquals,
- // the ARN must be in one of the following formats. To log events on all
- // objects in an S3 access point, we recommend that you use only the access
- // point ARN, don’t include the object path, and use the StartsWith or
- // NotStartsWith operators. arn::s3:::accesspoint/
- // arn::s3:::accesspoint//object/
- // When resources.type equals AWS::Lambda::Function, and the operator is
- // set to Equals or NotEquals, the ARN must be in the following format: arn::lambda:::function:
- // When resources.type equals AWS::DynamoDB::Table, and the operator is set
- // to Equals or NotEquals, the ARN must be in the following format: arn::dynamodb:::table/
- // When resources.type equals AWS::S3Outposts::Object, and the operator is
- // set to Equals or NotEquals, the ARN must be in the following format: arn::s3-outposts:::
- // When resources.type equals AWS::ManagedBlockchain::Node, and the operator
- // is set to Equals or NotEquals, the ARN must be in the following format:
- // arn::managedblockchain:::nodes/
- // When resources.type equals AWS::S3ObjectLambda::AccessPoint, and the operator
- // is set to Equals or NotEquals, the ARN must be in the following format:
- // arn::s3-object-lambda:::accesspoint/
- // When resources.type equals AWS::EC2::Snapshot, and the operator is set
- // to Equals or NotEquals, the ARN must be in the following format: arn::ec2:::snapshot/
- // When resources.type equals AWS::DynamoDB::Stream, and the operator is
- // set to Equals or NotEquals, the ARN must be in the following format: arn::dynamodb:::table//stream/
+// SetTagsList sets the TagsList field's value.
+func (s *CreateTrailInput) SetTagsList(v []*Tag) *CreateTrailInput {
+ s.TagsList = v
+ return s
+}
+
+// Returns the objects or data listed below if successful. Otherwise, returns
+// an error.
+type CreateTrailOutput struct {
+ _ struct{} `type:"structure"`
+
+ // Specifies the Amazon Resource Name (ARN) of the log group to which CloudTrail
+ // logs will be delivered.
+ CloudWatchLogsLogGroupArn *string `type:"string"`
+
+ // Specifies the role for the CloudWatch Logs endpoint to assume to write to
+ // a user's log group.
+ CloudWatchLogsRoleArn *string `type:"string"`
+
+ // Specifies whether the trail is publishing events from global services such
+ // as IAM to the log files.
+ IncludeGlobalServiceEvents *bool `type:"boolean"`
+
+ // Specifies whether the trail exists in one region or in all regions.
+ IsMultiRegionTrail *bool `type:"boolean"`
+
+ // Specifies whether the trail is an organization trail.
+ IsOrganizationTrail *bool `type:"boolean"`
+
+ // Specifies the KMS key ID that encrypts the logs delivered by CloudTrail.
+ // The value is a fully specified ARN to a KMS key in the following format.
//
- // Field is a required field
- Field *string `min:"1" type:"string" required:"true"`
+ // arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
+ KmsKeyId *string `type:"string"`
- // An operator that excludes events that match the last few characters of the
- // event record field specified as the value of Field.
- NotEndsWith []*string `min:"1" type:"list"`
+ // Specifies whether log file integrity validation is enabled.
+ LogFileValidationEnabled *bool `type:"boolean"`
- // An operator that excludes events that match the exact value of the event
- // record field specified as the value of Field.
- NotEquals []*string `min:"1" type:"list"`
+ // Specifies the name of the trail.
+ Name *string `type:"string"`
- // An operator that excludes events that match the first few characters of the
- // event record field specified as the value of Field.
- NotStartsWith []*string `min:"1" type:"list"`
+ // Specifies the name of the Amazon S3 bucket designated for publishing log
+ // files.
+ S3BucketName *string `type:"string"`
- // An operator that includes events that match the first few characters of the
- // event record field specified as the value of Field.
- StartsWith []*string `min:"1" type:"list"`
+ // Specifies the Amazon S3 key prefix that comes after the name of the bucket
+ // you have designated for log file delivery. For more information, see Finding
+ // Your CloudTrail Log Files (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html).
+ S3KeyPrefix *string `type:"string"`
+
+ // Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send notifications
+ // when log files are delivered. The format of a topic ARN is:
+ //
+ // arn:aws:sns:us-east-2:123456789012:MyTopic
+ SnsTopicARN *string `type:"string"`
+
+ // This field is no longer in use. Use SnsTopicARN.
+ //
+ // Deprecated: SnsTopicName has been deprecated
+ SnsTopicName *string `deprecated:"true" type:"string"`
+
+ // Specifies the ARN of the trail that was created. The format of a trail ARN
+ // is:
+ //
+ // arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
+ TrailARN *string `type:"string"`
}
// String returns the string representation.
@@ -2980,7 +5360,7 @@ type AdvancedFieldSelector struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s AdvancedFieldSelector) String() string {
+func (s CreateTrailOutput) String() string {
return awsutil.Prettify(s)
}
@@ -2989,95 +5369,237 @@ func (s AdvancedFieldSelector) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s AdvancedFieldSelector) GoString() string {
+func (s CreateTrailOutput) GoString() string {
return s.String()
}
-// Validate inspects the fields of the type to determine if they are valid.
-func (s *AdvancedFieldSelector) Validate() error {
- invalidParams := request.ErrInvalidParams{Context: "AdvancedFieldSelector"}
- if s.EndsWith != nil && len(s.EndsWith) < 1 {
- invalidParams.Add(request.NewErrParamMinLen("EndsWith", 1))
- }
- if s.Equals != nil && len(s.Equals) < 1 {
- invalidParams.Add(request.NewErrParamMinLen("Equals", 1))
- }
- if s.Field == nil {
- invalidParams.Add(request.NewErrParamRequired("Field"))
- }
- if s.Field != nil && len(*s.Field) < 1 {
- invalidParams.Add(request.NewErrParamMinLen("Field", 1))
- }
- if s.NotEndsWith != nil && len(s.NotEndsWith) < 1 {
- invalidParams.Add(request.NewErrParamMinLen("NotEndsWith", 1))
- }
- if s.NotEquals != nil && len(s.NotEquals) < 1 {
- invalidParams.Add(request.NewErrParamMinLen("NotEquals", 1))
- }
- if s.NotStartsWith != nil && len(s.NotStartsWith) < 1 {
- invalidParams.Add(request.NewErrParamMinLen("NotStartsWith", 1))
- }
- if s.StartsWith != nil && len(s.StartsWith) < 1 {
- invalidParams.Add(request.NewErrParamMinLen("StartsWith", 1))
- }
+// SetCloudWatchLogsLogGroupArn sets the CloudWatchLogsLogGroupArn field's value.
+func (s *CreateTrailOutput) SetCloudWatchLogsLogGroupArn(v string) *CreateTrailOutput {
+ s.CloudWatchLogsLogGroupArn = &v
+ return s
+}
- if invalidParams.Len() > 0 {
- return invalidParams
- }
- return nil
+// SetCloudWatchLogsRoleArn sets the CloudWatchLogsRoleArn field's value.
+func (s *CreateTrailOutput) SetCloudWatchLogsRoleArn(v string) *CreateTrailOutput {
+ s.CloudWatchLogsRoleArn = &v
+ return s
}
-// SetEndsWith sets the EndsWith field's value.
-func (s *AdvancedFieldSelector) SetEndsWith(v []*string) *AdvancedFieldSelector {
- s.EndsWith = v
+// SetIncludeGlobalServiceEvents sets the IncludeGlobalServiceEvents field's value.
+func (s *CreateTrailOutput) SetIncludeGlobalServiceEvents(v bool) *CreateTrailOutput {
+ s.IncludeGlobalServiceEvents = &v
return s
}
-// SetEquals sets the Equals field's value.
-func (s *AdvancedFieldSelector) SetEquals(v []*string) *AdvancedFieldSelector {
- s.Equals = v
+// SetIsMultiRegionTrail sets the IsMultiRegionTrail field's value.
+func (s *CreateTrailOutput) SetIsMultiRegionTrail(v bool) *CreateTrailOutput {
+ s.IsMultiRegionTrail = &v
+ return s
+}
+
+// SetIsOrganizationTrail sets the IsOrganizationTrail field's value.
+func (s *CreateTrailOutput) SetIsOrganizationTrail(v bool) *CreateTrailOutput {
+ s.IsOrganizationTrail = &v
+ return s
+}
+
+// SetKmsKeyId sets the KmsKeyId field's value.
+func (s *CreateTrailOutput) SetKmsKeyId(v string) *CreateTrailOutput {
+ s.KmsKeyId = &v
+ return s
+}
+
+// SetLogFileValidationEnabled sets the LogFileValidationEnabled field's value.
+func (s *CreateTrailOutput) SetLogFileValidationEnabled(v bool) *CreateTrailOutput {
+ s.LogFileValidationEnabled = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *CreateTrailOutput) SetName(v string) *CreateTrailOutput {
+ s.Name = &v
+ return s
+}
+
+// SetS3BucketName sets the S3BucketName field's value.
+func (s *CreateTrailOutput) SetS3BucketName(v string) *CreateTrailOutput {
+ s.S3BucketName = &v
+ return s
+}
+
+// SetS3KeyPrefix sets the S3KeyPrefix field's value.
+func (s *CreateTrailOutput) SetS3KeyPrefix(v string) *CreateTrailOutput {
+ s.S3KeyPrefix = &v
+ return s
+}
+
+// SetSnsTopicARN sets the SnsTopicARN field's value.
+func (s *CreateTrailOutput) SetSnsTopicARN(v string) *CreateTrailOutput {
+ s.SnsTopicARN = &v
+ return s
+}
+
+// SetSnsTopicName sets the SnsTopicName field's value.
+func (s *CreateTrailOutput) SetSnsTopicName(v string) *CreateTrailOutput {
+ s.SnsTopicName = &v
+ return s
+}
+
+// SetTrailARN sets the TrailARN field's value.
+func (s *CreateTrailOutput) SetTrailARN(v string) *CreateTrailOutput {
+ s.TrailARN = &v
return s
}
-// SetField sets the Field field's value.
-func (s *AdvancedFieldSelector) SetField(v string) *AdvancedFieldSelector {
- s.Field = &v
- return s
+// The Amazon S3 buckets, Lambda functions, or Amazon DynamoDB tables that you
+// specify in your event selectors for your trail to log data events. Data events
+// provide information about the resource operations performed on or within
+// a resource itself. These are also known as data plane operations. You can
+// specify up to 250 data resources for a trail.
+//
+// The total number of allowed data resources is 250. This number can be distributed
+// between 1 and 5 event selectors, but the total cannot exceed 250 across all
+// selectors.
+//
+// If you are using advanced event selectors, the maximum total number of values
+// for all conditions, across all advanced event selectors for the trail, is
+// 500.
+//
+// The following example demonstrates how logging works when you configure logging
+// of all data events for an S3 bucket named bucket-1. In this example, the
+// CloudTrail user specified an empty prefix, and the option to log both Read
+// and Write data events.
+//
+// A user uploads an image file to bucket-1.
+//
+// The PutObject API operation is an Amazon S3 object-level API. It is recorded
+// as a data event in CloudTrail. Because the CloudTrail user specified an S3
+// bucket with an empty prefix, events that occur on any object in that bucket
+// are logged. The trail processes and logs the event.
+//
+// A user uploads an object to an Amazon S3 bucket named arn:aws:s3:::bucket-2.
+//
+// The PutObject API operation occurred for an object in an S3 bucket that the
+// CloudTrail user didn't specify for the trail. The trail doesn’t log the
+// event.
+//
+// The following example demonstrates how logging works when you configure logging
+// of Lambda data events for a Lambda function named MyLambdaFunction, but not
+// for all Lambda functions.
+//
+// A user runs a script that includes a call to the MyLambdaFunction function
+// and the MyOtherLambdaFunction function.
+//
+// The Invoke API operation on MyLambdaFunction is an Lambda API. It is recorded
+// as a data event in CloudTrail. Because the CloudTrail user specified logging
+// data events for MyLambdaFunction, any invocations of that function are logged.
+// The trail processes and logs the event.
+//
+// The Invoke API operation on MyOtherLambdaFunction is an Lambda API. Because
+// the CloudTrail user did not specify logging data events for all Lambda functions,
+// the Invoke operation for MyOtherLambdaFunction does not match the function
+// specified for the trail. The trail doesn’t log the event.
+type DataResource struct {
+ _ struct{} `type:"structure"`
+
+ // The resource type in which you want to log data events. You can specify the
+ // following basic event selector resource types:
+ //
+ // * AWS::S3::Object
+ //
+ // * AWS::Lambda::Function
+ //
+ // * AWS::DynamoDB::Table
+ //
+ // The following resource types are also availble through advanced event selectors.
+ // Basic event selector resource types are valid in advanced event selectors,
+ // but advanced event selector resource types are not valid in basic event selectors.
+ // For more information, see AdvancedFieldSelector$Field.
+ //
+ // * AWS::S3Outposts::Object
+ //
+ // * AWS::ManagedBlockchain::Node
+ //
+ // * AWS::S3ObjectLambda::AccessPoint
+ //
+ // * AWS::EC2::Snapshot
+ //
+ // * AWS::S3::AccessPoint
+ //
+ // * AWS::DynamoDB::Stream
+ Type *string `type:"string"`
+
+ // An array of Amazon Resource Name (ARN) strings or partial ARN strings for
+ // the specified objects.
+ //
+ // * To log data events for all objects in all S3 buckets in your Amazon
+ // Web Services account, specify the prefix as arn:aws:s3:::. This also enables
+ // logging of data event activity performed by any user or role in your Amazon
+ // Web Services account, even if that activity is performed on a bucket that
+ // belongs to another Amazon Web Services account.
+ //
+ // * To log data events for all objects in an S3 bucket, specify the bucket
+ // and an empty object prefix such as arn:aws:s3:::bucket-1/. The trail logs
+ // data events for all objects in this S3 bucket.
+ //
+ // * To log data events for specific objects, specify the S3 bucket and object
+ // prefix such as arn:aws:s3:::bucket-1/example-images. The trail logs data
+ // events for objects in this S3 bucket that match the prefix.
+ //
+ // * To log data events for all Lambda functions in your Amazon Web Services
+ // account, specify the prefix as arn:aws:lambda. This also enables logging
+ // of Invoke activity performed by any user or role in your Amazon Web Services
+ // account, even if that activity is performed on a function that belongs
+ // to another Amazon Web Services account.
+ //
+ // * To log data events for a specific Lambda function, specify the function
+ // ARN. Lambda function ARNs are exact. For example, if you specify a function
+ // ARN arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events
+ // will only be logged for arn:aws:lambda:us-west-2:111111111111:function:helloworld.
+ // They will not be logged for arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
+ //
+ // * To log data events for all DynamoDB tables in your Amazon Web Services
+ // account, specify the prefix as arn:aws:dynamodb.
+ Values []*string `type:"list"`
}
-// SetNotEndsWith sets the NotEndsWith field's value.
-func (s *AdvancedFieldSelector) SetNotEndsWith(v []*string) *AdvancedFieldSelector {
- s.NotEndsWith = v
- return s
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DataResource) String() string {
+ return awsutil.Prettify(s)
}
-// SetNotEquals sets the NotEquals field's value.
-func (s *AdvancedFieldSelector) SetNotEquals(v []*string) *AdvancedFieldSelector {
- s.NotEquals = v
- return s
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DataResource) GoString() string {
+ return s.String()
}
-// SetNotStartsWith sets the NotStartsWith field's value.
-func (s *AdvancedFieldSelector) SetNotStartsWith(v []*string) *AdvancedFieldSelector {
- s.NotStartsWith = v
+// SetType sets the Type field's value.
+func (s *DataResource) SetType(v string) *DataResource {
+ s.Type = &v
return s
}
-// SetStartsWith sets the StartsWith field's value.
-func (s *AdvancedFieldSelector) SetStartsWith(v []*string) *AdvancedFieldSelector {
- s.StartsWith = v
+// SetValues sets the Values field's value.
+func (s *DataResource) SetValues(v []*string) *DataResource {
+ s.Values = v
return s
}
-// This exception is thrown when a call results in the InvalidClientTokenId
-// error code. This can occur when you are creating or updating a trail to send
-// notifications to an Amazon SNS topic that is in a suspended Amazon Web Services
-// account.
-type CloudTrailInvalidClientTokenIdException struct {
- _ struct{} `type:"structure"`
- RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+type DeleteEventDataStoreInput struct {
+ _ struct{} `type:"structure"`
- Message_ *string `locationName:"message" type:"string"`
+ // The ARN (or the ID suffix of the ARN) of the event data store to delete.
+ //
+ // EventDataStore is a required field
+ EventDataStore *string `min:"3" type:"string" required:"true"`
}
// String returns the string representation.
@@ -3085,7 +5607,7 @@ type CloudTrailInvalidClientTokenIdException struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s CloudTrailInvalidClientTokenIdException) String() string {
+func (s DeleteEventDataStoreInput) String() string {
return awsutil.Prettify(s)
}
@@ -3094,54 +5616,34 @@ func (s CloudTrailInvalidClientTokenIdException) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s CloudTrailInvalidClientTokenIdException) GoString() string {
+func (s DeleteEventDataStoreInput) GoString() string {
return s.String()
}
-func newErrorCloudTrailInvalidClientTokenIdException(v protocol.ResponseMetadata) error {
- return &CloudTrailInvalidClientTokenIdException{
- RespMetadata: v,
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DeleteEventDataStoreInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DeleteEventDataStoreInput"}
+ if s.EventDataStore == nil {
+ invalidParams.Add(request.NewErrParamRequired("EventDataStore"))
}
-}
-
-// Code returns the exception type name.
-func (s *CloudTrailInvalidClientTokenIdException) Code() string {
- return "CloudTrailInvalidClientTokenIdException"
-}
-
-// Message returns the exception's message.
-func (s *CloudTrailInvalidClientTokenIdException) Message() string {
- if s.Message_ != nil {
- return *s.Message_
+ if s.EventDataStore != nil && len(*s.EventDataStore) < 3 {
+ invalidParams.Add(request.NewErrParamMinLen("EventDataStore", 3))
}
- return ""
-}
-// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *CloudTrailInvalidClientTokenIdException) OrigErr() error {
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
return nil
}
-func (s *CloudTrailInvalidClientTokenIdException) Error() string {
- return fmt.Sprintf("%s: %s", s.Code(), s.Message())
-}
-
-// Status code returns the HTTP status code for the request's response error.
-func (s *CloudTrailInvalidClientTokenIdException) StatusCode() int {
- return s.RespMetadata.StatusCode
-}
-
-// RequestID returns the service's response RequestID for request.
-func (s *CloudTrailInvalidClientTokenIdException) RequestID() string {
- return s.RespMetadata.RequestID
+// SetEventDataStore sets the EventDataStore field's value.
+func (s *DeleteEventDataStoreInput) SetEventDataStore(v string) *DeleteEventDataStoreInput {
+ s.EventDataStore = &v
+ return s
}
-// Cannot set a CloudWatch Logs delivery for this region.
-type CloudWatchLogsDeliveryUnavailableException struct {
- _ struct{} `type:"structure"`
- RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
-
- Message_ *string `locationName:"message" type:"string"`
+type DeleteEventDataStoreOutput struct {
+ _ struct{} `type:"structure"`
}
// String returns the string representation.
@@ -3149,7 +5651,7 @@ type CloudWatchLogsDeliveryUnavailableException struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s CloudWatchLogsDeliveryUnavailableException) String() string {
+func (s DeleteEventDataStoreOutput) String() string {
return awsutil.Prettify(s)
}
@@ -3158,57 +5660,19 @@ func (s CloudWatchLogsDeliveryUnavailableException) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s CloudWatchLogsDeliveryUnavailableException) GoString() string {
+func (s DeleteEventDataStoreOutput) GoString() string {
return s.String()
}
-func newErrorCloudWatchLogsDeliveryUnavailableException(v protocol.ResponseMetadata) error {
- return &CloudWatchLogsDeliveryUnavailableException{
- RespMetadata: v,
- }
-}
-
-// Code returns the exception type name.
-func (s *CloudWatchLogsDeliveryUnavailableException) Code() string {
- return "CloudWatchLogsDeliveryUnavailableException"
-}
-
-// Message returns the exception's message.
-func (s *CloudWatchLogsDeliveryUnavailableException) Message() string {
- if s.Message_ != nil {
- return *s.Message_
- }
- return ""
-}
-
-// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *CloudWatchLogsDeliveryUnavailableException) OrigErr() error {
- return nil
-}
-
-func (s *CloudWatchLogsDeliveryUnavailableException) Error() string {
- return fmt.Sprintf("%s: %s", s.Code(), s.Message())
-}
-
-// Status code returns the HTTP status code for the request's response error.
-func (s *CloudWatchLogsDeliveryUnavailableException) StatusCode() int {
- return s.RespMetadata.StatusCode
-}
-
-// RequestID returns the service's response RequestID for request.
-func (s *CloudWatchLogsDeliveryUnavailableException) RequestID() string {
- return s.RespMetadata.RequestID
-}
-
-// This exception is thrown when the specified resource is not ready for an
-// operation. This can occur when you try to run an operation on a trail before
-// CloudTrail has time to fully load the trail. If this exception occurs, wait
-// a few minutes, and then try the operation again.
-type ConflictException struct {
- _ struct{} `type:"structure"`
- RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+// The request that specifies the name of a trail to delete.
+type DeleteTrailInput struct {
+ _ struct{} `type:"structure"`
- Message_ *string `locationName:"message" type:"string"`
+ // Specifies the name or the CloudTrail ARN of the trail to be deleted. The
+ // following is the format of a trail ARN. arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
+ //
+ // Name is a required field
+ Name *string `type:"string" required:"true"`
}
// String returns the string representation.
@@ -3216,7 +5680,7 @@ type ConflictException struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s ConflictException) String() string {
+func (s DeleteTrailInput) String() string {
return awsutil.Prettify(s)
}
@@ -3225,145 +5689,66 @@ func (s ConflictException) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s ConflictException) GoString() string {
+func (s DeleteTrailInput) GoString() string {
return s.String()
}
-func newErrorConflictException(v protocol.ResponseMetadata) error {
- return &ConflictException{
- RespMetadata: v,
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *DeleteTrailInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DeleteTrailInput"}
+ if s.Name == nil {
+ invalidParams.Add(request.NewErrParamRequired("Name"))
}
-}
-
-// Code returns the exception type name.
-func (s *ConflictException) Code() string {
- return "ConflictException"
-}
-// Message returns the exception's message.
-func (s *ConflictException) Message() string {
- if s.Message_ != nil {
- return *s.Message_
+ if invalidParams.Len() > 0 {
+ return invalidParams
}
- return ""
-}
-
-// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *ConflictException) OrigErr() error {
return nil
}
-func (s *ConflictException) Error() string {
- return fmt.Sprintf("%s: %s", s.Code(), s.Message())
-}
-
-// Status code returns the HTTP status code for the request's response error.
-func (s *ConflictException) StatusCode() int {
- return s.RespMetadata.StatusCode
-}
-
-// RequestID returns the service's response RequestID for request.
-func (s *ConflictException) RequestID() string {
- return s.RespMetadata.RequestID
-}
-
-// Specifies the settings for each trail.
-type CreateTrailInput struct {
- _ struct{} `type:"structure"`
-
- // Specifies a log group name using an Amazon Resource Name (ARN), a unique
- // identifier that represents the log group to which CloudTrail logs will be
- // delivered. Not required unless you specify CloudWatchLogsRoleArn.
- CloudWatchLogsLogGroupArn *string `type:"string"`
-
- // Specifies the role for the CloudWatch Logs endpoint to assume to write to
- // a user's log group.
- CloudWatchLogsRoleArn *string `type:"string"`
-
- // Specifies whether log file integrity validation is enabled. The default is
- // false.
- //
- // When you disable log file integrity validation, the chain of digest files
- // is broken after one hour. CloudTrail does not create digest files for log
- // files that were delivered during a period in which log file integrity validation
- // was disabled. For example, if you enable log file integrity validation at
- // noon on January 1, disable it at noon on January 2, and re-enable it at noon
- // on January 10, digest files will not be created for the log files delivered
- // from noon on January 2 to noon on January 10. The same applies whenever you
- // stop CloudTrail logging or delete a trail.
- EnableLogFileValidation *bool `type:"boolean"`
+// SetName sets the Name field's value.
+func (s *DeleteTrailInput) SetName(v string) *DeleteTrailInput {
+ s.Name = &v
+ return s
+}
- // Specifies whether the trail is publishing events from global services such
- // as IAM to the log files.
- IncludeGlobalServiceEvents *bool `type:"boolean"`
+// Returns the objects or data listed below if successful. Otherwise, returns
+// an error.
+type DeleteTrailOutput struct {
+ _ struct{} `type:"structure"`
+}
- // Specifies whether the trail is created in the current region or in all regions.
- // The default is false, which creates a trail only in the region where you
- // are signed in. As a best practice, consider creating trails that log events
- // in all regions.
- IsMultiRegionTrail *bool `type:"boolean"`
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DeleteTrailOutput) String() string {
+ return awsutil.Prettify(s)
+}
- // Specifies whether the trail is created for all accounts in an organization
- // in Organizations, or only for the current Amazon Web Services account. The
- // default is false, and cannot be true unless the call is made on behalf of
- // an Amazon Web Services account that is the management account for an organization
- // in Organizations.
- IsOrganizationTrail *bool `type:"boolean"`
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DeleteTrailOutput) GoString() string {
+ return s.String()
+}
- // Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail.
- // The value can be an alias name prefixed by "alias/", a fully specified ARN
- // to an alias, a fully specified ARN to a key, or a globally unique identifier.
- //
- // CloudTrail also supports KMS multi-Region keys. For more information about
- // multi-Region keys, see Using multi-Region keys (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html)
- // in the Key Management Service Developer Guide.
- //
- // Examples:
- //
- // * alias/MyAliasName
- //
- // * arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
- //
- // * arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
- //
- // * 12345678-1234-1234-1234-123456789012
- KmsKeyId *string `type:"string"`
+type DescribeQueryInput struct {
+ _ struct{} `type:"structure"`
- // Specifies the name of the trail. The name must meet the following requirements:
- //
- // * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores
- // (_), or dashes (-)
- //
- // * Start with a letter or number, and end with a letter or number
- //
- // * Be between 3 and 128 characters
+ // The ARN (or the ID suffix of the ARN) of an event data store on which the
+ // specified query was run.
//
- // * Have no adjacent periods, underscores or dashes. Names like my-_namespace
- // and my--namespace are not valid.
- //
- // * Not be in IP address format (for example, 192.168.5.4)
- //
- // Name is a required field
- Name *string `type:"string" required:"true"`
+ // EventDataStore is a required field
+ EventDataStore *string `min:"3" type:"string" required:"true"`
- // Specifies the name of the Amazon S3 bucket designated for publishing log
- // files. See Amazon S3 Bucket Naming Requirements (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html).
+ // The query ID.
//
- // S3BucketName is a required field
- S3BucketName *string `type:"string" required:"true"`
-
- // Specifies the Amazon S3 key prefix that comes after the name of the bucket
- // you have designated for log file delivery. For more information, see Finding
- // Your CloudTrail Log Files (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html).
- // The maximum length is 200 characters.
- S3KeyPrefix *string `type:"string"`
-
- // Specifies the name of the Amazon SNS topic defined for notification of log
- // file delivery. The maximum length is 256 characters.
- SnsTopicName *string `type:"string"`
-
- // A list of tags.
- TagsList []*Tag `type:"list"`
+ // QueryId is a required field
+ QueryId *string `min:"36" type:"string" required:"true"`
}
// String returns the string representation.
@@ -3371,7 +5756,7 @@ type CreateTrailInput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s CreateTrailInput) String() string {
+func (s DescribeQueryInput) String() string {
return awsutil.Prettify(s)
}
@@ -3380,28 +5765,24 @@ func (s CreateTrailInput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s CreateTrailInput) GoString() string {
+func (s DescribeQueryInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
-func (s *CreateTrailInput) Validate() error {
- invalidParams := request.ErrInvalidParams{Context: "CreateTrailInput"}
- if s.Name == nil {
- invalidParams.Add(request.NewErrParamRequired("Name"))
+func (s *DescribeQueryInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "DescribeQueryInput"}
+ if s.EventDataStore == nil {
+ invalidParams.Add(request.NewErrParamRequired("EventDataStore"))
}
- if s.S3BucketName == nil {
- invalidParams.Add(request.NewErrParamRequired("S3BucketName"))
+ if s.EventDataStore != nil && len(*s.EventDataStore) < 3 {
+ invalidParams.Add(request.NewErrParamMinLen("EventDataStore", 3))
}
- if s.TagsList != nil {
- for i, v := range s.TagsList {
- if v == nil {
- continue
- }
- if err := v.Validate(); err != nil {
- invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TagsList", i), err.(request.ErrInvalidParams))
- }
- }
+ if s.QueryId == nil {
+ invalidParams.Add(request.NewErrParamRequired("QueryId"))
+ }
+ if s.QueryId != nil && len(*s.QueryId) < 36 {
+ invalidParams.Add(request.NewErrParamMinLen("QueryId", 36))
}
if invalidParams.Len() > 0 {
@@ -3410,138 +5791,223 @@ func (s *CreateTrailInput) Validate() error {
return nil
}
-// SetCloudWatchLogsLogGroupArn sets the CloudWatchLogsLogGroupArn field's value.
-func (s *CreateTrailInput) SetCloudWatchLogsLogGroupArn(v string) *CreateTrailInput {
- s.CloudWatchLogsLogGroupArn = &v
+// SetEventDataStore sets the EventDataStore field's value.
+func (s *DescribeQueryInput) SetEventDataStore(v string) *DescribeQueryInput {
+ s.EventDataStore = &v
return s
}
-// SetCloudWatchLogsRoleArn sets the CloudWatchLogsRoleArn field's value.
-func (s *CreateTrailInput) SetCloudWatchLogsRoleArn(v string) *CreateTrailInput {
- s.CloudWatchLogsRoleArn = &v
+// SetQueryId sets the QueryId field's value.
+func (s *DescribeQueryInput) SetQueryId(v string) *DescribeQueryInput {
+ s.QueryId = &v
return s
}
-// SetEnableLogFileValidation sets the EnableLogFileValidation field's value.
-func (s *CreateTrailInput) SetEnableLogFileValidation(v bool) *CreateTrailInput {
- s.EnableLogFileValidation = &v
- return s
+type DescribeQueryOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The error message returned if a query failed.
+ ErrorMessage *string `min:"4" type:"string"`
+
+ // The ID of the query.
+ QueryId *string `min:"36" type:"string"`
+
+ // Metadata about a query, including the number of events that were matched,
+ // the total number of events scanned, the query run time in milliseconds, and
+ // the query's creation time.
+ QueryStatistics *QueryStatisticsForDescribeQuery `type:"structure"`
+
+ // The status of a query. Values for QueryStatus include QUEUED, RUNNING, FINISHED,
+ // FAILED, or CANCELLED
+ QueryStatus *string `type:"string" enum:"QueryStatus"`
+
+ // The SQL code of a query.
+ QueryString *string `min:"1" type:"string"`
}
-// SetIncludeGlobalServiceEvents sets the IncludeGlobalServiceEvents field's value.
-func (s *CreateTrailInput) SetIncludeGlobalServiceEvents(v bool) *CreateTrailInput {
- s.IncludeGlobalServiceEvents = &v
- return s
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DescribeQueryOutput) String() string {
+ return awsutil.Prettify(s)
}
-// SetIsMultiRegionTrail sets the IsMultiRegionTrail field's value.
-func (s *CreateTrailInput) SetIsMultiRegionTrail(v bool) *CreateTrailInput {
- s.IsMultiRegionTrail = &v
- return s
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DescribeQueryOutput) GoString() string {
+ return s.String()
}
-// SetIsOrganizationTrail sets the IsOrganizationTrail field's value.
-func (s *CreateTrailInput) SetIsOrganizationTrail(v bool) *CreateTrailInput {
- s.IsOrganizationTrail = &v
+// SetErrorMessage sets the ErrorMessage field's value.
+func (s *DescribeQueryOutput) SetErrorMessage(v string) *DescribeQueryOutput {
+ s.ErrorMessage = &v
return s
}
-// SetKmsKeyId sets the KmsKeyId field's value.
-func (s *CreateTrailInput) SetKmsKeyId(v string) *CreateTrailInput {
- s.KmsKeyId = &v
+// SetQueryId sets the QueryId field's value.
+func (s *DescribeQueryOutput) SetQueryId(v string) *DescribeQueryOutput {
+ s.QueryId = &v
return s
}
-// SetName sets the Name field's value.
-func (s *CreateTrailInput) SetName(v string) *CreateTrailInput {
- s.Name = &v
+// SetQueryStatistics sets the QueryStatistics field's value.
+func (s *DescribeQueryOutput) SetQueryStatistics(v *QueryStatisticsForDescribeQuery) *DescribeQueryOutput {
+ s.QueryStatistics = v
return s
}
-// SetS3BucketName sets the S3BucketName field's value.
-func (s *CreateTrailInput) SetS3BucketName(v string) *CreateTrailInput {
- s.S3BucketName = &v
+// SetQueryStatus sets the QueryStatus field's value.
+func (s *DescribeQueryOutput) SetQueryStatus(v string) *DescribeQueryOutput {
+ s.QueryStatus = &v
return s
}
-// SetS3KeyPrefix sets the S3KeyPrefix field's value.
-func (s *CreateTrailInput) SetS3KeyPrefix(v string) *CreateTrailInput {
- s.S3KeyPrefix = &v
+// SetQueryString sets the QueryString field's value.
+func (s *DescribeQueryOutput) SetQueryString(v string) *DescribeQueryOutput {
+ s.QueryString = &v
return s
}
-// SetSnsTopicName sets the SnsTopicName field's value.
-func (s *CreateTrailInput) SetSnsTopicName(v string) *CreateTrailInput {
- s.SnsTopicName = &v
+// Returns information about the trail.
+type DescribeTrailsInput struct {
+ _ struct{} `type:"structure"`
+
+ // Specifies whether to include shadow trails in the response. A shadow trail
+ // is the replication in a region of a trail that was created in a different
+ // region, or in the case of an organization trail, the replication of an organization
+ // trail in member accounts. If you do not include shadow trails, organization
+ // trails in a member account and region replication trails will not be returned.
+ // The default is true.
+ IncludeShadowTrails *bool `locationName:"includeShadowTrails" type:"boolean"`
+
+ // Specifies a list of trail names, trail ARNs, or both, of the trails to describe.
+ // The format of a trail ARN is:
+ //
+ // arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
+ //
+ // If an empty list is specified, information for the trail in the current region
+ // is returned.
+ //
+ // * If an empty list is specified and IncludeShadowTrails is false, then
+ // information for all trails in the current region is returned.
+ //
+ // * If an empty list is specified and IncludeShadowTrails is null or true,
+ // then information for all trails in the current region and any associated
+ // shadow trails in other regions is returned.
+ //
+ // If one or more trail names are specified, information is returned only if
+ // the names match the names of trails belonging only to the current region.
+ // To return information about a trail in another region, you must specify its
+ // trail ARN.
+ TrailNameList []*string `locationName:"trailNameList" type:"list"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DescribeTrailsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DescribeTrailsInput) GoString() string {
+ return s.String()
+}
+
+// SetIncludeShadowTrails sets the IncludeShadowTrails field's value.
+func (s *DescribeTrailsInput) SetIncludeShadowTrails(v bool) *DescribeTrailsInput {
+ s.IncludeShadowTrails = &v
return s
}
-// SetTagsList sets the TagsList field's value.
-func (s *CreateTrailInput) SetTagsList(v []*Tag) *CreateTrailInput {
- s.TagsList = v
+// SetTrailNameList sets the TrailNameList field's value.
+func (s *DescribeTrailsInput) SetTrailNameList(v []*string) *DescribeTrailsInput {
+ s.TrailNameList = v
return s
}
// Returns the objects or data listed below if successful. Otherwise, returns
// an error.
-type CreateTrailOutput struct {
+type DescribeTrailsOutput struct {
_ struct{} `type:"structure"`
- // Specifies the Amazon Resource Name (ARN) of the log group to which CloudTrail
- // logs will be delivered.
- CloudWatchLogsLogGroupArn *string `type:"string"`
+ // The list of trail objects. Trail objects with string values are only returned
+ // if values for the objects exist in a trail's configuration. For example,
+ // SNSTopicName and SNSTopicARN are only returned in results if a trail is configured
+ // to send SNS notifications. Similarly, KMSKeyId only appears in results if
+ // a trail's log files are encrypted with KMS customer managed keys.
+ TrailList []*Trail `locationName:"trailList" type:"list"`
+}
- // Specifies the role for the CloudWatch Logs endpoint to assume to write to
- // a user's log group.
- CloudWatchLogsRoleArn *string `type:"string"`
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DescribeTrailsOutput) String() string {
+ return awsutil.Prettify(s)
+}
- // Specifies whether the trail is publishing events from global services such
- // as IAM to the log files.
- IncludeGlobalServiceEvents *bool `type:"boolean"`
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DescribeTrailsOutput) GoString() string {
+ return s.String()
+}
+
+// SetTrailList sets the TrailList field's value.
+func (s *DescribeTrailsOutput) SetTrailList(v []*Trail) *DescribeTrailsOutput {
+ s.TrailList = v
+ return s
+}
- // Specifies whether the trail exists in one region or in all regions.
- IsMultiRegionTrail *bool `type:"boolean"`
+// Contains information about an event that was returned by a lookup request.
+// The result includes a representation of a CloudTrail event.
+type Event struct {
+ _ struct{} `type:"structure"`
- // Specifies whether the trail is an organization trail.
- IsOrganizationTrail *bool `type:"boolean"`
+ // The Amazon Web Services access key ID that was used to sign the request.
+ // If the request was made with temporary security credentials, this is the
+ // access key ID of the temporary credentials.
+ AccessKeyId *string `type:"string"`
- // Specifies the KMS key ID that encrypts the logs delivered by CloudTrail.
- // The value is a fully specified ARN to a KMS key in the following format.
- //
- // arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
- KmsKeyId *string `type:"string"`
+ // A JSON string that contains a representation of the event returned.
+ CloudTrailEvent *string `type:"string"`
- // Specifies whether log file integrity validation is enabled.
- LogFileValidationEnabled *bool `type:"boolean"`
+ // The CloudTrail ID of the event returned.
+ EventId *string `type:"string"`
- // Specifies the name of the trail.
- Name *string `type:"string"`
+ // The name of the event returned.
+ EventName *string `type:"string"`
- // Specifies the name of the Amazon S3 bucket designated for publishing log
- // files.
- S3BucketName *string `type:"string"`
+ // The Amazon Web Services service to which the request was made.
+ EventSource *string `type:"string"`
- // Specifies the Amazon S3 key prefix that comes after the name of the bucket
- // you have designated for log file delivery. For more information, see Finding
- // Your CloudTrail Log Files (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html).
- S3KeyPrefix *string `type:"string"`
+ // The date and time of the event returned.
+ EventTime *time.Time `type:"timestamp"`
- // Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send notifications
- // when log files are delivered. The format of a topic ARN is:
- //
- // arn:aws:sns:us-east-2:123456789012:MyTopic
- SnsTopicARN *string `type:"string"`
+ // Information about whether the event is a write event or a read event.
+ ReadOnly *string `type:"string"`
- // This field is no longer in use. Use SnsTopicARN.
- //
- // Deprecated: SnsTopicName has been deprecated
- SnsTopicName *string `deprecated:"true" type:"string"`
+ // A list of resources referenced by the event returned.
+ Resources []*Resource `type:"list"`
- // Specifies the ARN of the trail that was created. The format of a trail ARN
- // is:
- //
- // arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
- TrailARN *string `type:"string"`
+ // A user name or role name of the requester that called the API in the event
+ // returned.
+ Username *string `type:"string"`
}
// String returns the string representation.
@@ -3549,7 +6015,7 @@ type CreateTrailOutput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s CreateTrailOutput) String() string {
+func (s Event) String() string {
return awsutil.Prettify(s)
}
@@ -3558,198 +6024,105 @@ func (s CreateTrailOutput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s CreateTrailOutput) GoString() string {
+func (s Event) GoString() string {
return s.String()
}
-// SetCloudWatchLogsLogGroupArn sets the CloudWatchLogsLogGroupArn field's value.
-func (s *CreateTrailOutput) SetCloudWatchLogsLogGroupArn(v string) *CreateTrailOutput {
- s.CloudWatchLogsLogGroupArn = &v
+// SetAccessKeyId sets the AccessKeyId field's value.
+func (s *Event) SetAccessKeyId(v string) *Event {
+ s.AccessKeyId = &v
return s
}
-// SetCloudWatchLogsRoleArn sets the CloudWatchLogsRoleArn field's value.
-func (s *CreateTrailOutput) SetCloudWatchLogsRoleArn(v string) *CreateTrailOutput {
- s.CloudWatchLogsRoleArn = &v
+// SetCloudTrailEvent sets the CloudTrailEvent field's value.
+func (s *Event) SetCloudTrailEvent(v string) *Event {
+ s.CloudTrailEvent = &v
return s
}
-// SetIncludeGlobalServiceEvents sets the IncludeGlobalServiceEvents field's value.
-func (s *CreateTrailOutput) SetIncludeGlobalServiceEvents(v bool) *CreateTrailOutput {
- s.IncludeGlobalServiceEvents = &v
+// SetEventId sets the EventId field's value.
+func (s *Event) SetEventId(v string) *Event {
+ s.EventId = &v
return s
}
-// SetIsMultiRegionTrail sets the IsMultiRegionTrail field's value.
-func (s *CreateTrailOutput) SetIsMultiRegionTrail(v bool) *CreateTrailOutput {
- s.IsMultiRegionTrail = &v
+// SetEventName sets the EventName field's value.
+func (s *Event) SetEventName(v string) *Event {
+ s.EventName = &v
return s
}
-// SetIsOrganizationTrail sets the IsOrganizationTrail field's value.
-func (s *CreateTrailOutput) SetIsOrganizationTrail(v bool) *CreateTrailOutput {
- s.IsOrganizationTrail = &v
+// SetEventSource sets the EventSource field's value.
+func (s *Event) SetEventSource(v string) *Event {
+ s.EventSource = &v
return s
}
-// SetKmsKeyId sets the KmsKeyId field's value.
-func (s *CreateTrailOutput) SetKmsKeyId(v string) *CreateTrailOutput {
- s.KmsKeyId = &v
+// SetEventTime sets the EventTime field's value.
+func (s *Event) SetEventTime(v time.Time) *Event {
+ s.EventTime = &v
return s
}
-// SetLogFileValidationEnabled sets the LogFileValidationEnabled field's value.
-func (s *CreateTrailOutput) SetLogFileValidationEnabled(v bool) *CreateTrailOutput {
- s.LogFileValidationEnabled = &v
+// SetReadOnly sets the ReadOnly field's value.
+func (s *Event) SetReadOnly(v string) *Event {
+ s.ReadOnly = &v
return s
}
-// SetName sets the Name field's value.
-func (s *CreateTrailOutput) SetName(v string) *CreateTrailOutput {
- s.Name = &v
+// SetResources sets the Resources field's value.
+func (s *Event) SetResources(v []*Resource) *Event {
+ s.Resources = v
return s
}
-// SetS3BucketName sets the S3BucketName field's value.
-func (s *CreateTrailOutput) SetS3BucketName(v string) *CreateTrailOutput {
- s.S3BucketName = &v
+// SetUsername sets the Username field's value.
+func (s *Event) SetUsername(v string) *Event {
+ s.Username = &v
return s
}
-// SetS3KeyPrefix sets the S3KeyPrefix field's value.
-func (s *CreateTrailOutput) SetS3KeyPrefix(v string) *CreateTrailOutput {
- s.S3KeyPrefix = &v
- return s
-}
+// A storage lake of event data against which you can run complex SQL-based
+// queries. An event data store can include events that you have logged on your
+// account from the last 90 to 2555 days (about three months to up to seven
+// years). To select events for an event data store, use advanced event selectors
+// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced).
+type EventDataStore struct {
+ _ struct{} `type:"structure"`
-// SetSnsTopicARN sets the SnsTopicARN field's value.
-func (s *CreateTrailOutput) SetSnsTopicARN(v string) *CreateTrailOutput {
- s.SnsTopicARN = &v
- return s
-}
+ // The advanced event selectors that were used to select events for the data
+ // store.
+ AdvancedEventSelectors []*AdvancedEventSelector `type:"list"`
-// SetSnsTopicName sets the SnsTopicName field's value.
-func (s *CreateTrailOutput) SetSnsTopicName(v string) *CreateTrailOutput {
- s.SnsTopicName = &v
- return s
-}
+ // The timestamp of the event data store's creation.
+ CreatedTimestamp *time.Time `type:"timestamp"`
-// SetTrailARN sets the TrailARN field's value.
-func (s *CreateTrailOutput) SetTrailARN(v string) *CreateTrailOutput {
- s.TrailARN = &v
- return s
-}
+ // The ARN of the event data store.
+ EventDataStoreArn *string `min:"3" type:"string"`
-// The Amazon S3 buckets, Lambda functions, or Amazon DynamoDB tables that you
-// specify in your event selectors for your trail to log data events. Data events
-// provide information about the resource operations performed on or within
-// a resource itself. These are also known as data plane operations. You can
-// specify up to 250 data resources for a trail.
-//
-// The total number of allowed data resources is 250. This number can be distributed
-// between 1 and 5 event selectors, but the total cannot exceed 250 across all
-// selectors.
-//
-// If you are using advanced event selectors, the maximum total number of values
-// for all conditions, across all advanced event selectors for the trail, is
-// 500.
-//
-// The following example demonstrates how logging works when you configure logging
-// of all data events for an S3 bucket named bucket-1. In this example, the
-// CloudTrail user specified an empty prefix, and the option to log both Read
-// and Write data events.
-//
-// A user uploads an image file to bucket-1.
-//
-// The PutObject API operation is an Amazon S3 object-level API. It is recorded
-// as a data event in CloudTrail. Because the CloudTrail user specified an S3
-// bucket with an empty prefix, events that occur on any object in that bucket
-// are logged. The trail processes and logs the event.
-//
-// A user uploads an object to an Amazon S3 bucket named arn:aws:s3:::bucket-2.
-//
-// The PutObject API operation occurred for an object in an S3 bucket that the
-// CloudTrail user didn't specify for the trail. The trail doesn’t log the
-// event.
-//
-// The following example demonstrates how logging works when you configure logging
-// of Lambda data events for a Lambda function named MyLambdaFunction, but not
-// for all Lambda functions.
-//
-// A user runs a script that includes a call to the MyLambdaFunction function
-// and the MyOtherLambdaFunction function.
-//
-// The Invoke API operation on MyLambdaFunction is an Lambda API. It is recorded
-// as a data event in CloudTrail. Because the CloudTrail user specified logging
-// data events for MyLambdaFunction, any invocations of that function are logged.
-// The trail processes and logs the event.
-//
-// The Invoke API operation on MyOtherLambdaFunction is an Lambda API. Because
-// the CloudTrail user did not specify logging data events for all Lambda functions,
-// the Invoke operation for MyOtherLambdaFunction does not match the function
-// specified for the trail. The trail doesn’t log the event.
-type DataResource struct {
- _ struct{} `type:"structure"`
+ // Indicates whether the event data store includes events from all regions,
+ // or only from the region in which it was created.
+ MultiRegionEnabled *bool `type:"boolean"`
- // The resource type in which you want to log data events. You can specify the
- // following basic event selector resource types:
- //
- // * AWS::S3::Object
- //
- // * AWS::Lambda::Function
- //
- // * AWS::DynamoDB::Table
- //
- // The following resource types are also availble through advanced event selectors.
- // Basic event selector resource types are valid in advanced event selectors,
- // but advanced event selector resource types are not valid in basic event selectors.
- // For more information, see AdvancedFieldSelector$Field.
- //
- // * AWS::S3Outposts::Object
- //
- // * AWS::ManagedBlockchain::Node
- //
- // * AWS::S3ObjectLambda::AccessPoint
- //
- // * AWS::EC2::Snapshot
- //
- // * AWS::S3::AccessPoint
- //
- // * AWS::DynamoDB::Stream
- Type *string `type:"string"`
+ // The name of the event data store.
+ Name *string `min:"3" type:"string"`
- // An array of Amazon Resource Name (ARN) strings or partial ARN strings for
- // the specified objects.
- //
- // * To log data events for all objects in all S3 buckets in your Amazon
- // Web Services account, specify the prefix as arn:aws:s3:::. This also enables
- // logging of data event activity performed by any user or role in your Amazon
- // Web Services account, even if that activity is performed on a bucket that
- // belongs to another Amazon Web Services account.
- //
- // * To log data events for all objects in an S3 bucket, specify the bucket
- // and an empty object prefix such as arn:aws:s3:::bucket-1/. The trail logs
- // data events for all objects in this S3 bucket.
- //
- // * To log data events for specific objects, specify the S3 bucket and object
- // prefix such as arn:aws:s3:::bucket-1/example-images. The trail logs data
- // events for objects in this S3 bucket that match the prefix.
- //
- // * To log data events for all Lambda functions in your Amazon Web Services
- // account, specify the prefix as arn:aws:lambda. This also enables logging
- // of Invoke activity performed by any user or role in your Amazon Web Services
- // account, even if that activity is performed on a function that belongs
- // to another Amazon Web Services account.
- //
- // * To log data events for a specific Lambda function, specify the function
- // ARN. Lambda function ARNs are exact. For example, if you specify a function
- // ARN arn:aws:lambda:us-west-2:111111111111:function:helloworld, data events
- // will only be logged for arn:aws:lambda:us-west-2:111111111111:function:helloworld.
- // They will not be logged for arn:aws:lambda:us-west-2:111111111111:function:helloworld2.
- //
- // * To log data events for all DynamoDB tables in your Amazon Web Services
- // account, specify the prefix as arn:aws:dynamodb.
- Values []*string `type:"list"`
+ // Indicates that an event data store is collecting logged events for an organization.
+ OrganizationEnabled *bool `type:"boolean"`
+
+ // The retention period, in days.
+ RetentionPeriod *int64 `min:"7" type:"integer"`
+
+ // The status of an event data store. Values are ENABLED and PENDING_DELETION.
+ Status *string `type:"string" enum:"EventDataStoreStatus"`
+
+ // Indicates whether the event data store is protected from termination.
+ TerminationProtectionEnabled *bool `type:"boolean"`
+
+ // The timestamp showing when an event data store was updated, if applicable.
+ // UpdatedTimestamp is always either the same or newer than the time shown in
+ // CreatedTimestamp.
+ UpdatedTimestamp *time.Time `type:"timestamp"`
}
// String returns the string representation.
@@ -3757,7 +6130,7 @@ type DataResource struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DataResource) String() string {
+func (s EventDataStore) String() string {
return awsutil.Prettify(s)
}
@@ -3766,31 +6139,77 @@ func (s DataResource) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DataResource) GoString() string {
+func (s EventDataStore) GoString() string {
return s.String()
}
-// SetType sets the Type field's value.
-func (s *DataResource) SetType(v string) *DataResource {
- s.Type = &v
+// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
+func (s *EventDataStore) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *EventDataStore {
+ s.AdvancedEventSelectors = v
return s
}
-// SetValues sets the Values field's value.
-func (s *DataResource) SetValues(v []*string) *DataResource {
- s.Values = v
+// SetCreatedTimestamp sets the CreatedTimestamp field's value.
+func (s *EventDataStore) SetCreatedTimestamp(v time.Time) *EventDataStore {
+ s.CreatedTimestamp = &v
return s
}
-// The request that specifies the name of a trail to delete.
-type DeleteTrailInput struct {
- _ struct{} `type:"structure"`
+// SetEventDataStoreArn sets the EventDataStoreArn field's value.
+func (s *EventDataStore) SetEventDataStoreArn(v string) *EventDataStore {
+ s.EventDataStoreArn = &v
+ return s
+}
- // Specifies the name or the CloudTrail ARN of the trail to be deleted. The
- // following is the format of a trail ARN. arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
- //
- // Name is a required field
- Name *string `type:"string" required:"true"`
+// SetMultiRegionEnabled sets the MultiRegionEnabled field's value.
+func (s *EventDataStore) SetMultiRegionEnabled(v bool) *EventDataStore {
+ s.MultiRegionEnabled = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *EventDataStore) SetName(v string) *EventDataStore {
+ s.Name = &v
+ return s
+}
+
+// SetOrganizationEnabled sets the OrganizationEnabled field's value.
+func (s *EventDataStore) SetOrganizationEnabled(v bool) *EventDataStore {
+ s.OrganizationEnabled = &v
+ return s
+}
+
+// SetRetentionPeriod sets the RetentionPeriod field's value.
+func (s *EventDataStore) SetRetentionPeriod(v int64) *EventDataStore {
+ s.RetentionPeriod = &v
+ return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *EventDataStore) SetStatus(v string) *EventDataStore {
+ s.Status = &v
+ return s
+}
+
+// SetTerminationProtectionEnabled sets the TerminationProtectionEnabled field's value.
+func (s *EventDataStore) SetTerminationProtectionEnabled(v bool) *EventDataStore {
+ s.TerminationProtectionEnabled = &v
+ return s
+}
+
+// SetUpdatedTimestamp sets the UpdatedTimestamp field's value.
+func (s *EventDataStore) SetUpdatedTimestamp(v time.Time) *EventDataStore {
+ s.UpdatedTimestamp = &v
+ return s
+}
+
+// The specified event data store ARN is not valid or does not map to an event
+// data store in your account.
+type EventDataStoreARNInvalidException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
}
// String returns the string representation.
@@ -3798,7 +6217,7 @@ type DeleteTrailInput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DeleteTrailInput) String() string {
+func (s EventDataStoreARNInvalidException) String() string {
return awsutil.Prettify(s)
}
@@ -3807,33 +6226,54 @@ func (s DeleteTrailInput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DeleteTrailInput) GoString() string {
+func (s EventDataStoreARNInvalidException) GoString() string {
return s.String()
}
-// Validate inspects the fields of the type to determine if they are valid.
-func (s *DeleteTrailInput) Validate() error {
- invalidParams := request.ErrInvalidParams{Context: "DeleteTrailInput"}
- if s.Name == nil {
- invalidParams.Add(request.NewErrParamRequired("Name"))
+func newErrorEventDataStoreARNInvalidException(v protocol.ResponseMetadata) error {
+ return &EventDataStoreARNInvalidException{
+ RespMetadata: v,
}
+}
- if invalidParams.Len() > 0 {
- return invalidParams
+// Code returns the exception type name.
+func (s *EventDataStoreARNInvalidException) Code() string {
+ return "EventDataStoreARNInvalidException"
+}
+
+// Message returns the exception's message.
+func (s *EventDataStoreARNInvalidException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
}
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *EventDataStoreARNInvalidException) OrigErr() error {
return nil
}
-// SetName sets the Name field's value.
-func (s *DeleteTrailInput) SetName(v string) *DeleteTrailInput {
- s.Name = &v
- return s
+func (s *EventDataStoreARNInvalidException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
-// Returns the objects or data listed below if successful. Otherwise, returns
-// an error.
-type DeleteTrailOutput struct {
- _ struct{} `type:"structure"`
+// Status code returns the HTTP status code for the request's response error.
+func (s *EventDataStoreARNInvalidException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *EventDataStoreARNInvalidException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// An event data store with that name already exists.
+type EventDataStoreAlreadyExistsException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
}
// String returns the string representation.
@@ -3841,7 +6281,7 @@ type DeleteTrailOutput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DeleteTrailOutput) String() string {
+func (s EventDataStoreAlreadyExistsException) String() string {
return awsutil.Prettify(s)
}
@@ -3850,42 +6290,54 @@ func (s DeleteTrailOutput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DeleteTrailOutput) GoString() string {
+func (s EventDataStoreAlreadyExistsException) GoString() string {
return s.String()
}
-// Returns information about the trail.
-type DescribeTrailsInput struct {
- _ struct{} `type:"structure"`
+func newErrorEventDataStoreAlreadyExistsException(v protocol.ResponseMetadata) error {
+ return &EventDataStoreAlreadyExistsException{
+ RespMetadata: v,
+ }
+}
- // Specifies whether to include shadow trails in the response. A shadow trail
- // is the replication in a region of a trail that was created in a different
- // region, or in the case of an organization trail, the replication of an organization
- // trail in member accounts. If you do not include shadow trails, organization
- // trails in a member account and region replication trails will not be returned.
- // The default is true.
- IncludeShadowTrails *bool `locationName:"includeShadowTrails" type:"boolean"`
+// Code returns the exception type name.
+func (s *EventDataStoreAlreadyExistsException) Code() string {
+ return "EventDataStoreAlreadyExistsException"
+}
- // Specifies a list of trail names, trail ARNs, or both, of the trails to describe.
- // The format of a trail ARN is:
- //
- // arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
- //
- // If an empty list is specified, information for the trail in the current region
- // is returned.
- //
- // * If an empty list is specified and IncludeShadowTrails is false, then
- // information for all trails in the current region is returned.
- //
- // * If an empty list is specified and IncludeShadowTrails is null or true,
- // then information for all trails in the current region and any associated
- // shadow trails in other regions is returned.
- //
- // If one or more trail names are specified, information is returned only if
- // the names match the names of trails belonging only to the current region.
- // To return information about a trail in another region, you must specify its
- // trail ARN.
- TrailNameList []*string `locationName:"trailNameList" type:"list"`
+// Message returns the exception's message.
+func (s *EventDataStoreAlreadyExistsException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *EventDataStoreAlreadyExistsException) OrigErr() error {
+ return nil
+}
+
+func (s *EventDataStoreAlreadyExistsException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *EventDataStoreAlreadyExistsException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *EventDataStoreAlreadyExistsException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// Your account has used the maximum number of event data stores.
+type EventDataStoreMaxLimitExceededException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
}
// String returns the string representation.
@@ -3893,7 +6345,7 @@ type DescribeTrailsInput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DescribeTrailsInput) String() string {
+func (s EventDataStoreMaxLimitExceededException) String() string {
return awsutil.Prettify(s)
}
@@ -3902,33 +6354,54 @@ func (s DescribeTrailsInput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DescribeTrailsInput) GoString() string {
+func (s EventDataStoreMaxLimitExceededException) GoString() string {
return s.String()
}
-// SetIncludeShadowTrails sets the IncludeShadowTrails field's value.
-func (s *DescribeTrailsInput) SetIncludeShadowTrails(v bool) *DescribeTrailsInput {
- s.IncludeShadowTrails = &v
- return s
+func newErrorEventDataStoreMaxLimitExceededException(v protocol.ResponseMetadata) error {
+ return &EventDataStoreMaxLimitExceededException{
+ RespMetadata: v,
+ }
}
-// SetTrailNameList sets the TrailNameList field's value.
-func (s *DescribeTrailsInput) SetTrailNameList(v []*string) *DescribeTrailsInput {
- s.TrailNameList = v
- return s
+// Code returns the exception type name.
+func (s *EventDataStoreMaxLimitExceededException) Code() string {
+ return "EventDataStoreMaxLimitExceededException"
}
-// Returns the objects or data listed below if successful. Otherwise, returns
-// an error.
-type DescribeTrailsOutput struct {
- _ struct{} `type:"structure"`
+// Message returns the exception's message.
+func (s *EventDataStoreMaxLimitExceededException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
- // The list of trail objects. Trail objects with string values are only returned
- // if values for the objects exist in a trail's configuration. For example,
- // SNSTopicName and SNSTopicARN are only returned in results if a trail is configured
- // to send SNS notifications. Similarly, KMSKeyId only appears in results if
- // a trail's log files are encrypted with KMS customer managed keys.
- TrailList []*Trail `locationName:"trailList" type:"list"`
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *EventDataStoreMaxLimitExceededException) OrigErr() error {
+ return nil
+}
+
+func (s *EventDataStoreMaxLimitExceededException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *EventDataStoreMaxLimitExceededException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *EventDataStoreMaxLimitExceededException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// The specified event data store was not found.
+type EventDataStoreNotFoundException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
}
// String returns the string representation.
@@ -3936,7 +6409,7 @@ type DescribeTrailsOutput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DescribeTrailsOutput) String() string {
+func (s EventDataStoreNotFoundException) String() string {
return awsutil.Prettify(s)
}
@@ -3945,50 +6418,55 @@ func (s DescribeTrailsOutput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s DescribeTrailsOutput) GoString() string {
+func (s EventDataStoreNotFoundException) GoString() string {
return s.String()
}
-// SetTrailList sets the TrailList field's value.
-func (s *DescribeTrailsOutput) SetTrailList(v []*Trail) *DescribeTrailsOutput {
- s.TrailList = v
- return s
+func newErrorEventDataStoreNotFoundException(v protocol.ResponseMetadata) error {
+ return &EventDataStoreNotFoundException{
+ RespMetadata: v,
+ }
}
-// Contains information about an event that was returned by a lookup request.
-// The result includes a representation of a CloudTrail event.
-type Event struct {
- _ struct{} `type:"structure"`
-
- // The Amazon Web Services access key ID that was used to sign the request.
- // If the request was made with temporary security credentials, this is the
- // access key ID of the temporary credentials.
- AccessKeyId *string `type:"string"`
-
- // A JSON string that contains a representation of the event returned.
- CloudTrailEvent *string `type:"string"`
-
- // The CloudTrail ID of the event returned.
- EventId *string `type:"string"`
+// Code returns the exception type name.
+func (s *EventDataStoreNotFoundException) Code() string {
+ return "EventDataStoreNotFoundException"
+}
- // The name of the event returned.
- EventName *string `type:"string"`
+// Message returns the exception's message.
+func (s *EventDataStoreNotFoundException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
- // The Amazon Web Services service to which the request was made.
- EventSource *string `type:"string"`
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *EventDataStoreNotFoundException) OrigErr() error {
+ return nil
+}
- // The date and time of the event returned.
- EventTime *time.Time `type:"timestamp"`
+func (s *EventDataStoreNotFoundException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
- // Information about whether the event is a write event or a read event.
- ReadOnly *string `type:"string"`
+// Status code returns the HTTP status code for the request's response error.
+func (s *EventDataStoreNotFoundException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
- // A list of resources referenced by the event returned.
- Resources []*Resource `type:"list"`
+// RequestID returns the service's response RequestID for request.
+func (s *EventDataStoreNotFoundException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
- // A user name or role name of the requester that called the API in the event
- // returned.
- Username *string `type:"string"`
+// The event data store cannot be deleted because termination protection is
+// enabled for it.
+type EventDataStoreTerminationProtectedException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
}
// String returns the string representation.
@@ -3996,7 +6474,7 @@ type Event struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s Event) String() string {
+func (s EventDataStoreTerminationProtectedException) String() string {
return awsutil.Prettify(s)
}
@@ -4005,62 +6483,46 @@ func (s Event) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s Event) GoString() string {
+func (s EventDataStoreTerminationProtectedException) GoString() string {
return s.String()
}
-// SetAccessKeyId sets the AccessKeyId field's value.
-func (s *Event) SetAccessKeyId(v string) *Event {
- s.AccessKeyId = &v
- return s
-}
-
-// SetCloudTrailEvent sets the CloudTrailEvent field's value.
-func (s *Event) SetCloudTrailEvent(v string) *Event {
- s.CloudTrailEvent = &v
- return s
-}
-
-// SetEventId sets the EventId field's value.
-func (s *Event) SetEventId(v string) *Event {
- s.EventId = &v
- return s
+func newErrorEventDataStoreTerminationProtectedException(v protocol.ResponseMetadata) error {
+ return &EventDataStoreTerminationProtectedException{
+ RespMetadata: v,
+ }
}
-// SetEventName sets the EventName field's value.
-func (s *Event) SetEventName(v string) *Event {
- s.EventName = &v
- return s
+// Code returns the exception type name.
+func (s *EventDataStoreTerminationProtectedException) Code() string {
+ return "EventDataStoreTerminationProtectedException"
}
-// SetEventSource sets the EventSource field's value.
-func (s *Event) SetEventSource(v string) *Event {
- s.EventSource = &v
- return s
+// Message returns the exception's message.
+func (s *EventDataStoreTerminationProtectedException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
}
-// SetEventTime sets the EventTime field's value.
-func (s *Event) SetEventTime(v time.Time) *Event {
- s.EventTime = &v
- return s
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *EventDataStoreTerminationProtectedException) OrigErr() error {
+ return nil
}
-// SetReadOnly sets the ReadOnly field's value.
-func (s *Event) SetReadOnly(v string) *Event {
- s.ReadOnly = &v
- return s
+func (s *EventDataStoreTerminationProtectedException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
-// SetResources sets the Resources field's value.
-func (s *Event) SetResources(v []*Resource) *Event {
- s.Resources = v
- return s
+// Status code returns the HTTP status code for the request's response error.
+func (s *EventDataStoreTerminationProtectedException) StatusCode() int {
+ return s.RespMetadata.StatusCode
}
-// SetUsername sets the Username field's value.
-func (s *Event) SetUsername(v string) *Event {
- s.Username = &v
- return s
+// RequestID returns the service's response RequestID for request.
+func (s *EventDataStoreTerminationProtectedException) RequestID() string {
+ return s.RespMetadata.RequestID
}
// Use event selectors to further specify the management and data event settings
@@ -4160,6 +6622,171 @@ func (s *EventSelector) SetReadWriteType(v string) *EventSelector {
return s
}
+type GetEventDataStoreInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN (or ID suffix of the ARN) of the event data store about which you
+ // want information.
+ //
+ // EventDataStore is a required field
+ EventDataStore *string `min:"3" type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetEventDataStoreInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetEventDataStoreInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *GetEventDataStoreInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "GetEventDataStoreInput"}
+ if s.EventDataStore == nil {
+ invalidParams.Add(request.NewErrParamRequired("EventDataStore"))
+ }
+ if s.EventDataStore != nil && len(*s.EventDataStore) < 3 {
+ invalidParams.Add(request.NewErrParamMinLen("EventDataStore", 3))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetEventDataStore sets the EventDataStore field's value.
+func (s *GetEventDataStoreInput) SetEventDataStore(v string) *GetEventDataStoreInput {
+ s.EventDataStore = &v
+ return s
+}
+
+type GetEventDataStoreOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The advanced event selectors used to select events for the data store.
+ AdvancedEventSelectors []*AdvancedEventSelector `type:"list"`
+
+ // The timestamp of the event data store's creation.
+ CreatedTimestamp *time.Time `type:"timestamp"`
+
+ // The event data store Amazon Resource Number (ARN).
+ EventDataStoreArn *string `min:"3" type:"string"`
+
+ // Indicates whether the event data store includes events from all regions,
+ // or only from the region in which it was created.
+ MultiRegionEnabled *bool `type:"boolean"`
+
+ // The name of the event data store.
+ Name *string `min:"3" type:"string"`
+
+ // Indicates whether an event data store is collecting logged events for an
+ // organization in Organizations.
+ OrganizationEnabled *bool `type:"boolean"`
+
+ // The retention period of the event data store, in days.
+ RetentionPeriod *int64 `min:"7" type:"integer"`
+
+ // The status of an event data store. Values can be ENABLED and PENDING_DELETION.
+ Status *string `type:"string" enum:"EventDataStoreStatus"`
+
+ // Indicates that termination protection is enabled.
+ TerminationProtectionEnabled *bool `type:"boolean"`
+
+ // Shows the time that an event data store was updated, if applicable. UpdatedTimestamp
+ // is always either the same or newer than the time shown in CreatedTimestamp.
+ UpdatedTimestamp *time.Time `type:"timestamp"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetEventDataStoreOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetEventDataStoreOutput) GoString() string {
+ return s.String()
+}
+
+// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
+func (s *GetEventDataStoreOutput) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *GetEventDataStoreOutput {
+ s.AdvancedEventSelectors = v
+ return s
+}
+
+// SetCreatedTimestamp sets the CreatedTimestamp field's value.
+func (s *GetEventDataStoreOutput) SetCreatedTimestamp(v time.Time) *GetEventDataStoreOutput {
+ s.CreatedTimestamp = &v
+ return s
+}
+
+// SetEventDataStoreArn sets the EventDataStoreArn field's value.
+func (s *GetEventDataStoreOutput) SetEventDataStoreArn(v string) *GetEventDataStoreOutput {
+ s.EventDataStoreArn = &v
+ return s
+}
+
+// SetMultiRegionEnabled sets the MultiRegionEnabled field's value.
+func (s *GetEventDataStoreOutput) SetMultiRegionEnabled(v bool) *GetEventDataStoreOutput {
+ s.MultiRegionEnabled = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *GetEventDataStoreOutput) SetName(v string) *GetEventDataStoreOutput {
+ s.Name = &v
+ return s
+}
+
+// SetOrganizationEnabled sets the OrganizationEnabled field's value.
+func (s *GetEventDataStoreOutput) SetOrganizationEnabled(v bool) *GetEventDataStoreOutput {
+ s.OrganizationEnabled = &v
+ return s
+}
+
+// SetRetentionPeriod sets the RetentionPeriod field's value.
+func (s *GetEventDataStoreOutput) SetRetentionPeriod(v int64) *GetEventDataStoreOutput {
+ s.RetentionPeriod = &v
+ return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *GetEventDataStoreOutput) SetStatus(v string) *GetEventDataStoreOutput {
+ s.Status = &v
+ return s
+}
+
+// SetTerminationProtectionEnabled sets the TerminationProtectionEnabled field's value.
+func (s *GetEventDataStoreOutput) SetTerminationProtectionEnabled(v bool) *GetEventDataStoreOutput {
+ s.TerminationProtectionEnabled = &v
+ return s
+}
+
+// SetUpdatedTimestamp sets the UpdatedTimestamp field's value.
+func (s *GetEventDataStoreOutput) SetUpdatedTimestamp(v time.Time) *GetEventDataStoreOutput {
+ s.UpdatedTimestamp = &v
+ return s
+}
+
type GetEventSelectorsInput struct {
_ struct{} `type:"structure"`
@@ -4335,16 +6962,158 @@ func (s *GetInsightSelectorsInput) SetTrailName(v string) *GetInsightSelectorsIn
return s
}
-type GetInsightSelectorsOutput struct {
- _ struct{} `type:"structure"`
+type GetInsightSelectorsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // A JSON string that contains the insight types you want to log on a trail.
+ // In this release, ApiErrorRateInsight and ApiCallRateInsight are supported
+ // as insight types.
+ InsightSelectors []*InsightSelector `type:"list"`
+
+ // The Amazon Resource Name (ARN) of a trail for which you want to get Insights
+ // selectors.
+ TrailARN *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetInsightSelectorsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetInsightSelectorsOutput) GoString() string {
+ return s.String()
+}
+
+// SetInsightSelectors sets the InsightSelectors field's value.
+func (s *GetInsightSelectorsOutput) SetInsightSelectors(v []*InsightSelector) *GetInsightSelectorsOutput {
+ s.InsightSelectors = v
+ return s
+}
+
+// SetTrailARN sets the TrailARN field's value.
+func (s *GetInsightSelectorsOutput) SetTrailARN(v string) *GetInsightSelectorsOutput {
+ s.TrailARN = &v
+ return s
+}
+
+type GetQueryResultsInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN (or ID suffix of the ARN) of the event data store against which the
+ // query was run.
+ //
+ // EventDataStore is a required field
+ EventDataStore *string `min:"3" type:"string" required:"true"`
+
+ // The maximum number of query results to display on a single page.
+ MaxQueryResults *int64 `min:"1" type:"integer"`
+
+ // A token you can use to get the next page of query results.
+ NextToken *string `min:"4" type:"string"`
+
+ // The ID of the query for which you want to get results.
+ //
+ // QueryId is a required field
+ QueryId *string `min:"36" type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetQueryResultsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetQueryResultsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *GetQueryResultsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "GetQueryResultsInput"}
+ if s.EventDataStore == nil {
+ invalidParams.Add(request.NewErrParamRequired("EventDataStore"))
+ }
+ if s.EventDataStore != nil && len(*s.EventDataStore) < 3 {
+ invalidParams.Add(request.NewErrParamMinLen("EventDataStore", 3))
+ }
+ if s.MaxQueryResults != nil && *s.MaxQueryResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxQueryResults", 1))
+ }
+ if s.NextToken != nil && len(*s.NextToken) < 4 {
+ invalidParams.Add(request.NewErrParamMinLen("NextToken", 4))
+ }
+ if s.QueryId == nil {
+ invalidParams.Add(request.NewErrParamRequired("QueryId"))
+ }
+ if s.QueryId != nil && len(*s.QueryId) < 36 {
+ invalidParams.Add(request.NewErrParamMinLen("QueryId", 36))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetEventDataStore sets the EventDataStore field's value.
+func (s *GetQueryResultsInput) SetEventDataStore(v string) *GetQueryResultsInput {
+ s.EventDataStore = &v
+ return s
+}
+
+// SetMaxQueryResults sets the MaxQueryResults field's value.
+func (s *GetQueryResultsInput) SetMaxQueryResults(v int64) *GetQueryResultsInput {
+ s.MaxQueryResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *GetQueryResultsInput) SetNextToken(v string) *GetQueryResultsInput {
+ s.NextToken = &v
+ return s
+}
+
+// SetQueryId sets the QueryId field's value.
+func (s *GetQueryResultsInput) SetQueryId(v string) *GetQueryResultsInput {
+ s.QueryId = &v
+ return s
+}
+
+type GetQueryResultsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The error message returned if a query failed.
+ ErrorMessage *string `min:"4" type:"string"`
+
+ // A token you can use to get the next page of query results.
+ NextToken *string `min:"4" type:"string"`
+
+ // Contains the individual event results of the query.
+ QueryResultRows [][]map[string]*string `type:"list"`
- // A JSON string that contains the insight types you want to log on a trail.
- // In this release, only ApiCallRateInsight is supported as an insight type.
- InsightSelectors []*InsightSelector `type:"list"`
+ // Shows the count of query results.
+ QueryStatistics *QueryStatistics `type:"structure"`
- // The Amazon Resource Name (ARN) of a trail for which you want to get Insights
- // selectors.
- TrailARN *string `type:"string"`
+ // The status of the query. Values include QUEUED, RUNNING, FINISHED, FAILED,
+ // or CANCELLED.
+ QueryStatus *string `type:"string" enum:"QueryStatus"`
}
// String returns the string representation.
@@ -4352,7 +7121,7 @@ type GetInsightSelectorsOutput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s GetInsightSelectorsOutput) String() string {
+func (s GetQueryResultsOutput) String() string {
return awsutil.Prettify(s)
}
@@ -4361,19 +7130,37 @@ func (s GetInsightSelectorsOutput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s GetInsightSelectorsOutput) GoString() string {
+func (s GetQueryResultsOutput) GoString() string {
return s.String()
}
-// SetInsightSelectors sets the InsightSelectors field's value.
-func (s *GetInsightSelectorsOutput) SetInsightSelectors(v []*InsightSelector) *GetInsightSelectorsOutput {
- s.InsightSelectors = v
+// SetErrorMessage sets the ErrorMessage field's value.
+func (s *GetQueryResultsOutput) SetErrorMessage(v string) *GetQueryResultsOutput {
+ s.ErrorMessage = &v
return s
}
-// SetTrailARN sets the TrailARN field's value.
-func (s *GetInsightSelectorsOutput) SetTrailARN(v string) *GetInsightSelectorsOutput {
- s.TrailARN = &v
+// SetNextToken sets the NextToken field's value.
+func (s *GetQueryResultsOutput) SetNextToken(v string) *GetQueryResultsOutput {
+ s.NextToken = &v
+ return s
+}
+
+// SetQueryResultRows sets the QueryResultRows field's value.
+func (s *GetQueryResultsOutput) SetQueryResultRows(v [][]map[string]*string) *GetQueryResultsOutput {
+ s.QueryResultRows = v
+ return s
+}
+
+// SetQueryStatistics sets the QueryStatistics field's value.
+func (s *GetQueryResultsOutput) SetQueryStatistics(v *QueryStatistics) *GetQueryResultsOutput {
+ s.QueryStatistics = v
+ return s
+}
+
+// SetQueryStatus sets the QueryStatus field's value.
+func (s *GetQueryResultsOutput) SetQueryStatus(v string) *GetQueryResultsOutput {
+ s.QueryStatus = &v
return s
}
@@ -4710,6 +7497,135 @@ func (s *GetTrailStatusOutput) SetTimeLoggingStopped(v string) *GetTrailStatusOu
return s
}
+// The event data store against which you ran your query is inactive.
+type InactiveEventDataStoreException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InactiveEventDataStoreException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InactiveEventDataStoreException) GoString() string {
+ return s.String()
+}
+
+func newErrorInactiveEventDataStoreException(v protocol.ResponseMetadata) error {
+ return &InactiveEventDataStoreException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *InactiveEventDataStoreException) Code() string {
+ return "InactiveEventDataStoreException"
+}
+
+// Message returns the exception's message.
+func (s *InactiveEventDataStoreException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *InactiveEventDataStoreException) OrigErr() error {
+ return nil
+}
+
+func (s *InactiveEventDataStoreException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *InactiveEventDataStoreException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *InactiveEventDataStoreException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// The specified query cannot be canceled because it is in the FINISHED, FAILED,
+// or CANCELLED state.
+type InactiveQueryException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InactiveQueryException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InactiveQueryException) GoString() string {
+ return s.String()
+}
+
+func newErrorInactiveQueryException(v protocol.ResponseMetadata) error {
+ return &InactiveQueryException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *InactiveQueryException) Code() string {
+ return "InactiveQueryException"
+}
+
+// Message returns the exception's message.
+func (s *InactiveQueryException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *InactiveQueryException) OrigErr() error {
+ return nil
+}
+
+func (s *InactiveQueryException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *InactiveQueryException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *InactiveQueryException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
// If you run GetInsightSelectors on a trail that does not have Insights events
// enabled, the operation throws the exception InsightNotEnabledException.
type InsightNotEnabledException struct {
@@ -4780,8 +7696,8 @@ func (s *InsightNotEnabledException) RequestID() string {
type InsightSelector struct {
_ struct{} `type:"structure"`
- // The type of Insights events to log on a trail. The valid Insights type in
- // this release is ApiCallRateInsight.
+ // The type of insights to log on a trail. ApiCallRateInsight and ApiErrorRateInsight
+ // are valid insight types.
InsightType *string `type:"string" enum:"InsightType"`
}
@@ -5055,23 +7971,153 @@ func (s *InsufficientSnsTopicPolicyException) OrigErr() error {
return nil
}
-func (s *InsufficientSnsTopicPolicyException) Error() string {
+func (s *InsufficientSnsTopicPolicyException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *InsufficientSnsTopicPolicyException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *InsufficientSnsTopicPolicyException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// This exception is thrown when the provided CloudWatch Logs log group is not
+// valid.
+type InvalidCloudWatchLogsLogGroupArnException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InvalidCloudWatchLogsLogGroupArnException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InvalidCloudWatchLogsLogGroupArnException) GoString() string {
+ return s.String()
+}
+
+func newErrorInvalidCloudWatchLogsLogGroupArnException(v protocol.ResponseMetadata) error {
+ return &InvalidCloudWatchLogsLogGroupArnException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *InvalidCloudWatchLogsLogGroupArnException) Code() string {
+ return "InvalidCloudWatchLogsLogGroupArnException"
+}
+
+// Message returns the exception's message.
+func (s *InvalidCloudWatchLogsLogGroupArnException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *InvalidCloudWatchLogsLogGroupArnException) OrigErr() error {
+ return nil
+}
+
+func (s *InvalidCloudWatchLogsLogGroupArnException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *InvalidCloudWatchLogsLogGroupArnException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *InvalidCloudWatchLogsLogGroupArnException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// This exception is thrown when the provided role is not valid.
+type InvalidCloudWatchLogsRoleArnException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InvalidCloudWatchLogsRoleArnException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InvalidCloudWatchLogsRoleArnException) GoString() string {
+ return s.String()
+}
+
+func newErrorInvalidCloudWatchLogsRoleArnException(v protocol.ResponseMetadata) error {
+ return &InvalidCloudWatchLogsRoleArnException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *InvalidCloudWatchLogsRoleArnException) Code() string {
+ return "InvalidCloudWatchLogsRoleArnException"
+}
+
+// Message returns the exception's message.
+func (s *InvalidCloudWatchLogsRoleArnException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *InvalidCloudWatchLogsRoleArnException) OrigErr() error {
+ return nil
+}
+
+func (s *InvalidCloudWatchLogsRoleArnException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
-func (s *InsufficientSnsTopicPolicyException) StatusCode() int {
+func (s *InvalidCloudWatchLogsRoleArnException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
-func (s *InsufficientSnsTopicPolicyException) RequestID() string {
+func (s *InvalidCloudWatchLogsRoleArnException) RequestID() string {
return s.RespMetadata.RequestID
}
-// This exception is thrown when the provided CloudWatch Logs log group is not
-// valid.
-type InvalidCloudWatchLogsLogGroupArnException struct {
+// A date range for the query was specified that is not valid. For more information
+// about writing a query, see Create or edit a query (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html)
+// in the CloudTrail User Guide.
+type InvalidDateRangeException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
@@ -5083,7 +8129,7 @@ type InvalidCloudWatchLogsLogGroupArnException struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidCloudWatchLogsLogGroupArnException) String() string {
+func (s InvalidDateRangeException) String() string {
return awsutil.Prettify(s)
}
@@ -5092,23 +8138,23 @@ func (s InvalidCloudWatchLogsLogGroupArnException) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidCloudWatchLogsLogGroupArnException) GoString() string {
+func (s InvalidDateRangeException) GoString() string {
return s.String()
}
-func newErrorInvalidCloudWatchLogsLogGroupArnException(v protocol.ResponseMetadata) error {
- return &InvalidCloudWatchLogsLogGroupArnException{
+func newErrorInvalidDateRangeException(v protocol.ResponseMetadata) error {
+ return &InvalidDateRangeException{
RespMetadata: v,
}
}
// Code returns the exception type name.
-func (s *InvalidCloudWatchLogsLogGroupArnException) Code() string {
- return "InvalidCloudWatchLogsLogGroupArnException"
+func (s *InvalidDateRangeException) Code() string {
+ return "InvalidDateRangeException"
}
// Message returns the exception's message.
-func (s *InvalidCloudWatchLogsLogGroupArnException) Message() string {
+func (s *InvalidDateRangeException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
@@ -5116,26 +8162,27 @@ func (s *InvalidCloudWatchLogsLogGroupArnException) Message() string {
}
// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *InvalidCloudWatchLogsLogGroupArnException) OrigErr() error {
+func (s *InvalidDateRangeException) OrigErr() error {
return nil
}
-func (s *InvalidCloudWatchLogsLogGroupArnException) Error() string {
+func (s *InvalidDateRangeException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
-func (s *InvalidCloudWatchLogsLogGroupArnException) StatusCode() int {
+func (s *InvalidDateRangeException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
-func (s *InvalidCloudWatchLogsLogGroupArnException) RequestID() string {
+func (s *InvalidDateRangeException) RequestID() string {
return s.RespMetadata.RequestID
}
-// This exception is thrown when the provided role is not valid.
-type InvalidCloudWatchLogsRoleArnException struct {
+// Occurs if an event category that is not valid is specified as a value of
+// EventCategory.
+type InvalidEventCategoryException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
@@ -5147,7 +8194,7 @@ type InvalidCloudWatchLogsRoleArnException struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidCloudWatchLogsRoleArnException) String() string {
+func (s InvalidEventCategoryException) String() string {
return awsutil.Prettify(s)
}
@@ -5156,23 +8203,23 @@ func (s InvalidCloudWatchLogsRoleArnException) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidCloudWatchLogsRoleArnException) GoString() string {
+func (s InvalidEventCategoryException) GoString() string {
return s.String()
}
-func newErrorInvalidCloudWatchLogsRoleArnException(v protocol.ResponseMetadata) error {
- return &InvalidCloudWatchLogsRoleArnException{
+func newErrorInvalidEventCategoryException(v protocol.ResponseMetadata) error {
+ return &InvalidEventCategoryException{
RespMetadata: v,
}
}
// Code returns the exception type name.
-func (s *InvalidCloudWatchLogsRoleArnException) Code() string {
- return "InvalidCloudWatchLogsRoleArnException"
+func (s *InvalidEventCategoryException) Code() string {
+ return "InvalidEventCategoryException"
}
// Message returns the exception's message.
-func (s *InvalidCloudWatchLogsRoleArnException) Message() string {
+func (s *InvalidEventCategoryException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
@@ -5180,27 +8227,26 @@ func (s *InvalidCloudWatchLogsRoleArnException) Message() string {
}
// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *InvalidCloudWatchLogsRoleArnException) OrigErr() error {
+func (s *InvalidEventCategoryException) OrigErr() error {
return nil
}
-func (s *InvalidCloudWatchLogsRoleArnException) Error() string {
+func (s *InvalidEventCategoryException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
-func (s *InvalidCloudWatchLogsRoleArnException) StatusCode() int {
+func (s *InvalidEventCategoryException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
-func (s *InvalidCloudWatchLogsRoleArnException) RequestID() string {
+func (s *InvalidEventCategoryException) RequestID() string {
return s.RespMetadata.RequestID
}
-// Occurs if an event category that is not valid is specified as a value of
-// EventCategory.
-type InvalidEventCategoryException struct {
+// The event data store is not in a status that supports the operation.
+type InvalidEventDataStoreStatusException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
@@ -5212,7 +8258,7 @@ type InvalidEventCategoryException struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidEventCategoryException) String() string {
+func (s InvalidEventDataStoreStatusException) String() string {
return awsutil.Prettify(s)
}
@@ -5221,23 +8267,23 @@ func (s InvalidEventCategoryException) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidEventCategoryException) GoString() string {
+func (s InvalidEventDataStoreStatusException) GoString() string {
return s.String()
}
-func newErrorInvalidEventCategoryException(v protocol.ResponseMetadata) error {
- return &InvalidEventCategoryException{
+func newErrorInvalidEventDataStoreStatusException(v protocol.ResponseMetadata) error {
+ return &InvalidEventDataStoreStatusException{
RespMetadata: v,
}
}
// Code returns the exception type name.
-func (s *InvalidEventCategoryException) Code() string {
- return "InvalidEventCategoryException"
+func (s *InvalidEventDataStoreStatusException) Code() string {
+ return "InvalidEventDataStoreStatusException"
}
// Message returns the exception's message.
-func (s *InvalidEventCategoryException) Message() string {
+func (s *InvalidEventDataStoreStatusException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
@@ -5245,21 +8291,21 @@ func (s *InvalidEventCategoryException) Message() string {
}
// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *InvalidEventCategoryException) OrigErr() error {
+func (s *InvalidEventDataStoreStatusException) OrigErr() error {
return nil
}
-func (s *InvalidEventCategoryException) Error() string {
+func (s *InvalidEventDataStoreStatusException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
-func (s *InvalidEventCategoryException) StatusCode() int {
+func (s *InvalidEventDataStoreStatusException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
-func (s *InvalidEventCategoryException) RequestID() string {
+func (s *InvalidEventDataStoreStatusException) RequestID() string {
return s.RespMetadata.RequestID
}
@@ -5583,7 +8629,201 @@ func (s *InvalidLookupAttributesException) Code() string {
}
// Message returns the exception's message.
-func (s *InvalidLookupAttributesException) Message() string {
+func (s *InvalidLookupAttributesException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *InvalidLookupAttributesException) OrigErr() error {
+ return nil
+}
+
+func (s *InvalidLookupAttributesException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *InvalidLookupAttributesException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *InvalidLookupAttributesException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// This exception is thrown if the limit specified is not valid.
+type InvalidMaxResultsException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InvalidMaxResultsException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InvalidMaxResultsException) GoString() string {
+ return s.String()
+}
+
+func newErrorInvalidMaxResultsException(v protocol.ResponseMetadata) error {
+ return &InvalidMaxResultsException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *InvalidMaxResultsException) Code() string {
+ return "InvalidMaxResultsException"
+}
+
+// Message returns the exception's message.
+func (s *InvalidMaxResultsException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *InvalidMaxResultsException) OrigErr() error {
+ return nil
+}
+
+func (s *InvalidMaxResultsException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *InvalidMaxResultsException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *InvalidMaxResultsException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// A token that is not valid, or a token that was previously used in a request
+// with different parameters. This exception is thrown if the token is not valid.
+type InvalidNextTokenException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InvalidNextTokenException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InvalidNextTokenException) GoString() string {
+ return s.String()
+}
+
+func newErrorInvalidNextTokenException(v protocol.ResponseMetadata) error {
+ return &InvalidNextTokenException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *InvalidNextTokenException) Code() string {
+ return "InvalidNextTokenException"
+}
+
+// Message returns the exception's message.
+func (s *InvalidNextTokenException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *InvalidNextTokenException) OrigErr() error {
+ return nil
+}
+
+func (s *InvalidNextTokenException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *InvalidNextTokenException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *InvalidNextTokenException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// This exception is thrown when the combination of parameters provided is not
+// valid.
+type InvalidParameterCombinationException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InvalidParameterCombinationException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s InvalidParameterCombinationException) GoString() string {
+ return s.String()
+}
+
+func newErrorInvalidParameterCombinationException(v protocol.ResponseMetadata) error {
+ return &InvalidParameterCombinationException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *InvalidParameterCombinationException) Code() string {
+ return "InvalidParameterCombinationException"
+}
+
+// Message returns the exception's message.
+func (s *InvalidParameterCombinationException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
@@ -5591,26 +8831,26 @@ func (s *InvalidLookupAttributesException) Message() string {
}
// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *InvalidLookupAttributesException) OrigErr() error {
+func (s *InvalidParameterCombinationException) OrigErr() error {
return nil
}
-func (s *InvalidLookupAttributesException) Error() string {
+func (s *InvalidParameterCombinationException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
-func (s *InvalidLookupAttributesException) StatusCode() int {
+func (s *InvalidParameterCombinationException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
-func (s *InvalidLookupAttributesException) RequestID() string {
+func (s *InvalidParameterCombinationException) RequestID() string {
return s.RespMetadata.RequestID
}
-// This exception is thrown if the limit specified is not valid.
-type InvalidMaxResultsException struct {
+// The request includes a parameter that is not valid.
+type InvalidParameterException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
@@ -5622,7 +8862,7 @@ type InvalidMaxResultsException struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidMaxResultsException) String() string {
+func (s InvalidParameterException) String() string {
return awsutil.Prettify(s)
}
@@ -5631,23 +8871,23 @@ func (s InvalidMaxResultsException) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidMaxResultsException) GoString() string {
+func (s InvalidParameterException) GoString() string {
return s.String()
}
-func newErrorInvalidMaxResultsException(v protocol.ResponseMetadata) error {
- return &InvalidMaxResultsException{
+func newErrorInvalidParameterException(v protocol.ResponseMetadata) error {
+ return &InvalidParameterException{
RespMetadata: v,
}
}
// Code returns the exception type name.
-func (s *InvalidMaxResultsException) Code() string {
- return "InvalidMaxResultsException"
+func (s *InvalidParameterException) Code() string {
+ return "InvalidParameterException"
}
// Message returns the exception's message.
-func (s *InvalidMaxResultsException) Message() string {
+func (s *InvalidParameterException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
@@ -5655,27 +8895,29 @@ func (s *InvalidMaxResultsException) Message() string {
}
// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *InvalidMaxResultsException) OrigErr() error {
+func (s *InvalidParameterException) OrigErr() error {
return nil
}
-func (s *InvalidMaxResultsException) Error() string {
+func (s *InvalidParameterException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
-func (s *InvalidMaxResultsException) StatusCode() int {
+func (s *InvalidParameterException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
-func (s *InvalidMaxResultsException) RequestID() string {
+func (s *InvalidParameterException) RequestID() string {
return s.RespMetadata.RequestID
}
-// A token that is not valid, or a token that was previously used in a request
-// with different parameters. This exception is thrown if the token is not valid.
-type InvalidNextTokenException struct {
+// The query that was submitted has validation errors, or uses incorrect syntax
+// or unsupported keywords. For more information about writing a query, see
+// Create or edit a query (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html)
+// in the CloudTrail User Guide.
+type InvalidQueryStatementException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
@@ -5687,7 +8929,7 @@ type InvalidNextTokenException struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidNextTokenException) String() string {
+func (s InvalidQueryStatementException) String() string {
return awsutil.Prettify(s)
}
@@ -5696,23 +8938,23 @@ func (s InvalidNextTokenException) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidNextTokenException) GoString() string {
+func (s InvalidQueryStatementException) GoString() string {
return s.String()
}
-func newErrorInvalidNextTokenException(v protocol.ResponseMetadata) error {
- return &InvalidNextTokenException{
+func newErrorInvalidQueryStatementException(v protocol.ResponseMetadata) error {
+ return &InvalidQueryStatementException{
RespMetadata: v,
}
}
// Code returns the exception type name.
-func (s *InvalidNextTokenException) Code() string {
- return "InvalidNextTokenException"
+func (s *InvalidQueryStatementException) Code() string {
+ return "InvalidQueryStatementException"
}
// Message returns the exception's message.
-func (s *InvalidNextTokenException) Message() string {
+func (s *InvalidQueryStatementException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
@@ -5720,27 +8962,26 @@ func (s *InvalidNextTokenException) Message() string {
}
// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *InvalidNextTokenException) OrigErr() error {
+func (s *InvalidQueryStatementException) OrigErr() error {
return nil
}
-func (s *InvalidNextTokenException) Error() string {
+func (s *InvalidQueryStatementException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
-func (s *InvalidNextTokenException) StatusCode() int {
+func (s *InvalidQueryStatementException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
-func (s *InvalidNextTokenException) RequestID() string {
+func (s *InvalidQueryStatementException) RequestID() string {
return s.RespMetadata.RequestID
}
-// This exception is thrown when the combination of parameters provided is not
-// valid.
-type InvalidParameterCombinationException struct {
+// The query status is not valid for the operation.
+type InvalidQueryStatusException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
@@ -5752,7 +8993,7 @@ type InvalidParameterCombinationException struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidParameterCombinationException) String() string {
+func (s InvalidQueryStatusException) String() string {
return awsutil.Prettify(s)
}
@@ -5761,23 +9002,23 @@ func (s InvalidParameterCombinationException) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s InvalidParameterCombinationException) GoString() string {
+func (s InvalidQueryStatusException) GoString() string {
return s.String()
}
-func newErrorInvalidParameterCombinationException(v protocol.ResponseMetadata) error {
- return &InvalidParameterCombinationException{
+func newErrorInvalidQueryStatusException(v protocol.ResponseMetadata) error {
+ return &InvalidQueryStatusException{
RespMetadata: v,
}
}
// Code returns the exception type name.
-func (s *InvalidParameterCombinationException) Code() string {
- return "InvalidParameterCombinationException"
+func (s *InvalidQueryStatusException) Code() string {
+ return "InvalidQueryStatusException"
}
// Message returns the exception's message.
-func (s *InvalidParameterCombinationException) Message() string {
+func (s *InvalidQueryStatusException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
@@ -5785,21 +9026,21 @@ func (s *InvalidParameterCombinationException) Message() string {
}
// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *InvalidParameterCombinationException) OrigErr() error {
+func (s *InvalidQueryStatusException) OrigErr() error {
return nil
}
-func (s *InvalidParameterCombinationException) Error() string {
+func (s *InvalidQueryStatusException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
-func (s *InvalidParameterCombinationException) StatusCode() int {
+func (s *InvalidQueryStatusException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
-func (s *InvalidParameterCombinationException) RequestID() string {
+func (s *InvalidQueryStatusException) RequestID() string {
return s.RespMetadata.RequestID
}
@@ -6463,6 +9704,103 @@ func (s *KmsKeyNotFoundException) RequestID() string {
return s.RespMetadata.RequestID
}
+type ListEventDataStoresInput struct {
+ _ struct{} `type:"structure"`
+
+ // The maximum number of event data stores to display on a single page.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // A token you can use to get the next page of event data store results.
+ NextToken *string `min:"4" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListEventDataStoresInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListEventDataStoresInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListEventDataStoresInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListEventDataStoresInput"}
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+ if s.NextToken != nil && len(*s.NextToken) < 4 {
+ invalidParams.Add(request.NewErrParamMinLen("NextToken", 4))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListEventDataStoresInput) SetMaxResults(v int64) *ListEventDataStoresInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListEventDataStoresInput) SetNextToken(v string) *ListEventDataStoresInput {
+ s.NextToken = &v
+ return s
+}
+
+type ListEventDataStoresOutput struct {
+ _ struct{} `type:"structure"`
+
+ // Contains information about event data stores in the account, in the current
+ // region.
+ EventDataStores []*EventDataStore `type:"list"`
+
+ // A token you can use to get the next page of results.
+ NextToken *string `min:"4" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListEventDataStoresOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListEventDataStoresOutput) GoString() string {
+ return s.String()
+}
+
+// SetEventDataStores sets the EventDataStores field's value.
+func (s *ListEventDataStoresOutput) SetEventDataStores(v []*EventDataStore) *ListEventDataStoresOutput {
+ s.EventDataStores = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListEventDataStoresOutput) SetNextToken(v string) *ListEventDataStoresOutput {
+ s.NextToken = &v
+ return s
+}
+
// Requests the public keys for a specified time range.
type ListPublicKeysInput struct {
_ struct{} `type:"structure"`
@@ -6560,6 +9898,151 @@ func (s *ListPublicKeysOutput) SetPublicKeyList(v []*PublicKey) *ListPublicKeysO
return s
}
+type ListQueriesInput struct {
+ _ struct{} `type:"structure"`
+
+ // Use with StartTime to bound a ListQueries request, and limit its results
+ // to only those queries run within a specified time period.
+ EndTime *time.Time `type:"timestamp"`
+
+ // The ARN (or the ID suffix of the ARN) of an event data store on which queries
+ // were run.
+ //
+ // EventDataStore is a required field
+ EventDataStore *string `min:"3" type:"string" required:"true"`
+
+ // The maximum number of queries to show on a page.
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ // A token you can use to get the next page of results.
+ NextToken *string `min:"4" type:"string"`
+
+ // The status of queries that you want to return in results. Valid values for
+ // QueryStatus include QUEUED, RUNNING, FINISHED, FAILED, or CANCELLED.
+ QueryStatus *string `type:"string" enum:"QueryStatus"`
+
+ // Use with EndTime to bound a ListQueries request, and limit its results to
+ // only those queries run within a specified time period.
+ StartTime *time.Time `type:"timestamp"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListQueriesInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListQueriesInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ListQueriesInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ListQueriesInput"}
+ if s.EventDataStore == nil {
+ invalidParams.Add(request.NewErrParamRequired("EventDataStore"))
+ }
+ if s.EventDataStore != nil && len(*s.EventDataStore) < 3 {
+ invalidParams.Add(request.NewErrParamMinLen("EventDataStore", 3))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+ if s.NextToken != nil && len(*s.NextToken) < 4 {
+ invalidParams.Add(request.NewErrParamMinLen("NextToken", 4))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetEndTime sets the EndTime field's value.
+func (s *ListQueriesInput) SetEndTime(v time.Time) *ListQueriesInput {
+ s.EndTime = &v
+ return s
+}
+
+// SetEventDataStore sets the EventDataStore field's value.
+func (s *ListQueriesInput) SetEventDataStore(v string) *ListQueriesInput {
+ s.EventDataStore = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *ListQueriesInput) SetMaxResults(v int64) *ListQueriesInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListQueriesInput) SetNextToken(v string) *ListQueriesInput {
+ s.NextToken = &v
+ return s
+}
+
+// SetQueryStatus sets the QueryStatus field's value.
+func (s *ListQueriesInput) SetQueryStatus(v string) *ListQueriesInput {
+ s.QueryStatus = &v
+ return s
+}
+
+// SetStartTime sets the StartTime field's value.
+func (s *ListQueriesInput) SetStartTime(v time.Time) *ListQueriesInput {
+ s.StartTime = &v
+ return s
+}
+
+type ListQueriesOutput struct {
+ _ struct{} `type:"structure"`
+
+ // A token you can use to get the next page of results.
+ NextToken *string `min:"4" type:"string"`
+
+ // Lists matching query results, and shows query ID, status, and creation time
+ // of each query.
+ Queries []*Query `type:"list"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListQueriesOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ListQueriesOutput) GoString() string {
+ return s.String()
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *ListQueriesOutput) SetNextToken(v string) *ListQueriesOutput {
+ s.NextToken = &v
+ return s
+}
+
+// SetQueries sets the Queries field's value.
+func (s *ListQueriesOutput) SetQueries(v []*Query) *ListQueriesOutput {
+ s.Queries = v
+ return s
+}
+
// Specifies a list of trail tags to return.
type ListTagsInput struct {
_ struct{} `type:"structure"`
@@ -6936,7 +10419,46 @@ type LookupEventsOutput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s LookupEventsOutput) String() string {
+func (s LookupEventsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s LookupEventsOutput) GoString() string {
+ return s.String()
+}
+
+// SetEvents sets the Events field's value.
+func (s *LookupEventsOutput) SetEvents(v []*Event) *LookupEventsOutput {
+ s.Events = v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *LookupEventsOutput) SetNextToken(v string) *LookupEventsOutput {
+ s.NextToken = &v
+ return s
+}
+
+// You are already running the maximum number of concurrent queries. Wait a
+// minute for some queries to finish, and then run the query again.
+type MaxConcurrentQueriesException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s MaxConcurrentQueriesException) String() string {
return awsutil.Prettify(s)
}
@@ -6945,20 +10467,46 @@ func (s LookupEventsOutput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s LookupEventsOutput) GoString() string {
+func (s MaxConcurrentQueriesException) GoString() string {
return s.String()
}
-// SetEvents sets the Events field's value.
-func (s *LookupEventsOutput) SetEvents(v []*Event) *LookupEventsOutput {
- s.Events = v
- return s
+func newErrorMaxConcurrentQueriesException(v protocol.ResponseMetadata) error {
+ return &MaxConcurrentQueriesException{
+ RespMetadata: v,
+ }
}
-// SetNextToken sets the NextToken field's value.
-func (s *LookupEventsOutput) SetNextToken(v string) *LookupEventsOutput {
- s.NextToken = &v
- return s
+// Code returns the exception type name.
+func (s *MaxConcurrentQueriesException) Code() string {
+ return "MaxConcurrentQueriesException"
+}
+
+// Message returns the exception's message.
+func (s *MaxConcurrentQueriesException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *MaxConcurrentQueriesException) OrigErr() error {
+ return nil
+}
+
+func (s *MaxConcurrentQueriesException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *MaxConcurrentQueriesException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *MaxConcurrentQueriesException) RequestID() string {
+ return s.RespMetadata.RequestID
}
// This exception is thrown when the maximum number of trails is reached.
@@ -7396,7 +10944,239 @@ type PutEventSelectorsInput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s PutEventSelectorsInput) String() string {
+func (s PutEventSelectorsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PutEventSelectorsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *PutEventSelectorsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "PutEventSelectorsInput"}
+ if s.TrailName == nil {
+ invalidParams.Add(request.NewErrParamRequired("TrailName"))
+ }
+ if s.AdvancedEventSelectors != nil {
+ for i, v := range s.AdvancedEventSelectors {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "AdvancedEventSelectors", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
+func (s *PutEventSelectorsInput) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *PutEventSelectorsInput {
+ s.AdvancedEventSelectors = v
+ return s
+}
+
+// SetEventSelectors sets the EventSelectors field's value.
+func (s *PutEventSelectorsInput) SetEventSelectors(v []*EventSelector) *PutEventSelectorsInput {
+ s.EventSelectors = v
+ return s
+}
+
+// SetTrailName sets the TrailName field's value.
+func (s *PutEventSelectorsInput) SetTrailName(v string) *PutEventSelectorsInput {
+ s.TrailName = &v
+ return s
+}
+
+type PutEventSelectorsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // Specifies the advanced event selectors configured for your trail.
+ AdvancedEventSelectors []*AdvancedEventSelector `type:"list"`
+
+ // Specifies the event selectors configured for your trail.
+ EventSelectors []*EventSelector `type:"list"`
+
+ // Specifies the ARN of the trail that was updated with event selectors. The
+ // following is the format of a trail ARN.
+ //
+ // arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
+ TrailARN *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PutEventSelectorsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PutEventSelectorsOutput) GoString() string {
+ return s.String()
+}
+
+// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
+func (s *PutEventSelectorsOutput) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *PutEventSelectorsOutput {
+ s.AdvancedEventSelectors = v
+ return s
+}
+
+// SetEventSelectors sets the EventSelectors field's value.
+func (s *PutEventSelectorsOutput) SetEventSelectors(v []*EventSelector) *PutEventSelectorsOutput {
+ s.EventSelectors = v
+ return s
+}
+
+// SetTrailARN sets the TrailARN field's value.
+func (s *PutEventSelectorsOutput) SetTrailARN(v string) *PutEventSelectorsOutput {
+ s.TrailARN = &v
+ return s
+}
+
+type PutInsightSelectorsInput struct {
+ _ struct{} `type:"structure"`
+
+ // A JSON string that contains the insight types you want to log on a trail.
+ // ApiCallRateInsight and ApiErrorRateInsight are valid insight types.
+ //
+ // InsightSelectors is a required field
+ InsightSelectors []*InsightSelector `type:"list" required:"true"`
+
+ // The name of the CloudTrail trail for which you want to change or add Insights
+ // selectors.
+ //
+ // TrailName is a required field
+ TrailName *string `type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PutInsightSelectorsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PutInsightSelectorsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *PutInsightSelectorsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "PutInsightSelectorsInput"}
+ if s.InsightSelectors == nil {
+ invalidParams.Add(request.NewErrParamRequired("InsightSelectors"))
+ }
+ if s.TrailName == nil {
+ invalidParams.Add(request.NewErrParamRequired("TrailName"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetInsightSelectors sets the InsightSelectors field's value.
+func (s *PutInsightSelectorsInput) SetInsightSelectors(v []*InsightSelector) *PutInsightSelectorsInput {
+ s.InsightSelectors = v
+ return s
+}
+
+// SetTrailName sets the TrailName field's value.
+func (s *PutInsightSelectorsInput) SetTrailName(v string) *PutInsightSelectorsInput {
+ s.TrailName = &v
+ return s
+}
+
+type PutInsightSelectorsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // A JSON string that contains the Insights event types that you want to log
+ // on a trail. The valid Insights types in this release are ApiErrorRateInsight
+ // and ApiCallRateInsight.
+ InsightSelectors []*InsightSelector `type:"list"`
+
+ // The Amazon Resource Name (ARN) of a trail for which you want to change or
+ // add Insights selectors.
+ TrailARN *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PutInsightSelectorsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PutInsightSelectorsOutput) GoString() string {
+ return s.String()
+}
+
+// SetInsightSelectors sets the InsightSelectors field's value.
+func (s *PutInsightSelectorsOutput) SetInsightSelectors(v []*InsightSelector) *PutInsightSelectorsOutput {
+ s.InsightSelectors = v
+ return s
+}
+
+// SetTrailARN sets the TrailARN field's value.
+func (s *PutInsightSelectorsOutput) SetTrailARN(v string) *PutInsightSelectorsOutput {
+ s.TrailARN = &v
+ return s
+}
+
+// A SQL string of criteria about events that you want to collect in an event
+// data store.
+type Query struct {
+ _ struct{} `type:"structure"`
+
+ // The creation time of a query.
+ CreationTime *time.Time `type:"timestamp"`
+
+ // The ID of a query.
+ QueryId *string `min:"36" type:"string"`
+
+ // The status of the query. This can be QUEUED, RUNNING, FINISHED, FAILED, or
+ // CANCELLED.
+ QueryStatus *string `type:"string" enum:"QueryStatus"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s Query) String() string {
return awsutil.Prettify(s)
}
@@ -7405,65 +11185,34 @@ func (s PutEventSelectorsInput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s PutEventSelectorsInput) GoString() string {
+func (s Query) GoString() string {
return s.String()
}
-// Validate inspects the fields of the type to determine if they are valid.
-func (s *PutEventSelectorsInput) Validate() error {
- invalidParams := request.ErrInvalidParams{Context: "PutEventSelectorsInput"}
- if s.TrailName == nil {
- invalidParams.Add(request.NewErrParamRequired("TrailName"))
- }
- if s.AdvancedEventSelectors != nil {
- for i, v := range s.AdvancedEventSelectors {
- if v == nil {
- continue
- }
- if err := v.Validate(); err != nil {
- invalidParams.AddNested(fmt.Sprintf("%s[%v]", "AdvancedEventSelectors", i), err.(request.ErrInvalidParams))
- }
- }
- }
-
- if invalidParams.Len() > 0 {
- return invalidParams
- }
- return nil
-}
-
-// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
-func (s *PutEventSelectorsInput) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *PutEventSelectorsInput {
- s.AdvancedEventSelectors = v
+// SetCreationTime sets the CreationTime field's value.
+func (s *Query) SetCreationTime(v time.Time) *Query {
+ s.CreationTime = &v
return s
}
-// SetEventSelectors sets the EventSelectors field's value.
-func (s *PutEventSelectorsInput) SetEventSelectors(v []*EventSelector) *PutEventSelectorsInput {
- s.EventSelectors = v
+// SetQueryId sets the QueryId field's value.
+func (s *Query) SetQueryId(v string) *Query {
+ s.QueryId = &v
return s
}
-// SetTrailName sets the TrailName field's value.
-func (s *PutEventSelectorsInput) SetTrailName(v string) *PutEventSelectorsInput {
- s.TrailName = &v
+// SetQueryStatus sets the QueryStatus field's value.
+func (s *Query) SetQueryStatus(v string) *Query {
+ s.QueryStatus = &v
return s
}
-type PutEventSelectorsOutput struct {
- _ struct{} `type:"structure"`
-
- // Specifies the advanced event selectors configured for your trail.
- AdvancedEventSelectors []*AdvancedEventSelector `type:"list"`
-
- // Specifies the event selectors configured for your trail.
- EventSelectors []*EventSelector `type:"list"`
+// The query ID does not exist or does not map to a query.
+type QueryIdNotFoundException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
- // Specifies the ARN of the trail that was updated with event selectors. The
- // following is the format of a trail ARN.
- //
- // arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
- TrailARN *string `type:"string"`
+ Message_ *string `locationName:"message" type:"string"`
}
// String returns the string representation.
@@ -7471,7 +11220,7 @@ type PutEventSelectorsOutput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s PutEventSelectorsOutput) String() string {
+func (s QueryIdNotFoundException) String() string {
return awsutil.Prettify(s)
}
@@ -7480,42 +11229,57 @@ func (s PutEventSelectorsOutput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s PutEventSelectorsOutput) GoString() string {
+func (s QueryIdNotFoundException) GoString() string {
return s.String()
}
-// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
-func (s *PutEventSelectorsOutput) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *PutEventSelectorsOutput {
- s.AdvancedEventSelectors = v
- return s
+func newErrorQueryIdNotFoundException(v protocol.ResponseMetadata) error {
+ return &QueryIdNotFoundException{
+ RespMetadata: v,
+ }
}
-// SetEventSelectors sets the EventSelectors field's value.
-func (s *PutEventSelectorsOutput) SetEventSelectors(v []*EventSelector) *PutEventSelectorsOutput {
- s.EventSelectors = v
- return s
+// Code returns the exception type name.
+func (s *QueryIdNotFoundException) Code() string {
+ return "QueryIdNotFoundException"
}
-// SetTrailARN sets the TrailARN field's value.
-func (s *PutEventSelectorsOutput) SetTrailARN(v string) *PutEventSelectorsOutput {
- s.TrailARN = &v
- return s
+// Message returns the exception's message.
+func (s *QueryIdNotFoundException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
}
-type PutInsightSelectorsInput struct {
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *QueryIdNotFoundException) OrigErr() error {
+ return nil
+}
+
+func (s *QueryIdNotFoundException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *QueryIdNotFoundException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *QueryIdNotFoundException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+// Metadata about a query, such as the number of results.
+type QueryStatistics struct {
_ struct{} `type:"structure"`
- // A JSON string that contains the Insights types that you want to log on a
- // trail. The valid Insights type in this release is ApiCallRateInsight.
- //
- // InsightSelectors is a required field
- InsightSelectors []*InsightSelector `type:"list" required:"true"`
+ // The number of results returned.
+ ResultsCount *int64 `type:"integer"`
- // The name of the CloudTrail trail for which you want to change or add Insights
- // selectors.
- //
- // TrailName is a required field
- TrailName *string `type:"string" required:"true"`
+ // The total number of results returned by a query.
+ TotalResultsCount *int64 `type:"integer"`
}
// String returns the string representation.
@@ -7523,7 +11287,7 @@ type PutInsightSelectorsInput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s PutInsightSelectorsInput) String() string {
+func (s QueryStatistics) String() string {
return awsutil.Prettify(s)
}
@@ -7532,48 +11296,39 @@ func (s PutInsightSelectorsInput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s PutInsightSelectorsInput) GoString() string {
+func (s QueryStatistics) GoString() string {
return s.String()
}
-// Validate inspects the fields of the type to determine if they are valid.
-func (s *PutInsightSelectorsInput) Validate() error {
- invalidParams := request.ErrInvalidParams{Context: "PutInsightSelectorsInput"}
- if s.InsightSelectors == nil {
- invalidParams.Add(request.NewErrParamRequired("InsightSelectors"))
- }
- if s.TrailName == nil {
- invalidParams.Add(request.NewErrParamRequired("TrailName"))
- }
-
- if invalidParams.Len() > 0 {
- return invalidParams
- }
- return nil
-}
-
-// SetInsightSelectors sets the InsightSelectors field's value.
-func (s *PutInsightSelectorsInput) SetInsightSelectors(v []*InsightSelector) *PutInsightSelectorsInput {
- s.InsightSelectors = v
+// SetResultsCount sets the ResultsCount field's value.
+func (s *QueryStatistics) SetResultsCount(v int64) *QueryStatistics {
+ s.ResultsCount = &v
return s
}
-// SetTrailName sets the TrailName field's value.
-func (s *PutInsightSelectorsInput) SetTrailName(v string) *PutInsightSelectorsInput {
- s.TrailName = &v
+// SetTotalResultsCount sets the TotalResultsCount field's value.
+func (s *QueryStatistics) SetTotalResultsCount(v int64) *QueryStatistics {
+ s.TotalResultsCount = &v
return s
}
-type PutInsightSelectorsOutput struct {
+// Gets metadata about a query, including the number of events that were matched,
+// the total number of events scanned, the query run time in milliseconds, and
+// the query's creation time.
+type QueryStatisticsForDescribeQuery struct {
_ struct{} `type:"structure"`
- // A JSON string that contains the Insights event types that you want to log
- // on a trail. The valid Insights type in this release is ApiCallRateInsight.
- InsightSelectors []*InsightSelector `type:"list"`
+ // The creation time of the query.
+ CreationTime *time.Time `type:"timestamp"`
- // The Amazon Resource Name (ARN) of a trail for which you want to change or
- // add Insights selectors.
- TrailARN *string `type:"string"`
+ // The number of events that matched a query.
+ EventsMatched *int64 `type:"long"`
+
+ // The number of events that the query scanned in the event data store.
+ EventsScanned *int64 `type:"long"`
+
+ // The query's run time, in milliseconds.
+ ExecutionTimeInMillis *int64 `type:"integer"`
}
// String returns the string representation.
@@ -7581,7 +11336,7 @@ type PutInsightSelectorsOutput struct {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s PutInsightSelectorsOutput) String() string {
+func (s QueryStatisticsForDescribeQuery) String() string {
return awsutil.Prettify(s)
}
@@ -7590,19 +11345,31 @@ func (s PutInsightSelectorsOutput) String() string {
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
-func (s PutInsightSelectorsOutput) GoString() string {
+func (s QueryStatisticsForDescribeQuery) GoString() string {
return s.String()
}
-// SetInsightSelectors sets the InsightSelectors field's value.
-func (s *PutInsightSelectorsOutput) SetInsightSelectors(v []*InsightSelector) *PutInsightSelectorsOutput {
- s.InsightSelectors = v
+// SetCreationTime sets the CreationTime field's value.
+func (s *QueryStatisticsForDescribeQuery) SetCreationTime(v time.Time) *QueryStatisticsForDescribeQuery {
+ s.CreationTime = &v
return s
}
-// SetTrailARN sets the TrailARN field's value.
-func (s *PutInsightSelectorsOutput) SetTrailARN(v string) *PutInsightSelectorsOutput {
- s.TrailARN = &v
+// SetEventsMatched sets the EventsMatched field's value.
+func (s *QueryStatisticsForDescribeQuery) SetEventsMatched(v int64) *QueryStatisticsForDescribeQuery {
+ s.EventsMatched = &v
+ return s
+}
+
+// SetEventsScanned sets the EventsScanned field's value.
+func (s *QueryStatisticsForDescribeQuery) SetEventsScanned(v int64) *QueryStatisticsForDescribeQuery {
+ s.EventsScanned = &v
+ return s
+}
+
+// SetExecutionTimeInMillis sets the ExecutionTimeInMillis field's value.
+func (s *QueryStatisticsForDescribeQuery) SetExecutionTimeInMillis(v int64) *QueryStatisticsForDescribeQuery {
+ s.ExecutionTimeInMillis = &v
return s
}
@@ -7619,7 +11386,9 @@ type RemoveTagsInput struct {
ResourceId *string `type:"string" required:"true"`
// Specifies a list of tags to be removed.
- TagsList []*Tag `type:"list"`
+ //
+ // TagsList is a required field
+ TagsList []*Tag `type:"list" required:"true"`
}
// String returns the string representation.
@@ -7646,6 +11415,9 @@ func (s *RemoveTagsInput) Validate() error {
if s.ResourceId == nil {
invalidParams.Add(request.NewErrParamRequired("ResourceId"))
}
+ if s.TagsList == nil {
+ invalidParams.Add(request.NewErrParamRequired("TagsList"))
+ }
if s.TagsList != nil {
for i, v := range s.TagsList {
if v == nil {
@@ -7880,42 +11652,209 @@ func (s ResourceTypeNotSupportedException) GoString() string {
return s.String()
}
-func newErrorResourceTypeNotSupportedException(v protocol.ResponseMetadata) error {
- return &ResourceTypeNotSupportedException{
- RespMetadata: v,
- }
+func newErrorResourceTypeNotSupportedException(v protocol.ResponseMetadata) error {
+ return &ResourceTypeNotSupportedException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *ResourceTypeNotSupportedException) Code() string {
+ return "ResourceTypeNotSupportedException"
+}
+
+// Message returns the exception's message.
+func (s *ResourceTypeNotSupportedException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *ResourceTypeNotSupportedException) OrigErr() error {
+ return nil
+}
+
+func (s *ResourceTypeNotSupportedException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *ResourceTypeNotSupportedException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *ResourceTypeNotSupportedException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
+type RestoreEventDataStoreInput struct {
+ _ struct{} `type:"structure"`
+
+ // The ARN (or the ID suffix of the ARN) of the event data store that you want
+ // to restore.
+ //
+ // EventDataStore is a required field
+ EventDataStore *string `min:"3" type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s RestoreEventDataStoreInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s RestoreEventDataStoreInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *RestoreEventDataStoreInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "RestoreEventDataStoreInput"}
+ if s.EventDataStore == nil {
+ invalidParams.Add(request.NewErrParamRequired("EventDataStore"))
+ }
+ if s.EventDataStore != nil && len(*s.EventDataStore) < 3 {
+ invalidParams.Add(request.NewErrParamMinLen("EventDataStore", 3))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetEventDataStore sets the EventDataStore field's value.
+func (s *RestoreEventDataStoreInput) SetEventDataStore(v string) *RestoreEventDataStoreInput {
+ s.EventDataStore = &v
+ return s
+}
+
+type RestoreEventDataStoreOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The advanced event selectors that were used to select events.
+ AdvancedEventSelectors []*AdvancedEventSelector `type:"list"`
+
+ // The timestamp of an event data store's creation.
+ CreatedTimestamp *time.Time `type:"timestamp"`
+
+ // The event data store ARN.
+ EventDataStoreArn *string `min:"3" type:"string"`
+
+ // Indicates whether the event data store is collecting events from all regions,
+ // or only from the region in which the event data store was created.
+ MultiRegionEnabled *bool `type:"boolean"`
+
+ // The name of the event data store.
+ Name *string `min:"3" type:"string"`
+
+ // Indicates whether an event data store is collecting logged events for an
+ // organization in Organizations.
+ OrganizationEnabled *bool `type:"boolean"`
+
+ // The retention period, in days.
+ RetentionPeriod *int64 `min:"7" type:"integer"`
+
+ // The status of the event data store.
+ Status *string `type:"string" enum:"EventDataStoreStatus"`
+
+ // Indicates that termination protection is enabled and the event data store
+ // cannot be automatically deleted.
+ TerminationProtectionEnabled *bool `type:"boolean"`
+
+ // The timestamp that shows when an event data store was updated, if applicable.
+ // UpdatedTimestamp is always either the same or newer than the time shown in
+ // CreatedTimestamp.
+ UpdatedTimestamp *time.Time `type:"timestamp"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s RestoreEventDataStoreOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s RestoreEventDataStoreOutput) GoString() string {
+ return s.String()
+}
+
+// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
+func (s *RestoreEventDataStoreOutput) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *RestoreEventDataStoreOutput {
+ s.AdvancedEventSelectors = v
+ return s
+}
+
+// SetCreatedTimestamp sets the CreatedTimestamp field's value.
+func (s *RestoreEventDataStoreOutput) SetCreatedTimestamp(v time.Time) *RestoreEventDataStoreOutput {
+ s.CreatedTimestamp = &v
+ return s
+}
+
+// SetEventDataStoreArn sets the EventDataStoreArn field's value.
+func (s *RestoreEventDataStoreOutput) SetEventDataStoreArn(v string) *RestoreEventDataStoreOutput {
+ s.EventDataStoreArn = &v
+ return s
}
-// Code returns the exception type name.
-func (s *ResourceTypeNotSupportedException) Code() string {
- return "ResourceTypeNotSupportedException"
+// SetMultiRegionEnabled sets the MultiRegionEnabled field's value.
+func (s *RestoreEventDataStoreOutput) SetMultiRegionEnabled(v bool) *RestoreEventDataStoreOutput {
+ s.MultiRegionEnabled = &v
+ return s
}
-// Message returns the exception's message.
-func (s *ResourceTypeNotSupportedException) Message() string {
- if s.Message_ != nil {
- return *s.Message_
- }
- return ""
+// SetName sets the Name field's value.
+func (s *RestoreEventDataStoreOutput) SetName(v string) *RestoreEventDataStoreOutput {
+ s.Name = &v
+ return s
}
-// OrigErr always returns nil, satisfies awserr.Error interface.
-func (s *ResourceTypeNotSupportedException) OrigErr() error {
- return nil
+// SetOrganizationEnabled sets the OrganizationEnabled field's value.
+func (s *RestoreEventDataStoreOutput) SetOrganizationEnabled(v bool) *RestoreEventDataStoreOutput {
+ s.OrganizationEnabled = &v
+ return s
}
-func (s *ResourceTypeNotSupportedException) Error() string {
- return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+// SetRetentionPeriod sets the RetentionPeriod field's value.
+func (s *RestoreEventDataStoreOutput) SetRetentionPeriod(v int64) *RestoreEventDataStoreOutput {
+ s.RetentionPeriod = &v
+ return s
}
-// Status code returns the HTTP status code for the request's response error.
-func (s *ResourceTypeNotSupportedException) StatusCode() int {
- return s.RespMetadata.StatusCode
+// SetStatus sets the Status field's value.
+func (s *RestoreEventDataStoreOutput) SetStatus(v string) *RestoreEventDataStoreOutput {
+ s.Status = &v
+ return s
}
-// RequestID returns the service's response RequestID for request.
-func (s *ResourceTypeNotSupportedException) RequestID() string {
- return s.RespMetadata.RequestID
+// SetTerminationProtectionEnabled sets the TerminationProtectionEnabled field's value.
+func (s *RestoreEventDataStoreOutput) SetTerminationProtectionEnabled(v bool) *RestoreEventDataStoreOutput {
+ s.TerminationProtectionEnabled = &v
+ return s
+}
+
+// SetUpdatedTimestamp sets the UpdatedTimestamp field's value.
+func (s *RestoreEventDataStoreOutput) SetUpdatedTimestamp(v time.Time) *RestoreEventDataStoreOutput {
+ s.UpdatedTimestamp = &v
+ return s
}
// This exception is thrown when the specified S3 bucket does not exist.
@@ -8058,6 +11997,86 @@ func (s StartLoggingOutput) GoString() string {
return s.String()
}
+type StartQueryInput struct {
+ _ struct{} `type:"structure"`
+
+ // The SQL code of your query.
+ //
+ // QueryStatement is a required field
+ QueryStatement *string `min:"1" type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s StartQueryInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s StartQueryInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *StartQueryInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "StartQueryInput"}
+ if s.QueryStatement == nil {
+ invalidParams.Add(request.NewErrParamRequired("QueryStatement"))
+ }
+ if s.QueryStatement != nil && len(*s.QueryStatement) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("QueryStatement", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetQueryStatement sets the QueryStatement field's value.
+func (s *StartQueryInput) SetQueryStatement(v string) *StartQueryInput {
+ s.QueryStatement = &v
+ return s
+}
+
+type StartQueryOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The ID of the started query.
+ QueryId *string `min:"36" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s StartQueryOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s StartQueryOutput) GoString() string {
+ return s.String()
+}
+
+// SetQueryId sets the QueryId field's value.
+func (s *StartQueryOutput) SetQueryId(v string) *StartQueryOutput {
+ s.QueryId = &v
+ return s
+}
+
// Passes the request to CloudTrail to stop logging Amazon Web Services API
// calls for the specified account.
type StopLoggingInput struct {
@@ -8142,11 +12161,11 @@ type Tag struct {
// characters. The key must be unique for the resource to which it applies.
//
// Key is a required field
- Key *string `type:"string" required:"true"`
+ Key *string `min:"1" type:"string" required:"true"`
// The value in a key-value pair of a tag. The value must be no longer than
// 256 Unicode characters.
- Value *string `type:"string"`
+ Value *string `min:"1" type:"string"`
}
// String returns the string representation.
@@ -8173,6 +12192,12 @@ func (s *Tag) Validate() error {
if s.Key == nil {
invalidParams.Add(request.NewErrParamRequired("Key"))
}
+ if s.Key != nil && len(*s.Key) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Key", 1))
+ }
+ if s.Value != nil && len(*s.Value) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Value", 1))
+ }
if invalidParams.Len() > 0 {
return invalidParams
@@ -8749,6 +12774,244 @@ func (s *UnsupportedOperationException) RequestID() string {
return s.RespMetadata.RequestID
}
+type UpdateEventDataStoreInput struct {
+ _ struct{} `type:"structure"`
+
+ // The advanced event selectors used to select events for the event data store.
+ AdvancedEventSelectors []*AdvancedEventSelector `type:"list"`
+
+ // The ARN (or the ID suffix of the ARN) of the event data store that you want
+ // to update.
+ //
+ // EventDataStore is a required field
+ EventDataStore *string `min:"3" type:"string" required:"true"`
+
+ // Specifies whether an event data store collects events from all regions, or
+ // only from the region in which it was created.
+ MultiRegionEnabled *bool `type:"boolean"`
+
+ // The event data store name.
+ Name *string `min:"3" type:"string"`
+
+ // Specifies whether an event data store collects events logged for an organization
+ // in Organizations.
+ OrganizationEnabled *bool `type:"boolean"`
+
+ // The retention period, in days.
+ RetentionPeriod *int64 `min:"7" type:"integer"`
+
+ // Indicates that termination protection is enabled and the event data store
+ // cannot be automatically deleted.
+ TerminationProtectionEnabled *bool `type:"boolean"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s UpdateEventDataStoreInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s UpdateEventDataStoreInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *UpdateEventDataStoreInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "UpdateEventDataStoreInput"}
+ if s.EventDataStore == nil {
+ invalidParams.Add(request.NewErrParamRequired("EventDataStore"))
+ }
+ if s.EventDataStore != nil && len(*s.EventDataStore) < 3 {
+ invalidParams.Add(request.NewErrParamMinLen("EventDataStore", 3))
+ }
+ if s.Name != nil && len(*s.Name) < 3 {
+ invalidParams.Add(request.NewErrParamMinLen("Name", 3))
+ }
+ if s.RetentionPeriod != nil && *s.RetentionPeriod < 7 {
+ invalidParams.Add(request.NewErrParamMinValue("RetentionPeriod", 7))
+ }
+ if s.AdvancedEventSelectors != nil {
+ for i, v := range s.AdvancedEventSelectors {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "AdvancedEventSelectors", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
+func (s *UpdateEventDataStoreInput) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *UpdateEventDataStoreInput {
+ s.AdvancedEventSelectors = v
+ return s
+}
+
+// SetEventDataStore sets the EventDataStore field's value.
+func (s *UpdateEventDataStoreInput) SetEventDataStore(v string) *UpdateEventDataStoreInput {
+ s.EventDataStore = &v
+ return s
+}
+
+// SetMultiRegionEnabled sets the MultiRegionEnabled field's value.
+func (s *UpdateEventDataStoreInput) SetMultiRegionEnabled(v bool) *UpdateEventDataStoreInput {
+ s.MultiRegionEnabled = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *UpdateEventDataStoreInput) SetName(v string) *UpdateEventDataStoreInput {
+ s.Name = &v
+ return s
+}
+
+// SetOrganizationEnabled sets the OrganizationEnabled field's value.
+func (s *UpdateEventDataStoreInput) SetOrganizationEnabled(v bool) *UpdateEventDataStoreInput {
+ s.OrganizationEnabled = &v
+ return s
+}
+
+// SetRetentionPeriod sets the RetentionPeriod field's value.
+func (s *UpdateEventDataStoreInput) SetRetentionPeriod(v int64) *UpdateEventDataStoreInput {
+ s.RetentionPeriod = &v
+ return s
+}
+
+// SetTerminationProtectionEnabled sets the TerminationProtectionEnabled field's value.
+func (s *UpdateEventDataStoreInput) SetTerminationProtectionEnabled(v bool) *UpdateEventDataStoreInput {
+ s.TerminationProtectionEnabled = &v
+ return s
+}
+
+type UpdateEventDataStoreOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The advanced event selectors that are applied to the event data store.
+ AdvancedEventSelectors []*AdvancedEventSelector `type:"list"`
+
+ // The timestamp that shows when an event data store was first created.
+ CreatedTimestamp *time.Time `type:"timestamp"`
+
+ // The ARN of the event data store.
+ EventDataStoreArn *string `min:"3" type:"string"`
+
+ // Indicates whether the event data store includes events from all regions,
+ // or only from the region in which it was created.
+ MultiRegionEnabled *bool `type:"boolean"`
+
+ // The name of the event data store.
+ Name *string `min:"3" type:"string"`
+
+ // Indicates whether an event data store is collecting logged events for an
+ // organization in Organizations.
+ OrganizationEnabled *bool `type:"boolean"`
+
+ // The retention period, in days.
+ RetentionPeriod *int64 `min:"7" type:"integer"`
+
+ // The status of an event data store. Values can be ENABLED and PENDING_DELETION.
+ Status *string `type:"string" enum:"EventDataStoreStatus"`
+
+ // Indicates whether termination protection is enabled for the event data store.
+ TerminationProtectionEnabled *bool `type:"boolean"`
+
+ // The timestamp that shows when the event data store was last updated. UpdatedTimestamp
+ // is always either the same or newer than the time shown in CreatedTimestamp.
+ UpdatedTimestamp *time.Time `type:"timestamp"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s UpdateEventDataStoreOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s UpdateEventDataStoreOutput) GoString() string {
+ return s.String()
+}
+
+// SetAdvancedEventSelectors sets the AdvancedEventSelectors field's value.
+func (s *UpdateEventDataStoreOutput) SetAdvancedEventSelectors(v []*AdvancedEventSelector) *UpdateEventDataStoreOutput {
+ s.AdvancedEventSelectors = v
+ return s
+}
+
+// SetCreatedTimestamp sets the CreatedTimestamp field's value.
+func (s *UpdateEventDataStoreOutput) SetCreatedTimestamp(v time.Time) *UpdateEventDataStoreOutput {
+ s.CreatedTimestamp = &v
+ return s
+}
+
+// SetEventDataStoreArn sets the EventDataStoreArn field's value.
+func (s *UpdateEventDataStoreOutput) SetEventDataStoreArn(v string) *UpdateEventDataStoreOutput {
+ s.EventDataStoreArn = &v
+ return s
+}
+
+// SetMultiRegionEnabled sets the MultiRegionEnabled field's value.
+func (s *UpdateEventDataStoreOutput) SetMultiRegionEnabled(v bool) *UpdateEventDataStoreOutput {
+ s.MultiRegionEnabled = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *UpdateEventDataStoreOutput) SetName(v string) *UpdateEventDataStoreOutput {
+ s.Name = &v
+ return s
+}
+
+// SetOrganizationEnabled sets the OrganizationEnabled field's value.
+func (s *UpdateEventDataStoreOutput) SetOrganizationEnabled(v bool) *UpdateEventDataStoreOutput {
+ s.OrganizationEnabled = &v
+ return s
+}
+
+// SetRetentionPeriod sets the RetentionPeriod field's value.
+func (s *UpdateEventDataStoreOutput) SetRetentionPeriod(v int64) *UpdateEventDataStoreOutput {
+ s.RetentionPeriod = &v
+ return s
+}
+
+// SetStatus sets the Status field's value.
+func (s *UpdateEventDataStoreOutput) SetStatus(v string) *UpdateEventDataStoreOutput {
+ s.Status = &v
+ return s
+}
+
+// SetTerminationProtectionEnabled sets the TerminationProtectionEnabled field's value.
+func (s *UpdateEventDataStoreOutput) SetTerminationProtectionEnabled(v bool) *UpdateEventDataStoreOutput {
+ s.TerminationProtectionEnabled = &v
+ return s
+}
+
+// SetUpdatedTimestamp sets the UpdatedTimestamp field's value.
+func (s *UpdateEventDataStoreOutput) SetUpdatedTimestamp(v time.Time) *UpdateEventDataStoreOutput {
+ s.UpdatedTimestamp = &v
+ return s
+}
+
// Specifies settings to update for the trail.
type UpdateTrailInput struct {
_ struct{} `type:"structure"`
@@ -9121,6 +13384,26 @@ func EventCategory_Values() []string {
}
}
+const (
+ // EventDataStoreStatusCreated is a EventDataStoreStatus enum value
+ EventDataStoreStatusCreated = "CREATED"
+
+ // EventDataStoreStatusEnabled is a EventDataStoreStatus enum value
+ EventDataStoreStatusEnabled = "ENABLED"
+
+ // EventDataStoreStatusPendingDeletion is a EventDataStoreStatus enum value
+ EventDataStoreStatusPendingDeletion = "PENDING_DELETION"
+)
+
+// EventDataStoreStatus_Values returns all elements of the EventDataStoreStatus enum
+func EventDataStoreStatus_Values() []string {
+ return []string{
+ EventDataStoreStatusCreated,
+ EventDataStoreStatusEnabled,
+ EventDataStoreStatusPendingDeletion,
+ }
+}
+
const (
// InsightTypeApiCallRateInsight is a InsightType enum value
InsightTypeApiCallRateInsight = "ApiCallRateInsight"
@@ -9177,6 +13460,34 @@ func LookupAttributeKey_Values() []string {
}
}
+const (
+ // QueryStatusQueued is a QueryStatus enum value
+ QueryStatusQueued = "QUEUED"
+
+ // QueryStatusRunning is a QueryStatus enum value
+ QueryStatusRunning = "RUNNING"
+
+ // QueryStatusFinished is a QueryStatus enum value
+ QueryStatusFinished = "FINISHED"
+
+ // QueryStatusFailed is a QueryStatus enum value
+ QueryStatusFailed = "FAILED"
+
+ // QueryStatusCancelled is a QueryStatus enum value
+ QueryStatusCancelled = "CANCELLED"
+)
+
+// QueryStatus_Values returns all elements of the QueryStatus enum
+func QueryStatus_Values() []string {
+ return []string{
+ QueryStatusQueued,
+ QueryStatusRunning,
+ QueryStatusFinished,
+ QueryStatusFailed,
+ QueryStatusCancelled,
+ }
+}
+
const (
// ReadWriteTypeReadOnly is a ReadWriteType enum value
ReadWriteTypeReadOnly = "ReadOnly"
diff --git a/service/cloudtrail/cloudtrailiface/interface.go b/service/cloudtrail/cloudtrailiface/interface.go
index dc03ba70d7b..612849423d4 100644
--- a/service/cloudtrail/cloudtrailiface/interface.go
+++ b/service/cloudtrail/cloudtrailiface/interface.go
@@ -64,18 +64,38 @@ type CloudTrailAPI interface {
AddTagsWithContext(aws.Context, *cloudtrail.AddTagsInput, ...request.Option) (*cloudtrail.AddTagsOutput, error)
AddTagsRequest(*cloudtrail.AddTagsInput) (*request.Request, *cloudtrail.AddTagsOutput)
+ CancelQuery(*cloudtrail.CancelQueryInput) (*cloudtrail.CancelQueryOutput, error)
+ CancelQueryWithContext(aws.Context, *cloudtrail.CancelQueryInput, ...request.Option) (*cloudtrail.CancelQueryOutput, error)
+ CancelQueryRequest(*cloudtrail.CancelQueryInput) (*request.Request, *cloudtrail.CancelQueryOutput)
+
+ CreateEventDataStore(*cloudtrail.CreateEventDataStoreInput) (*cloudtrail.CreateEventDataStoreOutput, error)
+ CreateEventDataStoreWithContext(aws.Context, *cloudtrail.CreateEventDataStoreInput, ...request.Option) (*cloudtrail.CreateEventDataStoreOutput, error)
+ CreateEventDataStoreRequest(*cloudtrail.CreateEventDataStoreInput) (*request.Request, *cloudtrail.CreateEventDataStoreOutput)
+
CreateTrail(*cloudtrail.CreateTrailInput) (*cloudtrail.CreateTrailOutput, error)
CreateTrailWithContext(aws.Context, *cloudtrail.CreateTrailInput, ...request.Option) (*cloudtrail.CreateTrailOutput, error)
CreateTrailRequest(*cloudtrail.CreateTrailInput) (*request.Request, *cloudtrail.CreateTrailOutput)
+ DeleteEventDataStore(*cloudtrail.DeleteEventDataStoreInput) (*cloudtrail.DeleteEventDataStoreOutput, error)
+ DeleteEventDataStoreWithContext(aws.Context, *cloudtrail.DeleteEventDataStoreInput, ...request.Option) (*cloudtrail.DeleteEventDataStoreOutput, error)
+ DeleteEventDataStoreRequest(*cloudtrail.DeleteEventDataStoreInput) (*request.Request, *cloudtrail.DeleteEventDataStoreOutput)
+
DeleteTrail(*cloudtrail.DeleteTrailInput) (*cloudtrail.DeleteTrailOutput, error)
DeleteTrailWithContext(aws.Context, *cloudtrail.DeleteTrailInput, ...request.Option) (*cloudtrail.DeleteTrailOutput, error)
DeleteTrailRequest(*cloudtrail.DeleteTrailInput) (*request.Request, *cloudtrail.DeleteTrailOutput)
+ DescribeQuery(*cloudtrail.DescribeQueryInput) (*cloudtrail.DescribeQueryOutput, error)
+ DescribeQueryWithContext(aws.Context, *cloudtrail.DescribeQueryInput, ...request.Option) (*cloudtrail.DescribeQueryOutput, error)
+ DescribeQueryRequest(*cloudtrail.DescribeQueryInput) (*request.Request, *cloudtrail.DescribeQueryOutput)
+
DescribeTrails(*cloudtrail.DescribeTrailsInput) (*cloudtrail.DescribeTrailsOutput, error)
DescribeTrailsWithContext(aws.Context, *cloudtrail.DescribeTrailsInput, ...request.Option) (*cloudtrail.DescribeTrailsOutput, error)
DescribeTrailsRequest(*cloudtrail.DescribeTrailsInput) (*request.Request, *cloudtrail.DescribeTrailsOutput)
+ GetEventDataStore(*cloudtrail.GetEventDataStoreInput) (*cloudtrail.GetEventDataStoreOutput, error)
+ GetEventDataStoreWithContext(aws.Context, *cloudtrail.GetEventDataStoreInput, ...request.Option) (*cloudtrail.GetEventDataStoreOutput, error)
+ GetEventDataStoreRequest(*cloudtrail.GetEventDataStoreInput) (*request.Request, *cloudtrail.GetEventDataStoreOutput)
+
GetEventSelectors(*cloudtrail.GetEventSelectorsInput) (*cloudtrail.GetEventSelectorsOutput, error)
GetEventSelectorsWithContext(aws.Context, *cloudtrail.GetEventSelectorsInput, ...request.Option) (*cloudtrail.GetEventSelectorsOutput, error)
GetEventSelectorsRequest(*cloudtrail.GetEventSelectorsInput) (*request.Request, *cloudtrail.GetEventSelectorsOutput)
@@ -84,6 +104,13 @@ type CloudTrailAPI interface {
GetInsightSelectorsWithContext(aws.Context, *cloudtrail.GetInsightSelectorsInput, ...request.Option) (*cloudtrail.GetInsightSelectorsOutput, error)
GetInsightSelectorsRequest(*cloudtrail.GetInsightSelectorsInput) (*request.Request, *cloudtrail.GetInsightSelectorsOutput)
+ GetQueryResults(*cloudtrail.GetQueryResultsInput) (*cloudtrail.GetQueryResultsOutput, error)
+ GetQueryResultsWithContext(aws.Context, *cloudtrail.GetQueryResultsInput, ...request.Option) (*cloudtrail.GetQueryResultsOutput, error)
+ GetQueryResultsRequest(*cloudtrail.GetQueryResultsInput) (*request.Request, *cloudtrail.GetQueryResultsOutput)
+
+ GetQueryResultsPages(*cloudtrail.GetQueryResultsInput, func(*cloudtrail.GetQueryResultsOutput, bool) bool) error
+ GetQueryResultsPagesWithContext(aws.Context, *cloudtrail.GetQueryResultsInput, func(*cloudtrail.GetQueryResultsOutput, bool) bool, ...request.Option) error
+
GetTrail(*cloudtrail.GetTrailInput) (*cloudtrail.GetTrailOutput, error)
GetTrailWithContext(aws.Context, *cloudtrail.GetTrailInput, ...request.Option) (*cloudtrail.GetTrailOutput, error)
GetTrailRequest(*cloudtrail.GetTrailInput) (*request.Request, *cloudtrail.GetTrailOutput)
@@ -92,6 +119,13 @@ type CloudTrailAPI interface {
GetTrailStatusWithContext(aws.Context, *cloudtrail.GetTrailStatusInput, ...request.Option) (*cloudtrail.GetTrailStatusOutput, error)
GetTrailStatusRequest(*cloudtrail.GetTrailStatusInput) (*request.Request, *cloudtrail.GetTrailStatusOutput)
+ ListEventDataStores(*cloudtrail.ListEventDataStoresInput) (*cloudtrail.ListEventDataStoresOutput, error)
+ ListEventDataStoresWithContext(aws.Context, *cloudtrail.ListEventDataStoresInput, ...request.Option) (*cloudtrail.ListEventDataStoresOutput, error)
+ ListEventDataStoresRequest(*cloudtrail.ListEventDataStoresInput) (*request.Request, *cloudtrail.ListEventDataStoresOutput)
+
+ ListEventDataStoresPages(*cloudtrail.ListEventDataStoresInput, func(*cloudtrail.ListEventDataStoresOutput, bool) bool) error
+ ListEventDataStoresPagesWithContext(aws.Context, *cloudtrail.ListEventDataStoresInput, func(*cloudtrail.ListEventDataStoresOutput, bool) bool, ...request.Option) error
+
ListPublicKeys(*cloudtrail.ListPublicKeysInput) (*cloudtrail.ListPublicKeysOutput, error)
ListPublicKeysWithContext(aws.Context, *cloudtrail.ListPublicKeysInput, ...request.Option) (*cloudtrail.ListPublicKeysOutput, error)
ListPublicKeysRequest(*cloudtrail.ListPublicKeysInput) (*request.Request, *cloudtrail.ListPublicKeysOutput)
@@ -99,6 +133,13 @@ type CloudTrailAPI interface {
ListPublicKeysPages(*cloudtrail.ListPublicKeysInput, func(*cloudtrail.ListPublicKeysOutput, bool) bool) error
ListPublicKeysPagesWithContext(aws.Context, *cloudtrail.ListPublicKeysInput, func(*cloudtrail.ListPublicKeysOutput, bool) bool, ...request.Option) error
+ ListQueries(*cloudtrail.ListQueriesInput) (*cloudtrail.ListQueriesOutput, error)
+ ListQueriesWithContext(aws.Context, *cloudtrail.ListQueriesInput, ...request.Option) (*cloudtrail.ListQueriesOutput, error)
+ ListQueriesRequest(*cloudtrail.ListQueriesInput) (*request.Request, *cloudtrail.ListQueriesOutput)
+
+ ListQueriesPages(*cloudtrail.ListQueriesInput, func(*cloudtrail.ListQueriesOutput, bool) bool) error
+ ListQueriesPagesWithContext(aws.Context, *cloudtrail.ListQueriesInput, func(*cloudtrail.ListQueriesOutput, bool) bool, ...request.Option) error
+
ListTags(*cloudtrail.ListTagsInput) (*cloudtrail.ListTagsOutput, error)
ListTagsWithContext(aws.Context, *cloudtrail.ListTagsInput, ...request.Option) (*cloudtrail.ListTagsOutput, error)
ListTagsRequest(*cloudtrail.ListTagsInput) (*request.Request, *cloudtrail.ListTagsOutput)
@@ -132,14 +173,26 @@ type CloudTrailAPI interface {
RemoveTagsWithContext(aws.Context, *cloudtrail.RemoveTagsInput, ...request.Option) (*cloudtrail.RemoveTagsOutput, error)
RemoveTagsRequest(*cloudtrail.RemoveTagsInput) (*request.Request, *cloudtrail.RemoveTagsOutput)
+ RestoreEventDataStore(*cloudtrail.RestoreEventDataStoreInput) (*cloudtrail.RestoreEventDataStoreOutput, error)
+ RestoreEventDataStoreWithContext(aws.Context, *cloudtrail.RestoreEventDataStoreInput, ...request.Option) (*cloudtrail.RestoreEventDataStoreOutput, error)
+ RestoreEventDataStoreRequest(*cloudtrail.RestoreEventDataStoreInput) (*request.Request, *cloudtrail.RestoreEventDataStoreOutput)
+
StartLogging(*cloudtrail.StartLoggingInput) (*cloudtrail.StartLoggingOutput, error)
StartLoggingWithContext(aws.Context, *cloudtrail.StartLoggingInput, ...request.Option) (*cloudtrail.StartLoggingOutput, error)
StartLoggingRequest(*cloudtrail.StartLoggingInput) (*request.Request, *cloudtrail.StartLoggingOutput)
+ StartQuery(*cloudtrail.StartQueryInput) (*cloudtrail.StartQueryOutput, error)
+ StartQueryWithContext(aws.Context, *cloudtrail.StartQueryInput, ...request.Option) (*cloudtrail.StartQueryOutput, error)
+ StartQueryRequest(*cloudtrail.StartQueryInput) (*request.Request, *cloudtrail.StartQueryOutput)
+
StopLogging(*cloudtrail.StopLoggingInput) (*cloudtrail.StopLoggingOutput, error)
StopLoggingWithContext(aws.Context, *cloudtrail.StopLoggingInput, ...request.Option) (*cloudtrail.StopLoggingOutput, error)
StopLoggingRequest(*cloudtrail.StopLoggingInput) (*request.Request, *cloudtrail.StopLoggingOutput)
+ UpdateEventDataStore(*cloudtrail.UpdateEventDataStoreInput) (*cloudtrail.UpdateEventDataStoreOutput, error)
+ UpdateEventDataStoreWithContext(aws.Context, *cloudtrail.UpdateEventDataStoreInput, ...request.Option) (*cloudtrail.UpdateEventDataStoreOutput, error)
+ UpdateEventDataStoreRequest(*cloudtrail.UpdateEventDataStoreInput) (*request.Request, *cloudtrail.UpdateEventDataStoreOutput)
+
UpdateTrail(*cloudtrail.UpdateTrailInput) (*cloudtrail.UpdateTrailOutput, error)
UpdateTrailWithContext(aws.Context, *cloudtrail.UpdateTrailInput, ...request.Option) (*cloudtrail.UpdateTrailOutput, error)
UpdateTrailRequest(*cloudtrail.UpdateTrailInput) (*request.Request, *cloudtrail.UpdateTrailOutput)
diff --git a/service/cloudtrail/errors.go b/service/cloudtrail/errors.go
index 8e1361bdf3e..51caefba757 100644
--- a/service/cloudtrail/errors.go
+++ b/service/cloudtrail/errors.go
@@ -50,6 +50,51 @@ const (
// a few minutes, and then try the operation again.
ErrCodeConflictException = "ConflictException"
+ // ErrCodeEventDataStoreARNInvalidException for service response error code
+ // "EventDataStoreARNInvalidException".
+ //
+ // The specified event data store ARN is not valid or does not map to an event
+ // data store in your account.
+ ErrCodeEventDataStoreARNInvalidException = "EventDataStoreARNInvalidException"
+
+ // ErrCodeEventDataStoreAlreadyExistsException for service response error code
+ // "EventDataStoreAlreadyExistsException".
+ //
+ // An event data store with that name already exists.
+ ErrCodeEventDataStoreAlreadyExistsException = "EventDataStoreAlreadyExistsException"
+
+ // ErrCodeEventDataStoreMaxLimitExceededException for service response error code
+ // "EventDataStoreMaxLimitExceededException".
+ //
+ // Your account has used the maximum number of event data stores.
+ ErrCodeEventDataStoreMaxLimitExceededException = "EventDataStoreMaxLimitExceededException"
+
+ // ErrCodeEventDataStoreNotFoundException for service response error code
+ // "EventDataStoreNotFoundException".
+ //
+ // The specified event data store was not found.
+ ErrCodeEventDataStoreNotFoundException = "EventDataStoreNotFoundException"
+
+ // ErrCodeEventDataStoreTerminationProtectedException for service response error code
+ // "EventDataStoreTerminationProtectedException".
+ //
+ // The event data store cannot be deleted because termination protection is
+ // enabled for it.
+ ErrCodeEventDataStoreTerminationProtectedException = "EventDataStoreTerminationProtectedException"
+
+ // ErrCodeInactiveEventDataStoreException for service response error code
+ // "InactiveEventDataStoreException".
+ //
+ // The event data store against which you ran your query is inactive.
+ ErrCodeInactiveEventDataStoreException = "InactiveEventDataStoreException"
+
+ // ErrCodeInactiveQueryException for service response error code
+ // "InactiveQueryException".
+ //
+ // The specified query cannot be canceled because it is in the FINISHED, FAILED,
+ // or CANCELLED state.
+ ErrCodeInactiveQueryException = "InactiveQueryException"
+
// ErrCodeInsightNotEnabledException for service response error code
// "InsightNotEnabledException".
//
@@ -98,6 +143,14 @@ const (
// This exception is thrown when the provided role is not valid.
ErrCodeInvalidCloudWatchLogsRoleArnException = "InvalidCloudWatchLogsRoleArnException"
+ // ErrCodeInvalidDateRangeException for service response error code
+ // "InvalidDateRangeException".
+ //
+ // A date range for the query was specified that is not valid. For more information
+ // about writing a query, see Create or edit a query (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html)
+ // in the CloudTrail User Guide.
+ ErrCodeInvalidDateRangeException = "InvalidDateRangeException"
+
// ErrCodeInvalidEventCategoryException for service response error code
// "InvalidEventCategoryException".
//
@@ -105,6 +158,12 @@ const (
// EventCategory.
ErrCodeInvalidEventCategoryException = "InvalidEventCategoryException"
+ // ErrCodeInvalidEventDataStoreStatusException for service response error code
+ // "InvalidEventDataStoreStatusException".
+ //
+ // The event data store is not in a status that supports the operation.
+ ErrCodeInvalidEventDataStoreStatusException = "InvalidEventDataStoreStatusException"
+
// ErrCodeInvalidEventSelectorsException for service response error code
// "InvalidEventSelectorsException".
//
@@ -181,6 +240,27 @@ const (
// valid.
ErrCodeInvalidParameterCombinationException = "InvalidParameterCombinationException"
+ // ErrCodeInvalidParameterException for service response error code
+ // "InvalidParameterException".
+ //
+ // The request includes a parameter that is not valid.
+ ErrCodeInvalidParameterException = "InvalidParameterException"
+
+ // ErrCodeInvalidQueryStatementException for service response error code
+ // "InvalidQueryStatementException".
+ //
+ // The query that was submitted has validation errors, or uses incorrect syntax
+ // or unsupported keywords. For more information about writing a query, see
+ // Create or edit a query (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-create-edit-query.html)
+ // in the CloudTrail User Guide.
+ ErrCodeInvalidQueryStatementException = "InvalidQueryStatementException"
+
+ // ErrCodeInvalidQueryStatusException for service response error code
+ // "InvalidQueryStatusException".
+ //
+ // The query status is not valid for the operation.
+ ErrCodeInvalidQueryStatusException = "InvalidQueryStatusException"
+
// ErrCodeInvalidS3BucketNameException for service response error code
// "InvalidS3BucketNameException".
//
@@ -259,6 +339,13 @@ const (
// with the Amazon SNS topic either does not exist or is not in the same region.
ErrCodeKmsKeyNotFoundException = "KmsKeyNotFoundException"
+ // ErrCodeMaxConcurrentQueriesException for service response error code
+ // "MaxConcurrentQueriesException".
+ //
+ // You are already running the maximum number of concurrent queries. Wait a
+ // minute for some queries to finish, and then run the query again.
+ ErrCodeMaxConcurrentQueriesException = "MaxConcurrentQueriesException"
+
// ErrCodeMaximumNumberOfTrailsExceededException for service response error code
// "MaximumNumberOfTrailsExceededException".
//
@@ -297,6 +384,12 @@ const (
// in using the credentials of an account that belongs to an organization.
ErrCodeOrganizationsNotInUseException = "OrganizationsNotInUseException"
+ // ErrCodeQueryIdNotFoundException for service response error code
+ // "QueryIdNotFoundException".
+ //
+ // The query ID does not exist or does not map to a query.
+ ErrCodeQueryIdNotFoundException = "QueryIdNotFoundException"
+
// ErrCodeResourceNotFoundException for service response error code
// "ResourceNotFoundException".
//
@@ -354,6 +447,13 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
"CloudTrailInvalidClientTokenIdException": newErrorCloudTrailInvalidClientTokenIdException,
"CloudWatchLogsDeliveryUnavailableException": newErrorCloudWatchLogsDeliveryUnavailableException,
"ConflictException": newErrorConflictException,
+ "EventDataStoreARNInvalidException": newErrorEventDataStoreARNInvalidException,
+ "EventDataStoreAlreadyExistsException": newErrorEventDataStoreAlreadyExistsException,
+ "EventDataStoreMaxLimitExceededException": newErrorEventDataStoreMaxLimitExceededException,
+ "EventDataStoreNotFoundException": newErrorEventDataStoreNotFoundException,
+ "EventDataStoreTerminationProtectedException": newErrorEventDataStoreTerminationProtectedException,
+ "InactiveEventDataStoreException": newErrorInactiveEventDataStoreException,
+ "InactiveQueryException": newErrorInactiveQueryException,
"InsightNotEnabledException": newErrorInsightNotEnabledException,
"InsufficientDependencyServiceAccessPermissionException": newErrorInsufficientDependencyServiceAccessPermissionException,
"InsufficientEncryptionPolicyException": newErrorInsufficientEncryptionPolicyException,
@@ -361,7 +461,9 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
"InsufficientSnsTopicPolicyException": newErrorInsufficientSnsTopicPolicyException,
"InvalidCloudWatchLogsLogGroupArnException": newErrorInvalidCloudWatchLogsLogGroupArnException,
"InvalidCloudWatchLogsRoleArnException": newErrorInvalidCloudWatchLogsRoleArnException,
+ "InvalidDateRangeException": newErrorInvalidDateRangeException,
"InvalidEventCategoryException": newErrorInvalidEventCategoryException,
+ "InvalidEventDataStoreStatusException": newErrorInvalidEventDataStoreStatusException,
"InvalidEventSelectorsException": newErrorInvalidEventSelectorsException,
"InvalidHomeRegionException": newErrorInvalidHomeRegionException,
"InvalidInsightSelectorsException": newErrorInvalidInsightSelectorsException,
@@ -370,6 +472,9 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
"InvalidMaxResultsException": newErrorInvalidMaxResultsException,
"InvalidNextTokenException": newErrorInvalidNextTokenException,
"InvalidParameterCombinationException": newErrorInvalidParameterCombinationException,
+ "InvalidParameterException": newErrorInvalidParameterException,
+ "InvalidQueryStatementException": newErrorInvalidQueryStatementException,
+ "InvalidQueryStatusException": newErrorInvalidQueryStatusException,
"InvalidS3BucketNameException": newErrorInvalidS3BucketNameException,
"InvalidS3PrefixException": newErrorInvalidS3PrefixException,
"InvalidSnsTopicNameException": newErrorInvalidSnsTopicNameException,
@@ -380,11 +485,13 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
"KmsException": newErrorKmsException,
"KmsKeyDisabledException": newErrorKmsKeyDisabledException,
"KmsKeyNotFoundException": newErrorKmsKeyNotFoundException,
+ "MaxConcurrentQueriesException": newErrorMaxConcurrentQueriesException,
"MaximumNumberOfTrailsExceededException": newErrorMaximumNumberOfTrailsExceededException,
"NotOrganizationMasterAccountException": newErrorNotOrganizationMasterAccountException,
"OperationNotPermittedException": newErrorOperationNotPermittedException,
"OrganizationNotInAllFeaturesModeException": newErrorOrganizationNotInAllFeaturesModeException,
"OrganizationsNotInUseException": newErrorOrganizationsNotInUseException,
+ "QueryIdNotFoundException": newErrorQueryIdNotFoundException,
"ResourceNotFoundException": newErrorResourceNotFoundException,
"ResourceTypeNotSupportedException": newErrorResourceTypeNotSupportedException,
"S3BucketDoesNotExistException": newErrorS3BucketDoesNotExistException,
diff --git a/service/ec2/api.go b/service/ec2/api.go
index 0e993104224..4c6882631b0 100644
--- a/service/ec2/api.go
+++ b/service/ec2/api.go
@@ -42020,6 +42020,80 @@ func (c *EC2) ModifyVpcEndpointServiceConfigurationWithContext(ctx aws.Context,
return out, req.Send()
}
+const opModifyVpcEndpointServicePayerResponsibility = "ModifyVpcEndpointServicePayerResponsibility"
+
+// ModifyVpcEndpointServicePayerResponsibilityRequest generates a "aws/request.Request" representing the
+// client's request for the ModifyVpcEndpointServicePayerResponsibility operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See ModifyVpcEndpointServicePayerResponsibility for more information on using the ModifyVpcEndpointServicePayerResponsibility
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the ModifyVpcEndpointServicePayerResponsibilityRequest method.
+// req, resp := client.ModifyVpcEndpointServicePayerResponsibilityRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpcEndpointServicePayerResponsibility
+func (c *EC2) ModifyVpcEndpointServicePayerResponsibilityRequest(input *ModifyVpcEndpointServicePayerResponsibilityInput) (req *request.Request, output *ModifyVpcEndpointServicePayerResponsibilityOutput) {
+ op := &request.Operation{
+ Name: opModifyVpcEndpointServicePayerResponsibility,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &ModifyVpcEndpointServicePayerResponsibilityInput{}
+ }
+
+ output = &ModifyVpcEndpointServicePayerResponsibilityOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// ModifyVpcEndpointServicePayerResponsibility API operation for Amazon Elastic Compute Cloud.
+//
+// Modifies the payer responsibility for your VPC endpoint service.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon Elastic Compute Cloud's
+// API operation ModifyVpcEndpointServicePayerResponsibility for usage and error information.
+// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpcEndpointServicePayerResponsibility
+func (c *EC2) ModifyVpcEndpointServicePayerResponsibility(input *ModifyVpcEndpointServicePayerResponsibilityInput) (*ModifyVpcEndpointServicePayerResponsibilityOutput, error) {
+ req, out := c.ModifyVpcEndpointServicePayerResponsibilityRequest(input)
+ return out, req.Send()
+}
+
+// ModifyVpcEndpointServicePayerResponsibilityWithContext is the same as ModifyVpcEndpointServicePayerResponsibility with the addition of
+// the ability to pass a context and additional request options.
+//
+// See ModifyVpcEndpointServicePayerResponsibility for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *EC2) ModifyVpcEndpointServicePayerResponsibilityWithContext(ctx aws.Context, input *ModifyVpcEndpointServicePayerResponsibilityInput, opts ...request.Option) (*ModifyVpcEndpointServicePayerResponsibilityOutput, error) {
+ req, out := c.ModifyVpcEndpointServicePayerResponsibilityRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
const opModifyVpcEndpointServicePermissions = "ModifyVpcEndpointServicePermissions"
// ModifyVpcEndpointServicePermissionsRequest generates a "aws/request.Request" representing the
@@ -128011,6 +128085,111 @@ func (s *ModifyVpcEndpointServiceConfigurationOutput) SetReturn(v bool) *ModifyV
return s
}
+type ModifyVpcEndpointServicePayerResponsibilityInput struct {
+ _ struct{} `type:"structure"`
+
+ // Checks whether you have the required permissions for the action, without
+ // actually making the request, and provides an error response. If you have
+ // the required permissions, the error response is DryRunOperation. Otherwise,
+ // it is UnauthorizedOperation.
+ DryRun *bool `type:"boolean"`
+
+ // The entity that is responsible for the endpoint costs. The default is the
+ // endpoint owner. If you set the payer responsibility to the service owner,
+ // you cannot set it back to the endpoint owner.
+ //
+ // PayerResponsibility is a required field
+ PayerResponsibility *string `type:"string" required:"true" enum:"PayerResponsibility"`
+
+ // The ID of the service.
+ //
+ // ServiceId is a required field
+ ServiceId *string `type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ModifyVpcEndpointServicePayerResponsibilityInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ModifyVpcEndpointServicePayerResponsibilityInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *ModifyVpcEndpointServicePayerResponsibilityInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "ModifyVpcEndpointServicePayerResponsibilityInput"}
+ if s.PayerResponsibility == nil {
+ invalidParams.Add(request.NewErrParamRequired("PayerResponsibility"))
+ }
+ if s.ServiceId == nil {
+ invalidParams.Add(request.NewErrParamRequired("ServiceId"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetDryRun sets the DryRun field's value.
+func (s *ModifyVpcEndpointServicePayerResponsibilityInput) SetDryRun(v bool) *ModifyVpcEndpointServicePayerResponsibilityInput {
+ s.DryRun = &v
+ return s
+}
+
+// SetPayerResponsibility sets the PayerResponsibility field's value.
+func (s *ModifyVpcEndpointServicePayerResponsibilityInput) SetPayerResponsibility(v string) *ModifyVpcEndpointServicePayerResponsibilityInput {
+ s.PayerResponsibility = &v
+ return s
+}
+
+// SetServiceId sets the ServiceId field's value.
+func (s *ModifyVpcEndpointServicePayerResponsibilityInput) SetServiceId(v string) *ModifyVpcEndpointServicePayerResponsibilityInput {
+ s.ServiceId = &v
+ return s
+}
+
+type ModifyVpcEndpointServicePayerResponsibilityOutput struct {
+ _ struct{} `type:"structure"`
+
+ // Returns true if the request succeeds; otherwise, it returns an error.
+ ReturnValue *bool `locationName:"return" type:"boolean"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ModifyVpcEndpointServicePayerResponsibilityOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ModifyVpcEndpointServicePayerResponsibilityOutput) GoString() string {
+ return s.String()
+}
+
+// SetReturnValue sets the ReturnValue field's value.
+func (s *ModifyVpcEndpointServicePayerResponsibilityOutput) SetReturnValue(v bool) *ModifyVpcEndpointServicePayerResponsibilityOutput {
+ s.ReturnValue = &v
+ return s
+}
+
type ModifyVpcEndpointServicePermissionsInput struct {
_ struct{} `type:"structure"`
@@ -145208,6 +145387,9 @@ type ServiceConfiguration struct {
// The Amazon Resource Names (ARNs) of the Network Load Balancers for the service.
NetworkLoadBalancerArns []*string `locationName:"networkLoadBalancerArnSet" locationNameList:"item" type:"list"`
+ // The payer responsibility.
+ PayerResponsibility *string `locationName:"payerResponsibility" type:"string" enum:"PayerResponsibility"`
+
// The private DNS name for the service.
PrivateDnsName *string `locationName:"privateDnsName" type:"string"`
@@ -145284,6 +145466,12 @@ func (s *ServiceConfiguration) SetNetworkLoadBalancerArns(v []*string) *ServiceC
return s
}
+// SetPayerResponsibility sets the PayerResponsibility field's value.
+func (s *ServiceConfiguration) SetPayerResponsibility(v string) *ServiceConfiguration {
+ s.PayerResponsibility = &v
+ return s
+}
+
// SetPrivateDnsName sets the PrivateDnsName field's value.
func (s *ServiceConfiguration) SetPrivateDnsName(v string) *ServiceConfiguration {
s.PrivateDnsName = &v
@@ -145347,6 +145535,9 @@ type ServiceDetail struct {
// The Amazon Web Services account ID of the service owner.
Owner *string `locationName:"owner" type:"string"`
+ // The payer responsibility.
+ PayerResponsibility *string `locationName:"payerResponsibility" type:"string" enum:"PayerResponsibility"`
+
// The private DNS name for the service.
PrivateDnsName *string `locationName:"privateDnsName" type:"string"`
@@ -145423,6 +145614,12 @@ func (s *ServiceDetail) SetOwner(v string) *ServiceDetail {
return s
}
+// SetPayerResponsibility sets the PayerResponsibility field's value.
+func (s *ServiceDetail) SetPayerResponsibility(v string) *ServiceDetail {
+ s.PayerResponsibility = &v
+ return s
+}
+
// SetPrivateDnsName sets the PrivateDnsName field's value.
func (s *ServiceDetail) SetPrivateDnsName(v string) *ServiceDetail {
s.PrivateDnsName = &v
@@ -163084,6 +163281,18 @@ func PartitionLoadFrequency_Values() []string {
}
}
+const (
+ // PayerResponsibilityServiceOwner is a PayerResponsibility enum value
+ PayerResponsibilityServiceOwner = "ServiceOwner"
+)
+
+// PayerResponsibility_Values returns all elements of the PayerResponsibility enum
+func PayerResponsibility_Values() []string {
+ return []string{
+ PayerResponsibilityServiceOwner,
+ }
+}
+
const (
// PaymentOptionAllUpfront is a PaymentOption enum value
PaymentOptionAllUpfront = "AllUpfront"
diff --git a/service/ec2/ec2iface/interface.go b/service/ec2/ec2iface/interface.go
index 6b471a7c34d..fae90587b1c 100644
--- a/service/ec2/ec2iface/interface.go
+++ b/service/ec2/ec2iface/interface.go
@@ -2178,6 +2178,10 @@ type EC2API interface {
ModifyVpcEndpointServiceConfigurationWithContext(aws.Context, *ec2.ModifyVpcEndpointServiceConfigurationInput, ...request.Option) (*ec2.ModifyVpcEndpointServiceConfigurationOutput, error)
ModifyVpcEndpointServiceConfigurationRequest(*ec2.ModifyVpcEndpointServiceConfigurationInput) (*request.Request, *ec2.ModifyVpcEndpointServiceConfigurationOutput)
+ ModifyVpcEndpointServicePayerResponsibility(*ec2.ModifyVpcEndpointServicePayerResponsibilityInput) (*ec2.ModifyVpcEndpointServicePayerResponsibilityOutput, error)
+ ModifyVpcEndpointServicePayerResponsibilityWithContext(aws.Context, *ec2.ModifyVpcEndpointServicePayerResponsibilityInput, ...request.Option) (*ec2.ModifyVpcEndpointServicePayerResponsibilityOutput, error)
+ ModifyVpcEndpointServicePayerResponsibilityRequest(*ec2.ModifyVpcEndpointServicePayerResponsibilityInput) (*request.Request, *ec2.ModifyVpcEndpointServicePayerResponsibilityOutput)
+
ModifyVpcEndpointServicePermissions(*ec2.ModifyVpcEndpointServicePermissionsInput) (*ec2.ModifyVpcEndpointServicePermissionsOutput, error)
ModifyVpcEndpointServicePermissionsWithContext(aws.Context, *ec2.ModifyVpcEndpointServicePermissionsInput, ...request.Option) (*ec2.ModifyVpcEndpointServicePermissionsOutput, error)
ModifyVpcEndpointServicePermissionsRequest(*ec2.ModifyVpcEndpointServicePermissionsInput) (*request.Request, *ec2.ModifyVpcEndpointServicePermissionsOutput)
diff --git a/service/ecs/api.go b/service/ecs/api.go
index 7e5daebaab1..3d70282afd1 100644
--- a/service/ecs/api.go
+++ b/service/ecs/api.go
@@ -4222,7 +4222,7 @@ func (c *ECS) RunTaskRequest(input *RunTaskInput) (req *request.Request, output
// manually on specific container instances.
//
// The Amazon ECS API follows an eventual consistency model. This is because
-// the distributed nature of the system supporting the API. This means that
+// of the distributed nature of the system supporting the API. This means that
// the result of an API command you run that affects your Amazon ECS resources
// might not be immediately visible to all subsequent commands you run. Keep
// this in mind when you carry out an API command that immediately follows a
@@ -6048,7 +6048,7 @@ type Attachment struct {
Id *string `locationName:"id" type:"string"`
// The status of the attachment. Valid values are PRECREATED, CREATED, ATTACHING,
- // ATTACHED, DETACHING, DETACHED, and DELETED.
+ // ATTACHED, DETACHING, DETACHED, DELETED, and FAILED.
Status *string `locationName:"status" type:"string"`
// The type of the attachment, such as ElasticNetworkInterface.
@@ -6322,7 +6322,7 @@ type AutoScalingGroupProvider struct {
// The managed termination protection setting to use for the Auto Scaling group
// capacity provider. This determines whether the Auto Scaling group has managed
- // termination protection.
+ // termination protection. The default is disabled.
//
// When using managed termination protection, managed scaling must also be used
// otherwise managed termination protection doesn't work.
@@ -22937,7 +22937,7 @@ type UpdateContainerInstancesStateInput struct {
// cluster is assumed.
Cluster *string `locationName:"cluster" type:"string"`
- // A list of container instance IDs or full ARN entries.
+ // A list of up to 10 container instance IDs or full ARN entries.
//
// ContainerInstances is a required field
ContainerInstances []*string `locationName:"containerInstances" type:"list" required:"true"`
diff --git a/service/eks/api.go b/service/eks/api.go
index 9faccc44bfd..f5f13d3ba05 100644
--- a/service/eks/api.go
+++ b/service/eks/api.go
@@ -7877,11 +7877,28 @@ func (s *Issue) SetResourceIds(v []*string) *Issue {
type KubernetesNetworkConfigRequest struct {
_ struct{} `type:"structure"`
- // The CIDR block to assign Kubernetes service IP addresses from. If you don't
- // specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16
- // or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that
- // does not overlap with resources in other networks that are peered or connected
- // to your VPC. The block must meet the following requirements:
+ // Specify which IP version is used to assign Kubernetes Pod and Service IP
+ // addresses. If you don't specify a value, ipv4 is used by default. You can
+ // only specify an IP family when you create a cluster and can't change this
+ // value once the cluster is created. If you specify ipv6, the VPC and subnets
+ // that you specify for cluster creation must have both IPv4 and IPv6 CIDR blocks
+ // assigned to them.
+ //
+ // You can only specify ipv6 for 1.21 and later clusters that use version 1.10.0
+ // or later of the Amazon VPC CNI add-on. If you specify ipv6, then ensure that
+ // your VPC meets the requirements and that you're familiar with the considerations
+ // listed in Assigning IPv6 addresses to Pods and Services (https://docs.aws.amazon.com/eks/latest/userguide/cni-ipv6.html)
+ // in the Amazon EKS User Guide. If you specify ipv6, Kubernetes assigns Service
+ // and Pod addresses from the unique local address range (fc00::/7). You can't
+ // specify a custom IPv6 CIDR block.
+ IpFamily *string `locationName:"ipFamily" type:"string" enum:"IpFamily"`
+
+ // Don't specify a value if you select ipv6 for ipFamily. The CIDR block to
+ // assign Kubernetes service IP addresses from. If you don't specify a block,
+ // Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16
+ // CIDR blocks. We recommend that you specify a block that does not overlap
+ // with resources in other networks that are peered or connected to your VPC.
+ // The block must meet the following requirements:
//
// * Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0/12,
// or 192.168.0.0/16.
@@ -7914,22 +7931,43 @@ func (s KubernetesNetworkConfigRequest) GoString() string {
return s.String()
}
+// SetIpFamily sets the IpFamily field's value.
+func (s *KubernetesNetworkConfigRequest) SetIpFamily(v string) *KubernetesNetworkConfigRequest {
+ s.IpFamily = &v
+ return s
+}
+
// SetServiceIpv4Cidr sets the ServiceIpv4Cidr field's value.
func (s *KubernetesNetworkConfigRequest) SetServiceIpv4Cidr(v string) *KubernetesNetworkConfigRequest {
s.ServiceIpv4Cidr = &v
return s
}
-// The Kubernetes network configuration for the cluster.
+// The Kubernetes network configuration for the cluster. The response contains
+// a value for serviceIpv6Cidr or serviceIpv4Cidr, but not both.
type KubernetesNetworkConfigResponse struct {
_ struct{} `type:"structure"`
- // The CIDR block that Kubernetes service IP addresses are assigned from. If
- // you didn't specify a CIDR block when you created the cluster, then Kubernetes
- // assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks.
- // If this was specified, then it was specified when the cluster was created
- // and it cannot be changed.
+ // The IP family used to assign Kubernetes Pod and Service IP addresses. The
+ // IP family is always ipv4, unless you have a 1.21 or later cluster running
+ // version 1.10.0 or later of the Amazon VPC CNI add-on and specified ipv6 when
+ // you created the cluster.
+ IpFamily *string `locationName:"ipFamily" type:"string" enum:"IpFamily"`
+
+ // The CIDR block that Kubernetes Pod and Service IP addresses are assigned
+ // from. Kubernetes assigns addresses from an IPv4 CIDR block assigned to a
+ // subnet that the node is in. If you didn't specify a CIDR block when you created
+ // the cluster, then Kubernetes assigns addresses from either the 10.100.0.0/16
+ // or 172.20.0.0/16 CIDR blocks. If this was specified, then it was specified
+ // when the cluster was created and it can't be changed.
ServiceIpv4Cidr *string `locationName:"serviceIpv4Cidr" type:"string"`
+
+ // The CIDR block that Kubernetes Pod and Service IP addresses are assigned
+ // from if you created a 1.21 or later cluster with version 1.10.0 or later
+ // of the Amazon VPC CNI add-on and specified ipv6 for ipFamily when you created
+ // the cluster. Kubernetes assigns addresses from the unique local address range
+ // (fc00::/7).
+ ServiceIpv6Cidr *string `locationName:"serviceIpv6Cidr" type:"string"`
}
// String returns the string representation.
@@ -7950,12 +7988,24 @@ func (s KubernetesNetworkConfigResponse) GoString() string {
return s.String()
}
+// SetIpFamily sets the IpFamily field's value.
+func (s *KubernetesNetworkConfigResponse) SetIpFamily(v string) *KubernetesNetworkConfigResponse {
+ s.IpFamily = &v
+ return s
+}
+
// SetServiceIpv4Cidr sets the ServiceIpv4Cidr field's value.
func (s *KubernetesNetworkConfigResponse) SetServiceIpv4Cidr(v string) *KubernetesNetworkConfigResponse {
s.ServiceIpv4Cidr = &v
return s
}
+// SetServiceIpv6Cidr sets the ServiceIpv6Cidr field's value.
+func (s *KubernetesNetworkConfigResponse) SetServiceIpv6Cidr(v string) *KubernetesNetworkConfigResponse {
+ s.ServiceIpv6Cidr = &v
+ return s
+}
+
// An object representing a node group launch template specification. The launch
// template cannot include SubnetId (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html),
// IamInstanceProfile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html),
@@ -12204,6 +12254,22 @@ func FargateProfileStatus_Values() []string {
}
}
+const (
+ // IpFamilyIpv4 is a IpFamily enum value
+ IpFamilyIpv4 = "ipv4"
+
+ // IpFamilyIpv6 is a IpFamily enum value
+ IpFamilyIpv6 = "ipv6"
+)
+
+// IpFamily_Values returns all elements of the IpFamily enum
+func IpFamily_Values() []string {
+ return []string{
+ IpFamilyIpv4,
+ IpFamilyIpv6,
+ }
+}
+
const (
// LogTypeApi is a LogType enum value
LogTypeApi = "api"
diff --git a/service/glue/api.go b/service/glue/api.go
index a0ff5dac76e..f62c85c1c86 100644
--- a/service/glue/api.go
+++ b/service/glue/api.go
@@ -10583,6 +10583,337 @@ func (c *Glue) GetTriggersPagesWithContext(ctx aws.Context, input *GetTriggersIn
return p.Err()
}
+const opGetUnfilteredPartitionMetadata = "GetUnfilteredPartitionMetadata"
+
+// GetUnfilteredPartitionMetadataRequest generates a "aws/request.Request" representing the
+// client's request for the GetUnfilteredPartitionMetadata operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See GetUnfilteredPartitionMetadata for more information on using the GetUnfilteredPartitionMetadata
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the GetUnfilteredPartitionMetadataRequest method.
+// req, resp := client.GetUnfilteredPartitionMetadataRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/glue-2017-03-31/GetUnfilteredPartitionMetadata
+func (c *Glue) GetUnfilteredPartitionMetadataRequest(input *GetUnfilteredPartitionMetadataInput) (req *request.Request, output *GetUnfilteredPartitionMetadataOutput) {
+ op := &request.Operation{
+ Name: opGetUnfilteredPartitionMetadata,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &GetUnfilteredPartitionMetadataInput{}
+ }
+
+ output = &GetUnfilteredPartitionMetadataOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// GetUnfilteredPartitionMetadata API operation for AWS Glue.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Glue's
+// API operation GetUnfilteredPartitionMetadata for usage and error information.
+//
+// Returned Error Types:
+// * EntityNotFoundException
+// A specified entity does not exist
+//
+// * InvalidInputException
+// The input provided was not valid.
+//
+// * InternalServiceException
+// An internal service error occurred.
+//
+// * OperationTimeoutException
+// The operation timed out.
+//
+// * EncryptionException
+// An encryption operation failed.
+//
+// * PermissionTypeMismatchException
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/glue-2017-03-31/GetUnfilteredPartitionMetadata
+func (c *Glue) GetUnfilteredPartitionMetadata(input *GetUnfilteredPartitionMetadataInput) (*GetUnfilteredPartitionMetadataOutput, error) {
+ req, out := c.GetUnfilteredPartitionMetadataRequest(input)
+ return out, req.Send()
+}
+
+// GetUnfilteredPartitionMetadataWithContext is the same as GetUnfilteredPartitionMetadata with the addition of
+// the ability to pass a context and additional request options.
+//
+// See GetUnfilteredPartitionMetadata for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *Glue) GetUnfilteredPartitionMetadataWithContext(ctx aws.Context, input *GetUnfilteredPartitionMetadataInput, opts ...request.Option) (*GetUnfilteredPartitionMetadataOutput, error) {
+ req, out := c.GetUnfilteredPartitionMetadataRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opGetUnfilteredPartitionsMetadata = "GetUnfilteredPartitionsMetadata"
+
+// GetUnfilteredPartitionsMetadataRequest generates a "aws/request.Request" representing the
+// client's request for the GetUnfilteredPartitionsMetadata operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See GetUnfilteredPartitionsMetadata for more information on using the GetUnfilteredPartitionsMetadata
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the GetUnfilteredPartitionsMetadataRequest method.
+// req, resp := client.GetUnfilteredPartitionsMetadataRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/glue-2017-03-31/GetUnfilteredPartitionsMetadata
+func (c *Glue) GetUnfilteredPartitionsMetadataRequest(input *GetUnfilteredPartitionsMetadataInput) (req *request.Request, output *GetUnfilteredPartitionsMetadataOutput) {
+ op := &request.Operation{
+ Name: opGetUnfilteredPartitionsMetadata,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"NextToken"},
+ OutputTokens: []string{"NextToken"},
+ LimitToken: "MaxResults",
+ TruncationToken: "",
+ },
+ }
+
+ if input == nil {
+ input = &GetUnfilteredPartitionsMetadataInput{}
+ }
+
+ output = &GetUnfilteredPartitionsMetadataOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// GetUnfilteredPartitionsMetadata API operation for AWS Glue.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Glue's
+// API operation GetUnfilteredPartitionsMetadata for usage and error information.
+//
+// Returned Error Types:
+// * EntityNotFoundException
+// A specified entity does not exist
+//
+// * InvalidInputException
+// The input provided was not valid.
+//
+// * InternalServiceException
+// An internal service error occurred.
+//
+// * OperationTimeoutException
+// The operation timed out.
+//
+// * EncryptionException
+// An encryption operation failed.
+//
+// * PermissionTypeMismatchException
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/glue-2017-03-31/GetUnfilteredPartitionsMetadata
+func (c *Glue) GetUnfilteredPartitionsMetadata(input *GetUnfilteredPartitionsMetadataInput) (*GetUnfilteredPartitionsMetadataOutput, error) {
+ req, out := c.GetUnfilteredPartitionsMetadataRequest(input)
+ return out, req.Send()
+}
+
+// GetUnfilteredPartitionsMetadataWithContext is the same as GetUnfilteredPartitionsMetadata with the addition of
+// the ability to pass a context and additional request options.
+//
+// See GetUnfilteredPartitionsMetadata for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *Glue) GetUnfilteredPartitionsMetadataWithContext(ctx aws.Context, input *GetUnfilteredPartitionsMetadataInput, opts ...request.Option) (*GetUnfilteredPartitionsMetadataOutput, error) {
+ req, out := c.GetUnfilteredPartitionsMetadataRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+// GetUnfilteredPartitionsMetadataPages iterates over the pages of a GetUnfilteredPartitionsMetadata operation,
+// calling the "fn" function with the response data for each page. To stop
+// iterating, return false from the fn function.
+//
+// See GetUnfilteredPartitionsMetadata method for more information on how to use this operation.
+//
+// Note: This operation can generate multiple requests to a service.
+//
+// // Example iterating over at most 3 pages of a GetUnfilteredPartitionsMetadata operation.
+// pageNum := 0
+// err := client.GetUnfilteredPartitionsMetadataPages(params,
+// func(page *glue.GetUnfilteredPartitionsMetadataOutput, lastPage bool) bool {
+// pageNum++
+// fmt.Println(page)
+// return pageNum <= 3
+// })
+//
+func (c *Glue) GetUnfilteredPartitionsMetadataPages(input *GetUnfilteredPartitionsMetadataInput, fn func(*GetUnfilteredPartitionsMetadataOutput, bool) bool) error {
+ return c.GetUnfilteredPartitionsMetadataPagesWithContext(aws.BackgroundContext(), input, fn)
+}
+
+// GetUnfilteredPartitionsMetadataPagesWithContext same as GetUnfilteredPartitionsMetadataPages except
+// it takes a Context and allows setting request options on the pages.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *Glue) GetUnfilteredPartitionsMetadataPagesWithContext(ctx aws.Context, input *GetUnfilteredPartitionsMetadataInput, fn func(*GetUnfilteredPartitionsMetadataOutput, bool) bool, opts ...request.Option) error {
+ p := request.Pagination{
+ NewRequest: func() (*request.Request, error) {
+ var inCpy *GetUnfilteredPartitionsMetadataInput
+ if input != nil {
+ tmp := *input
+ inCpy = &tmp
+ }
+ req, _ := c.GetUnfilteredPartitionsMetadataRequest(inCpy)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return req, nil
+ },
+ }
+
+ for p.Next() {
+ if !fn(p.Page().(*GetUnfilteredPartitionsMetadataOutput), !p.HasNextPage()) {
+ break
+ }
+ }
+
+ return p.Err()
+}
+
+const opGetUnfilteredTableMetadata = "GetUnfilteredTableMetadata"
+
+// GetUnfilteredTableMetadataRequest generates a "aws/request.Request" representing the
+// client's request for the GetUnfilteredTableMetadata operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See GetUnfilteredTableMetadata for more information on using the GetUnfilteredTableMetadata
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the GetUnfilteredTableMetadataRequest method.
+// req, resp := client.GetUnfilteredTableMetadataRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/glue-2017-03-31/GetUnfilteredTableMetadata
+func (c *Glue) GetUnfilteredTableMetadataRequest(input *GetUnfilteredTableMetadataInput) (req *request.Request, output *GetUnfilteredTableMetadataOutput) {
+ op := &request.Operation{
+ Name: opGetUnfilteredTableMetadata,
+ HTTPMethod: "POST",
+ HTTPPath: "/",
+ }
+
+ if input == nil {
+ input = &GetUnfilteredTableMetadataInput{}
+ }
+
+ output = &GetUnfilteredTableMetadataOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// GetUnfilteredTableMetadata API operation for AWS Glue.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Glue's
+// API operation GetUnfilteredTableMetadata for usage and error information.
+//
+// Returned Error Types:
+// * EntityNotFoundException
+// A specified entity does not exist
+//
+// * InvalidInputException
+// The input provided was not valid.
+//
+// * InternalServiceException
+// An internal service error occurred.
+//
+// * OperationTimeoutException
+// The operation timed out.
+//
+// * EncryptionException
+// An encryption operation failed.
+//
+// * PermissionTypeMismatchException
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/glue-2017-03-31/GetUnfilteredTableMetadata
+func (c *Glue) GetUnfilteredTableMetadata(input *GetUnfilteredTableMetadataInput) (*GetUnfilteredTableMetadataOutput, error) {
+ req, out := c.GetUnfilteredTableMetadataRequest(input)
+ return out, req.Send()
+}
+
+// GetUnfilteredTableMetadataWithContext is the same as GetUnfilteredTableMetadata with the addition of
+// the ability to pass a context and additional request options.
+//
+// See GetUnfilteredTableMetadata for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *Glue) GetUnfilteredTableMetadataWithContext(ctx aws.Context, input *GetUnfilteredTableMetadataInput, opts ...request.Option) (*GetUnfilteredTableMetadataOutput, error) {
+ req, out := c.GetUnfilteredTableMetadataRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
const opGetUserDefinedFunction = "GetUserDefinedFunction"
// GetUserDefinedFunctionRequest generates a "aws/request.Request" representing the
@@ -17229,6 +17560,36 @@ func (s *AlreadyExistsException) RequestID() string {
return s.RespMetadata.RequestID
}
+type AuditContext struct {
+ _ struct{} `type:"structure"`
+
+ AdditionalAuditContext *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AuditContext) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AuditContext) GoString() string {
+ return s.String()
+}
+
+// SetAdditionalAuditContext sets the AdditionalAuditContext field's value.
+func (s *AuditContext) SetAdditionalAuditContext(v string) *AuditContext {
+ s.AdditionalAuditContext = &v
+ return s
+}
+
// A list of errors that can occur when registering partition indexes for an
// existing table.
//
@@ -19729,6 +20090,11 @@ func (s *CatalogImportStatus) SetImportedBy(v string) *CatalogImportStatus {
type CatalogTarget struct {
_ struct{} `type:"structure"`
+ // The name of the connection for an Amazon S3-backed Data Catalog table to
+ // be a target of the crawl when using a Catalog connection type paired with
+ // a NETWORK Connection type.
+ ConnectionName *string `type:"string"`
+
// The name of the database to be synchronized.
//
// DatabaseName is a required field
@@ -19780,6 +20146,12 @@ func (s *CatalogTarget) Validate() error {
return nil
}
+// SetConnectionName sets the ConnectionName field's value.
+func (s *CatalogTarget) SetConnectionName(v string) *CatalogTarget {
+ s.ConnectionName = &v
+ return s
+}
+
// SetDatabaseName sets the DatabaseName field's value.
func (s *CatalogTarget) SetDatabaseName(v string) *CatalogTarget {
s.DatabaseName = &v
@@ -20409,6 +20781,44 @@ func (s *ColumnImportance) SetImportance(v float64) *ColumnImportance {
return s
}
+type ColumnRowFilter struct {
+ _ struct{} `type:"structure"`
+
+ ColumnName *string `min:"1" type:"string"`
+
+ RowFilterExpression *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ColumnRowFilter) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s ColumnRowFilter) GoString() string {
+ return s.String()
+}
+
+// SetColumnName sets the ColumnName field's value.
+func (s *ColumnRowFilter) SetColumnName(v string) *ColumnRowFilter {
+ s.ColumnName = &v
+ return s
+}
+
+// SetRowFilterExpression sets the RowFilterExpression field's value.
+func (s *ColumnRowFilter) SetRowFilterExpression(v string) *ColumnRowFilter {
+ s.RowFilterExpression = &v
+ return s
+}
+
// Represents the generated column-level statistics for a table or partition.
type ColumnStatistics struct {
_ struct{} `type:"structure"`
@@ -21659,6 +22069,8 @@ type Crawler struct {
// A description of the crawler.
Description *string `type:"string"`
+ LakeFormationConfiguration *LakeFormationConfiguration `type:"structure"`
+
// The status of the last crawl, and potentially error information if an error
// occurred.
LastCrawl *LastCrawlInfo `type:"structure"`
@@ -21759,6 +22171,12 @@ func (s *Crawler) SetDescription(v string) *Crawler {
return s
}
+// SetLakeFormationConfiguration sets the LakeFormationConfiguration field's value.
+func (s *Crawler) SetLakeFormationConfiguration(v *LakeFormationConfiguration) *Crawler {
+ s.LakeFormationConfiguration = v
+ return s
+}
+
// SetLastCrawl sets the LastCrawl field's value.
func (s *Crawler) SetLastCrawl(v *LastCrawlInfo) *Crawler {
s.LastCrawl = v
@@ -22161,6 +22579,9 @@ type CrawlerTargets struct {
// Specifies Glue Data Catalog targets.
CatalogTargets []*CatalogTarget `type:"list"`
+ // Specifies Delta data store targets.
+ DeltaTargets []*DeltaTarget `type:"list"`
+
// Specifies Amazon DynamoDB targets.
DynamoDBTargets []*DynamoDBTarget `type:"list"`
@@ -22218,6 +22639,12 @@ func (s *CrawlerTargets) SetCatalogTargets(v []*CatalogTarget) *CrawlerTargets {
return s
}
+// SetDeltaTargets sets the DeltaTargets field's value.
+func (s *CrawlerTargets) SetDeltaTargets(v []*DeltaTarget) *CrawlerTargets {
+ s.DeltaTargets = v
+ return s
+}
+
// SetDynamoDBTargets sets the DynamoDBTargets field's value.
func (s *CrawlerTargets) SetDynamoDBTargets(v []*DynamoDBTarget) *CrawlerTargets {
s.DynamoDBTargets = v
@@ -22587,6 +23014,8 @@ type CreateCrawlerInput struct {
// A description of the new crawler.
Description *string `type:"string"`
+ LakeFormationConfiguration *LakeFormationConfiguration `type:"structure"`
+
// Specifies data lineage configuration settings for the crawler.
LineageConfiguration *LineageConfiguration `type:"structure"`
@@ -22704,6 +23133,12 @@ func (s *CreateCrawlerInput) SetDescription(v string) *CreateCrawlerInput {
return s
}
+// SetLakeFormationConfiguration sets the LakeFormationConfiguration field's value.
+func (s *CreateCrawlerInput) SetLakeFormationConfiguration(v *LakeFormationConfiguration) *CreateCrawlerInput {
+ s.LakeFormationConfiguration = v
+ return s
+}
+
// SetLineageConfiguration sets the LineageConfiguration field's value.
func (s *CreateCrawlerInput) SetLineageConfiguration(v *LineageConfiguration) *CreateCrawlerInput {
s.LineageConfiguration = v
@@ -28544,6 +28979,56 @@ func (s *DeleteWorkflowOutput) SetName(v string) *DeleteWorkflowOutput {
return s
}
+// Specifies a Delta data store to crawl one or more Delta tables.
+type DeltaTarget struct {
+ _ struct{} `type:"structure"`
+
+ // The name of the connection to use to connect to the Delta table target.
+ ConnectionName *string `type:"string"`
+
+ // A list of the Amazon S3 paths to the Delta tables.
+ DeltaTables []*string `type:"list"`
+
+ // Specifies whether to write the manifest files to the Delta table path.
+ WriteManifest *bool `type:"boolean"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DeltaTarget) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s DeltaTarget) GoString() string {
+ return s.String()
+}
+
+// SetConnectionName sets the ConnectionName field's value.
+func (s *DeltaTarget) SetConnectionName(v string) *DeltaTarget {
+ s.ConnectionName = &v
+ return s
+}
+
+// SetDeltaTables sets the DeltaTables field's value.
+func (s *DeltaTarget) SetDeltaTables(v []*string) *DeltaTarget {
+ s.DeltaTables = v
+ return s
+}
+
+// SetWriteManifest sets the WriteManifest field's value.
+func (s *DeltaTarget) SetWriteManifest(v bool) *DeltaTarget {
+ s.WriteManifest = &v
+ return s
+}
+
// A development endpoint where a developer can remotely debug extract, transform,
// and load (ETL) scripts.
type DevEndpoint struct {
@@ -35740,6 +36225,500 @@ func (s *GetTriggersOutput) SetTriggers(v []*Trigger) *GetTriggersOutput {
return s
}
+type GetUnfilteredPartitionMetadataInput struct {
+ _ struct{} `type:"structure"`
+
+ AuditContext *AuditContext `type:"structure"`
+
+ // CatalogId is a required field
+ CatalogId *string `min:"1" type:"string" required:"true"`
+
+ // DatabaseName is a required field
+ DatabaseName *string `min:"1" type:"string" required:"true"`
+
+ // PartitionValues is a required field
+ PartitionValues []*string `type:"list" required:"true"`
+
+ // SupportedPermissionTypes is a required field
+ SupportedPermissionTypes []*string `min:"1" type:"list" required:"true"`
+
+ // TableName is a required field
+ TableName *string `min:"1" type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredPartitionMetadataInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredPartitionMetadataInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *GetUnfilteredPartitionMetadataInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "GetUnfilteredPartitionMetadataInput"}
+ if s.CatalogId == nil {
+ invalidParams.Add(request.NewErrParamRequired("CatalogId"))
+ }
+ if s.CatalogId != nil && len(*s.CatalogId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("CatalogId", 1))
+ }
+ if s.DatabaseName == nil {
+ invalidParams.Add(request.NewErrParamRequired("DatabaseName"))
+ }
+ if s.DatabaseName != nil && len(*s.DatabaseName) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("DatabaseName", 1))
+ }
+ if s.PartitionValues == nil {
+ invalidParams.Add(request.NewErrParamRequired("PartitionValues"))
+ }
+ if s.SupportedPermissionTypes == nil {
+ invalidParams.Add(request.NewErrParamRequired("SupportedPermissionTypes"))
+ }
+ if s.SupportedPermissionTypes != nil && len(s.SupportedPermissionTypes) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("SupportedPermissionTypes", 1))
+ }
+ if s.TableName == nil {
+ invalidParams.Add(request.NewErrParamRequired("TableName"))
+ }
+ if s.TableName != nil && len(*s.TableName) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("TableName", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAuditContext sets the AuditContext field's value.
+func (s *GetUnfilteredPartitionMetadataInput) SetAuditContext(v *AuditContext) *GetUnfilteredPartitionMetadataInput {
+ s.AuditContext = v
+ return s
+}
+
+// SetCatalogId sets the CatalogId field's value.
+func (s *GetUnfilteredPartitionMetadataInput) SetCatalogId(v string) *GetUnfilteredPartitionMetadataInput {
+ s.CatalogId = &v
+ return s
+}
+
+// SetDatabaseName sets the DatabaseName field's value.
+func (s *GetUnfilteredPartitionMetadataInput) SetDatabaseName(v string) *GetUnfilteredPartitionMetadataInput {
+ s.DatabaseName = &v
+ return s
+}
+
+// SetPartitionValues sets the PartitionValues field's value.
+func (s *GetUnfilteredPartitionMetadataInput) SetPartitionValues(v []*string) *GetUnfilteredPartitionMetadataInput {
+ s.PartitionValues = v
+ return s
+}
+
+// SetSupportedPermissionTypes sets the SupportedPermissionTypes field's value.
+func (s *GetUnfilteredPartitionMetadataInput) SetSupportedPermissionTypes(v []*string) *GetUnfilteredPartitionMetadataInput {
+ s.SupportedPermissionTypes = v
+ return s
+}
+
+// SetTableName sets the TableName field's value.
+func (s *GetUnfilteredPartitionMetadataInput) SetTableName(v string) *GetUnfilteredPartitionMetadataInput {
+ s.TableName = &v
+ return s
+}
+
+type GetUnfilteredPartitionMetadataOutput struct {
+ _ struct{} `type:"structure"`
+
+ AuthorizedColumns []*string `type:"list"`
+
+ IsRegisteredWithLakeFormation *bool `type:"boolean"`
+
+ // Represents a slice of table data.
+ Partition *Partition `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredPartitionMetadataOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredPartitionMetadataOutput) GoString() string {
+ return s.String()
+}
+
+// SetAuthorizedColumns sets the AuthorizedColumns field's value.
+func (s *GetUnfilteredPartitionMetadataOutput) SetAuthorizedColumns(v []*string) *GetUnfilteredPartitionMetadataOutput {
+ s.AuthorizedColumns = v
+ return s
+}
+
+// SetIsRegisteredWithLakeFormation sets the IsRegisteredWithLakeFormation field's value.
+func (s *GetUnfilteredPartitionMetadataOutput) SetIsRegisteredWithLakeFormation(v bool) *GetUnfilteredPartitionMetadataOutput {
+ s.IsRegisteredWithLakeFormation = &v
+ return s
+}
+
+// SetPartition sets the Partition field's value.
+func (s *GetUnfilteredPartitionMetadataOutput) SetPartition(v *Partition) *GetUnfilteredPartitionMetadataOutput {
+ s.Partition = v
+ return s
+}
+
+type GetUnfilteredPartitionsMetadataInput struct {
+ _ struct{} `type:"structure"`
+
+ AuditContext *AuditContext `type:"structure"`
+
+ // CatalogId is a required field
+ CatalogId *string `min:"1" type:"string" required:"true"`
+
+ // DatabaseName is a required field
+ DatabaseName *string `min:"1" type:"string" required:"true"`
+
+ Expression *string `type:"string"`
+
+ MaxResults *int64 `min:"1" type:"integer"`
+
+ NextToken *string `type:"string"`
+
+ // Defines a non-overlapping region of a table's partitions, allowing multiple
+ // requests to be run in parallel.
+ Segment *Segment `type:"structure"`
+
+ // SupportedPermissionTypes is a required field
+ SupportedPermissionTypes []*string `min:"1" type:"list" required:"true"`
+
+ // TableName is a required field
+ TableName *string `min:"1" type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredPartitionsMetadataInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredPartitionsMetadataInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *GetUnfilteredPartitionsMetadataInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "GetUnfilteredPartitionsMetadataInput"}
+ if s.CatalogId == nil {
+ invalidParams.Add(request.NewErrParamRequired("CatalogId"))
+ }
+ if s.CatalogId != nil && len(*s.CatalogId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("CatalogId", 1))
+ }
+ if s.DatabaseName == nil {
+ invalidParams.Add(request.NewErrParamRequired("DatabaseName"))
+ }
+ if s.DatabaseName != nil && len(*s.DatabaseName) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("DatabaseName", 1))
+ }
+ if s.MaxResults != nil && *s.MaxResults < 1 {
+ invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
+ }
+ if s.SupportedPermissionTypes == nil {
+ invalidParams.Add(request.NewErrParamRequired("SupportedPermissionTypes"))
+ }
+ if s.SupportedPermissionTypes != nil && len(s.SupportedPermissionTypes) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("SupportedPermissionTypes", 1))
+ }
+ if s.TableName == nil {
+ invalidParams.Add(request.NewErrParamRequired("TableName"))
+ }
+ if s.TableName != nil && len(*s.TableName) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("TableName", 1))
+ }
+ if s.Segment != nil {
+ if err := s.Segment.Validate(); err != nil {
+ invalidParams.AddNested("Segment", err.(request.ErrInvalidParams))
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAuditContext sets the AuditContext field's value.
+func (s *GetUnfilteredPartitionsMetadataInput) SetAuditContext(v *AuditContext) *GetUnfilteredPartitionsMetadataInput {
+ s.AuditContext = v
+ return s
+}
+
+// SetCatalogId sets the CatalogId field's value.
+func (s *GetUnfilteredPartitionsMetadataInput) SetCatalogId(v string) *GetUnfilteredPartitionsMetadataInput {
+ s.CatalogId = &v
+ return s
+}
+
+// SetDatabaseName sets the DatabaseName field's value.
+func (s *GetUnfilteredPartitionsMetadataInput) SetDatabaseName(v string) *GetUnfilteredPartitionsMetadataInput {
+ s.DatabaseName = &v
+ return s
+}
+
+// SetExpression sets the Expression field's value.
+func (s *GetUnfilteredPartitionsMetadataInput) SetExpression(v string) *GetUnfilteredPartitionsMetadataInput {
+ s.Expression = &v
+ return s
+}
+
+// SetMaxResults sets the MaxResults field's value.
+func (s *GetUnfilteredPartitionsMetadataInput) SetMaxResults(v int64) *GetUnfilteredPartitionsMetadataInput {
+ s.MaxResults = &v
+ return s
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *GetUnfilteredPartitionsMetadataInput) SetNextToken(v string) *GetUnfilteredPartitionsMetadataInput {
+ s.NextToken = &v
+ return s
+}
+
+// SetSegment sets the Segment field's value.
+func (s *GetUnfilteredPartitionsMetadataInput) SetSegment(v *Segment) *GetUnfilteredPartitionsMetadataInput {
+ s.Segment = v
+ return s
+}
+
+// SetSupportedPermissionTypes sets the SupportedPermissionTypes field's value.
+func (s *GetUnfilteredPartitionsMetadataInput) SetSupportedPermissionTypes(v []*string) *GetUnfilteredPartitionsMetadataInput {
+ s.SupportedPermissionTypes = v
+ return s
+}
+
+// SetTableName sets the TableName field's value.
+func (s *GetUnfilteredPartitionsMetadataInput) SetTableName(v string) *GetUnfilteredPartitionsMetadataInput {
+ s.TableName = &v
+ return s
+}
+
+type GetUnfilteredPartitionsMetadataOutput struct {
+ _ struct{} `type:"structure"`
+
+ NextToken *string `type:"string"`
+
+ UnfilteredPartitions []*UnfilteredPartition `type:"list"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredPartitionsMetadataOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredPartitionsMetadataOutput) GoString() string {
+ return s.String()
+}
+
+// SetNextToken sets the NextToken field's value.
+func (s *GetUnfilteredPartitionsMetadataOutput) SetNextToken(v string) *GetUnfilteredPartitionsMetadataOutput {
+ s.NextToken = &v
+ return s
+}
+
+// SetUnfilteredPartitions sets the UnfilteredPartitions field's value.
+func (s *GetUnfilteredPartitionsMetadataOutput) SetUnfilteredPartitions(v []*UnfilteredPartition) *GetUnfilteredPartitionsMetadataOutput {
+ s.UnfilteredPartitions = v
+ return s
+}
+
+type GetUnfilteredTableMetadataInput struct {
+ _ struct{} `type:"structure"`
+
+ AuditContext *AuditContext `type:"structure"`
+
+ // CatalogId is a required field
+ CatalogId *string `min:"1" type:"string" required:"true"`
+
+ // DatabaseName is a required field
+ DatabaseName *string `min:"1" type:"string" required:"true"`
+
+ // Name is a required field
+ Name *string `min:"1" type:"string" required:"true"`
+
+ // SupportedPermissionTypes is a required field
+ SupportedPermissionTypes []*string `min:"1" type:"list" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredTableMetadataInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredTableMetadataInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *GetUnfilteredTableMetadataInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "GetUnfilteredTableMetadataInput"}
+ if s.CatalogId == nil {
+ invalidParams.Add(request.NewErrParamRequired("CatalogId"))
+ }
+ if s.CatalogId != nil && len(*s.CatalogId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("CatalogId", 1))
+ }
+ if s.DatabaseName == nil {
+ invalidParams.Add(request.NewErrParamRequired("DatabaseName"))
+ }
+ if s.DatabaseName != nil && len(*s.DatabaseName) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("DatabaseName", 1))
+ }
+ if s.Name == nil {
+ invalidParams.Add(request.NewErrParamRequired("Name"))
+ }
+ if s.Name != nil && len(*s.Name) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Name", 1))
+ }
+ if s.SupportedPermissionTypes == nil {
+ invalidParams.Add(request.NewErrParamRequired("SupportedPermissionTypes"))
+ }
+ if s.SupportedPermissionTypes != nil && len(s.SupportedPermissionTypes) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("SupportedPermissionTypes", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAuditContext sets the AuditContext field's value.
+func (s *GetUnfilteredTableMetadataInput) SetAuditContext(v *AuditContext) *GetUnfilteredTableMetadataInput {
+ s.AuditContext = v
+ return s
+}
+
+// SetCatalogId sets the CatalogId field's value.
+func (s *GetUnfilteredTableMetadataInput) SetCatalogId(v string) *GetUnfilteredTableMetadataInput {
+ s.CatalogId = &v
+ return s
+}
+
+// SetDatabaseName sets the DatabaseName field's value.
+func (s *GetUnfilteredTableMetadataInput) SetDatabaseName(v string) *GetUnfilteredTableMetadataInput {
+ s.DatabaseName = &v
+ return s
+}
+
+// SetName sets the Name field's value.
+func (s *GetUnfilteredTableMetadataInput) SetName(v string) *GetUnfilteredTableMetadataInput {
+ s.Name = &v
+ return s
+}
+
+// SetSupportedPermissionTypes sets the SupportedPermissionTypes field's value.
+func (s *GetUnfilteredTableMetadataInput) SetSupportedPermissionTypes(v []*string) *GetUnfilteredTableMetadataInput {
+ s.SupportedPermissionTypes = v
+ return s
+}
+
+type GetUnfilteredTableMetadataOutput struct {
+ _ struct{} `type:"structure"`
+
+ AuthorizedColumns []*string `type:"list"`
+
+ CellFilters []*ColumnRowFilter `type:"list"`
+
+ IsRegisteredWithLakeFormation *bool `type:"boolean"`
+
+ // Represents a collection of related data organized in columns and rows.
+ Table *TableData `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredTableMetadataOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetUnfilteredTableMetadataOutput) GoString() string {
+ return s.String()
+}
+
+// SetAuthorizedColumns sets the AuthorizedColumns field's value.
+func (s *GetUnfilteredTableMetadataOutput) SetAuthorizedColumns(v []*string) *GetUnfilteredTableMetadataOutput {
+ s.AuthorizedColumns = v
+ return s
+}
+
+// SetCellFilters sets the CellFilters field's value.
+func (s *GetUnfilteredTableMetadataOutput) SetCellFilters(v []*ColumnRowFilter) *GetUnfilteredTableMetadataOutput {
+ s.CellFilters = v
+ return s
+}
+
+// SetIsRegisteredWithLakeFormation sets the IsRegisteredWithLakeFormation field's value.
+func (s *GetUnfilteredTableMetadataOutput) SetIsRegisteredWithLakeFormation(v bool) *GetUnfilteredTableMetadataOutput {
+ s.IsRegisteredWithLakeFormation = &v
+ return s
+}
+
+// SetTable sets the Table field's value.
+func (s *GetUnfilteredTableMetadataOutput) SetTable(v *TableData) *GetUnfilteredTableMetadataOutput {
+ s.Table = v
+ return s
+}
+
type GetUserDefinedFunctionInput struct {
_ struct{} `type:"structure"`
@@ -38290,6 +39269,44 @@ func (s *LabelingSetGenerationTaskRunProperties) SetOutputS3Path(v string) *Labe
return s
}
+type LakeFormationConfiguration struct {
+ _ struct{} `type:"structure"`
+
+ AccountId *string `type:"string"`
+
+ UseLakeFormationCredentials *bool `type:"boolean"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s LakeFormationConfiguration) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s LakeFormationConfiguration) GoString() string {
+ return s.String()
+}
+
+// SetAccountId sets the AccountId field's value.
+func (s *LakeFormationConfiguration) SetAccountId(v string) *LakeFormationConfiguration {
+ s.AccountId = &v
+ return s
+}
+
+// SetUseLakeFormationCredentials sets the UseLakeFormationCredentials field's value.
+func (s *LakeFormationConfiguration) SetUseLakeFormationCredentials(v bool) *LakeFormationConfiguration {
+ s.UseLakeFormationCredentials = &v
+ return s
+}
+
// When there are multiple versions of a blueprint and the latest version has
// some errors, this attribute indicates the last successful blueprint definition
// that is available with the service.
@@ -41152,6 +42169,69 @@ func (s *PartitionValueList) SetValues(v []*string) *PartitionValueList {
return s
}
+type PermissionTypeMismatchException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ Message_ *string `locationName:"Message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PermissionTypeMismatchException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PermissionTypeMismatchException) GoString() string {
+ return s.String()
+}
+
+func newErrorPermissionTypeMismatchException(v protocol.ResponseMetadata) error {
+ return &PermissionTypeMismatchException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *PermissionTypeMismatchException) Code() string {
+ return "PermissionTypeMismatchException"
+}
+
+// Message returns the exception's message.
+func (s *PermissionTypeMismatchException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *PermissionTypeMismatchException) OrigErr() error {
+ return nil
+}
+
+func (s *PermissionTypeMismatchException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *PermissionTypeMismatchException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *PermissionTypeMismatchException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
// Specifies the physical requirements for a connection.
type PhysicalConnectionRequirements struct {
_ struct{} `type:"structure"`
@@ -45643,6 +46723,8 @@ func (s StopWorkflowRunOutput) GoString() string {
type StorageDescriptor struct {
_ struct{} `type:"structure"`
+ AdditionalLocations []*string `type:"list"`
+
// A list of reducer grouping columns, clustering columns, and bucketing columns
// in the table.
BucketColumns []*string `type:"list"`
@@ -45749,6 +46831,12 @@ func (s *StorageDescriptor) Validate() error {
return nil
}
+// SetAdditionalLocations sets the AdditionalLocations field's value.
+func (s *StorageDescriptor) SetAdditionalLocations(v []*string) *StorageDescriptor {
+ s.AdditionalLocations = v
+ return s
+}
+
// SetBucketColumns sets the BucketColumns field's value.
func (s *StorageDescriptor) SetBucketColumns(v []*string) *StorageDescriptor {
s.BucketColumns = v
@@ -47596,6 +48684,53 @@ func (s *TriggerUpdate) SetSchedule(v string) *TriggerUpdate {
return s
}
+type UnfilteredPartition struct {
+ _ struct{} `type:"structure"`
+
+ AuthorizedColumns []*string `type:"list"`
+
+ IsRegisteredWithLakeFormation *bool `type:"boolean"`
+
+ // Represents a slice of table data.
+ Partition *Partition `type:"structure"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s UnfilteredPartition) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s UnfilteredPartition) GoString() string {
+ return s.String()
+}
+
+// SetAuthorizedColumns sets the AuthorizedColumns field's value.
+func (s *UnfilteredPartition) SetAuthorizedColumns(v []*string) *UnfilteredPartition {
+ s.AuthorizedColumns = v
+ return s
+}
+
+// SetIsRegisteredWithLakeFormation sets the IsRegisteredWithLakeFormation field's value.
+func (s *UnfilteredPartition) SetIsRegisteredWithLakeFormation(v bool) *UnfilteredPartition {
+ s.IsRegisteredWithLakeFormation = &v
+ return s
+}
+
+// SetPartition sets the Partition field's value.
+func (s *UnfilteredPartition) SetPartition(v *Partition) *UnfilteredPartition {
+ s.Partition = v
+ return s
+}
+
type UntagResourceInput struct {
_ struct{} `type:"structure"`
@@ -48307,6 +49442,8 @@ type UpdateCrawlerInput struct {
// A description of the new crawler.
Description *string `type:"string"`
+ LakeFormationConfiguration *LakeFormationConfiguration `type:"structure"`
+
// Specifies data lineage configuration settings for the crawler.
LineageConfiguration *LineageConfiguration `type:"structure"`
@@ -48408,6 +49545,12 @@ func (s *UpdateCrawlerInput) SetDescription(v string) *UpdateCrawlerInput {
return s
}
+// SetLakeFormationConfiguration sets the LakeFormationConfiguration field's value.
+func (s *UpdateCrawlerInput) SetLakeFormationConfiguration(v *LakeFormationConfiguration) *UpdateCrawlerInput {
+ s.LakeFormationConfiguration = v
+ return s
+}
+
// SetLineageConfiguration sets the LineageConfiguration field's value.
func (s *UpdateCrawlerInput) SetLineageConfiguration(v *LineageConfiguration) *UpdateCrawlerInput {
s.LineageConfiguration = v
@@ -51801,6 +52944,22 @@ func Permission_Values() []string {
}
}
+const (
+ // PermissionTypeColumnPermission is a PermissionType enum value
+ PermissionTypeColumnPermission = "COLUMN_PERMISSION"
+
+ // PermissionTypeCellFilterPermission is a PermissionType enum value
+ PermissionTypeCellFilterPermission = "CELL_FILTER_PERMISSION"
+)
+
+// PermissionType_Values returns all elements of the PermissionType enum
+func PermissionType_Values() []string {
+ return []string{
+ PermissionTypeColumnPermission,
+ PermissionTypeCellFilterPermission,
+ }
+}
+
const (
// PrincipalTypeUser is a PrincipalType enum value
PrincipalTypeUser = "USER"
diff --git a/service/glue/errors.go b/service/glue/errors.go
index 16078defcd7..5a687354a1d 100644
--- a/service/glue/errors.go
+++ b/service/glue/errors.go
@@ -126,6 +126,10 @@ const (
// The operation timed out.
ErrCodeOperationTimeoutException = "OperationTimeoutException"
+ // ErrCodePermissionTypeMismatchException for service response error code
+ // "PermissionTypeMismatchException".
+ ErrCodePermissionTypeMismatchException = "PermissionTypeMismatchException"
+
// ErrCodeResourceNotReadyException for service response error code
// "ResourceNotReadyException".
//
@@ -190,6 +194,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
"MLTransformNotReadyException": newErrorMLTransformNotReadyException,
"NoScheduleException": newErrorNoScheduleException,
"OperationTimeoutException": newErrorOperationTimeoutException,
+ "PermissionTypeMismatchException": newErrorPermissionTypeMismatchException,
"ResourceNotReadyException": newErrorResourceNotReadyException,
"ResourceNumberLimitExceededException": newErrorResourceNumberLimitExceededException,
"SchedulerNotRunningException": newErrorSchedulerNotRunningException,
diff --git a/service/glue/glueiface/interface.go b/service/glue/glueiface/interface.go
index 1b80d2f67f5..0cf7f3f670b 100644
--- a/service/glue/glueiface/interface.go
+++ b/service/glue/glueiface/interface.go
@@ -534,6 +534,21 @@ type GlueAPI interface {
GetTriggersPages(*glue.GetTriggersInput, func(*glue.GetTriggersOutput, bool) bool) error
GetTriggersPagesWithContext(aws.Context, *glue.GetTriggersInput, func(*glue.GetTriggersOutput, bool) bool, ...request.Option) error
+ GetUnfilteredPartitionMetadata(*glue.GetUnfilteredPartitionMetadataInput) (*glue.GetUnfilteredPartitionMetadataOutput, error)
+ GetUnfilteredPartitionMetadataWithContext(aws.Context, *glue.GetUnfilteredPartitionMetadataInput, ...request.Option) (*glue.GetUnfilteredPartitionMetadataOutput, error)
+ GetUnfilteredPartitionMetadataRequest(*glue.GetUnfilteredPartitionMetadataInput) (*request.Request, *glue.GetUnfilteredPartitionMetadataOutput)
+
+ GetUnfilteredPartitionsMetadata(*glue.GetUnfilteredPartitionsMetadataInput) (*glue.GetUnfilteredPartitionsMetadataOutput, error)
+ GetUnfilteredPartitionsMetadataWithContext(aws.Context, *glue.GetUnfilteredPartitionsMetadataInput, ...request.Option) (*glue.GetUnfilteredPartitionsMetadataOutput, error)
+ GetUnfilteredPartitionsMetadataRequest(*glue.GetUnfilteredPartitionsMetadataInput) (*request.Request, *glue.GetUnfilteredPartitionsMetadataOutput)
+
+ GetUnfilteredPartitionsMetadataPages(*glue.GetUnfilteredPartitionsMetadataInput, func(*glue.GetUnfilteredPartitionsMetadataOutput, bool) bool) error
+ GetUnfilteredPartitionsMetadataPagesWithContext(aws.Context, *glue.GetUnfilteredPartitionsMetadataInput, func(*glue.GetUnfilteredPartitionsMetadataOutput, bool) bool, ...request.Option) error
+
+ GetUnfilteredTableMetadata(*glue.GetUnfilteredTableMetadataInput) (*glue.GetUnfilteredTableMetadataOutput, error)
+ GetUnfilteredTableMetadataWithContext(aws.Context, *glue.GetUnfilteredTableMetadataInput, ...request.Option) (*glue.GetUnfilteredTableMetadataOutput, error)
+ GetUnfilteredTableMetadataRequest(*glue.GetUnfilteredTableMetadataInput) (*request.Request, *glue.GetUnfilteredTableMetadataOutput)
+
GetUserDefinedFunction(*glue.GetUserDefinedFunctionInput) (*glue.GetUserDefinedFunctionOutput, error)
GetUserDefinedFunctionWithContext(aws.Context, *glue.GetUserDefinedFunctionInput, ...request.Option) (*glue.GetUserDefinedFunctionOutput, error)
GetUserDefinedFunctionRequest(*glue.GetUserDefinedFunctionInput) (*request.Request, *glue.GetUserDefinedFunctionOutput)
diff --git a/service/iot/api.go b/service/iot/api.go
index 4f8ed2f26d9..ecc0012d447 100644
--- a/service/iot/api.go
+++ b/service/iot/api.go
@@ -32267,7 +32267,7 @@ func (s *CreateFleetMetricOutput) SetMetricName(v string) *CreateFleetMetricOutp
type CreateJobInput struct {
_ struct{} `type:"structure"`
- // Allows you to create criteria to abort a job.
+ // Allows you to create the criteria to abort a job.
AbortConfig *AbortConfig `locationName:"abortConfig" type:"structure"`
// A short text description of the job.
@@ -32293,6 +32293,9 @@ type CreateJobInput struct {
// you are linking.
DocumentSource *string `locationName:"documentSource" min:"1" type:"string"`
+ // Allows you to create the criteria to retry a job.
+ JobExecutionsRetryConfig *JobExecutionsRetryConfig `locationName:"jobExecutionsRetryConfig" type:"structure"`
+
// Allows you to create a staged rollout of the job.
JobExecutionsRolloutConfig *JobExecutionsRolloutConfig `locationName:"jobExecutionsRolloutConfig" type:"structure"`
@@ -32390,6 +32393,11 @@ func (s *CreateJobInput) Validate() error {
invalidParams.AddNested("AbortConfig", err.(request.ErrInvalidParams))
}
}
+ if s.JobExecutionsRetryConfig != nil {
+ if err := s.JobExecutionsRetryConfig.Validate(); err != nil {
+ invalidParams.AddNested("JobExecutionsRetryConfig", err.(request.ErrInvalidParams))
+ }
+ }
if s.JobExecutionsRolloutConfig != nil {
if err := s.JobExecutionsRolloutConfig.Validate(); err != nil {
invalidParams.AddNested("JobExecutionsRolloutConfig", err.(request.ErrInvalidParams))
@@ -32447,6 +32455,12 @@ func (s *CreateJobInput) SetDocumentSource(v string) *CreateJobInput {
return s
}
+// SetJobExecutionsRetryConfig sets the JobExecutionsRetryConfig field's value.
+func (s *CreateJobInput) SetJobExecutionsRetryConfig(v *JobExecutionsRetryConfig) *CreateJobInput {
+ s.JobExecutionsRetryConfig = v
+ return s
+}
+
// SetJobExecutionsRolloutConfig sets the JobExecutionsRolloutConfig field's value.
func (s *CreateJobInput) SetJobExecutionsRolloutConfig(v *JobExecutionsRolloutConfig) *CreateJobInput {
s.JobExecutionsRolloutConfig = v
@@ -32581,6 +32595,9 @@ type CreateJobTemplateInput struct {
// The ARN of the job to use as the basis for the job template.
JobArn *string `locationName:"jobArn" type:"string"`
+ // Allows you to create the criteria to retry a job.
+ JobExecutionsRetryConfig *JobExecutionsRetryConfig `locationName:"jobExecutionsRetryConfig" type:"structure"`
+
// Allows you to create a staged rollout of a job.
JobExecutionsRolloutConfig *JobExecutionsRolloutConfig `locationName:"jobExecutionsRolloutConfig" type:"structure"`
@@ -32641,6 +32658,11 @@ func (s *CreateJobTemplateInput) Validate() error {
invalidParams.AddNested("AbortConfig", err.(request.ErrInvalidParams))
}
}
+ if s.JobExecutionsRetryConfig != nil {
+ if err := s.JobExecutionsRetryConfig.Validate(); err != nil {
+ invalidParams.AddNested("JobExecutionsRetryConfig", err.(request.ErrInvalidParams))
+ }
+ }
if s.JobExecutionsRolloutConfig != nil {
if err := s.JobExecutionsRolloutConfig.Validate(); err != nil {
invalidParams.AddNested("JobExecutionsRolloutConfig", err.(request.ErrInvalidParams))
@@ -32698,6 +32720,12 @@ func (s *CreateJobTemplateInput) SetJobArn(v string) *CreateJobTemplateInput {
return s
}
+// SetJobExecutionsRetryConfig sets the JobExecutionsRetryConfig field's value.
+func (s *CreateJobTemplateInput) SetJobExecutionsRetryConfig(v *JobExecutionsRetryConfig) *CreateJobTemplateInput {
+ s.JobExecutionsRetryConfig = v
+ return s
+}
+
// SetJobExecutionsRolloutConfig sets the JobExecutionsRolloutConfig field's value.
func (s *CreateJobTemplateInput) SetJobExecutionsRolloutConfig(v *JobExecutionsRolloutConfig) *CreateJobTemplateInput {
s.JobExecutionsRolloutConfig = v
@@ -40151,6 +40179,10 @@ type DescribeJobTemplateOutput struct {
// An S3 link to the job document.
DocumentSource *string `locationName:"documentSource" min:"1" type:"string"`
+ // The configuration that determines how many retries are allowed for each failure
+ // type for a job.
+ JobExecutionsRetryConfig *JobExecutionsRetryConfig `locationName:"jobExecutionsRetryConfig" type:"structure"`
+
// Allows you to create a staged rollout of a job.
JobExecutionsRolloutConfig *JobExecutionsRolloutConfig `locationName:"jobExecutionsRolloutConfig" type:"structure"`
@@ -40218,6 +40250,12 @@ func (s *DescribeJobTemplateOutput) SetDocumentSource(v string) *DescribeJobTemp
return s
}
+// SetJobExecutionsRetryConfig sets the JobExecutionsRetryConfig field's value.
+func (s *DescribeJobTemplateOutput) SetJobExecutionsRetryConfig(v *JobExecutionsRetryConfig) *DescribeJobTemplateOutput {
+ s.JobExecutionsRetryConfig = v
+ return s
+}
+
// SetJobExecutionsRolloutConfig sets the JobExecutionsRolloutConfig field's value.
func (s *DescribeJobTemplateOutput) SetJobExecutionsRolloutConfig(v *JobExecutionsRolloutConfig) *DescribeJobTemplateOutput {
s.JobExecutionsRolloutConfig = v
@@ -46658,6 +46696,9 @@ type Job struct {
// An ARN identifying the job with format "arn:aws:iot:region:account:job/jobId".
JobArn *string `locationName:"jobArn" type:"string"`
+ // The configuration for the criteria to retry the job.
+ JobExecutionsRetryConfig *JobExecutionsRetryConfig `locationName:"jobExecutionsRetryConfig" type:"structure"`
+
// Allows you to create a staged rollout of a job.
JobExecutionsRolloutConfig *JobExecutionsRolloutConfig `locationName:"jobExecutionsRolloutConfig" type:"structure"`
@@ -46778,6 +46819,12 @@ func (s *Job) SetJobArn(v string) *Job {
return s
}
+// SetJobExecutionsRetryConfig sets the JobExecutionsRetryConfig field's value.
+func (s *Job) SetJobExecutionsRetryConfig(v *JobExecutionsRetryConfig) *Job {
+ s.JobExecutionsRetryConfig = v
+ return s
+}
+
// SetJobExecutionsRolloutConfig sets the JobExecutionsRolloutConfig field's value.
func (s *Job) SetJobExecutionsRolloutConfig(v *JobExecutionsRolloutConfig) *Job {
s.JobExecutionsRolloutConfig = v
@@ -47029,6 +47076,10 @@ type JobExecutionSummary struct {
// The time, in seconds since the epoch, when the job execution was queued.
QueuedAt *time.Time `locationName:"queuedAt" type:"timestamp"`
+ // The number that indicates how many retry attempts have been completed for
+ // this job on this device.
+ RetryAttempt *int64 `locationName:"retryAttempt" type:"integer"`
+
// The time, in seconds since the epoch, when the job execution started.
StartedAt *time.Time `locationName:"startedAt" type:"timestamp"`
@@ -47072,6 +47123,12 @@ func (s *JobExecutionSummary) SetQueuedAt(v time.Time) *JobExecutionSummary {
return s
}
+// SetRetryAttempt sets the RetryAttempt field's value.
+func (s *JobExecutionSummary) SetRetryAttempt(v int64) *JobExecutionSummary {
+ s.RetryAttempt = &v
+ return s
+}
+
// SetStartedAt sets the StartedAt field's value.
func (s *JobExecutionSummary) SetStartedAt(v time.Time) *JobExecutionSummary {
s.StartedAt = &v
@@ -47166,6 +47223,68 @@ func (s *JobExecutionSummaryForThing) SetJobId(v string) *JobExecutionSummaryFor
return s
}
+// The configuration that determines how many retries are allowed for each failure
+// type for a job.
+type JobExecutionsRetryConfig struct {
+ _ struct{} `type:"structure"`
+
+ // The list of criteria that determines how many retries are allowed for each
+ // failure type for a job.
+ //
+ // CriteriaList is a required field
+ CriteriaList []*RetryCriteria `locationName:"criteriaList" min:"1" type:"list" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s JobExecutionsRetryConfig) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s JobExecutionsRetryConfig) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *JobExecutionsRetryConfig) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "JobExecutionsRetryConfig"}
+ if s.CriteriaList == nil {
+ invalidParams.Add(request.NewErrParamRequired("CriteriaList"))
+ }
+ if s.CriteriaList != nil && len(s.CriteriaList) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("CriteriaList", 1))
+ }
+ if s.CriteriaList != nil {
+ for i, v := range s.CriteriaList {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "CriteriaList", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetCriteriaList sets the CriteriaList field's value.
+func (s *JobExecutionsRetryConfig) SetCriteriaList(v []*RetryCriteria) *JobExecutionsRetryConfig {
+ s.CriteriaList = v
+ return s
+}
+
// Allows you to create a staged rollout of a job.
type JobExecutionsRolloutConfig struct {
_ struct{} `type:"structure"`
@@ -50245,6 +50364,9 @@ func (s *ListJobExecutionsForJobOutput) SetNextToken(v string) *ListJobExecution
type ListJobExecutionsForThingInput struct {
_ struct{} `type:"structure" nopayload:"true"`
+ // The unique identifier you assigned to this job when it was created.
+ JobId *string `location:"querystring" locationName:"jobId" min:"1" type:"string"`
+
// The maximum number of results to be returned per request.
MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"`
@@ -50293,6 +50415,9 @@ func (s ListJobExecutionsForThingInput) GoString() string {
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListJobExecutionsForThingInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListJobExecutionsForThingInput"}
+ if s.JobId != nil && len(*s.JobId) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("JobId", 1))
+ }
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
@@ -50312,6 +50437,12 @@ func (s *ListJobExecutionsForThingInput) Validate() error {
return nil
}
+// SetJobId sets the JobId field's value.
+func (s *ListJobExecutionsForThingInput) SetJobId(v string) *ListJobExecutionsForThingInput {
+ s.JobId = &v
+ return s
+}
+
// SetMaxResults sets the MaxResults field's value.
func (s *ListJobExecutionsForThingInput) SetMaxResults(v int64) *ListJobExecutionsForThingInput {
s.MaxResults = &v
@@ -57944,6 +58075,68 @@ func (s *ResourceRegistrationFailureException) RequestID() string {
return s.RespMetadata.RequestID
}
+// The criteria that determines how many retries are allowed for each failure
+// type for a job.
+type RetryCriteria struct {
+ _ struct{} `type:"structure"`
+
+ // The type of job execution failures that can initiate a job retry.
+ //
+ // FailureType is a required field
+ FailureType *string `locationName:"failureType" type:"string" required:"true" enum:"RetryableFailureType"`
+
+ // The number of retries allowed for a failure type for the job.
+ //
+ // NumberOfRetries is a required field
+ NumberOfRetries *int64 `locationName:"numberOfRetries" type:"integer" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s RetryCriteria) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s RetryCriteria) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *RetryCriteria) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "RetryCriteria"}
+ if s.FailureType == nil {
+ invalidParams.Add(request.NewErrParamRequired("FailureType"))
+ }
+ if s.NumberOfRetries == nil {
+ invalidParams.Add(request.NewErrParamRequired("NumberOfRetries"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetFailureType sets the FailureType field's value.
+func (s *RetryCriteria) SetFailureType(v string) *RetryCriteria {
+ s.FailureType = &v
+ return s
+}
+
+// SetNumberOfRetries sets the NumberOfRetries field's value.
+func (s *RetryCriteria) SetNumberOfRetries(v int64) *RetryCriteria {
+ s.NumberOfRetries = &v
+ return s
+}
+
// Role alias description.
type RoleAliasDescription struct {
_ struct{} `type:"structure"`
@@ -65167,6 +65360,9 @@ type UpdateJobInput struct {
// A short text description of the job.
Description *string `locationName:"description" type:"string"`
+ // Allows you to create the criteria to retry a job.
+ JobExecutionsRetryConfig *JobExecutionsRetryConfig `locationName:"jobExecutionsRetryConfig" type:"structure"`
+
// Allows you to create a staged rollout of the job.
JobExecutionsRolloutConfig *JobExecutionsRolloutConfig `locationName:"jobExecutionsRolloutConfig" type:"structure"`
@@ -65231,6 +65427,11 @@ func (s *UpdateJobInput) Validate() error {
invalidParams.AddNested("AbortConfig", err.(request.ErrInvalidParams))
}
}
+ if s.JobExecutionsRetryConfig != nil {
+ if err := s.JobExecutionsRetryConfig.Validate(); err != nil {
+ invalidParams.AddNested("JobExecutionsRetryConfig", err.(request.ErrInvalidParams))
+ }
+ }
if s.JobExecutionsRolloutConfig != nil {
if err := s.JobExecutionsRolloutConfig.Validate(); err != nil {
invalidParams.AddNested("JobExecutionsRolloutConfig", err.(request.ErrInvalidParams))
@@ -65260,6 +65461,12 @@ func (s *UpdateJobInput) SetDescription(v string) *UpdateJobInput {
return s
}
+// SetJobExecutionsRetryConfig sets the JobExecutionsRetryConfig field's value.
+func (s *UpdateJobInput) SetJobExecutionsRetryConfig(v *JobExecutionsRetryConfig) *UpdateJobInput {
+ s.JobExecutionsRetryConfig = v
+ return s
+}
+
// SetJobExecutionsRolloutConfig sets the JobExecutionsRolloutConfig field's value.
func (s *UpdateJobInput) SetJobExecutionsRolloutConfig(v *JobExecutionsRolloutConfig) *UpdateJobInput {
s.JobExecutionsRolloutConfig = v
@@ -68669,6 +68876,26 @@ func ResourceType_Values() []string {
}
}
+const (
+ // RetryableFailureTypeFailed is a RetryableFailureType enum value
+ RetryableFailureTypeFailed = "FAILED"
+
+ // RetryableFailureTypeTimedOut is a RetryableFailureType enum value
+ RetryableFailureTypeTimedOut = "TIMED_OUT"
+
+ // RetryableFailureTypeAll is a RetryableFailureType enum value
+ RetryableFailureTypeAll = "ALL"
+)
+
+// RetryableFailureType_Values returns all elements of the RetryableFailureType enum
+func RetryableFailureType_Values() []string {
+ return []string{
+ RetryableFailureTypeFailed,
+ RetryableFailureTypeTimedOut,
+ RetryableFailureTypeAll,
+ }
+}
+
const (
// ServerCertificateStatusInvalid is a ServerCertificateStatus enum value
ServerCertificateStatusInvalid = "INVALID"
diff --git a/service/lakeformation/api.go b/service/lakeformation/api.go
index a854cc655a2..d86b4958a74 100644
--- a/service/lakeformation/api.go
+++ b/service/lakeformation/api.go
@@ -2098,6 +2098,206 @@ func (c *LakeFormation) GetTableObjectsPagesWithContext(ctx aws.Context, input *
return p.Err()
}
+const opGetTemporaryGluePartitionCredentials = "GetTemporaryGluePartitionCredentials"
+
+// GetTemporaryGluePartitionCredentialsRequest generates a "aws/request.Request" representing the
+// client's request for the GetTemporaryGluePartitionCredentials operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See GetTemporaryGluePartitionCredentials for more information on using the GetTemporaryGluePartitionCredentials
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the GetTemporaryGluePartitionCredentialsRequest method.
+// req, resp := client.GetTemporaryGluePartitionCredentialsRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/lakeformation-2017-03-31/GetTemporaryGluePartitionCredentials
+func (c *LakeFormation) GetTemporaryGluePartitionCredentialsRequest(input *GetTemporaryGluePartitionCredentialsInput) (req *request.Request, output *GetTemporaryGluePartitionCredentialsOutput) {
+ op := &request.Operation{
+ Name: opGetTemporaryGluePartitionCredentials,
+ HTTPMethod: "POST",
+ HTTPPath: "/GetTemporaryGluePartitionCredentials",
+ }
+
+ if input == nil {
+ input = &GetTemporaryGluePartitionCredentialsInput{}
+ }
+
+ output = &GetTemporaryGluePartitionCredentialsOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// GetTemporaryGluePartitionCredentials API operation for AWS Lake Formation.
+//
+// This API is identical to GetTemporaryTableCredentials except that this is
+// used when the target Data Catalog resource is of type Partition. Lake Formation
+// restricts the permission of the vended credentials with the same scope down
+// policy which restricts access to a single Amazon S3 prefix.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Lake Formation's
+// API operation GetTemporaryGluePartitionCredentials for usage and error information.
+//
+// Returned Error Types:
+// * InvalidInputException
+// The input provided was not valid.
+//
+// * InternalServiceException
+// An internal service error occurred.
+//
+// * OperationTimeoutException
+// The operation timed out.
+//
+// * EntityNotFoundException
+// A specified entity does not exist
+//
+// * AccessDeniedException
+// Access to a resource was denied.
+//
+// * PermissionTypeMismatchException
+// The engine does not support filtering data based on the enforced permissions.
+// For example, if you call the GetTemporaryGlueTableCredentials operation with
+// SupportedPermissionType equal to ColumnPermission, but cell-level permissions
+// exist on the table, this exception is thrown.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/lakeformation-2017-03-31/GetTemporaryGluePartitionCredentials
+func (c *LakeFormation) GetTemporaryGluePartitionCredentials(input *GetTemporaryGluePartitionCredentialsInput) (*GetTemporaryGluePartitionCredentialsOutput, error) {
+ req, out := c.GetTemporaryGluePartitionCredentialsRequest(input)
+ return out, req.Send()
+}
+
+// GetTemporaryGluePartitionCredentialsWithContext is the same as GetTemporaryGluePartitionCredentials with the addition of
+// the ability to pass a context and additional request options.
+//
+// See GetTemporaryGluePartitionCredentials for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *LakeFormation) GetTemporaryGluePartitionCredentialsWithContext(ctx aws.Context, input *GetTemporaryGluePartitionCredentialsInput, opts ...request.Option) (*GetTemporaryGluePartitionCredentialsOutput, error) {
+ req, out := c.GetTemporaryGluePartitionCredentialsRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
+const opGetTemporaryGlueTableCredentials = "GetTemporaryGlueTableCredentials"
+
+// GetTemporaryGlueTableCredentialsRequest generates a "aws/request.Request" representing the
+// client's request for the GetTemporaryGlueTableCredentials operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See GetTemporaryGlueTableCredentials for more information on using the GetTemporaryGlueTableCredentials
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//
+// // Example sending a request using the GetTemporaryGlueTableCredentialsRequest method.
+// req, resp := client.GetTemporaryGlueTableCredentialsRequest(params)
+//
+// err := req.Send()
+// if err == nil { // resp is now filled
+// fmt.Println(resp)
+// }
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/lakeformation-2017-03-31/GetTemporaryGlueTableCredentials
+func (c *LakeFormation) GetTemporaryGlueTableCredentialsRequest(input *GetTemporaryGlueTableCredentialsInput) (req *request.Request, output *GetTemporaryGlueTableCredentialsOutput) {
+ op := &request.Operation{
+ Name: opGetTemporaryGlueTableCredentials,
+ HTTPMethod: "POST",
+ HTTPPath: "/GetTemporaryGlueTableCredentials",
+ }
+
+ if input == nil {
+ input = &GetTemporaryGlueTableCredentialsInput{}
+ }
+
+ output = &GetTemporaryGlueTableCredentialsOutput{}
+ req = c.newRequest(op, input, output)
+ return
+}
+
+// GetTemporaryGlueTableCredentials API operation for AWS Lake Formation.
+//
+// Allows a caller in a secure environment to assume a role with permission
+// to access Amazon S3. In order to vend such credentials, Lake Formation assumes
+// the role associated with a registered location, for example an Amazon S3
+// bucket, with a scope down policy which restricts the access to a single prefix.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for AWS Lake Formation's
+// API operation GetTemporaryGlueTableCredentials for usage and error information.
+//
+// Returned Error Types:
+// * InvalidInputException
+// The input provided was not valid.
+//
+// * InternalServiceException
+// An internal service error occurred.
+//
+// * OperationTimeoutException
+// The operation timed out.
+//
+// * EntityNotFoundException
+// A specified entity does not exist
+//
+// * AccessDeniedException
+// Access to a resource was denied.
+//
+// * PermissionTypeMismatchException
+// The engine does not support filtering data based on the enforced permissions.
+// For example, if you call the GetTemporaryGlueTableCredentials operation with
+// SupportedPermissionType equal to ColumnPermission, but cell-level permissions
+// exist on the table, this exception is thrown.
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/lakeformation-2017-03-31/GetTemporaryGlueTableCredentials
+func (c *LakeFormation) GetTemporaryGlueTableCredentials(input *GetTemporaryGlueTableCredentialsInput) (*GetTemporaryGlueTableCredentialsOutput, error) {
+ req, out := c.GetTemporaryGlueTableCredentialsRequest(input)
+ return out, req.Send()
+}
+
+// GetTemporaryGlueTableCredentialsWithContext is the same as GetTemporaryGlueTableCredentials with the addition of
+// the ability to pass a context and additional request options.
+//
+// See GetTemporaryGlueTableCredentials for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *LakeFormation) GetTemporaryGlueTableCredentialsWithContext(ctx aws.Context, input *GetTemporaryGlueTableCredentialsInput, opts ...request.Option) (*GetTemporaryGlueTableCredentialsOutput, error) {
+ req, out := c.GetTemporaryGlueTableCredentialsRequest(input)
+ req.SetContext(ctx)
+ req.ApplyOptions(opts...)
+ return out, req.Send()
+}
+
const opGetWorkUnitResults = "GetWorkUnitResults"
// GetWorkUnitResultsRequest generates a "aws/request.Request" representing the
@@ -4956,6 +5156,40 @@ func (s *AlreadyExistsException) RequestID() string {
return s.RespMetadata.RequestID
}
+// A structure used to include auditing information on the privileged API.
+type AuditContext struct {
+ _ struct{} `type:"structure"`
+
+ // The filter engine can populate the 'AdditionalAuditContext' information with
+ // the request ID for you to track. This information will be displayed in CloudTrail
+ // log in your account.
+ AdditionalAuditContext *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AuditContext) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s AuditContext) GoString() string {
+ return s.String()
+}
+
+// SetAdditionalAuditContext sets the AdditionalAuditContext field's value.
+func (s *AuditContext) SetAdditionalAuditContext(v string) *AuditContext {
+ s.AdditionalAuditContext = &v
+ return s
+}
+
type BatchGrantPermissionsInput struct {
_ struct{} `type:"structure"`
@@ -5797,6 +6031,8 @@ type DataCellsFilter struct {
ColumnNames []*string `type:"list"`
// A wildcard with exclusions.
+ //
+ // You must specify either a ColumnNames list or the ColumnWildCard.
ColumnWildcard *ColumnWildcard `type:"structure"`
// A database in the Glue Data Catalog.
@@ -5998,8 +6234,7 @@ func (s *DataCellsFilterResource) SetTableName(v string) *DataCellsFilterResourc
return s
}
-// The AWS Lake Formation principal. Supported principals are IAM users or IAM
-// roles.
+// The Lake Formation principal. Supported principals are IAM users or IAM roles.
type DataLakePrincipal struct {
_ struct{} `type:"structure"`
@@ -6050,6 +6285,25 @@ func (s *DataLakePrincipal) SetDataLakePrincipalIdentifier(v string) *DataLakePr
type DataLakeSettings struct {
_ struct{} `type:"structure"`
+ // Whether to allow Amazon EMR clusters to access data managed by Lake Formation.
+ //
+ // If true, you allow Amazon EMR clusters to access data in Amazon S3 locations
+ // that are registered with Lake Formation.
+ //
+ // If false or null, no Amazon EMR clusters will be able to access data in Amazon
+ // S3 locations that are registered with Lake Formation.
+ //
+ // For more information, see (Optional) Allow Data Filtering on Amazon EMR (https://docs-aws.amazon.com/lake-formation/latest/dg/getting-started-setup.html#emr-switch).
+ AllowExternalDataFiltering *bool `type:"boolean"`
+
+ // Lake Formation relies on a privileged process secured by Amazon EMR or the
+ // third party integrator to tag the user's role while assuming it. Lake Formation
+ // will publish the acceptable key-value pair, for example key = "LakeFormationTrustedCaller"
+ // and value = "TRUE" and the third party integrator must properly tag the temporary
+ // security credentials that will be used to call Lake Formation's administrative
+ // APIs.
+ AuthorizedSessionTagValueList []*string `type:"list"`
+
// Specifies whether access control on newly created database is managed by
// Lake Formation permissions or exclusively by IAM permissions. You can override
// this default setting when you create a database.
@@ -6087,6 +6341,10 @@ type DataLakeSettings struct {
// IAM roles.
DataLakeAdmins []*DataLakePrincipal `type:"list"`
+ // A list of the account IDs of Amazon Web Services accounts with Amazon EMR
+ // clusters that are to perform data filtering.>
+ ExternalDataFilteringAllowList []*DataLakePrincipal `type:"list"`
+
// A list of the resource-owning account IDs that the caller's account can use
// to share their user access details (user ARNs). The user ARNs can be logged
// in the resource owner's CloudTrail log.
@@ -6147,6 +6405,16 @@ func (s *DataLakeSettings) Validate() error {
}
}
}
+ if s.ExternalDataFilteringAllowList != nil {
+ for i, v := range s.ExternalDataFilteringAllowList {
+ if v == nil {
+ continue
+ }
+ if err := v.Validate(); err != nil {
+ invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ExternalDataFilteringAllowList", i), err.(request.ErrInvalidParams))
+ }
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
@@ -6154,6 +6422,18 @@ func (s *DataLakeSettings) Validate() error {
return nil
}
+// SetAllowExternalDataFiltering sets the AllowExternalDataFiltering field's value.
+func (s *DataLakeSettings) SetAllowExternalDataFiltering(v bool) *DataLakeSettings {
+ s.AllowExternalDataFiltering = &v
+ return s
+}
+
+// SetAuthorizedSessionTagValueList sets the AuthorizedSessionTagValueList field's value.
+func (s *DataLakeSettings) SetAuthorizedSessionTagValueList(v []*string) *DataLakeSettings {
+ s.AuthorizedSessionTagValueList = v
+ return s
+}
+
// SetCreateDatabaseDefaultPermissions sets the CreateDatabaseDefaultPermissions field's value.
func (s *DataLakeSettings) SetCreateDatabaseDefaultPermissions(v []*PrincipalPermissions) *DataLakeSettings {
s.CreateDatabaseDefaultPermissions = v
@@ -6172,6 +6452,12 @@ func (s *DataLakeSettings) SetDataLakeAdmins(v []*DataLakePrincipal) *DataLakeSe
return s
}
+// SetExternalDataFilteringAllowList sets the ExternalDataFilteringAllowList field's value.
+func (s *DataLakeSettings) SetExternalDataFilteringAllowList(v []*DataLakePrincipal) *DataLakeSettings {
+ s.ExternalDataFilteringAllowList = v
+ return s
+}
+
// SetTrustedResourceOwners sets the TrustedResourceOwners field's value.
func (s *DataLakeSettings) SetTrustedResourceOwners(v []*string) *DataLakeSettings {
s.TrustedResourceOwners = v
@@ -8136,6 +8422,336 @@ func (s *GetTableObjectsOutput) SetObjects(v []*PartitionObjects) *GetTableObjec
return s
}
+type GetTemporaryGluePartitionCredentialsInput struct {
+ _ struct{} `type:"structure"`
+
+ // A structure representing context to access a resource (column names, query
+ // ID, etc).
+ AuditContext *AuditContext `type:"structure"`
+
+ // The time period, between 900 and 21,600 seconds, for the timeout of the temporary
+ // credentials.
+ DurationSeconds *int64 `min:"900" type:"integer"`
+
+ // A list of partition values identifying a single partition.
+ //
+ // Partition is a required field
+ Partition *PartitionValueList `type:"structure" required:"true"`
+
+ // Filters the request based on the user having been granted a list of specified
+ // permissions on the requested resource(s).
+ Permissions []*string `type:"list"`
+
+ // A list of supported permission types for the partition. Valid values are
+ // COLUMN_PERMISSION and CELL_FILTER_PERMISSION.
+ //
+ // SupportedPermissionTypes is a required field
+ SupportedPermissionTypes []*string `min:"1" type:"list" required:"true"`
+
+ // The ARN of the partitions' table.
+ //
+ // TableArn is a required field
+ TableArn *string `type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetTemporaryGluePartitionCredentialsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetTemporaryGluePartitionCredentialsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *GetTemporaryGluePartitionCredentialsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "GetTemporaryGluePartitionCredentialsInput"}
+ if s.DurationSeconds != nil && *s.DurationSeconds < 900 {
+ invalidParams.Add(request.NewErrParamMinValue("DurationSeconds", 900))
+ }
+ if s.Partition == nil {
+ invalidParams.Add(request.NewErrParamRequired("Partition"))
+ }
+ if s.SupportedPermissionTypes == nil {
+ invalidParams.Add(request.NewErrParamRequired("SupportedPermissionTypes"))
+ }
+ if s.SupportedPermissionTypes != nil && len(s.SupportedPermissionTypes) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("SupportedPermissionTypes", 1))
+ }
+ if s.TableArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("TableArn"))
+ }
+ if s.Partition != nil {
+ if err := s.Partition.Validate(); err != nil {
+ invalidParams.AddNested("Partition", err.(request.ErrInvalidParams))
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAuditContext sets the AuditContext field's value.
+func (s *GetTemporaryGluePartitionCredentialsInput) SetAuditContext(v *AuditContext) *GetTemporaryGluePartitionCredentialsInput {
+ s.AuditContext = v
+ return s
+}
+
+// SetDurationSeconds sets the DurationSeconds field's value.
+func (s *GetTemporaryGluePartitionCredentialsInput) SetDurationSeconds(v int64) *GetTemporaryGluePartitionCredentialsInput {
+ s.DurationSeconds = &v
+ return s
+}
+
+// SetPartition sets the Partition field's value.
+func (s *GetTemporaryGluePartitionCredentialsInput) SetPartition(v *PartitionValueList) *GetTemporaryGluePartitionCredentialsInput {
+ s.Partition = v
+ return s
+}
+
+// SetPermissions sets the Permissions field's value.
+func (s *GetTemporaryGluePartitionCredentialsInput) SetPermissions(v []*string) *GetTemporaryGluePartitionCredentialsInput {
+ s.Permissions = v
+ return s
+}
+
+// SetSupportedPermissionTypes sets the SupportedPermissionTypes field's value.
+func (s *GetTemporaryGluePartitionCredentialsInput) SetSupportedPermissionTypes(v []*string) *GetTemporaryGluePartitionCredentialsInput {
+ s.SupportedPermissionTypes = v
+ return s
+}
+
+// SetTableArn sets the TableArn field's value.
+func (s *GetTemporaryGluePartitionCredentialsInput) SetTableArn(v string) *GetTemporaryGluePartitionCredentialsInput {
+ s.TableArn = &v
+ return s
+}
+
+type GetTemporaryGluePartitionCredentialsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The access key ID for the temporary credentials.
+ AccessKeyId *string `type:"string"`
+
+ // The date and time when the temporary credentials expire.
+ Expiration *time.Time `type:"timestamp"`
+
+ // The secret key for the temporary credentials.
+ SecretAccessKey *string `type:"string"`
+
+ // The session token for the temporary credentials.
+ SessionToken *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetTemporaryGluePartitionCredentialsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetTemporaryGluePartitionCredentialsOutput) GoString() string {
+ return s.String()
+}
+
+// SetAccessKeyId sets the AccessKeyId field's value.
+func (s *GetTemporaryGluePartitionCredentialsOutput) SetAccessKeyId(v string) *GetTemporaryGluePartitionCredentialsOutput {
+ s.AccessKeyId = &v
+ return s
+}
+
+// SetExpiration sets the Expiration field's value.
+func (s *GetTemporaryGluePartitionCredentialsOutput) SetExpiration(v time.Time) *GetTemporaryGluePartitionCredentialsOutput {
+ s.Expiration = &v
+ return s
+}
+
+// SetSecretAccessKey sets the SecretAccessKey field's value.
+func (s *GetTemporaryGluePartitionCredentialsOutput) SetSecretAccessKey(v string) *GetTemporaryGluePartitionCredentialsOutput {
+ s.SecretAccessKey = &v
+ return s
+}
+
+// SetSessionToken sets the SessionToken field's value.
+func (s *GetTemporaryGluePartitionCredentialsOutput) SetSessionToken(v string) *GetTemporaryGluePartitionCredentialsOutput {
+ s.SessionToken = &v
+ return s
+}
+
+type GetTemporaryGlueTableCredentialsInput struct {
+ _ struct{} `type:"structure"`
+
+ // A structure representing context to access a resource (column names, query
+ // ID, etc).
+ AuditContext *AuditContext `type:"structure"`
+
+ // The time period, between 900 and 21,600 seconds, for the timeout of the temporary
+ // credentials.
+ DurationSeconds *int64 `min:"900" type:"integer"`
+
+ // Filters the request based on the user having been granted a list of specified
+ // permissions on the requested resource(s).
+ Permissions []*string `type:"list"`
+
+ // A list of supported permission types for the table. Valid values are COLUMN_PERMISSION
+ // and CELL_FILTER_PERMISSION.
+ //
+ // SupportedPermissionTypes is a required field
+ SupportedPermissionTypes []*string `min:"1" type:"list" required:"true"`
+
+ // The ARN identifying a table in the Data Catalog for the temporary credentials
+ // request.
+ //
+ // TableArn is a required field
+ TableArn *string `type:"string" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetTemporaryGlueTableCredentialsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetTemporaryGlueTableCredentialsInput) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *GetTemporaryGlueTableCredentialsInput) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "GetTemporaryGlueTableCredentialsInput"}
+ if s.DurationSeconds != nil && *s.DurationSeconds < 900 {
+ invalidParams.Add(request.NewErrParamMinValue("DurationSeconds", 900))
+ }
+ if s.SupportedPermissionTypes == nil {
+ invalidParams.Add(request.NewErrParamRequired("SupportedPermissionTypes"))
+ }
+ if s.SupportedPermissionTypes != nil && len(s.SupportedPermissionTypes) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("SupportedPermissionTypes", 1))
+ }
+ if s.TableArn == nil {
+ invalidParams.Add(request.NewErrParamRequired("TableArn"))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetAuditContext sets the AuditContext field's value.
+func (s *GetTemporaryGlueTableCredentialsInput) SetAuditContext(v *AuditContext) *GetTemporaryGlueTableCredentialsInput {
+ s.AuditContext = v
+ return s
+}
+
+// SetDurationSeconds sets the DurationSeconds field's value.
+func (s *GetTemporaryGlueTableCredentialsInput) SetDurationSeconds(v int64) *GetTemporaryGlueTableCredentialsInput {
+ s.DurationSeconds = &v
+ return s
+}
+
+// SetPermissions sets the Permissions field's value.
+func (s *GetTemporaryGlueTableCredentialsInput) SetPermissions(v []*string) *GetTemporaryGlueTableCredentialsInput {
+ s.Permissions = v
+ return s
+}
+
+// SetSupportedPermissionTypes sets the SupportedPermissionTypes field's value.
+func (s *GetTemporaryGlueTableCredentialsInput) SetSupportedPermissionTypes(v []*string) *GetTemporaryGlueTableCredentialsInput {
+ s.SupportedPermissionTypes = v
+ return s
+}
+
+// SetTableArn sets the TableArn field's value.
+func (s *GetTemporaryGlueTableCredentialsInput) SetTableArn(v string) *GetTemporaryGlueTableCredentialsInput {
+ s.TableArn = &v
+ return s
+}
+
+type GetTemporaryGlueTableCredentialsOutput struct {
+ _ struct{} `type:"structure"`
+
+ // The access key ID for the temporary credentials.
+ AccessKeyId *string `type:"string"`
+
+ // The date and time when the temporary credentials expire.
+ Expiration *time.Time `type:"timestamp"`
+
+ // The secret key for the temporary credentials.
+ SecretAccessKey *string `type:"string"`
+
+ // The session token for the temporary credentials.
+ SessionToken *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetTemporaryGlueTableCredentialsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetTemporaryGlueTableCredentialsOutput) GoString() string {
+ return s.String()
+}
+
+// SetAccessKeyId sets the AccessKeyId field's value.
+func (s *GetTemporaryGlueTableCredentialsOutput) SetAccessKeyId(v string) *GetTemporaryGlueTableCredentialsOutput {
+ s.AccessKeyId = &v
+ return s
+}
+
+// SetExpiration sets the Expiration field's value.
+func (s *GetTemporaryGlueTableCredentialsOutput) SetExpiration(v time.Time) *GetTemporaryGlueTableCredentialsOutput {
+ s.Expiration = &v
+ return s
+}
+
+// SetSecretAccessKey sets the SecretAccessKey field's value.
+func (s *GetTemporaryGlueTableCredentialsOutput) SetSecretAccessKey(v string) *GetTemporaryGlueTableCredentialsOutput {
+ s.SecretAccessKey = &v
+ return s
+}
+
+// SetSessionToken sets the SessionToken field's value.
+func (s *GetTemporaryGlueTableCredentialsOutput) SetSessionToken(v string) *GetTemporaryGlueTableCredentialsOutput {
+ s.SessionToken = &v
+ return s
+}
+
type GetWorkUnitResultsInput struct {
_ struct{} `type:"structure"`
@@ -9953,6 +10569,124 @@ func (s *PartitionObjects) SetPartitionValues(v []*string) *PartitionObjects {
return s
}
+// Contains a list of values defining partitions.
+type PartitionValueList struct {
+ _ struct{} `type:"structure"`
+
+ // The list of partition values.
+ //
+ // Values is a required field
+ Values []*string `min:"1" type:"list" required:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PartitionValueList) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PartitionValueList) GoString() string {
+ return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *PartitionValueList) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "PartitionValueList"}
+ if s.Values == nil {
+ invalidParams.Add(request.NewErrParamRequired("Values"))
+ }
+ if s.Values != nil && len(s.Values) < 1 {
+ invalidParams.Add(request.NewErrParamMinLen("Values", 1))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
+// SetValues sets the Values field's value.
+func (s *PartitionValueList) SetValues(v []*string) *PartitionValueList {
+ s.Values = v
+ return s
+}
+
+// The engine does not support filtering data based on the enforced permissions.
+// For example, if you call the GetTemporaryGlueTableCredentials operation with
+// SupportedPermissionType equal to ColumnPermission, but cell-level permissions
+// exist on the table, this exception is thrown.
+type PermissionTypeMismatchException struct {
+ _ struct{} `type:"structure"`
+ RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+
+ // A message describing the problem.
+ Message_ *string `locationName:"Message" type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PermissionTypeMismatchException) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s PermissionTypeMismatchException) GoString() string {
+ return s.String()
+}
+
+func newErrorPermissionTypeMismatchException(v protocol.ResponseMetadata) error {
+ return &PermissionTypeMismatchException{
+ RespMetadata: v,
+ }
+}
+
+// Code returns the exception type name.
+func (s *PermissionTypeMismatchException) Code() string {
+ return "PermissionTypeMismatchException"
+}
+
+// Message returns the exception's message.
+func (s *PermissionTypeMismatchException) Message() string {
+ if s.Message_ != nil {
+ return *s.Message_
+ }
+ return ""
+}
+
+// OrigErr always returns nil, satisfies awserr.Error interface.
+func (s *PermissionTypeMismatchException) OrigErr() error {
+ return nil
+}
+
+func (s *PermissionTypeMismatchException) Error() string {
+ return fmt.Sprintf("%s: %s", s.Code(), s.Message())
+}
+
+// Status code returns the HTTP status code for the request's response error.
+func (s *PermissionTypeMismatchException) StatusCode() int {
+ return s.RespMetadata.StatusCode
+}
+
+// RequestID returns the service's response RequestID for request.
+func (s *PermissionTypeMismatchException) RequestID() string {
+ return s.RespMetadata.RequestID
+}
+
// Statistics related to the processing of a query statement.
type PlanningStatistics struct {
_ struct{} `type:"structure"`
@@ -13221,6 +13955,22 @@ func Permission_Values() []string {
}
}
+const (
+ // PermissionTypeColumnPermission is a PermissionType enum value
+ PermissionTypeColumnPermission = "COLUMN_PERMISSION"
+
+ // PermissionTypeCellFilterPermission is a PermissionType enum value
+ PermissionTypeCellFilterPermission = "CELL_FILTER_PERMISSION"
+)
+
+// PermissionType_Values returns all elements of the PermissionType enum
+func PermissionType_Values() []string {
+ return []string{
+ PermissionTypeColumnPermission,
+ PermissionTypeCellFilterPermission,
+ }
+}
+
const (
// QueryStateStringPending is a QueryStateString enum value
QueryStateStringPending = "PENDING"
diff --git a/service/lakeformation/errors.go b/service/lakeformation/errors.go
index f7e2cd33640..e3b7a97c019 100644
--- a/service/lakeformation/errors.go
+++ b/service/lakeformation/errors.go
@@ -62,6 +62,15 @@ const (
// The operation timed out.
ErrCodeOperationTimeoutException = "OperationTimeoutException"
+ // ErrCodePermissionTypeMismatchException for service response error code
+ // "PermissionTypeMismatchException".
+ //
+ // The engine does not support filtering data based on the enforced permissions.
+ // For example, if you call the GetTemporaryGlueTableCredentials operation with
+ // SupportedPermissionType equal to ColumnPermission, but cell-level permissions
+ // exist on the table, this exception is thrown.
+ ErrCodePermissionTypeMismatchException = "PermissionTypeMismatchException"
+
// ErrCodeResourceNotReadyException for service response error code
// "ResourceNotReadyException".
//
@@ -124,6 +133,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
"InternalServiceException": newErrorInternalServiceException,
"InvalidInputException": newErrorInvalidInputException,
"OperationTimeoutException": newErrorOperationTimeoutException,
+ "PermissionTypeMismatchException": newErrorPermissionTypeMismatchException,
"ResourceNotReadyException": newErrorResourceNotReadyException,
"ResourceNumberLimitExceededException": newErrorResourceNumberLimitExceededException,
"StatisticsNotReadyYetException": newErrorStatisticsNotReadyYetException,
diff --git a/service/lakeformation/lakeformationiface/interface.go b/service/lakeformation/lakeformationiface/interface.go
index 26ea8ae22bb..321dc81305f 100644
--- a/service/lakeformation/lakeformationiface/interface.go
+++ b/service/lakeformation/lakeformationiface/interface.go
@@ -150,6 +150,14 @@ type LakeFormationAPI interface {
GetTableObjectsPages(*lakeformation.GetTableObjectsInput, func(*lakeformation.GetTableObjectsOutput, bool) bool) error
GetTableObjectsPagesWithContext(aws.Context, *lakeformation.GetTableObjectsInput, func(*lakeformation.GetTableObjectsOutput, bool) bool, ...request.Option) error
+ GetTemporaryGluePartitionCredentials(*lakeformation.GetTemporaryGluePartitionCredentialsInput) (*lakeformation.GetTemporaryGluePartitionCredentialsOutput, error)
+ GetTemporaryGluePartitionCredentialsWithContext(aws.Context, *lakeformation.GetTemporaryGluePartitionCredentialsInput, ...request.Option) (*lakeformation.GetTemporaryGluePartitionCredentialsOutput, error)
+ GetTemporaryGluePartitionCredentialsRequest(*lakeformation.GetTemporaryGluePartitionCredentialsInput) (*request.Request, *lakeformation.GetTemporaryGluePartitionCredentialsOutput)
+
+ GetTemporaryGlueTableCredentials(*lakeformation.GetTemporaryGlueTableCredentialsInput) (*lakeformation.GetTemporaryGlueTableCredentialsOutput, error)
+ GetTemporaryGlueTableCredentialsWithContext(aws.Context, *lakeformation.GetTemporaryGlueTableCredentialsInput, ...request.Option) (*lakeformation.GetTemporaryGlueTableCredentialsOutput, error)
+ GetTemporaryGlueTableCredentialsRequest(*lakeformation.GetTemporaryGlueTableCredentialsInput) (*request.Request, *lakeformation.GetTemporaryGlueTableCredentialsOutput)
+
GetWorkUnitResults(*lakeformation.GetWorkUnitResultsInput) (*lakeformation.GetWorkUnitResultsOutput, error)
GetWorkUnitResultsWithContext(aws.Context, *lakeformation.GetWorkUnitResultsInput, ...request.Option) (*lakeformation.GetWorkUnitResultsOutput, error)
GetWorkUnitResultsRequest(*lakeformation.GetWorkUnitResultsInput) (*request.Request, *lakeformation.GetWorkUnitResultsOutput)
diff --git a/service/quicksight/api.go b/service/quicksight/api.go
index 84f03360161..663e20716b0 100644
--- a/service/quicksight/api.go
+++ b/service/quicksight/api.go
@@ -487,7 +487,8 @@ func (c *QuickSight) CreateDataSetRequest(input *CreateDataSetInput) (req *reque
// CreateDataSet API operation for Amazon QuickSight.
//
-// Creates a dataset.
+// Creates a dataset. This operation doesn't support datasets that include uploaded
+// files as a source.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -1236,7 +1237,11 @@ func (c *QuickSight) CreateIngestionRequest(input *CreateIngestionInput) (req *r
// CreateIngestion API operation for Amazon QuickSight.
//
-// Creates and starts a new SPICE ingestion on a dataset
+// Creates and starts a new SPICE ingestion for a dataset. You can manually
+// refresh datasets in an Enterprise edition account 32 times in a 24-hour period.
+// You can manually refresh datasets in a Standard edition account 8 times in
+// a 24-hour period. Each 24-hour period is measured starting 24 hours before
+// the current date and time.
//
// Any ingestions operating on tagged datasets inherit the same tags automatically
// for use in access control. For an example, see How do I create an IAM policy
@@ -4251,7 +4256,8 @@ func (c *QuickSight) DescribeDataSetRequest(input *DescribeDataSetInput) (req *r
// DescribeDataSet API operation for Amazon QuickSight.
//
-// Describes a dataset.
+// Describes a dataset. This operation doesn't support datasets that include
+// uploaded files as a source.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@@ -11125,7 +11131,8 @@ func (c *QuickSight) UpdateDataSetRequest(input *UpdateDataSetInput) (req *reque
// UpdateDataSet API operation for Amazon QuickSight.
//
-// Updates a dataset.
+// Updates a dataset. This operation doesn't support datasets that include uploaded
+// files as a source.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
diff --git a/service/sagemaker/api.go b/service/sagemaker/api.go
index b9e1132775a..ece2f2e89d6 100644
--- a/service/sagemaker/api.go
+++ b/service/sagemaker/api.go
@@ -98007,6 +98007,30 @@ const (
// TrainingInstanceTypeMlC5n18xlarge is a TrainingInstanceType enum value
TrainingInstanceTypeMlC5n18xlarge = "ml.c5n.18xlarge"
+
+ // TrainingInstanceTypeMlG5Xlarge is a TrainingInstanceType enum value
+ TrainingInstanceTypeMlG5Xlarge = "ml.g5.xlarge"
+
+ // TrainingInstanceTypeMlG52xlarge is a TrainingInstanceType enum value
+ TrainingInstanceTypeMlG52xlarge = "ml.g5.2xlarge"
+
+ // TrainingInstanceTypeMlG54xlarge is a TrainingInstanceType enum value
+ TrainingInstanceTypeMlG54xlarge = "ml.g5.4xlarge"
+
+ // TrainingInstanceTypeMlG58xlarge is a TrainingInstanceType enum value
+ TrainingInstanceTypeMlG58xlarge = "ml.g5.8xlarge"
+
+ // TrainingInstanceTypeMlG516xlarge is a TrainingInstanceType enum value
+ TrainingInstanceTypeMlG516xlarge = "ml.g5.16xlarge"
+
+ // TrainingInstanceTypeMlG512xlarge is a TrainingInstanceType enum value
+ TrainingInstanceTypeMlG512xlarge = "ml.g5.12xlarge"
+
+ // TrainingInstanceTypeMlG524xlarge is a TrainingInstanceType enum value
+ TrainingInstanceTypeMlG524xlarge = "ml.g5.24xlarge"
+
+ // TrainingInstanceTypeMlG548xlarge is a TrainingInstanceType enum value
+ TrainingInstanceTypeMlG548xlarge = "ml.g5.48xlarge"
)
// TrainingInstanceType_Values returns all elements of the TrainingInstanceType enum
@@ -98051,6 +98075,14 @@ func TrainingInstanceType_Values() []string {
TrainingInstanceTypeMlC5n4xlarge,
TrainingInstanceTypeMlC5n9xlarge,
TrainingInstanceTypeMlC5n18xlarge,
+ TrainingInstanceTypeMlG5Xlarge,
+ TrainingInstanceTypeMlG52xlarge,
+ TrainingInstanceTypeMlG54xlarge,
+ TrainingInstanceTypeMlG58xlarge,
+ TrainingInstanceTypeMlG516xlarge,
+ TrainingInstanceTypeMlG512xlarge,
+ TrainingInstanceTypeMlG524xlarge,
+ TrainingInstanceTypeMlG548xlarge,
}
}
diff --git a/service/snowball/api.go b/service/snowball/api.go
index 1fdb20b41fd..249fe9221f9 100644
--- a/service/snowball/api.go
+++ b/service/snowball/api.go
@@ -3105,6 +3105,8 @@ type ConflictException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
+ // You get this resource when you call CreateReturnShippingLabel more than once
+ // when other requests are not completed. .
ConflictResource *string `min:"1" type:"string"`
Message_ *string `locationName:"Message" min:"1" type:"string"`
@@ -3411,6 +3413,11 @@ func (s *CreateClusterInput) Validate() error {
invalidParams.AddNested("Resources", err.(request.ErrInvalidParams))
}
}
+ if s.TaxDocuments != nil {
+ if err := s.TaxDocuments.Validate(); err != nil {
+ invalidParams.AddNested("TaxDocuments", err.(request.ErrInvalidParams))
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
@@ -3684,6 +3691,11 @@ func (s *CreateJobInput) Validate() error {
invalidParams.AddNested("Resources", err.(request.ErrInvalidParams))
}
}
+ if s.TaxDocuments != nil {
+ if err := s.TaxDocuments.Validate(); err != nil {
+ invalidParams.AddNested("TaxDocuments", err.(request.ErrInvalidParams))
+ }
+ }
if invalidParams.Len() > 0 {
return invalidParams
@@ -5041,7 +5053,7 @@ type INDTaxDocuments struct {
// The Goods and Services Tax (GST) documents required in Amazon Web Services
// Region in India.
- GSTIN *string `type:"string"`
+ GSTIN *string `min:"15" type:"string"`
}
// String returns the string representation.
@@ -5062,6 +5074,19 @@ func (s INDTaxDocuments) GoString() string {
return s.String()
}
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *INDTaxDocuments) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "INDTaxDocuments"}
+ if s.GSTIN != nil && len(*s.GSTIN) < 15 {
+ invalidParams.Add(request.NewErrParamMinLen("GSTIN", 15))
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
// SetGSTIN sets the GSTIN field's value.
func (s *INDTaxDocuments) SetGSTIN(v string) *INDTaxDocuments {
s.GSTIN = &v
@@ -7235,6 +7260,21 @@ func (s TaxDocuments) GoString() string {
return s.String()
}
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *TaxDocuments) Validate() error {
+ invalidParams := request.ErrInvalidParams{Context: "TaxDocuments"}
+ if s.IND != nil {
+ if err := s.IND.Validate(); err != nil {
+ invalidParams.AddNested("IND", err.(request.ErrInvalidParams))
+ }
+ }
+
+ if invalidParams.Len() > 0 {
+ return invalidParams
+ }
+ return nil
+}
+
// SetIND sets the IND field's value.
func (s *TaxDocuments) SetIND(v *INDTaxDocuments) *TaxDocuments {
s.IND = v
diff --git a/service/snowball/examples_test.go b/service/snowball/examples_test.go
index 640d1912a5b..c3ca2bf4ae1 100644
--- a/service/snowball/examples_test.go
+++ b/service/snowball/examples_test.go
@@ -587,7 +587,7 @@ func ExampleSnowball_UpdateCluster_shared00() {
input := &snowball.UpdateClusterInput{
AddressId: aws.String("ADID1234ab12-3eec-4eb3-9be6-9374c10eb51b"),
ClusterId: aws.String("CID123e4567-e89b-12d3-a456-426655440000"),
- Description: aws.String("Updated the address to send this to image processing - RJ"),
+ Description: aws.String("updated-cluster-name"),
}
result, err := svc.UpdateCluster(input)
@@ -627,7 +627,7 @@ func ExampleSnowball_UpdateJob_shared00() {
svc := snowball.New(session.New())
input := &snowball.UpdateJobInput{
AddressId: aws.String("ADID1234ab12-3eec-4eb3-9be6-9374c10eb51b"),
- Description: aws.String("Upgraded to Edge, shipped to Finance Dept, and requested faster shipping speed - TS."),
+ Description: aws.String("updated-job-name"),
JobId: aws.String("JID123e4567-e89b-12d3-a456-426655440000"),
ShippingOption: aws.String("NEXT_DAY"),
SnowballCapacityPreference: aws.String("T100"),